From 4a702641e3edd7f9015b2748756cc719e03d3acb Mon Sep 17 00:00:00 2001 From: PauloGladson Date: Mon, 26 Sep 2016 17:49:41 -0300 Subject: [PATCH] Segurança e ajustes nos pacotes --- demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Strategy.java | 53 ----------------------------------------------------- demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Type.java | 60 ------------------------------------------------------------ demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/StrategyQualifier.java | 23 ----------------------- demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/TypeQualifier.java | 41 ----------------------------------------- demoiselle-core/src/main/java/org/demoiselle/jee/core/crud/package-info.java | 11 ----------- demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/crud/package-info.java | 11 +++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/persistence/package-info.java | 11 +++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/DemoisellePrincipal.java | 29 +++++++++++++++++++++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/Token.java | 21 +++++++++++++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java | 29 +++++++++++++++++++++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/ws/package-info.java | 11 +++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/message/DemoiselleMessages.java | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-core/src/main/java/org/demoiselle/jee/core/messages/DemoiselleMessages.java | 57 --------------------------------------------------------- demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/BusinessController.java | 36 ------------------------------------ demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/Controller.java | 28 ---------------------------- demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/PersistenceController.java | 37 ------------------------------------- demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/RestController.java | 36 ------------------------------------ demoiselle-parent/pom.xml | 360 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- demoiselle-rest/.gitignore | 5 +++++ demoiselle-rest/pom.xml | 37 +++++++++++++++++++++++++++++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java | 11 +++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java | 41 +++++++++++++++++++++++++++++++++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java | 25 +++++++++++++++++++++++++ demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-security-basic/pom.xml | 35 ++++++++++++++--------------------- demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java | 43 +++++++++++++++++++++++++++++++------------ demoiselle-security-jwt/pom.xml | 33 ++++++++++++++++----------------- demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java | 11 ++++++----- demoiselle-security-token/.gitignore | 5 +++++ demoiselle-security-token/pom.xml | 27 +++++++++++++++++++++++++++ demoiselle-security-token/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-security-token/src/main/resources/demoiselle.properties | 1 + demoiselle-security-token/src/main/resources/messages.properties | 1 + demoiselle-security/pom.xml | 40 ++++++++++++++++++++-------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java | 76 ---------------------------------------------------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/LoggedUser.java | 67 ------------------------------------------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/Token.java | 28 ---------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/LoggedIn.java | 31 +++++++++++++++++++++++++++++++ demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredPermission.java | 35 +++++++++++++++++++++++++++++++++++ demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredRole.java | 35 +++++++++++++++++++++++++++++++++++ demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/LoggedIn.java | 31 ------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredPermission.java | 35 ----------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredRole.java | 35 ----------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/filter/JaxRsFilter.java | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java | 70 ++++++++++------------------------------------------------------------ demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java | 41 +++++++++++++++++++++++++++++++++++++++++ demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java | 4 ++-- demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java | 28 +++++++++++++++------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java | 26 ++++++++++++++------------ demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/LoggedUser.java | 38 -------------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/SecurityContext.java | 86 -------------------------------------------------------------------------------------- demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/TokensManager.java | 27 --------------------------- demoiselle-ws-jaxrs/.gitignore | 5 ----- demoiselle-ws-jaxrs/pom.xml | 37 ------------------------------------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java | 59 ----------------------------------------------------------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java | 11 ----------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java | 41 ----------------------------------------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java | 68 -------------------------------------------------------------------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java | 25 ------------------------- demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java | 62 -------------------------------------------------------------- pom.xml | 420 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 64 files changed, 1417 insertions(+), 1661 deletions(-) delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Strategy.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Type.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/StrategyQualifier.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/TypeQualifier.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/crud/package-info.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/crud/package-info.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/persistence/package-info.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/DemoisellePrincipal.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/Token.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/ws/package-info.java create mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/message/DemoiselleMessages.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/core/messages/DemoiselleMessages.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/BusinessController.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/Controller.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/PersistenceController.java delete mode 100644 demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/RestController.java create mode 100644 demoiselle-rest/.gitignore create mode 100644 demoiselle-rest/pom.xml create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java create mode 100644 demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java create mode 100644 demoiselle-security-token/.gitignore create mode 100644 demoiselle-security-token/pom.xml create mode 100644 demoiselle-security-token/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java create mode 100644 demoiselle-security-token/src/main/resources/demoiselle.properties create mode 100644 demoiselle-security-token/src/main/resources/messages.properties delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/LoggedUser.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/Token.java create mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/LoggedIn.java create mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredPermission.java create mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredRole.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/LoggedIn.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredPermission.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredRole.java create mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/filter/JaxRsFilter.java create mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/LoggedUser.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/SecurityContext.java delete mode 100644 demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/TokensManager.java delete mode 100644 demoiselle-ws-jaxrs/.gitignore delete mode 100644 demoiselle-ws-jaxrs/pom.xml delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java delete mode 100644 demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Strategy.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Strategy.java deleted file mode 100644 index 82a6b52..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Strategy.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.core.annotation; -import static java.lang.annotation.ElementType.FIELD; -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.PARAMETER; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import javax.inject.Qualifier; - -/** - * - *

- * This literal marks a bean to be selected at runtime based on a priority system. - * The user qualifies the injection point with this literal and then at runtime - * the CDI engine will circle through all candidate subtypes to be injected - * that are annotated with {@link Priority}. If there is only one subtype with the - * highest priority then this one will be selected to be injected. - *

- * - *

- * This allows users to plug in libraries with new candidates and have them be selected - * if their priority values are higher than the default values already present. One example - * is the {@link org.demoiselle.security.Authorizer} type, the framework has a {@link org.demoiselle.internal.implementation.DefaultAuthorizer} - * with {@link Priority#L1_PRIORITY the lowest priority} but the user can add libraries with new - * implementations of {@link org.demoiselle.security.Authorizer} annotated with higher priorities, the code will - * then automatically select these new implementations with no extra configuration. - *

- * - *

- * This annotation must be used with supported types. Usually this involves creating {@link javax.enterprise.inject.Produces} CDI - * producer methods that will select the correct strategy. To create your own producer - * methods that support strategy selection, use the utility {@linkplain org.demoiselle.internal.producer.StrategySelector}. - *

- * - * @author SERPRO - */ -@Qualifier -@Inherited -@Retention(RUNTIME) -@Target({ TYPE, FIELD, METHOD, PARAMETER }) -public @interface Strategy { - -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Type.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Type.java deleted file mode 100644 index 6552005..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/Type.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.core.annotation; - -import static java.lang.annotation.ElementType.FIELD; -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.PARAMETER; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import javax.enterprise.util.Nonbinding; -import javax.inject.Qualifier; - -/** - *

- * Type based non-binding qualifier. - *

- * - *

- * This annotation is used to qualify beans using a class type. - * {@link javax.enterprise.inject.Produces} methods can then read this type and - * use it to customize the bean creation process. - *

- * - *

- * The {@link #value()} attribute is non-binding, meaning multiple classes - * qualified with this annotation, even with different values, will be - * considered the same candidate for injection points. To avoid ambiguous - * resolutions and select which candidate to choose usually you'll need a - * producer method to read the type and select the best fitted candidate. - *

- * - *

- * The framework classes qualified with this annotation already have such - * producers and the accepted values for this annotation will be detailed in - * their respective documentations. - *

- * - * - * @author SERPRO - * - */ -@Qualifier -@Inherited -@Retention(RUNTIME) -@Target({ TYPE, FIELD, METHOD, PARAMETER }) -public @interface Type { - - @Nonbinding - Class value() default Object.class; - -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/StrategyQualifier.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/StrategyQualifier.java deleted file mode 100644 index 37c69de..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/StrategyQualifier.java +++ /dev/null @@ -1,23 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.core.annotation.literal; - -import org.demoiselle.jee.core.annotation.Strategy; - -import javax.enterprise.util.AnnotationLiteral; - -/** - * Annotation litteral that allows to create instances of the {@link Strategy} literal. The created instance can then be - * used to call {@link javax.enterprise.inject.spi.CDI#select(Class subtype, java.lang.annotation.Annotation... qualifiers)}. - * - * @see javax.enterprise.inject.spi.CDI - * @author SERPRO - */ -@SuppressWarnings("all") -public class StrategyQualifier extends AnnotationLiteral implements Strategy { - -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/TypeQualifier.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/TypeQualifier.java deleted file mode 100644 index c930676..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/annotation/literal/TypeQualifier.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.core.annotation.literal; - -import org.demoiselle.jee.core.annotation.Type; - -import javax.enterprise.util.AnnotationLiteral; - -/** - * Annotation litteral that allows to create instances of the {@link Type} - * literal. The created instance can then be used to call - * {@link javax.enterprise.inject.spi.CDI#select(Class subtype, java.lang.annotation.Annotation... qualifiers)}. - * - * @see javax.enterprise.inject.spi.CDI - * @author SERPRO - */ -@SuppressWarnings("all") -public class TypeQualifier extends AnnotationLiteral implements Type { - - private static final long serialVersionUID = 1L; - - private final Class value; - - /** - * Constructor with string value of name literal. - * - * @param value value of name literal. - */ - public TypeQualifier(Class value) { - this.value = value; - } - - @Override - public Class value() { - return this.value; - } -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/crud/package-info.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/crud/package-info.java deleted file mode 100644 index 88135d8..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/crud/package-info.java +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -/** - * Esta pacote tem o objetivo de conter as classes relacionadas aos - * facilitadores de CRUD do framework Demoiselle. - */ -package org.demoiselle.jee.core.crud; \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/crud/package-info.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/crud/package-info.java new file mode 100644 index 0000000..cb7034f --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/crud/package-info.java @@ -0,0 +1,11 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +/** + * Esta pacote tem o objetivo de conter as classes relacionadas aos + * facilitadores de CRUD do framework Demoiselle. + */ +package org.demoiselle.jee.core.interfaces.crud; \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/persistence/package-info.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/persistence/package-info.java new file mode 100644 index 0000000..091b699 --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/persistence/package-info.java @@ -0,0 +1,11 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +/** + * Esta pacote tem o objetivo de conter as classes relacionadas aos + * facilitadores de CRUD do framework Demoiselle. + */ +package org.demoiselle.jee.core.interfaces.persistence; \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/DemoisellePrincipal.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/DemoisellePrincipal.java new file mode 100644 index 0000000..0a6cf59 --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/DemoisellePrincipal.java @@ -0,0 +1,29 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.demoiselle.jee.core.interfaces.security; + +import java.security.Principal; +import java.util.List; +import java.util.Map; + +/** + * + * @author 70744416353 + */ +public interface DemoisellePrincipal extends Principal { + + public String getId(); + + public void setId(String id); + + public void setName(String name); + + public void setRoles(List roles); + + public List getRoles(); + + public Map getPermissions(); +} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java new file mode 100644 index 0000000..f8a9d6d --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/SecurityContext.java @@ -0,0 +1,73 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.core.interfaces.security; + +import java.io.Serializable; +import java.security.Principal; +import java.util.List; +import java.util.Map; + +/** + *

+ * Structure used to handle both authentication and authorizations mechanisms. + *

+ * + * @author SERPRO + */ +public interface SecurityContext extends Serializable { + + /** + * Checks if a specific user is logged in. + * + * @return {@code true} if the user is logged in + */ + boolean isLoggedIn(); + + /** + * @throws NotLoggedInException if there is no user logged in a specific + * session + */ + void checkLoggedIn(); + + /** + * Checks if the logged user has permission to execute an specific operation + * on a specific resource. + * + * @param resource resource to be checked + * @param operation operation to be checked + * @return {@code true} if the user has the permission + * @throws AuthorizationException When the permission checking fails, this + * exception is thrown. + * @throws NotLoggedInException if there is no user logged in a specific + * session. + */ + boolean hasPermission(String resource, String operation); + + /** + * Checks if the logged user has an specific role + * + * @param role role to be checked + * @return {@code true} if the user has the role + * @throws AuthorizationException When the permission checking fails, this + * exception is thrown. + * @throws NotLoggedInException if there is no user logged in a specific + * session. + */ + boolean hasRole(String role); + + /** + * Return the user logged in the session. + * + * @param token + * @return the user logged in a specific authenticated session. If there is + * no active session {@code null} is returned. + */ + Principal getUser(); + + void setUser(Principal loggedUser); + +} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/Token.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/Token.java new file mode 100644 index 0000000..23a7238 --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/Token.java @@ -0,0 +1,21 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.demoiselle.jee.core.interfaces.security; + +/** + * + * @author 70744416353 + */ +public interface Token { + + public String getKey(); + + public void setKey(String key); + + public String getType(); + + public void setType(String type); +} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java new file mode 100644 index 0000000..1e23fc1 --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/security/TokensManager.java @@ -0,0 +1,29 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.core.interfaces.security; + +import java.io.Serializable; +import java.security.Principal; +import java.util.List; +import java.util.Map; + +/** + *

+ * Structure used to handle both authentication and authorizations mechanisms. + *

+ * + * @author SERPRO + */ +public interface TokensManager extends Serializable { + + public Principal getUser(); + + public void setUser(Principal user); + + public boolean validate(); + +} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/ws/package-info.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/ws/package-info.java new file mode 100644 index 0000000..73e4e5c --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/interfaces/ws/package-info.java @@ -0,0 +1,11 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +/** + * Esta pacote tem o objetivo de conter as classes relacionadas aos + * facilitadores de CRUD do framework Demoiselle. + */ +package org.demoiselle.jee.core.interfaces.ws; \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/message/DemoiselleMessages.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/message/DemoiselleMessages.java new file mode 100644 index 0000000..aa64c47 --- /dev/null +++ b/demoiselle-core/src/main/java/org/demoiselle/jee/core/message/DemoiselleMessages.java @@ -0,0 +1,57 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.core.message; + +import org.apache.deltaspike.core.api.message.MessageBundle; +import org.apache.deltaspike.core.api.message.MessageTemplate; + +@MessageBundle +public interface DemoiselleMessages { + + @MessageTemplate("{version}") + String version(); + + @MessageTemplate("{engine-on}") + String engineOn(); + + @MessageTemplate("{resource-not-found}") + String resourceNotFound(); + + @MessageTemplate("{key-not-found}") + String keyNotFound(String key); + + @MessageTemplate("{ambiguous-strategy-resolution}") + String ambiguousStrategyResolution(String interfaceString, String implementations); + + @MessageTemplate("{ambiguous-bean-resolution}") + String ambiguousBeanResolution(String implementation); + + @MessageTemplate("{bean-not-found}") + String beanNotFound(String bean); + + @MessageTemplate("{store-not-found}") + String storeNotFound(String object, String scope); + + @MessageTemplate("{more-than-one-exceptionhandler-defined-for-same-class}") + String moreThanOneExceptionhandlerDefinedForSameClass(String clazz, String ex); + + @MessageTemplate("{handling-exception}") + String handlingException(String ex); + + @MessageTemplate("{taking-off}") + String takingOff(); + + @MessageTemplate("{engine-off}") + String engineOff(String ex); + + @MessageTemplate("{setting-up-bean-manager}") + String settingUpBeanManagerException(String util); + + @MessageTemplate("{processing-fail}") + String processingFail(); + +} \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/core/messages/DemoiselleMessages.java b/demoiselle-core/src/main/java/org/demoiselle/jee/core/messages/DemoiselleMessages.java deleted file mode 100644 index 61eb609..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/core/messages/DemoiselleMessages.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.core.messages; - -import org.apache.deltaspike.core.api.message.MessageBundle; -import org.apache.deltaspike.core.api.message.MessageTemplate; - -@MessageBundle -public interface DemoiselleMessages { - - @MessageTemplate("{version}") - String version(); - - @MessageTemplate("{engine-on}") - String engineOn(); - - @MessageTemplate("{resource-not-found}") - String resourceNotFound(); - - @MessageTemplate("{key-not-found}") - String keyNotFound(String key); - - @MessageTemplate("{ambiguous-strategy-resolution}") - String ambiguousStrategyResolution(String interfaceString, String implementations); - - @MessageTemplate("{ambiguous-bean-resolution}") - String ambiguousBeanResolution(String implementation); - - @MessageTemplate("{bean-not-found}") - String beanNotFound(String bean); - - @MessageTemplate("{store-not-found}") - String storeNotFound(String object, String scope); - - @MessageTemplate("{more-than-one-exceptionhandler-defined-for-same-class}") - String moreThanOneExceptionhandlerDefinedForSameClass(String clazz, String ex); - - @MessageTemplate("{handling-exception}") - String handlingException(String ex); - - @MessageTemplate("{taking-off}") - String takingOff(); - - @MessageTemplate("{engine-off}") - String engineOff(String ex); - - @MessageTemplate("{setting-up-bean-manager}") - String settingUpBeanManagerException(String util); - - @MessageTemplate("{processing-fail}") - String processingFail(); - -} \ No newline at end of file diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/BusinessController.java b/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/BusinessController.java deleted file mode 100644 index 396eb44..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/BusinessController.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.stereotype; - -import javax.enterprise.inject.Stereotype; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - * Identifies a business controller class. Business controller objects typically implement the controller design - * pattern, i.e., they contain no data elements but methods that orchestrate interaction among business entities. - *

- * A Business Controller is: - *

    - *
  • defined when annotated with {@code @BusinessController}
    • - *
  • automatically injected whenever {@code @Inject} is used
    • - *
- * - * @author SERPRO - * @see Controller - */ -@Controller -@Stereotype -@Inherited -@Target(TYPE) -@Retention(RUNTIME) -public @interface BusinessController { -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/Controller.java b/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/Controller.java deleted file mode 100644 index f26104b..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/Controller.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.stereotype; - -import javax.interceptor.InterceptorBinding; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - * Identifies a controller class or stereotype, the latter being most suitable for it. - * - * @author SERPRO - */ -@InterceptorBinding -@Inherited -@Target({ TYPE, METHOD }) -@Retention(RUNTIME) -public @interface Controller { -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/PersistenceController.java b/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/PersistenceController.java deleted file mode 100644 index c0ba5ff..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/PersistenceController.java +++ /dev/null @@ -1,37 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.stereotype; - -import javax.enterprise.inject.Stereotype; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - * Identifies a persistence controller class. A persistence controller is - * a layer which provides simplified access to data stored in persistent storage - * of some kind, such as an entity-relational database. - *

- * A Persitence Controller is: - *

    - *
  • defined when annotated with {@code @PersistenceController}
    • - *
  • automatically injected whenever {@code @Inject} is used
    • - *
- * - * @author SERPRO - * @see Controller - */ -@Controller -@Stereotype -@Inherited -@Target(TYPE) -@Retention(RUNTIME) -public @interface PersistenceController { -} diff --git a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/RestController.java b/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/RestController.java deleted file mode 100644 index bd9b9e0..0000000 --- a/demoiselle-core/src/main/java/org/demoiselle/jee/stereotype/RestController.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.stereotype; - -import javax.enterprise.inject.Stereotype; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - * Identifies a facade class. A facade is an object that provides a - * simplified interface to a larger body of code, such as a class library. - *

- * A Facade is: - *

    - *
  • defined when annotated with {@code @FacadeController}
    • - *
  • automatically injected whenever {@code @Inject} is used
    • - *
- * - * @author SERPRO - * @see Controller - */ -@Controller -@Stereotype -@Inherited -@Target(TYPE) -@Retention(RUNTIME) -public @interface RestController { -} diff --git a/demoiselle-parent/pom.xml b/demoiselle-parent/pom.xml index 5d7a3f3..9276d83 100644 --- a/demoiselle-parent/pom.xml +++ b/demoiselle-parent/pom.xml @@ -1,181 +1,187 @@ - - demoiselle-parent - pom - 4.0.0 - - Demoiselle Parent POM - - - org.demoiselle.jee - demoiselle-build - 3.0.0-BETA1-SNAPSHOT - - - - - UTF-8 - - - 7.0 - 1.2 - 1.1.0.Final - 1.2 - 1.2 - 3.0.0 - 3.1.0 - 1.0.2 - 2.0 - 1.0 - 5.1.0.Final - 5.2.4.Final - 2.0 - 2.0.1 - 7.0 - 1.7.1 - 3.2 - 1.0.0 - - - 3.5.1 - 2.6 - 1.8 - 1.8 - - - - - - - - - - javax.enterprise - cdi-api - provided - ${cdi.version} - - - - - validation-api - javax.validation - provided - ${validation.version} - - - - - org.glassfish - javax.el - provided - ${el.version} - - - - - javax - javaee-api - provided - ${javaee.version} - - - - - javax.servlet - javax.servlet-api - provided - ${servlet.version} - - - javax.servlet - jstl - provided - ${jstl.version} - - - - - org.hibernate - hibernate-entitymanager - provided - ${hibernate.version} - - - - - javax.ws.rs - javax.ws.rs-api - provided - ${jaxrs.version} - - - - - javax - javaee-web-api - ${javaee.version} - - - - - javax.ejb - javax.ejb-api - ${ejb.version} - provided - - - - - javax.cache - cache-api - ${cache.version} - - - - - javax.persistence - persistence-api - ${persistence.version} - - - - javax.transaction - javax.transaction-api - ${transaction.version} - - - - javax.json - javax.json-api - 1.0 - - - - - org.apache.deltaspike.core - deltaspike-core-api - compile - ${deltaspike.version} - - - org.apache.deltaspike.core - deltaspike-core-impl - runtime - ${deltaspike.version} - - - - - org.demoiselle.jee - demoiselle-core - ${project.version} - - - - - + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + + demoiselle-parent + pom + 4.0.0 + + Demoiselle Parent POM + + + org.demoiselle.jee + demoiselle-build + 3.0.0-BETA1-SNAPSHOT + + + + + UTF-8 + + + 7.0 + 1.2 + 1.1.0.Final + 1.2 + 1.2 + 3.0.0 + 3.1.0 + 1.0.2 + 2.0 + 1.0 + 5.1.0.Final + 5.2.4.Final + 2.0 + 2.0.1 + 7.0 + 1.7.1 + 3.2 + 1.0.0 + + + 3.5.1 + 2.6 + 1.8 + 1.8 + + + + + + + + + + javax.enterprise + cdi-api + provided + ${cdi.version} + + + + + validation-api + javax.validation + provided + ${validation.version} + + + + + org.glassfish + javax.el + provided + ${el.version} + + + + + javax + javaee-api + provided + ${javaee.version} + + + + + javax.servlet + javax.servlet-api + provided + ${servlet.version} + + + javax.servlet + jstl + provided + ${jstl.version} + + + + + org.hibernate + hibernate-entitymanager + provided + ${hibernate.version} + + + + + javax.ws.rs + javax.ws.rs-api + provided + ${jaxrs.version} + + + + + javax + javaee-web-api + ${javaee.version} + + + + + javax.ejb + javax.ejb-api + ${ejb.version} + provided + + + + + javax.cache + cache-api + ${cache.version} + + + + + javax.persistence + persistence-api + ${persistence.version} + + + + javax.transaction + javax.transaction-api + ${transaction.version} + + + + javax.json + javax.json-api + 1.0 + + + + + org.apache.deltaspike.core + deltaspike-core-api + compile + ${deltaspike.version} + + + org.apache.deltaspike.core + deltaspike-core-impl + runtime + ${deltaspike.version} + + + + + org.demoiselle.jee + demoiselle-core + ${project.version} + + + + org.demoiselle.jee + demoiselle-security + ${project.version} + + + + + diff --git a/demoiselle-rest/.gitignore b/demoiselle-rest/.gitignore new file mode 100644 index 0000000..fdbbecd --- /dev/null +++ b/demoiselle-rest/.gitignore @@ -0,0 +1,5 @@ +.settings +.classpath +.project +/target/ +/bin/ diff --git a/demoiselle-rest/pom.xml b/demoiselle-rest/pom.xml new file mode 100644 index 0000000..1cfa96a --- /dev/null +++ b/demoiselle-rest/pom.xml @@ -0,0 +1,37 @@ + + + 4.0.0 + demoiselle-rest + jar + + Demoiselle Rest + + Demoiselle Rest + + + + org.demoiselle.jee + demoiselle-parent + 3.0.0-BETA1-SNAPSHOT + ../demoiselle-parent + + + + + + org.demoiselle.jee + demoiselle-core + + + + javax.ws.rs + javax.ws.rs-api + + + + javax.json + javax.json-api + + + + diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java new file mode 100644 index 0000000..12a1908 --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java @@ -0,0 +1,59 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.ws.jaxrs; + +import java.util.logging.Logger; +import javax.annotation.PostConstruct; +import javax.inject.Inject; +import javax.ws.rs.client.ClientRequestContext; +import javax.ws.rs.client.ClientRequestFilter; +import javax.ws.rs.client.ClientResponseContext; +import javax.ws.rs.client.ClientResponseFilter; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.container.ContainerResponseFilter; +import javax.ws.rs.container.PreMatching; +import javax.ws.rs.ext.Provider; + +/** + * + * @author 70744416353 + */ +@Provider +@PreMatching +public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter { + + @Inject + private Logger LOG; + + @Override + public void filter(ClientRequestContext requestContext) { + } + + @Override + public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) { + } + + @Override + public void filter(ContainerRequestContext requestContext) { + } + + @Override + public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { + response.getHeaders().putSingle("Demoiselle", "3.0.0"); + response.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); + response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE"); + response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type"); + } + + @PostConstruct + public void init() { + LOG.info("Demoiselle Module - Rest"); + } + +} diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java new file mode 100644 index 0000000..d7ae709 --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java @@ -0,0 +1,11 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +/** + * Esta pacote tem o objetivo de conter as classes relacionadas aos + * facilitadores de CRUD do framework Demoiselle. + */ +package org.demoiselle.jee.ws.jaxrs.crud; \ No newline at end of file diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java new file mode 100644 index 0000000..81d962c --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java @@ -0,0 +1,41 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.ws.jaxrs.exception; + +import java.util.HashMap; + +import org.demoiselle.jee.core.exception.DemoiselleException; + +public class DemoiselleRESTException extends DemoiselleException { + + private static final long serialVersionUID = 519965615171844237L; + + private HashMap messages = new HashMap(); + + private int statusCode; + + public DemoiselleRESTException() { + + } + + public DemoiselleRESTException(String string) { + super(string); + } + + public int getStatusCode() { + return statusCode; + } + + public void addMessage(String field, String msg) { + this.statusCode = 422; + messages.put(field, msg); + } + + public HashMap getMessages() { + return messages; + } +} diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java new file mode 100644 index 0000000..12739f8 --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java @@ -0,0 +1,68 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.ws.jaxrs.exception.mapper; + +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.HashMap; + +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.ext.ExceptionMapper; +import javax.ws.rs.ext.Provider; + +import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException; + +@Provider +public class GenericExceptionMapper implements ExceptionMapper { + + public Response toResponse(Exception ex) { + + StringWriter errorStackTrace = new StringWriter(); + ex.printStackTrace(new PrintWriter(errorStackTrace)); + + // Verifica se a exception é de validação de PAYLOAD do REST + if (ex.getCause() instanceof DemoiselleRESTException) { + DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex.getCause(); + if (!exDemoiselleREST.getMessages().isEmpty()) { + return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages()) + .type(MediaType.APPLICATION_JSON).build(); + } + } + + HashMap entity = new HashMap(); + + // No caso de existir message ele mostra a MESSAGE da Exception + if (ex.getMessage() != null) { + entity.put("error", ex.getMessage()); + + // Pega toda as mensagens da stacktrace + int level = 1; + while (ex.getCause() != null) { + ex = (Exception) ex.getCause(); + if (!ex.getMessage().isEmpty()) { + entity.put("inner_cause_" + level, ex.getMessage()); + } + level += 1; + } + + // Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException + // http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html + int responseCode = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(); + if (ex instanceof WebApplicationException) { + responseCode = ((WebApplicationException)ex).getResponse().getStatus(); + } + + return Response.status(responseCode).entity(entity).type(MediaType.APPLICATION_JSON).build(); + } + + entity.put("error", "Erro interno desconhecido no servidor."); + return Response.status(500).entity(entity).type(MediaType.APPLICATION_JSON).build(); + } + +} diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java new file mode 100644 index 0000000..2f4eba5 --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java @@ -0,0 +1,25 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.ws.jaxrs.interceptor; + +import static java.lang.annotation.ElementType.METHOD; +import static java.lang.annotation.ElementType.TYPE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +import java.lang.annotation.Inherited; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import javax.interceptor.InterceptorBinding; + +@Inherited +@InterceptorBinding +@Target({ METHOD, TYPE }) +@Retention(RUNTIME) +public @interface ValidatePayload { + +} \ No newline at end of file diff --git a/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java new file mode 100644 index 0000000..6505ff2 --- /dev/null +++ b/demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java @@ -0,0 +1,62 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.ws.jaxrs.interceptor; + +import java.io.Serializable; +import java.util.HashSet; +import java.util.Set; + +import javax.interceptor.AroundInvoke; +import javax.interceptor.Interceptor; +import javax.interceptor.InvocationContext; +import javax.validation.ConstraintViolation; +import javax.validation.UnexpectedTypeException; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; + +import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException; + +@Interceptor +@ValidatePayload +public class ValidatePayloadInterceptor implements Serializable { + + private static final long serialVersionUID = 1L; + + @AroundInvoke + public Object manage(final InvocationContext ic) throws Exception { + DemoiselleRESTException ex = new DemoiselleRESTException(); + Set> violations = new HashSet>(); + for (Object params : ic.getParameters()) { + if (params != null) { + ValidatorFactory dfv = Validation.buildDefaultValidatorFactory(); + Validator validator = dfv.getValidator(); + try { + violations.addAll(validator.validate(params)); + for (ConstraintViolation violation : violations) { + String field = (violation.getRootBeanClass().getSimpleName() + "_" + + violation.getPropertyPath()).toLowerCase(); + // GPMessage msg = + // GPMessage.INVALID_FIELD_P1.setSufix(violation.getConstraintDescriptor() + // .getAnnotation().annotationType().getSimpleName().toLowerCase()); + + ex.addMessage(field, violation.getMessage()); + } + } catch (UnexpectedTypeException cause) { + // GPMessage msg = GPMessage.GENERAL_ERROR_P1; + // msg.setParam(cause.getMessage()); + throw new DemoiselleRESTException("ERRO GENERICO -> ALTERAR"); + } + } + } + + if (!violations.isEmpty() && !ex.getMessages().isEmpty()) { + throw ex; + } + return ic.proceed(); + } +} \ No newline at end of file diff --git a/demoiselle-security-basic/pom.xml b/demoiselle-security-basic/pom.xml index 2e148e1..c928c4a 100644 --- a/demoiselle-security-basic/pom.xml +++ b/demoiselle-security-basic/pom.xml @@ -1,33 +1,26 @@ 4.0.0 - org.demoiselle.jee demoiselle-security-basic - 3.0.0-SNAPSHOT jar - - UTF-8 - 1.8 - 1.8 - + + Demoiselle Security Basic + + Demoiselle Security Basic + + + + org.demoiselle.jee + demoiselle-parent + 3.0.0-BETA1-SNAPSHOT + ../demoiselle-parent + + - ${project.groupId} - demoiselle-core - ${project.version} - - - - ${project.groupId} - demoiselle-ws-jaxrs - ${project.version} - - - - ${project.groupId} + org.demoiselle.jee demoiselle-security - ${project.version} diff --git a/demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java b/demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java index 571110a..112c581 100644 --- a/demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java +++ b/demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java @@ -6,14 +6,17 @@ package org.demoiselle.jee.security.basic.impl; import java.security.Principal; +import java.util.List; import java.util.Map; import java.util.UUID; import java.util.concurrent.ConcurrentHashMap; import java.util.logging.Logger; import javax.enterprise.context.Dependent; +import javax.enterprise.context.RequestScoped; import javax.inject.Inject; -import org.demoiselle.jee.security.Token; -import org.demoiselle.jee.security.interfaces.TokensManager; +import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal; +import org.demoiselle.jee.core.interfaces.security.Token; +import org.demoiselle.jee.core.interfaces.security.TokensManager; /** * @@ -27,25 +30,41 @@ public class TokensManagerImpl implements TokensManager { @Inject private Logger logger; + @Inject + @RequestScoped + private Token token; + + @Inject + @RequestScoped + private Principal loggedUser; + @Override - public Principal getUser(Token token) { - return repo.get(token.getKey()); + public Principal getUser() { + if (loggedUser == null) { + if (token.getKey() != null && !token.getKey().isEmpty()) { + loggedUser = repo.get(token.getKey()); + return loggedUser; + } + } + return loggedUser; } @Override - public Token getToken(Principal user) { + public void setUser(Principal user) { String value = null; if (!repo.containsValue(user)) { value = UUID.randomUUID().toString(); repo.put(value, user); - } else { - for (Map.Entry entry : repo.entrySet()) { - if (entry.getValue().equals(user)) { - return entry.getKey(); - } - } + token.setKey(value); + token.setType("Basic"); } - return value; } + @Override + public boolean validate() { + return true;//(getUser() != null && repo.get(token.getKey()).); + } + + + } diff --git a/demoiselle-security-jwt/pom.xml b/demoiselle-security-jwt/pom.xml index edfb5f2..2bca3fd 100644 --- a/demoiselle-security-jwt/pom.xml +++ b/demoiselle-security-jwt/pom.xml @@ -1,29 +1,28 @@ 4.0.0 - org.demoiselle.jee demoiselle-security-jwt - 3.0.0-SNAPSHOT jar - - UTF-8 - 1.8 - 1.8 - + + Demoiselle Security JWT + + Demoiselle Security JWT + + + + org.demoiselle.jee + demoiselle-parent + 3.0.0-BETA1-SNAPSHOT + ../demoiselle-parent + + - ${project.groupId} - demoiselle-core - ${project.version} - - - - ${project.groupId} + org.demoiselle.jee demoiselle-security - ${project.version} - + org.bitbucket.b_c jose4j @@ -36,6 +35,6 @@ 2.2.2 compile - + diff --git a/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java b/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java index 6e7f77c..0f9b1db 100644 --- a/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java +++ b/demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java @@ -13,7 +13,8 @@ import java.util.logging.Logger; import javax.enterprise.context.Dependent; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; -import org.demoiselle.jee.security.interfaces.TokensManager; +import org.demoiselle.jee.core.security.LoggedUser; +import org.demoiselle.jee.core.security.TokensManager; import org.jose4j.jwk.RsaJsonWebKey; import org.jose4j.jwk.RsaJwkGenerator; import org.jose4j.jws.AlgorithmIdentifiers; @@ -49,8 +50,8 @@ public class TokensManagerImpl implements TokensManager { } @Override - public Principal getUser(String jwt) { - Principal usuario = null; + public LoggedUser getUser(String jwt) { + LoggedUser usuario = null; if (jwt != null && !jwt.isEmpty()) { JwtConsumer jwtConsumer = new JwtConsumerBuilder() .setRequireExpirationTime() // the JWT must have an expiration time @@ -62,7 +63,7 @@ public class TokensManagerImpl implements TokensManager { try { JwtClaims jwtClaims = jwtConsumer.processToClaims(jwt); - usuario = new Gson().fromJson((String) jwtClaims.getClaimValue("user"), Principal.class); + usuario = new Gson().fromJson((String) jwtClaims.getClaimValue("user"), LoggedUser.class); String ip = httpRequest.getRemoteAddr(); if (!ip.equalsIgnoreCase((String) jwtClaims.getClaimValue("ip"))) { @@ -76,7 +77,7 @@ public class TokensManagerImpl implements TokensManager { } @Override - public String getToken(Principal user) { + public String setUser(LoggedUser user) { try { JwtClaims claims = new JwtClaims(); claims.setIssuer("demoiselle"); diff --git a/demoiselle-security-token/.gitignore b/demoiselle-security-token/.gitignore new file mode 100644 index 0000000..fdbbecd --- /dev/null +++ b/demoiselle-security-token/.gitignore @@ -0,0 +1,5 @@ +.settings +.classpath +.project +/target/ +/bin/ diff --git a/demoiselle-security-token/pom.xml b/demoiselle-security-token/pom.xml new file mode 100644 index 0000000..cd8926c --- /dev/null +++ b/demoiselle-security-token/pom.xml @@ -0,0 +1,27 @@ + + + 4.0.0 + demoiselle-security-token + jar + + Demoiselle Security Token + + Demoiselle Security Token + + + + org.demoiselle.jee + demoiselle-parent + 3.0.0-BETA1-SNAPSHOT + ../demoiselle-parent + + + + + + org.demoiselle.jee + demoiselle-security + + + + diff --git a/demoiselle-security-token/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java b/demoiselle-security-token/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java new file mode 100644 index 0000000..82373ac --- /dev/null +++ b/demoiselle-security-token/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java @@ -0,0 +1,90 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.demoiselle.jee.security.basic.impl; + +import java.security.Principal; +import java.util.List; +import java.util.Map; +import java.util.UUID; +import java.util.concurrent.ConcurrentHashMap; +import java.util.logging.Logger; +import javax.enterprise.context.Dependent; +import javax.enterprise.context.RequestScoped; +import javax.inject.Inject; +import org.demoiselle.jee.core.interfaces.security.Token; +import org.demoiselle.jee.core.interfaces.security.TokensManager; + +/** + * + * @author 70744416353 + */ +@Dependent +public class TokensManagerImpl implements TokensManager { + + private static ConcurrentHashMap repo = new ConcurrentHashMap<>(); + + @Inject + private Logger logger; + + @Inject + @RequestScoped + private Token token; + + @Inject + @RequestScoped + private Principal loggedUser; + + @Override + public Principal getUser() { + if (loggedUser == null) { + if (token.getKey() != null && !token.getKey().isEmpty()) { + loggedUser = repo.get(token.getKey()); + return loggedUser; + } + } + return loggedUser; + } + + @Override + public void setUser(Principal user) { + String value = null; + if (!repo.containsValue(user)) { + value = UUID.randomUUID().toString(); + repo.put(value, user); + token.setKey(value); + token.setType("Basic"); + } + } + + @Override + public boolean validate() { + return true;//(getUser() != null && repo.get(token.getKey()).); + } + + @Override + public Token getToken() { + return token; + } + + @Override + public void setToken(Token token) { + String key = null; + if (repo.containsKey(token.getKey())) { + loggedUser = repo.get(key); + } + } + + @Override + public void setRoles(List roles) { + + } + + @Override + public void setPermissions(Map permissions) { + + } + +} diff --git a/demoiselle-security-token/src/main/resources/demoiselle.properties b/demoiselle-security-token/src/main/resources/demoiselle.properties new file mode 100644 index 0000000..4f777af --- /dev/null +++ b/demoiselle-security-token/src/main/resources/demoiselle.properties @@ -0,0 +1 @@ +user-not-authenticated \ No newline at end of file diff --git a/demoiselle-security-token/src/main/resources/messages.properties b/demoiselle-security-token/src/main/resources/messages.properties new file mode 100644 index 0000000..65893da --- /dev/null +++ b/demoiselle-security-token/src/main/resources/messages.properties @@ -0,0 +1 @@ +tipo-seguranca=basic \ No newline at end of file diff --git a/demoiselle-security/pom.xml b/demoiselle-security/pom.xml index 6bb1180..6dd7b6e 100644 --- a/demoiselle-security/pom.xml +++ b/demoiselle-security/pom.xml @@ -1,28 +1,28 @@ - 4.0.0 - demoiselle-security - jar + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + 4.0.0 + demoiselle-security + jar - Demoiselle Security - - Demoiselle Security - + Demoiselle Security + + Demoiselle Security + - - org.demoiselle.jee - demoiselle-parent - 3.0.0-BETA1-SNAPSHOT - ../demoiselle-parent - + + org.demoiselle.jee + demoiselle-parent + 3.0.0-BETA1-SNAPSHOT + ../demoiselle-parent + - + - - org.demoiselle.jee - demoiselle-core - + + org.demoiselle.jee + demoiselle-core + - + diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java deleted file mode 100644 index bda0862..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security; - -import java.io.IOException; -import org.demoiselle.jee.security.interfaces.SecurityContext; -import java.util.logging.Logger; -import javax.annotation.PostConstruct; -import javax.inject.Inject; -import javax.ws.rs.client.ClientRequestContext; -import javax.ws.rs.client.ClientRequestFilter; -import javax.ws.rs.client.ClientResponseContext; -import javax.ws.rs.client.ClientResponseFilter; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; -import javax.ws.rs.container.ContainerResponseContext; -import javax.ws.rs.container.ContainerResponseFilter; -import javax.ws.rs.container.PreMatching; -import javax.ws.rs.ext.Provider; - -/** - * - * @author 70744416353 - */ -@Provider -@PreMatching -public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter { - - @Inject - private Logger LOG; - - @Inject - private SecurityContext securityContext; - - @PostConstruct - public void init() { - LOG.info("Demoiselle Module - Security"); - } - - @Override - public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) { - responseContext.getHeaders().putSingle("Authorization", "enabled"); - responseContext.getHeaders().putSingle("x-content-type-options", "nosniff"); - responseContext.getHeaders().putSingle("x-frame-options", "SAMEORIGIN"); - responseContext.getHeaders().putSingle("x-xss-protection", "1; mode=block"); - } - - @Override - public void filter(ContainerRequestContext requestContext) throws IOException { - try { - if (requestContext.getHeaders().containsKey("Authorization")) { - String token = requestContext.getHeaders().get("Authorization").toString().replace("[", "").replace("]", ""); - if (!token.isEmpty()) { - securityContext.setToken(token); - } - } - } catch (Exception e) { - } - - } - - @Override - public void filter(ClientRequestContext requestContext) throws IOException { - - } - - @Override - public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) throws IOException { - - } - -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/LoggedUser.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/LoggedUser.java deleted file mode 100644 index ccc2870..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/LoggedUser.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security; - -import java.util.List; -import java.util.Map; - -import javax.enterprise.context.RequestScoped; - -/** - * - * @author 70744416353 - */ -@RequestScoped -public class LoggedUser { - - private String id; - private String username; - private String email; - private Map premissions; - private List roles; - - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getEmail() { - return email; - } - - public void setEmail(String email) { - this.email = email; - } - - public Map getPremissions() { - return premissions; - } - - public void setPremissions(Map premissions) { - this.premissions = premissions; - } - - public List getRoles() { - return roles; - } - - public void setRoles(List roles) { - this.roles = roles; - } - -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/Token.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/Token.java deleted file mode 100644 index e185389..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/Token.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security; - -import javax.enterprise.context.RequestScoped; - -/** - * - * @author 70744416353 - */ -@RequestScoped -public class Token { - - private String key; - - public String getKey() { - return key; - } - - public void setKey(String key) { - this.key = key; - } - -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/LoggedIn.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/LoggedIn.java new file mode 100644 index 0000000..1af1d54 --- /dev/null +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/LoggedIn.java @@ -0,0 +1,31 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.security.annotation; + +import javax.interceptor.InterceptorBinding; +import java.lang.annotation.Inherited; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.METHOD; +import static java.lang.annotation.ElementType.TYPE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +/** + *

+ * Indicates that a specific permission is required in order to invocate the annotated method or class. + *

+ * + * @author SERPRO + */ + +@Inherited +@InterceptorBinding +@Target({ METHOD, TYPE }) +@Retention(RUNTIME) +public @interface LoggedIn { +} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredPermission.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredPermission.java new file mode 100644 index 0000000..478bad8 --- /dev/null +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredPermission.java @@ -0,0 +1,35 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.security.annotation; + +import javax.enterprise.util.Nonbinding; +import javax.interceptor.InterceptorBinding; +import java.lang.annotation.Inherited; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.METHOD; +import static java.lang.annotation.ElementType.TYPE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +/** + * Indicates that a specific permission is required in order to invocate the annotated method or class. + * + * @author SERPRO + */ +@Inherited +@InterceptorBinding +@Target({ METHOD, TYPE }) +@Retention(RUNTIME) +public @interface RequiredPermission { + + @Nonbinding + String resource() default ""; + + @Nonbinding + String operation() default ""; +} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredRole.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredRole.java new file mode 100644 index 0000000..d9dfeab --- /dev/null +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotation/RequiredRole.java @@ -0,0 +1,35 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.security.annotation; + +import javax.enterprise.util.Nonbinding; +import javax.interceptor.InterceptorBinding; +import java.lang.annotation.Inherited; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.METHOD; +import static java.lang.annotation.ElementType.TYPE; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +/** + *

+ * Indicates that the annotated method or class requires the user to have one or more roles associated in order to be + * invocated. + *

+ * + * @author SERPRO + */ +@Inherited +@InterceptorBinding +@Target({ METHOD, TYPE }) +@Retention(RUNTIME) +public @interface RequiredRole { + + @Nonbinding + String[] value(); +} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/LoggedIn.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/LoggedIn.java deleted file mode 100644 index 6d4b9e2..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/LoggedIn.java +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.annotations; - -import javax.interceptor.InterceptorBinding; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - *

- * Indicates that a specific permission is required in order to invocate the annotated method or class. - *

- * - * @author SERPRO - */ - -@Inherited -@InterceptorBinding -@Target({ METHOD, TYPE }) -@Retention(RUNTIME) -public @interface LoggedIn { -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredPermission.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredPermission.java deleted file mode 100644 index acd14c6..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredPermission.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.annotations; - -import javax.enterprise.util.Nonbinding; -import javax.interceptor.InterceptorBinding; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - * Indicates that a specific permission is required in order to invocate the annotated method or class. - * - * @author SERPRO - */ -@Inherited -@InterceptorBinding -@Target({ METHOD, TYPE }) -@Retention(RUNTIME) -public @interface RequiredPermission { - - @Nonbinding - String resource() default ""; - - @Nonbinding - String operation() default ""; -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredRole.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredRole.java deleted file mode 100644 index 23e6429..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/annotations/RequiredRole.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.annotations; - -import javax.enterprise.util.Nonbinding; -import javax.interceptor.InterceptorBinding; -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -/** - *

- * Indicates that the annotated method or class requires the user to have one or more roles associated in order to be - * invocated. - *

- * - * @author SERPRO - */ -@Inherited -@InterceptorBinding -@Target({ METHOD, TYPE }) -@Retention(RUNTIME) -public @interface RequiredRole { - - @Nonbinding - String[] value(); -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/filter/JaxRsFilter.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/filter/JaxRsFilter.java new file mode 100644 index 0000000..6eda878 --- /dev/null +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/filter/JaxRsFilter.java @@ -0,0 +1,79 @@ +/* + * Demoiselle Framework + * + * License: GNU Lesser General Public License (LGPL), version 3 or later. + * See the lgpl.txt file in the root directory or . + */ +package org.demoiselle.jee.security.filter; + +import java.io.IOException; +import java.util.logging.Logger; +import javax.annotation.PostConstruct; +import javax.inject.Inject; +import javax.ws.rs.client.ClientRequestContext; +import javax.ws.rs.client.ClientRequestFilter; +import javax.ws.rs.client.ClientResponseContext; +import javax.ws.rs.client.ClientResponseFilter; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.container.ContainerResponseFilter; +import javax.ws.rs.container.PreMatching; +import javax.ws.rs.ext.Provider; +import org.demoiselle.jee.core.interfaces.security.SecurityContext; +import org.demoiselle.jee.core.interfaces.security.Token; + +/** + * + * @author 70744416353 + */ +@Provider +@PreMatching +public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter { + + @Inject + private Logger LOG; + + @Inject + private Token token; + + @PostConstruct + public void init() { + LOG.info("Demoiselle Module - Security"); + } + + @Override + public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) { + responseContext.getHeaders().putSingle("Authorization", "enabled"); + responseContext.getHeaders().putSingle("x-content-type-options", "nosniff"); + responseContext.getHeaders().putSingle("x-frame-options", "SAMEORIGIN"); + responseContext.getHeaders().putSingle("x-xss-protection", "1; mode=block"); + } + + @Override + public void filter(ContainerRequestContext requestContext) throws IOException { + try { + if (requestContext.getHeaders().containsKey("Authorization")) { + String chave = requestContext.getHeaders().get("Authorization").toString().replace("[", "").replace("]", ""); + if (!chave.isEmpty()) { + token.setType(chave.split(" ")[0]); + token.setKey(chave.split(" ")[1]); + } + } + } catch (Exception e) { + LOG.fine(e.getMessage()); + } + + } + + @Override + public void filter(ClientRequestContext requestContext) throws IOException { + + } + + @Override + public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) throws IOException { + + } + +} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java index 43fa5f9..11e27f5 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java @@ -7,18 +7,17 @@ package org.demoiselle.jee.security.impl; import java.security.Principal; +import java.util.List; import java.util.Map; -import java.util.Set; - import javax.enterprise.context.Dependent; import javax.inject.Inject; import org.demoiselle.jee.core.util.ResourceBundle; -import org.demoiselle.jee.security.LoggedUser; -import org.demoiselle.jee.security.Token; + import org.demoiselle.jee.security.exception.NotLoggedInException; -import org.demoiselle.jee.security.interfaces.SecurityContext; -import org.demoiselle.jee.security.interfaces.TokensManager; +import org.demoiselle.jee.core.interfaces.security.SecurityContext; +import org.demoiselle.jee.core.interfaces.security.Token; +import org.demoiselle.jee.core.interfaces.security.TokensManager; /** *

@@ -36,12 +35,6 @@ public class SecurityContextImpl implements SecurityContext { private TokensManager tm; @Inject - private Token token; - - @Inject - private LoggedUser loggedUser; - - @Inject private ResourceBundle bundle; /** @@ -70,20 +63,10 @@ public class SecurityContextImpl implements SecurityContext { */ @Override public boolean isLoggedIn() { - return getUser() != null; + return tm.validate(); } - /** - * @see org.demoiselle.security.SecurityContext#getUser() - */ @Override - public Principal getUser() { -// if (token.getKey() != null && !token.getKey().isEmpty()) { -// return tm.getUser(token.getKey()); -// } - return null;//token.getPrincipal(); - } - public void checkLoggedIn() throws NotLoggedInException { if (!isLoggedIn()) { throw new NotLoggedInException(bundle.getString("user-not-authenticated")); @@ -91,46 +74,13 @@ public class SecurityContextImpl implements SecurityContext { } @Override - public void setRoles(Set roles) { - throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. - } - - @Override - public void setPermission(Map permissions) { - throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. - } - - @Override - public Set getResources(String operation) { - throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. - } - - @Override - public Set getOperations(String resources) { - throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates. - } - - @Override - public void setUser(Principal principal) { -// token.setKey(tm.getToken(principal)); -// token.setPrincipal(principal); - } - - @Override - public String getToken() { -// if (token.getKey() != null && token.getKey().isEmpty()) { -// token.setKey(tm.getToken(token.getPrincipal())); -// } - return token.getKey(); + public Principal getUser() { + return tm.getUser(); } @Override - public void setToken(String chave) { -// token.setPrincipal(tm.getUser(chave)); -// if (token.getPrincipal() == null) { -// throw new NotLoggedInException(bundle.getString("user-not-authenticated")); -// } - token.setKey(chave); + public void setUser(Principal loggedUser) { + tm.setUser(loggedUser); } } diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java new file mode 100644 index 0000000..8c1d3ee --- /dev/null +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java @@ -0,0 +1,41 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.demoiselle.jee.security.impl; + +import javax.enterprise.context.Dependent; +import org.demoiselle.jee.core.interfaces.security.Token; + +/** + * + * @author 70744416353 + */ +@Dependent +public class TokenImpl implements Token { + + private String key; + private String type; + + @Override + public String getKey() { + return key; + } + + @Override + public void setKey(String key) { + this.key = key; + } + + @Override + public String getType() { + return type; + } + + @Override + public void setType(String type) { + this.type = type; + } + +} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java index e40f1e2..c7133a3 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java @@ -12,8 +12,8 @@ import javax.interceptor.AroundInvoke; import javax.interceptor.Interceptor; import javax.interceptor.InvocationContext; import java.io.Serializable; -import org.demoiselle.jee.security.annotations.LoggedIn; -import org.demoiselle.jee.security.interfaces.SecurityContext; +import org.demoiselle.jee.security.annotation.LoggedIn; +import org.demoiselle.jee.core.interfaces.security.SecurityContext; /** *

diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java index 79eb68d..b62eb7f 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java @@ -9,19 +9,18 @@ package org.demoiselle.jee.security.interceptor; import org.demoiselle.jee.security.exception.AuthorizationException; import javax.annotation.Priority; -import javax.enterprise.inject.spi.CDI; import javax.interceptor.AroundInvoke; import javax.interceptor.Interceptor; import javax.interceptor.InvocationContext; import java.io.Serializable; +import java.security.Principal; import java.util.logging.Logger; import javax.inject.Inject; -import static javax.sql.rowset.spi.SyncFactory.getLogger; import org.demoiselle.jee.core.annotation.Name; import org.demoiselle.jee.core.util.ResourceBundle; import org.demoiselle.jee.core.util.Strings; -import org.demoiselle.jee.security.annotations.RequiredPermission; -import org.demoiselle.jee.security.interfaces.SecurityContext; +import org.demoiselle.jee.security.annotation.RequiredPermission; +import org.demoiselle.jee.core.interfaces.security.SecurityContext; /** *

@@ -38,6 +37,12 @@ public class RequiredPermissionInterceptor implements Serializable { private static final long serialVersionUID = 1L; @Inject + private SecurityContext securityContext; + + @Inject + private Principal loggedUser; + + @Inject private ResourceBundle bundle; @Inject @@ -66,17 +71,17 @@ public class RequiredPermissionInterceptor implements Serializable { String operation = getOperation(ic); String username = null; - if (getSecurityContext().isLoggedIn()) { - username = getSecurityContext().getUser().getName(); - getLogger().finest(bundle.getString("access-checking", username, operation, resource)); + if (securityContext.isLoggedIn()) { + username = loggedUser.getName(); + logger.finest(bundle.getString("access-checking", username, operation, resource)); } - if (!getSecurityContext().hasPermission(resource, operation)) { - getLogger().severe(bundle.getString("access-denied", username, operation, resource)); + if (securityContext.hasPermission(resource, operation)) { + logger.severe(bundle.getString("access-denied", username, operation, resource)); throw new AuthorizationException(bundle.getString("access-denied-ui", resource, operation)); } - getLogger().fine(bundle.getString("access-allowed", username, operation, resource)); + logger.fine(bundle.getString("access-allowed", username, operation, resource)); return ic.proceed(); } @@ -144,7 +149,4 @@ public class RequiredPermissionInterceptor implements Serializable { } } - private SecurityContext getSecurityContext() { - return CDI.current().select(SecurityContext.class).get(); - } } diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java index c701f74..d886217 100644 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java +++ b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java @@ -9,11 +9,11 @@ package org.demoiselle.jee.security.interceptor; import org.demoiselle.jee.security.exception.AuthorizationException; import javax.annotation.Priority; -import javax.enterprise.inject.spi.CDI; import javax.interceptor.AroundInvoke; import javax.interceptor.Interceptor; import javax.interceptor.InvocationContext; import java.io.Serializable; +import java.security.Principal; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -21,8 +21,8 @@ import java.util.List; import java.util.logging.Logger; import javax.inject.Inject; import org.demoiselle.jee.core.util.ResourceBundle; -import org.demoiselle.jee.security.annotations.RequiredRole; -import org.demoiselle.jee.security.interfaces.SecurityContext; +import org.demoiselle.jee.security.annotation.RequiredRole; +import org.demoiselle.jee.core.interfaces.security.SecurityContext; /** *

@@ -39,6 +39,12 @@ public class RequiredRoleInterceptor implements Serializable { private static final long serialVersionUID = 1L; @Inject + private SecurityContext securityContext; + + @Inject + private Principal loggedUser; + + @Inject private ResourceBundle bundle; @Inject @@ -64,27 +70,27 @@ public class RequiredRoleInterceptor implements Serializable { public Object manage(final InvocationContext ic) throws Exception { List roles = getRoles(ic); - if (getSecurityContext().isLoggedIn()) { + if (securityContext.isLoggedIn()) { logger.info( - bundle.getString("has-role-verification", getSecurityContext().getUser().getName(), roles)); + bundle.getString("has-role-verification", loggedUser.getName(), roles)); } List userRoles = new ArrayList(); for (String role : roles) { - if (getSecurityContext().hasRole(role)) { + if (securityContext.hasRole(role)) { userRoles.add(role); } } if (userRoles.isEmpty()) { logger.severe( - bundle.getString("does-not-have-role", getSecurityContext().getUser().getName(), roles)); + bundle.getString("does-not-have-role", loggedUser.getName(), roles)); throw new AuthorizationException(bundle.getString("does-not-have-role-ui", roles)); } - logger.fine(bundle.getString("user-has-role", getSecurityContext().getUser().getName(), userRoles)); + logger.fine(bundle.getString("user-has-role", loggedUser.getName(), userRoles)); return ic.proceed(); } @@ -110,8 +116,4 @@ public class RequiredRoleInterceptor implements Serializable { return Arrays.asList(roles); } - private SecurityContext getSecurityContext() { - return CDI.current().select(SecurityContext.class).get(); - } - } diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/LoggedUser.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/LoggedUser.java deleted file mode 100644 index 51f97a8..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/LoggedUser.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.interfaces; - -import java.io.Serializable; -import java.security.Principal; -import java.util.List; -import java.util.Map; - -import javax.enterprise.context.RequestScoped; - -/** - *

- * Structure used to handle both authentication and authorizations mechanisms. - *

- * - * @author SERPRO - */ -@RequestScoped -public interface LoggedUser extends Principal, Serializable { - - public String getId(); - - public void setId(String id); - - public Map getPermissions(); - - public void setPermissions(Map premissions); - - public List getRoles(); - - public void setRoles(List roles); - -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/SecurityContext.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/SecurityContext.java deleted file mode 100644 index 8d36094..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/SecurityContext.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.interfaces; - -import java.io.Serializable; -import java.security.Principal; -import java.util.Map; -import java.util.Set; -import org.demoiselle.jee.security.exception.AuthorizationException; -import org.demoiselle.jee.security.exception.NotLoggedInException; - -/** - *

- * Structure used to handle both authentication and authorizations mechanisms. - *

- * - * @author SERPRO - */ -public interface SecurityContext extends Serializable { - - /** - * Checks if a specific user is logged in. - * - * @return {@code true} if the user is logged in - */ - boolean isLoggedIn(); - - /** - * @throws NotLoggedInException if there is no user logged in a specific - * session - */ - void checkLoggedIn(); - - /** - * Checks if the logged user has permission to execute an specific operation - * on a specific resource. - * - * @param resource resource to be checked - * @param operation operation to be checked - * @return {@code true} if the user has the permission - * @throws AuthorizationException When the permission checking fails, this - * exception is thrown. - * @throws NotLoggedInException if there is no user logged in a specific - * session. - */ - boolean hasPermission(String resource, String operation); - - /** - * Checks if the logged user has an specific role - * - * @param role role to be checked - * @return {@code true} if the user has the role - * @throws AuthorizationException When the permission checking fails, this - * exception is thrown. - * @throws NotLoggedInException if there is no user logged in a specific - * session. - */ - boolean hasRole(String role); - - /** - * Return the user logged in the session. - * - * @return the user logged in a specific authenticated session. If there is - * no active session {@code null} is returned. - */ - Principal getUser(); - - void setUser(Principal principal); - - String getToken(); - - void setToken(String token); - - void setRoles(Set roles); - - void setPermission(Map permissions); - - Set getResources(String operation); - - Set getOperations(String resources); - -} diff --git a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/TokensManager.java b/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/TokensManager.java deleted file mode 100644 index c767b43..0000000 --- a/demoiselle-security/src/main/java/org/demoiselle/jee/security/interfaces/TokensManager.java +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.security.interfaces; - -import java.io.Serializable; - -import org.demoiselle.jee.security.LoggedUser; -import org.demoiselle.jee.security.Token; - -/** - *

- * Structure used to handle both authentication and authorizations mechanisms. - *

- * - * @author SERPRO - */ -public interface TokensManager extends Serializable { - - public LoggedUser getUser(Token token); - - public String create(LoggedUser user); - -} diff --git a/demoiselle-ws-jaxrs/.gitignore b/demoiselle-ws-jaxrs/.gitignore deleted file mode 100644 index fdbbecd..0000000 --- a/demoiselle-ws-jaxrs/.gitignore +++ /dev/null @@ -1,5 +0,0 @@ -.settings -.classpath -.project -/target/ -/bin/ diff --git a/demoiselle-ws-jaxrs/pom.xml b/demoiselle-ws-jaxrs/pom.xml deleted file mode 100644 index ff96488..0000000 --- a/demoiselle-ws-jaxrs/pom.xml +++ /dev/null @@ -1,37 +0,0 @@ - - - 4.0.0 - demoiselle-ws-jaxrs - jar - - Demoiselle Web Service - - Demoiselle Web Service - - - - org.demoiselle.jee - demoiselle-parent - 3.0.0-BETA1-SNAPSHOT - ../demoiselle-parent - - - - - - org.demoiselle.jee - demoiselle-core - - - - javax.ws.rs - javax.ws.rs-api - - - - javax.json - javax.json-api - - - - diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java deleted file mode 100644 index 12a1908..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/JaxRsFilter.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.ws.jaxrs; - -import java.util.logging.Logger; -import javax.annotation.PostConstruct; -import javax.inject.Inject; -import javax.ws.rs.client.ClientRequestContext; -import javax.ws.rs.client.ClientRequestFilter; -import javax.ws.rs.client.ClientResponseContext; -import javax.ws.rs.client.ClientResponseFilter; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; -import javax.ws.rs.container.ContainerResponseContext; -import javax.ws.rs.container.ContainerResponseFilter; -import javax.ws.rs.container.PreMatching; -import javax.ws.rs.ext.Provider; - -/** - * - * @author 70744416353 - */ -@Provider -@PreMatching -public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter { - - @Inject - private Logger LOG; - - @Override - public void filter(ClientRequestContext requestContext) { - } - - @Override - public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) { - } - - @Override - public void filter(ContainerRequestContext requestContext) { - } - - @Override - public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { - response.getHeaders().putSingle("Demoiselle", "3.0.0"); - response.getHeaders().putSingle("Access-Control-Allow-Origin", "*"); - response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE"); - response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type"); - } - - @PostConstruct - public void init() { - LOG.info("Demoiselle Module - Rest"); - } - -} diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java deleted file mode 100644 index d7ae709..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/crud/package-info.java +++ /dev/null @@ -1,11 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -/** - * Esta pacote tem o objetivo de conter as classes relacionadas aos - * facilitadores de CRUD do framework Demoiselle. - */ -package org.demoiselle.jee.ws.jaxrs.crud; \ No newline at end of file diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java deleted file mode 100644 index 81d962c..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.ws.jaxrs.exception; - -import java.util.HashMap; - -import org.demoiselle.jee.core.exception.DemoiselleException; - -public class DemoiselleRESTException extends DemoiselleException { - - private static final long serialVersionUID = 519965615171844237L; - - private HashMap messages = new HashMap(); - - private int statusCode; - - public DemoiselleRESTException() { - - } - - public DemoiselleRESTException(String string) { - super(string); - } - - public int getStatusCode() { - return statusCode; - } - - public void addMessage(String field, String msg) { - this.statusCode = 422; - messages.put(field, msg); - } - - public HashMap getMessages() { - return messages; - } -} diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java deleted file mode 100644 index 12739f8..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.ws.jaxrs.exception.mapper; - -import java.io.PrintWriter; -import java.io.StringWriter; -import java.util.HashMap; - -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import javax.ws.rs.ext.ExceptionMapper; -import javax.ws.rs.ext.Provider; - -import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException; - -@Provider -public class GenericExceptionMapper implements ExceptionMapper { - - public Response toResponse(Exception ex) { - - StringWriter errorStackTrace = new StringWriter(); - ex.printStackTrace(new PrintWriter(errorStackTrace)); - - // Verifica se a exception é de validação de PAYLOAD do REST - if (ex.getCause() instanceof DemoiselleRESTException) { - DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex.getCause(); - if (!exDemoiselleREST.getMessages().isEmpty()) { - return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages()) - .type(MediaType.APPLICATION_JSON).build(); - } - } - - HashMap entity = new HashMap(); - - // No caso de existir message ele mostra a MESSAGE da Exception - if (ex.getMessage() != null) { - entity.put("error", ex.getMessage()); - - // Pega toda as mensagens da stacktrace - int level = 1; - while (ex.getCause() != null) { - ex = (Exception) ex.getCause(); - if (!ex.getMessage().isEmpty()) { - entity.put("inner_cause_" + level, ex.getMessage()); - } - level += 1; - } - - // Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException - // http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html - int responseCode = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(); - if (ex instanceof WebApplicationException) { - responseCode = ((WebApplicationException)ex).getResponse().getStatus(); - } - - return Response.status(responseCode).entity(entity).type(MediaType.APPLICATION_JSON).build(); - } - - entity.put("error", "Erro interno desconhecido no servidor."); - return Response.status(500).entity(entity).type(MediaType.APPLICATION_JSON).build(); - } - -} diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java deleted file mode 100644 index 2f4eba5..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayload.java +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.ws.jaxrs.interceptor; - -import static java.lang.annotation.ElementType.METHOD; -import static java.lang.annotation.ElementType.TYPE; -import static java.lang.annotation.RetentionPolicy.RUNTIME; - -import java.lang.annotation.Inherited; -import java.lang.annotation.Retention; -import java.lang.annotation.Target; - -import javax.interceptor.InterceptorBinding; - -@Inherited -@InterceptorBinding -@Target({ METHOD, TYPE }) -@Retention(RUNTIME) -public @interface ValidatePayload { - -} \ No newline at end of file diff --git a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java b/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java deleted file mode 100644 index 6505ff2..0000000 --- a/demoiselle-ws-jaxrs/src/main/java/org/demoiselle/jee/ws/jaxrs/interceptor/ValidatePayloadInterceptor.java +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Demoiselle Framework - * - * License: GNU Lesser General Public License (LGPL), version 3 or later. - * See the lgpl.txt file in the root directory or . - */ -package org.demoiselle.jee.ws.jaxrs.interceptor; - -import java.io.Serializable; -import java.util.HashSet; -import java.util.Set; - -import javax.interceptor.AroundInvoke; -import javax.interceptor.Interceptor; -import javax.interceptor.InvocationContext; -import javax.validation.ConstraintViolation; -import javax.validation.UnexpectedTypeException; -import javax.validation.Validation; -import javax.validation.Validator; -import javax.validation.ValidatorFactory; - -import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException; - -@Interceptor -@ValidatePayload -public class ValidatePayloadInterceptor implements Serializable { - - private static final long serialVersionUID = 1L; - - @AroundInvoke - public Object manage(final InvocationContext ic) throws Exception { - DemoiselleRESTException ex = new DemoiselleRESTException(); - Set> violations = new HashSet>(); - for (Object params : ic.getParameters()) { - if (params != null) { - ValidatorFactory dfv = Validation.buildDefaultValidatorFactory(); - Validator validator = dfv.getValidator(); - try { - violations.addAll(validator.validate(params)); - for (ConstraintViolation violation : violations) { - String field = (violation.getRootBeanClass().getSimpleName() + "_" - + violation.getPropertyPath()).toLowerCase(); - // GPMessage msg = - // GPMessage.INVALID_FIELD_P1.setSufix(violation.getConstraintDescriptor() - // .getAnnotation().annotationType().getSimpleName().toLowerCase()); - - ex.addMessage(field, violation.getMessage()); - } - } catch (UnexpectedTypeException cause) { - // GPMessage msg = GPMessage.GENERAL_ERROR_P1; - // msg.setParam(cause.getMessage()); - throw new DemoiselleRESTException("ERRO GENERICO -> ALTERAR"); - } - } - } - - if (!violations.isEmpty() && !ex.getMessages().isEmpty()) { - throw ex; - } - return ic.proceed(); - } -} \ No newline at end of file diff --git a/pom.xml b/pom.xml index 538f021..f5ce36d 100644 --- a/pom.xml +++ b/pom.xml @@ -1,216 +1,218 @@ - 4.0.0 - - org.demoiselle.jee - demoiselle-build - pom - 3.0.0-BETA1-SNAPSHOT - - Demoiselle Framework - Framework de integração para Java EE 7 baseado na especificação CDI 1.2 (JSR 346). - http://demoiselle.io - - - - GNU Lesser General Public License, Version 3 - http://www.gnu.org/licenses/lgpl-3.0.txt - - - - - SERPRO - Serviço Federal de Processamento de Dados - http://www.serpro.gov.br - - - - - - Cassio Maes da Fonseca - cassiomaes@gmail.com - SERPRO - http://www.serpro.gov.br - - - - Clovis Lemes Ferreira Junior - clovisjunior2009@gmail.com - SERPRO - http://www.serpro.gov.br - - - - Julian Cesar dos Santos - juliancesar@gmail.com - SERPRO - http://www.serpro.gov.br - - - - Paulo Gladson Ximenes Pinheiro - paulopinheiro777@gmail.com - SERPRO - http://www.serpro.gov.br - - - - Vanderson Botelho da Silva - botelhojp@gmail.com - SERPRO - http://www.serpro.gov.br - - - + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + 4.0.0 + + org.demoiselle.jee + demoiselle-build + pom + 3.0.0-BETA1-SNAPSHOT + + Demoiselle Framework + Framework de integração para Java EE 7 baseado na especificação CDI 1.2 (JSR 346). + http://demoiselle.io + + + + GNU Lesser General Public License, Version 3 + http://www.gnu.org/licenses/lgpl-3.0.txt + + + + + SERPRO - Serviço Federal de Processamento de Dados + http://www.serpro.gov.br + + + + + + Cassio Maes da Fonseca + cassiomaes@gmail.com + SERPRO + http://www.serpro.gov.br + + + + Clovis Lemes Ferreira Junior + clovisjunior2009@gmail.com + SERPRO + http://www.serpro.gov.br + + + + Julian Cesar dos Santos + juliancesar@gmail.com + SERPRO + http://www.serpro.gov.br + + + + Paulo Gladson Ximenes Pinheiro + paulopinheiro777@gmail.com + SERPRO + http://www.serpro.gov.br + + + + Vanderson Botelho da Silva + botelhojp@gmail.com + SERPRO + http://www.serpro.gov.br + + + - - demoiselle-parent - demoiselle-core - demoiselle-persistence-jpa - demoiselle-security - demoiselle-ws-jaxrs - - - - framework - 1.8 - 1.8 - 1.8 - UTF-8 - + + demoiselle-parent + demoiselle-core + demoiselle-persistence-jpa + demoiselle-rest + demoiselle-security + demoiselle-security-basic + + + + + framework + 1.8 + 1.8 + 1.8 + UTF-8 + - - - - org.apache.maven.plugins - maven-assembly-plugin - 2.6 - - - - org.apache.maven.plugins - maven-deploy-plugin - 2.8.2 - + + + + org.apache.maven.plugins + maven-assembly-plugin + 2.6 + + + + org.apache.maven.plugins + maven-deploy-plugin + 2.8.2 + - - org.apache.maven.plugins - maven-source-plugin - 2.2.1 - - - attach-sources - - jar-no-fork - - - - - - - org.apache.maven.plugins - maven-gpg-plugin - 1.5 - - - sign-artifacts - verify - - sign - - - - - - - org.sonatype.plugins - nexus-staging-maven-plugin - 1.6.3 - true - - sonatype-nexus-staging - https://oss.sonatype.org/ - false - - - - - org.apache.maven.plugins - maven-release-plugin - 2.5 - - true - false - release - deploy - - - - - - - - scm:git:git@github.com:demoiselle/${project.alias}.git - scm:git:git@github.com:demoiselle/${project.alias}.git - http://github.com/demoiselle/${project.alias} - HEAD - - - - - demoiselle.sourceforge.net - ${site.url} - - - - sonatype-nexus-snapshots - https://oss.sonatype.org/content/repositories/snapshots - - - - sonatype-nexus-staging - https://oss.sonatype.org/service/local/staging/deploy/maven2/ - - - - - - sonatype-nexus-snapshots - Sonatype Nexus Snapshots - https://oss.sonatype.org/content/repositories/snapshots - - true - - - false - - - - - sonatype-nexus-releases - Sonatype Nexus Releases - https://oss.sonatype.org/content/repositories/releases - - false - - - true - - - + + org.apache.maven.plugins + maven-source-plugin + 2.2.1 + + + attach-sources + + jar-no-fork + + + + + + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.3 + true + + sonatype-nexus-staging + https://oss.sonatype.org/ + false + + + + + org.apache.maven.plugins + maven-release-plugin + 2.5 + + true + false + release + deploy + + + + + + + + scm:git:git@github.com:demoiselle/${project.alias}.git + scm:git:git@github.com:demoiselle/${project.alias}.git + http://github.com/demoiselle/${project.alias} + HEAD + + + + + demoiselle.sourceforge.net + ${site.url} + + + + sonatype-nexus-snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + + sonatype-nexus-staging + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + + + sonatype-nexus-snapshots + Sonatype Nexus Snapshots + https://oss.sonatype.org/content/repositories/snapshots + + true + + + false + + + + + sonatype-nexus-releases + Sonatype Nexus Releases + https://oss.sonatype.org/content/repositories/releases + + false + + + true + + + -- libgit2 0.21.2