From 9ef168a03b75aeca0c2f7dda9ce87d4014c703a9 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 16 Mar 2018 10:46:23 +0300
Subject: merge common projects
---
.../java/com/juick/service/BaseRestService.java | 35 ++++++
.../java/com/juick/service/CrosspostService.java | 78 ++++++++++++
.../main/java/com/juick/service/EmailService.java | 33 +++++
.../main/java/com/juick/service/ImagesService.java | 7 ++
.../java/com/juick/service/ImagesServiceImpl.java | 71 +++++++++++
.../java/com/juick/service/MessagesService.java | 107 ++++++++++++++++
.../java/com/juick/service/MessengerService.java | 14 +++
.../java/com/juick/service/PMQueriesService.java | 45 +++++++
.../com/juick/service/PrivacyQueriesService.java | 34 +++++
.../java/com/juick/service/PushQueriesService.java | 50 ++++++++
.../java/com/juick/service/ShowQueriesService.java | 31 +++++
.../com/juick/service/SubscriptionService.java | 55 ++++++++
.../main/java/com/juick/service/TagService.java | 63 ++++++++++
.../java/com/juick/service/TelegramService.java | 41 ++++++
.../main/java/com/juick/service/UserService.java | 138 +++++++++++++++++++++
.../com/juick/service/search/SearchService.java | 31 +++++
.../security/HashParamAuthenticationFilter.java | 103 +++++++++++++++
.../service/security/JuickUserDetailsService.java | 53 ++++++++
.../NotAuthorizedAuthenticationEntryPoint.java | 36 ++++++
.../service/security/NullUserDetailsService.java | 33 +++++
.../CookieSimpleHashRememberMeServices.java | 130 +++++++++++++++++++
.../RequestParamHashRememberMeServices.java | 88 +++++++++++++
.../juick/service/security/entities/JuickUser.java | 92 ++++++++++++++
23 files changed, 1368 insertions(+)
create mode 100644 juick-common/src/main/java/com/juick/service/BaseRestService.java
create mode 100644 juick-common/src/main/java/com/juick/service/CrosspostService.java
create mode 100644 juick-common/src/main/java/com/juick/service/EmailService.java
create mode 100644 juick-common/src/main/java/com/juick/service/ImagesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/ImagesServiceImpl.java
create mode 100644 juick-common/src/main/java/com/juick/service/MessagesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/MessengerService.java
create mode 100644 juick-common/src/main/java/com/juick/service/PMQueriesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/PrivacyQueriesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/PushQueriesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/ShowQueriesService.java
create mode 100644 juick-common/src/main/java/com/juick/service/SubscriptionService.java
create mode 100644 juick-common/src/main/java/com/juick/service/TagService.java
create mode 100644 juick-common/src/main/java/com/juick/service/TelegramService.java
create mode 100644 juick-common/src/main/java/com/juick/service/UserService.java
create mode 100644 juick-common/src/main/java/com/juick/service/search/SearchService.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/JuickUserDetailsService.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/NotAuthorizedAuthenticationEntryPoint.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/NullUserDetailsService.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
create mode 100644 juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
(limited to 'juick-common/src/main/java/com/juick/service')
diff --git a/juick-common/src/main/java/com/juick/service/BaseRestService.java b/juick-common/src/main/java/com/juick/service/BaseRestService.java
new file mode 100644
index 00000000..13604a89
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/BaseRestService.java
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import org.springframework.web.client.RestTemplate;
+
+/**
+ * Created by vitalyster on 15.12.2016.
+ */
+public abstract class BaseRestService {
+ private RestTemplate rest;
+
+ public BaseRestService(RestTemplate rest) {
+ this.rest = rest;
+ }
+
+ public RestTemplate getRest() {
+ return rest;
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/CrosspostService.java b/juick-common/src/main/java/com/juick/service/CrosspostService.java
new file mode 100644
index 00000000..b82621e5
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/CrosspostService.java
@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.ExternalToken;
+import com.juick.server.helpers.ApplicationStatus;
+import org.apache.commons.lang3.tuple.Pair;
+
+import javax.annotation.Nonnull;
+import java.util.Optional;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface CrosspostService {
+
+ Optional getTwitterToken(int uid);
+
+ boolean deleteTwitterToken(Integer uid);
+
+ Optional> getFacebookTokens(int uid);
+
+ ApplicationStatus getFbCrossPostStatus(int uid);
+
+ boolean enableFBCrosspost(Integer uid);
+
+ void disableFBCrosspost(Integer uid);
+
+ @Nonnull
+ String getTwitterName(int uid);
+
+ String getTelegramName(int uid);
+
+ Optional> getVkTokens(int uid);
+
+ void deleteVKUser(Integer uid);
+
+ int getUIDbyFBID(long fbID);
+
+ boolean createFacebookUser(long fbID, String loginhash, String token, String fbName, String fbLink);
+
+ boolean updateFacebookUser(long fbID, String token, String fbName, String fbLink);
+
+ int getUIDbyVKID(long vkID);
+
+ boolean createVKUser(long vkID, String loginhash, String token, String vkName, String vkLink);
+
+ String getFacebookNameByHash(String hash);
+
+ String getTelegramNameByHash(String hash);
+
+ boolean setFacebookUser(String hash, int uid);
+
+ String getVKNameByHash(String hash);
+
+ boolean setVKUser(String hash, int uid);
+
+ boolean setTelegramUser(String hash, int uid);
+
+ String getJIDByHash(String hash);
+
+ boolean setJIDUser(String hash, int uid);
+}
diff --git a/juick-common/src/main/java/com/juick/service/EmailService.java b/juick-common/src/main/java/com/juick/service/EmailService.java
new file mode 100644
index 00000000..2440bcb4
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/EmailService.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import java.util.List;
+
+/**
+ * Created by vitalyster on 09.12.2016.
+ */
+public interface EmailService {
+ boolean verifyAddressByCode(Integer userId, String code);
+ boolean addVerificationCode(Integer userId, String account, String code);
+ boolean addEmail(Integer userId, String email);
+ boolean deleteEmail(Integer userId, String account);
+ String getNotificationsEmail(Integer userId);
+ boolean setNotificationsEmail(Integer userId, String account);
+ List getEmails(Integer userId, boolean active);
+}
diff --git a/juick-common/src/main/java/com/juick/service/ImagesService.java b/juick-common/src/main/java/com/juick/service/ImagesService.java
new file mode 100644
index 00000000..b5cff16e
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/ImagesService.java
@@ -0,0 +1,7 @@
+package com.juick.service;
+
+import com.juick.Message;
+
+public interface ImagesService {
+ void setAttachmentMetadata(String imgDir, String baseUrl, Message msg) throws Exception;
+}
diff --git a/juick-common/src/main/java/com/juick/service/ImagesServiceImpl.java b/juick-common/src/main/java/com/juick/service/ImagesServiceImpl.java
new file mode 100644
index 00000000..3a5c77dd
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/ImagesServiceImpl.java
@@ -0,0 +1,71 @@
+package com.juick.service;
+
+import com.juick.Attachment;
+import com.juick.Message;
+import com.juick.Photo;
+import com.juick.server.util.ImageUtils;
+import org.springframework.util.StringUtils;
+
+import java.io.File;
+import java.nio.file.Paths;
+
+public class ImagesServiceImpl implements ImagesService {
+ @Override
+ public void setAttachmentMetadata(String imgDir, String baseUrl, Message msg) throws Exception {
+ if (!StringUtils.isEmpty(msg.getAttachmentType())) {
+ Photo photo = new Photo();
+ if (msg.getRid()> 0) {
+ photo.setSmall(String.format("%sphotos-512/%d-%d.%s", baseUrl, msg.getMid(), msg.getRid(), msg.getAttachmentType()));
+ photo.setMedium(String.format("%sphotos-1024/%d-%d.%s", baseUrl, msg.getMid(), msg.getRid(), msg.getAttachmentType()));
+ photo.setThumbnail(String.format("%sps/%d-%d.%s", baseUrl, msg.getMid(), msg.getRid(), msg.getAttachmentType()));
+ } else {
+ photo.setSmall(String.format("%sphotos-512/%d.%s", baseUrl, msg.getMid(), msg.getAttachmentType()));
+ photo.setMedium(String.format("%sphotos-1024/%d.%s", baseUrl, msg.getMid(), msg.getAttachmentType()));
+ photo.setThumbnail(String.format("%sps/%d.%s", baseUrl, msg.getMid(), msg.getAttachmentType()));
+ }
+ msg.setPhoto(photo);
+ String imageName = String.format("%s.%s", msg.getMid(), msg.getAttachmentType());
+ if (msg.getRid() > 0) {
+ imageName = String.format("%s-%s.%s", msg.getMid(), msg.getRid(), msg.getAttachmentType());
+ }
+ File fullImage = Paths.get(imgDir, "p", imageName).toFile();
+ File mediumImage = Paths.get(imgDir, "photos-1024", imageName).toFile();
+ File smallImage = Paths.get(imgDir, "photos-512", imageName).toFile();
+ File thumbnailImage = Paths.get(imgDir, "ps", imageName).toFile();
+ StringBuilder builder = new StringBuilder();
+ builder.append(baseUrl);
+ builder.append(msg.getAttachmentType().equals("mp4") ? "video" : "p");
+ builder.append("/").append(msg.getMid());
+ if (msg.getRid() > 0) {
+ builder.append("-").append(msg.getRid());
+ }
+ builder.append(".").append(msg.getAttachmentType());
+ String originalUrl = builder.toString();
+
+ Attachment original = new Attachment();
+ original.setUrl(originalUrl);
+ original.setHeight(ImageUtils.getImageHeight(fullImage));
+ original.setWidth(ImageUtils.getImageWidth(fullImage));
+
+ Attachment medium = new Attachment();
+ medium.setUrl(photo.getMedium());
+ medium.setWidth(ImageUtils.getImageWidth(mediumImage));
+ medium.setHeight(ImageUtils.getImageHeight(mediumImage));
+ original.setMedium(medium);
+
+ Attachment small = new Attachment();
+ small.setUrl(photo.getSmall());
+ small.setWidth(ImageUtils.getImageWidth(smallImage));
+ small.setHeight(ImageUtils.getImageHeight(smallImage));
+ original.setSmall(small);
+
+ Attachment thumb = new Attachment();
+ thumb.setUrl(photo.getMedium());
+ thumb.setWidth(ImageUtils.getImageWidth(thumbnailImage));
+ thumb.setHeight(ImageUtils.getImageHeight(thumbnailImage));
+ original.setThumbnail(thumb);
+
+ msg.setAttachment(original);
+ }
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/MessagesService.java b/juick-common/src/main/java/com/juick/service/MessagesService.java
new file mode 100644
index 00000000..341175dd
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/MessagesService.java
@@ -0,0 +1,107 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.User;
+import com.juick.server.helpers.ResponseReply;
+
+import java.util.Collection;
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface MessagesService {
+ int createMessage(int uid, String txt, String attachment, Collection tags);
+
+ int createReply(int mid, int rid, int uid, String txt, String attachment);
+
+ int getReplyIDIncrement(int mid);
+
+ boolean recommendMessage(int mid, int vuid);
+
+ boolean canViewThread(int mid, int uid);
+
+ boolean isReadOnly(int mid);
+
+ boolean isSubscribed(int uid, int mid);
+
+ int getMessagePrivacy(int mid);
+
+ com.juick.Message getMessage(int mid);
+
+ com.juick.Message getReply(int mid, int rid);
+
+ User getMessageAuthor(int mid);
+
+ List getMessageRecommendations(int mid);
+
+ List getAll(int visitorUid, int before);
+
+ List getTag(int tid, int visitorUid, int before, int cnt);
+
+ List getTags(String tids, int visitorUid, int before, int cnt);
+
+ List getPlace(int placeId, int visitorUid, int before);
+
+ List getMyFeed(int uid, int before, boolean recommended);
+
+ List getPrivate(int uid, int before);
+
+ List getDiscussions(int uid, Long to);
+
+ List getRecommended(int uid, int before);
+
+ List getPopular(int visitorUid, int before);
+
+ List getPhotos(int visitorUid, int before);
+
+ List getSearch(String search, int before);
+
+ List getUserBlog(int uid, int privacy, int before);
+
+ List getUserTag(int uid, int tid, int privacy, int before);
+
+ List getUserBlogAtDay(int uid, int privacy, int daysback);
+
+ List getUserBlogWithRecommendations(int uid, int privacy, int before);
+
+ List getUserRecommendations(int uid, int before);
+
+ List getUserPhotos(int uid, int privacy, int before);
+
+ List getUserSearch(int UID, String search, int privacy, int before);
+
+ List getMessages(List mids);
+
+ List getReplies(int mid);
+
+ boolean setMessagePopular(int mid, int popular);
+
+ boolean setMessagePrivacy(int mid);
+
+ boolean deleteMessage(int uid, int mid);
+
+ boolean deleteReply(int uid, int mid, int rid);
+
+ List getLastMessages(int hours);
+
+ List getLastReplies(int hours);
+
+ List getPopularCandidates();
+}
diff --git a/juick-common/src/main/java/com/juick/service/MessengerService.java b/juick-common/src/main/java/com/juick/service/MessengerService.java
new file mode 100644
index 00000000..e07c73fe
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/MessengerService.java
@@ -0,0 +1,14 @@
+package com.juick.service;
+
+import com.juick.User;
+
+import java.util.Optional;
+
+public interface MessengerService {
+ Integer getUserId(String senderId);
+ Optional getSenderId(User user);
+ boolean createMessengerUser(String senderId, String displayName);
+ String getDisplayName(String hash);
+ String getSignUpHash(String senderId, String username);
+ boolean linkMessengerUser(String hash, int uid);
+}
diff --git a/juick-common/src/main/java/com/juick/service/PMQueriesService.java b/juick-common/src/main/java/com/juick/service/PMQueriesService.java
new file mode 100644
index 00000000..4c70eece
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/PMQueriesService.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.User;
+
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface PMQueriesService {
+ boolean createPM(int uidFrom, int uid_to, String body);
+
+ boolean addPMinRoster(int uid, String jid);
+
+ boolean removePMinRoster(int uid, String jid);
+
+ boolean havePMinRoster(int uid, String jid);
+
+ String getLastView(int uidFrom, int uidTo);
+
+ List getPMLastConversationsUsers(int uid, int cnt);
+
+ List getPMMessages(int uid, int uidTo);
+
+ List getLastPMInbox(int uid);
+
+ List getLastPMSent(int uid);
+}
diff --git a/juick-common/src/main/java/com/juick/service/PrivacyQueriesService.java b/juick-common/src/main/java/com/juick/service/PrivacyQueriesService.java
new file mode 100644
index 00000000..17dd6a9b
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/PrivacyQueriesService.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.Tag;
+import com.juick.User;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface PrivacyQueriesService {
+ enum PrivacyResult {
+ Removed, Added
+ }
+
+ PrivacyResult blacklistUser(User user, User target);
+
+ PrivacyResult blacklistTag(User user, Tag tag);
+}
diff --git a/juick-common/src/main/java/com/juick/service/PushQueriesService.java b/juick-common/src/main/java/com/juick/service/PushQueriesService.java
new file mode 100644
index 00000000..f84a83e4
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/PushQueriesService.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import java.util.Collection;
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface PushQueriesService {
+ List getGCMRegID(int uid);
+
+ List getGCMTokens(Collection uids);
+
+ boolean addGCMToken(Integer uid, String token);
+
+ boolean deleteGCMToken(String token);
+
+ List getMPNSURL(int uid);
+
+ List getMPNSTokens(Collection uids);
+
+ boolean addMPNSToken(Integer uid, String token);
+
+ boolean deleteMPNSToken(String token);
+
+ List getAPNSToken(int uid);
+
+ List getAPNSTokens(Collection uids);
+
+ boolean addAPNSToken(Integer uid, String token);
+
+ boolean deleteAPNSToken(String token);
+}
diff --git a/juick-common/src/main/java/com/juick/service/ShowQueriesService.java b/juick-common/src/main/java/com/juick/service/ShowQueriesService.java
new file mode 100644
index 00000000..32b34b4e
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/ShowQueriesService.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.User;
+
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface ShowQueriesService {
+ List getRecommendedUsers(User forUser);
+
+ List getTopUsers();
+}
diff --git a/juick-common/src/main/java/com/juick/service/SubscriptionService.java b/juick-common/src/main/java/com/juick/service/SubscriptionService.java
new file mode 100644
index 00000000..47f81415
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/SubscriptionService.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.Tag;
+import com.juick.User;
+import com.juick.server.helpers.NotifyOpts;
+
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface SubscriptionService {
+ List getJIDSubscribedToUser(int uid, boolean friendsonly);
+
+ List getSubscribedUsers(int uid, int mid);
+
+ List getUsersSubscribedToComments(int mid, int ignore_uid);
+
+ List getUsersSubscribedToUserRecommendations(int uid, int mid, int muid);
+
+ boolean subscribeMessage(int mid, int vuid);
+
+ boolean unSubscribeMessage(int mid, int vuid);
+
+ boolean subscribeUser(User user, User toUser);
+
+ boolean unSubscribeUser(User user, User fromUser);
+
+ boolean subscribeTag(User user, Tag toTag);
+
+ boolean unSubscribeTag(User user, Tag toTag);
+
+ List getSubscribedTags(User user);
+
+ NotifyOpts getNotifyOptions(User user);
+
+ boolean setNotifyOptions(User user, NotifyOpts options);
+}
diff --git a/juick-common/src/main/java/com/juick/service/TagService.java b/juick-common/src/main/java/com/juick/service/TagService.java
new file mode 100644
index 00000000..7cd7768f
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/TagService.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.Tag;
+import com.juick.User;
+import com.juick.server.helpers.TagStats;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.stream.Stream;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface TagService {
+ Tag getTag(int tid);
+
+ Tag getTag(String tag, boolean autoCreate);
+
+ List getTags(Stream tags, boolean autoCreate);
+
+ boolean getTagNoIndex(int tagId);
+
+ int createTag(String name);
+
+ List getUserTagStats(int uid);
+
+ List getUserBLTags(int uid);
+
+ List getPopularTags();
+
+ List getTagStats();
+
+ List updateTags(int mid, Collection newTags);
+
+ List fromString(String txt, boolean tagsOnly);
+
+ List getMessageTags(int mid);
+
+ List getMessageTagsIDs(int mid);
+
+ boolean blacklistTag(User user, Tag tag);
+
+ boolean isInBL(User user, Tag tag);
+
+ boolean isSubscribed(User user, Tag tag);
+}
diff --git a/juick-common/src/main/java/com/juick/service/TelegramService.java b/juick-common/src/main/java/com/juick/service/TelegramService.java
new file mode 100644
index 00000000..7786ca9f
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/TelegramService.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.User;
+
+import java.util.List;
+
+/**
+ * Created by vt on 24/11/2016.
+ */
+public interface TelegramService {
+ boolean addChat(Long id);
+
+ boolean deleteChat(Long id);
+
+ List getChats();
+
+ int getUser(long tgId);
+
+ boolean createTelegramUser(long tgID, String tgName);
+
+ boolean deleteTelegramUser(Integer uid);
+
+ List getTelegramIdentifiers(List users);
+}
diff --git a/juick-common/src/main/java/com/juick/service/UserService.java b/juick-common/src/main/java/com/juick/service/UserService.java
new file mode 100644
index 00000000..115c7dfc
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/UserService.java
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service;
+
+import com.juick.User;
+import com.juick.server.helpers.Auth;
+import com.juick.server.helpers.UserInfo;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Optional;
+
+/**
+ * Created by aalexeev on 11/13/16.
+ */
+public interface UserService {
+ enum ActiveStatus {
+ Inactive,
+ Active
+ }
+
+ String getSignUpHashByJID(String jid);
+
+ String getSignUpHashByTelegramID(Long telegramId, String username);
+
+ int createUser(String username, String password);
+
+ Optional getUserByUID(int uid);
+
+ User getUserByName(String username);
+
+ User getFullyUserByName(String username);
+
+ User getUserByEmail(String email);
+
+ List getFullyUsersByNames(Collection usernames);
+
+ User getUserByJID(String jid);
+
+ List getUsersByName(Collection unames);
+
+ List getUsersByID(Collection uids);
+
+ List getJIDsbyUID(int uid);
+
+ int getUIDbyJID(String jid);
+
+ int getUIDbyName(String uname);
+
+ int getUIDbyHash(String hash);
+
+ com.juick.User getUserByHash(String hash);
+
+ String getHashByUID(int uid);
+
+ int getUIDByHttpAuth(String header);
+
+ int checkPassword(String username, String password);
+
+ boolean updatePassword(User user, String newPassword);
+
+ int getUserOptionInt(int uid, String option, int defaultValue);
+
+ int setUserOptionInt(int uid, String option, int value);
+
+ UserInfo getUserInfo(User user);
+
+ boolean updateUserInfo(User user, UserInfo info);
+
+ boolean getCanMedia(int uid);
+
+ boolean isInWL(int uid, int check);
+
+ boolean isInBL(int uid, int check);
+
+ boolean isInBLAny(int uid, int uid2);
+
+ List checkBL(int visitor, Collection uids);
+
+ boolean isSubscribed(int uid, int check);
+
+ List getUserRead(int uid);
+
+ List getUserReadLeastPopular(int uid, int cnt);
+
+ List getUserReaders(int uid);
+
+ List getUserFriends(int uid);
+
+ List getUserBLUsers(int uid);
+
+ boolean linkTwitterAccount(User user, String accessToken, String accessTokenSecret, String screenName);
+
+ int getStatsIRead(int uid);
+
+ int getStatsMyReaders(int uid);
+
+ int getStatsMessages(int uid);
+
+ int getStatsReplies(int uid);
+
+ boolean setActiveStatusForJID(String JID, ActiveStatus jidStatus);
+
+ List getAllJIDs(User user);
+
+ List getAuthCodes(User user);
+
+ List getEmails(User user);
+
+ String getEmailHash(User user);
+
+ int deleteLoginForUser(String name);
+
+ int setLoginForUser(int uid, String loginHash);
+
+ void logout(int uid);
+
+ boolean deleteJID(int uid, String jid);
+
+ boolean unauthJID(int uid, String jid);
+
+ List getActiveJIDs();
+}
diff --git a/juick-common/src/main/java/com/juick/service/search/SearchService.java b/juick-common/src/main/java/com/juick/service/search/SearchService.java
new file mode 100644
index 00000000..b1ea9374
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/search/SearchService.java
@@ -0,0 +1,31 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.search;
+
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/18/16.
+ */
+public interface SearchService {
+ void setMaxResult(int maxResult);
+
+ List searchInAllMessages(String searchString, int messageIdBefore);
+
+ List searchByStringAndUser(String searchString, final int userId, int messageIdBefore);
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
new file mode 100644
index 00000000..b56b98c8
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security;
+
+import com.juick.User;
+import com.juick.service.security.entities.JuickUser;
+import com.juick.service.UserService;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.util.Assert;
+import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by aalexeev on 4/5/17.
+ */
+public class HashParamAuthenticationFilter extends OncePerRequestFilter {
+ public static final String PARAM_NAME = "hash";
+
+ private final UserService userService;
+ private final RememberMeServices rememberMeServices;
+
+
+ public HashParamAuthenticationFilter(
+ final UserService userService,
+ final RememberMeServices rememberMeServices) {
+ Assert.notNull(userService, "userService should not be null");
+ Assert.notNull(rememberMeServices, "rememberMeServices should not be null");
+
+ this.userService = userService;
+ this.rememberMeServices = rememberMeServices;
+ }
+
+ @Override
+ protected void doFilterInternal(
+ HttpServletRequest request,
+ HttpServletResponse response,
+ FilterChain filterChain) throws ServletException, IOException {
+
+ String hash = getHashFromRequest(request);
+
+ if (hash != null && authenticationIsRequired()) {
+ User user = userService.getUserByHash(hash);
+
+ if (!user.isAnonymous()) {
+ User userWithPassword = userService.getFullyUserByName(user.getName());
+ userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
+ Authentication authentication = new RememberMeAuthenticationToken(
+ ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY);
+
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+
+ rememberMeServices.loginSuccess(request, response, authentication);
+ }
+ }
+
+ filterChain.doFilter(request, response);
+ }
+
+ private boolean authenticationIsRequired() {
+ Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
+
+ return existingAuth == null ||
+ !existingAuth.isAuthenticated() ||
+ existingAuth instanceof AnonymousAuthenticationToken;
+ }
+
+ private String getHashFromRequest(HttpServletRequest request) {
+ String paramHash = request.getParameter(PARAM_NAME);
+ Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME);
+
+ if (paramHash == null && cookieHash != null) {
+ return cookieHash.getValue();
+ }
+ return paramHash;
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/JuickUserDetailsService.java b/juick-common/src/main/java/com/juick/service/security/JuickUserDetailsService.java
new file mode 100644
index 00000000..f6ae8909
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/JuickUserDetailsService.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security;
+
+import com.juick.service.UserService;
+import com.juick.service.security.entities.JuickUser;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.util.Assert;
+
+/**
+ * Created by aalexeev on 11/28/16.
+ */
+public class JuickUserDetailsService implements UserDetailsService {
+ private final UserService userService;
+
+ public JuickUserDetailsService(final UserService userService) {
+ Assert.notNull(userService, "UserService must be initialized");
+ this.userService = userService;
+ }
+
+ @Override
+ public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException {
+ if (StringUtils.isBlank(username))
+ throw new UsernameNotFoundException("Invalid user name " + username);
+
+ com.juick.User user = userService.getFullyUserByName(username);
+
+ if (user != null) {
+ user.setAuthHash(userService.getHashByUID(user.getUid()));
+ return new JuickUser(user);
+ }
+
+ throw new UsernameNotFoundException("The username " + username + " is not found");
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/NotAuthorizedAuthenticationEntryPoint.java b/juick-common/src/main/java/com/juick/service/security/NotAuthorizedAuthenticationEntryPoint.java
new file mode 100644
index 00000000..b9bdcaa9
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/NotAuthorizedAuthenticationEntryPoint.java
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+public class NotAuthorizedAuthenticationEntryPoint implements AuthenticationEntryPoint {
+ @Override
+ public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) {
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/NullUserDetailsService.java b/juick-common/src/main/java/com/juick/service/security/NullUserDetailsService.java
new file mode 100644
index 00000000..91acefa3
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/NullUserDetailsService.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security;
+
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+/**
+ * Created by aalexeev on 11/28/16.
+ */
+public class NullUserDetailsService implements UserDetailsService {
+ @Override
+ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+ throw new UsernameNotFoundException(
+ "loadUserByUsername called for NullUserDetailsService, user " + username + "can not be found");
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
new file mode 100644
index 00000000..a8b956c1
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security.deprecated;
+
+import com.juick.User;
+import com.juick.server.util.HashUtils;
+import com.juick.service.security.entities.JuickUser;
+import com.juick.service.UserService;
+import com.juick.service.security.NullUserDetailsService;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.core.env.Environment;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.security.web.authentication.rememberme.InvalidCookieException;
+import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
+import org.springframework.util.Assert;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Optional;
+
+/**
+ * Created by aalexeev on 11/28/16.
+ *
+ * @deprecated not recommended use for secure reasons
+ */
+@Deprecated
+public class CookieSimpleHashRememberMeServices extends AbstractRememberMeServices implements RememberMeServices {
+ private static final Logger logger = LoggerFactory.getLogger(CookieSimpleHashRememberMeServices.class);
+
+ private static final String COOKIE_PARAM_NAME = "hash";
+
+ private final UserService userService;
+
+ public CookieSimpleHashRememberMeServices(
+ final String key, final UserService userService, final Environment environment) {
+ super(key, new NullUserDetailsService());
+
+ Assert.notNull(userService);
+ Assert.notNull(environment);
+
+ this.userService = userService;
+
+ setCookieName(COOKIE_PARAM_NAME);
+ setCookieDomain(environment.getProperty("web_domain", "localhost"));
+ setAlwaysRemember(true);
+ }
+
+ @Override
+ public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
+ super.logout(request, response, authentication);
+ userService.deleteLoginForUser(authentication.getName());
+ }
+
+ @Override
+ protected void onLoginSuccess(
+ HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) {
+ String username = successfulAuthentication.getName();
+
+ logger.debug("Creating new persistent login for user {}", username);
+
+ try {
+ int uid = userService.getUIDbyName(username);
+
+ Assert.isTrue(uid > 0);
+
+ String hash = HashUtils.generateHash(16);
+
+ userService.setLoginForUser(uid, hash);
+
+ setCookie(new String[]{hash}, getTokenValiditySeconds(), request, response);
+ } catch (Exception e) {
+ logger.error("Failed to save cookies", e);
+ }
+ }
+
+ @Override
+ protected UserDetails processAutoLoginCookie(
+ String[] cookieTokens, HttpServletRequest request, HttpServletResponse response)
+ throws RememberMeAuthenticationException, UsernameNotFoundException {
+ String hash = cookieTokens[0];
+
+ if (StringUtils.isBlank(hash)) {
+ hash = request.getParameter("hash");
+ }
+ if (StringUtils.isBlank(hash)) {
+ throw new InvalidCookieException("Cookie is invalid and hash parameter not found");
+ }
+
+ int uid = userService.getUIDbyHash(hash);
+ if (uid <= 0)
+ throw new UsernameNotFoundException("User not found by hash, cookies" + cookieTokens);
+
+ Optional userOptional = userService.getUserByUID(uid);
+
+ Assert.isTrue(userOptional.isPresent());
+
+ return new JuickUser(userOptional.get());
+ }
+
+ @Override
+ protected String[] decodeCookie(String cookieValue) throws InvalidCookieException {
+ return new String[]{cookieValue};
+ }
+
+ @Override
+ protected String encodeCookie(String[] cookieTokens) {
+ return cookieTokens != null && cookieTokens.length > 0 ? cookieTokens[0] : StringUtils.EMPTY;
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
new file mode 100644
index 00000000..04794d07
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/deprecated/RequestParamHashRememberMeServices.java
@@ -0,0 +1,88 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security.deprecated;
+
+import com.juick.User;
+import com.juick.service.security.entities.JuickUser;
+import com.juick.service.UserService;
+import com.juick.service.security.NullUserDetailsService;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationException;
+import org.springframework.util.Assert;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Created by aalexeev on 11/30/16.
+ *
+ * @deprecated for security reasons
+ */
+@Deprecated
+public class RequestParamHashRememberMeServices extends AbstractRememberMeServices implements RememberMeServices {
+ private static final String PARAM_NAME = "hash";
+
+ private final UserService userService;
+
+ public RequestParamHashRememberMeServices(String key, UserService userService) {
+ super(key, new NullUserDetailsService());
+
+ Assert.notNull(userService);
+ this.userService = userService;
+ setAlwaysRemember(false);
+ }
+
+ @Override
+ protected void onLoginSuccess(HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) {
+ // do nothing
+ }
+
+ @Override
+ protected boolean rememberMeRequested(HttpServletRequest request, String parameter) {
+ return false; // always false
+ }
+
+ @Override
+ protected void cancelCookie(HttpServletRequest request, HttpServletResponse response) {
+ // do nothing
+ }
+
+ @Override
+ protected String extractRememberMeCookie(HttpServletRequest request) {
+ return PARAM_NAME; // return any not blank value
+ }
+
+ @Override
+ protected UserDetails processAutoLoginCookie(
+ String[] cookieTokens, HttpServletRequest request, HttpServletResponse response)
+ throws RememberMeAuthenticationException, UsernameNotFoundException {
+ String hash = request.getParameter(PARAM_NAME);
+
+ if (StringUtils.isNotBlank(hash)) {
+ User user = userService.getUserByHash(hash);
+ if (user.getUid() > 0)
+ return new JuickUser(user);
+ }
+ throw new UsernameNotFoundException("User not found by hash " + hash);
+ }
+}
diff --git a/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
new file mode 100644
index 00000000..6e72117e
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/entities/JuickUser.java
@@ -0,0 +1,92 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ */
+
+package com.juick.service.security.entities;
+
+import com.juick.User;
+import com.juick.server.helpers.AnonymousUser;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+public class JuickUser implements UserDetails {
+ static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
+ static final GrantedAuthority ROLE_ANONYMOUS = new SimpleGrantedAuthority("ROLE_ANONYMOUS");
+
+ public static final List USER_AUTHORITY = Collections.singletonList(ROLE_USER);
+ public static final List ANONYMOUS_AUTHORITY = Collections.singletonList(ROLE_ANONYMOUS);
+
+ public static final JuickUser ANONYMOUS_USER = new JuickUser(AnonymousUser.INSTANCE, ANONYMOUS_AUTHORITY);
+
+ private final com.juick.User user;
+ private final Collection extends GrantedAuthority> authorities;
+
+ public JuickUser(com.juick.User user) {
+ this(user, USER_AUTHORITY);
+ }
+
+ public JuickUser(com.juick.User user, Collection extends GrantedAuthority> authorities) {
+ this.user = user;
+ this.authorities = authorities;
+ }
+
+ @Override
+ public Collection extends GrantedAuthority> getAuthorities() {
+ return authorities;
+ }
+
+ @Override
+ public String getPassword() {
+ return "{noop}" + user.getCredentials();
+ }
+
+ @Override
+ public String getUsername() {
+ return user.getName();
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return true;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return !user.isBanned();
+ }
+
+ public User getUser() {
+ return user;
+ }
+}
--
cgit v1.2.3