usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From toddn...@apache.org
Subject [03/50] [abbrv] incubator-usergrid git commit: Allow /management/me calls when central SSO is enabled.
Date Mon, 01 Jun 2015 21:48:12 GMT
Allow /management/me calls when central SSO is enabled.


Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/b2fb0c32
Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/b2fb0c32
Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/b2fb0c32

Branch: refs/heads/USERGRID-628
Commit: b2fb0c32acbb9c9c0f473492f3f848bc14c6a060
Parents: e7a543b
Author: Dave Johnson <dmjohnson@apigee.com>
Authored: Tue Apr 28 10:57:21 2015 -0400
Committer: Dave Johnson <dmjohnson@apigee.com>
Committed: Tue Apr 28 10:57:21 2015 -0400

----------------------------------------------------------------------
 .../rest/management/ManagementResource.java     | 35 ++++++++++++--------
 1 file changed, 22 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/b2fb0c32/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 7c8cf43..bcd6f3d 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -170,7 +170,7 @@ public class ManagementResource extends AbstractContextResource {
                                          @QueryParam( "callback" ) @DefaultValue( "" ) String
callback )
             throws Exception {
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, false );
+                callback, false, true );
     }
 
 
@@ -184,13 +184,13 @@ public class ManagementResource extends AbstractContextResource {
                                     @QueryParam( "client_secret" ) String client_secret,
@QueryParam( "ttl" ) long ttl,
                                     @QueryParam( "callback" ) @DefaultValue( "" ) String
callback ) throws Exception {
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, true );
+                callback, false, false);
     }
 
 
-   private Response getAccessTokenInternal( UriInfo ui, String authorization, String grant_type,
String username,
-                                             String password, String client_id, String client_secret,
long ttl,
-                                             String callback, boolean loadAdminData ) throws
Exception {
+   private Response getAccessTokenInternal(UriInfo ui, String authorization, String grant_type,
String username,
+                                           String password, String client_id, String client_secret,
long ttl,
+                                           String callback, boolean adminData, boolean me)
throws Exception {
 
 
         UserInfo user = null;
@@ -206,9 +206,12 @@ public class ManagementResource extends AbstractContextResource {
 
             if ( user == null ) {
 
-                // make sure authentication is allowed considering
-                // external token validation configuration (UG Central SSO)
-                ensureAuthenticationAllowed( username, grant_type );
+                if ( !me ) { // if not lightweight-auth, i.e. /management/me then...
+
+                    // make sure authentication is allowed considering
+                    // external token validation configuration (UG Central SSO)
+                    ensureAuthenticationAllowed( username, grant_type );
+                }
 
                 if ( authorization != null ) {
                     String type = stringOrSubstringBeforeFirst( authorization, ' ' ).toUpperCase();
@@ -288,7 +291,7 @@ public class ManagementResource extends AbstractContextResource {
                     new AccessInfo().withExpiresIn( tokens.getMaxTokenAgeInSeconds( token
) ).withAccessToken( token )
                                     .withPasswordChanged( passwordChanged );
 
-            access_info.setProperty( "user", management.getAdminUserOrganizationData( user,
loadAdminData ) );
+            access_info.setProperty( "user", management.getAdminUserOrganizationData( user,
me ) );
 
             // increment counters for admin login
             management.countAdminUserAction( user, "login" );
@@ -320,7 +323,7 @@ public class ManagementResource extends AbstractContextResource {
         logger.info( "ManagementResource.getAccessTokenPost" );
 
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, true );
+                callback, false, false);
     }
 
 
@@ -338,7 +341,7 @@ public class ManagementResource extends AbstractContextResource {
                                              @FormParam( "callback" ) @DefaultValue( "" )
String callback )
             throws Exception {
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, false );
+                callback, false, true );
     }
 
 
@@ -367,7 +370,7 @@ public class ManagementResource extends AbstractContextResource {
         }
 
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, true );
+                callback, false, false );
     }
 
 
@@ -395,7 +398,7 @@ public class ManagementResource extends AbstractContextResource {
         }
 
         return getAccessTokenInternal( ui, authorization, grant_type, username, password,
client_id, client_secret, ttl,
-                callback, false );
+                callback, false, false );
     }
 
 
@@ -576,6 +579,7 @@ public class ManagementResource extends AbstractContextResource {
             if ( userId == null ) {
 
                 // create local user and and organizations they have on the central Usergrid
instance
+                logger.info("User {} does not exist locally, creating", username );
 
                 String name  = userNode.get( "name" ).getTextValue();
                 String email = userNode.get( "email" ).getTextValue();
@@ -612,13 +616,18 @@ public class ManagementResource extends AbstractContextResource {
                                 ManagementResource.class, SSO_CREATED_LOCAL_ADMINS );
                         createdAdminsCounter.inc();
 
+                        logger.info( "Created user {} and org {}", username, orgName );
+
                     } else {
 
                         // already created user, so just create an org
                         final OrganizationInfo organization = management.createOrganization(
orgName, userInfo, true );
 
+
                         management.activateOrganization( organization ); // redundant?
                         applicationCreator.createSampleFor( organization );
+
+                        logger.info( "Created user {}'s other org {}", username, orgName
);
                     }
                 }
 


Mime
View raw message