diff options
author | Simon Rettberg | 2015-08-11 16:32:07 +0200 |
---|---|---|
committer | Simon Rettberg | 2015-08-11 16:32:07 +0200 |
commit | 3a91f090eab386ea37f8c4379f27a26378fbaa04 (patch) | |
tree | d3ae74dbd17e81a8183cb81518458142b5c0a77f /dozentenmodul/src | |
parent | [server] Create proper path for file download (diff) | |
download | tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.gz tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.tar.xz tutor-module-3a91f090eab386ea37f8c4379f27a26378fbaa04.zip |
[client] Improve authentication handling
Diffstat (limited to 'dozentenmodul/src')
9 files changed, 124 insertions, 93 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java b/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java index 928b38d1..db384ecf 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/Config.java @@ -306,9 +306,10 @@ public class Config { * @param satAddress * @param satToken */ - public static void saveCurrentSession(String satAddress, String satToken) { + public static void saveCurrentSession(String satAddress, String satToken, String masterToken) { setString("session.address", satAddress); setString("session.token", satToken); + setString("session.mastertoken", masterToken); } /** @@ -318,8 +319,8 @@ public class Config { */ public static SavedSession getSavedSession() { SavedSession session = new SavedSession(getString("session.address", ""), getString("session.token", - "")); - if (session.token.isEmpty() || session.address.isEmpty()) + ""), getString("session.mastertoken", "")); + if (session.token.isEmpty() || session.address.isEmpty() || session.masterToken.isEmpty()) return null; return session; } @@ -401,10 +402,12 @@ public class Config { public static class SavedSession { public final String address; public final String token; + public final String masterToken; - public SavedSession(String address, String token) { + public SavedSession(String address, String token, String masterToken) { this.address = address; this.token = token; + this.masterToken = masterToken; } } diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java index 6c8b69b0..733aab01 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/Authenticator.java @@ -1,5 +1,8 @@ package org.openslx.dozmod.authentication; +import java.util.List; + +import org.openslx.bwlp.thrift.iface.Satellite; import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode; /** @@ -15,7 +18,19 @@ public interface Authenticator { * corresponding message to the user. */ interface AuthenticatorCallback { - void postLogin(ReturnCode returnCode, Throwable t); + void postLogin(ReturnCode returnCode, AuthenticationData data, Throwable t); + } + + public class AuthenticationData { + public final String satelliteToken; + public final String masterToken; + public final List<Satellite> satellites; + + public AuthenticationData(String satToken, String masterToken, List<Satellite> sats) { + this.satelliteToken = satToken; + this.masterToken = masterToken; + this.satellites = sats; + } } /** @@ -26,6 +41,5 @@ public interface Authenticator { * @param callback The callback function to be called after the login * @throws Exception */ - void login(String username, String password, AuthenticatorCallback callback) - throws Exception; + void login(String username, String password, AuthenticatorCallback callback) throws Exception; }
\ No newline at end of file diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java index ab211386..4e0174d4 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/EcpAuthenticator.java @@ -3,13 +3,16 @@ package org.openslx.dozmod.authentication; import java.io.IOException; import java.net.MalformedURLException; import java.net.URISyntaxException; +import java.util.ArrayList; +import java.util.List; +import java.util.Map.Entry; import org.apache.http.ParseException; import org.apache.http.client.ClientProtocolException; import org.apache.log4j.Logger; +import org.openslx.bwlp.thrift.iface.Satellite; import org.openslx.bwlp.thrift.iface.TAuthorizationException; import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode; -import org.openslx.dozmod.thrift.Session; import com.google.gson.JsonSyntaxException; @@ -49,18 +52,25 @@ public class EcpAuthenticator implements Authenticator { } // If login succeeded, set up session data + AuthenticationData data = null; if (ret == ReturnCode.NO_ERROR) { // we have a token? - final String token = ShibbolethEcp.getResponse().token; + ServiceProviderResponse response = ShibbolethEcp.getResponse(); + final String token = response.token; if (token == null || token.isEmpty()) { // bad token LOGGER.error("No token received from the service provider!"); - callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null); + callback.postLogin(ReturnCode.SERVICE_PROVIDER_ERROR, null, null); } - // create the session for the user from the response of the ECP - Session.fromEcpLogin(ShibbolethEcp.getResponse()); + List<Satellite> sats = new ArrayList<>(); + if (response.satellites2 != null) { + for (Entry<String, List<String>> it : response.satellites2.entrySet()) { + sats.add(new Satellite(it.getValue(), it.getKey())); + } + } + data = new AuthenticationData(response.token, response.sessionId, sats); } - callback.postLogin(ret, null); + callback.postLogin(ret, data, null); } } diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java index c8ff5a2c..52bcefe8 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ServiceProviderResponse.java @@ -1,13 +1,14 @@ package org.openslx.dozmod.authentication; import java.util.HashMap; +import java.util.List; public class ServiceProviderResponse { public String status; public String firstName; public String lastName; public String mail; - public HashMap<String, String> satellites; + public HashMap<String, List<String>> satellites2; public String token; public String sessionId; public String userId; diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java index 3059f9e8..8868b53a 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/TestAccountAuthenticator.java @@ -1,11 +1,15 @@ package org.openslx.dozmod.authentication; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; + import org.apache.log4j.Logger; import org.apache.thrift.TException; +import org.openslx.bwlp.thrift.iface.Satellite; import org.openslx.bwlp.thrift.iface.SessionData; import org.openslx.bwlp.thrift.iface.TAuthorizationException; import org.openslx.dozmod.authentication.ShibbolethEcp.ReturnCode; -import org.openslx.dozmod.thrift.Session; import org.openslx.thrifthelper.ThriftManager; /** @@ -29,11 +33,13 @@ public class TestAccountAuthenticator implements Authenticator { // handle answer from server if (authResult != null && authResult.authToken != null) { LOGGER.info(authResult); - Session.fromSessionData(authResult); - callback.postLogin(ReturnCode.NO_ERROR, null); + List<Satellite> sats = new ArrayList<>(); + sats.add(new Satellite(Arrays.asList(new String[] { authResult.serverAddress }), "default")); + AuthenticationData data = new AuthenticationData(authResult.authToken, authResult.sessionId, sats); + callback.postLogin(ReturnCode.NO_ERROR, data, null); } else { // it should then show a corresponding error message! - callback.postLogin(ReturnCode.GENERIC_ERROR, null); + callback.postLogin(ReturnCode.GENERIC_ERROR, null, null); } } } diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java index deeaa5ad..b01e02c2 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/MainWindow.java @@ -25,6 +25,7 @@ import javax.swing.JSeparator; import org.apache.log4j.Logger; import org.apache.thrift.TException; +import org.openslx.bwlp.thrift.iface.WhoamiInfo; import org.openslx.dozmod.App; import org.openslx.dozmod.Config; import org.openslx.dozmod.Config.SavedSession; @@ -223,12 +224,11 @@ public abstract class MainWindow { if (session != null) { // Wait for proxy server init App.waitForInit(); - ThriftManager.setSatelliteAddress(session.address); try { - ThriftManager.getSatClient().isAuthenticated(session.token); + WhoamiInfo whoami = ThriftManager.getNewSatClient(session.address).whoami(session.token); // TODO: Satellite whoami call - Session.setSatelliteAddress(session.address); - Session.fromSavedSession(session); + Session.initialize(whoami, session.address, session.token, session.masterToken); + ThriftManager.setSatelliteAddress(Session.getSatelliteAddress()); LOGGER.info("Saved session used for resume."); } catch (TException e1) { LOGGER.info("Session resume failed.", e1); @@ -240,6 +240,8 @@ public abstract class MainWindow { // User did not login, show the login mask LoginWindow.open(mainWindow); } + mainWindow.setTitle("bwLehrstuhl - " + Session.getFirstName() + " " + Session.getLastName() + " [" + + Session.getSatelliteAddress() + "]"); // Show main menu by default showPage(MainMenuWindow.class); @@ -313,9 +315,19 @@ public abstract class MainWindow { JMenu cascadeFileMenu = new JMenu("File"); menuBar.add(cascadeFileMenu); + JMenuItem logoutItem = new JMenuItem("Logout"); + cascadeFileMenu.add(logoutItem); JMenuItem exitItem = new JMenuItem("Exit"); cascadeFileMenu.add(exitItem); + logoutItem.addActionListener(new ActionListener() { + @Override + public void actionPerformed(ActionEvent e) { + Config.saveCurrentSession("", "", ""); + askApplicationQuit(); + } + }); + exitItem.addActionListener(new ActionListener() { @Override public void actionPerformed(ActionEvent e) { diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java index 4c562ece..f91bb820 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/helper/GridPos.java @@ -5,7 +5,7 @@ import java.awt.Insets; public class GridPos { - private static final Insets inset = new Insets(0, 0, 0, 0); + private static final Insets inset = new Insets(2, 2, 2, 2); public static GridBagConstraints get(int cellX, int cellY, int spanX, int spanY, boolean fillX, boolean fillY) { @@ -20,8 +20,8 @@ public class GridPos { fill = GridBagConstraints.VERTICAL; wy = 1; } - return new GridBagConstraints(cellX, cellY, spanX, spanY, wx, wy, - GridBagConstraints.LINE_START, fill, inset, 0, 0); + return new GridBagConstraints(cellX, cellY, spanX, spanY, wx, wy, GridBagConstraints.LINE_START, + fill, inset, 0, 0); } public static GridBagConstraints get(int cellX, int cellY, int spanX, int spanY) { diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java index f944311b..60c901b2 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/gui/window/LoginWindow.java @@ -10,7 +10,6 @@ import java.awt.event.KeyAdapter; import java.awt.event.KeyEvent; import java.awt.event.WindowAdapter; import java.awt.event.WindowEvent; -import java.awt.event.WindowListener; import java.util.Collections; import java.util.Comparator; import java.util.Iterator; @@ -23,9 +22,14 @@ import javax.swing.JList; import org.apache.log4j.Logger; import org.openslx.bwlp.thrift.iface.Organization; +import org.openslx.bwlp.thrift.iface.SatelliteServer.Client; +import org.openslx.bwlp.thrift.iface.TAuthorizationException; +import org.openslx.bwlp.thrift.iface.TInternalServerError; +import org.openslx.bwlp.thrift.iface.WhoamiInfo; import org.openslx.dozmod.App; import org.openslx.dozmod.Config; import org.openslx.dozmod.authentication.Authenticator; +import org.openslx.dozmod.authentication.Authenticator.AuthenticationData; import org.openslx.dozmod.authentication.Authenticator.AuthenticatorCallback; import org.openslx.dozmod.authentication.EcpAuthenticator; import org.openslx.dozmod.authentication.ShibbolethEcp; @@ -273,10 +277,10 @@ public class LoginWindow extends LoginWindowLayout { final LoginWindow me = this; AuthenticatorCallback authenticatorCallback = new AuthenticatorCallback() { @Override - public void postLogin(ReturnCode returnCode, Throwable t) { + public void postLogin(ReturnCode returnCode, AuthenticationData data, Throwable t) { switch (returnCode) { case NO_ERROR: - postSuccessfulLogin(); + postSuccessfulLogin(data); break; case IDENTITY_PROVIDER_ERROR: Gui.showMessageBox(me, "IdP Error", MessageType.ERROR, LOGGER, null); @@ -332,32 +336,56 @@ public class LoginWindow extends LoginWindowLayout { /** * Functions called by doLogin is the login process succeeded. + * + * @param data */ - private void postSuccessfulLogin() { - LOGGER.info(loginType.toString() + " succeeded."); + private void postSuccessfulLogin(AuthenticationData data) { + LOGGER.info(loginType.toString() + " succeeded, token " + data.satelliteToken); - // TODO HACK HACK - Session.setSatelliteAddress("132.230.8.113"); - // TODO: Set in proper place, clear saved address if different - ThriftManager.setSatelliteAddress(Session.getSatelliteAddress()); - // Something like ThriftManager.setSatelliteAddress(Session.getSatelliteAddress()); (might need selection box) + // TODO: Show satellite selection if > 1 + //String satAddress = data.satellites.get(0).addressList.get(0); + String satAddress = "132.230.8.113"; + Client client = ThriftManager.getNewSatClient(satAddress); + if (client == null) { + Gui.showMessageBox(this, "Login erfolgreich, aber der Satellit antwortet nicht", + MessageType.ERROR, LOGGER, null); + return; + } + WhoamiInfo whoami = null; Exception e = null; try { - ThriftManager.getSatClient().isAuthenticated(Session.getSatelliteToken()); + whoami = client.whoami(data.satelliteToken); + } catch (TAuthorizationException e1) { + Gui.showMessageBox(this, + "Authentifizierung erfolgreich, der Satellit verweigert jedoch die Verbindung.\n\n" + + "Grund: " + e1.number.toString() + " (" + e1.message + ")", MessageType.ERROR, + null, null); + return; + } catch (TInternalServerError e1) { + Gui.showMessageBox( + this, + "Authentifizierung erfolgreich, bei der Kommunikation mit dem Satelliten trat jedoch ein interner Server-Fehler auf.", + MessageType.ERROR, LOGGER, e); + return; + } catch (Exception ex) { + e = ex; + } + if (whoami != null) { + Session.initialize(whoami, satAddress, data.satelliteToken, data.masterToken); + ThriftManager.setSatelliteAddress(Session.getSatelliteAddress()); // now read the config to see if the user already agreed to the disclaimer // if (DisclaimerWindow.shouldBeShown()) // VirtualizerNoticeWindow.open(); // Save session (TODO: Extra checkbox) if (saveUsernameCheck.isSelected()) { - Config.saveCurrentSession(Session.getSatelliteAddress(), Session.getSatelliteToken()); + Config.saveCurrentSession(Session.getSatelliteAddress(), Session.getSatelliteToken(), + Session.getMasterToken()); } - LOGGER.debug("Closing..."); dispose(); return; - } catch (Exception ex) { - e = ex; } - Gui.showMessageBox(this, "Login succeeded, but Satellite rejected the session token. :-(", + Gui.showMessageBox(this, + "Authentifizierung erfolgreich, aber der Satellit akzeptiert das Sitzungstoken nicht.", MessageType.ERROR, LOGGER, e); } diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java b/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java index 4476b1f9..0ff7cf76 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/thrift/Session.java @@ -2,16 +2,11 @@ package org.openslx.dozmod.thrift; import org.apache.log4j.Logger; import org.apache.thrift.TException; -import org.openslx.bwlp.thrift.iface.ClientSessionData; import org.openslx.bwlp.thrift.iface.ImagePermissions; import org.openslx.bwlp.thrift.iface.LecturePermissions; import org.openslx.bwlp.thrift.iface.SatelliteConfig; -import org.openslx.bwlp.thrift.iface.SessionData; -import org.openslx.bwlp.thrift.iface.TInvalidTokenException; import org.openslx.bwlp.thrift.iface.UserInfo; import org.openslx.bwlp.thrift.iface.WhoamiInfo; -import org.openslx.dozmod.Config.SavedSession; -import org.openslx.dozmod.authentication.ServiceProviderResponse; import org.openslx.thrifthelper.ThriftManager; public class Session { @@ -34,51 +29,20 @@ public class Session { private static String satelliteAddress = null; - public static void fromClientSessionData(ClientSessionData session) { - if (userId != null && !userId.equals(session.userInfo.userId)) - throw new IllegalArgumentException("Cannot set new session data with different user id!"); - firstName = session.userInfo.firstName; - lastName = session.userInfo.lastName; - eMail = session.userInfo.eMail; - userId = session.userInfo.userId; - masterToken = session.sessionId; - satelliteToken = session.authToken; - } - - public static void fromSessionData(SessionData session) throws TInvalidTokenException, TException { - // TODO: This is legacy API, switch to ClientSessionData asap - UserInfo ui = ThriftManager.getMasterClient().getUserFromToken(session.authToken); + public static void initialize(WhoamiInfo whoami, String satAddress, String satToken, String masToken) { + UserInfo ui = whoami.getUser(); if (userId != null && !userId.equals(ui.userId)) - throw new IllegalArgumentException("Cannot set new session data with different user id!"); - firstName = ui.firstName; - lastName = ui.lastName; - eMail = ui.eMail; - userId = ui.userId; - masterToken = session.sessionId; - satelliteToken = session.authToken; - } - - public static void fromEcpLogin(ServiceProviderResponse response) { - if (userId != null && !userId.equals(response.userId)) - throw new IllegalArgumentException("Cannot set new session data with different user id!"); - firstName = response.firstName; - lastName = response.lastName; - eMail = response.mail; - userId = response.userId; - organizationId = response.organizationId; - masterToken = response.sessionId; - satelliteToken = response.token; - } - - public static void fromSavedSession(SavedSession session) throws TInvalidTokenException, TException { - satelliteToken = session.token; - WhoamiInfo wi = ThriftManager.getSatClient().whoami(satelliteToken); - UserInfo ui = wi.getUser(); + throw new IllegalArgumentException("Cannot set new session data with different user id"); + if (satelliteAddress != null && !satelliteAddress.equals(satAddress)) + throw new IllegalArgumentException("Cannot set new session data with different satellite address"); firstName = ui.firstName; lastName = ui.lastName; eMail = ui.eMail; userId = ui.userId; - // TODO check if correct/ mastertoken? + organizationId = ui.organizationId; + masterToken = masToken; + satelliteToken = satToken; + satelliteAddress = satAddress; } /** @@ -137,13 +101,6 @@ public class Session { return satelliteAddress; } - /** - * @param satelliteAddress the satelliteAddress to set - */ - public static void setSatelliteAddress(String satelliteAddress) { - Session.satelliteAddress = satelliteAddress; - } - private static SatelliteConfig satConf = null; /** |