/* ====================================================================
*
* Copyright (C) 2017 GeoSolutions S.A.S.
* http://www.geo-solutions.it
*
* GPLv3 + Classpath exception
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program.
*
* ====================================================================
*
* This software consists of voluntary contributions made by developers
* of GeoSolutions. For more information on GeoSolutions, please see
* <http://www.geo-solutions.it/>.
*
*/
package it.geosolutions.geostore.services.rest;
import java.text.ParseException;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.SecurityContext;
import org.springframework.security.access.annotation.Secured;
import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.services.rest.model.SessionToken;
public interface RESTSessionService {
/**
* Gets the User object associated to the given sessionId (if it exists).
*
* @param sessionId
* @param refresh flag to automatically refresh the session (only if enabled)
* @return
*/
@GET
@Path("/user/{sessionId}")
@Produces({MediaType.APPLICATION_JSON})
@Secured({ "ROLE_ADMIN", "ROLE_USER", "ROLE_ANONYMOUS" })
User getUser(
@PathParam("sessionId") String sessionId,
@DefaultValue("true") @QueryParam("refresh") boolean refresh);
/**
* Gets the username associated to the given sessionId (if it exists).
*
* @param sessionId
* @param refresh flag to automatically refresh the session (only if enabled)
* @return
*/
@GET
@Path("/username/{sessionId}")
@Produces({MediaType.TEXT_PLAIN})
@Secured({ "ROLE_ADMIN", "ROLE_USER", "ROLE_ANONYMOUS" })
public String getUserName(
@PathParam("sessionId") String sessionId,
@DefaultValue("true") @QueryParam("refresh") boolean refresh);
/**
* Creates a new session for the User in SecurityContext.
*
* @return the session key
* @throws ParseException
*/
@PUT
@Path("/")
@Produces({MediaType.TEXT_PLAIN})
@Secured({ "ROLE_ADMIN", "ROLE_USER" })
public String createSession(
@DefaultValue("") @QueryParam("expires") String expires, @Context SecurityContext sc) throws ParseException;
/**
* Creates a new session for the User in SecurityContext.
*
* @return The session token with expiring time (in seconds and refresh token.
* @throws ParseException
*/
@POST
@Path("/login")
@Produces({MediaType.APPLICATION_JSON})
@Secured({ "ROLE_ADMIN", "ROLE_USER" })
public SessionToken login(@Context SecurityContext sc) throws ParseException;
/**
* Refresh the session token
*
* @param sessionId the current session token
* @param refreshToken the token that allow you to refresh the session
*
* @return the new session token with the new informations
* @throws ParseException
*/
@POST
@Path("/refresh/{sessionId}/{refreshToken}")
@Produces({MediaType.APPLICATION_JSON})
@Secured({ "ROLE_ADMIN", "ROLE_USER" })
public SessionToken refresh(@Context SecurityContext sc, @PathParam("sessionId") String sessionId, @PathParam("refreshToken") String refreshToken) throws ParseException;
/**
* Removes the given session.
*
* @return
*/
@DELETE
@Path("/{sessionId}")
@Secured({ "ROLE_ADMIN", "ROLE_USER" })
public void removeSession(@PathParam("sessionId") String sessionId);
/**
* Removes all sessions.
*
* @return
*/
@DELETE
@Path("/")
@Secured({ "ROLE_ADMIN" })
public void clear();
}