diff --git a/src/main/java/org/codelibs/fess/app/service/AccessTokenService.java b/src/main/java/org/codelibs/fess/app/service/AccessTokenService.java index e24448ac9..f3e38020f 100644 --- a/src/main/java/org/codelibs/fess/app/service/AccessTokenService.java +++ b/src/main/java/org/codelibs/fess/app/service/AccessTokenService.java @@ -92,7 +92,7 @@ public class AccessTokenService { } public OptionalEntity> getPermissions(final HttpServletRequest request) { - final String token = request.getHeader("Authorization"); + final String token = ComponentUtil.getAccessTokenHelper().getAccessTokenFromRequest(request); if (StringUtil.isNotBlank(token)) { return accessTokenBhv .selectEntity(cb -> { diff --git a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java index 0c14b652f..86d91bcba 100644 --- a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java +++ b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java @@ -203,7 +203,7 @@ public class AdminAccesstokenAction extends FessAdminAction { verifyToken(() -> asEditHtml()); getAccessToken(form).ifPresent( entity -> { - entity.setToken(systemHelper.generateAccessToken()); + entity.setToken(accessTokenHelper.generateAccessToken()); try { accessTokenService.store(entity); saveInfo(messages -> messages.addSuccessCrudCreateCrudTable(GLOBAL)); diff --git a/src/main/java/org/codelibs/fess/app/web/api/admin/accesstoken/ApiAdminAccesstokenAction.java b/src/main/java/org/codelibs/fess/app/web/api/admin/accesstoken/ApiAdminAccesstokenAction.java index b682b6797..8286c45db 100644 --- a/src/main/java/org/codelibs/fess/app/web/api/admin/accesstoken/ApiAdminAccesstokenAction.java +++ b/src/main/java/org/codelibs/fess/app/web/api/admin/accesstoken/ApiAdminAccesstokenAction.java @@ -85,7 +85,7 @@ public class ApiAdminAccesstokenAction extends FessApiAdminAction { validateApi(body, messages -> {}); body.crudMode = CrudMode.CREATE; final AccessToken accessToken = getAccessToken(body).map(entity -> { - entity.setToken(systemHelper.generateAccessToken()); + entity.setToken(accessTokenHelper.generateAccessToken()); try { accessTokenService.store(entity); } catch (final Exception e) { diff --git a/src/main/java/org/codelibs/fess/app/web/base/FessBaseAction.java b/src/main/java/org/codelibs/fess/app/web/base/FessBaseAction.java index ae55ea1c3..90842d765 100644 --- a/src/main/java/org/codelibs/fess/app/web/base/FessBaseAction.java +++ b/src/main/java/org/codelibs/fess/app/web/base/FessBaseAction.java @@ -23,6 +23,7 @@ import org.codelibs.core.beans.util.BeanUtil; import org.codelibs.core.beans.util.CopyOptions; import org.codelibs.fess.Constants; import org.codelibs.fess.app.web.base.login.FessLoginAssist; +import org.codelibs.fess.helper.AccessTokenHelper; import org.codelibs.fess.helper.ActivityHelper; import org.codelibs.fess.helper.SystemHelper; import org.codelibs.fess.helper.ViewHelper; @@ -84,6 +85,9 @@ public abstract class FessBaseAction extends TypicalAction // has several interf @Resource protected SystemHelper systemHelper; + @Resource + protected AccessTokenHelper accessTokenHelper; + @Resource protected ViewHelper viewHelper; diff --git a/src/main/java/org/codelibs/fess/helper/AccessTokenHelper.java b/src/main/java/org/codelibs/fess/helper/AccessTokenHelper.java new file mode 100644 index 000000000..5a10f8f47 --- /dev/null +++ b/src/main/java/org/codelibs/fess/helper/AccessTokenHelper.java @@ -0,0 +1,51 @@ +/* + * Copyright 2012-2017 CodeLibs Project and the Others. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific language + * governing permissions and limitations under the License. + */ +package org.codelibs.fess.helper; + +import java.security.SecureRandom; +import java.util.Random; + +import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.RandomStringUtils; +import org.codelibs.core.lang.StringUtil; +import org.codelibs.fess.util.ComponentUtil; + +public class AccessTokenHelper { + + protected Random random = new SecureRandom(); + + public String generateAccessToken() { + return RandomStringUtils.random(ComponentUtil.getFessConfig().getApiAccessTokenLengthAsInteger().intValue(), 0, 0, true, true, + null, random); + } + + public String getAccessTokenFromRequest(final HttpServletRequest request) { + final String token = request.getHeader("Authorization"); + if (token != null) { + return token; + } + final String name = ComponentUtil.getFessConfig().getApiAccessTokenRequestParameter(); + if (StringUtil.isBlank(name)) { + return null; + } + return request.getParameter(name); + } + + public void setRandom(final Random random) { + this.random = random; + } +} diff --git a/src/main/java/org/codelibs/fess/helper/SystemHelper.java b/src/main/java/org/codelibs/fess/helper/SystemHelper.java index f3ad0f864..1cf648b20 100644 --- a/src/main/java/org/codelibs/fess/helper/SystemHelper.java +++ b/src/main/java/org/codelibs/fess/helper/SystemHelper.java @@ -24,7 +24,6 @@ import java.net.InetAddress; import java.net.URLEncoder; import java.net.UnknownHostException; import java.nio.file.Files; -import java.security.SecureRandom; import java.time.LocalDateTime; import java.util.ArrayList; import java.util.Date; @@ -33,7 +32,6 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Locale; import java.util.Map; -import java.util.Random; import java.util.UUID; import java.util.concurrent.ExecutionException; import java.util.concurrent.TimeUnit; @@ -45,7 +43,6 @@ import javax.annotation.PreDestroy; import javax.servlet.ServletContext; import org.apache.commons.lang3.LocaleUtils; -import org.apache.commons.lang3.RandomStringUtils; import org.apache.commons.lang3.StringUtils; import org.codelibs.core.lang.StringUtil; import org.codelibs.core.misc.Pair; @@ -86,8 +83,6 @@ public class SystemHelper { protected List shutdownHookList = new ArrayList<>(); - protected Random random = new SecureRandom(); - protected AtomicInteger previousClusterState = new AtomicInteger(0); @PostConstruct @@ -374,15 +369,6 @@ public class SystemHelper { return buf.toString(); } - public String generateAccessToken() { - return RandomStringUtils.random(ComponentUtil.getFessConfig().getApiAccessTokenLengthAsInteger().intValue(), 0, 0, true, true, - null, random); - } - - public void setRandom(final Random random) { - this.random = random; - } - public boolean isChangedClusterState(final int status) { return previousClusterState.getAndSet(status) != status; } diff --git a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java index a655c572c..595932942 100644 --- a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java +++ b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java @@ -151,6 +151,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction /** The key of the configuration. e.g. false */ String API_ACCESS_TOKEN_REQUIRED = "api.access.token.required"; + /** The key of the configuration. e.g. */ + String API_ACCESS_TOKEN_REQUEST_PARAMETER = "api.access.token.request.parameter"; + /** The key of the configuration. e.g. Radmin-api */ String API_ADMIN_ACCESS_PERMISSIONS = "api.admin.access.permissions"; @@ -1599,6 +1602,21 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction */ boolean isApiAccessTokenRequired(); + /** + * Get the value for the key 'api.access.token.request.parameter'.
+ * The value is, e.g.
+ * @return The value of found property. (NotNull: if not found, exception but basically no way) + */ + String getApiAccessTokenRequestParameter(); + + /** + * Get the value for the key 'api.access.token.request.parameter' as {@link Integer}.
+ * The value is, e.g.
+ * @return The value of found property. (NotNull: if not found, exception but basically no way) + * @throws NumberFormatException When the property is not integer. + */ + Integer getApiAccessTokenRequestParameterAsInteger(); + /** * Get the value for the key 'api.admin.access.permissions'.
* The value is, e.g. Radmin-api
@@ -5603,6 +5621,14 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction return is(FessConfig.API_ACCESS_TOKEN_REQUIRED); } + public String getApiAccessTokenRequestParameter() { + return get(FessConfig.API_ACCESS_TOKEN_REQUEST_PARAMETER); + } + + public Integer getApiAccessTokenRequestParameterAsInteger() { + return getAsInteger(FessConfig.API_ACCESS_TOKEN_REQUEST_PARAMETER); + } + public String getApiAdminAccessPermissions() { return get(FessConfig.API_ADMIN_ACCESS_PERMISSIONS); } @@ -7717,6 +7743,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction "ar,bg,bn,ca,ckb_IQ,cs,da,de,el,en,en_IE,es,et,eu,fa,fi,fr,gl,gu,he,hi,hr,hu,hy,id,it,ja,ko,lt,lv,mk,ml,nl,no,pa,pl,pt,pt_BR,ro,ru,si,sq,sv,ta,te,th,tl,tr,uk,ur,vi,zh_CN,zh_TW,zh"); defaultMap.put(FessConfig.API_ACCESS_TOKEN_LENGTH, "60"); defaultMap.put(FessConfig.API_ACCESS_TOKEN_REQUIRED, "false"); + defaultMap.put(FessConfig.API_ACCESS_TOKEN_REQUEST_PARAMETER, ""); defaultMap.put(FessConfig.API_ADMIN_ACCESS_PERMISSIONS, "Radmin-api"); defaultMap.put(FessConfig.VIRTUAL_HOST_HEADERS, ""); defaultMap.put(FessConfig.HTTP_PROXY_HOST, ""); diff --git a/src/main/java/org/codelibs/fess/util/ComponentUtil.java b/src/main/java/org/codelibs/fess/util/ComponentUtil.java index 0217b9577..549714d34 100644 --- a/src/main/java/org/codelibs/fess/util/ComponentUtil.java +++ b/src/main/java/org/codelibs/fess/util/ComponentUtil.java @@ -32,6 +32,7 @@ import org.codelibs.fess.dict.DictionaryManager; import org.codelibs.fess.ds.DataStoreFactory; import org.codelibs.fess.es.client.FessEsClient; import org.codelibs.fess.exception.ContainerNotAvailableException; +import org.codelibs.fess.helper.AccessTokenHelper; import org.codelibs.fess.helper.ActivityHelper; import org.codelibs.fess.helper.CrawlingConfigHelper; import org.codelibs.fess.helper.CrawlingInfoHelper; @@ -81,6 +82,8 @@ public final class ComponentUtil { private static final Logger logger = LoggerFactory.getLogger(ComponentUtil.class); + private static final String ACCESS_TOKEN_HELPER = "accessTokenHelper"; + private static final String AUTHENTICATION_MANAGER = "authenticationManager"; private static final String THUMBNAIL_MANAGER = "thumbnailManager"; @@ -414,6 +417,10 @@ public final class ComponentUtil { return getComponent(VIRTUAL_HOST_HELPER); } + public static AccessTokenHelper getAccessTokenHelper() { + return getComponent(ACCESS_TOKEN_HELPER); + } + public static T getComponent(final Class clazz) { try { return SingletonLaContainer.getComponent(clazz); diff --git a/src/main/resources/app.xml b/src/main/resources/app.xml index bf5c050fc..9f020ac2b 100644 --- a/src/main/resources/app.xml +++ b/src/main/resources/app.xml @@ -18,6 +18,8 @@ + + diff --git a/src/main/resources/fess_config.properties b/src/main/resources/fess_config.properties index 3d0e79b3b..385598a45 100644 --- a/src/main/resources/fess_config.properties +++ b/src/main/resources/fess_config.properties @@ -96,6 +96,7 @@ supported.uploaded.files=license.properties supported.languages=ar,bg,bn,ca,ckb_IQ,cs,da,de,el,en,en_IE,es,et,eu,fa,fi,fr,gl,gu,he,hi,hr,hu,hy,id,it,ja,ko,lt,lv,mk,ml,nl,no,pa,pl,pt,pt_BR,ro,ru,si,sq,sv,ta,te,th,tl,tr,uk,ur,vi,zh_CN,zh_TW,zh api.access.token.length=60 api.access.token.required=false +api.access.token.request.parameter= api.admin.access.permissions=Radmin-api # Virtual Host: Host:fess.codelibs.org=fess