| 4687 |
mandeep.dh |
1 |
/**
|
|
|
2 |
*
|
|
|
3 |
*/
|
|
|
4 |
package in.shop2020.serving.auth;
|
|
|
5 |
|
|
|
6 |
import in.shop2020.thrift.clients.HelperClient;
|
|
|
7 |
import in.shop2020.utils.Agent;
|
|
|
8 |
import in.shop2020.utils.HelperService.Client;
|
|
|
9 |
|
|
|
10 |
import java.util.ArrayList;
|
|
|
11 |
import java.util.HashMap;
|
|
|
12 |
import java.util.HashSet;
|
|
|
13 |
import java.util.List;
|
|
|
14 |
import java.util.Map;
|
|
|
15 |
import java.util.Set;
|
|
|
16 |
|
|
|
17 |
import org.apache.commons.logging.Log;
|
|
|
18 |
import org.apache.commons.logging.LogFactory;
|
|
|
19 |
import org.apache.shiro.authc.AuthenticationException;
|
|
|
20 |
import org.apache.shiro.authc.AuthenticationInfo;
|
|
|
21 |
import org.apache.shiro.authc.AuthenticationToken;
|
|
|
22 |
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
|
|
23 |
import org.apache.shiro.authc.UnknownAccountException;
|
|
|
24 |
import org.apache.shiro.authc.UsernamePasswordToken;
|
|
|
25 |
import org.apache.shiro.authz.AuthorizationException;
|
|
|
26 |
import org.apache.shiro.authz.AuthorizationInfo;
|
|
|
27 |
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
|
|
28 |
import org.apache.shiro.realm.AuthorizingRealm;
|
|
|
29 |
import org.apache.shiro.subject.PrincipalCollection;
|
|
|
30 |
import org.apache.thrift.TException;
|
|
|
31 |
|
|
|
32 |
/**
|
|
|
33 |
* @author mandeep
|
|
|
34 |
*
|
|
|
35 |
* This class is realm for fetching authentication and authorization
|
|
|
36 |
* details for an agent.
|
|
|
37 |
*/
|
|
|
38 |
public class InventoryAuthorizingRealm extends AuthorizingRealm {
|
|
|
39 |
private static final Log log = LogFactory.getLog(InventoryAuthorizingRealm.class);
|
|
|
40 |
private static Map<Long, Agent> agentsMapById;
|
|
|
41 |
private static Map<String, Agent> agentsMapByEmailId;
|
|
|
42 |
|
|
|
43 |
@Override
|
|
|
44 |
protected AuthorizationInfo doGetAuthorizationInfo(
|
|
|
45 |
PrincipalCollection principals) {
|
|
|
46 |
// null usernames are invalid
|
|
|
47 |
if (principals == null) {
|
| 30513 |
amit.gupta |
48 |
throw new AuthorizationException(InventoryAuthorizingRealm.java
|
| 4687 |
mandeep.dh |
49 |
"PrincipalCollection method argument cannot be null.");
|
|
|
50 |
}
|
|
|
51 |
|
|
|
52 |
String username = (String) getAvailablePrincipal(principals);
|
|
|
53 |
List<String> roleNames = null;
|
|
|
54 |
Set<String> permissions = new HashSet<String>();
|
|
|
55 |
|
|
|
56 |
try {
|
| 23280 |
amit.gupta |
57 |
log.info("helper -- doGetAuthorizationInfo");
|
| 4687 |
mandeep.dh |
58 |
Client client = new HelperClient().getClient();
|
|
|
59 |
|
|
|
60 |
// Retrieve roles and permissions from database
|
|
|
61 |
roleNames = client.getRoleNamesForAgent(username);
|
|
|
62 |
|
|
|
63 |
for (String roleName : roleNames) {
|
|
|
64 |
permissions.addAll(client
|
|
|
65 |
.getPermissionsForRoleName(roleName));
|
|
|
66 |
}
|
|
|
67 |
} catch (TException e) {
|
|
|
68 |
throw new AuthorizationException(
|
|
|
69 |
"Error fetching roles' information", e);
|
|
|
70 |
} catch (Exception e) {
|
|
|
71 |
throw new AuthorizationException("Error creating Helper client", e);
|
|
|
72 |
}
|
|
|
73 |
|
|
|
74 |
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(
|
|
|
75 |
new HashSet<String>(roleNames));
|
|
|
76 |
info.setStringPermissions(permissions);
|
| 30513 |
amit.gupta |
77 |
log.info("Roles --- " + roleNames);
|
|
|
78 |
log.info("Permissions --- " + permissions);
|
| 4687 |
mandeep.dh |
79 |
return info;
|
|
|
80 |
}
|
|
|
81 |
|
|
|
82 |
@Override
|
|
|
83 |
protected AuthenticationInfo doGetAuthenticationInfo(
|
|
|
84 |
AuthenticationToken token) throws AuthenticationException {
|
|
|
85 |
SimpleAuthenticationInfo info = null;
|
|
|
86 |
|
|
|
87 |
try {
|
|
|
88 |
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
|
|
|
89 |
String username = upToken.getUsername();
|
|
|
90 |
|
|
|
91 |
log.info("Trying to fetch password for " + username);
|
|
|
92 |
Agent agent = getAgent(username);
|
|
|
93 |
if (agent != null) {
|
|
|
94 |
info = new SimpleAuthenticationInfo(username, agent.getPassword().toCharArray(), getName());
|
|
|
95 |
} else {
|
|
|
96 |
throw new UnknownAccountException("No account found for user ["
|
|
|
97 |
+ username + "]");
|
|
|
98 |
}
|
|
|
99 |
} catch (TException e) {
|
|
|
100 |
log.info("Could not create Helper client", e);
|
|
|
101 |
}
|
|
|
102 |
|
|
|
103 |
return info;
|
|
|
104 |
}
|
|
|
105 |
|
|
|
106 |
public static Agent getAgent(String username) throws TException {
|
|
|
107 |
if (agentsMapByEmailId == null || !agentsMapByEmailId.containsKey(username)) {
|
|
|
108 |
loadAgents();
|
|
|
109 |
}
|
|
|
110 |
|
|
|
111 |
return agentsMapByEmailId.get(username);
|
|
|
112 |
}
|
|
|
113 |
|
|
|
114 |
public static Agent getAgent(long agentId) throws TException {
|
|
|
115 |
if (agentsMapById == null || !agentsMapById.containsKey(agentId)) {
|
|
|
116 |
loadAgents();
|
|
|
117 |
}
|
|
|
118 |
|
|
|
119 |
return agentsMapById.get(agentId);
|
|
|
120 |
}
|
|
|
121 |
|
|
|
122 |
private static void loadAgents() throws TException {
|
| 23280 |
amit.gupta |
123 |
log.info("Loading agents");
|
| 4687 |
mandeep.dh |
124 |
Client client = new HelperClient().getClient();
|
|
|
125 |
List<in.shop2020.utils.Agent> agents = client.getAgents();
|
|
|
126 |
Map<Long, Agent> agentsMapByIdLocal = new HashMap<Long, Agent>();
|
|
|
127 |
Map<String, Agent> agentsMapByEmailIdLocal = new HashMap<String, Agent>();
|
|
|
128 |
|
|
|
129 |
for (Agent agent : agents) {
|
|
|
130 |
agentsMapByIdLocal.put(agent.getId(), agent);
|
|
|
131 |
agentsMapByEmailIdLocal.put(agent.getEmailId(), agent);
|
|
|
132 |
}
|
|
|
133 |
|
|
|
134 |
synchronized(InventoryAuthorizingRealm.class) {
|
|
|
135 |
agentsMapById = agentsMapByIdLocal;
|
|
|
136 |
agentsMapByEmailId = agentsMapByEmailIdLocal;
|
|
|
137 |
}
|
|
|
138 |
}
|
|
|
139 |
|
|
|
140 |
public static List<Agent> getAgents() {
|
|
|
141 |
return new ArrayList<Agent>(agentsMapById.values());
|
|
|
142 |
}
|
|
|
143 |
}
|