upload current sources

2025-08-16 16:48:54 -07:00
commit 1808624237
20 changed files with 1489 additions and 0 deletions
--- a/src/main/java/dev/alexzaw/fetchapi/AuthenticationService.java
+++ b/src/main/java/dev/alexzaw/fetchapi/AuthenticationService.java
@@ -0,0 +1,86 @@
+package dev.alexzaw.fetchapi;
+
+import com.ibm.as400.access.AS400;
+import java.util.Properties;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import javax.servlet.http.HttpServletRequest;
+
+public class AuthenticationService {
+    private static final Logger logger = Logger.getLogger(AuthenticationService.class.getName());
+    private Properties configProps;
+    private Properties APITokens;
+    
+    public AuthenticationService(Properties configProps, Properties APITokens) {
+        this.configProps = configProps;
+        this.APITokens = APITokens;
+    }
+    
+    public boolean authenticate(HttpServletRequest req) {
+        String userId = req.getParameter("userId");
+        String password = req.getParameter("password");
+        String apiToken = req.getParameter("apiToken");
+
+        if ((userId == null || password == null) && apiToken == null) {
+            logger.warning("No credentials provided");
+            return false;
+        }
+
+        return userId != null && password != null
+            ? authenticateWithCredentials(userId, password)
+            : apiToken != null && validateApiToken(apiToken);
+    }
+
+    public boolean authenticateWithCredentials(String userId, String password) {
+        AS400 system = null;
+        try {
+            system = new AS400(
+                configProps.getProperty("db.server"),
+                userId,
+                password
+            );
+            system.validateSignon();
+            logger.info("User authenticated successfully: " + userId);
+            return true;
+        } catch (Exception e) {
+            logger.log(Level.WARNING, "Authentication failed", e);
+            return false;
+        } finally {
+            if (system != null) {
+                system.disconnectAllServices();
+            }
+        }
+    }
+
+    public boolean validateApiToken(String tokenToValidate) {
+        try {
+            String decodedToken = Utils.decodeBase64(tokenToValidate);
+            String[] parts = decodedToken.split(":");
+
+            if (parts.length != 2) {
+                logger.warning("Invalid token format");
+                return false;
+            }
+
+            String identifier = parts[0];
+            String uuid = parts[1];
+            String validToken = APITokens.getProperty(identifier);
+
+            if (validToken == null || validToken.trim().isEmpty()) {
+                logger.warning("No API token configured for: " + identifier);
+                return false;
+            }
+
+            if (validToken.equals(uuid)) {
+                logger.info("API token validated for: " + identifier);
+                return true;
+            }
+
+            logger.warning("Invalid token attempted for: " + identifier);
+            return false;
+        } catch (Exception e) {
+            logger.log(Level.SEVERE, "Error validating API token", e);
+            return false;
+        }
+    }
+}