Download as
Browse Code »

Commit 3d167b5459087b0a6bb02955faa28bfbcc8d655a

Authored by PauloGladson
1 parent de2b8e57

Segurança e ajustes nos pacotes

Showing 31 changed files with 320 additions and 231 deletions   Show diff stats
demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Ignore.java
  Diff comments   View file @3d167b5
@@ -7,9 +7,8 @@ @@ -7,9 +7,8 @@
7 package org.demoiselle.jee.core.annotation; 7 package org.demoiselle.jee.core.annotation;
8 8
9 import static java.lang.annotation.ElementType.FIELD; 9 import static java.lang.annotation.ElementType.FIELD;
10 -import static java.lang.annotation.RetentionPolicy.RUNTIME;  
11 -  
12 import java.lang.annotation.Retention; 10 import java.lang.annotation.Retention;
  11 +import static java.lang.annotation.RetentionPolicy.RUNTIME;
13 import java.lang.annotation.Target; 12 import java.lang.annotation.Target;
14 13
15 /** 14 /**
demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Name.java
  Diff comments   View file @3d167b5
@@ -6,16 +6,14 @@ @@ -6,16 +6,14 @@
6 */ 6 */
7 package org.demoiselle.jee.core.annotation; 7 package org.demoiselle.jee.core.annotation;
8 8
9 -import javax.enterprise.inject.spi.InjectionPoint;  
10 -import javax.enterprise.util.Nonbinding;  
11 -import javax.inject.Named;  
12 -import javax.inject.Qualifier; 9 +import static java.lang.annotation.ElementType.*;
13 import java.lang.annotation.Inherited; 10 import java.lang.annotation.Inherited;
14 import java.lang.annotation.Retention; 11 import java.lang.annotation.Retention;
15 -import java.lang.annotation.Target;  
16 -  
17 -import static java.lang.annotation.ElementType.*;  
18 import static java.lang.annotation.RetentionPolicy.RUNTIME; 12 import static java.lang.annotation.RetentionPolicy.RUNTIME;
  13 +import java.lang.annotation.Target;
  14 +import javax.enterprise.util.Nonbinding;
  15 +import javax.inject.Named;
  16 +import javax.inject.Qualifier;
19 17
20 /** 18 /**
21 * <p> 19 * <p>
demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Priority.java
  Diff comments   View file @3d167b5
@@ -6,12 +6,11 @@ @@ -6,12 +6,11 @@
6 */ 6 */
7 package org.demoiselle.jee.core.annotation; 7 package org.demoiselle.jee.core.annotation;
8 8
9 -import java.lang.annotation.Retention;  
10 -import java.lang.annotation.Target;  
11 -  
12 import static java.lang.annotation.ElementType.METHOD; 9 import static java.lang.annotation.ElementType.METHOD;
13 import static java.lang.annotation.ElementType.TYPE; 10 import static java.lang.annotation.ElementType.TYPE;
  11 +import java.lang.annotation.Retention;
14 import static java.lang.annotation.RetentionPolicy.RUNTIME; 12 import static java.lang.annotation.RetentionPolicy.RUNTIME;
  13 +import java.lang.annotation.Target;
15 14
16 /** 15 /**
17 * <p> 16 * <p>
demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/NameQualifier.java
  Diff comments   View file @3d167b5
@@ -6,9 +6,8 @@ @@ -6,9 +6,8 @@
6 */ 6 */
7 package org.demoiselle.jee.core.annotation.literal; 7 package org.demoiselle.jee.core.annotation.literal;
8 8
9 -import org.demoiselle.jee.core.annotation.Name;  
10 -  
11 import javax.enterprise.util.AnnotationLiteral; 9 import javax.enterprise.util.AnnotationLiteral;
  10 +import org.demoiselle.jee.core.annotation.Name;
12 11
13 /** 12 /**
14 * Annotation litteral that allows to create instances of the {@link Name} literal. The created instance can then be 13 * Annotation litteral that allows to create instances of the {@link Name} literal. The created instance can then be
demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/NamedQualifier.java
  Diff comments   View file @3d167b5
@@ -6,9 +6,9 @@ @@ -6,9 +6,9 @@
6 */ 6 */
7 package org.demoiselle.jee.core.annotation.literal; 7 package org.demoiselle.jee.core.annotation.literal;
8 8
  9 +import java.lang.annotation.Annotation;
9 import javax.enterprise.util.AnnotationLiteral; 10 import javax.enterprise.util.AnnotationLiteral;
10 import javax.inject.Named; 11 import javax.inject.Named;
11 -import java.lang.annotation.Annotation;  
12 12
13 /** 13 /**
14 * Annotation litteral that allows to create instances of the {@link Named} literal. 14 * Annotation litteral that allows to create instances of the {@link Named} literal.
demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java
  Diff comments   View file @3d167b5
@@ -7,9 +7,6 @@ @@ -7,9 +7,6 @@
7 package org.demoiselle.jee.core.interfaces.security; 7 package org.demoiselle.jee.core.interfaces.security;
8 8
9 import java.io.Serializable; 9 import java.io.Serializable;
10 -import java.security.Principal;  
11 -import java.util.List;  
12 -import java.util.Map;  
13 10
14 /** 11 /**
15 * <p> 12 * <p>
demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java
  Diff comments   View file @3d167b5
@@ -7,9 +7,6 @@ @@ -7,9 +7,6 @@
7 package org.demoiselle.jee.core.interfaces.security; 7 package org.demoiselle.jee.core.interfaces.security;
8 8
9 import java.io.Serializable; 9 import java.io.Serializable;
10 -import java.security.Principal;  
11 -import java.util.List;  
12 -import java.util.Map;  
13 10
14 /** 11 /**
15 * <p> 12 * <p>
demoiselle-core/src/main/java/org/demoiselle/jee/core/internal/producer/LoggerProducer.java
  Diff comments   View file @3d167b5
@@ -8,6 +8,7 @@ package org.demoiselle.jee.core.internal.producer; @@ -8,6 +8,7 @@ package org.demoiselle.jee.core.internal.producer;
8 8
9 import java.io.Serializable; 9 import java.io.Serializable;
10 import java.util.logging.Logger; 10 import java.util.logging.Logger;
  11 +import static java.util.logging.Logger.getLogger;
11 import javax.enterprise.context.Dependent; 12 import javax.enterprise.context.Dependent;
12 import javax.enterprise.inject.Default; 13 import javax.enterprise.inject.Default;
13 import javax.enterprise.inject.Produces; 14 import javax.enterprise.inject.Produces;
@@ -40,7 +41,7 @@ public class LoggerProducer implements Serializable { @@ -40,7 +41,7 @@ public class LoggerProducer implements Serializable {
40 name = "not.categorized"; 41 name = "not.categorized";
41 } 42 }
42 43
43 - return Logger.getLogger(name); 44 + return getLogger(name);
44 } 45 }
45 46
46 } 47 }
demoiselle-core/src/main/java/org/demoiselle/jee/core/internal/producer/ResourceBundleProducer.java
  Diff comments   View file @3d167b5
@@ -8,15 +8,14 @@ package org.demoiselle.jee.core.internal.producer; @@ -8,15 +8,14 @@ package org.demoiselle.jee.core.internal.producer;
8 8
9 import java.io.Serializable; 9 import java.io.Serializable;
10 import java.util.Locale; 10 import java.util.Locale;
11 - 11 +import static java.util.Locale.getDefault;
12 import javax.enterprise.context.Dependent; 12 import javax.enterprise.context.Dependent;
13 import javax.enterprise.inject.Default; 13 import javax.enterprise.inject.Default;
14 import javax.enterprise.inject.Produces; 14 import javax.enterprise.inject.Produces;
15 -import javax.enterprise.inject.spi.CDI; 15 +import static javax.enterprise.inject.spi.CDI.current;
16 import javax.enterprise.inject.spi.InjectionPoint; 16 import javax.enterprise.inject.spi.InjectionPoint;
17 -  
18 import org.demoiselle.jee.core.annotation.Name; 17 import org.demoiselle.jee.core.annotation.Name;
19 -import org.demoiselle.jee.core.util.CDIUtils; 18 +import static org.demoiselle.jee.core.util.CDIUtils.getQualifier;
20 import org.demoiselle.jee.core.util.ResourceBundle; 19 import org.demoiselle.jee.core.util.ResourceBundle;
21 20
22 /** 21 /**
@@ -44,7 +43,7 @@ public class ResourceBundleProducer implements Serializable { @@ -44,7 +43,7 @@ public class ResourceBundleProducer implements Serializable {
44 public ResourceBundle create(InjectionPoint ip) { 43 public ResourceBundle create(InjectionPoint ip) {
45 String baseName = null; 44 String baseName = null;
46 if (ip != null && ip.getQualifiers() != null) { 45 if (ip != null && ip.getQualifiers() != null) {
47 - Name nameQualifier = CDIUtils.getQualifier(Name.class, ip); 46 + Name nameQualifier = getQualifier(Name.class, ip);
48 if (nameQualifier != null) { 47 if (nameQualifier != null) {
49 baseName = nameQualifier.value(); 48 baseName = nameQualifier.value();
50 if ("".equals(baseName)) { 49 if ("".equals(baseName)) {
@@ -62,13 +61,13 @@ public class ResourceBundleProducer implements Serializable { @@ -62,13 +61,13 @@ public class ResourceBundleProducer implements Serializable {
62 61
63 try { 62 try {
64 bundle = baseName != null 63 bundle = baseName != null
65 - ? new ResourceBundle(baseName, CDI.current().select(Locale.class).get()) { 64 + ? new ResourceBundle(baseName, current().select(Locale.class).get()) {
66 } 65 }
67 - : new ResourceBundle("messages", CDI.current().select(Locale.class).get()); 66 + : new ResourceBundle("messages", current().select(Locale.class).get());
68 } catch (RuntimeException e) { 67 } catch (RuntimeException e) {
69 bundle = baseName != null 68 bundle = baseName != null
70 - ? new ResourceBundle(baseName, Locale.getDefault())  
71 - : new ResourceBundle("messages", Locale.getDefault()); 69 + ? new ResourceBundle(baseName, getDefault())
  70 + : new ResourceBundle("messages", getDefault());
72 } 71 }
73 72
74 return bundle; 73 return bundle;
demoiselle-core/src/main/java/org/demoiselle/jee/core/lifecycle/LifecycleAnnotation.java
  Diff comments   View file @3d167b5
@@ -9,9 +9,8 @@ package org.demoiselle.jee.core.lifecycle; @@ -9,9 +9,8 @@ package org.demoiselle.jee.core.lifecycle;
9 import java.lang.annotation.ElementType; 9 import java.lang.annotation.ElementType;
10 import java.lang.annotation.Inherited; 10 import java.lang.annotation.Inherited;
11 import java.lang.annotation.Retention; 11 import java.lang.annotation.Retention;
12 -import java.lang.annotation.Target;  
13 -  
14 import static java.lang.annotation.RetentionPolicy.RUNTIME; 12 import static java.lang.annotation.RetentionPolicy.RUNTIME;
  13 +import java.lang.annotation.Target;
15 14
16 /** 15 /**
17 * Annotate other annotations with this one to 16 * Annotate other annotations with this one to
demoiselle-core/src/main/java/org/demoiselle/jee/core/util/CDIUtils.java
  Diff comments   View file @3d167b5
@@ -8,7 +8,6 @@ package org.demoiselle.jee.core.util; @@ -8,7 +8,6 @@ package org.demoiselle.jee.core.util;
8 8
9 import java.lang.annotation.Annotation; 9 import java.lang.annotation.Annotation;
10 import java.util.Collection; 10 import java.util.Collection;
11 -  
12 import javax.enterprise.inject.spi.InjectionPoint; 11 import javax.enterprise.inject.spi.InjectionPoint;
13 12
14 /** 13 /**
demoiselle-core/src/main/java/org/demoiselle/jee/core/util/Reflections.java
  Diff comments   View file @3d167b5
@@ -7,11 +7,14 @@ @@ -7,11 +7,14 @@
7 package org.demoiselle.jee.core.util; 7 package org.demoiselle.jee.core.util;
8 8
9 import java.io.InputStream; 9 import java.io.InputStream;
  10 +import static java.lang.Thread.currentThread;
10 import java.lang.reflect.*; 11 import java.lang.reflect.*;
  12 +import static java.lang.reflect.Modifier.isStatic;
11 import java.net.URL; 13 import java.net.URL;
12 import java.util.ArrayList; 14 import java.util.ArrayList;
13 -import java.util.Arrays; 15 +import static java.util.Arrays.asList;
14 import java.util.List; 16 import java.util.List;
  17 +import static org.demoiselle.jee.core.util.Exceptions.handleToRuntimeException;
15 18
16 /** 19 /**
17 * Provides some features to do some operations relating to java reflection. 20 * Provides some features to do some operations relating to java reflection.
@@ -171,7 +174,7 @@ public class Reflections { @@ -171,7 +174,7 @@ public class Reflections {
171 field.setAccessible(acessible); 174 field.setAccessible(acessible);
172 175
173 } catch (Exception e) { 176 } catch (Exception e) {
174 - Exceptions.handleToRuntimeException(e); 177 + handleToRuntimeException(e);
175 } 178 }
176 179
177 return result; 180 return result;
@@ -192,7 +195,7 @@ public class Reflections { @@ -192,7 +195,7 @@ public class Reflections {
192 field.setAccessible(acessible); 195 field.setAccessible(acessible);
193 196
194 } catch (Exception e) { 197 } catch (Exception e) {
195 - Exceptions.handleToRuntimeException(e); 198 + handleToRuntimeException(e);
196 } 199 }
197 } 200 }
198 201
@@ -202,11 +205,11 @@ public class Reflections { @@ -202,11 +205,11 @@ public class Reflections {
202 * inherited fields you must iterate over this type's hierarchy. 205 * inherited fields you must iterate over this type's hierarchy.
203 */ 206 */
204 public static Field[] getNonStaticDeclaredFields(Class<?> type) { 207 public static Field[] getNonStaticDeclaredFields(Class<?> type) {
205 - List<Field> fields = new ArrayList<Field>(); 208 + List<Field> fields = new ArrayList<>();
206 209
207 if (type != null) { 210 if (type != null) {
208 for (Field field : type.getDeclaredFields()) { 211 for (Field field : type.getDeclaredFields()) {
209 - if (!Modifier.isStatic(field.getModifiers()) && !field.getType().equals(type.getDeclaringClass())) { 212 + if (!isStatic(field.getModifiers()) && !field.getType().equals(type.getDeclaringClass())) {
210 fields.add(field); 213 fields.add(field);
211 } 214 }
212 } 215 }
@@ -220,12 +223,12 @@ public class Reflections { @@ -220,12 +223,12 @@ public class Reflections {
220 * @return All non static fields from a certain type, including fields declared in superclasses of this type. 223 * @return All non static fields from a certain type, including fields declared in superclasses of this type.
221 */ 224 */
222 public static List<Field> getNonStaticFields(Class<?> type) { 225 public static List<Field> getNonStaticFields(Class<?> type) {
223 - List<Field> fields = new ArrayList<Field>(); 226 + List<Field> fields = new ArrayList<>();
224 227
225 if (type != null) { 228 if (type != null) {
226 Class<?> currentType = type; 229 Class<?> currentType = type;
227 while (currentType != null && !"java.lang.Object".equals(currentType.getCanonicalName())) { 230 while (currentType != null && !"java.lang.Object".equals(currentType.getCanonicalName())) {
228 - fields.addAll(Arrays.asList(getNonStaticDeclaredFields(currentType))); 231 + fields.addAll(asList(getNonStaticDeclaredFields(currentType)));
229 currentType = currentType.getSuperclass(); 232 currentType = currentType.getSuperclass();
230 } 233 }
231 } 234 }
@@ -245,7 +248,7 @@ public class Reflections { @@ -245,7 +248,7 @@ public class Reflections {
245 try { 248 try {
246 object = clazz.newInstance(); 249 object = clazz.newInstance();
247 } catch (InstantiationException | IllegalAccessException e) { 250 } catch (InstantiationException | IllegalAccessException e) {
248 - Exceptions.handleToRuntimeException(e); 251 + handleToRuntimeException(e);
249 } 252 }
250 return object; 253 return object;
251 } 254 }
@@ -268,7 +271,7 @@ public class Reflections { @@ -268,7 +271,7 @@ public class Reflections {
268 * @return {@link ClassLoader} ClassLoader for the given class. 271 * @return {@link ClassLoader} ClassLoader for the given class.
269 */ 272 */
270 public static ClassLoader getClassLoaderForClass(final String canonicalName) { 273 public static ClassLoader getClassLoaderForClass(final String canonicalName) {
271 - return Reflections.getClassLoaderForResource(canonicalName.replaceAll("\.", "/") + ".class"); 274 + return getClassLoaderForResource(canonicalName.replaceAll("\.", "/") + ".class");
272 } 275 }
273 276
274 /** 277 /**
@@ -281,7 +284,7 @@ public class Reflections { @@ -281,7 +284,7 @@ public class Reflections {
281 final String stripped = resource.charAt(0) == '/' ? resource.substring(1) : resource; 284 final String stripped = resource.charAt(0) == '/' ? resource.substring(1) : resource;
282 285
283 URL url = null; 286 URL url = null;
284 - ClassLoader result = Thread.currentThread().getContextClassLoader(); 287 + ClassLoader result = currentThread().getContextClassLoader();
285 288
286 if (result != null) { 289 if (result != null) {
287 url = result.getResource(stripped); 290 url = result.getResource(stripped);
demoiselle-core/src/main/java/org/demoiselle/jee/core/util/ResourceBundle.java
  Diff comments   View file @3d167b5
@@ -7,6 +7,7 @@ @@ -7,6 +7,7 @@
7 package org.demoiselle.jee.core.util; 7 package org.demoiselle.jee.core.util;
8 8
9 import java.io.Serializable; 9 import java.io.Serializable;
  10 +import static java.lang.Thread.currentThread;
10 import java.lang.reflect.Method; 11 import java.lang.reflect.Method;
11 import java.util.Enumeration; 12 import java.util.Enumeration;
12 import java.util.Locale; 13 import java.util.Locale;
@@ -37,11 +38,11 @@ public class ResourceBundle extends java.util.ResourceBundle implements Serializ @@ -37,11 +38,11 @@ public class ResourceBundle extends java.util.ResourceBundle implements Serializ
37 private java.util.ResourceBundle getDelegate() { 38 private java.util.ResourceBundle getDelegate() {
38 if (delegate == null) { 39 if (delegate == null) {
39 try { 40 try {
40 - ClassLoader classLoader = Thread.currentThread().getContextClassLoader();  
41 - delegate = ResourceBundle.getBundle(baseName, locale, classLoader); 41 + ClassLoader classLoader = currentThread().getContextClassLoader();
  42 + delegate = getBundle(baseName, locale, classLoader);
42 43
43 } catch (MissingResourceException mre) { 44 } catch (MissingResourceException mre) {
44 - delegate = ResourceBundle.getBundle(baseName, locale); 45 + delegate = getBundle(baseName, locale);
45 } 46 }
46 } 47 }
47 48
demoiselle-core/src/main/java/org/demoiselle/jee/core/util/Strings.java
  Diff comments   View file @3d167b5
@@ -10,12 +10,14 @@ import java.io.BufferedReader; @@ -10,12 +10,14 @@ import java.io.BufferedReader;
10 import java.io.IOException; 10 import java.io.IOException;
11 import java.io.InputStream; 11 import java.io.InputStream;
12 import java.io.InputStreamReader; 12 import java.io.InputStreamReader;
  13 +import static java.lang.String.valueOf;
13 import java.lang.reflect.Field; 14 import java.lang.reflect.Field;
14 import java.util.Arrays; 15 import java.util.Arrays;
15 -import java.util.regex.Matcher;  
16 -import java.util.regex.Pattern;  
17 - 16 +import static java.util.regex.Matcher.quoteReplacement;
  17 +import static java.util.regex.Pattern.matches;
18 import org.demoiselle.jee.core.annotation.Ignore; 18 import org.demoiselle.jee.core.annotation.Ignore;
  19 +import static org.demoiselle.jee.core.util.Reflections.getFieldValue;
  20 +import static org.demoiselle.jee.core.util.Reflections.getNonStaticDeclaredFields;
19 21
20 /** 22 /**
21 * Contain a set of methods that implements a set of functionalities that 23 * Contain a set of methods that implements a set of functionalities that
@@ -36,7 +38,7 @@ public final class Strings { @@ -36,7 +38,7 @@ public final class Strings {
36 * @return boolean true if matches and false otherwise. 38 * @return boolean true if matches and false otherwise.
37 */ 39 */
38 public static boolean isResourceBundleKeyFormat(final String key) { 40 public static boolean isResourceBundleKeyFormat(final String key) {
39 - return Pattern.matches("^\{(.+)\}$", key == null ? "" : key); 41 + return matches("^\{(.+)\}$", key == null ? "" : key);
40 } 42 }
41 43
42 /** 44 /**
@@ -51,7 +53,7 @@ public final class Strings { @@ -51,7 +53,7 @@ public final class Strings {
51 53
52 if (result != null) { 54 if (result != null) {
53 for (char ch : chars) { 55 for (char ch : chars) {
54 - result = result.replace(String.valueOf(ch), ""); 56 + result = result.replace(valueOf(ch), "");
55 } 57 }
56 } 58 }
57 return result; 59 return result;
@@ -122,7 +124,7 @@ public final class Strings { @@ -122,7 +124,7 @@ public final class Strings {
122 if (params != null && string != null) { 124 if (params != null && string != null) {
123 for (int i = 0; i < params.length; i++) { 125 for (int i = 0; i < params.length; i++) {
124 if (params[i] != null) { 126 if (params[i] != null) {
125 - result = result.replaceAll("\\{" + i + "\\}", Matcher.quoteReplacement(params[i].toString())); 127 + result = result.replaceAll("\\{" + i + "\\}", quoteReplacement(params[i].toString()));
126 } 128 }
127 } 129 }
128 } 130 }
@@ -156,7 +158,7 @@ public final class Strings { @@ -156,7 +158,7 @@ public final class Strings {
156 result.append(" ["); 158 result.append(" [");
157 159
158 boolean first = true; 160 boolean first = true;
159 - for (Field field : Reflections.getNonStaticDeclaredFields(object.getClass())) { 161 + for (Field field : getNonStaticDeclaredFields(object.getClass())) {
160 if (!field.isAnnotationPresent(Ignore.class)) { 162 if (!field.isAnnotationPresent(Ignore.class)) {
161 if (first) { 163 if (first) {
162 first = false; 164 first = false;
@@ -166,7 +168,7 @@ public final class Strings { @@ -166,7 +168,7 @@ public final class Strings {
166 168
167 result.append(field.getName()); 169 result.append(field.getName());
168 result.append('='); 170 result.append('=');
169 - fieldValue = Reflections.getFieldValue(field, object); 171 + fieldValue = getFieldValue(field, object);
170 result.append(fieldValue != null && fieldValue.getClass().isArray() 172 result.append(fieldValue != null && fieldValue.getClass().isArray()
171 ? Arrays.toString((Object[]) fieldValue) 173 ? Arrays.toString((Object[]) fieldValue)
172 : fieldValue); 174 : fieldValue);
@@ -205,7 +207,7 @@ public final class Strings { @@ -205,7 +207,7 @@ public final class Strings {
205 public static String firstToUpper(String string) { 207 public static String firstToUpper(String string) {
206 String result = string; 208 String result = string;
207 209
208 - if (!Strings.isEmpty(string)) { 210 + if (!isEmpty(string)) {
209 result = string.toUpperCase().charAt(0) + (string.length() > 1 ? string.substring(1) : ""); 211 result = string.toUpperCase().charAt(0) + (string.length() > 1 ? string.substring(1) : "");
210 } 212 }
211 213
@@ -248,20 +250,13 @@ public final class Strings { @@ -248,20 +250,13 @@ public final class Strings {
248 StringBuilder result = new StringBuilder(); 250 StringBuilder result = new StringBuilder();
249 251
250 if (inputStream != null) { 252 if (inputStream != null) {
251 - BufferedReader reader = null;  
252 -  
253 - try {  
254 - reader = new BufferedReader(new InputStreamReader(inputStream)); 253 + try (BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream))) {
255 String line; 254 String line;
256 255
257 while ((line = reader.readLine()) != null) { 256 while ((line = reader.readLine()) != null) {
258 result.append(line); 257 result.append(line);
259 } 258 }
260 259
261 - } finally {  
262 - if (reader != null) {  
263 - reader.close();  
264 - }  
265 } 260 }
266 } 261 }
267 262
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java
  Diff comments   View file @3d167b5
@@ -14,7 +14,7 @@ public class DemoiselleRESTException extends DemoiselleException { @@ -14,7 +14,7 @@ public class DemoiselleRESTException extends DemoiselleException {
14 14
15 private static final long serialVersionUID = 519965615171844237L; 15 private static final long serialVersionUID = 519965615171844237L;
16 16
17 - private HashMap<String, String> messages = new HashMap<String, String>(); 17 + private HashMap<String, String> messages = new HashMap<>();
18 18
19 private int statusCode; 19 private int statusCode;
20 20
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java
  Diff comments   View file @3d167b5
@@ -12,7 +12,13 @@ import java.util.HashMap; @@ -12,7 +12,13 @@ import java.util.HashMap;
12 12
13 import javax.ws.rs.WebApplicationException; 13 import javax.ws.rs.WebApplicationException;
14 import javax.ws.rs.core.MediaType; 14 import javax.ws.rs.core.MediaType;
  15 +import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
15 import javax.ws.rs.core.Response; 16 import javax.ws.rs.core.Response;
  17 +import static javax.ws.rs.core.Response.Status.INTERNAL_SERVER_ERROR;
  18 +import static javax.ws.rs.core.Response.status;
  19 +import static javax.ws.rs.core.Response.status;
  20 +import static javax.ws.rs.core.Response.status;
  21 +import static javax.ws.rs.core.Response.status;
16 import javax.ws.rs.ext.ExceptionMapper; 22 import javax.ws.rs.ext.ExceptionMapper;
17 import javax.ws.rs.ext.Provider; 23 import javax.ws.rs.ext.Provider;
18 24
@@ -30,16 +36,16 @@ public class GenericExceptionMapper implements ExceptionMapper&lt;Exception&gt; { @@ -30,16 +36,16 @@ public class GenericExceptionMapper implements ExceptionMapper&lt;Exception&gt; {
30 if (ex instanceof DemoiselleRESTException) { 36 if (ex instanceof DemoiselleRESTException) {
31 DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex; 37 DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex;
32 if (!exDemoiselleREST.getMessages().isEmpty()) { 38 if (!exDemoiselleREST.getMessages().isEmpty()) {
33 - return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages())  
34 - .type(MediaType.APPLICATION_JSON).build(); 39 + return status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages())
  40 + .type(APPLICATION_JSON).build();
35 } else if (exDemoiselleREST.getStatusCode() > 0){ 41 } else if (exDemoiselleREST.getStatusCode() > 0){
36 - return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessage())  
37 - .type(MediaType.APPLICATION_JSON).build(); 42 + return status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessage())
  43 + .type(APPLICATION_JSON).build();
38 } 44 }
39 45
40 } 46 }
41 47
42 - HashMap<String, String> entity = new HashMap<String, String>(); 48 + HashMap<String, String> entity = new HashMap<>();
43 49
44 // No caso de existir message ele mostra a MESSAGE da Exception 50 // No caso de existir message ele mostra a MESSAGE da Exception
45 if (ex.getMessage() != null) { 51 if (ex.getMessage() != null) {
@@ -57,16 +63,16 @@ public class GenericExceptionMapper implements ExceptionMapper&lt;Exception&gt; { @@ -57,16 +63,16 @@ public class GenericExceptionMapper implements ExceptionMapper&lt;Exception&gt; {
57 63
58 // Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException 64 // Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException
59 // http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html 65 // http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html
60 - int responseCode = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(); 66 + int responseCode = INTERNAL_SERVER_ERROR.getStatusCode();
61 if (ex instanceof WebApplicationException) { 67 if (ex instanceof WebApplicationException) {
62 responseCode = ((WebApplicationException) ex).getResponse().getStatus(); 68 responseCode = ((WebApplicationException) ex).getResponse().getStatus();
63 } 69 }
64 70
65 - return Response.status(responseCode).entity(entity).type(MediaType.APPLICATION_JSON).build(); 71 + return status(responseCode).entity(entity).type(APPLICATION_JSON).build();
66 } 72 }
67 73
68 entity.put("error", "Erro interno desconhecido no servidor."); 74 entity.put("error", "Erro interno desconhecido no servidor.");
69 - return Response.status(500).entity(entity).type(MediaType.APPLICATION_JSON).build(); 75 + return status(500).entity(entity).type(APPLICATION_JSON).build();
70 } 76 }
71 77
72 } 78 }
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java
  Diff comments   View file @3d167b5
@@ -16,6 +16,7 @@ import javax.interceptor.InvocationContext; @@ -16,6 +16,7 @@ import javax.interceptor.InvocationContext;
16 import javax.validation.ConstraintViolation; 16 import javax.validation.ConstraintViolation;
17 import javax.validation.UnexpectedTypeException; 17 import javax.validation.UnexpectedTypeException;
18 import javax.validation.Validation; 18 import javax.validation.Validation;
  19 +import static javax.validation.Validation.buildDefaultValidatorFactory;
19 import javax.validation.Validator; 20 import javax.validation.Validator;
20 import javax.validation.ValidatorFactory; 21 import javax.validation.ValidatorFactory;
21 22
@@ -30,10 +31,10 @@ public class ValidatePayloadInterceptor implements Serializable { @@ -30,10 +31,10 @@ public class ValidatePayloadInterceptor implements Serializable {
30 @AroundInvoke 31 @AroundInvoke
31 public Object manage(final InvocationContext ic) throws Exception { 32 public Object manage(final InvocationContext ic) throws Exception {
32 DemoiselleRESTException ex = new DemoiselleRESTException(); 33 DemoiselleRESTException ex = new DemoiselleRESTException();
33 - Set<ConstraintViolation<?>> violations = new HashSet<ConstraintViolation<?>>(); 34 + Set<ConstraintViolation<?>> violations = new HashSet<>();
34 for (Object params : ic.getParameters()) { 35 for (Object params : ic.getParameters()) {
35 if (params != null) { 36 if (params != null) {
36 - ValidatorFactory dfv = Validation.buildDefaultValidatorFactory(); 37 + ValidatorFactory dfv = buildDefaultValidatorFactory();
37 Validator validator = dfv.getValidator(); 38 Validator validator = dfv.getValidator();
38 try { 39 try {
39 violations.addAll(validator.validate(params)); 40 violations.addAll(validator.validate(params));
demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/DemoisellePrincipalImpl.java 0 → 100644
  Diff comments   View file @3d167b5
@@ -0,0 +1,99 @@ @@ -0,0 +1,99 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + *
  4 + * License: GNU Lesser General Public License (LGPL), version 3 or later.
  5 + * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
  6 + */
  7 +package org.demoiselle.jee.security.jwt.impl;
  8 +
  9 +import java.util.List;
  10 +import java.util.Map;
  11 +import java.util.Objects;
  12 +import javax.enterprise.context.ApplicationScoped;
  13 +import javax.enterprise.context.Dependent;
  14 +import javax.enterprise.context.RequestScoped;
  15 +import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
  16 +
  17 +/**
  18 + *
  19 + * @author 70744416353
  20 + */
  21 +@RequestScoped
  22 +public class DemoisellePrincipalImpl implements DemoisellePrincipal {
  23 +
  24 + private String id;
  25 + private String name;
  26 + private List<String> roles;
  27 + private Map<String, String> permissions;
  28 +
  29 + @Override
  30 + public String getId() {
  31 + return id;
  32 + }
  33 +
  34 + @Override
  35 + public void setId(String id) {
  36 + this.id = id;
  37 + }
  38 +
  39 + @Override
  40 + public String getName() {
  41 + return name;
  42 + }
  43 +
  44 + @Override
  45 + public void setName(String name) {
  46 + this.name = name;
  47 + }
  48 +
  49 + @Override
  50 + public List<String> getRoles() {
  51 + return roles;
  52 + }
  53 +
  54 + @Override
  55 + public void setRoles(List<String> roles) {
  56 + this.roles = roles;
  57 + }
  58 +
  59 + @Override
  60 + public Map<String, String> getPermissions() {
  61 + return permissions;
  62 + }
  63 +
  64 + @Override
  65 + public void setPermissions(Map<String, String> permissions) {
  66 + this.permissions = permissions;
  67 + }
  68 +
  69 + @Override
  70 + public int hashCode() {
  71 + int hash = 7;
  72 + hash = 37 * hash + Objects.hashCode(this.id);
  73 + return hash;
  74 + }
  75 +
  76 + @Override
  77 + public boolean equals(Object obj) {
  78 + if (this == obj) {
  79 + return true;
  80 + }
  81 + if (obj == null) {
  82 + return false;
  83 + }
  84 + if (getClass() != obj.getClass()) {
  85 + return false;
  86 + }
  87 + final DemoisellePrincipalImpl other = (DemoisellePrincipalImpl) obj;
  88 + if (!Objects.equals(this.id, other.id)) {
  89 + return false;
  90 + }
  91 + return true;
  92 + }
  93 +
  94 + @Override
  95 + public String toString() {
  96 + return "DemoisellePrincipal{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
  97 + }
  98 +
  99 +}
demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java
  Diff comments   View file @3d167b5
@@ -15,9 +15,12 @@ import javax.servlet.http.HttpServletRequest; @@ -15,9 +15,12 @@ import javax.servlet.http.HttpServletRequest;
15 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; 15 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
16 import org.demoiselle.jee.core.interfaces.security.Token; 16 import org.demoiselle.jee.core.interfaces.security.Token;
17 import org.demoiselle.jee.core.interfaces.security.TokensManager; 17 import org.demoiselle.jee.core.interfaces.security.TokensManager;
  18 +import static org.jose4j.jwk.PublicJsonWebKey.Factory.newPublicJwk;
18 import org.jose4j.jwk.RsaJsonWebKey; 19 import org.jose4j.jwk.RsaJsonWebKey;
19 import org.jose4j.jwk.RsaJwkGenerator; 20 import org.jose4j.jwk.RsaJwkGenerator;
  21 +import static org.jose4j.jwk.RsaJwkGenerator.generateJwk;
20 import org.jose4j.jws.AlgorithmIdentifiers; 22 import org.jose4j.jws.AlgorithmIdentifiers;
  23 +import static org.jose4j.jws.AlgorithmIdentifiers.HMAC_SHA512;
21 import org.jose4j.jws.JsonWebSignature; 24 import org.jose4j.jws.JsonWebSignature;
22 import org.jose4j.jwt.JwtClaims; 25 import org.jose4j.jwt.JwtClaims;
23 import org.jose4j.jwt.consumer.InvalidJwtException; 26 import org.jose4j.jwt.consumer.InvalidJwtException;
@@ -48,8 +51,7 @@ public class TokensManagerImpl implements TokensManager { @@ -48,8 +51,7 @@ public class TokensManagerImpl implements TokensManager {
48 51
49 public TokensManagerImpl() throws JoseException { 52 public TokensManagerImpl() throws JoseException {
50 if (rsaJsonWebKey == null) { 53 if (rsaJsonWebKey == null) {
51 -// RsaJsonWebKey chave = RsaJwkGenerator.generateJwk(2048);  
52 - rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk(RsaJwkGenerator.generateJwk(2048).getKey()); 54 + rsaJsonWebKey = (RsaJsonWebKey) newPublicJwk(generateJwk(2048).getKey());
53 rsaJsonWebKey.setKeyId("demoiselle-security-jwt"); 55 rsaJsonWebKey.setKeyId("demoiselle-security-jwt");
54 } 56 }
55 } 57 }
@@ -106,7 +108,7 @@ public class TokensManagerImpl implements TokensManager { @@ -106,7 +108,7 @@ public class TokensManagerImpl implements TokensManager {
106 jws.setPayload(claims.toJson()); 108 jws.setPayload(claims.toJson());
107 jws.setKey(rsaJsonWebKey.getKey()); 109 jws.setKey(rsaJsonWebKey.getKey());
108 jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId()); 110 jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId());
109 - jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA512); 111 + jws.setAlgorithmHeaderValue(HMAC_SHA512);
110 token.setKey(jws.getCompactSerialization()); 112 token.setKey(jws.getCompactSerialization());
111 token.setType("JWT"); 113 token.setType("JWT");
112 } catch (JoseException ex) { 114 } catch (JoseException ex) {
@@ -118,7 +120,7 @@ public class TokensManagerImpl implements TokensManager { @@ -118,7 +120,7 @@ public class TokensManagerImpl implements TokensManager {
118 120
119 @Override 121 @Override
120 public boolean validate() { 122 public boolean validate() {
121 - return getUser() != null; 123 + return getUser() != null && getUser().getId() != null;
122 } 124 }
123 125
124 } 126 }
demoiselle-security-token/src/main/java/org/demoiselle/jee/security/token/impl/DemoisellePrincipalImpl.java 0 → 100644
  Diff comments   View file @3d167b5
@@ -0,0 +1,97 @@ @@ -0,0 +1,97 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + *
  4 + * License: GNU Lesser General Public License (LGPL), version 3 or later.
  5 + * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
  6 + */
  7 +package org.demoiselle.jee.security.token.impl;
  8 +
  9 +import java.util.List;
  10 +import java.util.Map;
  11 +import java.util.Objects;
  12 +import javax.enterprise.context.Dependent;
  13 +import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
  14 +
  15 +/**
  16 + *
  17 + * @author 70744416353
  18 + */
  19 +@Dependent
  20 +public class DemoisellePrincipalImpl implements DemoisellePrincipal {
  21 +
  22 + private String id;
  23 + private String name;
  24 + private List<String> roles;
  25 + private Map<String, String> permissions;
  26 +
  27 + @Override
  28 + public String getId() {
  29 + return id;
  30 + }
  31 +
  32 + @Override
  33 + public void setId(String id) {
  34 + this.id = id;
  35 + }
  36 +
  37 + @Override
  38 + public String getName() {
  39 + return name;
  40 + }
  41 +
  42 + @Override
  43 + public void setName(String name) {
  44 + this.name = name;
  45 + }
  46 +
  47 + @Override
  48 + public List<String> getRoles() {
  49 + return roles;
  50 + }
  51 +
  52 + @Override
  53 + public void setRoles(List<String> roles) {
  54 + this.roles = roles;
  55 + }
  56 +
  57 + @Override
  58 + public Map<String, String> getPermissions() {
  59 + return permissions;
  60 + }
  61 +
  62 + @Override
  63 + public void setPermissions(Map<String, String> permissions) {
  64 + this.permissions = permissions;
  65 + }
  66 +
  67 + @Override
  68 + public int hashCode() {
  69 + int hash = 7;
  70 + hash = 37 * hash + Objects.hashCode(this.id);
  71 + return hash;
  72 + }
  73 +
  74 + @Override
  75 + public boolean equals(Object obj) {
  76 + if (this == obj) {
  77 + return true;
  78 + }
  79 + if (obj == null) {
  80 + return false;
  81 + }
  82 + if (getClass() != obj.getClass()) {
  83 + return false;
  84 + }
  85 + final DemoisellePrincipalImpl other = (DemoisellePrincipalImpl) obj;
  86 + if (!Objects.equals(this.id, other.id)) {
  87 + return false;
  88 + }
  89 + return true;
  90 + }
  91 +
  92 + @Override
  93 + public String toString() {
  94 + return "DemoisellePrincipal{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
  95 + }
  96 +
  97 +}
demoiselle-security-token/src/main/java/org/demoiselle/jee/security/token/impl/TokensManagerImpl.java
  Diff comments   View file @3d167b5
@@ -5,11 +5,15 @@ @@ -5,11 +5,15 @@
5 */ 5 */
6 package org.demoiselle.jee.security.token.impl; 6 package org.demoiselle.jee.security.token.impl;
7 7
  8 +import java.util.Map;
8 import java.util.UUID; 9 import java.util.UUID;
  10 +import static java.util.UUID.randomUUID;
9 import java.util.concurrent.ConcurrentHashMap; 11 import java.util.concurrent.ConcurrentHashMap;
10 import java.util.logging.Logger; 12 import java.util.logging.Logger;
  13 +import javax.enterprise.context.ApplicationScoped;
11 import javax.enterprise.context.Dependent; 14 import javax.enterprise.context.Dependent;
12 import javax.inject.Inject; 15 import javax.inject.Inject;
  16 +import javax.ws.rs.ApplicationPath;
13 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; 17 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
14 import org.demoiselle.jee.core.interfaces.security.Token; 18 import org.demoiselle.jee.core.interfaces.security.Token;
15 import org.demoiselle.jee.core.interfaces.security.TokensManager; 19 import org.demoiselle.jee.core.interfaces.security.TokensManager;
@@ -18,10 +22,10 @@ import org.demoiselle.jee.core.interfaces.security.TokensManager; @@ -18,10 +22,10 @@ import org.demoiselle.jee.core.interfaces.security.TokensManager;
18 * 22 *
19 * @author 70744416353 23 * @author 70744416353
20 */ 24 */
21 -@Dependent 25 +@ApplicationScoped
22 public class TokensManagerImpl implements TokensManager { 26 public class TokensManagerImpl implements TokensManager {
23 27
24 - private static ConcurrentHashMap<String, DemoisellePrincipal> repo = new ConcurrentHashMap<>(); 28 + private ConcurrentHashMap<String, DemoisellePrincipal> repo = new ConcurrentHashMap<>();
25 29
26 @Inject 30 @Inject
27 private Logger logger; 31 private Logger logger;
@@ -39,19 +43,24 @@ public class TokensManagerImpl implements TokensManager { @@ -39,19 +43,24 @@ public class TokensManagerImpl implements TokensManager {
39 43
40 @Override 44 @Override
41 public void setUser(DemoisellePrincipal user) { 45 public void setUser(DemoisellePrincipal user) {
42 - if (!repo.containsValue(user)) {  
43 - String value = UUID.randomUUID().toString();  
44 - repo.put(value, user); 46 + token.setKey(null);
  47 +
  48 + repo.entrySet().stream().parallel().filter((entry) -> (entry.getValue().equals(user))).forEach((entry) -> {
  49 + token.setKey(entry.getKey());
  50 + });
  51 +
  52 + if (token.getKey() == null) {
  53 + String value = randomUUID().toString();
  54 + repo.putIfAbsent(value, user);
45 token.setKey(value); 55 token.setKey(value);
46 - } else {  
47 - token.setKey((repo.entrySet().parallelStream().filter((e) -> (user.equals(e.getValue()))).findAny().get()).getKey());  
48 } 56 }
  57 +
49 token.setType("Token"); 58 token.setType("Token");
50 } 59 }
51 60
52 @Override 61 @Override
53 public boolean validate() { 62 public boolean validate() {
54 - return getUser() != null; 63 + return getUser() != null && getUser().getId() != null;
55 } 64 }
56 65
57 } 66 }
demoiselle-security/pom.xml
  Diff comments   View file @3d167b5
@@ -18,12 +18,7 @@ @@ -18,12 +18,7 @@
18 </parent> 18 </parent>
19 19
20 <dependencies> 20 <dependencies>
21 -  
22 - <dependency>  
23 - <groupId>org.demoiselle.jee</groupId>  
24 - <artifactId>demoiselle-core</artifactId>  
25 - </dependency>  
26 - 21 +
27 <dependency> 22 <dependency>
28 <groupId>org.demoiselle.jee</groupId> 23 <groupId>org.demoiselle.jee</groupId>
29 <artifactId>demoiselle-rest</artifactId> 24 <artifactId>demoiselle-rest</artifactId>
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/DemoiselleSecurityException.java
  Diff comments   View file @3d167b5
@@ -14,7 +14,7 @@ public class DemoiselleSecurityException extends DemoiselleRESTException { @@ -14,7 +14,7 @@ public class DemoiselleSecurityException extends DemoiselleRESTException {
14 14
15 private static final long serialVersionUID = 519965615171844237L; 15 private static final long serialVersionUID = 519965615171844237L;
16 16
17 - private HashMap<String, String> messages = new HashMap<String, String>(); 17 + private HashMap<String, String> messages = new HashMap<>();
18 18
19 private int statusCode; 19 private int statusCode;
20 20
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java
View file @de2b8e5
@@ -1,98 +0,0 @@ @@ -1,98 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - *  
4 - * License: GNU Lesser General Public License (LGPL), version 3 or later.  
5 - * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.  
6 - */  
7 -package org.demoiselle.jee.security.impl;  
8 -  
9 -import java.util.List;  
10 -import java.util.Map;  
11 -import java.util.Objects;  
12 -import javax.enterprise.context.Dependent;  
13 -import javax.enterprise.context.RequestScoped;  
14 -import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;  
15 -  
16 -/**  
17 - *  
18 - * @author 70744416353  
19 - */  
20 -@RequestScoped  
21 -public class DemoisellePrincipalImpl implements DemoisellePrincipal {  
22 -  
23 - private String id;  
24 - private String name;  
25 - private List<String> roles;  
26 - private Map<String, String> permissions;  
27 -  
28 - @Override  
29 - public String getId() {  
30 - return id;  
31 - }  
32 -  
33 - @Override  
34 - public void setId(String id) {  
35 - this.id = id;  
36 - }  
37 -  
38 - @Override  
39 - public String getName() {  
40 - return name;  
41 - }  
42 -  
43 - @Override  
44 - public void setName(String name) {  
45 - this.name = name;  
46 - }  
47 -  
48 - @Override  
49 - public List<String> getRoles() {  
50 - return roles;  
51 - }  
52 -  
53 - @Override  
54 - public void setRoles(List<String> roles) {  
55 - this.roles = roles;  
56 - }  
57 -  
58 - @Override  
59 - public Map<String, String> getPermissions() {  
60 - return permissions;  
61 - }  
62 -  
63 - @Override  
64 - public void setPermissions(Map<String, String> permissions) {  
65 - this.permissions = permissions;  
66 - }  
67 -  
68 - @Override  
69 - public int hashCode() {  
70 - int hash = 7;  
71 - hash = 37 * hash + Objects.hashCode(this.id);  
72 - return hash;  
73 - }  
74 -  
75 - @Override  
76 - public boolean equals(Object obj) {  
77 - if (this == obj) {  
78 - return true;  
79 - }  
80 - if (obj == null) {  
81 - return false;  
82 - }  
83 - if (getClass() != obj.getClass()) {  
84 - return false;  
85 - }  
86 - final DemoisellePrincipalImpl other = (DemoisellePrincipalImpl) obj;  
87 - if (!Objects.equals(this.id, other.id)) {  
88 - return false;  
89 - }  
90 - return true;  
91 - }  
92 -  
93 - @Override  
94 - public String toString() {  
95 - return "DemoisellePrincipal{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';  
96 - }  
97 -  
98 -}  
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
  Diff comments   View file @3d167b5
@@ -6,6 +6,7 @@ @@ -6,6 +6,7 @@
6 */ 6 */
7 package org.demoiselle.jee.security.impl; 7 package org.demoiselle.jee.security.impl;
8 8
  9 +import javax.enterprise.context.ApplicationScoped;
9 import javax.enterprise.context.Dependent; 10 import javax.enterprise.context.Dependent;
10 import javax.enterprise.context.RequestScoped; 11 import javax.enterprise.context.RequestScoped;
11 import javax.inject.Inject; 12 import javax.inject.Inject;
@@ -50,7 +51,7 @@ public class SecurityContextImpl implements SecurityContext { @@ -50,7 +51,7 @@ public class SecurityContextImpl implements SecurityContext {
50 */ 51 */
51 @Override 52 @Override
52 public boolean hasRole(String role) { 53 public boolean hasRole(String role) {
53 - if (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() <= 0) { 54 + if (tm.getUser().getRoles().stream().filter(p -> p.equals(role)).count() <= 0) {
54 return false; 55 return false;
55 } 56 }
56 return true; 57 return true;
@@ -61,7 +62,7 @@ public class SecurityContextImpl implements SecurityContext { @@ -61,7 +62,7 @@ public class SecurityContextImpl implements SecurityContext {
61 */ 62 */
62 @Override 63 @Override
63 public boolean isLoggedIn() { 64 public boolean isLoggedIn() {
64 - return getUser() != null && getUser().getId() != null; 65 + return tm.validate();
65 } 66 }
66 67
67 @Override 68 @Override
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java
  Diff comments   View file @3d167b5
@@ -5,7 +5,6 @@ @@ -5,7 +5,6 @@
5 */ 5 */
6 package org.demoiselle.jee.security.impl; 6 package org.demoiselle.jee.security.impl;
7 7
8 -import javax.enterprise.context.Dependent;  
9 import javax.enterprise.context.RequestScoped; 8 import javax.enterprise.context.RequestScoped;
10 import org.demoiselle.jee.core.interfaces.security.Token; 9 import org.demoiselle.jee.core.interfaces.security.Token;
11 10
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java
  Diff comments   View file @3d167b5
@@ -13,7 +13,9 @@ import javax.interceptor.Interceptor; @@ -13,7 +13,9 @@ import javax.interceptor.Interceptor;
13 import javax.interceptor.InvocationContext; 13 import javax.interceptor.InvocationContext;
14 import java.io.Serializable; 14 import java.io.Serializable;
15 import java.util.logging.Logger; 15 import java.util.logging.Logger;
  16 +import static javax.interceptor.Interceptor.Priority.APPLICATION;
16 import javax.ws.rs.core.Response; 17 import javax.ws.rs.core.Response;
  18 +import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
17 import org.demoiselle.jee.security.annotation.LoggedIn; 19 import org.demoiselle.jee.security.annotation.LoggedIn;
18 import org.demoiselle.jee.core.interfaces.security.SecurityContext; 20 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
19 import org.demoiselle.jee.security.exception.DemoiselleSecurityException; 21 import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
@@ -28,7 +30,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; @@ -28,7 +30,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
28 */ 30 */
29 @LoggedIn 31 @LoggedIn
30 @Interceptor 32 @Interceptor
31 -@Priority(Interceptor.Priority.APPLICATION) 33 +@Priority(APPLICATION)
32 public class LoggedInInterceptor implements Serializable { 34 public class LoggedInInterceptor implements Serializable {
33 35
34 private static final long serialVersionUID = 1L; 36 private static final long serialVersionUID = 1L;
@@ -42,7 +44,7 @@ public class LoggedInInterceptor implements Serializable { @@ -42,7 +44,7 @@ public class LoggedInInterceptor implements Serializable {
42 @AroundInvoke 44 @AroundInvoke
43 public Object manage(final InvocationContext ic) throws Exception { 45 public Object manage(final InvocationContext ic) throws Exception {
44 if (!securityContext.isLoggedIn()) { 46 if (!securityContext.isLoggedIn()) {
45 - throw new DemoiselleSecurityException(bundle.userNotAuthenticated(), Response.Status.UNAUTHORIZED.getStatusCode()); 47 + throw new DemoiselleSecurityException(bundle.userNotAuthenticated(), UNAUTHORIZED.getStatusCode());
46 } 48 }
47 return ic.proceed(); 49 return ic.proceed();
48 } 50 }
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java
  Diff comments   View file @3d167b5
@@ -13,13 +13,16 @@ import javax.interceptor.InvocationContext; @@ -13,13 +13,16 @@ import javax.interceptor.InvocationContext;
13 import java.io.Serializable; 13 import java.io.Serializable;
14 import java.util.logging.Logger; 14 import java.util.logging.Logger;
15 import javax.inject.Inject; 15 import javax.inject.Inject;
  16 +import static javax.interceptor.Interceptor.Priority.APPLICATION;
16 import javax.ws.rs.core.Response; 17 import javax.ws.rs.core.Response;
  18 +import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
17 import org.demoiselle.jee.core.annotation.Name; 19 import org.demoiselle.jee.core.annotation.Name;
18 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; 20 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
19 import org.demoiselle.jee.core.util.ResourceBundle; 21 import org.demoiselle.jee.core.util.ResourceBundle;
20 import org.demoiselle.jee.core.util.Strings; 22 import org.demoiselle.jee.core.util.Strings;
21 import org.demoiselle.jee.security.annotation.RequiredPermission; 23 import org.demoiselle.jee.security.annotation.RequiredPermission;
22 import org.demoiselle.jee.core.interfaces.security.SecurityContext; 24 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
  25 +import static org.demoiselle.jee.core.util.Strings.isEmpty;
23 import org.demoiselle.jee.security.exception.DemoiselleSecurityException; 26 import org.demoiselle.jee.security.exception.DemoiselleSecurityException;
24 import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; 27 import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
25 28
@@ -32,7 +35,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; @@ -32,7 +35,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
32 */ 35 */
33 @RequiredPermission 36 @RequiredPermission
34 @Interceptor 37 @Interceptor
35 -@Priority(Interceptor.Priority.APPLICATION) 38 +@Priority(APPLICATION)
36 public class RequiredPermissionInterceptor implements Serializable { 39 public class RequiredPermissionInterceptor implements Serializable {
37 40
38 private static final long serialVersionUID = 1L; 41 private static final long serialVersionUID = 1L;
@@ -70,19 +73,16 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -70,19 +73,16 @@ public class RequiredPermissionInterceptor implements Serializable {
70 public Object manage(final InvocationContext ic) throws Exception { 73 public Object manage(final InvocationContext ic) throws Exception {
71 String resource = getResource(ic); 74 String resource = getResource(ic);
72 String operation = getOperation(ic); 75 String operation = getOperation(ic);
73 - String username = null;  
74 76
75 if (securityContext.isLoggedIn()) { 77 if (securityContext.isLoggedIn()) {
76 - username = loggedUser.getName();  
77 - logger.finest(bundle.accessCheckingPermission(username, operation, resource)); 78 + logger.finest(bundle.accessCheckingPermission(operation, resource));
78 } 79 }
79 80
80 if (!securityContext.hasPermission(resource, operation)) { 81 if (!securityContext.hasPermission(resource, operation)) {
81 - logger.severe(bundle.doesNotHavePermission(username, operation, resource));  
82 - throw new DemoiselleSecurityException(bundle.doesNotHavePermission(username, operation, resource), Response.Status.UNAUTHORIZED.getStatusCode()); 82 + logger.severe(bundle.doesNotHavePermission(operation, resource));
  83 + throw new DemoiselleSecurityException(bundle.doesNotHavePermission(operation, resource), UNAUTHORIZED.getStatusCode());
83 } 84 }
84 85
85 - logger.fine(bundle.accessAllowed(username, operation, resource));  
86 return ic.proceed(); 86 return ic.proceed();
87 } 87 }
88 88
@@ -107,7 +107,7 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -107,7 +107,7 @@ public class RequiredPermissionInterceptor implements Serializable {
107 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class); 107 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class);
108 } 108 }
109 109
110 - if (Strings.isEmpty(requiredPermission.resource())) { 110 + if (isEmpty(requiredPermission.resource())) {
111 if (ic.getTarget().getClass().getAnnotation(Name.class) == null) { 111 if (ic.getTarget().getClass().getAnnotation(Name.class) == null) {
112 return ic.getTarget().getClass().getSimpleName(); 112 return ic.getTarget().getClass().getSimpleName();
113 } else { 113 } else {
@@ -139,7 +139,7 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -139,7 +139,7 @@ public class RequiredPermissionInterceptor implements Serializable {
139 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class); 139 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class);
140 } 140 }
141 141
142 - if (Strings.isEmpty(requiredPermission.operation())) { 142 + if (isEmpty(requiredPermission.operation())) {
143 if (ic.getMethod().getAnnotation(Name.class) == null) { 143 if (ic.getMethod().getAnnotation(Name.class) == null) {
144 return ic.getMethod().getName(); 144 return ic.getMethod().getName();
145 } else { 145 } else {
demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java
  Diff comments   View file @3d167b5
@@ -13,11 +13,14 @@ import javax.interceptor.InvocationContext; @@ -13,11 +13,14 @@ import javax.interceptor.InvocationContext;
13 import java.io.Serializable; 13 import java.io.Serializable;
14 import java.util.ArrayList; 14 import java.util.ArrayList;
15 import java.util.Arrays; 15 import java.util.Arrays;
  16 +import static java.util.Arrays.asList;
16 import java.util.List; 17 import java.util.List;
17 18
18 import java.util.logging.Logger; 19 import java.util.logging.Logger;
19 import javax.inject.Inject; 20 import javax.inject.Inject;
  21 +import static javax.interceptor.Interceptor.Priority.APPLICATION;
20 import javax.ws.rs.core.Response; 22 import javax.ws.rs.core.Response;
  23 +import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
21 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; 24 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
22 import org.demoiselle.jee.core.util.ResourceBundle; 25 import org.demoiselle.jee.core.util.ResourceBundle;
23 import org.demoiselle.jee.security.annotation.RequiredRole; 26 import org.demoiselle.jee.security.annotation.RequiredRole;
@@ -34,7 +37,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages; @@ -34,7 +37,7 @@ import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
34 */ 37 */
35 @RequiredRole(value = "") 38 @RequiredRole(value = "")
36 @Interceptor 39 @Interceptor
37 -@Priority(Interceptor.Priority.APPLICATION) 40 +@Priority(APPLICATION)
38 public class RequiredRoleInterceptor implements Serializable { 41 public class RequiredRoleInterceptor implements Serializable {
39 42
40 private static final long serialVersionUID = 1L; 43 private static final long serialVersionUID = 1L;
@@ -71,24 +74,17 @@ public class RequiredRoleInterceptor implements Serializable { @@ -71,24 +74,17 @@ public class RequiredRoleInterceptor implements Serializable {
71 public Object manage(final InvocationContext ic) throws Exception { 74 public Object manage(final InvocationContext ic) throws Exception {
72 List<String> roles = getRoles(ic); 75 List<String> roles = getRoles(ic);
73 76
74 - String username = null;  
75 -  
76 - if (securityContext.isLoggedIn()) {  
77 - username = loggedUser.getName();  
78 - }  
79 -  
80 - List<String> userRoles = new ArrayList<String>(); 77 + List<String> userRoles = new ArrayList<>();
81 78
82 for (String role : roles) { 79 for (String role : roles) {
83 if (securityContext.hasRole(role)) { 80 if (securityContext.hasRole(role)) {
84 - logger.finest(bundle.accessCheckingRole(username, role));  
85 userRoles.add(role); 81 userRoles.add(role);
86 } 82 }
87 } 83 }
88 84
89 if (userRoles.isEmpty()) { 85 if (userRoles.isEmpty()) {
90 - logger.severe(bundle.doesNotHaveRole(username, roles.toString()));  
91 - throw new DemoiselleSecurityException(bundle.doesNotHaveRole(username, roles.toString()), Response.Status.UNAUTHORIZED.getStatusCode()); 86 + logger.severe(bundle.doesNotHaveRole(roles.toString()));
  87 + throw new DemoiselleSecurityException(bundle.doesNotHaveRole(roles.toString()), UNAUTHORIZED.getStatusCode());
92 } 88 }
93 89
94 return ic.proceed(); 90 return ic.proceed();
@@ -112,7 +108,7 @@ public class RequiredRoleInterceptor implements Serializable { @@ -112,7 +108,7 @@ public class RequiredRoleInterceptor implements Serializable {
112 roles = ic.getMethod().getAnnotation(RequiredRole.class).value(); 108 roles = ic.getMethod().getAnnotation(RequiredRole.class).value();
113 } 109 }
114 110
115 - return Arrays.asList(roles); 111 + return asList(roles);
116 } 112 }
117 113
118 } 114 }
demoiselle-security/src/main/java/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.java
  Diff comments   View file @3d167b5
@@ -13,13 +13,7 @@ import org.apache.deltaspike.core.api.message.MessageTemplate; @@ -13,13 +13,7 @@ import org.apache.deltaspike.core.api.message.MessageTemplate;
13 public interface DemoiselleSecurityMessages { 13 public interface DemoiselleSecurityMessages {
14 14
15 @MessageTemplate("{access-checking-permission}") 15 @MessageTemplate("{access-checking-permission}")
16 - String accessCheckingPermission(String usuario, String operacao, String recurso);  
17 -  
18 - @MessageTemplate("{access-checking-role}")  
19 - String accessCheckingRole(String usuario, String role);  
20 -  
21 - @MessageTemplate("{access-allowed}")  
22 - String accessAllowed(String usuario, String operacao, String recurso); 16 + String accessCheckingPermission(String operacao, String recurso);
23 17
24 @MessageTemplate("{access-denied}") 18 @MessageTemplate("{access-denied}")
25 String accessDenied(String usuario, String operacao, String recurso); 19 String accessDenied(String usuario, String operacao, String recurso);
@@ -31,9 +25,9 @@ public interface DemoiselleSecurityMessages { @@ -31,9 +25,9 @@ public interface DemoiselleSecurityMessages {
31 String invalidCredentials(); 25 String invalidCredentials();
32 26
33 @MessageTemplate("{does-not-have-role}") 27 @MessageTemplate("{does-not-have-role}")
34 - String doesNotHaveRole(String usuario, String role); 28 + String doesNotHaveRole(String role);
35 29
36 @MessageTemplate("{does-not-have-permission}") 30 @MessageTemplate("{does-not-have-permission}")
37 - String doesNotHavePermission(String usuario, String operacao, String recurso); 31 + String doesNotHavePermission(String operacao, String recurso);
38 32
39 } 33 }
demoiselle-security/src/main/resources/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.properties
  Diff comments   View file @3d167b5
1 -access-checking-permission=Verificando permiss\u00e3o do usu\u00e1rio %s para executar a a\u00e7\u00e3o %s no recurso %s 1 +access-checking-permission=O usu\u00e1rio n\u00e3o tem permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s
2 access-checking-role=Verificando permiss\u00e3o do usu\u00e1rio %s para a role %s 2 access-checking-role=Verificando permiss\u00e3o do usu\u00e1rio %s para a role %s
3 access-allowed=O usu\u00e1rio %s acessou o recurso %s com a a\u00e7\u00e3o %s 3 access-allowed=O usu\u00e1rio %s acessou o recurso %s com a a\u00e7\u00e3o %s
4 -access-denied=O usu\u00e1rio %s n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s 4 +access-denied=O usu\u00e1rio n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s
5 user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado 5 user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
6 invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos 6 invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
7 -does-not-have-role=Usu\u00e1rio %s n\u00e3o possui a role\: %s  
8 -does-not-have-permission=Usu\u00e1rio %s n\u00e3o possui a permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s 7 +does-not-have-role=O Usu\u00e1rio n\u00e3o possui a role\:%s
  8 +does-not-have-permission=O Usu\u00e1rio n\u00e3o possui a permiss\u00e3o para executar a a\u00e7\u00e3o %s no recurso %s