Mercurial > dive4elements > river

annotate gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java @ 5861:172338b1407f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
GWT client: Added copyright header.
author Sascha L. Teichmann <teichmann@intevation.de>
date Sun, 28 Apr 2013 14:30:15 +0200
parents 5aa05a7a34b7
children 3ce02ac72855
rev   line source
5861
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
1 /* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
2 * Software engineering by Intevation GmbH
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
3 *
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
4 * This file is Free Software under the GNU AGPL (>=v3)
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY! Check out the
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
6 * documentation coming with Dive4Elements River for details.
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
7 */
172338b1407f GWT client: Added copyright header.
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5838
diff changeset
8
5835
821a02bbfb4e Fixed internal java dependencies
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5834
diff changeset
9 package org.dive4elements.river.client.server.auth.was;
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
10
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
11 import java.io.IOException;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
12 import java.io.InputStream;
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
13 import java.util.List;
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
14
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
15 import org.apache.commons.codec.binary.Base64InputStream;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
16
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
17 import org.apache.http.HttpEntity;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
18
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
19 import org.apache.log4j.Logger;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
20
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
21 import org.jdom.Document;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
22 import org.jdom.Element;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
23 import org.jdom.JDOMException;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
24 import org.jdom.input.SAXBuilder;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
25
5835
821a02bbfb4e Fixed internal java dependencies
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5834
diff changeset
26 import org.dive4elements.river.client.server.auth.Authentication;
821a02bbfb4e Fixed internal java dependencies
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5834
diff changeset
27 import org.dive4elements.river.client.server.auth.AuthenticationException;
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
28
5835
821a02bbfb4e Fixed internal java dependencies
Sascha L. Teichmann <teichmann@intevation.de>
parents: 5834
diff changeset
29 import org.dive4elements.river.client.server.features.Features;
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
30
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
31 public class Response implements Authentication {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
32
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
33 private static Logger logger = Logger.getLogger(Response.class);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
34
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
35 private Element root;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
36 private Assertion assertion;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
37 private String username;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
38 private String password;
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
39 private Features features;
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
40
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
41
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
42 public Response(HttpEntity entity, String username, String password, Features features) throws AuthenticationException, IOException {
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
43
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
44 if (entity == null) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
45 throw new ServiceException("Invalid response");
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
46 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
47
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
48 String contenttype = entity.getContentType().getValue();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
49
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
50 try {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
51 InputStream in = entity.getContent();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
52
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
53 if (!contenttype.equals("application/vnd.ogc.se_xml")) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
54 // XXX: Assume base64 encoded content.
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
55 in = new Base64InputStream(in);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
56 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
57
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
58 SAXBuilder builder = new SAXBuilder();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
59 Document doc = builder.build(in);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
60 Element root = doc.getRootElement();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
61 String rname = root.getName();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
62
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
63 if (rname != null && rname.equals("ServiceExceptionReport")) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
64 throw new ServiceException(root.getChildText("ServiceException"));
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
65 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
66
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
67 this.root = root;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
68 this.username = username;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
69 this.password = password;
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
70 this.features = features;
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
71
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
72 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
73 catch(JDOMException e) {
2968
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
74 throw new AuthenticationException(e);
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
75 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
76 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
77
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
78 public Element getRoot() {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
79 return this.root;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
80 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
81
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
82 @Override
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
83 public boolean isSuccess() {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
84 String status = getStatus();
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
85 return status != null && status.equals("samlp:Success");
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
86 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
87
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
88 public String getStatus() {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
89 Element status = this.root.getChild("Status", Namespaces.SAML_NS_PROTO);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
90 if (status == null) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
91 return null;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
92 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
93 Element statuscode = status.getChild("StatusCode",
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
94 Namespaces.SAML_NS_PROTO);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
95 if (statuscode == null) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
96 return null;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
97 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
98 return statuscode.getAttributeValue("Value");
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
99 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
100
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
101 public Assertion getAssertion() {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
102 if (this.assertion == null && this.root != null) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
103 Element assertion = this.root.getChild("Assertion",
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
104 Namespaces.SAML_NS_ASSERT);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
105 if (assertion != null) {
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
106 this.assertion = new Assertion(assertion);
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
107 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
108 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
109 return this.assertion;
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
110 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
111
2959
5ba0a6efdf3b Auth: added simple file based authentication.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents: 2956
diff changeset
112 @Override
2968
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
113 public User getUser() throws AuthenticationException {
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
114 Assertion assertion = this.getAssertion();
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
115 if (assertion == null) {
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
116 throw new AuthenticationException("Response doesn't contain an assertion");
3e0567e02577 Extend Authentication and Response to throw additional exceptions
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2959
diff changeset
117 }
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
118 List<String> features = this.features.getFeatures(
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
119 this.assertion.getRoles());
3489
6f36f79676a7 Add debug log of a successfull authentification
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3486
diff changeset
120 logger.debug("User " + this.username + " with features " + features +
6f36f79676a7 Add debug log of a successfull authentification
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3486
diff changeset
121 " successfully authenticated.");
3504
1387cdeb8d93 Add account information to flys-client user classes
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 3489
diff changeset
122 return new User(this.username, this.password, assertion.getNameID(),
3486
23095983c249 Implement Features handling for WAS authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents: 2981
diff changeset
123 this.assertion.getRoles(), assertion, features);
2956
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
124 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
125 }
d7f76f197d89 Refactor GGInA authentication
Bjoern Ricks <bjoern.ricks@intevation.de>
parents:
diff changeset
126 // vim: set si et fileencoding=utf-8 ts=4 sw=4 tw=80:
http://dive4elements.wald.intevation.org