View Javadoc
1   package net.sumaris.server.http.graphql.security;
2   
3   /*-
4    * #%L
5    * SUMARiS:: Server
6    * %%
7    * Copyright (C) 2018 SUMARiS Consortium
8    * %%
9    * This program is free software: you can redistribute it and/or modify
10   * it under the terms of the GNU General Public License as
11   * published by the Free Software Foundation, either version 3 of the
12   * License, or (at your option) any later version.
13   * 
14   * This program is distributed in the hope that it will be useful,
15   * but WITHOUT ANY WARRANTY; without even the implied warranty of
16   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17   * GNU General Public License for more details.
18   * 
19   * You should have received a copy of the GNU General Public
20   * License along with this program.  If not, see
21   * <http://www.gnu.org/licenses/gpl-3.0.html>.
22   * #L%
23   */
24  
25  import io.leangen.graphql.annotations.*;
26  import net.sumaris.core.exception.SumarisTechnicalException;
27  import net.sumaris.server.exception.ErrorCodes;
28  import net.sumaris.server.http.security.AuthService;
29  import net.sumaris.server.vo.security.AuthDataVO;
30  import org.slf4j.Logger;
31  import org.slf4j.LoggerFactory;
32  import org.springframework.beans.factory.annotation.Autowired;
33  import org.springframework.stereotype.Service;
34  import org.springframework.transaction.annotation.Transactional;
35  
36  @Service
37  @Transactional
38  public class AuthGraphQLService {
39  
40      private static final Logger log = LoggerFactory.getLogger(AuthGraphQLService.class);
41  
42      @Autowired
43      private AuthService authService;
44  
45      /* -- Authentication -- */
46  
47      @GraphQLQuery(name = "authenticate", description = "Authenticate using a token")
48      public boolean authenticate( @GraphQLArgument(name = "token") String token) {
49          if (!authService.authenticate(token).isPresent()) {
50              log.warn("Invalid authentication token: " + token);
51              //throw new SumarisTechnicalException(ErrorCodes.UNAUTHORIZED, "Invalid authentication token");
52              return false;
53          }
54          return true;
55      }
56  
57      @GraphQLQuery(name = "authChallenge", description = "Ask for a new auth challenge")
58      @Transactional(readOnly = true)
59      public AuthDataVO newAuthChallenge() {
60          return authService.createNewChallenge();
61      }
62  
63  }