Add ReadMe and .gitignore

master
parent 622c63f122
commit 0603002333

69
.gitignore vendored

@ -0,0 +1,69 @@
# ---> Java
# Compiled class file
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
# ---> JetBrains
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff
.idea/
target/
# CMake
cmake-build-*/
# Mongo Explorer plugin
.idea/**/mongoSettings.xml
# File-based project format
*.iws
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
# Editor-based Rest Client
.idea/httpRequests
# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
# Local Deployment scripts
make.sh
dnet-role-management.iml

@ -0,0 +1,115 @@
# Authorization Library
Authorization library is a library that provides a Spring Security process
in order to authorize the endpoints of a service base on OpenAIRE Authorities.
It can be used with two different session strategies, a stateless and
a Redis http session.
## Stateless
In stateless strategy, there is not a session. A filter makes a request
to an "userinfo" endpoint and creates an Authentication base on the response.
The advantage of this method is that it doesn't need any storage to store
user's session, but with the cost of an extra http request per request.
### Usage
#### pom.xml
<dependency>
<groupId>eu.dnetlib</groupId>
<artifactId>uoa-authorization-library</artifactId>
<version>2.1.0</version>
</dependency>
#### Spring Application/Configuration
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
@Import(AuthorizationConfiguration.class)
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
#### Configuration
authorization.security.userInfoUrl = http://<domain>/login-service/userInfo
authorization.security.session=openAIRESession # Default, do not change
## Redis
In Redis strategy, session is stored to a Redis database when a user
authenticates himself through a login service. The disadvantage of
this strategy is that it needs access to the Redis database
where session is stored.
### Usage
#### pom.xml
<dependency>
<groupId>eu.dnetlib</groupId>
<artifactId>uoa-authorization-library</artifactId>
<version>2.1.0</version>
<classifier>redis</classifier>
</dependency>
#### Spring Application/Configuration
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
@Import(AuthorizationConfiguration.class)
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
#### Configuration
authorization.security.domain=<domain-suffix> # e.g openaire.eu
authorization.security.session=openAIRESession # Default, do not change
## Authorize Requests
### Authorization Service
In order to simplify the format of the Authorities, you can use
this spring component to authorize your endpoints. There is also methods to
get user's information.
public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
public final String REGISTERED_USER = "REGISTERED_USER";
/**
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
*/
public String curator(String type) {}
/**
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
*
* Id = EE, EGI, etc
*/
public String manager(String type, String id) { }
/**
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
*
* Id = EE, EGI, etc
*/
public String member(String type, String id)
e.g
@PreAuthorize("hasAnyAuthority("
+ "@AuthorizationService.PORTAL_ADMIN, "
+ "@AuthorizationService.curator(#type), "
+ "@AuthorizationService.manager(#type, #id)) "
+ ")")
@RequestMapping(value = "{type}/{id}", method = RequestMethod.GET)
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {

@ -38,7 +38,7 @@ public class AuthorizationService {
/**
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
* <p>
*
* Id = EE, EGI, etc
*/
public String manager(String type, String id) {
@ -47,7 +47,7 @@ public class AuthorizationService {
/**
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
* <p>
*
* Id = EE, EGI, etc
*/
public String member(String type, String id) {

Loading…
Cancel
Save