Adapt to changed thrift api for improved session validation

4 files changed, 94 insertions, 121 deletions

diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
index 430d0001..6c8b69b0 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
@@ -1,11 +1,7 @@
 package org.openslx.dozmod.authentication;
 
-import org.openslx.bwlp.thrift.iface.TAuthenticationException;
-import org.openslx.bwlp.thrift.iface.UserInfo;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
 
-import edu.kit.scc.dei.ecplean.ECPAuthenticationException;
-
 /**
  * @author Jonathan Bauer
  * 
@@ -19,17 +15,17 @@ public interface Authenticator {
 	 * corresponding message to the user.
 	 */
 	interface AuthenticatorCallback {
-		void postLogin(ReturnCode returnCode, UserInfo user, Throwable t);
+		void postLogin(ReturnCode returnCode, Throwable t);
 	}
 
 	/**
 	 * Definition of the generic login method.
 	 * 
-	 * @param username The username as String.
-	 * @param password The password as String.
+	 * @param username The username as String
+	 * @param password The password as String
 	 * @param callback The callback function to be called after the login
-	 * @throws ECPAuthenticationException
+	 * @throws Exception
 	 */
 	void login(String username, String password, AuthenticatorCallback callback)
-			throws TAuthenticationException;
+			throws Exception;
 }
\ No newline at end of file
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
index 9bbc4175..ab211386 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
@@ -1,14 +1,21 @@
 package org.openslx.dozmod.authentication;
 
+import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URISyntaxException;
+
+import org.apache.http.ParseException;
+import org.apache.http.client.ClientProtocolException;
 import org.apache.log4j.Logger;
-import org.openslx.bwlp.thrift.iface.TAuthenticationException;
-import org.openslx.bwlp.thrift.iface.UserInfo;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
 import org.openslx.dozmod.thrift.Session;
 
+import com.google.gson.JsonSyntaxException;
+
 /**
  * @author Jonathan Bauer
- *
+ * 
  */
 public class EcpAuthenticator implements Authenticator {
 
@@ -16,7 +23,7 @@ public class EcpAuthenticator implements Authenticator {
 	 * Logger instance for this class
 	 */
 	private final static Logger LOGGER = Logger.getLogger(EcpAuthenticator.class);
-	
+
 	private final String ecpUrl;
 
 	public EcpAuthenticator(String ecpUrl) {
@@ -30,49 +37,30 @@ public class EcpAuthenticator implements Authenticator {
 	}
 
 	@Override
-	public void login(String username, String password,
-			AuthenticatorCallback callback) throws TAuthenticationException {
+	public void login(String username, String password, AuthenticatorCallback callback)
+			throws TAuthorizationException, JsonSyntaxException, ClientProtocolException, ParseException,
+			MalformedURLException, URISyntaxException, IOException {
 		// try to login
-		ReturnCode ret = null;
-		try {
-			ret = ShibbolethEcp.doLogin(this.ecpUrl, username, password);
-		} catch (Exception e) {
-			// TODO: This class should not do any GUI interaction....
-		}
-		// if ret is still null, some exception happened, so abort.
+		ReturnCode ret = ShibbolethEcp.doLogin(this.ecpUrl, username, password);
+
 		if (ret == null) {
-			LOGGER.error("Error during the ECP authentication process.");
-			callback.postLogin(ReturnCode.GENERIC_ERROR, null, null);
-			return;
+			LOGGER.warn("Shibboleth doLogin returned null as ReturnCode!");
+			ret = ReturnCode.GENERIC_ERROR;
 		}
 
-		// else, we do have a valid ReturnCode?
+		// If login succeeded, set up session data
 		if (ret == ReturnCode.NO_ERROR) {
-			final UserInfo userInfo;
 			// we have a token?
 			final String token = ShibbolethEcp.getResponse().token;
 			if (token == null || token.isEmpty()) {
 				// bad token
 				LOGGER.error("No token received from the service provider!");
-				callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null, null);
+				callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null);
 			}
 
 			// create the session for the user from the response of the ECP
 			Session.fromEcpLogin(ShibbolethEcp.getResponse());
-
-			// build userInfo from the information received
-			userInfo = new UserInfo(Session.getUserId(),
-					Session.getFirstName(),
-					Session.getLastName(),
-					Session.getEMail(),
-					Session.getOrganizationId());
-
-			// send it back to the GUI
-			callback.postLogin(ReturnCode.NO_ERROR, userInfo, null);
-		} else {
-			// else just return the ReturnCode to the GUI
-			// it should then show a corresponding error message!
-			callback.postLogin(ret, null, null);
 		}
+		callback.postLogin(ret, null);
 	}
 }
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
index e0eabb91..99c55be6 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java
@@ -12,8 +12,8 @@ import org.apache.http.client.ClientProtocolException;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.util.EntityUtils;
 import org.apache.log4j.Logger;
-import org.openslx.bwlp.thrift.iface.AuthenticationError;
-import org.openslx.bwlp.thrift.iface.TAuthenticationException;
+import org.openslx.bwlp.thrift.iface.AuthorizationError;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
@@ -33,44 +33,46 @@ public class ShibbolethEcp {
 	 * Static gson object for (de)serialization
 	 */
 	private static final Gson GSON = new GsonBuilder().create();
-	
+
 	/**
 	 * ServiceProviderResponse Object representing the last response we received
 	 */
 	private static ServiceProviderResponse lastResponse = null;
 	/**
-	 * URL for bwLehrpool registration  
+	 * URL for bwLehrpool registration
 	 */
 	private static URL registrationUrl = null;
+
 	/**
 	 * Return codes
 	 */
 	public static enum ReturnCode {
 		// TODO rework this...
-		NO_ERROR(0, "Authentication against the identity provider and request of the service provider resource worked."),
+		NO_ERROR(0,
+				"Authentication against the identity provider and request of the service provider resource worked."),
 		IDENTITY_PROVIDER_ERROR(1, "Authentication against the identity provider failed."),
 		UNREGISTERED_ERROR(2, "User not registered to use bwLehrpool."),
 		SERVICE_PROVIDER_ERROR(3, "Invalid resource of the service provider."),
 		INVALID_URL_ERROR(4, "Invalid URL received from master server."),
 		GENERIC_ERROR(5, "Internal error.");
 
-	  private final int id;
-	  private final String msg;
+		private final int id;
+		private final String msg;
 
-	  ReturnCode(int id, String msg) {
-	    this.id = id;
-	    this.msg = msg;
-	  }
+		ReturnCode(int id, String msg) {
+			this.id = id;
+			this.msg = msg;
+		}
 
-	  public int getId() {
-	    return this.id;
-	  }
+		public int getId() {
+			return this.id;
+		}
 
-	  public String getMsg() {
-	    return this.msg;
-	  }
+		public String getMsg() {
+			return this.msg;
+		}
 	}
-	
+
 	/**
 	 * Static URI to the SP.
 	 */
@@ -90,21 +92,23 @@ public class ShibbolethEcp {
 	public static ServiceProviderResponse getResponse() {
 		return lastResponse;
 	}
+
 	/**
 	 * Fetches the resource
-	 *
+	 * 
 	 * @param idpUrl
-	 *            URL of the identity provider to authenticate against, as String.
+	 *            URL of the identity provider to authenticate against, as
+	 *            String.
 	 * @param user
 	 *            Username as String.
 	 * @param pass
 	 *            Password as String.
 	 * @return
-	 * 						true if login worked, false otherwise.
-	 * @throws TAuthenticationException
+	 *         true if login worked, false otherwise.
+	 * @throws TAuthorizationException
 	 */
 	public static ReturnCode doLogin(final String idpUrl, final String user, final String pass)
-			throws TAuthenticationException, URISyntaxException, ClientProtocolException, IOException,
+			throws TAuthorizationException, URISyntaxException, ClientProtocolException, IOException,
 			ParseException, JsonSyntaxException, MalformedURLException {
 
 		// first lets do some sanity checks
@@ -127,43 +131,44 @@ public class ShibbolethEcp {
 
 		// now init the authenticator for that idp and our static sp
 		final ECPAuthenticator auth = new ECPAuthenticator(user, pass, new URI(idpUrl), BWLP_SP);
-		
-    try {
+
+		try {
 			auth.authenticate();
-    } catch (ECPAuthenticationException e) {
+		} catch (ECPAuthenticationException e) {
 			LOGGER.error("ECP Authentication Exception, see trace: ", e);
-			throw new TAuthenticationException(AuthenticationError.GENERIC_ERROR, e.getMessage());
-    }
-    // here test again for the SP's URL
-    final HttpGet testSp = new HttpGet(BWLP_SP);
-    final HttpResponse response = auth.getHttpClient().execute(testSp);
-
-    LOGGER.debug("SP request returned: " + response.getStatusLine());
-    final String responseBody = EntityUtils.toString(response.getEntity());
-    
-    lastResponse = GSON.fromJson(responseBody, ServiceProviderResponse.class);
-
-    // TODO: here we will need to parse the answer accordingly.
-    // no errors, meaning everything worked fine.
-    if (lastResponse.status.equals("unregistered")) {
+			throw new TAuthorizationException(AuthorizationError.GENERIC_ERROR, e.getMessage());
+		}
+		// here test again for the SP's URL
+		final HttpGet testSp = new HttpGet(BWLP_SP);
+		final HttpResponse response = auth.getHttpClient().execute(testSp);
+
+		LOGGER.debug("SP request returned: " + response.getStatusLine());
+		final String responseBody = EntityUtils.toString(response.getEntity());
+
+		lastResponse = GSON.fromJson(responseBody, ServiceProviderResponse.class);
+
+		// TODO: here we will need to parse the answer accordingly.
+		// no errors, meaning everything worked fine.
+		if (lastResponse.status.equals("unregistered")) {
 			registrationUrl = new URL(lastResponse.url);
 			return ReturnCode.UNREGISTERED_ERROR;
-    }
-    // TODO the rest of the cases...
-    if (lastResponse.status.equals("error")) {
-    	LOGGER.error("Server side error: " + lastResponse.error);
-    	return ReturnCode.GENERIC_ERROR;
-    }
-    if (lastResponse.status.equals("anonymous")) {
-    	LOGGER.error("IdP did not forward user account information to SP. Contact developper.");
-    	return ReturnCode.GENERIC_ERROR;
-    }
-    if (lastResponse.status.equals("ok")) {
-    	return ReturnCode.NO_ERROR;
-    }
-    // still here? then something else went wrong
-    return ReturnCode.GENERIC_ERROR;
+		}
+		// TODO the rest of the cases...
+		if (lastResponse.status.equals("error")) {
+			LOGGER.error("Server side error: " + lastResponse.error);
+			return ReturnCode.GENERIC_ERROR;
+		}
+		if (lastResponse.status.equals("anonymous")) {
+			LOGGER.error("IdP did not forward user account information to SP. Contact developper.");
+			return ReturnCode.GENERIC_ERROR;
+		}
+		if (lastResponse.status.equals("ok")) {
+			return ReturnCode.NO_ERROR;
+		}
+		// still here? then something else went wrong
+		return ReturnCode.GENERIC_ERROR;
 	}
+
 	/**
 	 * @return Registration URL given by the SP.
 	 */
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
index 0c83ad0b..3059f9e8 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
@@ -3,9 +3,9 @@ package org.openslx.dozmod.authentication;
 import org.apache.log4j.Logger;
 import org.apache.thrift.TException;
 import org.openslx.bwlp.thrift.iface.SessionData;
-import org.openslx.bwlp.thrift.iface.TAuthenticationException;
-import org.openslx.bwlp.thrift.iface.UserInfo;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
+import org.openslx.dozmod.thrift.Session;
 import org.openslx.thrifthelper.ThriftManager;
 
 /**
@@ -21,35 +21,19 @@ public class TestAccountAuthenticator implements Authenticator {
 
 	@Override
 	public void login(String username, String password, AuthenticatorCallback callback)
-			throws TAuthenticationException {
+			throws TAuthorizationException, TException {
 
 		SessionData authResult = null;
-		// try to login user
-		try {
-			authResult = ThriftManager.getMasterClient().authenticate(username, password);
-		} catch (TException e) {
-			LOGGER.error("Thrift communication error: ", e);
-			// TODO authenticate has to return a TAuthenticationException!
-			callback.postLogin(ReturnCode.GENERIC_ERROR, null, e);
-			return;
-		}
+		authResult = ThriftManager.getMasterClient().authenticate(username, password);
 
 		// handle answer from server
 		if (authResult != null && authResult.authToken != null) {
-			// TODO: Session.fromClientSessionData(authResult);
-			UserInfo userInfo = null;
-			try {
-				userInfo = ThriftManager.getMasterClient().getUserFromToken(authResult.authToken);
-			} catch (TException e) {
-				LOGGER.error("Thrift communication error: ", e);
-				// TODO authenticate has to return a TAuthenticationException!
-				callback.postLogin(ReturnCode.GENERIC_ERROR, null, e);
-				return;
-			}
-			callback.postLogin(ReturnCode.NO_ERROR, userInfo, null);
+			LOGGER.info(authResult);
+			Session.fromSessionData(authResult);
+			callback.postLogin(ReturnCode.NO_ERROR, null);
 		} else {
 			// it should then show a corresponding error message!
-			callback.postLogin(ReturnCode.GENERIC_ERROR, null, null);
+			callback.postLogin(ReturnCode.GENERIC_ERROR, null);
 		}
 	}
 }