From 63072a8af04dc663dd537d034e05b719a4f51c70 Mon Sep 17 00:00:00 2001 From: Minecon724 Date: Thu, 22 Aug 2024 19:43:31 +0200 Subject: [PATCH] I forgot about access keys was lazy today sorry --- src/main/java/eu/m724/KeysResource.java | 21 ++++++++++ src/main/java/eu/m724/UsersResource.java | 2 +- .../eu/m724/auth/master/AccessKeyService.java | 42 +++++++++++++++++++ .../eu/m724/auth/master/AccountService.java | 18 -------- src/main/java/eu/m724/orm/AccessKey.java | 14 ++++--- src/main/java/eu/m724/orm/Account.java | 9 ++-- 6 files changed, 77 insertions(+), 29 deletions(-) create mode 100644 src/main/java/eu/m724/KeysResource.java create mode 100644 src/main/java/eu/m724/auth/master/AccessKeyService.java diff --git a/src/main/java/eu/m724/KeysResource.java b/src/main/java/eu/m724/KeysResource.java new file mode 100644 index 0000000..8b54fa2 --- /dev/null +++ b/src/main/java/eu/m724/KeysResource.java @@ -0,0 +1,21 @@ +package eu.m724; + +import eu.m724.auth.master.AccountService; +import io.quarkus.security.identity.SecurityIdentity; +import jakarta.inject.Inject; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +/** + * managing access keys (not master keys or accounts) + */ +@Path("/api/keys") +@Produces(MediaType.APPLICATION_JSON) +public class KeysResource { + @Inject + SecurityIdentity securityIdentity; + + @Inject + AccountService accountService; +} diff --git a/src/main/java/eu/m724/UsersResource.java b/src/main/java/eu/m724/UsersResource.java index d2fa496..a3d2cd5 100644 --- a/src/main/java/eu/m724/UsersResource.java +++ b/src/main/java/eu/m724/UsersResource.java @@ -44,7 +44,7 @@ public class UsersResource { return Json.createObjectBuilder() .add("masterKey", censoredKey) .add("role", account.role) - //.add("accessKeys", user.accessKeys.size()) + .add("accessKeys", account.accessKeys.size()) .build(); } } diff --git a/src/main/java/eu/m724/auth/master/AccessKeyService.java b/src/main/java/eu/m724/auth/master/AccessKeyService.java new file mode 100644 index 0000000..b281a87 --- /dev/null +++ b/src/main/java/eu/m724/auth/master/AccessKeyService.java @@ -0,0 +1,42 @@ +package eu.m724.auth.master; + +import eu.m724.orm.AccessKey; +import eu.m724.orm.AccessLimits; +import eu.m724.orm.Account; +import jakarta.enterprise.context.ApplicationScoped; +import jakarta.transaction.Transactional; + +import java.security.SecureRandom; +import java.util.Base64; + +@ApplicationScoped +public class AccessKeyService { + private final SecureRandom random = new SecureRandom(); + + /** + * generates an access key for an account + * @param account the account + * @param accessLimits access limits + * @return base64 encoded access key + */ + @Transactional + public String createAccessKey(Account account, AccessLimits accessLimits) { + byte[] key = new byte[18]; + random.nextBytes(key); + + AccessKey accessKey = new AccessKey(); + accessKey.key = key; + accessKey.account = account; + accessKey.accessLimits = accessLimits; + + account.accessKeys.add(accessKey); + account.persist(); + + return Base64.getEncoder().encodeToString(key); + } + + @Transactional + public void deleteAccessKey(AccessKey accessKey) { + accessKey.account = null; // TODO hopefully that works + } +} diff --git a/src/main/java/eu/m724/auth/master/AccountService.java b/src/main/java/eu/m724/auth/master/AccountService.java index 639a023..55bce50 100644 --- a/src/main/java/eu/m724/auth/master/AccountService.java +++ b/src/main/java/eu/m724/auth/master/AccountService.java @@ -1,7 +1,6 @@ package eu.m724.auth.master; import eu.m724.orm.AccessKey; -import eu.m724.orm.AccessLimits; import eu.m724.orm.Account; import jakarta.enterprise.context.ApplicationScoped; import jakarta.transaction.Transactional; @@ -71,21 +70,4 @@ public class AccountService { add(key, role); return Base64.getEncoder().encodeToString(key); } - - /** - * generates an access key for an account - * @return base64 encoded access key - */ - public String createAccessKey(Account account, AccessLimits accessLimits) { - byte[] key = new byte[18]; - random.nextBytes(key); - - AccessKey accessKey = new AccessKey(); - accessKey.key = key; - accessKey.account = account; - accessKey.accessLimits = accessLimits; - accessKey.persist(); - - return Base64.getEncoder().encodeToString(key); - } } diff --git a/src/main/java/eu/m724/orm/AccessKey.java b/src/main/java/eu/m724/orm/AccessKey.java index e662e82..b63b7e6 100644 --- a/src/main/java/eu/m724/orm/AccessKey.java +++ b/src/main/java/eu/m724/orm/AccessKey.java @@ -1,23 +1,25 @@ package eu.m724.orm; import io.quarkus.hibernate.orm.panache.PanacheEntity; +import jakarta.persistence.Column; import jakarta.persistence.ManyToOne; //@Entity public class AccessKey extends PanacheEntity { - /** - * the user owning this access key - */ - @ManyToOne - public Account account; - /** * raw bytes of this key, it's provided to users in base64 */ + @Column(unique = true) public byte[] key; /** * access limits of this key */ public AccessLimits accessLimits; + + /** + * the user owning this access key + */ + @ManyToOne + public Account account; } diff --git a/src/main/java/eu/m724/orm/Account.java b/src/main/java/eu/m724/orm/Account.java index 18e5c0c..37dee94 100644 --- a/src/main/java/eu/m724/orm/Account.java +++ b/src/main/java/eu/m724/orm/Account.java @@ -2,12 +2,13 @@ package eu.m724.orm; import io.quarkus.hibernate.orm.panache.PanacheEntity; import io.quarkus.security.jpa.Roles; +import jakarta.persistence.CascadeType; import jakarta.persistence.Column; import jakarta.persistence.Entity; import jakarta.persistence.OneToMany; -import java.util.ArrayList; -import java.util.List; +import java.util.HashSet; +import java.util.Set; // TODO organize all this like work on variable names move functions etc @@ -16,8 +17,8 @@ public class Account extends PanacheEntity { @Column(unique = true) public byte[] masterKey; - @OneToMany - public List accessKeys = new ArrayList<>(); + @OneToMany(mappedBy = "account", cascade = CascadeType.ALL, orphanRemoval = true) + public Set accessKeys = new HashSet<>(); @Roles public String role = "user";