Changeset 2225
- Timestamp:
- Apr 25, 2012, 10:42:52 PM (11 years ago)
- Location:
- trunk/grails-app
- Files:
-
- 5 edited
-
domain/dbnp/authentication/SecUser.groovy (modified) (3 diffs)
-
services/api/ApiService.groovy (modified) (3 diffs)
-
views/api/index.gsp (modified) (8 diffs)
-
views/user/edit.gsp (modified) (3 diffs)
-
views/userRegistration/profile.gsp (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/grails-app/domain/dbnp/authentication/SecUser.groovy
r2086 r2225 10 10 String userStatus // shibboleth request header: coin-user-status 11 11 String email 12 String apiKey // api key for clients using the API 12 13 Date dateCreated 14 13 15 boolean shibbolethUser = false 14 16 boolean enabled … … 28 30 voName nullable: true 29 31 userStatus nullable: true 32 apiKey nullable: true, unique: true 30 33 } 31 34 … … 60 63 } 61 64 65 /** 66 * Generate a shared secret for this user 67 * @void 68 */ 69 def beforeInsert = { 70 // generate an apiKey for this user 71 apiKey = UUID.randomUUID().toString() 72 } 73 62 74 /** 63 75 * return the text representation of this user -
trunk/grails-app/services/api/ApiService.groovy
r2224 r2225 25 25 // inject the module communication service 26 26 def moduleCommunicationService 27 28 // the shared secret used to validate api calls29 static final String API_SECRET = "th!s_sH0uld^Pr0bab7y_m0v3_t%_th3_uSeR_d0Ma!n_ins7ead!"30 27 31 28 // transactional … … 72 69 // disable validation check on development and ci 73 70 if (['development', 'ci'].contains(grails.util.GrailsUtil.environment)) { 74 return true71 // return true 75 72 } 76 73 … … 85 82 // generate the validation checksum 86 83 MessageDigest digest = MessageDigest.getInstance("MD5") 87 String validationSum = new BigInteger(1,digest.digest("${token.deviceToken}${token.sequence}${ API_SECRET}".getBytes())).toString(16).padLeft(32,"0")84 String validationSum = new BigInteger(1,digest.digest("${token.deviceToken}${token.sequence}${token.user.apiKey}".getBytes())).toString(16).padLeft(32,"0") 88 85 89 86 // check if the validation confirms -
trunk/grails-app/views/api/index.gsp
r2214 r2225 55 55 <h2>prerequisites</h2> 56 56 <li>a valid username / password with role ROLE_CLIENT (see <a href="#authenticate">authenticate</a>)</li> 57 <li>a shared secret (used to calculate the validation md5 hash)</li> 57 <li>an api key (used to calculate the validation md5 hash. 58 <sec:ifLoggedIn> 59 Get your api key <g:link controller="userRegistration" action="profile">here</g:link> 60 </sec:ifLoggedIn> 61 <sec:ifNotLoggedIn> 62 Login to get your api key 63 </sec:ifNotLoggedIn> 64 )</li> 58 65 <li>a deviceID / clientID (look <a href="https://github.com/4np/UIDevice-with-UniqueIdentifier-for-iOS-5" target="_new">here</a> for iOS)</li> 59 66 … … 66 73 <li><a href="#getMeasurementDataForAssay">getMeasurementDataForAssay</a> - fetch all measurement data for a given assay</li> 67 74 75 <h2>SDK packages</h2> 76 <li><a href="https://github.com/4np/gscf4php" target="_new">PHP</a> - Object Oriented SDK for interacting with GSCF</li> 77 68 78 <a name="authenticate"></a> 69 79 <h1>authenticate</h1> … … 89 99 <p> 90 100 Every subsequent request the client does, needs to contain the validation MD5 hash, which is a MD5 sum of the concatenation of the device token, 91 the request sequence and a shared secret (e.g. <i>md5sum( token + sequence + shared secret)</i> ).<br/>101 the request sequence and the api key (e.g. <i>md5sum( token + sequence + api key )</i> ).<br/> 92 102 <i>Note that in order to be able to successfully authenticate or use the API in general, the user should have the ROLE_CLIENT assigned!</i> 93 103 … … 172 182 <td>string</td> 173 183 <td>-</td> 174 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + shared secret)</td>184 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + api key )</td> 175 185 <td>9ae87836d38d4b86be6aeff93f2b049a</td> 176 186 <td>yes</td> … … 212 222 <td>string</td> 213 223 <td>-</td> 214 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + shared secret)</td>224 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + api key )</td> 215 225 <td>9ae87836d38d4b86be6aeff93f2b049a</td> 216 226 <td>yes</td> … … 260 270 <td>string</td> 261 271 <td>-</td> 262 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + shared secret)</td>272 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + api key )</td> 263 273 <td>9ae87836d38d4b86be6aeff93f2b049a</td> 264 274 <td>yes</td> … … 308 318 <td>string</td> 309 319 <td>-</td> 310 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + shared secret)</td>320 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + api key )</td> 311 321 <td>9ae87836d38d4b86be6aeff93f2b049a</td> 312 322 <td>yes</td> … … 516 526 <td>string</td> 517 527 <td>-</td> 518 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + shared secret)</td>528 <td><a href="http://www.miraclesalad.com/webtools/md5.php" target="_new">md5sum</a>( token + sequence + api key )</td> 519 529 <td>9ae87836d38d4b86be6aeff93f2b049a</td> 520 530 <td>yes</td> -
trunk/grails-app/views/user/edit.gsp
r2084 r2225 3 3 <g:set var="entityName" value="${message(code: 'user.label', default: 'User')}"/> 4 4 <title><g:message code="default.edit.label" args="[entityName]"/></title> 5 6 <script type="text/javascript"> 7 // This method is called on the event body.onLoad 8 $(function() { 9 $("#tabs").tabs(); 10 }); 11 </script> 5 <link rel="stylesheet" href="${resource(dir: 'css', file: 'tipTip.css')}"/> 6 <script type="text/javascript" src="${resource(dir: 'js', file: 'jquery.tipTip.minified.js')}"></script> 7 <script type="text/javascript"> 8 $(document).ready(function() { 9 $(".tooltip").tipTip(); 10 $("#tabs").tabs(); 11 }); 12 </script> 12 13 <style type="text/css"> 13 14 div.usermanagement { … … 45 46 <g:if test="${user.shibbolethUser}"> 46 47 <tr><td>Shibboleth user</td><td>yes</td></tr> 47 <tr><td>Username/Urn</td><td>${user?.username}</td></tr> 48 <tr> 49 <td>API key</td> 50 <td valign="top" class="value"> 51 <g:textField disabled="disabled" name="secret" value="${user.apiKey}" style="width:250px" /> 52 <img src="${fam.icon(name: 'help')}" class="tooltip" title="in order to programmatically interface with gscf, a user needs his api key to communicate with the api. Refer to the api documentation at ${createLink(controller:'api')} for more information about how to use the api and the api key." /> 53 </td> 54 </tr> 55 <tr><td>Username/Urn</td><td>${user?.username}</td></tr> 48 56 <tr><td>Uid</td><td>${user?.uid}</td></tr> 49 57 <tr><td>Email address</td><td><g:textField name="email" value="${user?.email}"/></td></tr> … … 54 62 <g:else> 55 63 <tr><td>Shibboleth user</td><td>no</td></tr> 56 <tr><td>Username</td><td><g:textField name="username" value="${user?.username}"/></td></tr> 64 <tr> 65 <td>API key</td> 66 <td valign="top" class="value"> 67 <g:textField disabled="disabled" name="secret" value="${user.apiKey}" style="width:250px" /> 68 <img src="${fam.icon(name: 'help')}" class="tooltip" title="in order to programmatically interface with gscf, a user needs his api key to communicate with the api. Refer to the api documentation at ${createLink(controller:'api')} for more information about how to use the api and the api key." /> 69 </td> 70 </tr> 71 <tr><td>Username</td><td><g:textField name="username" value="${user?.username}"/></td></tr> 57 72 <tr><td>Password</td><td><g:passwordField name="password" value="${user?.password}"/></td></tr> 58 73 <tr><td>Email address</td><td><g:textField name="email" value="${user?.email}"/></td></tr> -
trunk/grails-app/views/userRegistration/profile.gsp
r2084 r2225 4 4 <meta name="layout" content="main"/> 5 5 <title>User profile</title> 6 <link rel="stylesheet" href="${resource(dir: 'css', file: 'tipTip.css')}"/> 7 <script type="text/javascript" src="${resource(dir: 'js', file: 'jquery.tipTip.minified.js')}"></script> 8 <script type="text/javascript"> 9 $(document).ready(function() { 10 $(".tooltip").tipTip(); 11 }); 12 </script> 6 13 </head> 7 14 … … 22 29 <td>${user.organization}</td> 23 30 </tr> 24 <sec:ifAllGranted roles="ROLE_ADMIN"> 31 <tr> 32 <td>API key</td> 33 <td valign="top" class="value"> 34 <g:textField disabled="disabled" name="secret" value="${user.apiKey}" style="width:250px" /> 35 <img src="${fam.icon(name: 'help')}" class="tooltip" title="in order to programmatically interface with gscf, you need the api key to communicate with the api. Refer to the api documentation at ${createLink(controller:'api')} for more information about how to use the api and the api key." /> 36 </td> 37 </tr> 38 <sec:ifAllGranted roles="ROLE_ADMIN"> 25 39 <tr> 26 40 <td>Administrator</td> … … 46 60 <tbody> 47 61 48 <tr class="prop"> 62 <tr class="prop"> 63 <td valign="top" class="name">API Key</td> 64 <td valign="top" class="value"> 65 <g:textField disabled="disabled" name="secret" value="${user.apiKey}" style="width:250px" /> 66 <img src="${fam.icon(name: 'help')}" class="tooltip" title="in order to programmatically interface with gscf, you need the api key to communicate with the api. Refer to the api documentation at ${createLink(controller:'api')} for more information about how to use the api and the api key." /> 67 </td> 68 </tr> 69 <tr class="prop"> 49 70 <td valign="top" class="name"> 50 71 <label for="username">Username</label>
Note: See TracChangeset
for help on using the changeset viewer.
