diff --git a/authentication-module/src/main/java/net/jami/jams/authmodule/TokenController.java b/authentication-module/src/main/java/net/jami/jams/authmodule/TokenController.java
index 2fa5a3bb4cab431f161371ce5a1b5c344a12fd42..6b2ee493fa0a4dcce899816fc0ccaa7f27e03125 100644
--- a/authentication-module/src/main/java/net/jami/jams/authmodule/TokenController.java
+++ b/authentication-module/src/main/java/net/jami/jams/authmodule/TokenController.java
@@ -29,13 +29,14 @@ import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import net.jami.jams.common.authmodule.AuthTokenResponse;
-import net.jami.jams.common.objects.user.AccessLevel;
import net.jami.jams.common.objects.user.User;
import java.security.PrivateKey;
import java.util.Date;
import java.util.UUID;
+import static net.jami.jams.common.objects.user.AccessLevel.DEVICE;
+
public class TokenController{
private static PrivateKey signingKey;
@@ -44,7 +45,7 @@ public class TokenController{
TokenController.signingKey = signingKey;
}
- public AuthTokenResponse getToken(User user, AccessLevel authScope) {
+ public AuthTokenResponse getToken(User user, String deviceId) {
AuthTokenResponse authTokenResponse = new AuthTokenResponse();
JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build();
JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder()
@@ -56,12 +57,18 @@ public class TokenController{
.notBeforeTime(new Date(System.currentTimeMillis()))
.issueTime(new Date(System.currentTimeMillis()))
.jwtID(UUID.randomUUID().toString());
- if(authScope == null) builder.claim("scope",user.getAccessLevel());
- else builder.claim("scope",authScope);
+ if(deviceId != null){
+ builder.claim("scope",DEVICE);
+ builder.claim("deviceId",deviceId);
+ }
+ else{
+ builder.claim("scope",user.getAccessLevel());
+ }
JWTClaimsSet jwtClaims = builder.build();
SignedJWT signedJWT = new SignedJWT(jwsHeader, jwtClaims);
try {
signedJWT.sign(new RSASSASigner(signingKey));
+ UserAuthenticationModule.datastore.getJwtDao().storeObject(signedJWT);
authTokenResponse.setAccess_token(signedJWT.serialize());
authTokenResponse.setExpires_in(30*60*1000L);
authTokenResponse.setScope(user.getAccessLevel());
diff --git a/authentication-module/src/main/java/net/jami/jams/authmodule/UserAuthenticationModule.java b/authentication-module/src/main/java/net/jami/jams/authmodule/UserAuthenticationModule.java
index 9bc5497bbd9b38f4798c189733c7bb7f447f172b..899feccc1d34512136519ab0be6fbe2dd4dd28e3 100644
--- a/authentication-module/src/main/java/net/jami/jams/authmodule/UserAuthenticationModule.java
+++ b/authentication-module/src/main/java/net/jami/jams/authmodule/UserAuthenticationModule.java
@@ -22,6 +22,8 @@
*/
package net.jami.jams.authmodule;
+import com.nimbusds.jwt.SignedJWT;
+import lombok.NoArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import net.jami.datastore.main.DataStore;
import net.jami.jams.common.authentication.AuthenticationSource;
@@ -64,7 +66,7 @@ public class UserAuthenticationModule implements AuthenticationModule {
private final TokenController tokenController;
private PrivateKey privateKey = null;
private PublicKey publicKey = null;
-
+ //The data storage layer for tokens.
private final ConcurrentHashMap<AuthModuleKey, AuthenticationSource> authenticationSources = new ConcurrentHashMap<>();
@@ -172,14 +174,13 @@ public class UserAuthenticationModule implements AuthenticationModule {
clientCert.verify(ca.getPublicKey());
//Here we need to make a request to the CRL to find out if it has been revoked.
if(crl.getRevokedCertificate(clientCert.getSerialNumber()) != null) return null;
- //If the above cases have passed, then this user is indded valid.
- //This is yet to be confirmed.
String username = clientCert.getSubjectDN().getName();
+ //We need to extract the deviceId from the certificate
StatementList statementList = new StatementList();
StatementElement statementElement = new StatementElement("username","=",username,"");
statementList.addStatement(statementElement);
User user = datastore.getUserDao().getObjects(statementList).get(0);
- return tokenController.getToken(user, AccessLevel.DEVICE);
+ return tokenController.getToken(user,X509Utils.extractDNFromCertificate(clientCert).get("UID"));
}
catch (Exception e){
return null;
@@ -232,4 +233,13 @@ public class UserAuthenticationModule implements AuthenticationModule {
return new char[0];
}
+ @Override
+ public boolean verifyToken(SignedJWT token) {
+ return false;
+ }
+
+ @Override
+ public void deleteToken(SignedJWT token) {
+
+ }
}
diff --git a/datastore/src/main/java/net/jami/datastore/dao/JwtDao.java b/datastore/src/main/java/net/jami/datastore/dao/JwtDao.java
new file mode 100644
index 0000000000000000000000000000000000000000..78cd9661baa24560046f3cc659524b1bc21f745a
--- /dev/null
+++ b/datastore/src/main/java/net/jami/datastore/dao/JwtDao.java
@@ -0,0 +1,69 @@
+package net.jami.datastore.dao;
+
+import com.nimbusds.jwt.SignedJWT;
+import lombok.extern.slf4j.Slf4j;
+import net.jami.datastore.main.DataStore;
+import net.jami.jams.common.dao.StatementList;
+import net.jami.jams.common.dao.connectivity.SQLConnection;
+
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Types;
+import java.util.ArrayList;
+import java.util.List;
+
+@Slf4j
+public class JwtDao extends AbstractDao<SignedJWT> {
+
+ private static final String SQL_STORE_TOKEN = "INSERT INTO tokens (userid,deviceId,token) VALUES (?,?,?)";
+ private static final String SQL_DELETE_TOKEN = "DELETE FROM tokens WHERE userid = ? AND deviceId = ?";
+ private static final String SQL_GET_TOKEN = "SELECT COUNT(token) FROM tokens WHERE token = ?";
+
+ public JwtDao() {
+ SQLConnection connection = DataStore.connectionPool.getConnection();
+ try {
+ this.setTableName("tokens");
+ this.setTClass(SignedJWT.class);
+ String createTable = "CREATE TABLE tokens (" +
+ "userid varchar(255), " +
+ "deviceId varchar(255)," +
+ "token varchar(255)," +
+ "PRIMARY KEY (userid, deviceId))";
+ PreparedStatement ps = connection.getConnection().prepareStatement(createTable);
+ ps.execute();
+ }
+ catch (SQLException e){
+ log.error("Could not create the device table with error " + e.getMessage());
+ }
+ finally {
+ DataStore.connectionPool.returnConnection(connection);
+ }
+ }
+
+
+ @Override
+ public boolean storeObject(SignedJWT object) {
+ //TODO: Implement this.
+ return true;
+ }
+
+ public boolean validateToken(SignedJWT signedJWT){
+ //TODO: Implement this.
+ return true;
+ }
+
+
+ //This method is not needed because we are only concerned with the existence of a token,
+ //we never actually look them up.
+ @Override
+ public List<SignedJWT> getObjects(StatementList constraints) {
+ return null;
+ }
+
+ //TODO: Implement this method.
+ @Override
+ public boolean deleteObject(StatementList delete) {
+ return false;
+ }
+}
diff --git a/datastore/src/main/java/net/jami/datastore/main/DataStore.java b/datastore/src/main/java/net/jami/datastore/main/DataStore.java
index 852cdaeafea5f50450e8183b5342a1c0decf2418..d29529ed544a63947a925e6ccbeb0c0860e640c8 100644
--- a/datastore/src/main/java/net/jami/datastore/main/DataStore.java
+++ b/datastore/src/main/java/net/jami/datastore/main/DataStore.java
@@ -26,6 +26,7 @@ import lombok.Getter;
import lombok.Setter;
import net.jami.datastore.dao.ContactDao;
import net.jami.datastore.dao.DeviceDao;
+import net.jami.datastore.dao.JwtDao;
import net.jami.datastore.dao.SystemDao;
import net.jami.datastore.dao.UserDao;
import net.jami.jams.common.authentication.AuthenticationSource;
@@ -48,6 +49,7 @@ public class DataStore implements AuthenticationSource {
private DeviceDao deviceDao;
private SystemDao systemDao;
private ContactDao contactDao;
+ private JwtDao jwtDao;
//Implicitly connect to debry.
public DataStore(String connectionString) {
@@ -56,6 +58,7 @@ public class DataStore implements AuthenticationSource {
deviceDao = new DeviceDao();
systemDao = new SystemDao();
contactDao = new ContactDao();
+ jwtDao = new JwtDao();
}
public boolean userExists(String username){
diff --git a/jams-ca/src/test/java/net/jami/jams/ca/workers/csr/builders/SystemAccountBuilderTest.java b/jams-ca/src/test/java/net/jami/jams/ca/workers/csr/builders/SystemAccountBuilderTest.java
index 2c9a65a65e3804e6ab9746bdf51d08239e664ab3..9023c1420c51f7ac3ed5c5f804d13d59018c8894 100644
--- a/jams-ca/src/test/java/net/jami/jams/ca/workers/csr/builders/SystemAccountBuilderTest.java
+++ b/jams-ca/src/test/java/net/jami/jams/ca/workers/csr/builders/SystemAccountBuilderTest.java
@@ -42,6 +42,9 @@ import org.junit.jupiter.api.Test;
import java.io.File;
import java.io.InputStream;
import java.math.BigInteger;
+import java.util.HashMap;
+
+import static org.junit.jupiter.api.Assertions.fail;
class SystemAccountBuilderTest {
@@ -94,6 +97,16 @@ class SystemAccountBuilderTest {
device.setCertificationRequest(X509Utils.getCSRFromString(strPkcs10Request));
device = DeviceBuilder.generateDevice(user,device);
Assertions.assertNotNull(device.getCertificate(),"Device certificate was not generated!");
+ //Check that we can decode the rdn.
+ try {
+ HashMap<String,String> data = X509Utils.extractDNFromCertificate(device.getCertificate());
+ Assertions.assertEquals(2,data.size());
+ }
+ catch (Exception e){
+ fail();
+ }
+
+
}
@Test
diff --git a/jams-common/pom.xml b/jams-common/pom.xml
index 0976ef9e5f921ad310f6c531353c7943903b57f0..0f92e87d5b902990434a4ddb5b525440fa5fcbab 100644
--- a/jams-common/pom.xml
+++ b/jams-common/pom.xml
@@ -37,6 +37,12 @@
<artifactId>tomcat-embed-core</artifactId>
<version>${tomcat.version}</version>
</dependency>
+ <dependency>
+ <groupId>com.nimbusds</groupId>
+ <artifactId>nimbus-jose-jwt</artifactId>
+ <version>7.0.1</version>
+ <scope>compile</scope>
+ </dependency>
</dependencies>
diff --git a/jams-common/src/main/java/net/jami/jams/common/authmodule/AuthenticationModule.java b/jams-common/src/main/java/net/jami/jams/common/authmodule/AuthenticationModule.java
index 1ec1d9eb75e447c678aa65007a3e2e25bbd0f5dc..043271ff9a5fa6515fe2f6f5f1b90f6e751136a3 100644
--- a/jams-common/src/main/java/net/jami/jams/common/authmodule/AuthenticationModule.java
+++ b/jams-common/src/main/java/net/jami/jams/common/authmodule/AuthenticationModule.java
@@ -22,6 +22,7 @@
*/
package net.jami.jams.common.authmodule;
+import com.nimbusds.jwt.SignedJWT;
import net.jami.jams.common.authentication.AuthenticationSource;
import net.jami.jams.common.authentication.AuthenticationSourceType;
import net.jami.jams.common.jami.NameServer;
@@ -42,4 +43,7 @@ public interface AuthenticationModule {
boolean createUser(AuthenticationSourceType type, String realm, NameServer nameServer, User user);
RSAPublicKey getAuthModulePubKey();
char[] getOTP(String username);
+ //In both cases, the tokens are signed, we can
+ boolean verifyToken(SignedJWT token);
+ void deleteToken(SignedJWT token);
}
diff --git a/jams-common/src/main/java/net/jami/jams/common/utils/X509Utils.java b/jams-common/src/main/java/net/jami/jams/common/utils/X509Utils.java
index c03588b4db1ca7ac352a89a2abf5287d0464b40f..0cf2653eb3fd1e559c59773688f9d3d8f4571793 100644
--- a/jams-common/src/main/java/net/jami/jams/common/utils/X509Utils.java
+++ b/jams-common/src/main/java/net/jami/jams/common/utils/X509Utils.java
@@ -47,6 +47,7 @@ import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
+import java.util.HashMap;
import java.util.Vector;
@Slf4j
@@ -188,4 +189,13 @@ public class X509Utils {
}
}
+ public static HashMap<String,String> extractDNFromCertificate(X509Certificate certificate) throws Exception{
+ HashMap<String,String> subjectMap = new HashMap<>();
+ LdapName ln = new LdapName(certificate.getSubjectDN().toString());
+ for (Rdn rdn : ln.getRdns()) {
+ subjectMap.put(rdn.getType(),rdn.getValue().toString());
+ }
+ return subjectMap;
+ }
+
}
diff --git a/jams-server/doc/api_data.js b/jams-server/doc/api_data.js
index 599d0b50861479a8121981add8385dce914c7b45..698df5fc0d8ecbdee5db612d55b38b5e9cc051b9 100644
--- a/jams-server/doc/api_data.js
+++ b/jams-server/doc/api_data.js
@@ -638,30 +638,127 @@ define({ "api": [
"description": "<p>the 0Auth authentication token</p>"
}
]
+ }
+ },
+ "error": {
+ "fields": {
+ "403": [
+ {
+ "group": "403",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>The user is unauthorized</p>"
+ }
+ ]
+ }
+ },
+ "filename": "src/main/java/net/jami/jams/server/servlets/LoginServlet.java",
+ "groupTitle": "Login"
+ },
+ {
+ "version": "1.0.0",
+ "type": "get",
+ "url": "/api/nameserver/addr/*",
+ "title": "Lookup user from address",
+ "name": "getAddr",
+ "group": "NameServer",
+ "success": {
+ "fields": {
+ "200": [
+ {
+ "group": "200",
+ "type": "path",
+ "optional": false,
+ "field": "String",
+ "description": "<p>username</p>"
+ }
+ ]
},
"examples": [
{
"title": "Success-Response:",
- "content": "{\n \"token_type\":\"Bearer\",\n \"access_token\":\"JWT representation of the token\",\n \"expires_in\":180000,\n \"scope\":\"USER\"\n}",
+ "content": "{\n \"name\": \"sidokhine6\"\n}",
"type": "json"
}
]
},
"error": {
"fields": {
- "403": [
+ "404": [
{
- "group": "403",
+ "group": "404",
"type": "null",
"optional": false,
"field": "null",
- "description": "<p>The user is unauthorized</p>"
+ "description": "<p>Address does not exist</p>"
+ }
+ ],
+ "500": [
+ {
+ "group": "500",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>could not fetch user information</p>"
}
]
}
},
- "filename": "src/main/java/net/jami/jams/server/servlets/LoginServlet.java",
- "groupTitle": "Login"
+ "filename": "src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java",
+ "groupTitle": "NameServer"
+ },
+ {
+ "version": "1.0.0",
+ "type": "get",
+ "url": "/api/nameserver/name/*",
+ "title": "Look up a user on the nameserver",
+ "name": "getName",
+ "group": "NameServer",
+ "success": {
+ "fields": {
+ "200": [
+ {
+ "group": "200",
+ "type": "path",
+ "optional": false,
+ "field": "String",
+ "description": "<p>username</p>"
+ }
+ ]
+ },
+ "examples": [
+ {
+ "title": "Success-Response:",
+ "content": "{\n \"publickey\": \"\",\n \"signature\": \"\",\n \"name\": \"sidokhine6\",\n \"addr\": \"0d1f0002ce728d6aa8b98b5227c75fc773735f9e\"\n}",
+ "type": "json"
+ }
+ ]
+ },
+ "error": {
+ "fields": {
+ "404": [
+ {
+ "group": "404",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>user does not exist</p>"
+ }
+ ],
+ "500": [
+ {
+ "group": "500",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>could not fetch user information</p>"
+ }
+ ]
+ }
+ },
+ "filename": "src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java",
+ "groupTitle": "NameServer"
},
{
"version": "1.0.0",
diff --git a/jams-server/doc/api_data.json b/jams-server/doc/api_data.json
index 5528687b49798c7a1fb21d343788f2a292197d49..2ca3f2c6b31b0078ef91347d2ce171b710fb946f 100644
--- a/jams-server/doc/api_data.json
+++ b/jams-server/doc/api_data.json
@@ -638,30 +638,127 @@
"description": "<p>the 0Auth authentication token</p>"
}
]
+ }
+ },
+ "error": {
+ "fields": {
+ "403": [
+ {
+ "group": "403",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>The user is unauthorized</p>"
+ }
+ ]
+ }
+ },
+ "filename": "src/main/java/net/jami/jams/server/servlets/LoginServlet.java",
+ "groupTitle": "Login"
+ },
+ {
+ "version": "1.0.0",
+ "type": "get",
+ "url": "/api/nameserver/addr/*",
+ "title": "Lookup user from address",
+ "name": "getAddr",
+ "group": "NameServer",
+ "success": {
+ "fields": {
+ "200": [
+ {
+ "group": "200",
+ "type": "path",
+ "optional": false,
+ "field": "String",
+ "description": "<p>username</p>"
+ }
+ ]
},
"examples": [
{
"title": "Success-Response:",
- "content": "{\n \"token_type\":\"Bearer\",\n \"access_token\":\"JWT representation of the token\",\n \"expires_in\":180000,\n \"scope\":\"USER\"\n}",
+ "content": "{\n \"name\": \"sidokhine6\"\n}",
"type": "json"
}
]
},
"error": {
"fields": {
- "403": [
+ "404": [
{
- "group": "403",
+ "group": "404",
"type": "null",
"optional": false,
"field": "null",
- "description": "<p>The user is unauthorized</p>"
+ "description": "<p>Address does not exist</p>"
+ }
+ ],
+ "500": [
+ {
+ "group": "500",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>could not fetch user information</p>"
}
]
}
},
- "filename": "src/main/java/net/jami/jams/server/servlets/LoginServlet.java",
- "groupTitle": "Login"
+ "filename": "src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java",
+ "groupTitle": "NameServer"
+ },
+ {
+ "version": "1.0.0",
+ "type": "get",
+ "url": "/api/nameserver/name/*",
+ "title": "Look up a user on the nameserver",
+ "name": "getName",
+ "group": "NameServer",
+ "success": {
+ "fields": {
+ "200": [
+ {
+ "group": "200",
+ "type": "path",
+ "optional": false,
+ "field": "String",
+ "description": "<p>username</p>"
+ }
+ ]
+ },
+ "examples": [
+ {
+ "title": "Success-Response:",
+ "content": "{\n \"publickey\": \"\",\n \"signature\": \"\",\n \"name\": \"sidokhine6\",\n \"addr\": \"0d1f0002ce728d6aa8b98b5227c75fc773735f9e\"\n}",
+ "type": "json"
+ }
+ ]
+ },
+ "error": {
+ "fields": {
+ "404": [
+ {
+ "group": "404",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>user does not exist</p>"
+ }
+ ],
+ "500": [
+ {
+ "group": "500",
+ "type": "null",
+ "optional": false,
+ "field": "null",
+ "description": "<p>could not fetch user information</p>"
+ }
+ ]
+ }
+ },
+ "filename": "src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java",
+ "groupTitle": "NameServer"
},
{
"version": "1.0.0",
diff --git a/jams-server/doc/api_project.js b/jams-server/doc/api_project.js
index f6b2dc72e849e0f302a8c602bae1f01a25096b27..2331e5ffa943a848eaad9adfb6e877e520abe766 100644
--- a/jams-server/doc/api_project.js
+++ b/jams-server/doc/api_project.js
@@ -7,7 +7,7 @@ define({
"apidoc": "0.3.0",
"generator": {
"name": "apidoc",
- "time": "2020-06-06T10:01:09.148Z",
+ "time": "2020-06-17T13:00:20.629Z",
"url": "http://apidocjs.com",
"version": "0.23.0"
}
diff --git a/jams-server/doc/api_project.json b/jams-server/doc/api_project.json
index 40efc2f45ea4fa8da409228844a658591905d024..a5c4b40da2623e3da543df26e4e6417caf1c9b11 100644
--- a/jams-server/doc/api_project.json
+++ b/jams-server/doc/api_project.json
@@ -7,7 +7,7 @@
"apidoc": "0.3.0",
"generator": {
"name": "apidoc",
- "time": "2020-06-06T10:01:09.148Z",
+ "time": "2020-06-17T13:00:20.629Z",
"url": "http://apidocjs.com",
"version": "0.23.0"
}
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java
index 35ac6389780ccbcc4f0aa6e6447926a8bf0e3566..c6b1678a3b3971690bf17c149ef6943d3279b466 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/AddressServlet.java
@@ -37,6 +37,21 @@ import static net.jami.jams.server.Server.nameServer;
@WebServlet("/api/nameserver/addr/*")
public class AddressServlet extends HttpServlet {
+ /**
+ * @apiVersion 1.0.0
+ * @api {get} /api/nameserver/addr/* Lookup user from address
+ * @apiName getAddr
+ * @apiGroup NameServer
+ *
+ * @apiSuccess (200) {path} String username
+ * @apiSuccessExample {json} Success-Response:
+ *{
+ * "name": "sidokhine6"
+ * }
+ *
+ * @apiError (404) {null} null Address does not exist
+ * @apiError (500) {null} null could not fetch user information
+ */
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String[] path = req.getServletPath().split("/");
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java
index c46edef94787fd384b63447d1e8800d203acb8e6..7185f2226774b3dba4fdbf0eeef5340e8f2c8111 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/api/jaminameserver/NameServlet.java
@@ -37,6 +37,23 @@ import static net.jami.jams.server.Server.nameServer;
@WebServlet("/api/nameserver/name/*")
public class NameServlet extends HttpServlet {
+ /**
+ * @apiVersion 1.0.0
+ * @api {get} /api/nameserver/name/* Look up a user on the nameserver
+ * @apiName getName
+ * @apiGroup NameServer
+ *
+ * @apiSuccess (200) {path} String username
+ * @apiSuccessExample {json} Success-Response:
+ * {
+ * "publickey": "",
+ * "signature": "",
+ * "name": "sidokhine6",
+ * "addr": "0d1f0002ce728d6aa8b98b5227c75fc773735f9e"
+ * }
+ * @apiError (404) {null} null user does not exist
+ * @apiError (500) {null} null could not fetch user information
+ */
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
NameLookupResponse nameLookupResponse = nameServer.getAddressFromName(req.getPathInfo().replace("/",""));
diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
index 2137763468222a2cbaa88dd0a08743b8d07e4d68..ad034d867e9b5ca67a4257aa5c46a176e800217b 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/filters/ApiFilter.java
@@ -35,12 +35,14 @@ import jakarta.servlet.annotation.WebFilter;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
+import net.jami.jams.common.authmodule.AuthTokenResponse;
import net.jami.jams.common.objects.user.AccessLevel;
import net.jami.jams.server.Server;
import java.io.IOException;
import static net.jami.jams.server.Server.userAuthenticationModule;
+import static net.jami.jams.server.servlets.api.auth.login.AuthRequestProcessor.processUsernamePasswordAuth;
import static net.jami.jams.server.servlets.filters.JWTValidator.verifyValidity;
@WebFilter(urlPatterns = {"/api/auth/*"})
@@ -61,7 +63,13 @@ public class ApiFilter implements Filter {
if (request.getServletPath().contains("login")) {
isLogin = true;
}
- if (request.getHeader("Bearer") != null) {
+ //This is a backward compatibility function to provide the ability for clients to use the
+ //authorization header instead of tokens.
+ if(request.getHeader("authorization") != null){
+ AuthTokenResponse res = processUsernamePasswordAuth(request.getHeader("authorization"));
+ if(res != null) authsuccess = true;
+ }
+ else if (request.getHeader("Bearer") != null) {
SignedJWT signedJWT = null;
try {
JWSVerifier jwsVerifier = new RSASSAVerifier(userAuthenticationModule.getAuthModulePubKey());