Skip to content
GitLab
Unverified Commit 648a75e0 authored by reshmi-nair's avatar reshmi-nair Committed by GitHub
Browse files

SB-26327 Onboarding breakdown (#923)

parent 8d2eea1e
release-4.2.0 release-4.2.0_RC13 release-4.2.0_RC12 release-4.2.0_RC11
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 13 additions and 0 deletions
+13 -0
controller/app/modules/OnRequestHandler.java
+ 3
0
View file @ 648a75e0
...@@ -53,6 +53,9 @@ public class OnRequestHandler implements ActionCreator { ...@@ -53,6 +53,9 @@ public class OnRequestHandler implements ActionCreator {
request.getHeaders(); request.getHeaders();
CompletionStage<Result> result = checkForServiceHealth(request); CompletionStage<Result> result = checkForServiceHealth(request);
if (result != null) return result; if (result != null) return result;
logger.info("**learner request :"+request);
logger.info("**learner request header :"+request.getHeaders().toMap());
logger.info("**learner request body :"+request.body().asJson());
// From 3.0.0 checking user access-token and managed-by from the request header // From 3.0.0 checking user access-token and managed-by from the request header
Map userAuthentication = RequestInterceptor.verifyRequestData(request); Map userAuthentication = RequestInterceptor.verifyRequestData(request);
String message = (String) userAuthentication.get(JsonKey.USER_ID); String message = (String) userAuthentication.get(JsonKey.USER_ID);
......
controller/app/util/RequestInterceptor.java
+ 4
0
View file @ 648a75e0
...@@ -131,6 +131,7 @@ public class RequestInterceptor { ...@@ -131,6 +131,7 @@ public class RequestInterceptor {
// The API must be invoked with either access token or client token. // The API must be invoked with either access token or client token.
if (accessToken.isPresent()) { if (accessToken.isPresent()) {
clientId = AccessTokenValidator.verifyUserToken(accessToken.get()); clientId = AccessTokenValidator.verifyUserToken(accessToken.get());
logger.info("**learner accesstoken verified :" + clientId);
if (!JsonKey.USER_UNAUTH_STATES.contains(clientId)) { if (!JsonKey.USER_UNAUTH_STATES.contains(clientId)) {
// Now we have some valid token, next verify if the token is matching the request. // Now we have some valid token, next verify if the token is matching the request.
String requestedForUserID = getUserRequestedFor(request); String requestedForUserID = getUserRequestedFor(request);
...@@ -148,11 +149,13 @@ public class RequestInterceptor { ...@@ -148,11 +149,13 @@ public class RequestInterceptor {
} else { } else {
clientId = JsonKey.UNAUTHORIZED; clientId = JsonKey.UNAUTHORIZED;
} }
logger.info("**learner managed accesstoken verified :" + clientId);
} }
} else { } else {
logger.debug("Ignoring x-authenticated-for token..."); logger.debug("Ignoring x-authenticated-for token...");
} }
} }
logger.info("**learner added userid to userAuthentication :" + clientId);
userAuthentication.put(JsonKey.USER_ID, clientId); userAuthentication.put(JsonKey.USER_ID, clientId);
userAuthentication.put(JsonKey.MANAGED_FOR, managedForId); userAuthentication.put(JsonKey.MANAGED_FOR, managedForId);
} }
...@@ -175,6 +178,7 @@ public class RequestInterceptor { ...@@ -175,6 +178,7 @@ public class RequestInterceptor {
userAuthentication.put(JsonKey.USER_ID, JsonKey.ANONYMOUS); userAuthentication.put(JsonKey.USER_ID, JsonKey.ANONYMOUS);
} }
} }
logger.info("**learner userAuthentication :" + userAuthentication.toString());
return userAuthentication; return userAuthentication;
} }
......
core/platform-common/src/main/java/org/sunbird/auth/verifier/AccessTokenValidator.java
+ 6
0
View file @ 648a75e0
...@@ -25,12 +25,15 @@ public class AccessTokenValidator { ...@@ -25,12 +25,15 @@ public class AccessTokenValidator {
Map<Object, Object> headerData = Map<Object, Object> headerData =
mapper.readValue(new String(decodeFromBase64(header)), Map.class); mapper.readValue(new String(decodeFromBase64(header)), Map.class);
String keyId = headerData.get("kid").toString(); String keyId = headerData.get("kid").toString();
logger.info("**learner calling accesstoken verifyRSASign()");
boolean isValid = boolean isValid =
CryptoUtil.verifyRSASign( CryptoUtil.verifyRSASign(
payLoad, payLoad,
decodeFromBase64(signature), decodeFromBase64(signature),
KeyManager.getPublicKey(keyId).getPublicKey(), KeyManager.getPublicKey(keyId).getPublicKey(),
JsonKey.SHA_256_WITH_RSA); JsonKey.SHA_256_WITH_RSA);
logger.info("**learner accesstoken verifyRSASign() :" + isValid);
if (isValid) { if (isValid) {
Map<String, Object> tokenBody = Map<String, Object> tokenBody =
mapper.readValue(new String(decodeFromBase64(body)), Map.class); mapper.readValue(new String(decodeFromBase64(body)), Map.class);
...@@ -38,6 +41,7 @@ public class AccessTokenValidator { ...@@ -38,6 +41,7 @@ public class AccessTokenValidator {
if (isExp) { if (isExp) {
return Collections.EMPTY_MAP; return Collections.EMPTY_MAP;
} }
logger.info("**learner accesstoken validated token tokenBody :" + tokenBody);
return tokenBody; return tokenBody;
} }
return Collections.EMPTY_MAP; return Collections.EMPTY_MAP;
...@@ -86,6 +90,8 @@ public class AccessTokenValidator { ...@@ -86,6 +90,8 @@ public class AccessTokenValidator {
String userId = JsonKey.UNAUTHORIZED; String userId = JsonKey.UNAUTHORIZED;
try { try {
Map<String, Object> payload = validateToken(token); Map<String, Object> payload = validateToken(token);
logger.info("learner accesstoken validateToken() :" + payload.toString());
if (MapUtils.isNotEmpty(payload) && checkIss((String) payload.get("iss"))) { if (MapUtils.isNotEmpty(payload) && checkIss((String) payload.get("iss"))) {
userId = (String) payload.get(JsonKey.SUB); userId = (String) payload.get(JsonKey.SUB);
if (StringUtils.isNotBlank(userId)) { if (StringUtils.isNotBlank(userId)) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment