TokenManager.java

  1. /*
  2.  * The coLAB project
  3.  * Copyright (C) 2021-2024 AlbaSim, MEI, HEIG-VD, HES-SO
  4.  *
  5.  * Licensed under the MIT License
  6.  */
  7. package ch.colabproject.colab.api.controller.token;

  9. import ch.colabproject.colab.api.Helper;
  10. import ch.colabproject.colab.api.controller.RequestManager;
  11. import ch.colabproject.colab.api.controller.card.CardManager;
  12. import ch.colabproject.colab.api.controller.project.ProjectManager;
  13. import ch.colabproject.colab.api.controller.security.SecurityManager;
  14. import ch.colabproject.colab.api.controller.team.AssignmentManager;
  15. import ch.colabproject.colab.api.controller.team.InstanceMakerManager;
  16. import ch.colabproject.colab.api.controller.team.TeamManager;
  17. import ch.colabproject.colab.api.controller.user.UserManager;
  18. import ch.colabproject.colab.api.model.card.Card;
  19. import ch.colabproject.colab.api.model.project.InstanceMaker;
  20. import ch.colabproject.colab.api.model.project.Project;
  21. import ch.colabproject.colab.api.model.team.TeamMember;
  22. import ch.colabproject.colab.api.model.team.acl.Assignment;
  23. import ch.colabproject.colab.api.model.team.acl.HierarchicalPosition;
  24. import ch.colabproject.colab.api.model.team.acl.InvolvementLevel;
  25. import ch.colabproject.colab.api.model.token.*;
  26. import ch.colabproject.colab.api.model.user.HashMethod;
  27. import ch.colabproject.colab.api.model.user.LocalAccount;
  28. import ch.colabproject.colab.api.model.user.User;
  29. import ch.colabproject.colab.api.persistence.jpa.token.TokenDao;
  30. import ch.colabproject.colab.api.service.smtp.Message;
  31. import ch.colabproject.colab.api.service.smtp.Sendmail;
  32. import ch.colabproject.colab.api.setup.ColabConfiguration;
  33. import ch.colabproject.colab.generator.model.exceptions.HttpErrorMessage;
  34. import ch.colabproject.colab.generator.model.exceptions.MessageI18nKey;
  35. import org.slf4j.Logger;
  36. import org.slf4j.LoggerFactory;

  38. import javax.ejb.LocalBean;
  39. import javax.ejb.Stateless;
  40. import javax.inject.Inject;
  41. import javax.mail.MessagingException;
  42. import java.time.OffsetDateTime;
  43. import java.util.List;
  44. import java.util.Objects;

  46. /**
  47.  * Process tokens
  48.  *
  49.  * @author maxence
  50.  */
  51. @Stateless
  52. @LocalBean
  53. public class TokenManager {

  55.     /** logger */
  56.     private static final Logger logger = LoggerFactory.getLogger(TokenManager.class);

  58.     /**
  59.      * to create team member
  60.      */
  61.     @Inject
  62.     private TeamManager teamManager;

  64.     /**
  65.      * to create instanceMaker
  66.      */
  67.     @Inject
  68.     private InstanceMakerManager instanceMakerManager;

  70.     /**
  71.      * Assignment specific logic
  72.      */
  73.     @Inject
  74.     private AssignmentManager assignmentManager;

  76.     /**
  77.      * User and account specific logic
  78.      */
  79.     @Inject
  80.     private UserManager userManager;

  82.     /**
  83.      * Project specific logic
  84.      */
  85.     @Inject
  86.     private ProjectManager projectManager;

  88.     /**
  89.      * Card specific logic
  90.      */
  91.     @Inject
  92.     private CardManager cardManager;

  94.     /**
  95.      * To check access rights
  96.      */
  97.     @Inject
  98.     private SecurityManager securityManager;

  100.     /**
  101.      * Token persistence
  102.      */
  103.     @Inject
  104.     private TokenDao tokenDao;

  106.     /**
  107.      * Request context
  108.      */
  109.     @Inject
  110.     private RequestManager requestManager;

  112.     /**
  113.      * Persist the token
  114.      *
  115.      * @param token token to persist
  116.      */
  117.     private void persistToken(Token token) {
  118.         logger.debug("persist token {}", token);

  120.         // set something to respect notNull constraints
  121.         // otherwise persist will fail
  122.         // These values will be reset when the e-mail is sent.
  123.         if (token.getHashMethod() == null) {
  124.             token.setHashMethod(Helper.getDefaultHashMethod());
  125.         }
  126.         if (token.getHashedToken() == null) {
  127.             token.setHashedToken(new byte[0]);
  128.         }

  130.         tokenDao.persistToken(token);
  131.     }

  133.     /**
  134.      * Finalize initialization of the token and send it to the recipient.
  135.      * <p>
  136.      * As the plain token is not stored in the database, the token is regenerated in this method.
  137.      *
  138.      * @param token     the token to send
  139.      * @param recipient recipient email address
  140.      *
  141.      * @throws javax.mail.MessagingException if sending the message fails
  142.      */
  143.     public void sendTokenByEmail(EmailableToken token, String recipient) throws MessagingException {
  144.         logger.debug("Send token {} to {}", token, recipient);

  146.         String url = generateNewRandomPlainToken(token);

  148.         String body = token.getEmailBody(url);

  150.         // this log message contains sensitive information (body contains the plain-text token)
  151.         logger.trace("Send token {} to {} with body {}", token, recipient, body);
  152.         Sendmail.send(
  153.             Message.create()
  154.                 .from("noreply@" + ColabConfiguration.getSmtpDomain())
  155.                 .to(recipient)
  156.                 .subject(token.getSubject())
  157.                 .htmlBody(body)
  158.                 .build()
  159.         );
  160.     }

  162.     /**
  163.      * Generate a new random plain token.
  164.      * <p>
  165.      * For security reason, its value is not stored in database. The knowledge is split between
  166.      * hash data that are stored in database and a URL containing the plain token.
  167.      *
  168.      * @param token The token (its values will be changed)
  169.      *
  170.      * @return the URL which enables the token to be consumed
  171.      */
  172.     private String generateNewRandomPlainToken(TokenWithURL token) {
  173.         String plainToken = Helper.generateHexSalt(64);
  174.         HashMethod hashMethod = Helper.getDefaultHashMethod();
  175.         byte[] hashedToken = hashMethod.hash(plainToken, Token.SALT);

  177.         token.setHashMethod(hashMethod);
  178.         token.setHashedToken(hashedToken);

  180.         String baseUrl = requestManager.getBaseUrl();

  182.         return baseUrl + "/#/token/" + token.getId() + "/" + plainToken;
  183.     }

  185.     /**
  186.      * Consume the token
  187.      *
  188.      * @param id         the id of the token to consume
  189.      * @param plainToken the plain secret token as sent by e-mail
  190.      *
  191.      * @return the consumed token
  192.      *
  193.      * @throws HttpErrorMessage notFound if the token does not exist;<br>
  194.      *                          badRequest if token does not match;<br>
  195.      *                          authenticationRequired if token requires authentication but current
  196.      *                          user is not
  197.      */
  198.     public Token consume(Long id, String plainToken) {
  199.         logger.debug("Consume token #{}", id);

  201.         Token token = tokenDao.findToken(id);

  203.         if (token != null) {
  204.             if (token.isAuthenticationRequired() && !requestManager.isAuthenticated()) {
  205.                 logger.debug("Token requires an authenticated user");
  206.                 throw HttpErrorMessage.authenticationRequired();
  207.             } else {
  208.                 if (token.checkHash(plainToken)) {
  209.                     requestManager.sudo(() -> {
  210.                         boolean isConsumed = token.consume(this);

  212.                         if (isConsumed
  213.                             && token.getExpirationPolicy() == ExpirationPolicy.ONE_SHOT) {
  214.                             tokenDao.deleteToken(token);
  215.                         }
  216.                     });
  217.                     return token;
  218.                 } else {
  219.                     logger.debug("Provided plain-token does not match");
  220.                     throw HttpErrorMessage.badRequest();
  221.                 }
  222.             }

  224.         } else {
  225.             logger.debug("There is no token #{}", id);
  226.             throw HttpErrorMessage.notFound();
  227.         }
  228.     }

  230.     ////////////////////////////////////////////////////////////////////////////////////////////////
  231.     // Verify email address
  232.     ////////////////////////////////////////////////////////////////////////////////////////////////

  234.     /**
  235.      * Create or update a validation token.
  236.      * <p>
  237.      * If a validate token already exists for the given account, it will be updated so there is never
  238.      * more than one validation token per localAccount.
  239.      *
  240.      * @param account token owner
  241.      *
  242.      * @return a brand-new token or a refresh
  243.      */
  244.     private VerifyLocalAccountToken getOrCreateVerifyAccountToken(LocalAccount account) {
  245.         logger.debug("getOrCreate VerifyToken for {}", account);
  246.         VerifyLocalAccountToken token = tokenDao.findVerifyTokenByAccount(account);

  248.         if (token == null) {
  249.             logger.debug("no token, create one");
  250.             token = new VerifyLocalAccountToken();
  251.             token.setAuthenticationRequired(false);
  252.             token.setLocalAccount(account);
  253.             persistToken(token);
  254.         }
  255.         // token.setExpirationDate(OffsetDateTime.now().plus(1, ChronoUnit.WEEKS));
  256.         token.setExpirationDate(null);

  258.         return token;
  259.     }

  261.     /**
  262.      * Send a "Please verify your email address" message.
  263.      *
  264.      * @param account      account to verify
  265.      * @param failsOnError if false, silent SMTP error
  266.      *
  267.      * @throws HttpErrorMessage smtpError if there is an SMTP error AND failsOnError is set to true
  268.      *                          messageError if the message contains errors (e.g. malformed
  269.      *                          addresses)
  270.      */
  271.     public void requestEmailAddressVerification(LocalAccount account, boolean failsOnError) {
  272.         try {
  273.             VerifyLocalAccountToken token = this.getOrCreateVerifyAccountToken(account);
  274.             sendTokenByEmail(token, account.getEmail());
  275.         } catch (MessagingException ex) {
  276.             logger.error("Fails to send email address verification email", ex);
  277.             if (failsOnError) {
  278.                 throw HttpErrorMessage.smtpError();
  279.             }
  280.         }
  281.     }

  283.     /**
  284.      * Consume the local account verification token
  285.      *
  286.      * @param account the account related to the token
  287.      *
  288.      * @return true if the token can be consumed
  289.      */
  290.     public boolean consumeVerifyAccountToken(LocalAccount account) {
  291.         userManager.setLocalAccountAsVerified(account);

  293.         return true;
  294.     }

  296.     ////////////////////////////////////////////////////////////////////////////////////////////////
  297.     // RESET PASSWORD
  298.     ////////////////////////////////////////////////////////////////////////////////////////////////

  300.     /**
  301.      * get existing reset password token if it exists or create new one otherwise.
  302.      *
  303.      * @param account token owner
  304.      *
  305.      * @return the token to user
  306.      */
  307.     private ResetLocalAccountPasswordToken getOrCreateResetToken(LocalAccount account) {
  308.         logger.debug("getOrCreate Reset for {}", account);
  309.         ResetLocalAccountPasswordToken token = tokenDao.findResetTokenByAccount(account);

  311.         if (token == null) {
  312.             token = new ResetLocalAccountPasswordToken();
  313.             logger.debug("no token, create one");
  314.             token.setAuthenticationRequired(false);
  315.             token.setLocalAccount(account);
  316.             persistToken(token);
  317.         }
  318.         token.setExpirationDate(OffsetDateTime.now().plusHours(1));

  320.         return token;
  321.     }

  323.     /**
  324.      * Send a "Click here the reset your password" message.
  325.      *
  326.      * @param account      The account whose password is to be reset
  327.      * @param failsOnError if false, silent SMTP error
  328.      *
  329.      * @throws HttpErrorMessage smtpError if there is an SMTP error AND failsOnError is set to true
  330.      *                          messageError if the message contains errors (e.g. malformed
  331.      *                          addresses)
  332.      */
  333.     public void sendResetPasswordToken(LocalAccount account, boolean failsOnError) {
  334.         try {
  335.             logger.debug("Send reset password token to {}", account);
  336.             ResetLocalAccountPasswordToken token = this.getOrCreateResetToken(account);
  337.             sendTokenByEmail(token, account.getEmail());
  338.         } catch (MessagingException ex) {
  339.             logger.error("Failed to send password reset email", ex);
  340.             if (failsOnError) {
  341.                 throw HttpErrorMessage.smtpError();
  342.             }
  343.         }
  344.     }

  346.     /**
  347.      * Consume the given reset password login.
  348.      *
  349.      * @param account the account related to the token
  350.      *
  351.      * @return true if the token can be consumed
  352.      */
  353.     public boolean consumeResetPasswordToken(LocalAccount account) {
  354.         requestManager.login(account);

  356.         return true;
  357.     }

  359.     ////////////////////////////////////////////////////////////////////////////////////////////////
  360.     // Invite a new team member
  361.     ////////////////////////////////////////////////////////////////////////////////////////////////

  363.     /**
  364.      * Send invitation to join the project team to the recipient.
  365.      *
  366.      * @param project   the project to join
  367.      * @param recipient email address to send invitation to
  368.      *
  369.      * @return the pending teamMember of null if none was sent
  370.      */
  371.     public TeamMember sendMembershipInvitation(Project project, String recipient) {
  372.         User currentUser = securityManager.assertAndGetCurrentUser();

  374.         InvitationToken token = tokenDao.findInvitationByProjectAndRecipient(project, recipient);
  375.         if (token == null) {
  376.             // create a member and link it to the project, but do not link it to any user
  377.             // this link will be set during token consumption
  378.             TeamMember newMember = teamManager.addMember(project, null,
  379.                 HierarchicalPosition.INTERNAL);
  380.             token = new InvitationToken();

  382.             token.setTeamMember(newMember);
  383.             // never expire
  384.             token.setExpirationDate(null);
  385.             token.setAuthenticationRequired(Boolean.TRUE);
  386.             token.setRecipient(recipient);

  388.             newMember.setDisplayName(recipient);

  390.             persistToken(token);
  391.         }

  393.         token.setSender(currentUser.getDisplayName());

  395.         try {
  396.             sendTokenByEmail(token, recipient);
  397.         } catch (MessagingException ex) {
  398.             logger.error("Failed to send membership invitation email", ex);
  399.             throw HttpErrorMessage.smtpError();
  400.         }

  402.         return token.getTeamMember();
  403.     }

  405.     /**
  406.      * Delete all invitations linked to the team member
  407.      *
  408.      * @param teamMember the team member for which we delete all invitations
  409.      */
  410.     public void deleteInvitationsByTeamMember(TeamMember teamMember) {
  411.         List<InvitationToken> invitations = tokenDao.findInvitationByTeamMember(teamMember);
  412.         invitations.forEach(token -> tokenDao.deleteToken(token));
  413.     }

  415.     /**
  416.      * Consume the invitation token
  417.      *
  418.      * @param teamMember the team member related to the token
  419.      *
  420.      * @return true if the token can be consumed
  421.      */
  422.     public boolean consumeInvitationToken(TeamMember teamMember) {
  423.         User user = requestManager.getCurrentUser();

  425.         if (user == null) {
  426.             throw HttpErrorMessage.authenticationRequired();
  427.         }

  429.         Project project = teamMember.getProject();

  431.         TeamMember existingTeamMember = teamManager.findMemberByProjectAndUser(project, user);
  432.         if (existingTeamMember != null) {
  433.             throw HttpErrorMessage
  434.                 .tokenProcessingFailure(MessageI18nKey.USER_IS_ALREADY_A_TEAM_MEMBER);
  435.         }

  437.         teamMember.setUser(user);
  438.         teamMember.setDisplayName(null);

  440.         return true;
  441.     }

  443.     ////////////////////////////////////////////////////////////////////////////////////////////////
  444.     // Share a model to someone
  445.     ////////////////////////////////////////////////////////////////////////////////////////////////

  447.     /**
  448.      * Send a model sharing token to register the project as a model to use
  449.      * <p>
  450.      * If the token does not exist yet, create it and link to it a new pending instance maker.
  451.      *
  452.      * @param model     the id of the model
  453.      * @param recipient the address to send the sharing token to
  454.      *
  455.      * @return the pending instance maker
  456.      */
  457.     public InstanceMaker sendModelSharingToken(Project model, String recipient) {
  458.         User currentUser = securityManager.assertAndGetCurrentUser();

  460.         ModelSharingToken token = tokenDao.findModelSharingByProjectAndRecipient(model, recipient);

  462.         if (token == null) {
  463.             // create an instance maker and link it to the project, but do not link it to any user
  464.             // this link will be set during token consumption
  465.             InstanceMaker newInstanceMaker = instanceMakerManager.addAndPersistInstanceMaker(model, null);


  468.             token = new ModelSharingToken();

  470.             token.setInstanceMaker(newInstanceMaker);
  471.             token.setExpirationDate(null);
  472.             token.setAuthenticationRequired(Boolean.TRUE);
  473.             token.setRecipient(recipient);

  475.             newInstanceMaker.setDisplayName(recipient);

  477.             persistToken(token);
  478.         }

  480.         token.setSender(currentUser.getDisplayName());

  482.         try {
  483.             sendTokenByEmail(token, recipient);
  484.         } catch (MessagingException ex) {
  485.             logger.error("Failed to send model sharing email", ex);
  486.             throw HttpErrorMessage.smtpError();
  487.         }

  489.         return token.getInstanceMaker();
  490.     }

  492.     /**
  493.      * Delete all model sharing tokens linked to the instance maker
  494.      *
  495.      * @param instanceMaker the instance maker for which we delete all invitations
  496.      */
  497.     public void deleteModelSharingTokenByInstanceMaker(InstanceMaker instanceMaker) {
  498.         List<ModelSharingToken> tokens = tokenDao.findModelSharingByInstanceMaker(instanceMaker);
  499.         tokens.forEach(token -> tokenDao.deleteToken(token));
  500.     }

  502.     /**
  503.      * Consume the model sharing token
  504.      *
  505.      * @param instanceMaker the instance maker related to the token
  506.      *
  507.      * @return true if the token can be consumed
  508.      */
  509.     public boolean consumeModelSharingToken(InstanceMaker instanceMaker) {
  510.         User user = requestManager.getCurrentUser();

  512.         if (user == null) {
  513.             throw HttpErrorMessage.authenticationRequired();
  514.         }

  516.         Project model = instanceMaker.getProject();

  518.         InstanceMaker existingInstanceMaker = instanceMakerManager
  519.             .findInstanceMakerByProjectAndUser(model, user);
  520.         if (existingInstanceMaker != null) {
  521.             throw HttpErrorMessage.tokenProcessingFailure(
  522.                 MessageI18nKey.CURRENT_USER_CAN_ALREADY_USE_MODEL);
  523.         }

  525.         instanceMaker.setUser(user);
  526.         instanceMaker.setDisplayName(null);

  528.         return true;
  529.     }

  531.     ////////////////////////////////////////////////////////////////////////////////////////////////
  532.     // Share a project card to enable people (not defined who) to edit it
  533.     ////////////////////////////////////////////////////////////////////////////////////////////////

  535.     /**
  536.      * Create a token to share the project.
  537.      *
  538.      * @param project The project that will become visible (mandatory)
  539.      * @param card    The card that will become editable (optional)
  540.      *
  541.      * @return the URL to use to consume the token
  542.      */
  543.     public String generateSharingLinkToken(Project project, Card card) {
  544.         if (project == null) {
  545.             throw HttpErrorMessage.badRequest();
  546.         }

  548.         boolean isCurrentUserInternalToProject = securityManager.isCurrentUserInternalToProject(project);

  550.         if (!isCurrentUserInternalToProject) {
  551.             throw HttpErrorMessage.forbidden();
  552.         }

  554.         if (card != null) {
  555.             boolean canCurrentUserEditCard = securityManager.hasReadWriteAccess(card);

  557.             if (!canCurrentUserEditCard) {
  558.                 throw HttpErrorMessage.forbidden();
  559.             }
  560.         }

  562.         // we never re-use an existing token
  563.         // because when we generate the URL, it changes the hash data and so invalidate existing token.

  565.         SharingLinkToken token = new SharingLinkToken();
  566.         token.setProjectId(project.getId());
  567.         token.setCardId(card != null ? card.getId() : null);
  568.         token.setAuthenticationRequired(Boolean.TRUE);
  569.         token.setExpirationDate(null);
  570.         persistToken(token);

  572.         return generateNewRandomPlainToken(token);
  573.     }

  575.     /**
  576.      * Delete all sharing link tokens for the given project.
  577.      *
  578.      * @param project the project
  579.      */
  580.     public void deleteSharingLinkTokensByProject(Project project) {
  581.         List<SharingLinkToken> sharingLinkTokens = tokenDao.findSharingLinkByProject(project);
  582.         sharingLinkTokens.forEach(token -> tokenDao.deleteToken(token));
  583.     }

  585.     /**
  586.      * Delete all sharing link tokens for the given card.
  587.      *
  588.      * @param card the card
  589.      */
  590.     public void deleteSharingLinkTokensByCard(Card card) {
  591.         List<SharingLinkToken> sharingLinkTokens = tokenDao.findSharingLinkByCard(card);
  592.         sharingLinkTokens.forEach(token -> tokenDao.deleteToken(token));
  593.     }

  595.     /**
  596.      * Consume the token to ensure that the user can view the project and edit the card (if set)
  597.      *
  598.      * @param projectId The id of the project that will become visible (mandatory)
  599.      * @param cardId    The id of the card that will become editable (optional)
  600.      *
  601.      * @return true if it could happen
  602.      */
  603.     public boolean consumeSharingLinkToken(Long projectId, Long cardId) {
  604.         User user = requestManager.getCurrentUser();

  606.         Project project = projectManager.assertAndGetProject(projectId);
  607.         Card card = cardManager.assertAndGetCard(cardId);

  609.         if (user == null) {
  610.             throw HttpErrorMessage.authenticationRequired();
  611.         }

  613.         TeamMember teamMember = teamManager.findMemberByProjectAndUser(project, user);
  614.         if (teamMember == null) {
  615.             teamMember = teamManager.addMember(project, user, HierarchicalPosition.GUEST);
  616.         }

  618.         if (card != null) {
  619.             if (!Objects.equals(card.getProject(), project)) {
  620.                 throw HttpErrorMessage.dataError(MessageI18nKey.DATA_INTEGRITY_FAILURE);
  621.             }

  623.             List<Assignment> assignments =
  624.                     assignmentManager.getAssignmentsForCardAndTeamMember(card, teamMember);

  626.             if (assignments.isEmpty()) {
  627.                 assignmentManager.setAssignment(card.getId(), teamMember.getId(),
  628.                         InvolvementLevel.SUPPORT);
  629.             }
  630.         }

  632.         return true;
  633.     }

  635.     ////////////////////////////////////////////////////////////////////////////////////////////////
  636.     // for each token
  637.     ////////////////////////////////////////////////////////////////////////////////////////////////

  639. //    /**
  640. //     * Delete all invitations linked to the project
  641. //     *
  642. //     * @param project the project for which we delete all tokens
  643. //     */
  644. //    public void deleteTokensByProject(Project project) {
  645. //        List<Token> tokens = tokenDao.findTokensByProject(project);
  646. //        tokens.stream().forEach(token -> tokenDao.deleteToken(token));
  647. //    }

  649.     /**
  650.      * Fetch token with given id from DAO. If it's outdated, it will be destroyed and null will be
  651.      * returned
  652.      *
  653.      * @param id id of the token
  654.      *
  655.      * @return token if it exists and is not outdated, null otherwise
  656.      */
  657.     public Token getNotExpiredToken(Long id) {
  658.         Token token = tokenDao.findToken(id);

  660.         if (token != null && token.isOutdated()) {
  661.             requestManager.sudo(() -> tokenDao.deleteToken(token));
  662.             return null;
  663.         }

  665.         return token;
  666.     }
  667. }
Created with JaCoCo 0.8.8.202204050719