jomu/shared
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases 7 Activity

fixed NPE when Account could not be injected

Browse Source
This commit is contained in:
Joern Muehlencord
2019-01-11 17:33:14 +01:00
parent 8291d3e3aa
commit 698b4477a2
1 changed files with 25 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
account/src/main/java/de/muehlencord/shared/account/business/account/boundary/ApiKeyService.java
View File

@ -16,7 +16,6 @@
package de.muehlencord.shared.account.business.account.boundary; package de.muehlencord.shared.account.business.account.boundary;
import de.muehlencord.shared.account.business.account.control.AccountControl; import de.muehlencord.shared.account.business.account.control.AccountControl;
import de.muehlencord.shared.account.business.account.entity.Account;
import de.muehlencord.shared.account.business.account.entity.AccountEntity; import de.muehlencord.shared.account.business.account.entity.AccountEntity;
import de.muehlencord.shared.account.business.account.entity.ApiKeyEntity; import de.muehlencord.shared.account.business.account.entity.ApiKeyEntity;
import de.muehlencord.shared.account.business.account.entity.JWTObject; import de.muehlencord.shared.account.business.account.entity.JWTObject;
@ -26,7 +25,10 @@ import de.muehlencord.shared.account.util.AccountPU;
import de.muehlencord.shared.jeeutil.jwt.JWTDecoder; import de.muehlencord.shared.jeeutil.jwt.JWTDecoder;
import de.muehlencord.shared.jeeutil.jwt.JWTEncoder; import de.muehlencord.shared.jeeutil.jwt.JWTEncoder;
import de.muehlencord.shared.jeeutil.jwt.JWTException; import de.muehlencord.shared.jeeutil.jwt.JWTException;
import de.muehlencord.shared.util.DateUtil;
import de.muehlencord.shared.util.StringUtil;
import java.io.Serializable; import java.io.Serializable;
import java.time.ZoneId;
import java.time.ZoneOffset; import java.time.ZoneOffset;
import java.time.ZonedDateTime; import java.time.ZonedDateTime;
import java.util.ArrayList; import java.util.ArrayList;
@ -67,9 +69,6 @@ public class ApiKeyService implements Serializable {
@Inject @Inject
ConfigService configService; ConfigService configService;
@Inject
Account account;
private String password; private String password;
private String issuer; private String issuer;
@ -95,6 +94,20 @@ public class ApiKeyService implements Serializable {
} }
} }
public ApiKeyEntity getApiKeyFromString(String encodedJWT) throws ApiKeyException {
if (StringUtil.isEmpty(encodedJWT)) {
throw new ApiKeyException("Must provide authorization information");
}
JWTObject jwt = getJWTObject(encodedJWT);
Query query = em.createNamedQuery("ApiKeyEntity.findByApiKey");
query.setParameter("apiKey", jwt.getUnqiueId());
List<ApiKeyEntity> apiKeys = query.getResultList();
if ((apiKeys == null) || (apiKeys.isEmpty())) {
throw new ApiKeyException("ApiKey not found in database");
}
return apiKeys.get(0);
}
public List<ApiKeyEntity> getUsersApiKeys(AccountEntity account) { public List<ApiKeyEntity> getUsersApiKeys(AccountEntity account) {
Query query = em.createNamedQuery("ApiKeyEntity.findByAccount"); Query query = em.createNamedQuery("ApiKeyEntity.findByAccount");
query.setParameter("account", account); query.setParameter("account", account);
@ -107,27 +120,28 @@ public class ApiKeyService implements Serializable {
} }
public List<ApiKeyEntity> getUsersApiKeys() { public List<ApiKeyEntity> getUsersApiKeys(String userName) {
return getUsersApiKeys(accountControl.getAccountEntity(account.getUsername(), false)); return getUsersApiKeys(accountControl.getAccountEntity(userName, false));
} }
@Transactional @Transactional
@Lock(LockType.WRITE) @Lock(LockType.WRITE)
public String createNewApiKey(ZonedDateTime now, short expirationInMinutes) throws ApiKeyException { public String createNewApiKey(String userName, short expirationInMinutes) throws ApiKeyException {
if ((password == null || issuer == null)) { if ((password == null || issuer == null)) {
LOGGER.error("password or issuer not set in, please validate configuration"); LOGGER.error("password or issuer not set in, please validate configuration");
} }
Date nowDate = Date.from(now.toInstant()); Date now = DateUtil.getCurrentTimeInUTC();
ZonedDateTime zonedDateTime = ZonedDateTime.ofInstant(now.toInstant(), ZoneId.of("UTC"));
String apiKeyString = RandomStringUtils.randomAscii(50); String apiKeyString = RandomStringUtils.randomAscii(50);
ApiKeyEntity apiKey = new ApiKeyEntity(); ApiKeyEntity apiKey = new ApiKeyEntity();
apiKey.setAccount(accountControl.getAccountEntity(account.getUsername(), false)); apiKey.setAccount(accountControl.getAccountEntity(userName, false));
apiKey.setApiKey(apiKeyString); apiKey.setApiKey(apiKeyString);
apiKey.setIssuedOn(nowDate); apiKey.setIssuedOn(now);
apiKey.setExpiration(expirationInMinutes); apiKey.setExpiration(expirationInMinutes);
try { try {
String jwtString = JWTEncoder.encode(password, issuer, now, apiKey.getAccount().getUsername(), apiKey.getApiKey(), apiKey.getExpiration()); String jwtString = JWTEncoder.encode(password, issuer, zonedDateTime, apiKey.getAccount().getUsername(), apiKey.getApiKey(), apiKey.getExpiration());
em.persist(apiKey); em.persist(apiKey);
return jwtString; return jwtString;
} catch (JWTException ex) { } catch (JWTException ex) {