Package de.dlr.proseo.api.prip

Class ProductionInterfaceSecurity

java.lang.Object

de.dlr.proseo.api.prip.ProductionInterfaceSecurity

@Component
public class ProductionInterfaceSecurity
extends Object

Security utility methods for PRIP API

Author:

Dr. Thomas Bassler

Constructor Summary

Constructors

Constructor	Description
ProductionInterfaceSecurity()

Method Summary

Modifier and Type	Method	Description
(package private) OAuth2TokenManager.UserInfo	authenticateUser(OAuth2TokenManager.UserInfo userInfo)	Check user credentials and authorities with User Manager
void	doLogin(jakarta.servlet.http.HttpServletRequest request, OAuth2TokenManager tokenManager)	Log in to prosEO
List<String>	getAuthorities()	Gets the authorities granted to the user after login
String	getMission()	Gets the code of the mission the current user is logged in to
String	getPassword()	Gets the password of the logged in user
String	getUser()	Gets the name of the logged in user for service authentication (including mission prefix)
boolean	hasRole(de.dlr.proseo.model.enums.UserRole role)	Checks whether the logged in user has the given role
(package private) OAuth2TokenManager.UserInfo	parseAuthenticationHeader(String authHeader)	Parse an HTTP authentication header into mission, username and password and set the respective thread-local attributes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

ProductionInterfaceSecurity

public ProductionInterfaceSecurity()

Method Details

parseAuthenticationHeader

OAuth2TokenManager.UserInfo parseAuthenticationHeader(String authHeader)
                                               throws IllegalArgumentException

Parse an HTTP authentication header into mission, username and password and set the respective thread-local attributes

Parameters:

authHeader - the authentication header to parse, expected format: "Basic base64(mission\username:password)"

Returns:

the parsed UserInfo

Throws:

IllegalArgumentException - if the authentication header cannot be parsed into the three parts expected

doLogin

public void doLogin(jakarta.servlet.http.HttpServletRequest request,
 OAuth2TokenManager tokenManager)
             throws SecurityException

Log in to prosEO

Parameters:

request - the HTTP request containing the authentication header

tokenManager - the token manager to use

Throws:

SecurityException - if the login failed for any reason

authenticateUser

OAuth2TokenManager.UserInfo authenticateUser(OAuth2TokenManager.UserInfo userInfo)
                                      throws SecurityException

Check user credentials and authorities with User Manager

Parameters:

userInfo - a UserInfo object containing the user credentials

Returns:

the updated UserInfo object including authorities, if the authentication was successful and PRIP access is granted

Throws:

SecurityException - if the user could not be authenticated or is not authorized to access the PRIP API

getUser

public String getUser()

Gets the name of the logged in user for service authentication (including mission prefix)

Returns:

the user name or null, if no user is logged in

getPassword

public String getPassword()

Gets the password of the logged in user

Returns:

the password or null, if no user is logged in

getMission

public String getMission()

Gets the code of the mission the current user is logged in to

Returns:

the mission code or null, if no user is logged in

getAuthorities

public List<String> getAuthorities()

Gets the authorities granted to the user after login

Returns:

the granted authorities

hasRole

public boolean hasRole(de.dlr.proseo.model.enums.UserRole role)

Checks whether the logged in user has the given role

Parameters:

role - the user role to check

Returns:

true, if the respective authority was granted, false otherwise