Changeset 25311 for main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
- Timestamp:
- 2012-03-28T16:59:57+13:00 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r25271 r25311 7 7 8 8 import org.w3c.dom.Element; 9 import org.w3c.dom.NodeList; 9 10 10 11 import java.util.ArrayList; … … 113 114 protected DerbyWrapper _derbyWrapper = null; 114 115 116 protected String _recaptchaPrivateKey = null; 117 protected String _recaptchaPublicKey = null; 118 115 119 /** constructor */ 116 120 public Authentication() … … 134 138 getUserInformation_service.setAttribute(GSXML.NAME_ATT, GET_USER_INFORMATION_SERVICE); 135 139 this.short_service_info.appendChild(getUserInformation_service); 140 141 NodeList recaptchaElems = info.getElementsByTagName("recaptcha"); 142 143 for (int i = 0; i < recaptchaElems.getLength(); i++) 144 { 145 Element currentElem = (Element) recaptchaElems.item(i); 146 if (currentElem.getAttribute(GSXML.NAME_ATT) != null && currentElem.getAttribute(GSXML.NAME_ATT).equals("public_key")) 147 { 148 if (currentElem.getAttribute(GSXML.VALUE_ATT) != null) 149 { 150 _recaptchaPublicKey = currentElem.getAttribute(GSXML.VALUE_ATT); 151 } 152 } 153 else if (currentElem.getAttribute(GSXML.NAME_ATT) != null && currentElem.getAttribute(GSXML.NAME_ATT).equals("private_key")) 154 { 155 if (currentElem.getAttribute(GSXML.VALUE_ATT) != null) 156 { 157 _recaptchaPrivateKey = currentElem.getAttribute(GSXML.VALUE_ATT); 158 } 159 } 160 } 136 161 137 162 return true; … … 333 358 String newComment = (String) paramMap.get("comment"); 334 359 String newEmail = (String) paramMap.get("email"); 335 336 int error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail); 360 361 //Check the given user name 362 int error; 363 if ((error = checkUsername(newUsername)) != NO_ERROR) 364 { 365 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 366 return result; 367 } 368 369 //Check the given password 370 if ((error = checkPassword(newPassword)) != NO_ERROR) 371 { 372 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 373 return result; 374 } 375 376 newPassword = hashPassword(newPassword); 377 378 error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail); 337 379 if (error != NO_ERROR) 338 380 { … … 351 393 String newPassword = (String) paramMap.get("password"); 352 394 String newEmail = (String) paramMap.get("email"); 353 354 ReCaptchaImpl reCaptcha = new ReCaptchaImpl(); 355 reCaptcha.setPrivateKey("6LckI88SAAAAAGnGy1PwuXYZzIMXZYoPxN51bWWG"); //TODO: MOVE TO SITECONFIG.XML FILE 356 357 String challenge = (String) paramMap.get("recaptcha_challenge_field"); 358 String uResponse = (String) paramMap.get("recaptcha_response_field"); 359 360 if (challenge == null || uResponse == null) 361 { 362 serviceNode.setAttribute("operation", REGISTER); 363 GSXML.addError(this.doc, result, _errorMessageMap.get(ERROR_CAPTCHA_MISSING)); 364 return result; 365 } 366 367 ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(request.getAttribute("remoteAddress"), challenge, uResponse); 368 369 if (!reCaptchaResponse.isValid()) 370 { 371 serviceNode.setAttribute("operation", REGISTER); 372 GSXML.addError(this.doc, result, _errorMessageMap.get(ERROR_CAPTCHA_DOES_NOT_MATCH)); 373 return result; 374 } 375 376 int error = addUser(newUsername, newPassword, "", "true", "", newEmail); 395 396 //Check the given user name 397 int error; 398 if ((error = checkUsername(newUsername)) != NO_ERROR) 399 { 400 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 401 return result; 402 } 403 404 //Check the given password 405 if ((error = checkPassword(newPassword)) != NO_ERROR) 406 { 407 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 408 return result; 409 } 410 411 newPassword = hashPassword(newPassword); 412 413 if(_recaptchaPrivateKey != null) 414 { 415 ReCaptchaImpl reCaptcha = new ReCaptchaImpl(); 416 reCaptcha.setPrivateKey(_recaptchaPrivateKey); 417 418 String challenge = (String) paramMap.get("recaptcha_challenge_field"); 419 String uResponse = (String) paramMap.get("recaptcha_response_field"); 420 421 if (challenge == null || uResponse == null) 422 { 423 serviceNode.setAttribute("operation", REGISTER); 424 GSXML.addError(this.doc, result, _errorMessageMap.get(ERROR_CAPTCHA_MISSING)); 425 return result; 426 } 427 428 ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(request.getAttribute("remoteAddress"), challenge, uResponse); 429 430 if (!reCaptchaResponse.isValid()) 431 { 432 serviceNode.setAttribute("operation", REGISTER); 433 GSXML.addError(this.doc, result, _errorMessageMap.get(ERROR_CAPTCHA_DOES_NOT_MATCH)); 434 return result; 435 } 436 } 437 438 error = addUser(newUsername, newPassword, "", "true", "", newEmail); 377 439 if (error != NO_ERROR) 378 440 { … … 391 453 String newEmail = (String) paramMap.get("email"); 392 454 455 //Check the given user name 456 int error; 457 if ((error = checkUsername(newUsername)) != NO_ERROR) 458 { 459 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 460 return result; 461 } 462 393 463 if (newPassword == null) 394 464 { 395 465 newPassword = retrieveDataForUser(previousUsername, "password"); 396 466 } 397 398 int error = removeUser(previousUsername); 467 else 468 { 469 //Check the given password 470 if ((error = checkPassword(newPassword)) != NO_ERROR) 471 { 472 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 473 return result; 474 } 475 476 newPassword = hashPassword(newPassword); 477 } 478 479 error = removeUser(previousUsername); 399 480 if (error != NO_ERROR) 400 481 { … … 411 492 return result; 412 493 } 494 413 495 error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail); 414 496 if (error != NO_ERROR) … … 453 535 return result; 454 536 } 537 538 //Check the given password 539 int error; 540 if ((error = checkPassword(newPassword)) != NO_ERROR) 541 { 542 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 543 return result; 544 } 545 546 newPassword = hashPassword(newPassword); 455 547 } 456 548 else … … 458 550 newPassword = prevPassword; 459 551 } 460 552 553 //Check the given user name 554 int error; 555 if ((error = checkUsername(newUsername)) != NO_ERROR) 556 { 557 GSXML.addError(this.doc, result, _errorMessageMap.get(error)); 558 return result; 559 } 560 461 561 String prevGroups = retrieveDataForUser(previousUsername, "groups"); 462 562 String prevStatus = retrieveDataForUser(previousUsername, "status"); 463 563 String prevComment = retrieveDataForUser(previousUsername, "comment"); 464 564 465 interror = removeUser(previousUsername);565 error = removeUser(previousUsername); 466 566 if (error != NO_ERROR) 467 567 { … … 501 601 { 502 602 String editUsername = (String) paramMap.get("username"); 503 504 if (editUsername == null)603 604 if (editUsername == null) 505 605 { 506 606 serviceNode.setAttribute("operation", ""); … … 508 608 return result; 509 609 } 510 511 if (!editUsername.equals(username))610 611 if (!editUsername.equals(username)) 512 612 { 513 613 serviceNode.setAttribute("operation", LOGIN); … … 524 624 { 525 625 String passwordResetUser = (String) paramMap.get("username"); 526 626 527 627 String newPassword = UUID.randomUUID().toString(); 528 628 newPassword = newPassword.substring(0, newPassword.indexOf("-")); 529 629 530 630 String email = retrieveDataForUser(passwordResetUser, "email"); 531 631 String from = "[email protected]"; 532 632 String host = request.getAttribute("remoteAddress"); 533 633 534 634 //TODO: FINISH THIS 635 } 636 else if (op.equals(REGISTER)) 637 { 638 if(_recaptchaPublicKey != null && _recaptchaPrivateKey != null) 639 { 640 Element recaptchaElem = this.doc.createElement("recaptcha"); 641 recaptchaElem.setAttribute("publicKey", _recaptchaPublicKey); 642 recaptchaElem.setAttribute("privateKey", _recaptchaPrivateKey); 643 result.appendChild(recaptchaElem); 644 } 535 645 } 536 646 else if (op.equals(PERFORM_DELETE_USER)) … … 547 657 548 658 return result; 659 } 660 661 public int checkUsernameAndPassword(String username, String password) 662 { 663 int uResult = checkUsername(username); 664 int pResult = checkPassword(password); 665 666 return (uResult != NO_ERROR ? uResult : (pResult != NO_ERROR ? pResult : NO_ERROR)); 667 } 668 669 public int checkUsername(String username) 670 { 671 //Check the given user name 672 if ((username == null) || (username.length() < 2) || (username.length() > 30) || (!(Pattern.matches("[a-zA-Z0-9//_//.]+", username)))) 673 { 674 return ERROR_INVALID_USERNAME; 675 } 676 return NO_ERROR; 677 } 678 679 public int checkPassword(String password) 680 { 681 //Check the given password 682 if ((password == null) || (password.length() < 3) || (password.length() > 8) || (!(Pattern.matches("[\\p{ASCII}]+", password)))) 683 { 684 return ERROR_INVALID_PASSWORD; 685 } 686 return NO_ERROR; 549 687 } 550 688 … … 688 826 } 689 827 690 //Check the given user name691 if ((newUsername == null) || (newUsername.length() < 2) || (newUsername.length() > 30) || (!(Pattern.matches("[a-zA-Z0-9//_//.]+", newUsername))))692 {693 closeDatabase();694 return ERROR_INVALID_USERNAME;695 }696 697 //Check the given password698 if ((newPassword == null) || (newPassword.length() < 3) || (newPassword.length() > 8) || (!(Pattern.matches("[\\p{ASCII}]+", newPassword))))699 {700 closeDatabase();701 return ERROR_INVALID_PASSWORD;702 }703 704 newPassword = hashPassword(newPassword);705 706 828 newGroups = newGroups.replaceAll(" ", ""); 707 829 … … 710 832 if (userQueryResult != null) 711 833 { 834 closeDatabase(); 712 835 return ERROR_USER_ALREADY_EXISTS; 713 836 }
Note:
See TracChangeset
for help on using the changeset viewer.