- Timestamp:
- 2018-09-13T14:15:25+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r32413 r32451 47 47 //Error codes 48 48 protected static final int NO_ERROR = 0; 49 protected static final int ERROR_NOT_LOGGED_IN = -2; 50 protected static final int ERROR_ADMIN_NOT_LOGGED_IN = -3; 51 protected static final int ERROR_COULD_NOT_GET_USER_INFO = -4; 52 protected static final int ERROR_USERNAME_NOT_SPECIFIED = -5; 53 protected static final int ERROR_USER_NOT_FOUND = -6; 54 protected static final int ERROR_SQL_EXCEPTION = -7; 55 protected static final int ERROR_INVALID_USERNAME = -8; 49 protected static final int ERROR_NOT_LOGGED_IN = -1; 50 protected static final int ERROR_ADMIN_NOT_LOGGED_IN = -2; 51 protected static final int ERROR_COULD_NOT_GET_USER_INFO = -3; 52 protected static final int ERROR_USERNAME_NOT_SPECIFIED = -4; 53 protected static final int ERROR_USER_NOT_FOUND = -5; 54 protected static final int ERROR_USER_NOT_AUTHORISED = -6; 55 protected static final int ERROR_INVALID_USERNAME = -7; 56 protected static final int ERROR_USER_ALREADY_EXISTS = -8; 56 57 protected static final int ERROR_PASSWORD_NOT_ENTERED = -9; 57 58 protected static final int ERROR_PASSWORD_TOO_SHORT = -10; … … 59 60 protected static final int ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS = -12; 60 61 protected static final int ERROR_INCORRECT_PASSWORD = -13; 61 protected static final int ERROR_USER_ALREADY_EXISTS = -14; 62 protected static final int ERROR_ADDING_USER = -15; 63 protected static final int ERROR_REMOVING_USER = -16; 64 protected static final int ERROR_CAPTCHA_FAILED = -17; 65 protected static final int ERROR_CAPTCHA_MISSING = -18; 66 protected static final int ERROR_NOT_AUTHORISED = -19; 67 protected static final int ERROR_MISSING_PARAMS = -20; 68 protected static final int ERROR_SOMETHING_WRONG = -21; 62 protected static final int ERROR_ADDING_USER = -14; 63 protected static final int ERROR_REMOVING_USER = -15; 64 protected static final int ERROR_CAPTCHA_FAILED = -16; 65 protected static final int ERROR_CAPTCHA_MISSING = -17; 66 protected static final int ERROR_CONNECTION_FAILED = -18; 67 protected static final int ERROR_MISSING_PARAMS = -19; 68 protected static final int ERROR_SOMETHING_WRONG = -20; 69 69 70 70 protected static final HashMap<Integer, String> _errorKeyMap; … … 78 78 errorKeyMap.put(ERROR_USERNAME_NOT_SPECIFIED, "auth.error.username_not_specified"); 79 79 errorKeyMap.put(ERROR_USER_NOT_FOUND, "auth.error.user_not_found"); 80 errorKeyMap.put(ERROR_ SQL_EXCEPTION, "auth.error.sql_exception");80 errorKeyMap.put(ERROR_USER_NOT_AUTHORISED, "auth.error.not_authorised"); 81 81 errorKeyMap.put(ERROR_INVALID_USERNAME, "auth.error.invalid_username"); 82 errorKeyMap.put(ERROR_USER_ALREADY_EXISTS, "auth.error.user_already_exists"); 82 83 errorKeyMap.put(ERROR_PASSWORD_NOT_ENTERED, "auth.error.no_password"); 83 84 errorKeyMap.put(ERROR_PASSWORD_TOO_SHORT, "auth.error.password_too_short"); … … 85 86 errorKeyMap.put(ERROR_PASSWORD_USES_ILLEGAL_CHARACTERS, "auth.error.password_illegal_chars"); 86 87 errorKeyMap.put(ERROR_INCORRECT_PASSWORD, "auth.error.incorrect_password"); 87 errorKeyMap.put(ERROR_USER_ALREADY_EXISTS, "auth.error.user_already_exists");88 88 errorKeyMap.put(ERROR_ADDING_USER, "auth.error.add_user_error"); 89 89 errorKeyMap.put(ERROR_REMOVING_USER, "auth.error.remove_user_error"); 90 90 errorKeyMap.put(ERROR_CAPTCHA_FAILED, "auth.error.captcha_failed"); 91 91 errorKeyMap.put(ERROR_CAPTCHA_MISSING, "auth.error.captcha_missing"); 92 errorKeyMap.put(ERROR_NOT_AUTHORISED, "auth.error.not_authorised"); 92 errorKeyMap.put(ERROR_CONNECTION_FAILED, "auth.error.connection_failed"); 93 93 94 errorKeyMap.put(ERROR_MISSING_PARAMS, "auth.error.missing_params"); // ??? 94 95 errorKeyMap.put(ERROR_SOMETHING_WRONG, "auth.error.something_wrong"); … … 155 156 protected static final String SECRET_KEY = "secret_key"; 156 157 protected static final String OPERATIONS = "operations"; 157 protected static final String OPERATION = "operation"; 158 protected static final String OPERATION = "operation"; 159 protected static final String USERNAME = "username"; 160 protected static final String PASSWORD = "password"; 161 protected static final String COLLECTION = "collection"; 162 protected static final String GROUPS = "groups"; 163 protected static final String STATUS = "status"; 164 protected static final String RECAPTCHA_KEY = "recaptcha_key"; 165 protected static final String COMMENT = "comment"; 166 protected static final String EMAIL = "email"; 158 167 159 protected static final String USERNAME = "username"; 160 protected static final String PREV_USERNAME = "prevUsername"; 161 protected static final String NEW_USERNAME = "newUsername"; 162 protected static final String PASSWORD = "password"; 163 protected static final String OLD_PASSWORD = "oldPassword"; 164 protected static final String NEW_PASSWORD = "newPassword"; 165 166 protected static final String GROUPS = "groups"; 167 protected static final String ENABLED = "enabled"; 168 protected static final String COMMENT = "comment"; 169 protected static final String STATUS = "status"; 170 protected static final String EMAIL = "email"; 171 protected static final String NEW_EMAIL = "newEmail"; 172 protected static final String ACCOUNT_STATUS = "accountstatus"; 173 protected static final String EDIT_ENABLED = "editEnabled"; 168 // cgi params 169 protected static final String USERNAME_PARAM = "username"; 170 protected static final String PREV_USERNAME_PARAM = "prevUsername"; 171 protected static final String NEW_USERNAME_PARAM = "newUsername"; 172 protected static final String PASSWORD_PARAM = "password"; 173 protected static final String OLD_PASSWORD_PARAM = "oldPassword"; 174 protected static final String NEW_PASSWORD_PARAM = "newPassword"; 175 protected static final String GROUPS_PARAM = "groups"; 176 protected static final String ENABLED_PARAM = "enabled"; 177 protected static final String COMMENT_PARAM = "comment"; 178 protected static final String STATUS_PARAM = "status"; 179 protected static final String EMAIL_PARAM = "email"; 180 protected static final String NEW_EMAIL_PARAM = "newEmail"; 181 protected static final String ACCOUNT_STATUS_PARAM = "accountstatus"; 182 protected static final String EDIT_ENABLED_PARAM = "editEnabled"; 183 protected static final String AUTHPAGE_PARAM = "authpage"; 184 protected static final String RECAPTCHA_RESPONSE_PARAM = "g-recaptcha-response"; 174 185 175 186 protected String _recaptchaSiteKey = null; … … 267 278 _recaptchaOpList = null; 268 279 } 269 280 281 // while all of our params are "not saved" for the session, a few of them are also sensitive, so should not be listed in the page response XML 282 this.sensitive_params.add(PASSWORD_PARAM); 283 this.sensitive_params.add(NEW_PASSWORD_PARAM); 284 this.sensitive_params.add(OLD_PASSWORD_PARAM); 285 this.sensitive_params.add(RECAPTCHA_RESPONSE_PARAM); 286 287 288 270 289 return true; 271 290 } … … 345 364 HashMap<String, Serializable> params = GSXML.extractParams(paramList, true); 346 365 347 String username = (String) params.get(USERNAME );348 String editMode = (String) params.get(ENABLED );366 String username = (String) params.get(USERNAME_PARAM); 367 String editMode = (String) params.get(ENABLED_PARAM); 349 368 350 369 if (!editMode.toLowerCase().equals("true") && !editMode.toLowerCase().equals("false")) … … 381 400 382 401 // If we're not editing a collection then the user doesn't need to be in a particular group 383 String collection = system.hasAttribute( "collection") ? system.getAttribute("collection") : "";402 String collection = system.hasAttribute(COLLECTION) ? system.getAttribute(COLLECTION) : ""; 384 403 385 404 … … 451 470 HashMap<String, Serializable> params = GSXML.extractParams(paramList, true); 452 471 453 String username = (String) params.get(USERNAME );472 String username = (String) params.get(USERNAME_PARAM); 454 473 455 474 if (username == null) … … 476 495 result.appendChild(userInfoList); 477 496 478 Element usernameField = GSXML.createParameter(result_doc, USERNAME , userInfo.username);479 Element passwordField = GSXML.createParameter(result_doc, PASSWORD , userInfo.password);480 Element groupsField = GSXML.createParameter(result_doc, GROUPS , userInfo.groups);481 Element accountStatusField = GSXML.createParameter(result_doc, ACCOUNT_STATUS , userInfo.accountstatus);482 Element commentField = GSXML.createParameter(result_doc, COMMENT , userInfo.comment);497 Element usernameField = GSXML.createParameter(result_doc, USERNAME_PARAM, userInfo.username); 498 Element passwordField = GSXML.createParameter(result_doc, PASSWORD_PARAM, userInfo.password); 499 Element groupsField = GSXML.createParameter(result_doc, GROUPS_PARAM, userInfo.groups); 500 Element accountStatusField = GSXML.createParameter(result_doc, ACCOUNT_STATUS_PARAM, userInfo.accountstatus); 501 Element commentField = GSXML.createParameter(result_doc, COMMENT_PARAM, userInfo.comment); 483 502 484 503 if (editEnabled != null) 485 504 { 486 Element editEnabledElem = GSXML.createParameter(result_doc, EDIT_ENABLED , editEnabled);505 Element editEnabledElem = GSXML.createParameter(result_doc, EDIT_ENABLED_PARAM, editEnabled); 487 506 userInfoList.appendChild(editEnabledElem); 488 507 } … … 528 547 } 529 548 HashMap<String, Serializable> paramMap = GSXML.extractParams(param_list, false); 530 String op = (String) paramMap.get( "authpage");549 String op = (String) paramMap.get(AUTHPAGE_PARAM); 531 550 serviceNode.setAttribute(OPERATION, op); 532 551 … … 546 565 serviceNode.setAttribute(OPERATION, LOGIN); 547 566 if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) { 548 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);567 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 549 568 } 550 569 GSXML.addError(result, getErrorTextString(ERROR_NOT_LOGGED_IN, lang)); … … 557 576 serviceNode.setAttribute(OPERATION, LOGIN); 558 577 if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) { 559 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);578 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 560 579 } 561 580 GSXML.addError(result, getErrorTextString(ERROR_ADMIN_NOT_LOGGED_IN, lang)); … … 564 583 565 584 if (_recaptchaOpList != null && _recaptchaOpList.contains(op)) { 566 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);585 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 567 586 } 568 587 … … 581 600 if (op.equals(PERFORM_ADD)) 582 601 { 583 String newUsername = (String) paramMap.get(USERNAME );584 String newPassword = (String) paramMap.get(PASSWORD );585 String newGroups = (String) paramMap.get(GROUPS );586 String newStatus = (String) paramMap.get(STATUS );587 String newComment = (String) paramMap.get(COMMENT );588 String newEmail = (String) paramMap.get(EMAIL );602 String newUsername = (String) paramMap.get(USERNAME_PARAM); 603 String newPassword = (String) paramMap.get(PASSWORD_PARAM); 604 String newGroups = (String) paramMap.get(GROUPS_PARAM); 605 String newStatus = (String) paramMap.get(STATUS_PARAM); 606 String newComment = (String) paramMap.get(COMMENT_PARAM); 607 String newEmail = (String) paramMap.get(EMAIL_PARAM); 589 608 590 609 if (_recaptchaOpList != null && _recaptchaOpList.contains(ADD_USER)) { 591 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);610 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 592 611 } 593 612 //Check the given user name … … 635 654 if (op.equals(PERFORM_REGISTER)) 636 655 { 637 String newUsername = (String) paramMap.get(USERNAME );638 String newPassword = (String) paramMap.get(PASSWORD );639 String newEmail = (String) paramMap.get(EMAIL );656 String newUsername = (String) paramMap.get(USERNAME_PARAM); 657 String newPassword = (String) paramMap.get(PASSWORD_PARAM); 658 String newEmail = (String) paramMap.get(EMAIL_PARAM); 640 659 641 660 //Check the given details … … 650 669 newPassword = hashPassword(newPassword); 651 670 if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) { 652 String user_response = (String) paramMap.get( "g-recaptcha-response");671 String user_response = (String) paramMap.get(RECAPTCHA_RESPONSE_PARAM); 653 672 if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) == NO_ERROR) { 654 673 error = addUser(newUsername, newPassword, "", "true", "", newEmail); … … 662 681 serviceNode.setAttribute(OPERATION, REGISTER); 663 682 if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) { 664 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);683 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 665 684 } 666 685 GSXML.addError(result, getErrorTextString(error, lang)); … … 677 696 parent_op = ACCOUNT_SETTINGS; 678 697 } 679 String previousUsername = (String) paramMap.get(PREV_USERNAME );680 String newUsername = (String) paramMap.get(NEW_USERNAME );698 String previousUsername = (String) paramMap.get(PREV_USERNAME_PARAM); 699 String newUsername = (String) paramMap.get(NEW_USERNAME_PARAM); 681 700 int error; 682 701 // Has the user name been changed? Make sure it doesn't already exist and is a valid username … … 707 726 String newPassword; 708 727 if (op.equals(PERFORM_EDIT)) { 709 newPassword = (String) paramMap.get(PASSWORD );728 newPassword = (String) paramMap.get(PASSWORD_PARAM); 710 729 } else { 711 newPassword = (String) paramMap.get(NEW_PASSWORD );730 newPassword = (String) paramMap.get(NEW_PASSWORD_PARAM); 712 731 } 713 732 if (newPassword == null) { … … 719 738 // check that they entered their old password correctly 720 739 String prevPassword = retrieveDataForUser(previousUsername, PASSWORD); 721 String oldPassword = (String) paramMap.get(OLD_PASSWORD );740 String oldPassword = (String) paramMap.get(OLD_PASSWORD_PARAM); 722 741 oldPassword = hashPassword(oldPassword); 723 742 if (oldPassword == null || !oldPassword.equals(prevPassword)) { … … 743 762 // are we using recaptcha for AccountSettings or EditUser? 744 763 if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) { 745 String user_response = (String) paramMap.get( "g-recaptcha-response");764 String user_response = (String) paramMap.get(RECAPTCHA_RESPONSE_PARAM); 746 765 if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) != NO_ERROR) { 747 766 addUserInformationToNode(previousUsername, serviceNode); 748 767 serviceNode.setAttribute(OPERATION, parent_op); 749 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);768 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 750 769 GSXML.addError(result, getErrorTextString(error, lang)); 751 770 return result; … … 756 775 String status = null; 757 776 String comment = null; 758 String email = (String) paramMap.get(NEW_EMAIL );777 String email = (String) paramMap.get(NEW_EMAIL_PARAM); 759 778 if (op.equals(PERFORM_EDIT)) { 760 groups = (String) paramMap.get(GROUPS );761 status = (String) paramMap.get(STATUS );762 comment = (String) paramMap.get(COMMENT );779 groups = (String) paramMap.get(GROUPS_PARAM); 780 status = (String) paramMap.get(STATUS_PARAM); 781 comment = (String) paramMap.get(COMMENT_PARAM); 763 782 764 783 } else { … … 789 808 serviceNode.setAttribute(OPERATION, parent_op); 790 809 if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) { 791 serviceNode.setAttribute( "recaptcha_key", _recaptchaSiteKey);810 serviceNode.setAttribute(RECAPTCHA_KEY, _recaptchaSiteKey); 792 811 } 793 812 GSXML.addError(result, getTextString("auth.success.account_settings", lang)); … … 811 830 { 812 831 serviceNode.setAttribute(OPERATION, PERFORM_CHANGE_PASSWORD); 813 String user_name = (String) paramMap.get(USERNAME );814 String oldPassword = (String) paramMap.get(OLD_PASSWORD );815 String newPassword = (String) paramMap.get(NEW_PASSWORD );832 String user_name = (String) paramMap.get(USERNAME_PARAM); 833 String oldPassword = (String) paramMap.get(OLD_PASSWORD_PARAM); 834 String newPassword = (String) paramMap.get(NEW_PASSWORD_PARAM); 816 835 if (user_name == null || oldPassword == null || newPassword == null) 817 836 { … … 850 869 if (op.equals(EDIT_USER)) 851 870 { 852 String editUsername = (String) paramMap.get(USERNAME );871 String editUsername = (String) paramMap.get(USERNAME_PARAM); 853 872 int error = addUserInformationToNode(editUsername, serviceNode); 854 873 if (error != NO_ERROR) … … 860 879 if (op.equals(ACCOUNT_SETTINGS)) 861 880 { 862 String editUsername = (String) paramMap.get(USERNAME );881 String editUsername = (String) paramMap.get(USERNAME_PARAM); 863 882 864 883 if (editUsername == null) … … 872 891 { 873 892 serviceNode.setAttribute(OPERATION, LOGIN); 874 GSXML.addError(result, getErrorTextString(ERROR_ NOT_AUTHORISED, lang));893 GSXML.addError(result, getErrorTextString(ERROR_USER_NOT_AUTHORISED, lang)); 875 894 return result; 876 895 } … … 884 903 if (op.equals(PERFORM_RESET_PASSWORD)) 885 904 { 886 String passwordResetUser = (String) paramMap.get(USERNAME );905 String passwordResetUser = (String) paramMap.get(USERNAME_PARAM); 887 906 888 907 String newPassword = UUID.randomUUID().toString(); … … 898 917 if (op.equals(PERFORM_DELETE_USER)) 899 918 { 900 String usernameToDelete = (String) paramMap.get(USERNAME );919 String usernameToDelete = (String) paramMap.get(USERNAME_PARAM); 901 920 int error = removeUser(usernameToDelete); 902 921 if (error != NO_ERROR) … … 1011 1030 }catch(Exception e){ 1012 1031 e.printStackTrace(); 1013 return ERROR_C APTCHA_FAILED;1032 return ERROR_CONNECTION_FAILED; 1014 1033 } 1015 1034
Note:
See TracChangeset
for help on using the changeset viewer.