aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/org/traccar/api/security
diff options
context:
space:
mode:
authorAnton Tananaev <anton@traccar.org>2022-08-02 19:16:11 -0700
committerAnton Tananaev <anton@traccar.org>2022-08-02 19:16:11 -0700
commitab6970135850655313e257cf44fb68c67e9f1e80 (patch)
tree2327f3d05816fd7431b7a08aad4830041f2e3131 /src/main/java/org/traccar/api/security
parent057262001dd933738fc070a57d51dc57518aa57b (diff)
downloadtrackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.tar.gz
trackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.tar.bz2
trackermap-server-ab6970135850655313e257cf44fb68c67e9f1e80.zip
New API token system
Diffstat (limited to 'src/main/java/org/traccar/api/security')
-rw-r--r--src/main/java/org/traccar/api/security/LoginService.java13
-rw-r--r--src/main/java/org/traccar/api/security/SecurityRequestFilter.java4
2 files changed, 13 insertions, 4 deletions
diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index 104a6fac3..1e82a4cf2 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -15,6 +15,7 @@
*/
package org.traccar.api.security;
+import org.traccar.api.signature.TokenManager;
import org.traccar.config.Config;
import org.traccar.config.Keys;
import org.traccar.database.LdapProvider;
@@ -27,29 +28,35 @@ import org.traccar.storage.query.Request;
import javax.annotation.Nullable;
import javax.inject.Inject;
+import java.io.IOException;
+import java.security.GeneralSecurityException;
public class LoginService {
private final Storage storage;
+ private final TokenManager tokenManager;
private final LdapProvider ldapProvider;
private final String serviceAccountToken;
private final boolean forceLdap;
@Inject
- public LoginService(Config config, Storage storage, @Nullable LdapProvider ldapProvider) {
+ public LoginService(
+ Config config, Storage storage, TokenManager tokenManager, @Nullable LdapProvider ldapProvider) {
this.storage = storage;
+ this.tokenManager = tokenManager;
this.ldapProvider = ldapProvider;
serviceAccountToken = config.getString(Keys.WEB_SERVICE_ACCOUNT_TOKEN);
forceLdap = config.getBoolean(Keys.LDAP_FORCE);
}
- public User login(String token) throws StorageException {
+ public User login(String token) throws StorageException, GeneralSecurityException, IOException {
if (serviceAccountToken != null && serviceAccountToken.equals(token)) {
return new ServiceAccountUser();
}
+ long userId = tokenManager.verifyToken(token);
User user = storage.getObject(User.class, new Request(
- new Columns.All(), new Condition.Equals("token", "token", token)));
+ new Columns.All(), new Condition.Equals("id", "id", userId)));
if (user != null) {
checkUserEnabled(user);
}
diff --git a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
index ada7bf997..94b6bbf05 100644
--- a/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
+++ b/src/main/java/org/traccar/api/security/SecurityRequestFilter.java
@@ -33,8 +33,10 @@ import javax.ws.rs.container.ResourceInfo;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
+import java.io.IOException;
import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
public class SecurityRequestFilter implements ContainerRequestFilter {
@@ -94,7 +96,7 @@ public class SecurityRequestFilter implements ContainerRequestFilter {
statisticsManager.registerRequest(user.getId());
securityContext = new UserSecurityContext(new UserPrincipal(user.getId()));
}
- } catch (StorageException e) {
+ } catch (StorageException | GeneralSecurityException | IOException e) {
throw new WebApplicationException(e);
}