redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AbstractInterceptor.java - archiva-redback-core - Git at Google

 package org.apache.archiva.redback.rest.services.interceptors;

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 import org.apache.archiva.redback.authentication.AuthenticationException;
 import org.apache.archiva.redback.authentication.AuthenticationResult;
 import org.apache.archiva.redback.authorization.RedbackAuthorization;
 import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
 import org.apache.archiva.redback.policy.AccountLockedException;
 import org.apache.archiva.redback.policy.MustChangePasswordException;
 import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;
 import org.apache.archiva.redback.rest.services.RedbackRequestInformation;
 import org.apache.archiva.redback.system.SecuritySession;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.core.annotation.AnnotationUtils;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ResourceInfo;
 import javax.ws.rs.core.Context;
 import java.lang.reflect.Method;
 import java.util.HashMap;
 import java.util.Map;

 /**
  * @author Olivier Lamy
  * @since 1.3
  */
 public abstract class AbstractInterceptor
 {

     private static final Logger log = LoggerFactory.getLogger( AbstractInterceptor.class );

     private static final String API_DOCS = "api-docs";
     private static final String OPENAPI_JSON = "openapi.json";
     private static final String API_DOCS1 = "api-docs/";

     private Map<Method, RedbackAuthorization> authorizationCache = new HashMap<>( );

     public static final String AUTHENTICATION_RESULT = "org.apache.archiva.authResult";
     public static final String SECURITY_SESSION = "org.apache.archiva.securitySession";

     @Context
     private HttpServletRequest httpServletRequest;

     @Context
     private HttpServletResponse httpServletResponse;

     public HttpServletRequest getHttpServletRequest( )
     {
         return httpServletRequest;
     }

     public HttpServletResponse getHttpServletResponse( )
     {
         return httpServletResponse;
     }

     protected void setHttpServletRequest(HttpServletRequest request) {
         this.httpServletRequest = request;
     }

     protected void setHttpServletResponse(HttpServletResponse response) {
         this.httpServletResponse = response;
     }


     public static final boolean ignoreAuth(final String requestPath) {
         final int len = requestPath.length( );
         return len >= 8 && ( ( len == 12 && OPENAPI_JSON.equals( requestPath ) ) ||
             ( requestPath.startsWith( API_DOCS ) && ( len == 8 || requestPath.startsWith( API_DOCS1 ) ) ) );
     }

     public RedbackAuthorization getRedbackAuthorization( ResourceInfo resourceInfo ) {
         Method method = resourceInfo.getResourceMethod( );
         RedbackAuthorization redbackAuthorization = getAuthorizationForMethod( method );
         log.debug( "resourceClass {}, method {}, redbackAuthorization {}", //
                 resourceInfo.getResourceClass( ), //
                 method, //
                 redbackAuthorization );
         return redbackAuthorization;
     }

     private RedbackAuthorization getAuthorizationForMethod(Method method) {
         if (authorizationCache.containsKey( method )) {
             return authorizationCache.get( method );
         } else {
             RedbackAuthorization authorization = AnnotationUtils.findAnnotation( method, RedbackAuthorization.class );
             authorizationCache.put( method, authorization );
             return authorization;
         }
     }

     protected SecuritySession getSecuritySession(ContainerRequestContext containerRequestContext, HttpAuthenticator httpAuthenticator,
     HttpServletRequest request) {
         if ( containerRequestContext.getProperty( SECURITY_SESSION ) != null ) {
             return (SecuritySession) containerRequestContext.getProperty( SECURITY_SESSION );
         }
         RedbackRequestInformation info = RedbackAuthenticationThreadLocal.get( );
         SecuritySession securitySession = info == null ? null : info.getSecuritySession( );
         if  (securitySession!=null) {
             return securitySession;
         } else
         {
             return httpAuthenticator.getSecuritySession( request.getSession( true ) );
         }
     }

     protected AuthenticationResult getAuthenticationResult( ContainerRequestContext containerRequestContext, HttpAuthenticator httpAuthenticator, HttpServletRequest request )
     {
         AuthenticationResult authenticationResult = null;

         if ( containerRequestContext.getProperty( AUTHENTICATION_RESULT ) == null )
         {
             try
             {
                 authenticationResult =
                     httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( ) );

                 if (authenticationResult!=null) {
                     containerRequestContext.setProperty( AUTHENTICATION_RESULT, authenticationResult );
                 }

                 log.debug( "authenticationResult from request: {}", authenticationResult );
             }
             catch ( AuthenticationException e )
             {
                 log.debug( "failed to authenticate for path {}", containerRequestContext.getUriInfo().getRequestUri() );
             }
             catch ( AccountLockedException e )
             {
                 log.debug( "account locked for path {}", containerRequestContext.getUriInfo().getRequestUri() );
             }
             catch ( MustChangePasswordException e )
             {
                 log.debug( "must change password for path {}", containerRequestContext.getUriInfo().getRequestUri() );
             }
         } else {
             authenticationResult = (AuthenticationResult) containerRequestContext.getProperty( AUTHENTICATION_RESULT );
         }
         log.debug( "authenticationResult from message: {}", authenticationResult );
         return authenticationResult;
     }
 }
	package org.apache.archiva.redback.rest.services.interceptors;

	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	import org.apache.archiva.redback.authentication.AuthenticationException;
	import org.apache.archiva.redback.authentication.AuthenticationResult;
	import org.apache.archiva.redback.authorization.RedbackAuthorization;
	import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
	import org.apache.archiva.redback.policy.AccountLockedException;
	import org.apache.archiva.redback.policy.MustChangePasswordException;
	import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;
	import org.apache.archiva.redback.rest.services.RedbackRequestInformation;
	import org.apache.archiva.redback.system.SecuritySession;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;
	import org.springframework.core.annotation.AnnotationUtils;

	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;
	import javax.ws.rs.container.ContainerRequestContext;
	import javax.ws.rs.container.ResourceInfo;
	import javax.ws.rs.core.Context;
	import java.lang.reflect.Method;
	import java.util.HashMap;
	import java.util.Map;

	/**
	* @author Olivier Lamy
	* @since 1.3
	*/
	public abstract class AbstractInterceptor
	{

	private static final Logger log = LoggerFactory.getLogger( AbstractInterceptor.class );

	private static final String API_DOCS = "api-docs";
	private static final String OPENAPI_JSON = "openapi.json";
	private static final String API_DOCS1 = "api-docs/";

	private Map<Method, RedbackAuthorization> authorizationCache = new HashMap<>( );

	public static final String AUTHENTICATION_RESULT = "org.apache.archiva.authResult";
	public static final String SECURITY_SESSION = "org.apache.archiva.securitySession";

	@Context
	private HttpServletRequest httpServletRequest;

	@Context
	private HttpServletResponse httpServletResponse;

	public HttpServletRequest getHttpServletRequest( )
	{
	return httpServletRequest;
	}

	public HttpServletResponse getHttpServletResponse( )
	{
	return httpServletResponse;
	}

	protected void setHttpServletRequest(HttpServletRequest request) {
	this.httpServletRequest = request;
	}

	protected void setHttpServletResponse(HttpServletResponse response) {
	this.httpServletResponse = response;
	}


	public static final boolean ignoreAuth(final String requestPath) {
	final int len = requestPath.length( );
	return len >= 8 && ( ( len == 12 && OPENAPI_JSON.equals( requestPath ) ) \|\|
	( requestPath.startsWith( API_DOCS ) && ( len == 8 \|\| requestPath.startsWith( API_DOCS1 ) ) ) );
	}

	public RedbackAuthorization getRedbackAuthorization( ResourceInfo resourceInfo ) {
	Method method = resourceInfo.getResourceMethod( );
	RedbackAuthorization redbackAuthorization = getAuthorizationForMethod( method );
	log.debug( "resourceClass {}, method {}, redbackAuthorization {}", //
	resourceInfo.getResourceClass( ), //
	method, //
	redbackAuthorization );
	return redbackAuthorization;
	}

	private RedbackAuthorization getAuthorizationForMethod(Method method) {
	if (authorizationCache.containsKey( method )) {
	return authorizationCache.get( method );
	} else {
	RedbackAuthorization authorization = AnnotationUtils.findAnnotation( method, RedbackAuthorization.class );
	authorizationCache.put( method, authorization );
	return authorization;
	}
	}

	protected SecuritySession getSecuritySession(ContainerRequestContext containerRequestContext, HttpAuthenticator httpAuthenticator,
	HttpServletRequest request) {
	if ( containerRequestContext.getProperty( SECURITY_SESSION ) != null ) {
	return (SecuritySession) containerRequestContext.getProperty( SECURITY_SESSION );
	}
	RedbackRequestInformation info = RedbackAuthenticationThreadLocal.get( );
	SecuritySession securitySession = info == null ? null : info.getSecuritySession( );
	if (securitySession!=null) {
	return securitySession;
	} else
	{
	return httpAuthenticator.getSecuritySession( request.getSession( true ) );
	}
	}

	protected AuthenticationResult getAuthenticationResult( ContainerRequestContext containerRequestContext, HttpAuthenticator httpAuthenticator, HttpServletRequest request )
	{
	AuthenticationResult authenticationResult = null;

	if ( containerRequestContext.getProperty( AUTHENTICATION_RESULT ) == null )
	{
	try
	{
	authenticationResult =
	httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( ) );

	if (authenticationResult!=null) {
	containerRequestContext.setProperty( AUTHENTICATION_RESULT, authenticationResult );
	}

	log.debug( "authenticationResult from request: {}", authenticationResult );
	}
	catch ( AuthenticationException e )
	{
	log.debug( "failed to authenticate for path {}", containerRequestContext.getUriInfo().getRequestUri() );
	}
	catch ( AccountLockedException e )
	{
	log.debug( "account locked for path {}", containerRequestContext.getUriInfo().getRequestUri() );
	}
	catch ( MustChangePasswordException e )
	{
	log.debug( "must change password for path {}", containerRequestContext.getUriInfo().getRequestUri() );
	}
	} else {
	authenticationResult = (AuthenticationResult) containerRequestContext.getProperty( AUTHENTICATION_RESULT );
	}
	log.debug( "authenticationResult from message: {}", authenticationResult );
	return authenticationResult;
	}
	}