FOSSology  3.2.0rc1
Open Source License Compliance by Open Source Software
AuthController.php
Go to the documentation of this file.
1 <?php
2 /***************************************************************
3  Copyright (C) 2018 Siemens AG
4  Author: Gaurav Mishra <mishra.gaurav@siemens.com>
5 
6  This program is free software; you can redistribute it and/or
7  modify it under the terms of the GNU General Public License
8  version 2 as published by the Free Software Foundation.
9 
10  This program is distributed in the hope that it will be useful,
11  but WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  GNU General Public License for more details.
14 
15  You should have received a copy of the GNU General Public License along
16  with this program; if not, write to the Free Software Foundation, Inc.,
17  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18  ***************************************************************/
24 namespace Fossology\UI\Api\Controllers;
25 
26 use Psr\Http\Message\ServerRequestInterface;
27 use Psr\Http\Message\ResponseInterface;
28 use Fossology\UI\Api\Helper\RestHelper;
29 use Fossology\UI\Api\Models\Info;
30 use Fossology\UI\Api\Models\InfoType;
31 use Fossology\Lib\Exceptions\DuplicateTokenKeyException;
32 use Fossology\Lib\Exceptions\DuplicateTokenNameException;
33 
38 class AuthController extends RestController
39 {
40 
50  public function getAuthHeaders($request, $response, $args)
51  {
52  $warningMessage = "The resource is deprecated. Use /tokens";
53  $returnVal = new Info(406, $warningMessage, InfoType::ERROR);
54 
55  return $response->withHeader('Warning', $warningMessage)->withJson(
56  $returnVal->getArray(), $returnVal->getCode());
57  }
58 
67  public function createNewJwtToken($request, $response, $args)
68  {
69  $tokenRequestBody = $request->getParsedBody();
70  $paramsRequired = [
71  "username",
72  "password",
73  "token_name",
74  "token_scope",
75  "token_expire"
76  ];
77  $returnVal = null;
78 
79  if (! $this->arrayKeysExists($tokenRequestBody, $paramsRequired)) {
80  $error = new Info(400,
81  "Following parameters are required in the request body: " .
82  join(",", $paramsRequired), InfoType::ERROR);
83  $returnVal = $response->withJson($error->getArray(), $error->getCode());
84  } else {
85  $tokenValid = $this->restHelper->validateTokenRequest(
86  $tokenRequestBody["token_expire"], $tokenRequestBody["token_name"],
87  $tokenRequestBody["token_scope"]);
88  if ($tokenValid !== true) {
89  $returnVal = $response->withJson($tokenValid->getArray(),
90  $tokenValid->getCode());
91  } else {
92  // Request is in correct format.
93  $authHelper = $this->restHelper->getAuthHelper();
94  if ($authHelper->checkUsernameAndPassword($tokenRequestBody["username"],
95  $tokenRequestBody["password"])) {
96  $userId = $this->restHelper->getUserId();
97  $expire = $tokenRequestBody["token_expire"];
98  $scope = $tokenRequestBody["token_scope"];
99  $name = $tokenRequestBody["token_name"];
100  $key = bin2hex(
101  openssl_random_pseudo_bytes(RestHelper::TOKEN_KEY_LENGTH / 2));
102  try {
103  $jti = $this->dbHelper->insertNewTokenKey($userId, $expire,
104  RestHelper::SCOPE_DB_MAP[$scope], $name, $key);
105  } catch (DuplicateTokenKeyException $e) {
106  // Key already exists, try again.
107  $key = bin2hex(
108  openssl_random_pseudo_bytes(RestHelper::TOKEN_KEY_LENGTH / 2));
109  try {
110  $jti = $this->dbHelper->insertNewTokenKey($userId, $expire,
111  RestHelper::SCOPE_DB_MAP[$scope], $name, $key);
112  } catch (DuplicateTokenKeyException $e) {
113  // New key also failed, give up!
114  $error = new Info(429, "Please try again later.", InfoType::ERROR);
115  $returnVal = $response->withHeader('Retry-After', 2)->withJson(
116  $error->getArray(), $error->getCode());
117  }
118  } catch (DuplicateTokenNameException $e) {
119  $error = new Info($e->getCode(), $e->getMessage(), InfoType::ERROR);
120  $returnVal = $response->withJson($error->getArray(),
121  $error->getCode());
122  }
123  if (isset($jti['jti']) && ! empty($jti['jti'])) {
124  $theJwtToken = $this->restHelper->getAuthHelper()->generateJwtToken(
125  $expire, $jti['created_on'], $jti['jti'], $scope, $key);
126  $returnVal = $response->withJson([
127  "Authorization" => "Bearer " . $theJwtToken
128  ], 201);
129  }
130  } else {
131  $error = new Info(404, "Username or password incorrect.",
132  InfoType::ERROR);
133  $returnVal = $response->withJson($error->getArray(), $error->getCode());
134  }
135  }
136  }
137  return $returnVal;
138  }
139 
153  private function arrayKeysExists($array, $keys)
154  {
155  return !array_diff_key(array_flip($keys), $array);
156  }
157 }
Fossology\Lib\Exceptions\DuplicateTokenNameException
Exception when a token has duplicate name for same user.
Definition: DuplicateTokenNameException.php:25
Fossology\UI\Api\Controllers\RestController
Base controller for REST calls.
Definition: RestController.php:36
Fossology\UI\Api\Controllers\AuthController\arrayKeysExists
arrayKeysExists($array, $keys)
Check if a list of keys exists in associative array.
Definition: AuthController.php:153
Fossology\UI\Api\Controllers\AuthController\createNewJwtToken
createNewJwtToken($request, $response, $args)
Definition: AuthController.php:67
Fossology\Lib\Exceptions\DuplicateTokenKeyException
Exception when a token has duplicate key for same user.
Definition: DuplicateTokenKeyException.php:25
Fossology\UI\Api\Controllers\AuthController\getAuthHeaders
getAuthHeaders($request, $response, $args)
Definition: AuthController.php:50
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:29