From 2542e3f05eded7d6da19006fa8de583bae7c3b02 Mon Sep 17 00:00:00 2001 From: Minecon724 Date: Mon, 19 Aug 2024 14:05:38 +0200 Subject: [PATCH] change some stuff --- src/main/java/eu/m724/Startup.java | 4 +- src/main/java/eu/m724/UserManager.java | 65 ------------------- src/main/java/eu/m724/UsersResource.java | 6 +- .../eu/m724/auth/master/AccountService.java | 51 ++++++++++++++- src/main/java/eu/m724/orm/AccessKey.java | 2 - src/main/java/eu/m724/orm/AccessLimits.java | 7 +- src/main/java/eu/m724/orm/Account.java | 8 ++- 7 files changed, 65 insertions(+), 78 deletions(-) delete mode 100644 src/main/java/eu/m724/UserManager.java diff --git a/src/main/java/eu/m724/Startup.java b/src/main/java/eu/m724/Startup.java index 1023955..2e65a16 100644 --- a/src/main/java/eu/m724/Startup.java +++ b/src/main/java/eu/m724/Startup.java @@ -16,11 +16,11 @@ public class Startup { AccountService accountService; @Transactional - public void loadUsers(@Observes StartupEvent event) { + public void loadUsers(@Observes StartupEvent ignoredEvent) { Account.deleteAll(); byte[] adminKey = new byte[18]; - UserManager.add(adminKey, "admin"); + accountService.add(adminKey, "admin"); System.out.println("Admin user created: " + Base64.getEncoder().encodeToString(adminKey)); } } diff --git a/src/main/java/eu/m724/UserManager.java b/src/main/java/eu/m724/UserManager.java deleted file mode 100644 index 52b89ab..0000000 --- a/src/main/java/eu/m724/UserManager.java +++ /dev/null @@ -1,65 +0,0 @@ -package eu.m724; - -import eu.m724.orm.AccessKey; -import eu.m724.orm.AccessLimits; -import eu.m724.orm.Account; -import jakarta.transaction.Transactional; - -import java.security.SecureRandom; -import java.util.Base64; - -// TODO figure out all this maybe move to account service -public class UserManager { - private static final SecureRandom random = new SecureRandom(); - - /** - * creates an account with the specified key - * @param masterKey the desired master key - */ - @Transactional - public static void add(byte[] masterKey, String role) { - Account account = new Account(); - account.masterKey = masterKey; - account.role = role; - account.persist(); - } - - /** - * creates an account with random key - * the account's role is "user" - * @return base64 encoded key - */ - public static String create() { - return create("user"); - } - - /** - * creates an account with random key - * @param role new account's role - * @return base64 encoded key - */ - public static String create(String role) { - byte[] key = new byte[18]; // 144 bits of entropy - random.nextBytes(key); - - add(key, role); - return Base64.getEncoder().encodeToString(key); - } - - /** - * generates an access key for this account - * @return base64 encoded access key - */ - public static String createMaster(Account account, AccessLimits accessLimits) { - byte[] key = new byte[18]; - random.nextBytes(key); - - AccessKey accessKey = new AccessKey(); - accessKey.key = key; - accessKey.account = account; - accessKey.accessLimits = accessLimits; - accessKey.persist(); - - return Base64.getEncoder().encodeToString(key); - } -} diff --git a/src/main/java/eu/m724/UsersResource.java b/src/main/java/eu/m724/UsersResource.java index dea59bf..d2fa496 100644 --- a/src/main/java/eu/m724/UsersResource.java +++ b/src/main/java/eu/m724/UsersResource.java @@ -1,5 +1,6 @@ package eu.m724; +import eu.m724.auth.master.AccountService; import eu.m724.orm.Account; import io.quarkus.security.identity.SecurityIdentity; import jakarta.annotation.security.RolesAllowed; @@ -17,11 +18,14 @@ public class UsersResource { @Inject SecurityIdentity securityIdentity; + @Inject + AccountService accountService; + @GET @Path("/create") @RolesAllowed("admin") public JsonObject createAccount() { - String masterKey = UserManager.create(); + String masterKey = accountService.create("user"); return Json.createObjectBuilder() .add("masterKey", masterKey) diff --git a/src/main/java/eu/m724/auth/master/AccountService.java b/src/main/java/eu/m724/auth/master/AccountService.java index d30fee2..6346fe3 100644 --- a/src/main/java/eu/m724/auth/master/AccountService.java +++ b/src/main/java/eu/m724/auth/master/AccountService.java @@ -1,13 +1,18 @@ package eu.m724.auth.master; +import eu.m724.orm.AccessKey; +import eu.m724.orm.AccessLimits; import eu.m724.orm.Account; import jakarta.enterprise.context.ApplicationScoped; import jakarta.transaction.Transactional; +import java.security.SecureRandom; import java.util.Base64; @ApplicationScoped public class AccountService { + private final SecureRandom random = new SecureRandom(); + /** * find a master user by key * @param key base64 encoded key @@ -18,9 +23,53 @@ public class AccountService { if (key == null) return null; try { - return Account.find("masterKey", Base64.getDecoder().decode(key)).firstResult(); + return Account.find("masterKey", (Object) Base64.getDecoder().decode(key)).firstResult(); } catch (IllegalArgumentException e) { return null; } } + + // TODO maybe move some of these methods somewhere else and reconsider making them static + + /** + * creates an account with the specified key + * @param masterKey the desired master key + */ + @Transactional + public void add(byte[] masterKey, String role) { + Account account = new Account(); + account.masterKey = masterKey; + account.role = role; + account.persist(); + } + + /** + * creates an account with random key + * @param role new account's role + * @return base64 encoded key + */ + public String create(String role) { + byte[] key = new byte[18]; // 144 bits of entropy + random.nextBytes(key); + + add(key, role); + return Base64.getEncoder().encodeToString(key); + } + + /** + * generates an access key for an account + * @return base64 encoded access key + */ + public String createAccessKey(Account account, AccessLimits accessLimits) { + byte[] key = new byte[18]; + random.nextBytes(key); + + AccessKey accessKey = new AccessKey(); + accessKey.key = key; + accessKey.account = account; + accessKey.accessLimits = accessLimits; + accessKey.persist(); + + return Base64.getEncoder().encodeToString(key); + } } diff --git a/src/main/java/eu/m724/orm/AccessKey.java b/src/main/java/eu/m724/orm/AccessKey.java index 5ac722c..e662e82 100644 --- a/src/main/java/eu/m724/orm/AccessKey.java +++ b/src/main/java/eu/m724/orm/AccessKey.java @@ -2,7 +2,6 @@ package eu.m724.orm; import io.quarkus.hibernate.orm.panache.PanacheEntity; import jakarta.persistence.ManyToOne; -import jakarta.persistence.OneToOne; //@Entity public class AccessKey extends PanacheEntity { @@ -20,6 +19,5 @@ public class AccessKey extends PanacheEntity { /** * access limits of this key */ - @OneToOne public AccessLimits accessLimits; } diff --git a/src/main/java/eu/m724/orm/AccessLimits.java b/src/main/java/eu/m724/orm/AccessLimits.java index fb22677..7f9a784 100644 --- a/src/main/java/eu/m724/orm/AccessLimits.java +++ b/src/main/java/eu/m724/orm/AccessLimits.java @@ -2,13 +2,10 @@ package eu.m724.orm; import io.quarkus.hibernate.orm.panache.PanacheEntity; import jakarta.persistence.Column; -import jakarta.persistence.OneToOne; +import jakarta.persistence.Entity; -//@Entity +@Entity public class AccessLimits extends PanacheEntity { - @OneToOne - public AccessKey accessKey; - /** * label of these limits, displayed to user and used to identify the limits */ diff --git a/src/main/java/eu/m724/orm/Account.java b/src/main/java/eu/m724/orm/Account.java index be71f2d..18e5c0c 100644 --- a/src/main/java/eu/m724/orm/Account.java +++ b/src/main/java/eu/m724/orm/Account.java @@ -4,6 +4,10 @@ import io.quarkus.hibernate.orm.panache.PanacheEntity; import io.quarkus.security.jpa.Roles; import jakarta.persistence.Column; import jakarta.persistence.Entity; +import jakarta.persistence.OneToMany; + +import java.util.ArrayList; +import java.util.List; // TODO organize all this like work on variable names move functions etc @@ -12,8 +16,8 @@ public class Account extends PanacheEntity { @Column(unique = true) public byte[] masterKey; - //@OneToMany - //public List accessKeys = new ArrayList<>(); + @OneToMany + public List accessKeys = new ArrayList<>(); @Roles public String role = "user";