change some stuff
This commit is contained in:
parent
16af80ac0c
commit
2542e3f05e
GPG key ID:
3CCC4D267742C8E8
7 changed files with 65 additions and 78 deletions
|
|
@ -16,11 +16,11 @@ public class Startup {
|
|||
AccountService accountService;
|
||||
|
||||
@Transactional
|
||||
public void loadUsers(@Observes StartupEvent event) {
|
||||
public void loadUsers(@Observes StartupEvent ignoredEvent) {
|
||||
Account.deleteAll();
|
||||
byte[] adminKey = new byte[18];
|
||||
|
||||
UserManager.add(adminKey, "admin");
|
||||
accountService.add(adminKey, "admin");
|
||||
System.out.println("Admin user created: " + Base64.getEncoder().encodeToString(adminKey));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,65 +0,0 @@
|
|||
package eu.m724;
|
||||
|
||||
import eu.m724.orm.AccessKey;
|
||||
import eu.m724.orm.AccessLimits;
|
||||
import eu.m724.orm.Account;
|
||||
import jakarta.transaction.Transactional;
|
||||
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Base64;
|
||||
|
||||
// TODO figure out all this maybe move to account service
|
||||
public class UserManager {
|
||||
private static final SecureRandom random = new SecureRandom();
|
||||
|
||||
/**
|
||||
* creates an account with the specified key
|
||||
* @param masterKey the desired master key
|
||||
*/
|
||||
@Transactional
|
||||
public static void add(byte[] masterKey, String role) {
|
||||
Account account = new Account();
|
||||
account.masterKey = masterKey;
|
||||
account.role = role;
|
||||
account.persist();
|
||||
}
|
||||
|
||||
/**
|
||||
* creates an account with random key
|
||||
* the account's role is "user"
|
||||
* @return base64 encoded key
|
||||
*/
|
||||
public static String create() {
|
||||
return create("user");
|
||||
}
|
||||
|
||||
/**
|
||||
* creates an account with random key
|
||||
* @param role new account's role
|
||||
* @return base64 encoded key
|
||||
*/
|
||||
public static String create(String role) {
|
||||
byte[] key = new byte[18]; // 144 bits of entropy
|
||||
random.nextBytes(key);
|
||||
|
||||
add(key, role);
|
||||
return Base64.getEncoder().encodeToString(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* generates an access key for this account
|
||||
* @return base64 encoded access key
|
||||
*/
|
||||
public static String createMaster(Account account, AccessLimits accessLimits) {
|
||||
byte[] key = new byte[18];
|
||||
random.nextBytes(key);
|
||||
|
||||
AccessKey accessKey = new AccessKey();
|
||||
accessKey.key = key;
|
||||
accessKey.account = account;
|
||||
accessKey.accessLimits = accessLimits;
|
||||
accessKey.persist();
|
||||
|
||||
return Base64.getEncoder().encodeToString(key);
|
||||
}
|
||||
}
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
package eu.m724;
|
||||
|
||||
import eu.m724.auth.master.AccountService;
|
||||
import eu.m724.orm.Account;
|
||||
import io.quarkus.security.identity.SecurityIdentity;
|
||||
import jakarta.annotation.security.RolesAllowed;
|
||||
|
|
@ -17,11 +18,14 @@ public class UsersResource {
|
|||
@Inject
|
||||
SecurityIdentity securityIdentity;
|
||||
|
||||
@Inject
|
||||
AccountService accountService;
|
||||
|
||||
@GET
|
||||
@Path("/create")
|
||||
@RolesAllowed("admin")
|
||||
public JsonObject createAccount() {
|
||||
String masterKey = UserManager.create();
|
||||
String masterKey = accountService.create("user");
|
||||
|
||||
return Json.createObjectBuilder()
|
||||
.add("masterKey", masterKey)
|
||||
|
|
|
|||
|
|
@ -1,13 +1,18 @@
|
|||
package eu.m724.auth.master;
|
||||
|
||||
import eu.m724.orm.AccessKey;
|
||||
import eu.m724.orm.AccessLimits;
|
||||
import eu.m724.orm.Account;
|
||||
import jakarta.enterprise.context.ApplicationScoped;
|
||||
import jakarta.transaction.Transactional;
|
||||
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Base64;
|
||||
|
||||
@ApplicationScoped
|
||||
public class AccountService {
|
||||
private final SecureRandom random = new SecureRandom();
|
||||
|
||||
/**
|
||||
* find a master user by key
|
||||
* @param key base64 encoded key
|
||||
|
|
@ -18,9 +23,53 @@ public class AccountService {
|
|||
if (key == null) return null;
|
||||
|
||||
try {
|
||||
return Account.find("masterKey", Base64.getDecoder().decode(key)).firstResult();
|
||||
return Account.find("masterKey", (Object) Base64.getDecoder().decode(key)).firstResult();
|
||||
} catch (IllegalArgumentException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
// TODO maybe move some of these methods somewhere else and reconsider making them static
|
||||
|
||||
/**
|
||||
* creates an account with the specified key
|
||||
* @param masterKey the desired master key
|
||||
*/
|
||||
@Transactional
|
||||
public void add(byte[] masterKey, String role) {
|
||||
Account account = new Account();
|
||||
account.masterKey = masterKey;
|
||||
account.role = role;
|
||||
account.persist();
|
||||
}
|
||||
|
||||
/**
|
||||
* creates an account with random key
|
||||
* @param role new account's role
|
||||
* @return base64 encoded key
|
||||
*/
|
||||
public String create(String role) {
|
||||
byte[] key = new byte[18]; // 144 bits of entropy
|
||||
random.nextBytes(key);
|
||||
|
||||
add(key, role);
|
||||
return Base64.getEncoder().encodeToString(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* generates an access key for an account
|
||||
* @return base64 encoded access key
|
||||
*/
|
||||
public String createAccessKey(Account account, AccessLimits accessLimits) {
|
||||
byte[] key = new byte[18];
|
||||
random.nextBytes(key);
|
||||
|
||||
AccessKey accessKey = new AccessKey();
|
||||
accessKey.key = key;
|
||||
accessKey.account = account;
|
||||
accessKey.accessLimits = accessLimits;
|
||||
accessKey.persist();
|
||||
|
||||
return Base64.getEncoder().encodeToString(key);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@ package eu.m724.orm;
|
|||
|
||||
import io.quarkus.hibernate.orm.panache.PanacheEntity;
|
||||
import jakarta.persistence.ManyToOne;
|
||||
import jakarta.persistence.OneToOne;
|
||||
|
||||
//@Entity
|
||||
public class AccessKey extends PanacheEntity {
|
||||
|
|
@ -20,6 +19,5 @@ public class AccessKey extends PanacheEntity {
|
|||
/**
|
||||
* access limits of this key
|
||||
*/
|
||||
@OneToOne
|
||||
public AccessLimits accessLimits;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,13 +2,10 @@ package eu.m724.orm;
|
|||
|
||||
import io.quarkus.hibernate.orm.panache.PanacheEntity;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.OneToOne;
|
||||
import jakarta.persistence.Entity;
|
||||
|
||||
//@Entity
|
||||
@Entity
|
||||
public class AccessLimits extends PanacheEntity {
|
||||
@OneToOne
|
||||
public AccessKey accessKey;
|
||||
|
||||
/**
|
||||
* label of these limits, displayed to user and used to identify the limits
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -4,6 +4,10 @@ import io.quarkus.hibernate.orm.panache.PanacheEntity;
|
|||
import io.quarkus.security.jpa.Roles;
|
||||
import jakarta.persistence.Column;
|
||||
import jakarta.persistence.Entity;
|
||||
import jakarta.persistence.OneToMany;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
// TODO organize all this like work on variable names move functions etc
|
||||
|
||||
|
|
@ -12,8 +16,8 @@ public class Account extends PanacheEntity {
|
|||
@Column(unique = true)
|
||||
public byte[] masterKey;
|
||||
|
||||
//@OneToMany
|
||||
//public List<AccessKey> accessKeys = new ArrayList<>();
|
||||
@OneToMany
|
||||
public List<AccessKey> accessKeys = new ArrayList<>();
|
||||
|
||||
@Roles
|
||||
public String role = "user";
|
||||
|
|
|
|||
Loading…
Reference in a new issue