Package org.apache.lucene.gdata.servlet.handler

Source Code of org.apache.lucene.gdata.servlet.handler.RequestAuthenticator

/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements.  See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License.  You may obtain a copy of the License at
*
*     http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.apache.lucene.gdata.servlet.handler;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.lucene.gdata.data.GDataAccount;
import org.apache.lucene.gdata.data.GDataAccount.AccountRole;
import org.apache.lucene.gdata.server.GDataRequest;
import org.apache.lucene.gdata.server.ServiceException;
import org.apache.lucene.gdata.server.ServiceFactory;
import org.apache.lucene.gdata.server.administration.AdminService;
import org.apache.lucene.gdata.server.authentication.AuthenticationController;
import org.apache.lucene.gdata.server.authentication.AuthenticatorException;
import org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator;
import org.apache.lucene.gdata.server.registry.ComponentType;
import org.apache.lucene.gdata.server.registry.GDataServerRegistry;

/**
* The RequestAuthenticator provides access to the registered
* {@link org.apache.lucene.gdata.server.authentication.AuthenticationController}
* as a super class for all request handler requiereing authentication for
* access. This class implements the
* {@link org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator}
* to get the auth token from the given request and call the needed Components
* to authenticat the client.
* <p>
* For request handler handling common requests like entry insert or update the
* authentication will be based on the account name verified as the owner of the
* feed to alter. If the accountname in the token does not match the name of the
* account which belongs to the feed the given role will be used for
* autentication. Authentication using the
* {@link RequestAuthenticator#authenticateAccount(HttpServletRequest, AccountRole)}
* method, the account name will be ignored, authentication will be based on the
* given <tt>AccountRole</tt>
* </p>
*
* @author Simon Willnauer
*
*/
public class RequestAuthenticator implements GDataHttpAuthenticator {
    private static final Log LOG = LogFactory
            .getLog(RequestAuthenticator.class);

    /**
     * @see org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator#authenticateAccount(org.apache.lucene.gdata.server.GDataRequest,
     *      org.apache.lucene.gdata.data.GDataAccount.AccountRole)
     */
    public boolean authenticateAccount(GDataRequest request, AccountRole role) {
        String clientIp = request.getRemoteAddress();
        if (LOG.isDebugEnabled())
            LOG
                    .debug("Authenticating Account for GDataRequest -- modifying entries -- Role: "
                            + role + "; ClientIp: " + clientIp);

        AuthenticationController controller = GDataServerRegistry.getRegistry()
                .lookup(AuthenticationController.class,
                        ComponentType.AUTHENTICATIONCONTROLLER);
        ServiceFactory factory = GDataServerRegistry.getRegistry().lookup(
                ServiceFactory.class, ComponentType.SERVICEFACTORY);
        AdminService adminService = factory.getAdminService();
        GDataAccount account;
        try {
            account = adminService.getFeedOwningAccount(request.getFeedId());
            String token = getTokenFromRequest(request.getHttpServletRequest());
            if (LOG.isDebugEnabled())
                LOG.debug("Got Token: " + token + "; for requesting account: "
                        + account);
            if (account != null && token != null)
                return controller.authenticateToken(token, clientIp,
                        AccountRole.ENTRYAMINISTRATOR, account.getName());

        } catch (ServiceException e) {
            LOG.error("can get GDataAccount for feedID -- "
                    + request.getFeedId(), e);
            throw new AuthenticatorException(" Service exception occured", e);

        }finally{
       
            if(adminService!=null)
                adminService.close();
       
        }

        return false;
    }

    /**
     * @see org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator#authenticateAccount(javax.servlet.http.HttpServletRequest,
     *      org.apache.lucene.gdata.data.GDataAccount.AccountRole)
     */
    public boolean authenticateAccount(HttpServletRequest request,
            AccountRole role) {
        String clientIp = request.getRemoteAddr();
        if (LOG.isDebugEnabled())
            LOG
                    .debug("Authenticating Account for GDataRequest -- modifying entries -- Role: "
                            + role + "; ClientIp: " + clientIp);
        AuthenticationController controller = GDataServerRegistry.getRegistry()
                .lookup(AuthenticationController.class,
                        ComponentType.AUTHENTICATIONCONTROLLER);
        String token = getTokenFromRequest(request);
        if (LOG.isDebugEnabled())
            LOG.debug("Got Token: " + token + ";");
        if (token == null)
            return false;
        return controller.authenticateToken(token, clientIp, role, null);

    }

    protected String getTokenFromRequest(HttpServletRequest request) {
        String token = request
                .getHeader(AuthenticationController.AUTHORIZATION_HEADER);
        if (token == null || !token.startsWith("GoogleLogin")) {
            Cookie[] cookies = request.getCookies();
            if (cookies == null) {
                return null;
            }
            for (int i = 0; i < cookies.length; i++) {
                if (cookies[i].getName().equals(
                        AuthenticationController.TOKEN_KEY)) {
                    token = cookies[i].getValue();
                    break;
                }

            }
        }
        if (token != null)
            token = token.substring(token.indexOf("=") + 1);
        return token;
    }

}
TOP

Related Classes of org.apache.lucene.gdata.servlet.handler.RequestAuthenticator

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.