54 lines
2.4 KiB
Java
Executable File
54 lines
2.4 KiB
Java
Executable File
package com.plannaplan.controllers;
|
|
|
|
import com.plannaplan.exceptions.UserNotFoundException;
|
|
import com.plannaplan.security.cas.CasUserIdentity;
|
|
import com.plannaplan.security.cas.CasValidationExcepiton;
|
|
import com.plannaplan.security.cas.DefaultUAMCasValidator;
|
|
import com.plannaplan.services.UserService;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.http.ResponseEntity;
|
|
import org.springframework.web.bind.annotation.CrossOrigin;
|
|
import org.springframework.web.bind.annotation.GetMapping;
|
|
import org.springframework.web.bind.annotation.RequestParam;
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
import io.swagger.annotations.Api;
|
|
import io.swagger.annotations.ApiOperation;
|
|
import io.swagger.annotations.ApiParam;
|
|
|
|
@RestController
|
|
@CrossOrigin
|
|
@Api(tags = { "Token" }, value = "Token", description = "Enpoints to get authorization.")
|
|
public class TokenController {
|
|
|
|
private final static String SERVICE_URL = "http://localhost:3000";
|
|
|
|
@Autowired
|
|
private UserService userService;
|
|
|
|
@GetMapping("/token")
|
|
@ApiOperation(value = "Endpoint to access token required to call secured endpoints. In order to access token we need to provide access token comming from unviersity CAS system")
|
|
public ResponseEntity<String> getToken(
|
|
@RequestParam("ticket") @ApiParam(value = "Ticket get from CAS system. It should look like ST-1376572-wo41gty5R0JCZFKMMie2-cas.amu.edu.pl") final String ticket) {
|
|
final DefaultUAMCasValidator validator = new DefaultUAMCasValidator(SERVICE_URL, ticket);
|
|
|
|
try {
|
|
CasUserIdentity casUserIdentity = validator.validate();
|
|
String usosId = casUserIdentity.getUsosId();
|
|
String authority = casUserIdentity.getEmail();
|
|
this.userService.checkForUser(authority, usosId);
|
|
String token = this.userService.login(authority);
|
|
return new ResponseEntity<>(token, HttpStatus.OK);
|
|
} catch (CasValidationExcepiton e) {
|
|
return new ResponseEntity<>("Wrong ticket", HttpStatus.UNAUTHORIZED);
|
|
} catch (UserNotFoundException e) {
|
|
return new ResponseEntity<>("User not found", HttpStatus.NOT_FOUND);
|
|
} catch (Exception e) {
|
|
return new ResponseEntity<>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
|
|
}
|
|
|
|
}
|
|
}
|