/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* you may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.webapp.authenticator.framework;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.w3c.dom.Document;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.core.authenticate.APITokenValidator;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import javax.servlet.http.HttpServletResponse;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import java.io.File;
import java.io.IOException;
public class AuthenticationFrameworkUtil {
private static final Log log = LogFactory.getLog(AuthenticationFrameworkUtil.class);
public static void handleNoMatchAuthScheme(Request request, Response response, String httpVerb, String version,
String context) {
String msg = "Resource is not matched for HTTP Verb: '" + httpVerb + "', API context: '" + context +
"', Version: '" + version + "' and RequestURI: '" + request.getRequestURI() + "'";
handleResponse(request, response, HttpServletResponse.SC_FORBIDDEN, msg);
}
public static boolean doAuthenticate(
String context, String version, String accessToken, String requiredAuthenticationLevel,
String clientDomain) throws APIManagementException, AuthenticationException {
if (APIConstants.AUTH_NO_AUTHENTICATION.equals(requiredAuthenticationLevel)) {
return true;
}
APITokenValidator tokenValidator = new APITokenValidator();
APIKeyValidationInfoDTO apiKeyValidationDTO = tokenValidator.validateKey(context, version, accessToken,
requiredAuthenticationLevel, clientDomain);
if (apiKeyValidationDTO.isAuthorized()) {
String username = apiKeyValidationDTO.getEndUserName();
PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(username);
try {
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(
IdentityUtil.getTenantIdOFUser(username));
} catch (IdentityException e) {
throw new AuthenticationException("Error occurred while retrieving the tenant ID of user '" +
username + "'", e);
}
return true;
} else {
throw new AuthenticationException(apiKeyValidationDTO.getValidationStatus(),
"Access failure for API: " + context + ", version: " +
version + " with key: " + accessToken);
}
}
public static void handleResponse(Request request, Response response, int statusCode, String payload) {
response.setStatus(statusCode);
String targetResponseContentType =
request.getHeader(Constants.HTTPHeaders.HEADER_HTTP_ACCEPT);
if (targetResponseContentType != null && !"".equals(targetResponseContentType) &&
!Constants.ContentTypes.CONTENT_TYPE_ANY.equals(targetResponseContentType)) {
response.setContentType(targetResponseContentType);
} else {
response.setContentType(Constants.ContentTypes.CONTENT_TYPE_APPLICATION_XML);
}
response.setCharacterEncoding("UTF-8");
try {
response.getWriter().write(payload);
} catch (IOException e) {
log.error("Error occurred while sending faulty response back to the client", e);
}
}
public static Document convertToDocument(File file) throws AuthenticatorFrameworkException {
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setNamespaceAware(true);
try {
DocumentBuilder docBuilder = factory.newDocumentBuilder();
return docBuilder.parse(file);
} catch (Exception e) {
throw new AuthenticatorFrameworkException("Error occurred while parsing file, while converting " +
"to a org.w3c.dom.Document", e);
}
}
}