| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.usergrid.rest.security.shiro.filters; |
| |
| |
| import org.apache.commons.lang.StringUtils; |
| import org.apache.usergrid.management.ManagementService; |
| import org.apache.usergrid.persistence.EntityManagerFactory; |
| import org.apache.usergrid.security.tokens.TokenService; |
| import org.apache.usergrid.services.ServiceManagerFactory; |
| import org.springframework.beans.factory.annotation.Autowired; |
| import org.springframework.beans.factory.annotation.Qualifier; |
| |
| import javax.ws.rs.container.ContainerRequestContext; |
| import javax.ws.rs.container.ContainerRequestFilter; |
| import javax.ws.rs.core.Context; |
| import javax.ws.rs.core.HttpHeaders; |
| import javax.ws.rs.core.UriInfo; |
| import javax.xml.ws.spi.http.HttpContext; |
| import java.util.LinkedHashMap; |
| import java.util.Map; |
| import java.util.Properties; |
| |
| import static org.apache.usergrid.utils.StringUtils.stringOrSubstringAfterFirst; |
| import static org.apache.usergrid.utils.StringUtils.stringOrSubstringBeforeFirst; |
| |
| public abstract class SecurityFilter implements ContainerRequestFilter { |
| |
| public static final String AUTH_OAUTH_2_ACCESS_TOKEN_TYPE = "BEARER"; |
| public static final String AUTH_BASIC_TYPE = "BASIC"; |
| public static final String AUTH_OAUTH_1_TYPE = "OAUTH"; |
| |
| EntityManagerFactory emf; |
| ServiceManagerFactory smf; |
| Properties properties; |
| ManagementService management; |
| TokenService tokens; |
| |
| @Context |
| UriInfo uriInfo; |
| |
| @Context |
| HttpContext hc; |
| |
| |
| public EntityManagerFactory getEntityManagerFactory() { |
| return emf; |
| } |
| |
| |
| @Autowired |
| public void setEntityManagerFactory( EntityManagerFactory emf ) { |
| this.emf = emf; |
| } |
| |
| |
| public ServiceManagerFactory getServiceManagerFactory() { |
| return smf; |
| } |
| |
| |
| @Autowired |
| public void setServiceManagerFactory( ServiceManagerFactory smf ) { |
| this.smf = smf; |
| } |
| |
| |
| public Properties getProperties() { |
| return properties; |
| } |
| |
| |
| @Autowired |
| @Qualifier("properties") |
| public void setProperties( Properties properties ) { |
| this.properties = properties; |
| } |
| |
| |
| public TokenService getTokenService() { |
| return tokens; |
| } |
| |
| |
| @Autowired |
| public void setTokenService( TokenService tokens ) { |
| this.tokens = tokens; |
| } |
| |
| |
| public ManagementService getManagementService() { |
| return management; |
| } |
| |
| |
| @Autowired |
| public void setManagementService( ManagementService management ) { |
| this.management = management; |
| } |
| |
| |
| public static Map<String, String> getAuthTypes( ContainerRequestContext request ) { |
| String auth_header = request.getHeaderString( HttpHeaders.AUTHORIZATION ); |
| if ( auth_header == null ) { |
| return null; |
| } |
| |
| String[] auth_list = StringUtils.split( auth_header, ',' ); |
| if ( auth_list == null ) { |
| return null; |
| } |
| Map<String, String> auth_types = new LinkedHashMap<String, String>(); |
| for ( String auth : auth_list ) { |
| auth = auth.trim(); |
| String type = stringOrSubstringBeforeFirst( auth, ' ' ).toUpperCase(); |
| String token = stringOrSubstringAfterFirst( auth, ' ' ); |
| auth_types.put( type, token ); |
| } |
| return auth_types; |
| } |
| |
| public static boolean bypassSecurityCheck( ContainerRequestContext request ){ |
| |
| // if this is a CORS Pre-Flight request, we can skip the security check |
| // OPTIONS requests do not have access into Usergrid data, Jersey default handles these requests |
| if( request.getMethod().equalsIgnoreCase("options") ){ |
| return true; |
| } |
| |
| return false; |
| |
| } |
| } |