parent: 6e28963d | patch | commit
Roberto Sánchez
2013-12-26 6d04b0ae0f4eeb9f0963b1595d0f2e7469fa5f3f 
#333 feature - Added schema and JPA entities
8 files added
5 files modified
changed files
securis/src/main/java/net/curisit/securis/db/Application.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/db/License.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/db/LicenseType.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/db/Organization.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/db/Pack.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/db/User.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/ioc/RequestsModule.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/ioc/SecurisModule.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/services/Securable.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/services/UserResource.java patch | view | blame | history
securis/src/main/java/net/curisit/securis/utils/TokenHelper.java patch | view | blame | history
securis/src/main/resources/db/schema.sql patch | view | blame | history 
 securis/src/main/java/net/curisit/securis/db/Application.java
....@@ -0,0 +1,67 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+
6
+import javax.persistence.Column;
7
+import javax.persistence.Entity;
8
+import javax.persistence.Id;
9
+import javax.persistence.NamedQueries;
10
+import javax.persistence.NamedQuery;
11
+import javax.persistence.Table;
12
+
13
+import org.codehaus.jackson.annotate.JsonAutoDetect;
14
+import org.codehaus.jackson.map.annotate.JsonSerialize;
15
+
16
+/**
17
+ * Entity implementation class for Entity: application
18
+ * 
19
+ */
20
+@JsonAutoDetect
21
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
22
+@Entity
23
+@Table(name = "application")
24
+@NamedQueries(
25
+	{ @NamedQuery(name = "list-applications", query = "SELECT a FROM Application a") })
26
+public class Application implements Serializable {
27
+
28
+	private static final long serialVersionUID = 1L;
29
+
30
+	@Id
31
+	private int id;
32
+
33
+	private String name;
34
+	private String description;
35
+
36
+	@Column(name = "creation_timestamp")
37
+	private Date creationTimestamp;
38
+
39
+	public int getId() {
40
+		return id;
41
+	}
42
+
43
+	public String getName() {
44
+		return name;
45
+	}
46
+
47
+	public void setName(String name) {
48
+		this.name = name;
49
+	}
50
+
51
+	public String getDescription() {
52
+		return description;
53
+	}
54
+
55
+	public void setDescription(String description) {
56
+		this.description = description;
57
+	}
58
+
59
+	public Date getCreationTimestamp() {
60
+		return creationTimestamp;
61
+	}
62
+
63
+	public void setCreationTimestamp(Date creationTimestamp) {
64
+		this.creationTimestamp = creationTimestamp;
65
+	}
66
+
67
+}


 securis/src/main/java/net/curisit/securis/db/License.java
....@@ -0,0 +1,106 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+
6
+import javax.persistence.Column;
7
+import javax.persistence.Entity;
8
+import javax.persistence.Id;
9
+import javax.persistence.JoinColumn;
10
+import javax.persistence.ManyToOne;
11
+import javax.persistence.NamedQueries;
12
+import javax.persistence.NamedQuery;
13
+import javax.persistence.Table;
14
+
15
+import org.codehaus.jackson.annotate.JsonAutoDetect;
16
+import org.codehaus.jackson.map.annotate.JsonSerialize;
17
+
18
+/**
19
+ * Entity implementation class for Entity: license
20
+ * 
21
+ */
22
+@JsonAutoDetect
23
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
24
+@Entity
25
+@Table(name = "license")
26
+@NamedQueries(
27
+	{ @NamedQuery(name = "list-licenses", query = "SELECT pa FROM Pack pa") })
28
+public class License implements Serializable {
29
+
30
+	private static final long serialVersionUID = 1L;
31
+
32
+	@Id
33
+	private int id;
34
+
35
+	private String code;
36
+
37
+	@Column(name = "creation_timestamp")
38
+	private Date creationTimestamp;
39
+
40
+	@ManyToOne
41
+	@JoinColumn(name = "organization_id")
42
+	private Organization organization;
43
+
44
+	@ManyToOne
45
+	@JoinColumn(name = "license_type_id")
46
+	private LicenseType licenseType;
47
+
48
+	@ManyToOne
49
+	@JoinColumn(name = "created_by")
50
+	private User createdBy;
51
+
52
+	private int numLicenses;
53
+
54
+	public int getId() {
55
+		return id;
56
+	}
57
+
58
+	public String getCode() {
59
+		return code;
60
+	}
61
+
62
+	public void setCode(String code) {
63
+		this.code = code;
64
+	}
65
+
66
+	public Date getCreationTimestamp() {
67
+		return creationTimestamp;
68
+	}
69
+
70
+	public void setCreationTimestamp(Date creationTimestamp) {
71
+		this.creationTimestamp = creationTimestamp;
72
+	}
73
+
74
+	public Organization getOrganization() {
75
+		return organization;
76
+	}
77
+
78
+	public void setOrganization(Organization organization) {
79
+		this.organization = organization;
80
+	}
81
+
82
+	public LicenseType getLicenseType() {
83
+		return licenseType;
84
+	}
85
+
86
+	public void setLicenseType(LicenseType licenseType) {
87
+		this.licenseType = licenseType;
88
+	}
89
+
90
+	public User getCreatedBy() {
91
+		return createdBy;
92
+	}
93
+
94
+	public void setCreatedBy(User createdBy) {
95
+		this.createdBy = createdBy;
96
+	}
97
+
98
+	public int getNumLicenses() {
99
+		return numLicenses;
100
+	}
101
+
102
+	public void setNumLicenses(int numLicenses) {
103
+		this.numLicenses = numLicenses;
104
+	}
105
+
106
+}


 securis/src/main/java/net/curisit/securis/db/LicenseType.java
....@@ -0,0 +1,90 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+
6
+import javax.persistence.Column;
7
+import javax.persistence.Entity;
8
+import javax.persistence.Id;
9
+import javax.persistence.JoinColumn;
10
+import javax.persistence.ManyToOne;
11
+import javax.persistence.NamedQueries;
12
+import javax.persistence.NamedQuery;
13
+import javax.persistence.Table;
14
+
15
+import org.codehaus.jackson.annotate.JsonAutoDetect;
16
+import org.codehaus.jackson.map.annotate.JsonSerialize;
17
+
18
+/**
19
+ * Entity implementation class for Entity: license_type
20
+ * 
21
+ */
22
+@JsonAutoDetect
23
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
24
+@Entity
25
+@Table(name = "license_type")
26
+@NamedQueries(
27
+	{ @NamedQuery(name = "list-license_types", query = "SELECT a FROM Application a") })
28
+public class LicenseType implements Serializable {
29
+
30
+	private static final long serialVersionUID = 1L;
31
+
32
+	@Id
33
+	private int id;
34
+
35
+	private String code;
36
+	private String name;
37
+	private String description;
38
+
39
+	@Column(name = "creation_timestamp")
40
+	private Date creationTimestamp;
41
+
42
+	@ManyToOne
43
+	@JoinColumn(name = "application_id")
44
+	private Application application;
45
+
46
+	public int getId() {
47
+		return id;
48
+	}
49
+
50
+	public String getName() {
51
+		return name;
52
+	}
53
+
54
+	public void setName(String name) {
55
+		this.name = name;
56
+	}
57
+
58
+	public String getDescription() {
59
+		return description;
60
+	}
61
+
62
+	public void setDescription(String description) {
63
+		this.description = description;
64
+	}
65
+
66
+	public String getCode() {
67
+		return code;
68
+	}
69
+
70
+	public void setCode(String code) {
71
+		this.code = code;
72
+	}
73
+
74
+	public Application getApplication() {
75
+		return application;
76
+	}
77
+
78
+	public void setApplication(Application application) {
79
+		this.application = application;
80
+	}
81
+
82
+	public Date getCreationTimestamp() {
83
+		return creationTimestamp;
84
+	}
85
+
86
+	public void setCreationTimestamp(Date creationTimestamp) {
87
+		this.creationTimestamp = creationTimestamp;
88
+	}
89
+
90
+}


 securis/src/main/java/net/curisit/securis/db/Organization.java
....@@ -0,0 +1,111 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+import java.util.List;
6
+
7
+import javax.persistence.Column;
8
+import javax.persistence.Entity;
9
+import javax.persistence.GeneratedValue;
10
+import javax.persistence.Id;
11
+import javax.persistence.JoinColumn;
12
+import javax.persistence.JoinTable;
13
+import javax.persistence.ManyToMany;
14
+import javax.persistence.ManyToOne;
15
+import javax.persistence.NamedQueries;
16
+import javax.persistence.NamedQuery;
17
+import javax.persistence.Table;
18
+
19
+import org.codehaus.jackson.annotate.JsonAutoDetect;
20
+import org.codehaus.jackson.map.annotate.JsonSerialize;
21
+
22
+/**
23
+ * Entity implementation class for Entity: organization
24
+ * 
25
+ */
26
+@JsonAutoDetect
27
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
28
+@Entity
29
+@Table(name = "organization")
30
+@NamedQueries(
31
+	{ @NamedQuery(name = "list-organizations", query = "SELECT o FROM Organization o") })
32
+public class Organization implements Serializable {
33
+
34
+	private static final long serialVersionUID = 1L;
35
+
36
+	@Id
37
+	@GeneratedValue
38
+	private int id;
39
+
40
+	private String code;
41
+	private String name;
42
+	private String description;
43
+
44
+	@Column(name = "creation_timestamp")
45
+	private Date creationTimestamp;
46
+
47
+	@ManyToMany
48
+	@JoinTable(name = "user_organization", //
49
+	joinColumns =
50
+		{ @JoinColumn(name = "organization_id", referencedColumnName = "id") }, //
51
+	inverseJoinColumns =
52
+		{ @JoinColumn(name = "user_id", referencedColumnName = "id") })
53
+	private List<User> users;
54
+
55
+	@ManyToOne
56
+	@JoinColumn(name = "org_parent_id")
57
+	private Organization parentOrganization;
58
+
59
+	public int getId() {
60
+		return id;
61
+	}
62
+
63
+	public String getName() {
64
+		return name;
65
+	}
66
+
67
+	public void setName(String name) {
68
+		this.name = name;
69
+	}
70
+
71
+	public String getDescription() {
72
+		return description;
73
+	}
74
+
75
+	public void setDescription(String description) {
76
+		this.description = description;
77
+	}
78
+
79
+	public String getCode() {
80
+		return code;
81
+	}
82
+
83
+	public void setCode(String code) {
84
+		this.code = code;
85
+	}
86
+
87
+	public Date getCreationTimestamp() {
88
+		return creationTimestamp;
89
+	}
90
+
91
+	public void setCreationTimestamp(Date creationTimestamp) {
92
+		this.creationTimestamp = creationTimestamp;
93
+	}
94
+
95
+	public List<User> getUsers() {
96
+		return users;
97
+	}
98
+
99
+	public void setUsers(List<User> users) {
100
+		this.users = users;
101
+	}
102
+
103
+	public Organization getParentOrganization() {
104
+		return parentOrganization;
105
+	}
106
+
107
+	public void setParentOrganization(Organization parentOrganization) {
108
+		this.parentOrganization = parentOrganization;
109
+	}
110
+
111
+}


 securis/src/main/java/net/curisit/securis/db/Pack.java
....@@ -0,0 +1,120 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+import java.util.Set;
6
+
7
+import javax.persistence.CascadeType;
8
+import javax.persistence.Column;
9
+import javax.persistence.Entity;
10
+import javax.persistence.FetchType;
11
+import javax.persistence.Id;
12
+import javax.persistence.JoinColumn;
13
+import javax.persistence.JoinTable;
14
+import javax.persistence.ManyToOne;
15
+import javax.persistence.NamedQueries;
16
+import javax.persistence.NamedQuery;
17
+import javax.persistence.OneToMany;
18
+import javax.persistence.Table;
19
+
20
+import org.codehaus.jackson.annotate.JsonAutoDetect;
21
+import org.codehaus.jackson.map.annotate.JsonSerialize;
22
+
23
+/**
24
+ * Entity implementation class for Entity: pack
25
+ * 
26
+ */
27
+@JsonAutoDetect
28
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
29
+@Entity
30
+@Table(name = "pack")
31
+@NamedQueries(
32
+	{ @NamedQuery(name = "list-packs", query = "SELECT pa FROM Pack pa"),//
33
+			@NamedQuery(name = "list-packs-by-org", query = "SELECT pa FROM Pack pa where pa.organization = :organization") })
34
+public class Pack implements Serializable {
35
+
36
+	private static final long serialVersionUID = 1L;
37
+
38
+	@Id
39
+	private int id;
40
+
41
+	private String code;
42
+
43
+	@Column(name = "creation_timestamp")
44
+	private Date creationTimestamp;
45
+
46
+	@ManyToOne
47
+	@JoinColumn(name = "organization_id")
48
+	private Organization organization;
49
+
50
+	@ManyToOne
51
+	@JoinColumn(name = "license_type_id")
52
+	private LicenseType licenseType;
53
+
54
+	@ManyToOne
55
+	@JoinColumn(name = "created_by")
56
+	private User createdBy;
57
+
58
+	@OneToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL)
59
+	@JoinTable(name = "license", //
60
+	joinColumns =
61
+		{ @JoinColumn(name = "pack_id") }, //
62
+	inverseJoinColumns =
63
+		{ @JoinColumn(name = "id") })
64
+	private Set<License> licenses;
65
+
66
+	private int numLicenses;
67
+
68
+	public int getId() {
69
+		return id;
70
+	}
71
+
72
+	public String getCode() {
73
+		return code;
74
+	}
75
+
76
+	public void setCode(String code) {
77
+		this.code = code;
78
+	}
79
+
80
+	public Date getCreationTimestamp() {
81
+		return creationTimestamp;
82
+	}
83
+
84
+	public void setCreationTimestamp(Date creationTimestamp) {
85
+		this.creationTimestamp = creationTimestamp;
86
+	}
87
+
88
+	public Organization getOrganization() {
89
+		return organization;
90
+	}
91
+
92
+	public void setOrganization(Organization organization) {
93
+		this.organization = organization;
94
+	}
95
+
96
+	public LicenseType getLicenseType() {
97
+		return licenseType;
98
+	}
99
+
100
+	public void setLicenseType(LicenseType licenseType) {
101
+		this.licenseType = licenseType;
102
+	}
103
+
104
+	public User getCreatedBy() {
105
+		return createdBy;
106
+	}
107
+
108
+	public void setCreatedBy(User createdBy) {
109
+		this.createdBy = createdBy;
110
+	}
111
+
112
+	public int getNumLicenses() {
113
+		return numLicenses;
114
+	}
115
+
116
+	public void setNumLicenses(int numLicenses) {
117
+		this.numLicenses = numLicenses;
118
+	}
119
+
120
+}


 securis/src/main/java/net/curisit/securis/db/User.java
....@@ -0,0 +1,160 @@
1
+package net.curisit.securis.db;
2
+
3
+import java.io.Serializable;
4
+import java.util.Date;
5
+import java.util.List;
6
+
7
+import javax.persistence.Column;
8
+import javax.persistence.Entity;
9
+import javax.persistence.Id;
10
+import javax.persistence.JoinColumn;
11
+import javax.persistence.JoinTable;
12
+import javax.persistence.ManyToMany;
13
+import javax.persistence.NamedQueries;
14
+import javax.persistence.NamedQuery;
15
+import javax.persistence.Table;
16
+
17
+import org.codehaus.jackson.annotate.JsonAutoDetect;
18
+import org.codehaus.jackson.annotate.JsonProperty;
19
+import org.codehaus.jackson.map.annotate.JsonSerialize;
20
+
21
+/**
22
+ * Entity implementation class for Entity: Users
23
+ * 
24
+ */
25
+@JsonAutoDetect
26
+@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
27
+@Entity
28
+@Table(name = "user")
29
+@NamedQueries(
30
+	{ @NamedQuery(name = "list-users", query = "SELECT u FROM User u"), @NamedQuery(name = "get-user", query = "SELECT u FROM User u where u.username = :username"),
31
+			@NamedQuery(name = "auth-user", query = "SELECT u FROM User u where u.username = :username and u.password = :password"), @NamedQuery(name = "delete-all-users", query = "delete FROM User u") })
32
+public class User implements Serializable {
33
+
34
+	private static final long serialVersionUID = 1L;
35
+
36
+	@Id
37
+	private String username;
38
+	private String password;
39
+	@JsonProperty(value = "short_name")
40
+	@Column(name = "short_name")
41
+	private String shortName;
42
+
43
+	private int role;
44
+
45
+	@JsonProperty(value = "full_name")
46
+	@Column(name = "full_name")
47
+	private String fullName;
48
+
49
+	@JsonProperty(value = "last_login")
50
+	@Column(name = "last_login")
51
+	private Date lastLogin;
52
+
53
+	@Column(name = "modification_timestamp")
54
+	private Date modificationTimestamp;
55
+
56
+	@Column(name = "creation_timestamp")
57
+	private Date creationTimestamp;
58
+
59
+	private String lang;
60
+
61
+	@ManyToMany
62
+	@JoinTable(name = "user_organization", //
63
+	joinColumns =
64
+		{ @JoinColumn(name = "user_id", referencedColumnName = "id") }, //
65
+	inverseJoinColumns =
66
+		{ @JoinColumn(name = "organization_id", referencedColumnName = "id") } //
67
+	)
68
+	private List<Organization> organizations;
69
+
70
+	public String getUsername() {
71
+		return username;
72
+	}
73
+
74
+	public void setUsername(String username) {
75
+		this.username = username;
76
+	}
77
+
78
+	public String getPassword() {
79
+		return password;
80
+	}
81
+
82
+	public void setPassword(String password) {
83
+		this.password = password;
84
+	}
85
+
86
+	public int getRole() {
87
+		return role;
88
+	}
89
+
90
+	public void setRole(int role) {
91
+		this.role = role;
92
+	}
93
+
94
+	public String getFullName() {
95
+		return fullName;
96
+	}
97
+
98
+	public void setFullName(String fullName) {
99
+		this.fullName = fullName;
100
+	}
101
+
102
+	public String getShortName() {
103
+		return shortName;
104
+	}
105
+
106
+	public void setShortName(String shortName) {
107
+		this.shortName = shortName;
108
+	}
109
+
110
+	public Date getLastLogin() {
111
+		return lastLogin;
112
+	}
113
+
114
+	public void setLastLogin(Date lastLogin) {
115
+		this.lastLogin = lastLogin;
116
+	}
117
+
118
+	public Date getModificationTimestamp() {
119
+		return modificationTimestamp;
120
+	}
121
+
122
+	public void setModificationTimestamp(Date modificationTimestamp) {
123
+		this.modificationTimestamp = modificationTimestamp;
124
+	}
125
+
126
+	public Date getCreationTimestamp() {
127
+		return creationTimestamp;
128
+	}
129
+
130
+	public void setCreationTimestamp(Date creationTimestamp) {
131
+		this.creationTimestamp = creationTimestamp;
132
+	}
133
+
134
+	@Override
135
+	public String toString() {
136
+		return "{User: " + username + " Full Name: " + fullName + ", last login: " + lastLogin + "}";
137
+	}
138
+
139
+	public String getLang() {
140
+		return lang;
141
+	}
142
+
143
+	public void setLang(String lang) {
144
+		this.lang = lang;
145
+	}
146
+
147
+	public List<Organization> getOrganizations() {
148
+		return organizations;
149
+	}
150
+
151
+	public void setOrganizations(List<Organization> organizations) {
152
+		this.organizations = organizations;
153
+	}
154
+
155
+	static public class Rol {
156
+		static public final int ADVANCE = 0x01;
157
+		static public final int ADMIN = 0x02;
158
+	}
159
+
160
+}


 securis/src/main/java/net/curisit/securis/ioc/RequestsModule.java
....@@ -2,6 +2,7 @@
22 
33 import net.curisit.securis.services.BasicServices;
44 import net.curisit.securis.services.LicenseServices;
5
+import net.curisit.securis.services.SecurityInterceptor;
56 import net.curisit.securis.services.UserResource;
67 
78 import org.eclipse.jetty.server.Authentication.User;
....@@ -19,6 +20,8 @@
1920 		bind(BasicServices.class);
2021 		bind(LicenseServices.class);
2122 		bind(UserResource.class);
23
+		bind(SecurityInterceptor.class);
24
+
2225 	}
2326 
2427 	@Provides


 securis/src/main/java/net/curisit/securis/ioc/SecurisModule.java
....@@ -9,9 +9,11 @@
99 
1010 import javax.inject.Named;
1111 import javax.inject.Singleton;
12
+import javax.sql.DataSource;
1213 import javax.ws.rs.core.UriBuilder;
1314 import javax.ws.rs.core.UriBuilderException;
1415 
16
+import org.h2.jdbcx.JdbcDataSource;
1517 import org.slf4j.Logger;
1618 import org.slf4j.LoggerFactory;
1719 
....@@ -31,7 +33,7 @@
3133 	}
3234 
3335 	public String getPassword() {
34
-		return getFilePassword() + " " + "cur1s1nt3grity";
36
+		return getFilePassword() + " " + "53curi5";
3537 	}
3638 
3739 	public String getFilePassword() {
....@@ -39,7 +41,7 @@
3941 	}
4042 
4143 	public String getUrl(File appDir) {
42
-		return String.format("jdbc:h2:%s/db/curisintegrity_cs;CIPHER=AES", appDir.getAbsolutePath());
44
+		return String.format("jdbc:h2:%s/db/securis;CIPHER=AES", appDir.getAbsolutePath());
4345 	}
4446 
4547 	@Named("base-uri")
....@@ -77,14 +79,85 @@
7779 		return Arrays.asList("/db/schema.sql");
7880 	}
7981 
80
-	// @Provides
81
-	// @Singleton
82
-	// public HelloWorld provideHelloWorld() {
83
-	// if (args.length > 0 && args[0].equals("fi")) {
84
-	// return new HelloWorldFI();
85
-	// } else {
86
-	// return new HelloWorldPL();
87
-	// }
88
-	// }
82
+	@Named("temporary-dir")
83
+	@Provides
84
+	@Singleton
85
+	public File getTemporaryDir() {
86
+		String tmp = getAppDir().getAbsolutePath();
87
+		tmp += File.separator + ".TEMP";
88
+		File ftmp = new File(tmp);
89
+		if (!ftmp.exists()) {
90
+			if (!ftmp.mkdirs())
91
+				return null;
92
+			log.debug("Created temporary directory for app in: {}", ftmp.getAbsolutePath());
93
+			ftmp.deleteOnExit();
94
+		}
95
+		return ftmp;
96
+	}
97
+
98
+	@Named("app-dir")
99
+	@Provides
100
+	@Singleton
101
+	public File getAppDir() {
102
+		String appDir = System.getProperty("user.home", System.getProperty("user.dir"));
103
+		if (appDir == null) {
104
+			appDir = ".";
105
+		}
106
+		appDir += File.separator + ".SeCuris";
107
+		File fAppDir = new File(appDir);
108
+		if (!fAppDir.exists()) {
109
+			if (!fAppDir.mkdirs())
110
+				return null;
111
+			log.debug("Created app working directory app in: {}", fAppDir.getAbsolutePath());
112
+		}
113
+		return fAppDir;
114
+	}
115
+
116
+	@Named("support-email")
117
+	@Provides
118
+	@Singleton
119
+	public String getSupportEmail() {
120
+		return "integrity@curistec.com";
121
+	}
122
+
123
+	@Named("hash-logo")
124
+	@Provides
125
+	@Singleton
126
+	public String getHashLogo() {
127
+		return "1b42616809d4cd8ccf109e3c30d0ab25067f160b30b7354a08ddd563de0096ba";
128
+	}
129
+
130
+	@Named("license-req-file-name")
131
+	@Provides
132
+	@Singleton
133
+	public String getLicenseReqFileName() {
134
+		return "license.req";
135
+	}
136
+
137
+	@Named("license-file-name")
138
+	@Provides
139
+	@Singleton
140
+	public String getLicenseFileName() {
141
+		return "license.lic";
142
+	}
143
+
144
+	@Provides
145
+	@Singleton
146
+	public DataSource getDataSource(@Named("app-dir") File appDir) {
147
+
148
+		JdbcDataSource dataSource = new JdbcDataSource();
149
+		dataSource.setURL(getUrl(appDir));
150
+		dataSource.setUser("curis");
151
+		dataSource.setPassword(getPassword());
152
+		log.debug("JdbcDataSource: {}", dataSource);
153
+		return dataSource;
154
+	}
155
+
156
+	@Named("db-files")
157
+	@Provides
158
+	@Singleton
159
+	public List<String> getDbFiles() {
160
+		return getAppDbFiles();
161
+	}
89162 
90163 }


 securis/src/main/java/net/curisit/securis/services/Securable.java
....@@ -0,0 +1,12 @@
1
+package net.curisit.securis.services;
2
+
3
+import java.lang.annotation.ElementType;
4
+import java.lang.annotation.Retention;
5
+import java.lang.annotation.RetentionPolicy;
6
+import java.lang.annotation.Target;
7
+
8
+@Retention(RetentionPolicy.RUNTIME)
9
+@Target(ElementType.METHOD)
10
+public @interface Securable {
11
+	String header() default "session-token";
12
+}


 securis/src/main/java/net/curisit/securis/services/SecurityInterceptor.java
....@@ -0,0 +1,49 @@
1
+package net.curisit.securis.services;
2
+
3
+import java.io.IOException;
4
+import java.lang.reflect.Method;
5
+
6
+import javax.servlet.http.HttpServletRequest;
7
+import javax.ws.rs.container.ContainerRequestContext;
8
+import javax.ws.rs.core.Context;
9
+import javax.ws.rs.ext.Provider;
10
+
11
+import org.jboss.resteasy.core.ResourceMethodInvoker;
12
+import org.slf4j.Logger;
13
+import org.slf4j.LoggerFactory;
14
+
15
+@Provider
16
+public class SecurityInterceptor implements javax.ws.rs.container.ContainerRequestFilter {
17
+
18
+	private static final Logger log = LoggerFactory.getLogger(SecurityInterceptor.class);
19
+
20
+	@Context
21
+	private HttpServletRequest servletRequest;
22
+
23
+	@Override
24
+	public void filter(ContainerRequestContext containerRequestContext) throws IOException {
25
+		log.info("filter using REST interceptor, method: {}", containerRequestContext.getMethod());
26
+		log.info("filter using REST interceptor, ResourceMethodInvoker: {}", containerRequestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker"));
27
+		ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) containerRequestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
28
+		Method method = methodInvoker.getMethod();
29
+
30
+		if (!method.isAnnotationPresent(Securable.class))
31
+			return;
32
+	}
33
+
34
+	// @Override
35
+	// public ServerResponse preProcess(HttpRequest httpRequest, ResourceMethod resourceMethod) throws Failure, WebApplicationException {
36
+	//
37
+	// Securable securable = resourceMethod.getMethod().getAnnotation(Securable.class);
38
+	// String headerValue = servletRequest.getHeader(securable.header());
39
+	//
40
+	// if (headerValue == null) {
41
+	// return (ServerResponse) Response.status(Status.BAD_REQUEST).entity("Invalid Session").build();
42
+	// } else {
43
+	// // Validatation logic goes here
44
+	// }
45
+	//
46
+	// return null;
47
+	// }
48
+
49
+}


 securis/src/main/java/net/curisit/securis/services/UserResource.java
....@@ -1,6 +1,6 @@
11 package net.curisit.securis.services;
22 
3
-import javax.annotation.security.RolesAllowed;
3
+import javax.inject.Inject;
44 import javax.servlet.http.HttpServletRequest;
55 import javax.ws.rs.FormParam;
66 import javax.ws.rs.GET;
....@@ -14,6 +14,7 @@
1414 import javax.ws.rs.core.Response.Status;
1515 
1616 import net.curisit.integrity.commons.Utils;
17
+import net.curisit.securis.utils.TokenHelper;
1718 
1819 import org.slf4j.Logger;
1920 import org.slf4j.LoggerFactory;
....@@ -25,6 +26,9 @@
2526  */
2627 @Path("/user")
2728 public class UserResource {
29
+
30
+	@Inject
31
+	TokenHelper tokenHelper;
2832 
2933 	// private LicenseHelper licenseHelper = InjectorFactory.getInjector().getInstance(LicenseHelper.class);
3034 	private static final Logger log = LoggerFactory.getLogger(UserResource.class);
....@@ -56,7 +60,8 @@
5660 		request.getSession().setAttribute("username", user);
5761 		if ("no".equals(password))
5862 			return Response.status(Status.FORBIDDEN).build();
59
-		return Response.ok(Utils.createMap("name", "Pepito", "username", user)).build();
63
+		String tokenAuth = tokenHelper.generateToken(user);
64
+		return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
6065 	}
6166 
6267 	/**
....@@ -66,7 +71,7 @@
6671 	@Path("/{username}")
6772 	@Produces(
6873 		{ MediaType.APPLICATION_JSON })
69
-	@RolesAllowed("advance")
74
+	// @RolesAllowed("advance")
7075 	public Response main(@PathParam("username") String username) {
7176 		return Response.ok().entity(Utils.createMap("name", "Pepito", "username", username)).build();
7277 	}


 securis/src/main/java/net/curisit/securis/utils/TokenHelper.java
....@@ -22,6 +22,9 @@
2222 
2323 	private static final Logger log = LoggerFactory.getLogger(TokenHelper.class);
2424 
25
+	/**
26
+	 * Period before token expires, set in hours.
27
+	 */
2528 	private static int VALID_TOKEN_PERIOD = 24;
2629 
2730 	@Inject
....@@ -30,6 +33,12 @@
3033 
3134 	private static byte[] seed = "S3Cur15S33dForT0k3nG3n3r@tion".getBytes();
3235 
36
+	/**
37
+	 * Generate a token encoded in Base64 for user passed as parameter and taking the current moment as token timestamp
38
+	 * 
39
+	 * @param user
40
+	 * @return
41
+	 */
3342 	public String generateToken(String user) {
3443 		try {
3544 			Date date = new Date();
....@@ -50,7 +59,7 @@
5059 
5160 	}
5261 
53
-	public String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
62
+	private String generateSecret(String user, Date date) throws UnsupportedEncodingException, NoSuchAlgorithmException {
5463 		MessageDigest mDigest = MessageDigest.getInstance("SHA-256");
5564 		mDigest.update(seed, 0, seed.length);
5665 		byte[] userbytes = user.getBytes("utf-8");
....@@ -62,6 +71,12 @@
6271 		return secret;
6372 	}
6473 
74
+	/**
75
+	 * Check if passed token is still valid, It use to check if token is expired the attribute VALID_TOKEN_PERIOD (in hours)
76
+	 * 
77
+	 * @param token
78
+	 * @return
79
+	 */
6580 	public boolean validateToken(String token) {
6681 		try {
6782 			String tokenDecoded = new String(Base64.decode(token));
....@@ -69,18 +84,30 @@
6984 			String secret = parts[0];
7085 			String user = parts[1];
7186 			Date date = Utils.toDateFromIso(parts[2]);
72
-			if (new Date(new Date().getTime() + 25 * 60 * 60 * 1000).after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
87
+			if (new Date().after(new Date(date.getTime() + VALID_TOKEN_PERIOD * 60 * 60 * 1000)))
7388 				return false;
7489 			String newSecret = generateSecret(user, date);
7590 			return newSecret.equals(secret);
7691 		} catch (IOException e) {
77
-			log.error("Error decoding Bse64 token", e);
92
+			log.error("Error decoding Base64 token", e);
7893 		} catch (NoSuchAlgorithmException e) {
7994 			log.error("Error generation secret to compare with", e);
8095 		}
8196 		return false;
8297 	}
8398 
99
+	public String extractUserFromToken(String token) {
100
+		try {
101
+			String tokenDecoded = new String(Base64.decode(token));
102
+			String[] parts = StringUtils.split(tokenDecoded, ' ');
103
+			String user = parts[1];
104
+			return user;
105
+		} catch (IOException e) {
106
+			log.error("Error decoding Base64 token", e);
107
+		}
108
+		return null;
109
+	}
110
+
84111 	public static void main(String[] args) throws IOException {
85112 		TokenHelper th = new TokenHelper();
86113 		String token = th.generateToken("pepe");


 securis/src/main/resources/db/schema.sql
....@@ -0,0 +1,84 @@
1
+drop table IF EXISTS settings;
2
+CREATE  TABLE IF NOT EXISTS settings (
3
+  key VARCHAR(100) NOT NULL ,
4
+  value VARCHAR(2000) NULL ,
5
+  timestamp DATETIME NOT NULL DEFAULT now() ,
6
+  PRIMARY KEY (key) );
7
+ 
8
+drop table IF EXISTS user;
9
+CREATE  TABLE IF NOT EXISTS user (
10
+  username VARCHAR(45) NOT NULL ,
11
+  password VARCHAR(100) NULL ,
12
+  roles INT NULL ,
13
+  full_name VARCHAR(100) NULL ,
14
+  short_name VARCHAR(3) NULL ,
15
+  last_login DATETIME NULL ,
16
+  lang VARCHAR(10) NULL ,
17
+  creation_timestamp DATETIME NULL ,  
18
+  modification_timestamp DATETIME NULL ,  
19
+  PRIMARY KEY (username));
20
+
21
+drop table IF EXISTS application;
22
+CREATE TABLE IF NOT EXISTS application (
23
+  id INT NOT NULL,
24
+  name VARCHAR(45) NOT NULL ,
25
+  description VARCHAR(500) NULL ,
26
+  creation_timestamp DATETIME NULL ,  
27
+  PRIMARY KEY (id));
28
+
29
+
30
+drop table IF EXISTS license_type;
31
+CREATE  TABLE IF NOT EXISTS license_type (
32
+  id INT NOT NULL,
33
+  code VARCHAR(10) NOT NULL ,
34
+  name VARCHAR(45) NOT NULL ,
35
+  description VARCHAR(100) NULL ,
36
+  application_id INT NULL ,
37
+  creation_timestamp DATETIME NULL ,  
38
+  PRIMARY KEY (id));
39
+
40
+drop table IF EXISTS organization;
41
+CREATE  TABLE IF NOT EXISTS organization (
42
+  id INT NOT NULL auto_increment,
43
+  code VARCHAR(10) NOT NULL ,
44
+  name VARCHAR(45) NOT NULL ,
45
+  description VARCHAR(100) NULL ,
46
+  org_parent_id INT NULL ,
47
+  creation_timestamp DATETIME NULL ,  
48
+  PRIMARY KEY (id));
49
+  
50
+drop table IF EXISTS user_organization;
51
+CREATE  TABLE IF NOT EXISTS user_organization (
52
+  user_id INT NOT NULL,
53
+  organization_id INT NOT NULL,  
54
+  PRIMARY KEY (user_id, organization_id));
55
+  
56
+drop table IF EXISTS pack;
57
+CREATE  TABLE IF NOT EXISTS pack (
58
+  id INT NOT NULL,
59
+  code VARCHAR(50) NOT NULL ,
60
+  num_licenses INT NOT NULL ,
61
+  license_type_id INT NOT NULL,  
62
+  organization_id INT NOT NULL,  
63
+  created_by varchar(45) NULL ,  
64
+  creation_timestamp DATETIME NOT NULL ,  
65
+  PRIMARY KEY (id));
66
+  
67
+drop table IF EXISTS license;
68
+CREATE TABLE IF NOT EXISTS license (
69
+  id INT NOT NULL,
70
+  code VARCHAR(100) NOT NULL ,
71
+  pack_id INT NOT NULL,  
72
+  user_name INT NULL,  
73
+  user_email INT NOT NULL,  
74
+  creation_timestamp DATETIME NOT NULL ,  
75
+  sent_timestamp DATETIME NULL ,  
76
+  modification_timestamp DATETIME NULL ,  
77
+  cancelation_timestamp DATETIME NULL ,  
78
+  canceled_by varchar(45) NULL ,  
79
+  created_by varchar(45) NULL ,  
80
+  status VARCHAR(3) NULL ,  
81
+  PRIMARY KEY (id));
82
+  
83
+  
84
+