tsai
/
thingsboard
mirror of https://github.com/thingsboard/thingsboard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

API to get the list of available 2FA providers for user

pull/6235/head
Viacheslav Klimov 4 years ago
parent
e29be2bded
commit
812e3490a6
1 changed files with 24 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 32
      application/src/main/java/org/thingsboard/server/controller/TwoFactorAuthConfigController.java

32
application/src/main/java/org/thingsboard/server/controller/TwoFactorAuthConfigController.java
View File

@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RestController;
import org.thingsboard.common.util.JacksonUtil; import org.thingsboard.common.util.JacksonUtil;
import org.thingsboard.server.common.data.exception.ThingsboardErrorCode; import org.thingsboard.server.common.data.exception.ThingsboardErrorCode;
import org.thingsboard.server.common.data.exception.ThingsboardException; import org.thingsboard.server.common.data.exception.ThingsboardException;
import org.thingsboard.server.common.data.security.model.mfa.provider.TwoFactorAuthProviderConfig;
import org.thingsboard.server.queue.util.TbCoreComponent; import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.security.auth.mfa.TwoFactorAuthService; import org.thingsboard.server.service.security.auth.mfa.TwoFactorAuthService;
import org.thingsboard.server.service.security.auth.mfa.config.TwoFactorAuthConfigManager; import org.thingsboard.server.service.security.auth.mfa.config.TwoFactorAuthConfigManager;
@ -46,6 +47,10 @@ import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid; import javax.validation.Valid;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import static org.thingsboard.server.controller.ControllerConstants.NEW_LINE; import static org.thingsboard.server.controller.ControllerConstants.NEW_LINE;
@RestController @RestController
@ -63,15 +68,15 @@ public class TwoFactorAuthConfigController extends BaseController {
"or if a provider for previously set up account config is not now configured." + NEW_LINE + "or if a provider for previously set up account config is not now configured." + NEW_LINE +
ControllerConstants.AVAILABLE_FOR_ANY_AUTHORIZED_USER + NEW_LINE + ControllerConstants.AVAILABLE_FOR_ANY_AUTHORIZED_USER + NEW_LINE +
"Response example for TOTP 2FA: " + NEW_LINE + "Response example for TOTP 2FA: " + NEW_LINE +
"{\n" + "```\n{\n" +
" \"providerType\": \"TOTP\",\n" + " \"providerType\": \"TOTP\",\n" +
" \"authUrl\": \"otpauth://totp/ThingsBoard:tenant@thingsboard.org?issuer=ThingsBoard&secret=FUNBIM3CXFNNGQR6ZIPVWHP65PPFWDII\"\n" + " \"authUrl\": \"otpauth://totp/ThingsBoard:tenant@thingsboard.org?issuer=ThingsBoard&secret=FUNBIM3CXFNNGQR6ZIPVWHP65PPFWDII\"\n" +
"}" + NEW_LINE + "}\n```" + NEW_LINE +
"Response example for SMS 2FA: " + NEW_LINE + "Response example for SMS 2FA: " + NEW_LINE +
"{\n" + "```\n{\n" +
" \"providerType\": \"SMS\",\n" + " \"providerType\": \"SMS\",\n" +
" \"phoneNumber\": \"+380505005050\"\n" + " \"phoneNumber\": \"+380505005050\"\n" +
"}") "}\n```")
@GetMapping("/account/config") @GetMapping("/account/config")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')") @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
public TwoFactorAuthAccountConfig getTwoFaAccountConfig() throws ThingsboardException { public TwoFactorAuthAccountConfig getTwoFaAccountConfig() throws ThingsboardException {
@ -79,6 +84,17 @@ public class TwoFactorAuthConfigController extends BaseController {
return twoFactorAuthConfigManager.getTwoFaAccountConfig(user.getTenantId(), user.getId()).orElse(null); return twoFactorAuthConfigManager.getTwoFaAccountConfig(user.getTenantId(), user.getId()).orElse(null);
} }
@GetMapping("/providers")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
public List<TwoFactorAuthProviderType> getAvailableTwoFaProviders() throws ThingsboardException {
return twoFactorAuthConfigManager.getTwoFaSettings(getTenantId(), true)
.map(TwoFactorAuthSettings::getProviders).orElse(Collections.emptyList()).stream()
.map(TwoFactorAuthProviderConfig::getProviderType)
.collect(Collectors.toList());
}
@ApiOperation(value = "Generate 2FA account config (generateTwoFaAccountConfig)", @ApiOperation(value = "Generate 2FA account config (generateTwoFaAccountConfig)",
notes = "Generate new 2FA account config for specified provider type. " + notes = "Generate new 2FA account config for specified provider type. " +
"This method is only useful for TOTP 2FA, as there is nothing to generate for other provider types. " + "This method is only useful for TOTP 2FA, as there is nothing to generate for other provider types. " +
@ -89,15 +105,15 @@ public class TwoFactorAuthConfigController extends BaseController {
"Will throw an error (Bad Request) if the provider is not configured for usage. " + "Will throw an error (Bad Request) if the provider is not configured for usage. " +
ControllerConstants.AVAILABLE_FOR_ANY_AUTHORIZED_USER + NEW_LINE + ControllerConstants.AVAILABLE_FOR_ANY_AUTHORIZED_USER + NEW_LINE +
"Example of a generated account config for TOTP 2FA: " + NEW_LINE + "Example of a generated account config for TOTP 2FA: " + NEW_LINE +
"{\n" + "```\n{\n" +
" \"providerType\": \"TOTP\",\n" + " \"providerType\": \"TOTP\",\n" +
" \"authUrl\": \"otpauth://totp/ThingsBoard:tenant@thingsboard.org?issuer=ThingsBoard&secret=FUNBIM3CXFNNGQR6ZIPVWHP65PPFWDII\"\n" + " \"authUrl\": \"otpauth://totp/ThingsBoard:tenant@thingsboard.org?issuer=ThingsBoard&secret=FUNBIM3CXFNNGQR6ZIPVWHP65PPFWDII\"\n" +
"}" + NEW_LINE + "}\n```" + NEW_LINE +
"For SMS provider type it will return something like: " + NEW_LINE + "For SMS provider type it will return something like: " + NEW_LINE +
"{\n" + "```\n{\n" +
" \"providerType\": \"SMS\",\n" + " \"providerType\": \"SMS\",\n" +
" \"phoneNumber\": null\n" + " \"phoneNumber\": null\n" +
"}") "}\n```")
@PostMapping("/account/config/generate") @PostMapping("/account/config/generate")
@PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')") @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN', 'CUSTOMER_USER')")
public TwoFactorAuthAccountConfig generateTwoFaAccountConfig(@ApiParam(value = "2FA provider type to generate new account config for", defaultValue = "TOTP", required = true) public TwoFactorAuthAccountConfig generateTwoFaAccountConfig(@ApiParam(value = "2FA provider type to generate new account config for", defaultValue = "TOTP", required = true)

Write Preview
Loading…
Cancel
Save