This is an automated email from the ASF dual-hosted git repository. heneveld pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
commit 65fa5617507e37325daaeaa24b9ccbc367918717 Author: Alex Heneveld <[email protected]> AuthorDate: Wed Dec 12 14:52:14 2018 +0000 logging and tidy to use gson --- .../brooklyn/rest/filter/GoogleOauthFilter.java | 30 +++++++++++------- .../rest/security/jaas/BrooklynLoginModule.java | 4 +++ .../rest/security/jaas/GoogleOauthLoginModule.java | 36 +++++++++++++--------- .../main/resources/OSGI-INF/blueprint/service.xml | 4 +-- 4 files changed, 46 insertions(+), 28 deletions(-) diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/GoogleOauthFilter.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/GoogleOauthFilter.java index 3a85db6..e91733a 100644 --- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/GoogleOauthFilter.java +++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/filter/GoogleOauthFilter.java @@ -36,7 +36,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.ws.rs.ext.Provider; -import net.minidev.json.JSONObject; +import org.apache.brooklyn.util.exceptions.Exceptions; +import org.apache.brooklyn.util.yaml.Yamls; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.NameValuePair; @@ -50,13 +51,15 @@ import org.apache.http.entity.ContentType; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.message.BasicNameValuePair; import org.apache.http.util.EntityUtils; -import org.json.simple.parser.JSONParser; -import org.json.simple.parser.ParseException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; @Provider @Priority(1) public class GoogleOauthFilter implements Filter { + private static final Logger log = LoggerFactory.getLogger(GoogleOauthFilter.class); + public static final String SESSION_KEY_CODE = "code"; public static final String SESSION_KEY_ACCESS_TOKEN = "access_token"; @@ -149,13 +152,16 @@ public class GoogleOauthFilter implements Filter { String body = post(uriTokenInfo, params); // System.out.println(body); - JSONObject jsonObject = null; + Map<?,?> jsonObject = null; // get the access token from json and request info from Google try { - jsonObject = (JSONObject) new JSONParser().parse(body); - } catch (ParseException e) { - throw new RuntimeException("Unable to parse json " + body); + jsonObject = (Map<?,?>) Yamls.parseAll(body).iterator().next(); + log.info("Parsed '"+body+"' as "+jsonObject); + } catch (Exception e) { + Exceptions.propagateIfFatal(e); + log.info("Unable to parse: '"+body+"'"); + throw new RuntimeException("Unable to parse json " + body, e); } if (!clientId.equals(jsonObject.get(audience))) { @@ -179,13 +185,15 @@ public class GoogleOauthFilter implements Filter { String body = post(uriGetToken, params); - JSONObject jsonObject = null; + Map<?,?> jsonObject = null; // get the access token from json and request info from Google try { - jsonObject = (JSONObject) new JSONParser().parse(body); - } catch (ParseException e) { - // throw new RuntimeException("Unable to parse json " + body); + jsonObject = (Map<?,?>) Yamls.parseAll(body).iterator().next(); + log.info("Parsed '"+body+"' as "+jsonObject); + } catch (Exception e) { + Exceptions.propagateIfFatal(e); + log.info("Unable to parse: '"+body+"'"); return redirectLogin(resp); } diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java index 32684bd..9765349 100644 --- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java +++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java @@ -186,6 +186,7 @@ public class BrooklynLoginModule implements LoginModule { private void initProvider() { StringConfigMap brooklynProperties = getManagementContext().getConfig(); provider = brooklynProperties.getConfig(BrooklynWebConfig.SECURITY_PROVIDER_INSTANCE); + log.info("ALEX BR LOGIN - INIT "+provider); String symbolicName = (String) options.get(PROPERTY_BUNDLE_SYMBOLIC_NAME); String version = (String) options.get(PROPERTY_BUNDLE_VERSION); String className = (String) options.get(BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME.getName()); @@ -252,6 +253,7 @@ public class BrooklynLoginModule implements LoginModule { @Override public boolean login() throws LoginException { if (callbackHandler == null) { + log.info("ALEX BR LOGIN - LOGIN 1"); loginSuccess = false; throw new FailedLoginException("Username and password not available"); } @@ -260,6 +262,7 @@ public class BrooklynLoginModule implements LoginModule { PasswordCallback cbPassword = new PasswordCallback("Password: ", false); Callback[] callbacks = {cbName, cbPassword}; + log.info("ALEX BR LOGIN - LOGIN 2 - "+cbName); try { callbackHandler.handle(callbacks); @@ -306,6 +309,7 @@ public class BrooklynLoginModule implements LoginModule { @Override public boolean commit() throws LoginException { + log.info("ALEX BR LOGIN - COMMIT"); if (loginSuccess) { if (subject.isReadOnly()) { throw new LoginException("Can't commit read-only subject"); diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/GoogleOauthLoginModule.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/GoogleOauthLoginModule.java index 8a86e1f..7a770cb 100644 --- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/GoogleOauthLoginModule.java +++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/GoogleOauthLoginModule.java @@ -38,7 +38,9 @@ import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import javax.servlet.ServletException; +import org.apache.brooklyn.util.exceptions.Exceptions; import org.apache.brooklyn.util.text.Strings; +import org.apache.brooklyn.util.yaml.Yamls; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.NameValuePair; @@ -58,10 +60,6 @@ import org.eclipse.jetty.server.Response; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import net.minidev.json.JSONObject; -import net.minidev.json.parser.JSONParser; -import net.minidev.json.parser.ParseException; - public class GoogleOauthLoginModule implements LoginModule { private static final Logger logger = LoggerFactory.getLogger(BrooklynLoginModule.class); @@ -115,6 +113,7 @@ public class GoogleOauthLoginModule implements LoginModule { @Override public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options) { + logger.info("ALEX LOGIN MODULE - INIT"); this.subject = subject; this.callbackHandler = callbackHandler; @@ -150,6 +149,7 @@ public class GoogleOauthLoginModule implements LoginModule { } String newUrl = oauth2URL + userName; + logger.info("ALEX LOGIN MODULE - LOGIN "+userName+" / "+newUrl); logger.debug("THis is the URL: " + newUrl); boolean eligible=false; @@ -237,15 +237,18 @@ public class GoogleOauthLoginModule implements LoginModule { String body = post(uriGetToken, params); - JSONObject jsonObject = null; + Map<?,?> jsonObject = null; // get the access token from json and request info from Google -// try { -// jsonObject = (JSONObject) new JSONParser().parse(body); -// } catch (ParseException e) { -// // throw new RuntimeException("Unable to parse json " + body); -// return redirectLogin(); -// } + try { + jsonObject = (Map<?,?>) Yamls.parseAll(body).iterator().next(); + logger.info("Parsed '"+body+"' as "+jsonObject); + } catch (Exception e) { + Exceptions.propagateIfFatal(e); + logger.info("Unable to parse: '"+body+"'"); + // throw new RuntimeException("Unable to parse json " + body); + return redirectLogin(); + } // Left token and code in session String accessToken = (String) jsonObject.get(SESSION_KEY_ACCESS_TOKEN); @@ -268,13 +271,16 @@ public class GoogleOauthLoginModule implements LoginModule { String body = post(uriTokenInfo, params); // System.out.println(body); - JSONObject jsonObject = null; + Map<?,?> jsonObject = null; // get the access token from json and request info from Google try { - jsonObject = (JSONObject) new JSONParser().parse(body); - } catch (ParseException e) { - throw new RuntimeException("Unable to parse json " + body); + jsonObject = (Map<?,?>) Yamls.parseAll(body).iterator().next(); + logger.info("Parsed '"+body+"' as "+jsonObject); + } catch (Exception e) { + Exceptions.propagateIfFatal(e); + logger.info("Unable to parse: '"+body+"'"); + throw new RuntimeException("Unable to parse json " + body, e); } if (!clientId.equals(jsonObject.get(audience))) { diff --git a/rest/rest-resources/src/main/resources/OSGI-INF/blueprint/service.xml b/rest/rest-resources/src/main/resources/OSGI-INF/blueprint/service.xml index 4fcd9b2..e0b6c9f 100644 --- a/rest/rest-resources/src/main/resources/OSGI-INF/blueprint/service.xml +++ b/rest/rest-resources/src/main/resources/OSGI-INF/blueprint/service.xml @@ -60,8 +60,8 @@ limitations under the License. interface="org.apache.brooklyn.core.mgmt.internal.ManagementContextInternal"/> <jaas:config name="webconsole"> - <jaas:module className="org.apache.brooklyn.rest.security.jaas.GoogleOauthLoginModule" flags="required"/> - <!--<jaas:module className="org.apache.brooklyn.rest.security.jaas.BrooklynLoginModule" flags="required"/>--> + <!-- <jaas:module className="org.apache.brooklyn.rest.security.jaas.GoogleOauthLoginModule" flags="required"/> --> + <jaas:module className="org.apache.brooklyn.rest.security.jaas.BrooklynLoginModule" flags="required"/> </jaas:config> <reference id="shutdownHandler" interface="org.apache.brooklyn.core.mgmt.ShutdownHandler"/>
