[SYNCOPE-1050] Adopting the same approach used by Admin Console for extension pages and widgets
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c4433f52 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c4433f52 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c4433f52 Branch: refs/heads/master Commit: c4433f5264fde58fd923b355861d889302fe769e Parents: 2a7358f Author: Francesco Chicchiriccò <ilgro...@apache.org> Authored: Thu Mar 23 12:36:14 2017 +0100 Committer: Francesco Chicchiriccò <ilgro...@apache.org> Committed: Thu Mar 23 12:43:18 2017 +0100 ---------------------------------------------------------------------- client/enduser/pom.xml | 5 + .../enduser/SyncopeEnduserApplication.java | 246 +++---------------- .../client/enduser/annotations/Resource.java | 42 ++++ .../init/ClassPathScanImplementationLookup.java | 84 +++++++ .../client/enduser/init/EnduserInitializer.java | 51 ++++ .../syncope/client/enduser/pages/HomePage.java | 1 - .../enduser/resources/AbstractBaseResource.java | 71 ------ .../enduser/resources/AnyTypeClassResource.java | 13 +- .../enduser/resources/AnyTypeResource.java | 12 +- .../client/enduser/resources/BaseResource.java | 55 +++++ .../enduser/resources/CaptchaResource.java | 2 + .../resources/ExternalResourceResource.java | 12 +- .../client/enduser/resources/GroupResource.java | 16 +- .../client/enduser/resources/InfoResource.java | 4 +- .../client/enduser/resources/LoginResource.java | 4 +- .../enduser/resources/LogoutResource.java | 4 +- .../client/enduser/resources/RealmResource.java | 12 +- .../enduser/resources/SchemaResource.java | 22 +- .../SecurityQuestionByUsernameResource.java | 84 +++++++ .../resources/SecurityQuestionResource.java | 100 -------- .../resources/SecurityQuestionsResource.java | 79 ++++++ .../resources/UserSelfChangePassword.java | 14 +- .../resources/UserSelfConfirmPasswordReset.java | 13 +- .../resources/UserSelfCreateResource.java | 22 +- .../enduser/resources/UserSelfIsLogged.java | 4 +- .../resources/UserSelfPasswordReset.java | 17 +- .../enduser/resources/UserSelfReadResource.java | 4 +- .../resources/UserSelfUpdateResource.java | 5 +- 28 files changed, 518 insertions(+), 480 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/pom.xml ---------------------------------------------------------------------- diff --git a/client/enduser/pom.xml b/client/enduser/pom.xml index db4e3ab..99d4c0b 100644 --- a/client/enduser/pom.xml +++ b/client/enduser/pom.xml @@ -43,6 +43,11 @@ under the License. <artifactId>javax.servlet-api</artifactId> <scope>provided</scope> </dependency> + + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-context</artifactId> + </dependency> <dependency> <groupId>org.apache.wicket</groupId> http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java index 55375bc..756d2f9 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/SyncopeEnduserApplication.java @@ -18,7 +18,6 @@ */ package org.apache.syncope.client.enduser; -import org.apache.syncope.client.enduser.resources.UserSelfIsLogged; import java.io.File; import java.io.InputStream; import java.io.Serializable; @@ -26,23 +25,10 @@ import org.apache.syncope.client.enduser.pages.HomePage; import java.util.Properties; import org.apache.commons.io.FileUtils; import org.apache.commons.lang3.BooleanUtils; -import org.apache.syncope.client.enduser.resources.CaptchaResource; -import org.apache.syncope.client.enduser.resources.InfoResource; -import org.apache.syncope.client.enduser.resources.LoginResource; -import org.apache.syncope.client.enduser.resources.LogoutResource; -import org.apache.syncope.client.enduser.resources.SchemaResource; -import org.apache.syncope.client.enduser.resources.SecurityQuestionResource; -import org.apache.syncope.client.enduser.resources.AnyTypeClassResource; -import org.apache.syncope.client.enduser.resources.AnyTypeResource; -import org.apache.syncope.client.enduser.resources.GroupResource; -import org.apache.syncope.client.enduser.resources.ExternalResourceResource; -import org.apache.syncope.client.enduser.resources.RealmResource; -import org.apache.syncope.client.enduser.resources.UserSelfChangePassword; -import org.apache.syncope.client.enduser.resources.UserSelfConfirmPasswordReset; -import org.apache.syncope.client.enduser.resources.UserSelfCreateResource; -import org.apache.syncope.client.enduser.resources.UserSelfPasswordReset; -import org.apache.syncope.client.enduser.resources.UserSelfReadResource; -import org.apache.syncope.client.enduser.resources.UserSelfUpdateResource; +import org.apache.syncope.client.enduser.annotations.Resource; +import org.apache.syncope.client.enduser.init.ClassPathScanImplementationLookup; +import org.apache.syncope.client.enduser.init.EnduserInitializer; +import org.apache.syncope.client.enduser.resources.BaseResource; import org.apache.syncope.client.lib.SyncopeClientFactoryBean; import org.apache.syncope.common.lib.SyncopeConstants; import org.apache.wicket.Page; @@ -54,11 +40,15 @@ import org.apache.wicket.request.Response; import org.apache.wicket.request.resource.IResource; import org.apache.wicket.request.resource.ResourceReference; import org.apache.wicket.util.lang.Args; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class SyncopeEnduserApplication extends WebApplication implements Serializable { private static final long serialVersionUID = -6445919351044845120L; + private static final Logger LOG = LoggerFactory.getLogger(SyncopeEnduserApplication.class); + private static final String ENDUSER_PROPERTIES = "enduser.properties"; public static SyncopeEnduserApplication get() { @@ -140,202 +130,32 @@ public class SyncopeEnduserApplication extends WebApplication implements Seriali setContentType(SyncopeClientFactoryBean.ContentType.JSON). setUseCompression(BooleanUtils.toBoolean(useGZIPCompression)); - // resource to provide login functionality managed by wicket - mountResource("/api/login", new ResourceReference("login") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new LoginResource(); - } - }); - - // resource to provide logout functionality managed by wicket - mountResource("/api/logout", new ResourceReference("logout") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new LogoutResource(); - } - }); - - mountResource("/api/self/islogged", new ResourceReference("userSelfIsLogged") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfIsLogged(); - } - }); - - // resource to retrieve info about logged user - mountResource("/api/self/read", new ResourceReference("userSelfRead") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfReadResource(); - } - }); - - // resource to provide user self create functionality managed by wicket - mountResource("/api/self/create", new ResourceReference("userSelfCreate") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfCreateResource(); - } - }); - - // resource to provide user self update functionality managed by wicket - mountResource("/api/self/update", new ResourceReference("userSelfUpdate") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfUpdateResource(); - } - }); - - mountResource("/api/self/requestPasswordReset", new ResourceReference("userSelfPasswordReset") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfPasswordReset(); - } - }); - - mountResource("/api/self/confirmPasswordReset", new ResourceReference("userSelfConfirmPasswordReset") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfConfirmPasswordReset(); - } - }); - - mountResource("/api/self/changePassword", new ResourceReference("userSelfChangePassword") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new UserSelfChangePassword(); - } - }); - - mountResource("/api/schemas", new ResourceReference("schemas") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new SchemaResource(); - } - }); - - mountResource("/api/resources", new ResourceReference("resources") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new ExternalResourceResource(); - } - }); - - mountResource("/api/securityQuestions", new ResourceReference("securityQuestions") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new SecurityQuestionResource(); - } - }); - - mountResource("/api/securityQuestions/byUser/${username}", new ResourceReference("securityQuestions") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new SecurityQuestionResource(); - } - }); - - mountResource("/api/info", new ResourceReference("info") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new InfoResource(); - } - }); - - // resource to get a fresh captcha image - mountResource("/api/captcha", new ResourceReference("captcha") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new CaptchaResource(); - } - }); - - mountResource("/api/realms", new ResourceReference("realms") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new RealmResource(); - } - }); - - mountResource("/api/groups", new ResourceReference("groups") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new GroupResource(); - } - }); - - mountResource("/api/auxiliaryClasses", new ResourceReference("auxClasses") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new AnyTypeClassResource(); - } - }); - - mountResource("/api/anyTypes", new ResourceReference("anyType") { - - private static final long serialVersionUID = -128426276529456602L; - - @Override - public IResource getResource() { - return new AnyTypeResource(); + // mount resources + ClassPathScanImplementationLookup classPathScanImplementationLookup = + (ClassPathScanImplementationLookup) getServletContext(). + getAttribute(EnduserInitializer.CLASSPATH_LOOKUP); + for (final Class<? extends BaseResource> resource : classPathScanImplementationLookup.getResources()) { + Resource annotation = resource.getAnnotation(Resource.class); + if (annotation == null) { + LOG.debug("No @Resource annotation found on {}, ignoring", resource.getName()); + } else { + try { + final BaseResource instance = resource.newInstance(); + + mountResource(annotation.path(), new ResourceReference(annotation.key()) { + + private static final long serialVersionUID = -128426276529456602L; + + @Override + public IResource getResource() { + return instance; + } + }); + } catch (Exception e) { + LOG.error("Could not instantiate {}", resource.getName(), e); + } } - }); - + } } @Override http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/annotations/Resource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/annotations/Resource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/annotations/Resource.java new file mode 100644 index 0000000..b54e142 --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/annotations/Resource.java @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.annotations; + +import java.lang.annotation.Documented; +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +@Target({ ElementType.TYPE }) +@Retention(RetentionPolicy.RUNTIME) +@Documented +public @interface Resource { + + /** + * @return string for {@link org.apache.wicket.request.resource.ResourceReference#ResourceReference} + */ + String key(); + + /** + * @return path for{@link org.apache.wicket.protocol.http.WebApplication#mountResource} + */ + String path(); + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/ClassPathScanImplementationLookup.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/ClassPathScanImplementationLookup.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/ClassPathScanImplementationLookup.java new file mode 100644 index 0000000..2761a19 --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/ClassPathScanImplementationLookup.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.init; + +import java.lang.reflect.Modifier; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import org.apache.syncope.client.enduser.annotations.Resource; +import org.apache.syncope.client.enduser.resources.BaseResource; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.config.BeanDefinition; +import org.springframework.context.annotation.ClassPathScanningCandidateComponentProvider; +import org.springframework.core.type.filter.AssignableTypeFilter; +import org.springframework.util.ClassUtils; + +public class ClassPathScanImplementationLookup { + + private static final Logger LOG = LoggerFactory.getLogger(ClassPathScanImplementationLookup.class); + + private static final String DEFAULT_BASE_PACKAGE = "org.apache.syncope.client.enduser"; + + private List<Class<? extends BaseResource>> resources; + + /** + * This method can be overridden by subclasses to customize classpath scan. + * + * @return basePackage for classpath scanning + */ + protected String getBasePackage() { + return DEFAULT_BASE_PACKAGE; + } + + @SuppressWarnings("unchecked") + public void load() { + resources = new ArrayList<>(); + + ClassPathScanningCandidateComponentProvider scanner = new ClassPathScanningCandidateComponentProvider(false); + scanner.addIncludeFilter(new AssignableTypeFilter(BaseResource.class)); + + for (BeanDefinition bd : scanner.findCandidateComponents(getBasePackage())) { + try { + Class<?> clazz = ClassUtils.resolveClassName(bd.getBeanClassName(), ClassUtils.getDefaultClassLoader()); + boolean isAbsractClazz = Modifier.isAbstract(clazz.getModifiers()); + + if (!isAbsractClazz) { + if (BaseResource.class.isAssignableFrom(clazz)) { + if (clazz.isAnnotationPresent(Resource.class)) { + resources.add((Class<? extends BaseResource>) clazz); + } else { + LOG.error("Could not find annotation {} in {}, ignoring", + Resource.class.getName(), clazz.getName()); + } + } + } + } catch (Throwable t) { + LOG.warn("Could not inspect class {}", bd.getBeanClassName(), t); + } + } + resources = Collections.unmodifiableList(resources); + } + + public List<Class<? extends BaseResource>> getResources() { + return resources; + } + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/EnduserInitializer.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/EnduserInitializer.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/EnduserInitializer.java new file mode 100644 index 0000000..6295cd2 --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/init/EnduserInitializer.java @@ -0,0 +1,51 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.init; + +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; +import javax.servlet.annotation.WebListener; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Take care of all initializations needed by Syncope Enduser to run up and safe. + */ +@WebListener +public class EnduserInitializer implements ServletContextListener { + + private static final Logger LOG = LoggerFactory.getLogger(EnduserInitializer.class); + + public static final String CLASSPATH_LOOKUP = "CLASSPATH_LOOKUP"; + + @Override + public void contextInitialized(final ServletContextEvent sce) { + ClassPathScanImplementationLookup lookup = new ClassPathScanImplementationLookup(); + lookup.load(); + sce.getServletContext().setAttribute(CLASSPATH_LOOKUP, lookup); + + LOG.debug("Initialization completed"); + } + + @Override + public void contextDestroyed(final ServletContextEvent sce) { + // nothing to do + } + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/pages/HomePage.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/pages/HomePage.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/pages/HomePage.java index 4c5c07e..4436994 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/pages/HomePage.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/pages/HomePage.java @@ -28,7 +28,6 @@ public class HomePage extends WebPage { public HomePage(final PageParameters parameters) { super(parameters); -// throw new RedirectToUrlException("/app/"); throw new NonResettingRestartException("/app/"); } http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java deleted file mode 100644 index d42fc30..0000000 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AbstractBaseResource.java +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.client.enduser.resources; - -import com.fasterxml.jackson.databind.ObjectMapper; -import javax.servlet.http.HttpServletRequest; -import org.apache.commons.lang3.StringUtils; -import org.apache.syncope.client.enduser.SyncopeEnduserApplication; -import org.apache.syncope.client.enduser.SyncopeEnduserConstants; -import org.apache.syncope.client.enduser.SyncopeEnduserSession; -import org.apache.syncope.common.lib.SyncopeClientException; -import org.apache.wicket.request.resource.AbstractResource; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public abstract class AbstractBaseResource extends AbstractResource { - - private static final long serialVersionUID = -7875801358718612782L; - - protected static final Logger LOG = LoggerFactory.getLogger(AbstractBaseResource.class); - - protected static final ObjectMapper MAPPER = new ObjectMapper(); - - protected final boolean isSelfRegistrationAllowed() { - Boolean result = null; - try { - result = SyncopeEnduserSession.get().getPlatformInfo().isSelfRegAllowed(); - } catch (SyncopeClientException e) { - LOG.error("While seeking if self registration is allowed", e); - } - - return result == null - ? false - : result; - } - - protected final boolean xsrfCheck(final HttpServletRequest request) { - final String requestXSRFHeader = request.getHeader(SyncopeEnduserConstants.XSRF_HEADER_NAME); - - return SyncopeEnduserApplication.get().isXsrfEnabled() - ? StringUtils.isNotBlank(requestXSRFHeader) - && SyncopeEnduserSession.get().getCookieUtils(). - getCookie(SyncopeEnduserConstants.XSRF_COOKIE).getValue().equals(requestXSRFHeader) - : true; - } - - protected final boolean captchaCheck(final String enteredCaptcha, final Object currentCaptcha) { - - return SyncopeEnduserApplication.get().isCaptchaEnabled() - ? StringUtils.isBlank(currentCaptcha.toString()) || enteredCaptcha == null - ? false - : enteredCaptcha.equals(currentCaptcha.toString()) - : true; - } -} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeClassResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeClassResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeClassResource.java index 406186c..1fda74f 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeClassResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeClassResource.java @@ -24,20 +24,16 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.AnyTypeClassTO; import org.apache.syncope.common.rest.api.service.AnyTypeClassService; import org.apache.wicket.request.resource.AbstractResource; -public class AnyTypeClassResource extends AbstractBaseResource { +@Resource(key = "auxClasses", path = "/api/auxiliaryClasses") +public class AnyTypeClassResource extends BaseResource { private static final long serialVersionUID = 7475706378304995200L; - private final AnyTypeClassService anyTypeClassService; - - public AnyTypeClassResource() { - anyTypeClassService = SyncopeEnduserSession.get().getService(AnyTypeClassService.class); - } - @Override protected ResourceResponse newResourceResponse(final Attributes attributes) { @@ -54,7 +50,8 @@ public class AnyTypeClassResource extends AbstractBaseResource { return response; } - final List<AnyTypeClassTO> anyTypeClassTOs = anyTypeClassService.list(); + final List<AnyTypeClassTO> anyTypeClassTOs = + SyncopeEnduserSession.get().getService(AnyTypeClassService.class).list(); response.setTextEncoding(StandardCharsets.UTF_8.name()); response.setWriteCallback(new AbstractResource.WriteCallback() { http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeResource.java index 6f07e18..87ee08c 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/AnyTypeResource.java @@ -23,20 +23,16 @@ import java.nio.charset.StandardCharsets; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.AnyTypeTO; import org.apache.syncope.common.rest.api.service.AnyTypeService; import org.apache.wicket.request.resource.AbstractResource; -public class AnyTypeResource extends AbstractBaseResource { +@Resource(key = "anyType", path = "/api/anyTypes") +public class AnyTypeResource extends BaseResource { private static final long serialVersionUID = 7475706378304995200L; - private final AnyTypeService anyTypeService; - - public AnyTypeResource() { - anyTypeService = SyncopeEnduserSession.get().getService(AnyTypeService.class); - } - @Override protected ResourceResponse newResourceResponse(final Attributes attributes) { LOG.debug("Get all available auxiliary classes"); @@ -53,7 +49,7 @@ public class AnyTypeResource extends AbstractBaseResource { } String kind = attributes.getParameters().get(0).toString(); - final AnyTypeTO anyTypeTO = anyTypeService.read(kind); + final AnyTypeTO anyTypeTO = SyncopeEnduserSession.get().getService(AnyTypeService.class).read(kind); response.setTextEncoding(StandardCharsets.UTF_8.name()); http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/BaseResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/BaseResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/BaseResource.java new file mode 100644 index 0000000..2540f5d --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/BaseResource.java @@ -0,0 +1,55 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.resources; + +import com.fasterxml.jackson.databind.ObjectMapper; +import javax.servlet.http.HttpServletRequest; +import org.apache.commons.lang3.StringUtils; +import org.apache.syncope.client.enduser.SyncopeEnduserApplication; +import org.apache.syncope.client.enduser.SyncopeEnduserConstants; +import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.wicket.request.resource.AbstractResource; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public abstract class BaseResource extends AbstractResource { + + private static final long serialVersionUID = -7875801358718612782L; + + protected static final Logger LOG = LoggerFactory.getLogger(BaseResource.class); + + protected static final ObjectMapper MAPPER = new ObjectMapper(); + + protected final boolean xsrfCheck(final HttpServletRequest request) { + final String requestXSRFHeader = request.getHeader(SyncopeEnduserConstants.XSRF_HEADER_NAME); + return SyncopeEnduserApplication.get().isXsrfEnabled() + ? StringUtils.isNotBlank(requestXSRFHeader) + && SyncopeEnduserSession.get().getCookieUtils(). + getCookie(SyncopeEnduserConstants.XSRF_COOKIE).getValue().equals(requestXSRFHeader) + : true; + } + + protected final boolean captchaCheck(final String enteredCaptcha, final Object currentCaptcha) { + return SyncopeEnduserApplication.get().isCaptchaEnabled() + ? StringUtils.isBlank(currentCaptcha.toString()) || enteredCaptcha == null + ? false + : enteredCaptcha.equals(currentCaptcha.toString()) + : true; + } +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaResource.java index 528bc46..7cae211 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/CaptchaResource.java @@ -21,11 +21,13 @@ package org.apache.syncope.client.enduser.resources; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.RandomStringUtils; import org.apache.syncope.client.enduser.SyncopeEnduserConstants; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.wicket.extensions.markup.html.captcha.CaptchaImageResource; import org.apache.wicket.request.cycle.RequestCycle; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +@Resource(key = "captcha", path = "/api/captcha") public class CaptchaResource extends CaptchaImageResource { private static final long serialVersionUID = 8293404296348102926L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/ExternalResourceResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/ExternalResourceResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/ExternalResourceResource.java index 8eb46b8..4c69d67 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/ExternalResourceResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/ExternalResourceResource.java @@ -24,21 +24,17 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.ResourceTO; import org.apache.syncope.common.rest.api.service.ResourceService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class ExternalResourceResource extends AbstractBaseResource { +@Resource(key = "resources", path = "/api/resources") +public class ExternalResourceResource extends BaseResource { private static final long serialVersionUID = 7475706378304995200L; - private final ResourceService resourceService; - - public ExternalResourceResource() { - resourceService = SyncopeEnduserSession.get().getService(ResourceService.class); - } - @Override protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) { LOG.debug("Search all available resources"); @@ -54,7 +50,7 @@ public class ExternalResourceResource extends AbstractBaseResource { return response; } - final List<ResourceTO> resourceTOs = resourceService.list(); + final List<ResourceTO> resourceTOs = SyncopeEnduserSession.get().getService(ResourceService.class).list(); response.setTextEncoding(StandardCharsets.UTF_8.name()); response.setWriteCallback(new AbstractResource.WriteCallback() { http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/GroupResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/GroupResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/GroupResource.java index fc9f280..93cd002 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/GroupResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/GroupResource.java @@ -19,11 +19,13 @@ package org.apache.syncope.client.enduser.resources; import java.io.IOException; +import java.net.URLDecoder; import java.nio.charset.StandardCharsets; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.client.lib.SyncopeClient; import org.apache.syncope.common.lib.SyncopeConstants; import org.apache.syncope.common.lib.to.GroupTO; @@ -31,16 +33,11 @@ import org.apache.syncope.common.rest.api.beans.AnyQuery; import org.apache.syncope.common.rest.api.service.GroupService; import org.apache.wicket.request.resource.AbstractResource; -public class GroupResource extends AbstractBaseResource { +@Resource(key = "groups", path = "/api/groups") +public class GroupResource extends BaseResource { private static final long serialVersionUID = 7475706378304995200L; - private final GroupService groupService; - - public GroupResource() { - groupService = SyncopeEnduserSession.get().getService(GroupService.class); - } - @Override protected ResourceResponse newResourceResponse(final Attributes attributes) { LOG.debug("Search all available groups"); @@ -55,9 +52,10 @@ public class GroupResource extends AbstractBaseResource { return response; } - String realm = java.net.URLDecoder.decode(attributes.getParameters().get("realm"). + String realm = URLDecoder.decode(attributes.getParameters().get("realm"). toString(SyncopeConstants.ROOT_REALM), "UTF-8"); - final List<GroupTO> groupTOs = groupService.search(new AnyQuery.Builder().realm(realm). + final List<GroupTO> groupTOs = SyncopeEnduserSession.get(). + getService(GroupService.class).search(new AnyQuery.Builder().realm(realm). fiql(SyncopeClient.getGroupSearchConditionBuilder().isAssignable().query()). build()).getResult(); response.setTextEncoding(StandardCharsets.UTF_8.name()); http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/InfoResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/InfoResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/InfoResource.java index 9c397d6..172628e 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/InfoResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/InfoResource.java @@ -25,11 +25,13 @@ import org.apache.commons.lang3.StringUtils; import org.apache.syncope.client.enduser.SyncopeEnduserConstants; import org.apache.syncope.client.enduser.SyncopeEnduserSession; import org.apache.syncope.client.enduser.adapters.PlatformInfoAdapter; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.client.enduser.util.SaltGenerator; import org.apache.wicket.request.resource.IResource; import org.apache.wicket.util.cookies.CookieUtils; -public class InfoResource extends AbstractBaseResource { +@Resource(key = "info", path = "/api/info") +public class InfoResource extends BaseResource { private static final long serialVersionUID = 6453101466981543020L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LoginResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LoginResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LoginResource.java index 8f50351..7007b9f 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LoginResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LoginResource.java @@ -26,11 +26,13 @@ import org.apache.commons.lang3.StringUtils; import org.apache.syncope.client.enduser.SyncopeEnduserApplication; import org.apache.syncope.client.enduser.model.Credentials; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; import org.apache.wicket.util.io.IOUtils; -public class LoginResource extends AbstractBaseResource { +@Resource(key = "login", path = "/api/login") +public class LoginResource extends BaseResource { private static final long serialVersionUID = -7720997467070461915L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LogoutResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LogoutResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LogoutResource.java index 952091f..789729e 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LogoutResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/LogoutResource.java @@ -19,8 +19,10 @@ package org.apache.syncope.client.enduser.resources; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; -public class LogoutResource extends AbstractBaseResource { +@Resource(key = "logout", path = "/api/logout") +public class LogoutResource extends BaseResource { private static final long serialVersionUID = -648841355644985051L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/RealmResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/RealmResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/RealmResource.java index 421ce40..6faafaf 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/RealmResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/RealmResource.java @@ -24,20 +24,16 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.RealmTO; import org.apache.syncope.common.rest.api.service.RealmService; import org.apache.wicket.request.resource.AbstractResource; -public class RealmResource extends AbstractBaseResource { +@Resource(key = "realms", path = "/api/realms") +public class RealmResource extends BaseResource { private static final long serialVersionUID = 7475706378304995200L; - private final RealmService realmService; - - public RealmResource() { - realmService = SyncopeEnduserSession.get().getService(RealmService.class); - } - @Override protected ResourceResponse newResourceResponse(final Attributes attributes) { LOG.debug("Search all available realms"); @@ -52,7 +48,7 @@ public class RealmResource extends AbstractBaseResource { return response; } - final List<RealmTO> realmTOs = realmService.list(); + final List<RealmTO> realmTOs = SyncopeEnduserSession.get().getService(RealmService.class).list(); response.setTextEncoding(StandardCharsets.UTF_8.name()); http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SchemaResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SchemaResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SchemaResource.java index 94d7d1f..b6a601a 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SchemaResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SchemaResource.java @@ -27,6 +27,7 @@ import javax.ws.rs.core.Response; import org.apache.commons.collections4.IterableUtils; import org.apache.commons.collections4.Predicate; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.client.enduser.model.SchemaResponse; import org.apache.syncope.common.lib.to.AbstractSchemaTO; import org.apache.syncope.common.lib.to.AnyTypeTO; @@ -42,22 +43,11 @@ import org.apache.syncope.common.rest.api.service.SchemaService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class SchemaResource extends AbstractBaseResource { +@Resource(key = "schemas", path = "/api/schemas") +public class SchemaResource extends BaseResource { private static final long serialVersionUID = 6453101466981543020L; - private final AnyTypeService anyTypeService; - - private final SchemaService schemaService; - - private final GroupService groupService; - - public SchemaResource() { - anyTypeService = SyncopeEnduserSession.get().getService(AnyTypeService.class); - schemaService = SyncopeEnduserSession.get().getService(SchemaService.class); - groupService = SyncopeEnduserSession.get().getService(GroupService.class); - } - @Override protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) { LOG.debug("Search all {} any type kind related schemas", AnyTypeKind.USER.name()); @@ -77,7 +67,7 @@ public class SchemaResource extends AbstractBaseResource { final String groupParam = attributes.getParameters().get("group").toString(); if (groupParam != null) { - PagedResult<GroupTO> groups = groupService.search( + PagedResult<GroupTO> groups = SyncopeEnduserSession.get().getService(GroupService.class).search( new AnyQuery.Builder().realm("/").page(1).size(1000).build()); GroupTO group = IterableUtils.find(groups.getResult(), new Predicate<GroupTO>() { @@ -95,11 +85,13 @@ public class SchemaResource extends AbstractBaseResource { if (anyTypeClass != null) { classes = Collections.singletonList(anyTypeClass); } else { - AnyTypeTO anyTypeUserTO = anyTypeService.read(AnyTypeKind.USER.name()); + AnyTypeTO anyTypeUserTO = SyncopeEnduserSession.get().getService(AnyTypeService.class). + read(AnyTypeKind.USER.name()); classes = anyTypeUserTO.getClasses(); } } + SchemaService schemaService = SyncopeEnduserSession.get().getService(SchemaService.class); final List<AbstractSchemaTO> plainSchemas = classes.isEmpty() ? Collections.<AbstractSchemaTO>emptyList() : schemaService.list( http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionByUsernameResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionByUsernameResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionByUsernameResource.java new file mode 100644 index 0000000..68051ff --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionByUsernameResource.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.resources; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; +import org.apache.syncope.common.lib.to.SecurityQuestionTO; +import org.apache.syncope.common.rest.api.service.SecurityQuestionService; +import org.apache.wicket.request.mapper.parameter.PageParameters; +import org.apache.wicket.request.resource.AbstractResource; +import org.apache.wicket.request.resource.IResource; +import org.apache.wicket.util.string.StringValue; + +@Resource(key = "securityQuestionByUsername", path = "/api/securityQuestions/byUser/${username}") +public class SecurityQuestionByUsernameResource extends BaseResource { + + private static final long serialVersionUID = 6453101466981543020L; + + @Override + protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) { + LOG.debug("List available security questions"); + + AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); + + try { + HttpServletRequest request = (HttpServletRequest) attributes.getRequest().getContainerRequest(); + + if (!xsrfCheck(request)) { + LOG.error("XSRF TOKEN does not match"); + response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match"); + return response; + } + + PageParameters parameters = attributes.getParameters(); + StringValue username = parameters.get("username"); + if (!username.isEmpty()) { + final SecurityQuestionTO securityQuestionTO = SyncopeEnduserSession.get(). + getService(SecurityQuestionService.class).readByUser(username.toString()); + response.setWriteCallback(new AbstractResource.WriteCallback() { + + @Override + public void writeData(final IResource.Attributes attributes) throws IOException { + attributes.getResponse().write(MAPPER.writeValueAsString(securityQuestionTO)); + } + }); + } + + response.setContentType(MediaType.APPLICATION_JSON); + response.setTextEncoding(StandardCharsets.UTF_8.name()); + response.setStatusCode(Response.Status.OK.getStatusCode()); + } catch (Exception e) { + LOG.error("Error retrieving security questions", e); + response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder() + .append("ErrorMessage{{ ") + .append(e.getMessage()) + .append(" }}") + .toString()); + } + + return response; + } + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionResource.java deleted file mode 100644 index db26cd3..0000000 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionResource.java +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.client.enduser.resources; - -import java.io.IOException; -import java.nio.charset.StandardCharsets; -import java.util.List; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import org.apache.syncope.client.enduser.SyncopeEnduserSession; -import org.apache.syncope.common.lib.to.SecurityQuestionTO; -import org.apache.syncope.common.rest.api.service.SecurityQuestionService; -import org.apache.wicket.request.mapper.parameter.PageParameters; -import org.apache.wicket.request.resource.AbstractResource; -import org.apache.wicket.request.resource.IResource; -import org.apache.wicket.util.string.StringValue; - -public class SecurityQuestionResource extends AbstractBaseResource { - - private static final long serialVersionUID = 6453101466981543020L; - - private final SecurityQuestionService securityQuestionService; - - public SecurityQuestionResource() { - securityQuestionService = SyncopeEnduserSession.get().getService(SecurityQuestionService.class); - } - - @Override - protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) { - LOG.debug("List available security questions"); - - AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); - - try { - - HttpServletRequest request = (HttpServletRequest) attributes.getRequest().getContainerRequest(); - - if (!xsrfCheck(request)) { - LOG.error("XSRF TOKEN does not match"); - response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match"); - return response; - } - - PageParameters parameters = attributes.getParameters(); - StringValue username = parameters.get("username"); - //if the username is defined then retrieve its security questions, otherwise retrieve all security questions - if (!username.isEmpty()) { - final SecurityQuestionTO securityQuestionTO = securityQuestionService.readByUser(username.toString()); - response.setWriteCallback(new AbstractResource.WriteCallback() { - - @Override - public void writeData(final IResource.Attributes attributes) throws IOException { - attributes.getResponse().write(MAPPER.writeValueAsString(securityQuestionTO)); - } - }); - } else { - final List<SecurityQuestionTO> securityQuestionTOs = securityQuestionService.list(); - - response.setWriteCallback(new AbstractResource.WriteCallback() { - - @Override - public void writeData(final IResource.Attributes attributes) throws IOException { - attributes.getResponse().write(MAPPER.writeValueAsString(securityQuestionTOs)); - } - }); - } - - response.setContentType(MediaType.APPLICATION_JSON); - response.setTextEncoding(StandardCharsets.UTF_8.name()); - response.setStatusCode(Response.Status.OK.getStatusCode()); - } catch (Exception e) { - LOG.error("Error retrieving security questions", e); - response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder() - .append("ErrorMessage{{ ") - .append(e.getMessage()) - .append(" }}") - .toString()); - } - - return response; - } - -} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionsResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionsResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionsResource.java new file mode 100644 index 0000000..5adba6c --- /dev/null +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/SecurityQuestionsResource.java @@ -0,0 +1,79 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.enduser.resources; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.util.List; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; +import org.apache.syncope.common.lib.to.SecurityQuestionTO; +import org.apache.syncope.common.rest.api.service.SecurityQuestionService; +import org.apache.wicket.request.resource.AbstractResource; +import org.apache.wicket.request.resource.IResource; + +@Resource(key = "securityQuestions", path = "/api/securityQuestions") +public class SecurityQuestionsResource extends BaseResource { + + private static final long serialVersionUID = 6453101466981543020L; + + @Override + protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) { + LOG.debug("List available security questions"); + + AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); + + try { + HttpServletRequest request = (HttpServletRequest) attributes.getRequest().getContainerRequest(); + + if (!xsrfCheck(request)) { + LOG.error("XSRF TOKEN does not match"); + response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match"); + return response; + } + + final List<SecurityQuestionTO> securityQuestionTOs = SyncopeEnduserSession.get(). + getService(SecurityQuestionService.class).list(); + response.setWriteCallback(new AbstractResource.WriteCallback() { + + @Override + public void writeData(final IResource.Attributes attributes) throws IOException { + attributes.getResponse().write(MAPPER.writeValueAsString(securityQuestionTOs)); + } + }); + + response.setContentType(MediaType.APPLICATION_JSON); + response.setTextEncoding(StandardCharsets.UTF_8.name()); + response.setStatusCode(Response.Status.OK.getStatusCode()); + } catch (Exception e) { + LOG.error("Error retrieving security questions", e); + response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder() + .append("ErrorMessage{{ ") + .append(e.getMessage()) + .append(" }}") + .toString()); + } + + return response; + } + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfChangePassword.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfChangePassword.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfChangePassword.java index e75e36b..85e66a9 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfChangePassword.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfChangePassword.java @@ -24,20 +24,16 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.rest.api.service.UserSelfService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class UserSelfChangePassword extends AbstractBaseResource { +@Resource(key = "userSelfChangePassword", path = "/api/self/changePassword") +public class UserSelfChangePassword extends BaseResource { private static final long serialVersionUID = -2721621682300247583L; - private final UserSelfService userSelfService; - - public UserSelfChangePassword() { - userSelfService = SyncopeEnduserSession.get().getService(UserSelfService.class); - } - @Override protected ResourceResponse newResourceResponse(final IResource.Attributes attributes) { AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); @@ -55,7 +51,8 @@ public class UserSelfChangePassword extends AbstractBaseResource { if (parameters.get("newPassword") == null || parameters.get("newPassword").length == 0) { throw new Exception("A new correct password should be provided"); } - userSelfService.changePassword(parameters.get("newPassword")[0]); + SyncopeEnduserSession.get().getService(UserSelfService.class). + changePassword(parameters.get("newPassword")[0]); final String responseMessage = new StringBuilder().append("Password changed correctly").toString(); @@ -70,7 +67,6 @@ public class UserSelfChangePassword extends AbstractBaseResource { }); response.setStatusCode(Response.Status.OK.getStatusCode()); - } catch (final Exception e) { LOG.error("Error while updating user", e); response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder() http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfConfirmPasswordReset.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfConfirmPasswordReset.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfConfirmPasswordReset.java index 0bf3e30..e9691b3 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfConfirmPasswordReset.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfConfirmPasswordReset.java @@ -24,20 +24,16 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.rest.api.service.UserSelfService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class UserSelfConfirmPasswordReset extends AbstractBaseResource { +@Resource(key = "userSelfConfirmPasswordReset", path = "/api/self/confirmPasswordReset") +public class UserSelfConfirmPasswordReset extends BaseResource { private static final long serialVersionUID = -2721621682300247583L; - private final UserSelfService userSelfService; - - public UserSelfConfirmPasswordReset() { - userSelfService = SyncopeEnduserSession.get().getService(UserSelfService.class); - } - @Override protected ResourceResponse newResourceResponse(final IResource.Attributes attributes) { AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); @@ -61,7 +57,8 @@ public class UserSelfConfirmPasswordReset extends AbstractBaseResource { if (parameters.get("newPassword") == null || parameters.get("newPassword").length == 0) { throw new Exception("A new correct password should be provided"); } - userSelfService.confirmPasswordReset(token, parameters.get("newPassword")[0]); + SyncopeEnduserSession.get().getService(UserSelfService.class). + confirmPasswordReset(token, parameters.get("newPassword")[0]); final String responseMessage = new StringBuilder().append("Password changed correctly").toString(); http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java index fa9d672..010b9b6 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfCreateResource.java @@ -18,6 +18,8 @@ */ package org.apache.syncope.client.enduser.resources; +import static org.apache.syncope.client.enduser.resources.BaseResource.LOG; + import java.io.IOException; import java.nio.charset.StandardCharsets; import java.util.ArrayList; @@ -33,20 +35,30 @@ import org.apache.commons.lang3.SerializationUtils; import org.apache.commons.lang3.time.FastDateFormat; import org.apache.syncope.client.enduser.SyncopeEnduserConstants; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; +import org.apache.syncope.common.lib.SyncopeClientException; import org.apache.syncope.common.lib.to.AttrTO; import org.apache.syncope.common.lib.to.MembershipTO; import org.apache.syncope.common.lib.to.PlainSchemaTO; import org.apache.syncope.common.lib.to.UserTO; import org.apache.syncope.common.rest.api.service.UserSelfService; -public class UserSelfCreateResource extends AbstractBaseResource { +@Resource(key = "userSelfCreate", path = "/api/self/create") +public class UserSelfCreateResource extends BaseResource { private static final long serialVersionUID = -2721621682300247583L; - private final UserSelfService userSelfService; + private boolean isSelfRegistrationAllowed() { + Boolean result = null; + try { + result = SyncopeEnduserSession.get().getPlatformInfo().isSelfRegAllowed(); + } catch (SyncopeClientException e) { + LOG.error("While seeking if self registration is allowed", e); + } - public UserSelfCreateResource() { - userSelfService = SyncopeEnduserSession.get().getService(UserSelfService.class); + return result == null + ? false + : result; } @Override @@ -175,7 +187,7 @@ public class UserSelfCreateResource extends AbstractBaseResource { LOG.trace("Received user self registration request is: [{}]", userTO); // adapt request and create user - final Response res = userSelfService.create(userTO, true); + final Response res = SyncopeEnduserSession.get().getService(UserSelfService.class).create(userTO, true); response.setTextEncoding(StandardCharsets.UTF_8.name()); http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfIsLogged.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfIsLogged.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfIsLogged.java index 6d9facf..bc9f3c5 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfIsLogged.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfIsLogged.java @@ -22,9 +22,11 @@ import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.Response; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.wicket.request.resource.IResource; -public class UserSelfIsLogged extends AbstractBaseResource { +@Resource(key = "userSelfIsLogged", path = "/api/self/islogged") +public class UserSelfIsLogged extends BaseResource { private static final long serialVersionUID = -8716361267586908871L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java index 00f935b..d431cfe 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfPasswordReset.java @@ -26,20 +26,16 @@ import javax.ws.rs.core.Response; import org.apache.commons.lang3.ArrayUtils; import org.apache.syncope.client.enduser.SyncopeEnduserConstants; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.rest.api.service.UserSelfService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class UserSelfPasswordReset extends AbstractBaseResource { +@Resource(key = "userSelfPasswordReset", path = "/api/self/requestPasswordReset") +public class UserSelfPasswordReset extends BaseResource { private static final long serialVersionUID = -2721621682300247583L; - private final UserSelfService userSelfService; - - public UserSelfPasswordReset() { - userSelfService = SyncopeEnduserSession.get().getService(UserSelfService.class); - } - @Override protected ResourceResponse newResourceResponse(final IResource.Attributes attributes) { AbstractResource.ResourceResponse response = new AbstractResource.ResourceResponse(); @@ -71,9 +67,11 @@ public class UserSelfPasswordReset extends AbstractBaseResource { if (ArrayUtils.isEmpty(securityAnswerParam)) { throw new Exception("A correct security answer should be provided"); } - userSelfService.requestPasswordReset(usernameParam[0], securityAnswerParam[0]); + SyncopeEnduserSession.get().getService(UserSelfService.class). + requestPasswordReset(usernameParam[0], securityAnswerParam[0]); } else { - userSelfService.requestPasswordReset(usernameParam[0], null); + SyncopeEnduserSession.get().getService(UserSelfService.class). + requestPasswordReset(usernameParam[0], null); } final String responseMessage = new StringBuilder(). append("Password reset request sent for user ").append(usernameParam[0]).toString(); @@ -88,7 +86,6 @@ public class UserSelfPasswordReset extends AbstractBaseResource { }); response.setStatusCode(Response.Status.OK.getStatusCode()); - } catch (final Exception e) { LOG.error("Error while updating user", e); response.setError(Response.Status.BAD_REQUEST.getStatusCode(), http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfReadResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfReadResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfReadResource.java index dac8a3f..fc6f4fd 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfReadResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfReadResource.java @@ -29,6 +29,7 @@ import javax.ws.rs.core.Response; import org.apache.commons.lang3.SerializationUtils; import org.apache.commons.lang3.time.FastDateFormat; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.AttrTO; import org.apache.syncope.common.lib.to.MembershipTO; import org.apache.syncope.common.lib.to.PlainSchemaTO; @@ -36,7 +37,8 @@ import org.apache.syncope.common.lib.to.UserTO; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class UserSelfReadResource extends AbstractBaseResource { +@Resource(key = "userSelfRead", path = "/api/self/read") +public class UserSelfReadResource extends BaseResource { private static final long serialVersionUID = -9184809392631523912L; http://git-wip-us.apache.org/repos/asf/syncope/blob/c4433f52/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java ---------------------------------------------------------------------- diff --git a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java index 30a89d0..dc46553 100644 --- a/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java +++ b/client/enduser/src/main/java/org/apache/syncope/client/enduser/resources/UserSelfUpdateResource.java @@ -33,6 +33,7 @@ import org.apache.commons.lang3.SerializationUtils; import org.apache.commons.lang3.time.FastDateFormat; import org.apache.syncope.client.enduser.SyncopeEnduserConstants; import org.apache.syncope.client.enduser.SyncopeEnduserSession; +import org.apache.syncope.client.enduser.annotations.Resource; import org.apache.syncope.common.lib.to.AttrTO; import org.apache.syncope.common.lib.to.MembershipTO; import org.apache.syncope.common.lib.to.PlainSchemaTO; @@ -41,7 +42,8 @@ import org.apache.syncope.common.rest.api.service.UserSelfService; import org.apache.wicket.request.resource.AbstractResource; import org.apache.wicket.request.resource.IResource; -public class UserSelfUpdateResource extends AbstractBaseResource { +@Resource(key = "userSelfUpdate", path = "/api/self/update") +public class UserSelfUpdateResource extends BaseResource { private static final long serialVersionUID = -2721621682300247583L; @@ -182,7 +184,6 @@ public class UserSelfUpdateResource extends AbstractBaseResource { }); response.setStatusCode(res.getStatus()); - } catch (final Exception e) { LOG.error("Error while updating user", e); response.setError(Response.Status.BAD_REQUEST.getStatusCode(),