SecurityCheckFactory.java example

Explorer

commafeed-master
- src
  - main
    - java
      - com
        commafeed
        CommaFeedApplication.java
        CommaFeedConfiguration.java
        CommaFeedModule.java
        backend
        ContentEncodingInterceptor.java
        FixedSizeSortedSet.java
        HttpGetter.java
        cache
        CacheService.java
        NoopCacheService.java
        RedisCacheService.java
        RedisPoolFactory.java
        dao
        FeedCategoryDAO.java
        FeedDAO.java
        FeedEntryContentDAO.java
        FeedEntryDAO.java
        FeedEntryStatusDAO.java
        FeedEntryTagDAO.java
        FeedSubscriptionDAO.java
        GenericDAO.java
        UnitOfWork.java
        UserDAO.java
        UserRoleDAO.java
        UserSettingsDAO.java
        favicon
        AbstractFaviconFetcher.java
        DefaultFaviconFetcher.java
        FacebookFaviconFetcher.java
        YoutubeFaviconFetcher.java
        feed
        EstimateDirection.java
        FeedEntryKeyword.java
        FeedFetcher.java
        FeedParser.java
        FeedQueues.java
        FeedRefreshContext.java
        FeedRefreshExecutor.java
        FeedRefreshTaskGiver.java
        FeedRefreshUpdater.java
        FeedRefreshWorker.java
        FeedUtils.java
        FetchedFeed.java
        HtmlEntities.java
        model
        AbstractModel.java
        Feed.java
        FeedCategory.java
        FeedEntry.java
        FeedEntryContent.java
        FeedEntryStatus.java
        FeedEntryTag.java
        FeedSubscription.java
        Models.java
        User.java
        UserRole.java
        UserSettings.java
        opml
        OPMLExporter.java
        OPMLImporter.java
        rome
        OPML11Generator.java
        OPML11Parser.java
        RSS090DescriptionConverter.java
        RSS090DescriptionParser.java
        RSSRDF10Parser.java
        service
        DatabaseCleaningService.java
        FeedEntryContentService.java
        FeedEntryFilteringService.java
        FeedEntryService.java
        FeedEntryTagService.java
        FeedService.java
        FeedSubscriptionService.java
        FeedUpdateService.java
        MailService.java
        PasswordEncryptionService.java
        PubSubService.java
        StartupService.java
        UserService.java
        internal
        PostLoginActivities.java
        task
        OldEntriesCleanupTask.java
        OldStatusesCleanupTask.java
        OrphanedContentsCleanupTask.java
        OrphanedFeedsCleanupTask.java
        ScheduledTask.java
        frontend
        auth
        SecurityCheck.java
        SecurityCheckFactory.java
        SecurityCheckFactoryProvider.java
        model
        Category.java
        Entries.java
        Entry.java
        FeedInfo.java
        ServerInfo.java
        Settings.java
        Subscription.java
        UnreadCount.java
        UserModel.java
        request
        AddCategoryRequest.java
        CategoryModificationRequest.java
        CollapseRequest.java
        FeedInfoRequest.java
        FeedMergeRequest.java
        FeedModificationRequest.java
        IDRequest.java
        LoginRequest.java
        MarkRequest.java
        MultipleMarkRequest.java
        PasswordResetRequest.java
        ProfileModificationRequest.java
        RegistrationRequest.java
        StarRequest.java
        SubscribeRequest.java
        TagRequest.java
        resource
        AdminREST.java
        CategoryREST.java
        EntryREST.java
        FeedREST.java
        PubSubHubbubCallbackREST.java
        ServerREST.java
        UserREST.java
        servlet
        AnalyticsServlet.java
        CustomCssServlet.java
        LogoutServlet.java
        NextUnreadServlet.java
        session
        SessionHelper.java
        SessionHelperFactory.java
        SessionHelperFactoryProvider.java
        SessionManagerFactory.java
      - edu
        uci
        ics
        crawler4j
        url
        URLCanonicalizer.java
        UrlResolver.java
  - test
    - java
      - com
        commafeed
        backend
        FixedSizeSortedSetTest.java
        feed
        EstimateDirectionTest.java
        FeedUtilsTest.java
        opml
        OPMLExporterTest.java
        OPMLImporterTest.java
        service
        FeedEntryFilteringServiceTest.java
        UserServiceTest.java
        frontend
        auth
        SecurityCheckFactoryTest.java
        resource
        UserRestTest.java
        session
        SessionHelperTest.java

package com.commafeed.frontend.auth;

import java.util.Optional;
import java.util.Set;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import lombok.RequiredArgsConstructor;

import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.StringUtil;
import org.glassfish.jersey.server.internal.inject.AbstractContainerRequestValueFactory;

import com.commafeed.backend.model.User;
import com.commafeed.backend.model.UserRole.Role;
import com.commafeed.backend.service.UserService;
import com.commafeed.frontend.session.SessionHelper;

@RequiredArgsConstructor
public class SecurityCheckFactory extends AbstractContainerRequestValueFactory<User> {

	private static final String PREFIX = "Basic";

	@Context
	HttpServletRequest request;

	@Inject
	UserService userService;

	private final Role role;
	private final boolean apiKeyAllowed;

	@Override
	public User provide() {
		Optional<User> user = apiKeyLogin();
		if (!user.isPresent()) {
			user = basicAuthenticationLogin();
		}
		if (!user.isPresent()) {
			user = cookieSessionLogin(new SessionHelper(request));
		}

		if (user.isPresent()) {
			Set<Role> roles = userService.getRoles(user.get());
			if (roles.contains(role)) {
				return user.get();
			} else {
				throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN)
						.entity("You don't have the required role to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
			}
		} else {
			throw new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED)
					.entity("Credentials are required to access this resource.").type(MediaType.TEXT_PLAIN_TYPE).build());
		}
	}

	Optional<User> cookieSessionLogin(SessionHelper sessionHelper) {
		Optional<User> loggedInUser = sessionHelper.getLoggedInUser();
		if (loggedInUser.isPresent()) {
			userService.performPostLoginActivities(loggedInUser.get());
		}
		return loggedInUser;
	}

	private Optional<User> basicAuthenticationLogin() {
		String header = request.getHeader(HttpHeaders.AUTHORIZATION);
		if (header != null) {
			int space = header.indexOf(' ');
			if (space > 0) {
				String method = header.substring(0, space);
				if (PREFIX.equalsIgnoreCase(method)) {
					String decoded = B64Code.decode(header.substring(space + 1), StringUtil.__ISO_8859_1);
					int i = decoded.indexOf(':');
					if (i > 0) {
						String username = decoded.substring(0, i);
						String password = decoded.substring(i + 1);
						return userService.login(username, password);
					}
				}
			}
		}
		return Optional.empty();
	}

	private Optional<User> apiKeyLogin() {
		String apiKey = request.getParameter("apiKey");
		if (apiKey != null && apiKeyAllowed) {
			return userService.login(apiKey);
		}
		return Optional.empty();
	}

}