reading token from SecurityUtils rather than queryParams.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/d393445f Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/d393445f Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/d393445f Branch: refs/heads/apigee-sso-provider Commit: d393445f19b214788a3b75ea74fb5e93265bedf4 Parents: 5c54d15 Author: Ayesha Dastagiri <ayesha.am...@gmail.com> Authored: Mon Jul 11 16:40:45 2016 -0700 Committer: Ayesha Dastagiri <ayesha.am...@gmail.com> Committed: Mon Jul 11 16:40:45 2016 -0700 ---------------------------------------------------------------------- .../rest/management/ManagementResource.java | 23 +++++++++++++++++++- .../rest/management/users/UserResource.java | 6 +++-- .../cassandra/ManagementServiceImpl.java | 4 +++- 3 files changed, 29 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java index 056303a..c94987a 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java @@ -22,6 +22,7 @@ import org.apache.amber.oauth2.common.exception.OAuthProblemException; import org.apache.amber.oauth2.common.message.OAuthResponse; import org.apache.amber.oauth2.common.message.types.GrantType; import org.apache.commons.lang.StringUtils; +import org.apache.shiro.SecurityUtils; import org.apache.shiro.codec.Base64; import org.apache.usergrid.management.ApplicationCreator; import org.apache.usergrid.management.UserInfo; @@ -34,6 +35,7 @@ import org.apache.usergrid.rest.exceptions.RedirectionException; import org.apache.usergrid.rest.management.organizations.OrganizationsResource; import org.apache.usergrid.rest.management.users.UsersResource; import org.apache.usergrid.security.oauth.AccessInfo; +import org.apache.usergrid.security.shiro.principals.PrincipalIdentifier; import org.apache.usergrid.security.shiro.utils.SubjectUtils; import org.apache.usergrid.security.sso.ExternalSSOProvider; import org.apache.usergrid.security.sso.SSOProviderFactory; @@ -99,6 +101,9 @@ public class ManagementResource extends AbstractContextResource { MetricsFactory metricsFactory = null; + String access_token = null; + + public ManagementResource() { if (logger.isTraceEnabled()) { logger.trace( "ManagementResource initialized" ); @@ -159,7 +164,6 @@ public class ManagementResource extends AbstractContextResource { @QueryParam( "client_id" ) String client_id, @QueryParam( "client_secret" ) String client_secret, @QueryParam( "ttl" ) long ttl, - @QueryParam( "access_token" ) String access_token, @QueryParam( "callback" ) @DefaultValue( "" ) String callback ) throws Exception { @@ -181,6 +185,12 @@ public class ManagementResource extends AbstractContextResource { final boolean ssoEnabled = Boolean.parseBoolean(properties.getProperty(USERGRID_EXTERNAL_SSO_ENABLED)); long tokenTtl; + PrincipalIdentifier userPrincipal = (PrincipalIdentifier) SecurityUtils.getSubject().getPrincipal(); + if ( userPrincipal != null && userPrincipal.getAccessTokenCredentials() != null ) { + this.access_token = userPrincipal.getAccessTokenCredentials().getToken(); + } + + if(ssoEnabled){ ExternalSSOProvider provider = ssoProviderFactory.getProvider(); @@ -384,6 +394,7 @@ public class ManagementResource extends AbstractContextResource { @FormParam( "access_token" ) String access_token, @FormParam( "callback" ) @DefaultValue( "" ) String callback ) throws Exception { + return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl, callback, false, true ); } @@ -425,6 +436,16 @@ public class ManagementResource extends AbstractContextResource { @QueryParam( "callback" ) @DefaultValue( "" ) String callback, @HeaderParam( "Authorization" ) String authorization ) throws Exception { + + if ( json == null ) { + String errorDescription = "invalid request, expected data in the request."; + OAuthResponse response = + OAuthResponse.errorResponse( SC_BAD_REQUEST ).setError( OAuthError.TokenResponse.INVALID_REQUEST ) + .setErrorDescription( errorDescription ).buildJSONMessage(); + return Response.status( response.getResponseStatus() ).type( jsonMediaType( callback ) ) + .entity( wrapWithCallback( response.getBody(), callback ) ).build(); + } + String grant_type = ( String ) json.get( "grant_type" ); String username = ( String ) json.get( "username" ); String password = ( String ) json.get( "password" ); http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java index 739ef28..f568463 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/users/UserResource.java @@ -64,7 +64,7 @@ public class UserResource extends AbstractContextResource { String errorMsg; - String token; + String token = null; public UserResource() { @@ -74,7 +74,9 @@ public class UserResource extends AbstractContextResource { public UserResource init( UserInfo user ) { this.user = user; PrincipalIdentifier userPrincipal = (PrincipalIdentifier) SecurityUtils.getSubject().getPrincipal(); - this.token = userPrincipal.getAccessTokenCredentials().getToken(); + if ( userPrincipal != null && userPrincipal.getAccessTokenCredentials() != null ) { + this.token = userPrincipal.getAccessTokenCredentials().getToken(); + } return this; } http://git-wip-us.apache.org/repos/asf/usergrid/blob/d393445f/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java index 9637dff..e812b75 100644 --- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java +++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java @@ -1732,7 +1732,9 @@ public class ManagementServiceImpl implements ManagementService { invalidateManagementAppAuthCache(); if ( email ) { - sendAdminUserInvitedEmail( user, organization ); + if(!tokens.isExternalSSOProviderEnabled()) { + sendAdminUserInvitedEmail(user, organization); + } } }
