@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action) { PlatformUser user = securityService.getCurrentUser(); if (user == null) return XSPReplyUnauthenticated.instance(); return XSPReplySuccess.instance(); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action, Object data) { PlatformUser user = securityService.getCurrentUser(); if (user == null) return XSPReplyUnauthenticated.instance(); return XSPReplySuccess.instance(); }
byte[] tokenBytes = org.xowl.infra.utils.Base64.decodeBase64(token); if (tokenBytes.length <= 32 + 8) return XSPReplyUnauthenticated.instance(); byte[] tokenData = Arrays.copyOf(tokenBytes, tokenBytes.length - 32); byte[] hashProvided = new byte[32]; if (!Arrays.equals(hashProvided, computedHash)) return XSPReplyUnauthenticated.instance(); } catch (InvalidKeyException exception) { Logging.get().error(exception);
@Override public XSPReply login(String client, String login, String password) { if (isBanned(client)) return XSPReplyUnauthenticated.instance(); if (login == null || login.isEmpty() || password == null || password.length() == 0) { onLoginFailure(client); Logging.get().info("Authentication failure from " + client + " on initial login with " + login); return XSPReplyUnauthenticated.instance(); } PlatformUser user = getRealm().authenticate(login, password); if (user != null) { CONTEXT.set(user); return new XSPReplyResult<>(buildTokenFor(login)); } onLoginFailure(client); Logging.get().info("Authentication failure from " + client + " on initial login with " + login); return XSPReplyUnauthenticated.instance(); }
@Override public XSPReply authenticate(String client, String token) { if (isBanned(client)) return XSPReplyUnauthenticated.instance(); XSPReply reply = checkToken(token); if (reply == XSPReplyUnauthenticated.instance()) { // the token is invalid onLoginFailure(client); Logging.get().info("Authentication failure from " + client + " with invalid token"); return reply; } if (!reply.isSuccess()) { Logging.get().info("Authentication failure from " + client + " with invalid token"); return reply; } PlatformUser user = getRealm().getUser(((XSPReplyResult<String>) reply).getData()); CONTEXT.set(user); return new XSPReplyResult<>(user); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action, Object data) { PlatformUser user = securityService.getCurrentUser(); if (user == null) // no user => un-authenticated return XSPReplyUnauthenticated.instance(); if (securityService.getRealm().checkHasRole(user.getIdentifier(), PlatformRoleAdmin.INSTANCE.getIdentifier())) // user is platform admin => authorized return XSPReplySuccess.instance(); // check the custom action policies SecuredActionPolicy policy = resolveConfig().getPolicyFor(action); if (policy != null && policy.isAuthorized(securityService, user, action, data)) return XSPReplySuccess.instance(); return XSPReplyUnauthorized.instance(); }
@Override public XSPReply checkAction(SecurityService securityService, SecuredAction action) { PlatformUser user = securityService.getCurrentUser(); if (user == null) // no user => un-authenticated return XSPReplyUnauthenticated.instance(); if (securityService.getRealm().checkHasRole(user.getIdentifier(), PlatformRoleAdmin.INSTANCE.getIdentifier())) // user is platform admin => authorized return XSPReplySuccess.instance(); // check the custom action policies SecuredActionPolicy policy = resolveConfig().getPolicyFor(action); if (policy != null && policy.isAuthorized(securityService, user, action)) return XSPReplySuccess.instance(); return XSPReplyUnauthorized.instance(); }