You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by sn...@apache.org on 2015/05/28 21:43:08 UTC
[32/50] [abbrv] incubator-usergrid git commit: Allow /management/me
calls when central SSO is enabled.
Allow /management/me calls when central SSO is enabled.
Project: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/commit/b2fb0c32
Tree: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/tree/b2fb0c32
Diff: http://git-wip-us.apache.org/repos/asf/incubator-usergrid/diff/b2fb0c32
Branch: refs/heads/two-dot-o-dev
Commit: b2fb0c32acbb9c9c0f473492f3f848bc14c6a060
Parents: e7a543b
Author: Dave Johnson <dm...@apigee.com>
Authored: Tue Apr 28 10:57:21 2015 -0400
Committer: Dave Johnson <dm...@apigee.com>
Committed: Tue Apr 28 10:57:21 2015 -0400
----------------------------------------------------------------------
.../rest/management/ManagementResource.java | 35 ++++++++++++--------
1 file changed, 22 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-usergrid/blob/b2fb0c32/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
index 7c8cf43..bcd6f3d 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/management/ManagementResource.java
@@ -170,7 +170,7 @@ public class ManagementResource extends AbstractContextResource {
@QueryParam( "callback" ) @DefaultValue( "" ) String callback )
throws Exception {
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, false );
+ callback, false, true );
}
@@ -184,13 +184,13 @@ public class ManagementResource extends AbstractContextResource {
@QueryParam( "client_secret" ) String client_secret, @QueryParam( "ttl" ) long ttl,
@QueryParam( "callback" ) @DefaultValue( "" ) String callback ) throws Exception {
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, true );
+ callback, false, false);
}
- private Response getAccessTokenInternal( UriInfo ui, String authorization, String grant_type, String username,
- String password, String client_id, String client_secret, long ttl,
- String callback, boolean loadAdminData ) throws Exception {
+ private Response getAccessTokenInternal(UriInfo ui, String authorization, String grant_type, String username,
+ String password, String client_id, String client_secret, long ttl,
+ String callback, boolean adminData, boolean me) throws Exception {
UserInfo user = null;
@@ -206,9 +206,12 @@ public class ManagementResource extends AbstractContextResource {
if ( user == null ) {
- // make sure authentication is allowed considering
- // external token validation configuration (UG Central SSO)
- ensureAuthenticationAllowed( username, grant_type );
+ if ( !me ) { // if not lightweight-auth, i.e. /management/me then...
+
+ // make sure authentication is allowed considering
+ // external token validation configuration (UG Central SSO)
+ ensureAuthenticationAllowed( username, grant_type );
+ }
if ( authorization != null ) {
String type = stringOrSubstringBeforeFirst( authorization, ' ' ).toUpperCase();
@@ -288,7 +291,7 @@ public class ManagementResource extends AbstractContextResource {
new AccessInfo().withExpiresIn( tokens.getMaxTokenAgeInSeconds( token ) ).withAccessToken( token )
.withPasswordChanged( passwordChanged );
- access_info.setProperty( "user", management.getAdminUserOrganizationData( user, loadAdminData ) );
+ access_info.setProperty( "user", management.getAdminUserOrganizationData( user, me ) );
// increment counters for admin login
management.countAdminUserAction( user, "login" );
@@ -320,7 +323,7 @@ public class ManagementResource extends AbstractContextResource {
logger.info( "ManagementResource.getAccessTokenPost" );
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, true );
+ callback, false, false);
}
@@ -338,7 +341,7 @@ public class ManagementResource extends AbstractContextResource {
@FormParam( "callback" ) @DefaultValue( "" ) String callback )
throws Exception {
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, false );
+ callback, false, true );
}
@@ -367,7 +370,7 @@ public class ManagementResource extends AbstractContextResource {
}
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, true );
+ callback, false, false );
}
@@ -395,7 +398,7 @@ public class ManagementResource extends AbstractContextResource {
}
return getAccessTokenInternal( ui, authorization, grant_type, username, password, client_id, client_secret, ttl,
- callback, false );
+ callback, false, false );
}
@@ -576,6 +579,7 @@ public class ManagementResource extends AbstractContextResource {
if ( userId == null ) {
// create local user and and organizations they have on the central Usergrid instance
+ logger.info("User {} does not exist locally, creating", username );
String name = userNode.get( "name" ).getTextValue();
String email = userNode.get( "email" ).getTextValue();
@@ -612,13 +616,18 @@ public class ManagementResource extends AbstractContextResource {
ManagementResource.class, SSO_CREATED_LOCAL_ADMINS );
createdAdminsCounter.inc();
+ logger.info( "Created user {} and org {}", username, orgName );
+
} else {
// already created user, so just create an org
final OrganizationInfo organization = management.createOrganization( orgName, userInfo, true );
+
management.activateOrganization( organization ); // redundant?
applicationCreator.createSampleFor( organization );
+
+ logger.info( "Created user {}'s other org {}", username, orgName );
}
}