From caffffb59a516d3f1c633f4d3050e90ecb1a0dae Mon Sep 17 00:00:00 2001 From: Jee Hyeok Kim Date: Fri, 1 Apr 2016 10:05:25 +0900 Subject: [PATCH] Fix not to issue session if user unauthorized. 1. Check userId and return unauthorized response if cannot find userId 2. Code cleanup Change-Id: I2b0053512f51168e809b2b3320dd5645ff9a4632 Signed-off-by: Jee Hyeok Kim Reviewed-on: https://gerrit.iotivity.org/gerrit/7511 Tested-by: jenkins-iotivity --- .../cloud/accountserver/AccountServer.java | 2 +- .../iotivity/cloud/accountserver/oauth/GitHub.java | 13 +++++--- .../accountserver/resources/AccountResource.java | 3 +- .../accountserver/resources/AuthResource.java | 39 ++++++++++++---------- .../cloud/ciserver/CloudInterfaceServer.java | 3 +- .../cloud/rdserver/ResourceDirectoryServer.java | 2 +- 6 files changed, 35 insertions(+), 27 deletions(-) diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/AccountServer.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/AccountServer.java index 11bec5d..a9d6925 100644 --- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/AccountServer.java +++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/AccountServer.java @@ -61,7 +61,7 @@ public class AccountServer { coapServer .startServer(new InetSocketAddress(Integer.parseInt(args[0]))); - Scanner in = new Scanner(System.in, "UTF8"); + Scanner in = new Scanner(System.in, "UTF-8"); System.out.println("press 'q' to terminate"); diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/GitHub.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/GitHub.java index d44a6dc..e682257 100644 --- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/GitHub.java +++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/oauth/GitHub.java @@ -76,16 +76,21 @@ public class GitHub extends OAuthServer { @Override public String requestGetUserInfo(String accessToken) { - String userInfo = "{}"; + String userInfo = null; + + if (accessToken == null) { + Logger.w("accessToken is null!"); + return null; + } try { OAuthClientRequest request = new OAuthBearerClientRequest( resource_url).setAccessToken(accessToken) - .buildQueryMessage(); + .buildQueryMessage(); - OAuthClient oAuthClient = new OAuthClient( - new URLConnectionClient()); + OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient()); + OAuthResourceResponse resourceResponse = oAuthClient.resource( request, OAuth.HttpMethod.GET, OAuthResourceResponse.class); diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AccountResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AccountResource.java index 23d48a6..bde32bf 100644 --- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AccountResource.java +++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AccountResource.java @@ -216,8 +216,7 @@ public class AccountResource extends Resource { ArrayList deviceList = response.getDeviceList(); responseMap.put(Constants.RESPONSE_DEVICES, deviceList); - JSONUtil jsonUtil = new JSONUtil(); - String responseJson = jsonUtil.writeJSON(responseMap); + String responseJson = JSONUtil.writeJSON(responseMap); return responseJson; } diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AuthResource.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AuthResource.java index 734acb9..a88bcf8 100644 --- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AuthResource.java +++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/AuthResource.java @@ -173,30 +173,37 @@ public class AuthResource extends Resource { if (authCode != null && authServer != null) { userId = oauthServerManager.requestUserId(authCode, authServer); } - String sessionCode = oauthServerManager.registerUserAccount(userId); - - Logger.d("userId: " + userId + ", sessionCode: " + sessionCode); - + CoapMessageBuilder responseMessage = new CoapMessageBuilder(); CoapResponse coapResponse; - if (userId != null && sessionCode != null) { + if (userId != null) { + + String sessionCode = oauthServerManager.registerUserAccount(userId); - ResponseObject response = new ResponseObject(); - response.setSessionCode(sessionCode); - response.setUserId(userId); + Logger.d("userId: " + userId + ", sessionCode: " + sessionCode); - String responseJson = convertRegisterResponseToJson(response); - Logger.d("responseJson: " + responseJson); + if (sessionCode != null) { - coapResponse = responseMessage.buildCoapResponse(request.getToken(), - responseJson, CoapStatus.CREATED); + ResponseObject response = new ResponseObject(); + response.setSessionCode(sessionCode); + response.setUserId(userId); + + String responseJson = convertRegisterResponseToJson(response); + Logger.d("responseJson: " + responseJson); + + coapResponse = responseMessage.buildCoapResponse( + request.getToken(), responseJson, CoapStatus.CREATED); + } + else { + coapResponse = responseMessage.buildCoapResponse(request.getToken(), + CoapStatus.UNAUTHORIZED); + } } else { coapResponse = responseMessage.buildCoapResponse(request.getToken(), CoapStatus.UNAUTHORIZED); - } return coapResponse; @@ -215,8 +222,7 @@ public class AuthResource extends Resource { if (sessionCode != null) responseMap.put(Constants.RESPONSE_SESSION_CODE, sessionCode); - JSONUtil jsonUtil = new JSONUtil(); - String responseJson = jsonUtil.writeJSON(responseMap); + String responseJson = JSONUtil.writeJSON(responseMap); return responseJson; } @@ -230,8 +236,7 @@ public class AuthResource extends Resource { if (userId != null) responseMap.put(Constants.RESPONSE_USER_ID, userId); - JSONUtil jsonUtil = new JSONUtil(); - String responseJson = jsonUtil.writeJSON(responseMap); + String responseJson = JSONUtil.writeJSON(responseMap); return responseJson; } diff --git a/cloud/interface/src/main/java/org/iotivity/cloud/ciserver/CloudInterfaceServer.java b/cloud/interface/src/main/java/org/iotivity/cloud/ciserver/CloudInterfaceServer.java index 75953de..ca6aa00 100644 --- a/cloud/interface/src/main/java/org/iotivity/cloud/ciserver/CloudInterfaceServer.java +++ b/cloud/interface/src/main/java/org/iotivity/cloud/ciserver/CloudInterfaceServer.java @@ -22,7 +22,6 @@ package org.iotivity.cloud.ciserver; import java.net.InetSocketAddress; -import java.nio.charset.StandardCharsets; import java.util.Scanner; import org.iotivity.cloud.base.CoapServer; @@ -89,7 +88,7 @@ public class CloudInterfaceServer { keepAliveResource.startSessionChecker(); - Scanner in = new Scanner(System.in, "UTF8"); + Scanner in = new Scanner(System.in, "UTF-8"); System.out.println("press 'q' to terminate"); diff --git a/cloud/resourcedirectory/src/main/java/org/iotivity/cloud/rdserver/ResourceDirectoryServer.java b/cloud/resourcedirectory/src/main/java/org/iotivity/cloud/rdserver/ResourceDirectoryServer.java index 9b0903e..8f58000 100644 --- a/cloud/resourcedirectory/src/main/java/org/iotivity/cloud/rdserver/ResourceDirectoryServer.java +++ b/cloud/resourcedirectory/src/main/java/org/iotivity/cloud/rdserver/ResourceDirectoryServer.java @@ -55,7 +55,7 @@ public class ResourceDirectoryServer { coapServer .startServer(new InetSocketAddress(Integer.parseInt(args[0]))); - Scanner in = new Scanner(System.in, "UTF8"); + Scanner in = new Scanner(System.in, "UTF-8"); System.out.println("press 'q' to terminate"); -- 2.7.4