[client] Improve authentication handling

author: Simon Rettberg 2015-08-11 16:32:07 +0200
committer: Simon Rettberg 2015-08-11 16:32:07 +0200
commit: 3a91f090eab386ea37f8c4379f27a26378fbaa04 (patch)
tree: d3ae74dbd17e81a8183cb81518458142b5c0a77f /dozentenmodul/src
parent: [server] Create proper path for file download (diff)
download: tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.gz
tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.xz
tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.zip
9 files changed, 124 insertions, 93 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java b/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java
index 928b38d1..db384ecf 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java
@@ -306,9 +306,10 @@ public class Config {
 	 * @param satAddress
 	 * @param satToken
 	 */
-	public static void saveCurrentSession(String satAddress, String satToken) {
+	public static void saveCurrentSession(String satAddress, String satToken, String masterToken) {
 		setString("session.address", satAddress);
 		setString("session.token", satToken);
+		setString("session.mastertoken", masterToken);
 	}
 
 	/**
@@ -318,8 +319,8 @@ public class Config {
 	 */
 	public static SavedSession getSavedSession() {
 		SavedSession session = new SavedSession(getString("session.address", ""), getString("session.token",
-				""));
-		if (session.token.isEmpty() || session.address.isEmpty())
+				""), getString("session.mastertoken", ""));
+		if (session.token.isEmpty() || session.address.isEmpty() || session.masterToken.isEmpty())
 			return null;
 		return session;
 	}
@@ -401,10 +402,12 @@ public class Config {
 	public static class SavedSession {
 		public final String address;
 		public final String token;
+		public final String masterToken;
 
-		public SavedSession(String address, String token) {
+		public SavedSession(String address, String token, String masterToken) {
 			this.address = address;
 			this.token = token;
+			this.masterToken = masterToken;
 		}
 	}
 
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
index 6c8b69b0..733aab01 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java
@@ -1,5 +1,8 @@
 package org.openslx.dozmod.authentication;
 
+import java.util.List;
+
+import org.openslx.bwlp.thrift.iface.Satellite;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
 
 /**
@@ -15,7 +18,19 @@ public interface Authenticator {
 	 * corresponding message to the user.
 	 */
 	interface AuthenticatorCallback {
-		void postLogin(ReturnCode returnCode, Throwable t);
+		void postLogin(ReturnCode returnCode, AuthenticationData data, Throwable t);
+	}
+
+	public class AuthenticationData {
+		public final String satelliteToken;
+		public final String masterToken;
+		public final List<Satellite> satellites;
+
+		public AuthenticationData(String satToken, String masterToken, List<Satellite> sats) {
+			this.satelliteToken = satToken;
+			this.masterToken = masterToken;
+			this.satellites = sats;
+		}
 	}
 
 	/**
@@ -26,6 +41,5 @@ public interface Authenticator {
 	 * @param callback The callback function to be called after the login
 	 * @throws Exception
 	 */
-	void login(String username, String password, AuthenticatorCallback callback)
-			throws Exception;
+	void login(String username, String password, AuthenticatorCallback callback) throws Exception;
 }
 \ No newline at end of file
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
index ab211386..4e0174d4 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java
@@ -3,13 +3,16 @@ package org.openslx.dozmod.authentication;
 import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URISyntaxException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map.Entry;
 
 import org.apache.http.ParseException;
 import org.apache.http.client.ClientProtocolException;
 import org.apache.log4j.Logger;
+import org.openslx.bwlp.thrift.iface.Satellite;
 import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
-import org.openslx.dozmod.thrift.Session;
 
 import com.google.gson.JsonSyntaxException;
 
@@ -49,18 +52,25 @@ public class EcpAuthenticator implements Authenticator {
 		}
 
 		// If login succeeded, set up session data
+		AuthenticationData data = null;
 		if (ret == ReturnCode.NO_ERROR) {
 			// we have a token?
-			final String token = ShibbolethEcp.getResponse().token;
+			ServiceProviderResponse response = ShibbolethEcp.getResponse();
+			final String token = response.token;
 			if (token == null || token.isEmpty()) {
 				// bad token
 				LOGGER.error("No token received from the service provider!");
-				callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null);
+				callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null, null);
 			}
-
 			// create the session for the user from the response of the ECP
-			Session.fromEcpLogin(ShibbolethEcp.getResponse());
+			List<Satellite> sats = new ArrayList<>();
+			if (response.satellites2 != null) {
+				for (Entry<String, List<String>> it : response.satellites2.entrySet()) {
+					sats.add(new Satellite(it.getValue(), it.getKey()));
+				}
+			}
+			data = new AuthenticationData(response.token, response.sessionId, sats);
 		}
-		callback.postLogin(ret, null);
+		callback.postLogin(ret, data, null);
 	}
 }
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java
index c8ff5a2c..52bcefe8 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java
@@ -1,13 +1,14 @@
 package org.openslx.dozmod.authentication;
 
 import java.util.HashMap;
+import java.util.List;
 
 public class ServiceProviderResponse {
 	public String status;
 	public String firstName;
 	public String lastName;
 	public String mail;
-	public HashMap<String, String> satellites;
+	public HashMap<String, List<String>> satellites2;
 	public String token;
 	public String sessionId;
 	public String userId;
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
index 3059f9e8..8868b53a 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java
@@ -1,11 +1,15 @@
 package org.openslx.dozmod.authentication;
 
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
 import org.apache.log4j.Logger;
 import org.apache.thrift.TException;
+import org.openslx.bwlp.thrift.iface.Satellite;
 import org.openslx.bwlp.thrift.iface.SessionData;
 import org.openslx.bwlp.thrift.iface.TAuthorizationException;
 import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode;
-import org.openslx.dozmod.thrift.Session;
 import org.openslx.thrifthelper.ThriftManager;
 
 /**
@@ -29,11 +33,13 @@ public class TestAccountAuthenticator implements Authenticator {
 		// handle answer from server
 		if (authResult != null && authResult.authToken != null) {
 			LOGGER.info(authResult);
-			Session.fromSessionData(authResult);
-			callback.postLogin(ReturnCode.NO_ERROR, null);
+			List<Satellite> sats = new ArrayList<>();
+			sats.add(new Satellite(Arrays.asList(new String[] { authResult.serverAddress }), "default"));
+			AuthenticationData data = new AuthenticationData(authResult.authToken, authResult.sessionId, sats);
+			callback.postLogin(ReturnCode.NO_ERROR, data, null);
 		} else {
 			// it should then show a corresponding error message!
-			callback.postLogin(ReturnCode.GENERIC_ERROR, null);
+			callback.postLogin(ReturnCode.GENERIC_ERROR, null, null);
 		}
 	}
 }
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java
index deeaa5ad..b01e02c2 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java
@@ -25,6 +25,7 @@ import javax.swing.JSeparator;
 
 import org.apache.log4j.Logger;
 import org.apache.thrift.TException;
+import org.openslx.bwlp.thrift.iface.WhoamiInfo;
 import org.openslx.dozmod.App;
 import org.openslx.dozmod.Config;
 import org.openslx.dozmod.Config.SavedSession;
@@ -223,12 +224,11 @@ public abstract class MainWindow {
 		if (session != null) {
 			// Wait for proxy server init
 			App.waitForInit();
-			ThriftManager.setSatelliteAddress(session.address);
 			try {
-				ThriftManager.getSatClient().isAuthenticated(session.token);
+				WhoamiInfo whoami = ThriftManager.getNewSatClient(session.address).whoami(session.token);
 				// TODO: Satellite whoami call
-				Session.setSatelliteAddress(session.address);
-				Session.fromSavedSession(session);
+				Session.initialize(whoami, session.address, session.token, session.masterToken);
+				ThriftManager.setSatelliteAddress(Session.getSatelliteAddress());
 				LOGGER.info("Saved session used for resume.");
 			} catch (TException e1) {
 				LOGGER.info("Session resume failed.", e1);
@@ -240,6 +240,8 @@ public abstract class MainWindow {
 			// User did not login, show the login mask
 			LoginWindow.open(mainWindow);
 		}
+		mainWindow.setTitle("bwLehrstuhl - " + Session.getFirstName() + " " + Session.getLastName() + " ["
+				+ Session.getSatelliteAddress() + "]");
 
 		// Show main menu by default
 		showPage(MainMenuWindow.class);
@@ -313,9 +315,19 @@ public abstract class MainWindow {
 		JMenu cascadeFileMenu = new JMenu("File");
 		menuBar.add(cascadeFileMenu);
 
+		JMenuItem logoutItem = new JMenuItem("Logout");
+		cascadeFileMenu.add(logoutItem);
 		JMenuItem exitItem = new JMenuItem("Exit");
 		cascadeFileMenu.add(exitItem);
 
+		logoutItem.addActionListener(new ActionListener() {
+			@Override
+			public void actionPerformed(ActionEvent e) {
+				Config.saveCurrentSession("", "", "");
+				askApplicationQuit();
+			}
+		});
+
 		exitItem.addActionListener(new ActionListener() {
 			@Override
 			public void actionPerformed(ActionEvent e) {
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java
index 4c562ece..f91bb820 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java
@@ -5,7 +5,7 @@ import java.awt.Insets;
 
 public class GridPos {
 
-	private static final Insets inset = new Insets(0, 0, 0, 0);
+	private static final Insets inset = new Insets(2, 2, 2, 2);
 
 	public static GridBagConstraints get(int cellX, int cellY, int spanX, int spanY, boolean fillX,
 			boolean fillY) {
@@ -20,8 +20,8 @@ public class GridPos {
 			fill = GridBagConstraints.VERTICAL;
 			wy = 1;
 		}
-		return new GridBagConstraints(cellX, cellY, spanX, spanY, wx, wy,
-				GridBagConstraints.LINE_START, fill, inset, 0, 0);
+		return new GridBagConstraints(cellX, cellY, spanX, spanY, wx, wy, GridBagConstraints.LINE_START,
+				fill, inset, 0, 0);
 	}
 
 	public static GridBagConstraints get(int cellX, int cellY, int spanX, int spanY) {
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java
index f944311b..60c901b2 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java
@@ -10,7 +10,6 @@ import java.awt.event.KeyAdapter;
 import java.awt.event.KeyEvent;
 import java.awt.event.WindowAdapter;
 import java.awt.event.WindowEvent;
-import java.awt.event.WindowListener;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.Iterator;
@@ -23,9 +22,14 @@ import javax.swing.JList;
 
 import org.apache.log4j.Logger;
 import org.openslx.bwlp.thrift.iface.Organization;
+import org.openslx.bwlp.thrift.iface.SatelliteServer.Client;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
+import org.openslx.bwlp.thrift.iface.TInternalServerError;
+import org.openslx.bwlp.thrift.iface.WhoamiInfo;
 import org.openslx.dozmod.App;
 import org.openslx.dozmod.Config;
 import org.openslx.dozmod.authentication.Authenticator;
+import org.openslx.dozmod.authentication.Authenticator.AuthenticationData;
 import org.openslx.dozmod.authentication.Authenticator.AuthenticatorCallback;
 import org.openslx.dozmod.authentication.EcpAuthenticator;
 import org.openslx.dozmod.authentication.ShibbolethEcp;
@@ -273,10 +277,10 @@ public class LoginWindow extends LoginWindowLayout {
 		final LoginWindow me = this;
 		AuthenticatorCallback authenticatorCallback = new AuthenticatorCallback() {
 			@Override
-			public void postLogin(ReturnCode returnCode, Throwable t) {
+			public void postLogin(ReturnCode returnCode, AuthenticationData data, Throwable t) {
 				switch (returnCode) {
 				case NO_ERROR:
-					postSuccessfulLogin();
+					postSuccessfulLogin(data);
 					break;
 				case IDENTITY_PROVIDER_ERROR:
 					Gui.showMessageBox(me, "IdP Error", MessageType.ERROR, LOGGER, null);
@@ -332,32 +336,56 @@ public class LoginWindow extends LoginWindowLayout {
 
 	/**
 	 * Functions called by doLogin is the login process succeeded.
+	 * 
+	 * @param data
 	 */
-	private void postSuccessfulLogin() {
-		LOGGER.info(loginType.toString() + " succeeded.");
+	private void postSuccessfulLogin(AuthenticationData data) {
+		LOGGER.info(loginType.toString() + " succeeded, token " + data.satelliteToken);
 
-		// TODO HACK HACK
-		Session.setSatelliteAddress("132.230.8.113");
-		// TODO: Set in proper place, clear saved address if different
-		ThriftManager.setSatelliteAddress(Session.getSatelliteAddress());
-		// Something like ThriftManager.setSatelliteAddress(Session.getSatelliteAddress()); (might need selection box)
+		// TODO: Show satellite selection if > 1
+		//String satAddress = data.satellites.get(0).addressList.get(0);
+		String satAddress = "132.230.8.113";
+		Client client = ThriftManager.getNewSatClient(satAddress);
+		if (client == null) {
+			Gui.showMessageBox(this, "Login erfolgreich, aber der Satellit antwortet nicht",
+					MessageType.ERROR, LOGGER, null);
+			return;
+		}
+		WhoamiInfo whoami = null;
 		Exception e = null;
 		try {
-			ThriftManager.getSatClient().isAuthenticated(Session.getSatelliteToken());
+			whoami = client.whoami(data.satelliteToken);
+		} catch (TAuthorizationException e1) {
+			Gui.showMessageBox(this,
+					"Authentifizierung erfolgreich, der Satellit verweigert jedoch die Verbindung.\n\n"
+							+ "Grund: " + e1.number.toString() + " (" + e1.message + ")", MessageType.ERROR,
+					null, null);
+			return;
+		} catch (TInternalServerError e1) {
+			Gui.showMessageBox(
+					this,
+					"Authentifizierung erfolgreich, bei der Kommunikation mit dem Satelliten trat jedoch ein interner Server-Fehler auf.",
+					MessageType.ERROR, LOGGER, e);
+			return;
+		} catch (Exception ex) {
+			e = ex;
+		}
+		if (whoami != null) {
+			Session.initialize(whoami, satAddress, data.satelliteToken, data.masterToken);
+			ThriftManager.setSatelliteAddress(Session.getSatelliteAddress());
 			// now read the config to see if the user already agreed to the disclaimer
 			//			if (DisclaimerWindow.shouldBeShown())
 			//				VirtualizerNoticeWindow.open();
 			// Save session (TODO: Extra checkbox)
 			if (saveUsernameCheck.isSelected()) {
-				Config.saveCurrentSession(Session.getSatelliteAddress(), Session.getSatelliteToken());
+				Config.saveCurrentSession(Session.getSatelliteAddress(), Session.getSatelliteToken(),
+						Session.getMasterToken());
 			}
-			LOGGER.debug("Closing...");
 			dispose();
 			return;
-		} catch (Exception ex) {
-			e = ex;
 		}
-		Gui.showMessageBox(this, "Login succeeded, but Satellite rejected the session token. :-(",
+		Gui.showMessageBox(this,
+				"Authentifizierung erfolgreich, aber der Satellit akzeptiert das Sitzungstoken nicht.",
 				MessageType.ERROR, LOGGER, e);
 	}
 
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java b/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java
index 4476b1f9..0ff7cf76 100644
--- a/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java
+++ b/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java
@@ -2,16 +2,11 @@ package org.openslx.dozmod.thrift;
 
 import org.apache.log4j.Logger;
 import org.apache.thrift.TException;
-import org.openslx.bwlp.thrift.iface.ClientSessionData;
 import org.openslx.bwlp.thrift.iface.ImagePermissions;
 import org.openslx.bwlp.thrift.iface.LecturePermissions;
 import org.openslx.bwlp.thrift.iface.SatelliteConfig;
-import org.openslx.bwlp.thrift.iface.SessionData;
-import org.openslx.bwlp.thrift.iface.TInvalidTokenException;
 import org.openslx.bwlp.thrift.iface.UserInfo;
 import org.openslx.bwlp.thrift.iface.WhoamiInfo;
-import org.openslx.dozmod.Config.SavedSession;
-import org.openslx.dozmod.authentication.ServiceProviderResponse;
 import org.openslx.thrifthelper.ThriftManager;
 
 public class Session {
@@ -34,51 +29,20 @@ public class Session {
 
 	private static String satelliteAddress = null;
 
-	public static void fromClientSessionData(ClientSessionData session) {
-		if (userId != null && !userId.equals(session.userInfo.userId))
-			throw new IllegalArgumentException("Cannot set new session data with different user id!");
-		firstName = session.userInfo.firstName;
-		lastName = session.userInfo.lastName;
-		eMail = session.userInfo.eMail;
-		userId = session.userInfo.userId;
-		masterToken = session.sessionId;
-		satelliteToken = session.authToken;
-	}
-
-	public static void fromSessionData(SessionData session) throws TInvalidTokenException, TException {
-		// TODO: This is legacy API, switch to ClientSessionData asap
-		UserInfo ui = ThriftManager.getMasterClient().getUserFromToken(session.authToken);
+	public static void initialize(WhoamiInfo whoami, String satAddress, String satToken, String masToken) {
+		UserInfo ui = whoami.getUser();
 		if (userId != null && !userId.equals(ui.userId))
-			throw new IllegalArgumentException("Cannot set new session data with different user id!");
-		firstName = ui.firstName;
-		lastName = ui.lastName;
-		eMail = ui.eMail;
-		userId = ui.userId;
-		masterToken = session.sessionId;
-		satelliteToken = session.authToken;
-	}
-
-	public static void fromEcpLogin(ServiceProviderResponse response) {
-		if (userId != null && !userId.equals(response.userId))
-			throw new IllegalArgumentException("Cannot set new session data with different user id!");
-		firstName = response.firstName;
-		lastName = response.lastName;
-		eMail = response.mail;
-		userId = response.userId;
-		organizationId = response.organizationId;
-		masterToken = response.sessionId;
-		satelliteToken = response.token;
-	}
-
-	public static void fromSavedSession(SavedSession session) throws TInvalidTokenException, TException {
-		satelliteToken = session.token;
-		WhoamiInfo wi = ThriftManager.getSatClient().whoami(satelliteToken);
-		UserInfo ui = wi.getUser();
+			throw new IllegalArgumentException("Cannot set new session data with different user id");
+		if (satelliteAddress != null && !satelliteAddress.equals(satAddress))
+			throw new IllegalArgumentException("Cannot set new session data with different satellite address");
 		firstName = ui.firstName;
 		lastName = ui.lastName;
 		eMail = ui.eMail;
 		userId = ui.userId;
-		// TODO check if correct/ mastertoken?
+		organizationId = ui.organizationId;
+		masterToken = masToken;
+		satelliteToken = satToken;
+		satelliteAddress = satAddress;
 	}
 
 	/**
@@ -137,13 +101,6 @@ public class Session {
 		return satelliteAddress;
 	}
 
-	/**
-	 * @param satelliteAddress the satelliteAddress to set
-	 */
-	public static void setSatelliteAddress(String satelliteAddress) {
-		Session.satelliteAddress = satelliteAddress;
-	}
-
 	private static SatelliteConfig satConf = null;
 
 	/**
author	Simon Rettberg	2015-08-11 16:32:07 +0200
committer	Simon Rettberg	2015-08-11 16:32:07 +0200
commit	3a91f090eab386ea37f8c4379f27a26378fbaa04 (patch)
tree	d3ae74dbd17e81a8183cb81518458142b5c0a77f /dozentenmodul/src
parent	[server] Create proper path for file download (diff)
download	tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.gz tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.xz tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.zip