BearerTokenAuthenticatingRealm.java example

Explorer

ProjectTeamRocket-master
- FindMyThings
  - src
    - edu
      - gatech
        oad
        rocket
        findmythings
        AccountActivity.java
        AccountEditActivity.java
        AdminActivity.java
        AdminCreateActivity.java
        AdminPopupActivity.java
        FilterActivity.java
        ItemDetailActivity.java
        ItemDetailFragment.java
        ItemListFragment.java
        LoginActivity.java
        MainActivity.java
        MapsActivity.java
        RegisterActivity.java
        SearchResultsActivity.java
        SubmitActivity.java
        SubmitFragment.java
        UserListFragment.java
        control
        LoginManager.java
        SharedApplication.java
        list
        AlternatingArrayListAdapter.java
        AlternatingFilterableArrayListAdapter.java
        ArrayListAdapter.java
        ArrayListFragment.java
        CustomFilter.java
        FilterableArrayListAdapter.java
        FilterableArrayListFragment.java
        ItemFilterConstraint.java
        ListAsyncTaskLoader.java
        ThrowableAsyncTaskLoader.java
        TwoLineListProvider.java
        model
        Admin.java
        AppMember.java
        Category.java
        CollectionResponseAppMember.java
        CollectionResponseDBItem.java
        DBItem.java
        Member.java
        MessageBean.java
        PhoneNumber.java
        Type.java
        User.java
        service
        EndpointUtils.java
        Fmthings.java
        FmthingsRequest.java
        FmthingsRequestInitializer.java
        util
        AllCapsTextView.java
        EnumHelper.java
        ErrorDialog.java
        Messages.java
        ModelHelper.java
        PhoneNumberFilter.java
        PhoneNumberTextWatcher.java
        ToastHelper.java
        validation
        DomainValidator.java
        EmailValidator.java
        InetAddressValidator.java
        RegexValidator.java
        UrlValidator.java
- FindMyThingsServer
  - src
    - edu
      - gatech
        oad
        rocket
        findmythings
        server
        PageGenerator.java
        TemplateServlet.java
        db
        DatabaseService.java
        Memcache.java
        MemcacheManager.java
        model
        DBAuthenticationToken.java
        DBItem.java
        DBMember.java
        DBRegistrationTicket.java
        DBUserCounter.java
        model
        AppMember.java
        AppMutableMember.java
        Category.java
        MessageBean.java
        Type.java
        security
        BearerToken.java
        BearerTokenAuthenticatingFilter.java
        BearerTokenAuthenticatingRealm.java
        BearerTokenRevokeFilter.java
        DatabaseRealm.java
        ProfileIniRealm.java
        ProfileRealm.java
        WebAuthenticationFilter.java
        spi
        AccountV1.java
        BaseEndpoint.java
        ItemV1.java
        MemberV1.java
        TestV1.java
        util
        Config.java
        HTTP.java
        HashHelper.java
        Messages.java
        MimeTypes.java
        Searchable.java
        SearchableHelper.java
        tags
        AuthenticatedTag.java
        GuestTag.java
        HasAnyRolesTag.java
        HasPermissionTag.java
        HasRoleTag.java
        LacksPermissionTag.java
        LacksRoleTag.java
        NotAuthenticatedTag.java
        PageAuthTags.java
        PermissionTag.java
        PrincipalTag.java
        RoleTag.java
        SecureTag.java
        UserTag.java
        web
        ActivateServlet.java
        ForgotServlet.java
        MailboxServlet.java
        RegisterMailmanServlet.java
        RegisterServlet.java
        WelcomeMailmanServlet.java
        shared
        util
        Messages.java
        StringedEnum.java
        validation
        DomainValidator.java
        EmailValidator.java
        InetAddressValidator.java
        RegexValidator.java
        UrlValidator.java
- M10
  - src
    - edu
      - gatech
        oad
        rocket
        findmythings
        test
        AllTests.java
        Cristina2.java
        Justin.java
        Tyler2.java
        Zachary.java
- M4
  - src
    - edu
      - gatech
        oad
        antlab
        person
        Person1.java
        Person2.java
        Person3.java
        Person4.java
        pkg1
        AntLab11.java
        AntLab12.java
        AntLabMain.java
        pkg2
        AntLab21.java
        AntLab22.java
- libs
  - google-play-services_lib
    - src
      - android
        UnusedStub.java

package edu.gatech.oad.rocket.findmythings.server.security;

import com.google.common.base.Preconditions;
import edu.gatech.oad.rocket.findmythings.server.db.DatabaseService;
import edu.gatech.oad.rocket.findmythings.server.db.MemcacheManager;
import edu.gatech.oad.rocket.findmythings.server.db.model.DBAuthenticationToken;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;

import java.util.Collection;
import java.util.logging.Logger;

public class BearerTokenAuthenticatingRealm extends AuthenticatingRealm {
	private static final Logger LOGGER = Logger.getLogger(BearerTokenAuthenticatingRealm.class.getName());

	private class BearerAuthenticationInfo implements AuthenticationInfo {
		private static final long serialVersionUID = 3470761774414912759L;
		private final DBAuthenticationToken token;

		BearerAuthenticationInfo(DBAuthenticationToken token) {
			this.token = token;
		}

		@Override
		public Object getCredentials() {
			return token.getIdentifierString();
		}

		@Override
		public PrincipalCollection getPrincipals() {
			RealmSecurityManager manager = (RealmSecurityManager)SecurityUtils.getSecurityManager();
			SimplePrincipalCollection ret = new SimplePrincipalCollection();
			for (Realm realm : manager.getRealms()) {
				if (realm instanceof ProfileRealm) {
					String email = token.getEmail();
					if (((ProfileRealm) realm).accountExists(email)) {
						ret.add(email, realm.getName());
					}
				}
			}
			ret.add(token.getIdentifierString(), getName());
			return ret;
		}

	}

	public BearerTokenAuthenticatingRealm() {
		super(new MemcacheManager(), new AllowAllCredentialsMatcher());
		setAuthenticationTokenClass(BearerToken.class);
	}

	private static boolean tokenIsInvalid(BearerToken token, DBAuthenticationToken dbToken) {
		return token == null || dbToken == null || !dbToken.getEmail().equals(token.getPrincipal());
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken arg0) throws AuthenticationException {
		BearerToken token = (BearerToken)arg0;
		String email = (String)token.getPrincipal();
		String credentials = (String)token.getCredentials();

		Preconditions.checkNotNull(email, "Email can't be null");
		Preconditions.checkNotNull(token, "Token can't be null");

		DBAuthenticationToken dbToken = DatabaseService.ofy().load().type(DBAuthenticationToken.class).id(credentials).get();
		if (tokenIsInvalid(token, dbToken)) {
			LOGGER.info("Rejecting token " + credentials + " for user " + email);
			return null;
		}

		return new BearerAuthenticationInfo(dbToken);
	}

	@Override
	public void onLogout(PrincipalCollection principals) {
		super.onLogout(principals);
		deleteTokens(principals);
	}

	@SuppressWarnings("unchecked")
	private void deleteTokens(PrincipalCollection principals) {
		Collection<String> tokens = principals.fromRealm(getName());
		if (tokens != null) { //  && tokens.size() > 1
			DatabaseService.ofy().deleteAuthenticationTokens(tokens);
		}
	}

}