Skip to content

Commit

Permalink
Better Oauth implementation
Browse files Browse the repository at this point in the history 
* access token finding

* add extra fields to user info

* oh god

* Revert "oh god"

This reverts commit c7c484f.

* grrrr

* remove body from poll response

* Update UserManager.java

* implement findClient

* include login cookie
  • Loading branch information
@burdoto
burdoto authored Apr 30, 2021
1 parent d7faa4d commit daf4dc2
Show file tree
Hide file tree
Showing 4 changed files with 47 additions and 31 deletions.
12 changes: 11 additions & 1 deletion auth/src/main/java/org/comroid/auth/user/UserAccount.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@
import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
import java.util.stream.Stream;

public final class UserAccount extends DataContainerBase<UserAccount> implements PermitCarrier, Client, FileProcessor {
@RootBind
Expand Down Expand Up @@ -90,7 +91,12 @@ public Permit.Set getPermits() {

@Override
public UniNode getUserInfo() {
return toUniNode();
UniObjectNode data = toUniNode();

data.put("sub", getUUID());
data.put("email_verified", false);

return data;
}

@Override
Expand Down Expand Up @@ -234,4 +240,8 @@ public OAuthAuthorization createAuthorization(Context context, Resource resource
public String generateAuthorizationToken(Resource resource, String userAgent) {
return String.format("%s-%s-%s", getUUID(), resource.getUUID(), UUID.randomUUID());
}

public Stream<OAuthAuthorization.AccessToken> findToken(String token) {
return accessTokens.stream().filter(it -> it.token.contentEquals(token));
}
}
32 changes: 26 additions & 6 deletions auth/src/main/java/org/comroid/auth/user/UserManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,15 @@
import org.comroid.api.UncheckedCloseable;
import org.comroid.auth.server.AuthServer;
import org.comroid.common.io.FileHandle;
import org.comroid.webkit.oauth.client.ClientProvider;
import org.comroid.webkit.oauth.user.OAuthAuthorization;
import org.comroid.restless.CommonHeaderNames;
import org.comroid.restless.HTTPStatusCodes;
import org.comroid.restless.REST;
import org.comroid.restless.server.RestEndpointException;
import org.comroid.util.Pair;
import org.comroid.webkit.oauth.client.Client;
import org.comroid.webkit.oauth.client.ClientProvider;
import org.comroid.webkit.oauth.model.ValidityStage;
import org.comroid.webkit.oauth.user.OAuthAuthorization;

import java.io.File;
import java.util.Collection;
Expand Down Expand Up @@ -115,6 +118,8 @@ public UserSession findSession(String cookie) {

@Override
public OAuthAuthorization findAuthorization(final String authorizationCode) throws RestEndpointException {
if (authorizationCode == null)
throw new IllegalArgumentException("authorization code cannot be null");
return accounts.values()
.stream()
.flatMap(account -> account.findAuthorization(authorizationCode).stream())
Expand All @@ -124,6 +129,8 @@ public OAuthAuthorization findAuthorization(final String authorizationCode) thro

@Override
public OAuthAuthorization.AccessToken findAccessToken(final String token) throws RestEndpointException {
if (token == null)
throw new IllegalArgumentException("token cannot be null");
return accounts.values()
.stream()
.flatMap(account -> account.findAccessToken(token).stream())
Expand All @@ -136,16 +143,29 @@ public boolean hasClient(UUID uuid) {
return accounts.containsKey(uuid);
}

@Override
public Rewrapper<UserAccount> findClient(REST.Header.List headers) {
return () -> UserSession.findSession(headers).getAccount();
}

@Override
public Rewrapper<UserAccount> findClient(UUID uuid) {
return () -> accounts.getOrDefault(uuid, null);
}

@Override
public UserAccount loginClient(String email, String login) {
return AuthServer.instance.getUserManager()
.loginUser(email, login)
.getAccount();
public Pair<Client, String> loginClient(String email, String login) {
UserSession session = AuthServer.instance.getUserManager()
.loginUser(email, login);
return new Pair<>(session.getAccount(), session.getCookie());
}

@Override
public ValidityStage findValidityStage(String token) {
return accounts.values().stream()
.flatMap(acc -> acc.findToken(token))
.findAny()
.orElse(null);
}

private String findToken(REST.Header.List headers) {
Expand Down
24 changes: 8 additions & 16 deletions status/java/src/api/java/org/comroid/status/StatusConnection.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,16 @@
import org.comroid.api.ContextualProvider;
import org.comroid.api.Polyfill;
import org.comroid.common.io.FileHandle;
import org.comroid.mutatio.model.RefList;
import org.comroid.mutatio.model.RefOPs;
import org.comroid.mutatio.ref.FutureReference;
import org.comroid.mutatio.ref.Reference;
import org.comroid.mutatio.span.Span;
import org.comroid.restless.REST;
import org.comroid.restless.body.BodyBuilderType;
import org.comroid.status.entity.Service;
import org.comroid.status.rest.Endpoint;
import org.comroid.uniform.SerializationAdapter;
import org.comroid.uniform.cache.ProvidedCache;
import org.comroid.uniform.node.UniObjectNode;
import org.comroid.util.StandardValueType;
import org.jetbrains.annotations.Nullable;

import java.util.NoSuchElementException;
Expand All @@ -27,8 +24,8 @@
import static org.comroid.restless.CommonHeaderNames.AUTHORIZATION;

public final class StatusConnection implements ContextualProvider.Underlying {
public static ContextualProvider CONTEXT;
public static final Logger Logger = LogManager.getLogger("StatusConnection");
public static ContextualProvider CONTEXT;
private final Logger logger;
@Nullable
private final String serviceName;
Expand Down Expand Up @@ -109,39 +106,34 @@ public boolean startPolling() {
return (polling = true);
}

public CompletableFuture<Service> stopPolling(Service.Status newStatus) {
public CompletableFuture<?> stopPolling(Service.Status newStatus) {
if (!polling)
return Polyfill.failedFuture(new RuntimeException("Connection is not polling!"));
if (serviceName == null)
throw new NoSuchElementException("No service name defined");
return rest.request(Service.Type)
return rest.request()
.method(REST.Method.DELETE)
.endpoint(Endpoint.POLL.complete(serviceName))
.addHeader(AUTHORIZATION, token)
.buildBody(BodyBuilderType.OBJECT, obj -> obj.put(Service.STATUS, newStatus))
.execute$autoCache(Service.NAME, serviceCache)
.thenApply(services -> {
polling = false;
return services.getAny();
});
.execute()
.thenAccept(services -> polling = false);
}

private CompletableFuture<Service> sendPoll() {
private CompletableFuture<?> sendPoll() {
logger.debug("Sending Poll");

if (serviceName == null)
throw new NoSuchElementException("No service name defined");
return rest.request(Service.Type)
return rest.request()
.method(REST.Method.POST)
.endpoint(Endpoint.POLL.complete(serviceName))
.addHeader(AUTHORIZATION, token)
.buildBody(BodyBuilderType.OBJECT, obj -> {
obj.put(Service.STATUS, Service.Status.ONLINE);
obj.put("expected", refreshTimeout);
obj.put("timeout", crashedTimeout);
})
.execute$autoCache(Service.NAME, serviceCache)
.thenApply(RefOPs::getAny);
}).execute();
}

public CompletableFuture<Service> updateStatus(Service.Status status) {
Expand Down
10 changes: 2 additions & 8 deletions status/java/src/server/java/org/comroid/status/server/rest/ServerEndpoints.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,10 +139,7 @@ public REST.Response executePOST(Context context, REST.Header.List headers, Stri

service.receivePoll(newStatus, expected, timeout);

return new ResponseBuilder(body)
.setStatusCode(200)
.setBody(service)
.build();
return new REST.Response(OK);
}

@Override
Expand All @@ -157,10 +154,7 @@ public REST.Response executeDELETE(Context context, REST.Header.List headers, St

service.discardPoll(newStatus);

return new ResponseBuilder(body)
.setStatusCode(200)
.setBody(service)
.build();
return new REST.Response(OK, service);
}
};

Expand Down

0 comments on commit daf4dc2

Please sign in to comment.