Skip to content
This repository has been archived by the owner on Jan 20, 2024. It is now read-only.

Commit

Permalink
fixes #289 refactor light-oauth2 service to ensure integration with l…
Browse files Browse the repository at this point in the history 
…ight-portal
  • Loading branch information
@stevehu
stevehu committed Aug 3, 2020
1 parent f43fcd0 commit 2adee09
Show file tree
Hide file tree
Showing 13 changed files with 276 additions and 49 deletions.
15 changes: 15 additions & 0 deletions client/src/main/java/com/networknt/oauth/client/handler/ClientAuditHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.client.handler;

import com.networknt.body.BodyHandler;
Expand Down
38 changes: 31 additions & 7 deletions service/src/main/java/com/networknt/oauth/service/handler/Oauth2ServiceGetHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,25 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
import com.hazelcast.query.PagingPredicate;
import com.hazelcast.query.impl.predicates.LikePredicate;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.handler.LightHttpHandler;
import com.networknt.oauth.cache.CacheStartupHookProvider;
import com.networknt.oauth.cache.model.Service;
Expand All @@ -15,29 +31,37 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.Collection;
import java.util.Deque;
import java.util.*;

/**
* Get all the services to display with pagination support. It returns a list of services and the
* total count.
*
* @author Steve Hu
*/
public class Oauth2ServiceGetHandler extends ServiceAuditHandler implements LightHttpHandler {
static final Logger logger = LoggerFactory.getLogger(Oauth2ServiceGetHandler.class);
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
IMap<String, Service> services = CacheStartupHookProvider.hz.getMap("services");
Deque<String> hostDeque = exchange.getQueryParameters().get("host");
String host = hostDeque == null ? "%" : hostDeque.getFirst() + "%";

Deque<String> serviceIdDeque = exchange.getQueryParameters().get("serviceId");
String serviceId = serviceIdDeque == null? "%" : serviceIdDeque.getFirst() + "%";
int page = Integer.valueOf(exchange.getQueryParameters().get("page").getFirst()) - 1;
int page = Integer.valueOf(exchange.getQueryParameters().get("page").getFirst());
Deque<String> pageSizeDeque = exchange.getQueryParameters().get("pageSize");
int pageSize = pageSizeDeque == null? 10 : Integer.valueOf(pageSizeDeque.getFirst());

LikePredicate likePredicate = new LikePredicate("serviceId", serviceId);
LikePredicate likePredicate = new LikePredicate("host", host);

PagingPredicate pagingPredicate = new PagingPredicate(likePredicate, new ServiceComparator(), pageSize);
pagingPredicate.setPage(page);
Collection<Service> values = services.values(pagingPredicate);
Map<String, Object> map = new HashMap<>();
map.put("services", values);
map.put("total", services.size());

exchange.getResponseHeaders().add(Headers.CONTENT_TYPE, "application/json");
exchange.getResponseSender().send(Config.getInstance().getMapper().writeValueAsString(values));
exchange.getResponseSender().send(JsonMapper.toJson(map));
processAudit(exchange);
}
}
44 changes: 43 additions & 1 deletion service/src/main/java/com/networknt/oauth/service/handler/Oauth2ServicePostHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,30 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
import com.networknt.body.BodyHandler;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.handler.LightHttpHandler;
import com.networknt.httpstring.AttachmentConstants;
import com.networknt.oauth.cache.CacheStartupHookProvider;
import com.networknt.oauth.cache.model.Service;
import com.networknt.oauth.cache.model.User;
import com.networknt.security.JwtVerifier;
import com.networknt.status.Status;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
Expand All @@ -19,18 +37,42 @@
public class Oauth2ServicePostHandler extends ServiceAuditHandler implements LightHttpHandler {
static Logger logger = LoggerFactory.getLogger(Oauth2ServicePostHandler.class);
static final String SERVICE_ID_EXISTS = "ERR12018";
static final String USER_NOT_FOUND = "ERR12013";
private static final String INCORRECT_TOKEN_TYPE = "ERR11601";

private static final String OPENAPI_SECURITY_CONFIG = "openapi-security";
private static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
private static boolean enableSecurity = false;
static {
Map<String, Object> config = Config.getInstance().getJsonMapConfig(OPENAPI_SECURITY_CONFIG);
// fallback to generic security.yml
if(config == null) config = Config.getInstance().getJsonMapConfig(JwtVerifier.SECURITY_CONFIG);
Object object = config.get(ENABLE_VERIFY_JWT);
enableSecurity = object != null && Boolean.valueOf(object.toString());
}

@SuppressWarnings("unchecked")
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
Map<String, Object> body = (Map)exchange.getAttachment(BodyHandler.REQUEST_BODY);
Service service = Config.getInstance().getMapper().convertValue(body, Service.class);

if(enableSecurity) {
// get userId from JWT token.
Map<String, Object> auditInfo = exchange.getAttachment(AttachmentConstants.AUDIT_INFO);
// the auditInfo won't be null as it passes the Jwt verification
String userId = (String)auditInfo.get("user_id");
if(userId == null) {
// wrong token. client credentials token won't work here. Must be authorization code token.
setExchangeStatus(exchange, INCORRECT_TOKEN_TYPE, "Authorization Code Token");
return;
}
service.setOwnerId(userId);
}
String serviceId = service.getServiceId();
IMap<String, Service> services = CacheStartupHookProvider.hz.getMap("services");
if(services.get(serviceId) == null) {
services.set(serviceId, service);
exchange.getResponseSender().send(Config.getInstance().getMapper().writeValueAsString(service));
} else {
setExchangeStatus(exchange, SERVICE_ID_EXISTS, serviceId);
}
Expand Down
52 changes: 50 additions & 2 deletions service/src/main/java/com/networknt/oauth/service/handler/Oauth2ServicePutHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,30 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
import com.networknt.body.BodyHandler;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.handler.LightHttpHandler;
import com.networknt.httpstring.AttachmentConstants;
import com.networknt.oauth.cache.CacheStartupHookProvider;
import com.networknt.oauth.cache.model.Service;
import com.networknt.oauth.cache.model.User;
import com.networknt.security.JwtVerifier;
import com.networknt.status.Status;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
Expand All @@ -18,7 +36,20 @@

public class Oauth2ServicePutHandler extends ServiceAuditHandler implements LightHttpHandler {
static Logger logger = LoggerFactory.getLogger(Oauth2ServicePutHandler.class);
static final String SERVICE_NOT_FOUND = "ERR12015";
private static final String SERVICE_NOT_FOUND = "ERR12015";
private static final String INCORRECT_TOKEN_TYPE = "ERR11601";
private static final String PERMISSION_DENIED = "ERR11620";

private static final String OPENAPI_SECURITY_CONFIG = "openapi-security";
private static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
private static boolean enableSecurity = false;
static {
Map<String, Object> config = Config.getInstance().getJsonMapConfig(OPENAPI_SECURITY_CONFIG);
// fallback to generic security.yml
if(config == null) config = Config.getInstance().getJsonMapConfig(JwtVerifier.SECURITY_CONFIG);
Object object = config.get(ENABLE_VERIFY_JWT);
enableSecurity = object != null && Boolean.valueOf(object.toString());
}

@SuppressWarnings("unchecked")
@Override
Expand All @@ -27,12 +58,29 @@ public void handleRequest(HttpServerExchange exchange) throws Exception {
Service service = Config.getInstance().getMapper().convertValue(body, Service.class);

String serviceId = service.getServiceId();

if(enableSecurity) {
String ownerId = service.getOwnerId();
Map<String, Object> auditInfo = exchange.getAttachment(AttachmentConstants.AUDIT_INFO);
String userId = (String)auditInfo.get("user_id");
String roles = (String)auditInfo.get("roles");
if(userId == null) {
setExchangeStatus(exchange, INCORRECT_TOKEN_TYPE, "Authorization Code Token");
return;
}
if(!userId.equals(ownerId)) {
// only the same user or admin can update.
if(roles == null || !roles.contains("admin")) {
setExchangeStatus(exchange, PERMISSION_DENIED, roles);
return;
}
}
}
IMap<String, Service> services = CacheStartupHookProvider.hz.getMap("services");
if(services.get(serviceId) == null) {
setExchangeStatus(exchange, SERVICE_NOT_FOUND, serviceId);
} else {
services.set(serviceId, service);
exchange.getResponseSender().send(Config.getInstance().getMapper().writeValueAsString(service));
}
processAudit(exchange);
}
Expand Down
15 changes: 15 additions & 0 deletions ...rc/main/java/com/networknt/oauth/service/handler/Oauth2ServiceServiceIdDeleteHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
Expand Down
16 changes: 15 additions & 1 deletion ...java/com/networknt/oauth/service/handler/Oauth2ServiceServiceIdEndpointDeleteHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@

/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
Expand Down
16 changes: 15 additions & 1 deletion ...in/java/com/networknt/oauth/service/handler/Oauth2ServiceServiceIdEndpointGetHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@

/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
Expand Down
16 changes: 15 additions & 1 deletion ...n/java/com/networknt/oauth/service/handler/Oauth2ServiceServiceIdEndpointPostHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,18 @@

/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
Expand Down
15 changes: 15 additions & 0 deletions ...e/src/main/java/com/networknt/oauth/service/handler/Oauth2ServiceServiceIdGetHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.hazelcast.core.IMap;
Expand Down
15 changes: 15 additions & 0 deletions service/src/main/java/com/networknt/oauth/service/handler/OauthServiceConfig.java
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

public class OauthServiceConfig {
Expand Down
15 changes: 15 additions & 0 deletions service/src/main/java/com/networknt/oauth/service/handler/ServiceAuditHandler.java
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,18 @@
/*
* Copyright (c) 2016 Network New Technologies Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.networknt.oauth.service.handler;

import com.networknt.body.BodyHandler;
Expand Down
Loading

0 comments on commit 2adee09

Please sign in to comment.