API tools faq
paste
Guest User

Untitled

a guest
Aug 23rd, 2018
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.66 KB | None | 0 0
raw download clone embed print report
  1. package com.seagate.rd.auth;
  2.  
  3. import java.security.MessageDigest;
  4. import java.sql.ResultSet;
  5. import java.sql.SQLException;
  6. import java.util.ArrayList;
  7. import java.util.HashSet;
  8. import java.util.Hashtable;
  9. import java.util.List;
  10. import java.util.Set;
  11.  
  12. import javax.naming.AuthenticationException;
  13. import javax.naming.InitialContext;
  14. import javax.naming.NamingException;
  15. import javax.naming.directory.InitialDirContext;
  16. import javax.sql.DataSource;
  17.  
  18. import com.seagate.mes.rhg.dao.JdbcTemplate;
  19. import com.seagate.mes.rhg.dao.RowMapper;
  20.  
  21. public class AuthService {
  22.  
  23. private JdbcTemplate jdbcTemplete;
  24.  
  25. private static final String LDAP_PROVIDER_URL = "ldaps://ldap.seagate.com:636"; // get from MES_PROPERTIES table
  26.  
  27. public AuthService()
  28. {
  29. DataSource dataSource = getDataSource("");
  30. jdbcTemplete = new JdbcTemplate(dataSource);
  31. }
  32.  
  33. public User authenticate(String globalId, String password)
  34. {
  35. String name = getName(globalId);
  36.  
  37. try {
  38. ldapAuthenticate(globalId, password);
  39.  
  40. updateLdapPasswordInDB(globalId, password);
  41.  
  42. User user = new User();
  43. user.setGlobalId(globalId);
  44. user.setName(name);
  45. setUserRolesAndAttributes(user);
  46.  
  47. return user;
  48.  
  49. }
  50. catch(NamingException ex) {
  51.  
  52. boolean ok = authenticateWithDB(globalId, password);
  53.  
  54. if(!ok) {
  55. throw new RuntimeException("user not found in DB");
  56. }
  57.  
  58. User user = new User();
  59. user.setGlobalId(globalId);
  60. user.setName(name);
  61. setUserRolesAndAttributes(user);
  62.  
  63. return user;
  64. }
  65. catch(Exception ex)
  66. {
  67. throw new RuntimeException(ex);
  68. }
  69. }
  70.  
  71. private boolean authenticateWithDB(String globalId, String password) {
  72.  
  73. String sql = "SELECT NAME_FIRST as name FROM EMP_EMPLOYEE, EMP_PASSWD WHERE EMP_EMPLOYEE.EMPLOYEE_ID_LOCAL = EMP_PASSWD.GLOBAL_ID AND EMP_PASSWD.GLOBAL_ID = ? AND PASSWD = ? ";
  74.  
  75. StringRowMapper mapper = new StringRowMapper("name");
  76.  
  77. jdbcTemplete.query(sql, mapper, new String[]{globalId, password});
  78.  
  79. return mapper.getValue() == null ? false : true;
  80. }
  81.  
  82. private void updateLdapPasswordInDB(String globalId, String pwd) {
  83.  
  84. String sql = "UPDATE EMP_PASSWD SET PASSWD = ? WHERE GLOBAL_ID = ?";
  85.  
  86. int updateCount = jdbcTemplete.execute(sql, new String[] {sha(pwd), globalId});
  87.  
  88. if(updateCount == 0) {
  89. throw new RuntimeException("ldap password is not update to DB");
  90. }
  91.  
  92. }
  93.  
  94. public boolean ldapAuthenticate(String globalId, String ldapPassword) throws Exception {
  95.  
  96. if (globalId == null || globalId == "") {
  97. throw new NullPointerException("globalId cannot be null or empty");
  98. }
  99.  
  100. if (ldapPassword == null || ldapPassword == "") {
  101. throw new NullPointerException("ldapPassword cannot be null or empty");
  102. }
  103.  
  104. try {
  105.  
  106. StringBuilder dn = new StringBuilder();
  107. dn.append("uid=");
  108. dn.append(globalId);
  109. dn.append(",ou=people,o=seagate.com,o=SDS");
  110.  
  111. Hashtable<String, String> env = new Hashtable<>();
  112. env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
  113. env.put("java.naming.provider.url", LDAP_PROVIDER_URL);
  114. env.put("java.naming.security.authentication", "simple");
  115. env.put("java.naming.security.principal", dn.toString());
  116. env.put("java.naming.security.credentials", ldapPassword);
  117.  
  118. new InitialDirContext(env); // initial context to check if is valid user
  119. }
  120. catch(AuthenticationException ex) {
  121. throw new AuthenticationException("The password entered does not match with myseagate.com password");
  122. }
  123. catch (Exception ex) {
  124. throw ex;
  125. }
  126.  
  127. return true;
  128. }
  129.  
  130. public String getName(String globalId) {
  131.  
  132. String sql = "SELECT NAME_FIRST || ' ' || NAME_MIDDLE || ' ' || NAME_LAST as name FROM EMP_EMPLOYEE WHERE EMPLOYEE_ID_LOCAL = ? ";
  133.  
  134. RowMapper<String> mapper = new RowMapper<String>() {
  135.  
  136. final List<String> list = new ArrayList<>();
  137.  
  138. @Override
  139. public List<String> getList() {
  140. return list;
  141. }
  142.  
  143. @Override
  144. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  145. String name = rs.getString("name");
  146. list.add(name);
  147. }
  148.  
  149. };
  150.  
  151. jdbcTemplete.query(sql, mapper, new String[]{globalId});
  152.  
  153. return mapper.getList().isEmpty()? null: mapper.getList().get(0);
  154. }
  155.  
  156. public void setUserRolesAndAttributes(User user) {
  157.  
  158. setRoleAndPermission(user);
  159.  
  160. if(user.isSuperUser()) {
  161. setSuperUserAttributes(user);
  162. }
  163. else {
  164. setNormalUserAttributes(user);
  165. }
  166. }
  167.  
  168. public void setRoleAndPermission(User user) {
  169.  
  170. List<Role> roles = getRoleWithPermissionNameOnly(user.getGlobalId());
  171.  
  172. if(roles.isEmpty()) {
  173. List<Role> guestList = getGuestRoleWithPermissionName();
  174. user.setRoleList(guestList);
  175. }
  176.  
  177. for (Role role : roles) {
  178.  
  179. List<String> permissionName = role.getPermissionNameList();
  180.  
  181. for (String name : permissionName) {
  182. List<String> permissionAttributes = getPermissionAttributes(name);
  183.  
  184. Permission permission = new Permission();
  185. permission.setPermissionName(name);
  186. permission.setPermissionScopeAttributeNameList(permissionAttributes);
  187.  
  188. role.addPermission(permission);
  189. }
  190. }
  191.  
  192. user.setRoleList(roles);
  193. }
  194.  
  195. public void setNormalUserAttributes(User user) {
  196. List<UserAttribute> userAttributes = getUserAttributes(user);
  197. user.setUserAttributesList(userAttributes);
  198. }
  199.  
  200. public List<UserAttribute> getUserAttributes(User user) {
  201.  
  202. String sql = "SELECT ATTRIBUTE_NAME, ATTRIBUTE_VALUE FROM AUTH_USER_SCOPE_ATT_VALUES WHERE GLOBAL_ID = ?";
  203.  
  204. RowMapper<UserAttribute> mapper = new RowMapper<UserAttribute>() {
  205.  
  206. final List<KeyValue> list = new ArrayList<>();
  207.  
  208. @Override
  209. public List<UserAttribute> getList() {
  210.  
  211. List<NameListValue<String>> result = transform(list);
  212.  
  213. List<UserAttribute> list = new ArrayList<>();
  214.  
  215. for (NameListValue<String> nlv : result) {
  216.  
  217. UserAttribute r = new UserAttribute();
  218. r.setUserAttributeName(nlv.name);
  219. r.setAttributeValueList(nlv.list);
  220.  
  221. list.add(r);
  222. }
  223.  
  224. return list;
  225. }
  226.  
  227. @Override
  228. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  229. String name = rs.getString("ATTRIBUTE_NAME");
  230. String permission = rs.getString("ATTRIBUTE_VALUE");
  231.  
  232. list.add(new KeyValue(name, permission));
  233. }
  234. };
  235.  
  236. jdbcTemplete.query(sql, mapper, new String[]{user.getGlobalId()});
  237.  
  238. return mapper.getList();
  239. }
  240.  
  241. // set the "ALL" to user attr and attr list
  242. public void setSuperUserAttributes(User user) {
  243.  
  244. UserAttribute ua = new UserAttribute();
  245. ua.setUserAttributeName("ALL");
  246.  
  247. List<String> vl = new ArrayList<>();
  248. vl.add("ALL");
  249. ua.setAttributeValueList(vl);
  250.  
  251. List<UserAttribute> userAttributesList = new ArrayList<>();
  252. userAttributesList.add(ua);
  253. user.setUserAttributesList(userAttributesList);
  254. }
  255.  
  256. public DataSource getDataSource(String jndiName) {
  257.  
  258. try {
  259. InitialContext ic = new InitialContext();
  260. DataSource ds = (DataSource) ic.lookup(jndiName);
  261. return ds;
  262. }
  263. catch (NamingException e) {
  264. throw new RuntimeException(e);
  265. }
  266. }
  267.  
  268. public List<Role> getRoleWithPermissionNameOnly(String gid) {
  269.  
  270. String sql = "select a.global_id, a.role_name, b.permission_name from auth_user_roles a, auth_role_permissions where a.role_name = b.role_name and a.global_id = ?";
  271.  
  272. RowMapper<Role> mapper = new RowMapper<Role>() {
  273.  
  274. final List<KeyValue> list = new ArrayList<>();
  275.  
  276. @Override
  277. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  278.  
  279. String name = rs.getString("ROLE_NAME");
  280. String permission = rs.getString("PERMISSION_NAME");
  281.  
  282. list.add(new KeyValue(name, permission));
  283. }
  284.  
  285. @Override
  286. public List<Role> getList() {
  287.  
  288. List<NameListValue<String>> result = transform(list);
  289.  
  290. List<Role> list = new ArrayList<>();
  291.  
  292. for (NameListValue<String> nlv : result) {
  293.  
  294. Role r = new Role();
  295. r.setRoleName(nlv.name);
  296. r.setPermissionNameList(nlv.list);
  297.  
  298. list.add(r);
  299. }
  300.  
  301. return list;
  302. }
  303. };
  304.  
  305. jdbcTemplete.query(sql, mapper, new String[]{gid});
  306.  
  307. return mapper.getList();
  308. }
  309.  
  310. public List<Role> getGuestRoleWithPermissionName() {
  311.  
  312. String sql = "select role_name, permission_name from auth_role_permissions where role_name = 'GUEST'";
  313.  
  314. RowMapper<Role> mapper = new RowMapper<Role>() {
  315.  
  316. final List<KeyValue> list = new ArrayList<>();
  317.  
  318. @Override
  319. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  320.  
  321. String name = rs.getString("ROLE_NAME");
  322. String permission = rs.getString("PERMISSION_NAME");
  323.  
  324. list.add(new KeyValue(name, permission));
  325. }
  326.  
  327. @Override
  328. public List<Role> getList() {
  329.  
  330. List<NameListValue<String>> result = transform(list);
  331.  
  332. List<Role> list = new ArrayList<>();
  333.  
  334. for (NameListValue<String> nlv : result) {
  335.  
  336. Role r = new Role();
  337. r.setRoleName(nlv.name);
  338. r.setPermissionNameList(nlv.list);
  339.  
  340. list.add(r);
  341. }
  342.  
  343. return list;
  344. }
  345. };
  346.  
  347. jdbcTemplete.query(sql, mapper);
  348.  
  349. return mapper.getList();
  350. }
  351.  
  352. public List<String> getPermissionAttributes(String permissionName) {
  353.  
  354. String sql = "SELECT ATTRIBUTE_NAME FROM AUTH_PERM_SCOPE_ATTS WHERE PERMISSION_NAME = ?";
  355.  
  356. RowMapper<String> mapper = new RowMapper<String>() {
  357.  
  358. final List<String> list = new ArrayList<>();
  359.  
  360. @Override
  361. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  362.  
  363. String name = rs.getString("ATTRIBUTE_NAME");
  364. list.add(name);
  365. }
  366.  
  367. @Override
  368. public List<String> getList() {
  369. return list;
  370. }
  371. };
  372.  
  373. jdbcTemplete.query(sql, mapper, new String[]{permissionName});
  374.  
  375. return mapper.getList();
  376. }
  377.  
  378. public String sha(String value) {
  379.  
  380. try {
  381. MessageDigest sha = MessageDigest.getInstance("SHA");
  382. byte[] bytes = value.getBytes();
  383.  
  384. sha.update(bytes);
  385. byte[] hashPasswd = sha.digest(bytes);
  386. String hash = new String(hashPasswd);
  387. return hash;
  388. } catch (Exception ex) {
  389. throw new RuntimeException(ex);
  390. }
  391. }
  392.  
  393. public List<NameListValue<String>> transform(List<KeyValue> list) {
  394.  
  395. List<NameListValue<String>> result = new ArrayList<>();
  396.  
  397. Set<String> nameAdded = new HashSet<>();
  398.  
  399. for (KeyValue kv : list) {
  400.  
  401. String name = kv.key;
  402.  
  403. NameListValue<String> obj = new NameListValue<>(name);
  404.  
  405. // if duplicate name, skip
  406. if(nameAdded.contains(name)) {
  407. continue;
  408. }
  409.  
  410. nameAdded.add(name);
  411.  
  412. for (KeyValue k2 : list) {
  413.  
  414. if(name.equals(k2.key)) {
  415. obj.add(k2.value);
  416. }
  417. }
  418.  
  419. result.add(obj);
  420. }
  421.  
  422. return result;
  423. }
  424.  
  425. private class NameListValue<T> {
  426.  
  427. public final String name;
  428. public final List<T> list = new ArrayList<>();
  429.  
  430. public NameListValue(String name) {
  431. this.name = name;
  432. }
  433.  
  434. public void add(T t) {
  435. list.add(t);
  436. }
  437. }
  438.  
  439. private class KeyValue {
  440.  
  441. public final String key;
  442. public final String value;
  443.  
  444. public KeyValue(String key, String value) {
  445. this.key = key;
  446. this.value = value;
  447. }
  448. }
  449.  
  450. // move to Utils service
  451.  
  452. public String getPropertyFromDB(String name) {
  453.  
  454. String sql = "SELECT value FROM MES_PROPERTIES WHERE name = ?";
  455.  
  456. StringRowMapper mapper = new StringRowMapper("value");
  457.  
  458. jdbcTemplete.query(sql, mapper, new String[]{name});
  459.  
  460. return mapper.getValue();
  461. }
  462.  
  463. public static class StringRowMapper implements RowMapper<String> {
  464.  
  465. private final List<String> list = new ArrayList<>();
  466. private final String column;
  467.  
  468. public StringRowMapper(String column) {
  469. this.column = column;
  470. }
  471.  
  472. @Override
  473. public void mapRow(ResultSet rs, int rowNum) throws SQLException {
  474.  
  475. String value = rs.getString(column);
  476. list.add(value);
  477. }
  478.  
  479. @Override
  480. public List<String> getList() {
  481. return list;
  482. }
  483.  
  484. public String getValue() {
  485. return list.isEmpty()? null : list.get(0);
  486. }
  487. }
  488.  
  489. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!