<artifactId>aaa-shiro-api</artifactId>
<version>0.5.0-SNAPSHOT</version>
<packaging>bundle</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-authn-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
</project>
--- /dev/null
+/*
+ * Copyright (c) 2017 Brocade Communications Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+
+package org.opendaylight.aaa.api.shiro.principal;
+
+import java.util.Set;
+
+/**
+ * Principal for authentication.
+ *
+ * @author Ryan Goulding (ryandgoulding@gmail.com)s
+ */
+public interface ODLPrincipal {
+
+ /**
+ * Extract username that is making the request.
+ *
+ * @return the requesting username
+ */
+ String getUsername();
+
+ /**
+ * Extract the domain that is making the request.
+ *
+ * @return the domain for the requesting username
+ */
+ String getDomain();
+
+ /**
+ * The user id for the user making the request, which is unique.
+ *
+ * @return the user id in the form username@domain
+ */
+ String getUserId();
+
+ /**
+ * The roles granted to the user making the request.
+ *
+ * @return roles associated with the user making the request.
+ */
+ Set<String> getRoles();
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Brocade Communications Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.aaa.impl.shiro.principal;
+
+import java.util.Set;
+
+import org.opendaylight.aaa.api.Authentication;
+import org.opendaylight.aaa.api.shiro.principal.ODLPrincipal;
+
+/**
+ * An ODL specific principal which stores some critical information about the user
+ * making the auth request.
+ *
+ * @author Ryan Goulding (ryandgoulding@gmail.com)
+ */
+public class ODLPrincipalImpl implements ODLPrincipal {
+
+ private final String username;
+ private final String domain;
+ private final String userId;
+ private final Set<String> roles;
+
+ private ODLPrincipalImpl(final String username, final String domain, final String userId, final Set<String> roles) {
+ this.username = username;
+ this.domain = domain;
+ this.userId = userId;
+ this.roles = roles;
+ }
+
+ /**
+ * A static factory method to create <code>ODLPrincipal</code> instances.
+ *
+ * @param auth Contains identifying information for the particular request.
+ * @return A Principal for the given session; essentially a DTO.
+ */
+ public static ODLPrincipal createODLPrincipal(Authentication auth) {
+ return createODLPrincipal(auth.user(), auth.domain(), auth.userId(), auth.roles());
+ }
+
+ /**
+ * A static factory method to create <code>ODLPrincipal</code> instances.
+ *
+ * @param username The authenticated user
+ * @param domain The domain <code>username</code> belongs to.
+ * @param userId The unique key for <code>username</code>
+ * @param roles The roles associated with <code>username</code>@<code>domain</code>
+ * @return A Principal for the given session; essentially a DTO.
+ */
+ public static ODLPrincipal createODLPrincipal(String username, String domain,
+ String userId, Set<String> roles) {
+
+ return new ODLPrincipalImpl(username, domain, userId, roles);
+ }
+
+ @Override
+ public String getUsername() {
+ return this.username;
+ }
+
+ @Override
+ public String getDomain() {
+ return this.domain;
+ }
+
+ @Override
+ public String getUserId() {
+ return this.userId;
+ }
+
+ @Override
+ public Set<String> getRoles() {
+ return this.roles;
+ }
+}
/*
- * Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
+ * Copyright (c) 2015 - 2017 Brocade Communications Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.Set;
-
+import org.opendaylight.aaa.api.shiro.principal.ODLPrincipal;
+import org.opendaylight.aaa.impl.shiro.principal.ODLPrincipalImpl;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
if (auth != null) {
LOG.debug("Authentication attempt successful");
ServiceLocator.getInstance().getAuthenticationService().set(auth);
- final ODLPrincipal odlPrincipal = ODLPrincipal.createODLPrincipal(auth);
+ final ODLPrincipal odlPrincipal = ODLPrincipalImpl.createODLPrincipal(auth);
return new SimpleAuthenticationInfo(odlPrincipal, password.toCharArray(),
getName());
}
try {
auth = validate(token);
if (auth != null) {
- final ODLPrincipal odlPrincipal = ODLPrincipal.createODLPrincipal(auth);
+ final ODLPrincipal odlPrincipal = ODLPrincipalImpl.createODLPrincipal(auth);
return new SimpleAuthenticationInfo(odlPrincipal, "", getName());
}
} catch (AuthenticationException e) {
return new String(upt.getPassword());
}
- /**
- * Since <code>TokenAuthRealm</code> is an <code>AuthorizingRealm</code>, it supports
- * individual steps for authentication and authorization. In ODL's existing <code>TokenAuth</code>
- * mechanism, authentication and authorization are currently done in a single monolithic step.
- * <code>ODLPrincipal</code> is abstracted as a DTO between the two steps. It fulfills the
- * responsibility of a <code>Principal</code>, since it contains identification information
- * but no credential information.
- *
- * @author Ryan Goulding (ryandgoulding@gmail.com)
- */
- private static class ODLPrincipal {
-
- private final String username;
- private final String domain;
- private final String userId;
- private final Set<String> roles;
-
- private ODLPrincipal(final String username, final String domain, final String userId, final Set<String> roles) {
- this.username = username;
- this.domain = domain;
- this.userId = userId;
- this.roles = roles;
- }
-
- /**
- * A static factory method to create <code>ODLPrincipal</code> instances.
- *
- * @param username The authenticated user
- * @param domain The domain <code>username</code> belongs to.
- * @param userId The unique key for <code>username</code>
- * @param roles The roles associated with <code>username</code>@<code>domain</code>
- * @return A Principal for the given session; essentially a DTO.
- */
- static ODLPrincipal createODLPrincipal(final String username, final String domain,
- final String userId, final Set<String> roles) {
-
- return new ODLPrincipal(username, domain, userId, roles);
- }
-
- /**
- * A static factory method to create <code>ODLPrincipal</code> instances.
- *
- * @param auth Contains identifying information for the particular request.
- * @return A Principal for the given session; essentially a DTO.
- */
- static ODLPrincipal createODLPrincipal(final Authentication auth) {
- return createODLPrincipal(auth.user(), auth.domain(), auth.userId(), auth.roles());
- }
- String getUsername() {
- return this.username;
- }
-
- String getDomain() {
- return this.domain;
- }
-
- String getUserId() {
- return this.userId;
- }
-
- Set<String> getRoles() {
- return this.roles;
- }
- }
}
</dependencyManagement>
<dependencies>
+ <dependency>
+ <groupId>org.opendaylight.aaa</groupId>
+ <artifactId>aaa-shiro-api</artifactId>
+ <version>${project.version}</version>
+ </dependency>
<!-- odl-aaa-authn -->
<dependency>
<groupId>com.sun.jersey</groupId>
<bundle>wrap:mvn:org.apache.commons/commons-lang3/{{VERSION}}</bundle>
<!-- AuthN -->
+ <bundle>mvn:org.opendaylight.aaa/aaa-shiro-api/{{VERSION}}</bundle>
<bundle>mvn:org.opendaylight.aaa/aaa-shiro/{{VERSION}}</bundle>
<bundle>mvn:org.apache.shiro/shiro-core/{{VERSION}}</bundle>
<bundle>mvn:org.apache.shiro/shiro-web/{{VERSION}}</bundle>
<bundle>wrap:mvn:org.json/json/{{VERSION}}</bundle>
<!-- AuthN -->
+ <bundle>mvn:org.opendaylight.aaa/aaa-shiro-api/{{VERSION}}</bundle>
<bundle>mvn:org.opendaylight.aaa/aaa-shiro/{{VERSION}}</bundle>
<bundle>mvn:org.apache.shiro/shiro-core/{{VERSION}}</bundle>
<bundle>mvn:org.apache.shiro/shiro-web/{{VERSION}}</bundle>