Mercurial > lada > lada-server
changeset 722:c81881dac97e
Switch to shibboleth authorization in all REST-services.
line wrap: on
line diff
--- a/src/main/java/de/intevation/lada/importer/laf/LafWriter.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/importer/laf/LafWriter.java Fri Aug 14 09:45:01 2015 +0200 @@ -50,7 +50,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/KommentarMService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/KommentarMService.java Fri Aug 14 09:45:01 2015 +0200 @@ -80,7 +80,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/KommentarPService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/KommentarPService.java Fri Aug 14 09:45:01 2015 +0200 @@ -88,7 +88,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/LoginService.java Fri Aug 14 09:44:31 2015 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,102 +0,0 @@ -/* Copyright (C) 2015 by Bundesamt fuer Strahlenschutz - * Software engineering by Intevation GmbH - * - * This file is Free Software under the GNU GPL (v>=3) - * and comes with ABSOLUTELY NO WARRANTY! Check out - * the documentation coming with IMIS-Labordaten-Application for details. - */ -package de.intevation.lada.rest; - -import java.util.Date; -import java.util.HashMap; -import java.util.Map; - -import javax.enterprise.context.RequestScoped; -import javax.inject.Inject; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.HttpHeaders; -import javax.ws.rs.core.UriInfo; - -import de.intevation.lada.util.annotation.AuthorizationConfig; -import de.intevation.lada.util.auth.Authorization; -import de.intevation.lada.util.auth.AuthorizationType; -import de.intevation.lada.util.auth.UserInfo; -import de.intevation.lada.util.rest.Response; - -/** - * REST service to get login data for the Lada application. - * <p> - * This service produces data in the application/json media type. - * A typical response holds information about the action performed and the data. - * <pre> - * <code> - * { - * "success": [boolean], - * "message": [string], - * "data":{ - * "username": [string], - * "servertime": [timestamp], - * "roles": [string] - * }, - * "errors": [object], - * "warnings": [object], - * "readonly": [boolean], - * "totalCount": [number] - * } - * </code> - * </pre> - * - * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a> - */ -@Path("login") -@RequestScoped -public class LoginService { - - @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) - private Authorization authorization; - - /** - * Get login data. - * <pre> - * <code> - * { - * "success": [boolean], - * "message": [string], - * "data": { - * "username": [string], - * "servertime": [timestamp], - * "roles": [string] - * }, - * "errors": [object], - * "warnings": [object], - * "readonly": [boolean], - * "totalCount": [number] - * } - * </code> - * </pre> - * - * @return Response object containing login data. - */ - @GET - @Path("/") - @Produces("application/json") - public Response get( - @Context HttpHeaders headers, - @Context UriInfo info, - @Context HttpServletRequest request - ) { - Map<String, Object> response = new HashMap<String, Object>(); - response.put("username", request.getAttribute("lada.user.name")); - response.put("roles", request.getAttribute("lada.user.roles")); - response.put("servertime", new Date().getTime()); - UserInfo userInfo = authorization.getInfo(request); - response.put("mst", userInfo.getMessstellen()); - response.put("netzbetreiber", userInfo.getNetzbetreiber()); - return new Response(true, 200, response); - } -}
--- a/src/main/java/de/intevation/lada/rest/MessprogrammMmtService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/MessprogrammMmtService.java Fri Aug 14 09:45:01 2015 +0200 @@ -81,7 +81,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/MessprogrammService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/MessprogrammService.java Fri Aug 14 09:45:01 2015 +0200 @@ -107,7 +107,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; @Inject
--- a/src/main/java/de/intevation/lada/rest/MessungService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/MessungService.java Fri Aug 14 09:45:01 2015 +0200 @@ -108,7 +108,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; @Inject
--- a/src/main/java/de/intevation/lada/rest/MesswertService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/MesswertService.java Fri Aug 14 09:45:01 2015 +0200 @@ -111,7 +111,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; @Inject
--- a/src/main/java/de/intevation/lada/rest/OrtService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/OrtService.java Fri Aug 14 09:45:01 2015 +0200 @@ -107,7 +107,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; @Inject
--- a/src/main/java/de/intevation/lada/rest/ProbeService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/ProbeService.java Fri Aug 14 09:45:01 2015 +0200 @@ -132,7 +132,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/StatusService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/StatusService.java Fri Aug 14 09:45:01 2015 +0200 @@ -93,7 +93,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/main/java/de/intevation/lada/rest/UserService.java Fri Aug 14 09:45:01 2015 +0200 @@ -0,0 +1,102 @@ +/* Copyright (C) 2015 by Bundesamt fuer Strahlenschutz + * Software engineering by Intevation GmbH + * + * This file is Free Software under the GNU GPL (v>=3) + * and comes with ABSOLUTELY NO WARRANTY! Check out + * the documentation coming with IMIS-Labordaten-Application for details. + */ +package de.intevation.lada.rest; + +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import javax.enterprise.context.RequestScoped; +import javax.inject.Inject; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.HttpHeaders; +import javax.ws.rs.core.UriInfo; + +import de.intevation.lada.util.annotation.AuthorizationConfig; +import de.intevation.lada.util.auth.Authorization; +import de.intevation.lada.util.auth.AuthorizationType; +import de.intevation.lada.util.auth.UserInfo; +import de.intevation.lada.util.rest.Response; + +/** + * REST service to get login data for the Lada application. + * <p> + * This service produces data in the application/json media type. + * A typical response holds information about the action performed and the data. + * <pre> + * <code> + * { + * "success": [boolean], + * "message": [string], + * "data":{ + * "username": [string], + * "servertime": [timestamp], + * "roles": [string] + * }, + * "errors": [object], + * "warnings": [object], + * "readonly": [boolean], + * "totalCount": [number] + * } + * </code> + * </pre> + * + * @author <a href="mailto:rrenkert@intevation.de">Raimund Renkert</a> + */ +@Path("user") +@RequestScoped +public class UserService{ + + @Inject + @AuthorizationConfig(type=AuthorizationType.HEADER) + private Authorization authorization; + + /** + * Get login data. + * <pre> + * <code> + * { + * "success": [boolean], + * "message": [string], + * "data": { + * "username": [string], + * "servertime": [timestamp], + * "roles": [string] + * }, + * "errors": [object], + * "warnings": [object], + * "readonly": [boolean], + * "totalCount": [number] + * } + * </code> + * </pre> + * + * @return Response object containing login data. + */ + @GET + @Path("/") + @Produces("application/json") + public Response get( + @Context HttpHeaders headers, + @Context UriInfo info, + @Context HttpServletRequest request + ) { + Map<String, Object> response = new HashMap<String, Object>(); + response.put("username", request.getAttribute("lada.user.name")); + response.put("roles", request.getAttribute("lada.user.roles")); + response.put("servertime", new Date().getTime()); + UserInfo userInfo = authorization.getInfo(request); + response.put("mst", userInfo.getMessstellen()); + response.put("netzbetreiber", userInfo.getNetzbetreiber()); + return new Response(true, 200, response); + } +}
--- a/src/main/java/de/intevation/lada/rest/ZusatzwertService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/ZusatzwertService.java Fri Aug 14 09:45:01 2015 +0200 @@ -97,7 +97,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/exporter/LafExportService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/exporter/LafExportService.java Fri Aug 14 09:45:01 2015 +0200 @@ -62,7 +62,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization;
--- a/src/main/java/de/intevation/lada/rest/importer/LafImportService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/importer/LafImportService.java Fri Aug 14 09:45:01 2015 +0200 @@ -49,7 +49,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/stamm/MessstelleService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/stamm/MessstelleService.java Fri Aug 14 09:45:01 2015 +0200 @@ -71,7 +71,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**
--- a/src/main/java/de/intevation/lada/rest/stamm/NetzbetreiberService.java Fri Aug 14 09:44:31 2015 +0200 +++ b/src/main/java/de/intevation/lada/rest/stamm/NetzbetreiberService.java Fri Aug 14 09:45:01 2015 +0200 @@ -76,7 +76,7 @@ * The authorization module. */ @Inject - @AuthorizationConfig(type=AuthorizationType.OPEN_ID) + @AuthorizationConfig(type=AuthorizationType.HEADER) private Authorization authorization; /**