Commit e4e3a521 authored by Alina Habibulina's avatar Alina Habibulina

+ set password api

parent 34d25663
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
<attributes>
<attribute name="owner.project.facets" value="java"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
<classpathentry kind="output" path="build/classes"/>
</classpath>
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>synergy-api-proxy</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry excluding="**/bower_components/*|**/node_modules/*|**/*.min.js" kind="src" path="WebContent"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
<attributes>
<attribute name="hide" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
<classpathentry kind="output" path=""/>
</classpath>
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
org.eclipse.jdt.core.compiler.compliance=1.7
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.source=1.7
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
<wb-module deploy-name="synergy-api-proxy">
<wb-resource deploy-path="/" source-path="/WebContent" tag="defaultRootSource"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src"/>
<property name="context-root" value="synergy-api-proxy"/>
<property name="java-output-path" value="/synergy-api-proxy/build/classes"/>
</wb-module>
</project-modules>
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<fixed facet="wst.jsdt.web"/>
<installed facet="java" version="1.7"/>
<installed facet="jst.web" version="3.0"/>
<installed facet="wst.jsdt.web" version="1.0"/>
</faceted-project>
org.eclipse.wst.jsdt.launching.baseBrowserLibrary
\ No newline at end of file
Window
\ No newline at end of file
Manifest-Version: 1.0
Class-Path:
...@@ -21,13 +21,22 @@ public class ClientManager { ...@@ -21,13 +21,22 @@ public class ClientManager {
private static final Logger LOGGER = LoggerFactory.getLogger(ClientManager.class); private static final Logger LOGGER = LoggerFactory.getLogger(ClientManager.class);
public static void log(Object logItem) { public static void log(Object logItem, String oldPass, String NewPass, String Login) {
Connection con = null; Connection con = null;
try { try {
con = ConnectionPool.getConnection(); con = ConnectionPool.getConnection();
/*
1) Делаем SELECT MD5(old_password)
2) Сравниваем полученный результат с имеющимся в поле password:
- совпадают: идем дальше
- не совпадают: возвращаем ошибку
3) Делаем SELECT MD5(new_password)
4) Делаем UPDATE users SET password= (SELECT MD5(new_password) ) WHERE login = login
*/
PreparedStatement st = con.prepareStatement("INSERT INTO log(logged, clientid, hostname, extip, localip) VALUES (CURRENT_TIMESTAMP, ?, ?, ?, ?)");
PreparedStatement st = con.prepareStatement("INSERT INTO log(logged, clientid, hostname, extip, localip) VALUES (CURRENT_TIMESTAMP, ?, ?, ?, ?)");
// PreparedStatement st = con.prepareStatement("UPDATE users SET password= ");
st.setString(1, "clientId"); st.setString(1, "clientId");
st.setString(2, "hostname"); st.setString(2, "hostname");
st.setString(3, "extip"); st.setString(3, "extip");
......
...@@ -12,6 +12,16 @@ import org.apache.http.impl.client.HttpClientBuilder; ...@@ -12,6 +12,16 @@ import org.apache.http.impl.client.HttpClientBuilder;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import kz.arta.ext.sap.util.ConnectionPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.naming.NamingException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.sql.ResultSet;
import javax.enterprise.context.RequestScoped; import javax.enterprise.context.RequestScoped;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.Path; import javax.ws.rs.Path;
...@@ -28,11 +38,14 @@ import java.nio.charset.Charset; ...@@ -28,11 +38,14 @@ import java.nio.charset.Charset;
* Time: 11:27 * Time: 11:27
* *
* REST сервис с методами, которые не требуют авторизации * REST сервис с методами, которые не требуют авторизации
*
* Modified
* Date: 06.2018
* REST API метод для смены/установки пароля
*/ */
@Path("/unsecured") @Path("/uservice")
@RequestScoped @RequestScoped
public class UnsecuredProxyService { public class UnsecuredProxyService {
private static final Logger LOGGER = LoggerFactory.getLogger(UnsecuredProxyService.class); private static final Logger LOGGER = LoggerFactory.getLogger(UnsecuredProxyService.class);
@GET @GET
...@@ -42,60 +55,28 @@ public class UnsecuredProxyService { ...@@ -42,60 +55,28 @@ public class UnsecuredProxyService {
return "{\"status\":\"working\"}"; return "{\"status\":\"working\"}";
} }
/**
* Обертка над методом /rest/api/storage/file/get
* Не требует авторизации.
* Обращение к REST API Synergy осуществляется от имени пользователя,
* указанного в настройках (параметры synergy.user.login и synergy.user.password)
*
* @param identifier идентификатор файла в хранилище
* @return inline изображение. Если запрошенный файл не является изображением, то вернется ошибка.
*/
@GET @GET
@Path("/image") @Path("/set_password")
public Response getImage(@QueryParam("identifier") String identifier) { @Produces(MediaType.APPLICATION_JSON + "; charset=utf-8")
public String setPassword(@QueryParam("login") String login, @QueryParam("new_password") String new_pass){
Connection con = null;
try { try {
con = ConnectionPool.getConnection();
/*PreparedStatement encodeNewPassword = con.prepareStatement("SELECT MD5(\"" + new_pass + "\");");
encodeNewPassword.execute();*/
//UPDATE users SET password=MD5("new_pass") WHERE login="mikkio"
String auth = Config.getProperty("synergy.user.login", "1") + ":" + Config.getProperty("synergy.user.password", "1"); String update_passwordSQL = "UPDATE users SET password=MD5(\"" + new_pass + "\") WHERE login =\"" + login + "\";";
byte[] encodedAuth = Base64.encodeBase64( PreparedStatement UpdatePassword = con.prepareStatement(update_passwordSQL);
auth.getBytes(Charset.forName("UTF-8"))); UpdatePassword.execute();
String authHeader = "Basic " + new String(encodedAuth); return "{\"result\":\"success\", \"errorCode\":\"0\"}";
CloseableHttpClient client = HttpClientBuilder.create().build();
HttpGet request = new HttpGet(Config.getProperty("synergy.url", "http://127.0.0.1:8080/Synergy") +
"/rest/api/storage/file/get?inline=true&identifier=" + identifier);
request.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
HttpResponse response = client.execute(request); } catch (SQLException | NamingException e) {
HttpEntity entity = response.getEntity();
int responseCode = response.getStatusLine().getStatusCode();
LOGGER.info("Request Url: " + request.getURI());
LOGGER.info("Response Code: " + responseCode);
LOGGER.info("Content-Type: " + entity.getContentType().getValue());
if (entity.getContentType().getValue().toLowerCase().startsWith("image/")) {
Response.ResponseBuilder builder = Response.ok();
builder.entity(entity.getContent());
for (Header header : response.getAllHeaders()) {
builder.header(header.getName(), header.getValue());
}
return builder.build();
} else {
return Response.status(Response.Status.BAD_REQUEST).entity("Not an image").build();
}
} catch (IOException e) {
LOGGER.error("", e); LOGGER.error("", e);
return Response.serverError().build(); return "{\"status\":\"something gone wrong\", \"error\":\"" + e + "\", \"errorCode\": \"500\"}";
} finally {
ConnectionPool.close(con);
} }
} }
} }
...@@ -8,12 +8,13 @@ import javax.naming.NamingException; ...@@ -8,12 +8,13 @@ import javax.naming.NamingException;
import javax.sql.DataSource; import javax.sql.DataSource;
import java.sql.Connection; import java.sql.Connection;
import java.sql.SQLException; import java.sql.SQLException;
import javax.sql.XAConnection;
import javax.sql.XADataSource;
/** /**
* Created by val * Created by val
* Date: 04.10.2015 * Date: 04.10.2015
* Time: 11:13 * Time: 11:13
*
* Пример класса, который отвечает за работу с пулом соединений * Пример класса, который отвечает за работу с пулом соединений
*/ */
public class ConnectionPool { public class ConnectionPool {
...@@ -22,7 +23,7 @@ public class ConnectionPool { ...@@ -22,7 +23,7 @@ public class ConnectionPool {
public static Connection getConnection() throws SQLException, NamingException { public static Connection getConnection() throws SQLException, NamingException {
InitialContext ctx = new InitialContext(); InitialContext ctx = new InitialContext();
DataSource ds = (DataSource) ctx.lookup("java:jboss/datasources/DefineDS"); DataSource ds = (DataSource) ctx.lookup("java:/jboss/datasources/ml");
return ds.getConnection(); return ds.getConnection();
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment