Compare commits
34 Commits
authorizat
...
master
|
@ -0,0 +1,69 @@
|
||||||
|
# ---> Java
|
||||||
|
# Compiled class file
|
||||||
|
*.class
|
||||||
|
|
||||||
|
# Log file
|
||||||
|
*.log
|
||||||
|
|
||||||
|
# BlueJ files
|
||||||
|
*.ctxt
|
||||||
|
|
||||||
|
# Mobile Tools for Java (J2ME)
|
||||||
|
.mtj.tmp/
|
||||||
|
|
||||||
|
# Package Files #
|
||||||
|
*.jar
|
||||||
|
*.war
|
||||||
|
*.nar
|
||||||
|
*.ear
|
||||||
|
*.zip
|
||||||
|
*.tar.gz
|
||||||
|
*.rar
|
||||||
|
|
||||||
|
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
|
||||||
|
hs_err_pid*
|
||||||
|
|
||||||
|
# ---> JetBrains
|
||||||
|
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
|
||||||
|
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
|
||||||
|
|
||||||
|
# User-specific stuff
|
||||||
|
.idea/
|
||||||
|
target/
|
||||||
|
|
||||||
|
# CMake
|
||||||
|
cmake-build-*/
|
||||||
|
|
||||||
|
# Mongo Explorer plugin
|
||||||
|
.idea/**/mongoSettings.xml
|
||||||
|
|
||||||
|
# File-based project format
|
||||||
|
*.iws
|
||||||
|
|
||||||
|
# IntelliJ
|
||||||
|
out/
|
||||||
|
|
||||||
|
# mpeltonen/sbt-idea plugin
|
||||||
|
.idea_modules/
|
||||||
|
|
||||||
|
# JIRA plugin
|
||||||
|
atlassian-ide-plugin.xml
|
||||||
|
|
||||||
|
# Cursive Clojure plugin
|
||||||
|
.idea/replstate.xml
|
||||||
|
|
||||||
|
# Crashlytics plugin (for Android Studio and IntelliJ)
|
||||||
|
com_crashlytics_export_strings.xml
|
||||||
|
crashlytics.properties
|
||||||
|
crashlytics-build.properties
|
||||||
|
fabric.properties
|
||||||
|
|
||||||
|
# Editor-based Rest Client
|
||||||
|
.idea/httpRequests
|
||||||
|
|
||||||
|
# Android studio 3.1+ serialized cache file
|
||||||
|
.idea/caches/build_file_checksums.ser
|
||||||
|
|
||||||
|
# Local Deployment scripts
|
||||||
|
make.sh
|
||||||
|
dnet-role-management.iml
|
|
@ -0,0 +1,152 @@
|
||||||
|
# Authorization Library
|
||||||
|
|
||||||
|
Authorization library is a library that provides a Spring Security (4.x.x) process
|
||||||
|
in order to authorize the endpoints of a service base on OpenAIRE Authorities.
|
||||||
|
It can be used with two different session strategies, a stateless and
|
||||||
|
a Redis http session.
|
||||||
|
|
||||||
|
## Stateless
|
||||||
|
|
||||||
|
In stateless strategy, there is not a session. A filter makes a request
|
||||||
|
to an "userinfo" endpoint and creates an Authentication base on the response.
|
||||||
|
The advantage of this method is that it doesn't need any storage to store
|
||||||
|
user's session, but with a cost of an extra http request per request.
|
||||||
|
|
||||||
|
### Usage
|
||||||
|
|
||||||
|
#### pom.xml
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>eu.dnetlib</groupId>
|
||||||
|
<artifactId>uoa-authorization-library</artifactId>
|
||||||
|
<version>2.1.2</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
#### Spring Application/Configuration
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||||
|
|
||||||
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
||||||
|
@Import(AuthorizationConfiguration.class)
|
||||||
|
public class Application {
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(Application.class, args);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#### Configuration
|
||||||
|
|
||||||
|
authorization.security.userInfoUrl = http://<domain>/login-service/userInfo # Required, default ""
|
||||||
|
authorization.security.session=<session-cookie-name> # Default openAIRESession
|
||||||
|
|
||||||
|
## Redis
|
||||||
|
|
||||||
|
In Redis strategy, session is stored to a Redis database when a user
|
||||||
|
authenticates himself through a login service. The disadvantage of
|
||||||
|
this strategy is that it needs access to the Redis database
|
||||||
|
where session is stored.
|
||||||
|
|
||||||
|
### Usage
|
||||||
|
|
||||||
|
#### pom.xml
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>eu.dnetlib</groupId>
|
||||||
|
<artifactId>uoa-authorization-library</artifactId>
|
||||||
|
<version>2.1.2</version>
|
||||||
|
<classifier>redis</classifier>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
#### Spring Application/Configuration
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||||
|
|
||||||
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
||||||
|
@Import(AuthorizationConfiguration.class)
|
||||||
|
public class Application {
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(Application.class, args);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#### Configuration
|
||||||
|
|
||||||
|
authorization.secuirty.redis.host=<redis-ip> # Default localhost
|
||||||
|
authorization.secuirty.redis.port=<redis-port> # Default 6379
|
||||||
|
authorization.secuirty.redis.password=<redis-password> # Default ""
|
||||||
|
authorization.security.domain=<domain-suffix> # e.g openaire.eu
|
||||||
|
authorization.security.session=<session-cookie-name> # Default openAIRESession
|
||||||
|
|
||||||
|
|
||||||
|
## Authorize Requests
|
||||||
|
|
||||||
|
### Authorization Service
|
||||||
|
|
||||||
|
In order to simplify the format of the Authorities, you can use
|
||||||
|
this spring component to authorize your endpoints. There is also methods to
|
||||||
|
get user's information.
|
||||||
|
|
||||||
|
public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
|
||||||
|
public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
|
||||||
|
public final String REGISTERED_USER = "REGISTERED_USER";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
|
||||||
|
*/
|
||||||
|
public String curator(String type) {}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
|
||||||
|
*
|
||||||
|
* Id = EE, EGI, etc
|
||||||
|
*/
|
||||||
|
public String manager(String type, String id) { }
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
|
||||||
|
*
|
||||||
|
* Id = EE, EGI, etc
|
||||||
|
*/
|
||||||
|
public String member(String type, String id)
|
||||||
|
|
||||||
|
e.g
|
||||||
|
|
||||||
|
@PreAuthorize("hasAnyAuthority("
|
||||||
|
+ "@AuthorizationService.PORTAL_ADMIN, "
|
||||||
|
+ "@AuthorizationService.curator(#type), "
|
||||||
|
+ "@AuthorizationService.manager(#type, #id)) "
|
||||||
|
+ ")")
|
||||||
|
@RequestMapping(value = "{type}/{id}", method = RequestMethod.GET)
|
||||||
|
public Entity getEntity(@PathVariable("type") String type, @PathVariable("id") String id) {}
|
||||||
|
|
||||||
|
## Spring Security (5.x.x) - Spring boot (2.x.x)
|
||||||
|
|
||||||
|
Because of MitreID dependency, in order to use this library
|
||||||
|
with redis HttpSession, service has to use spring security (4.x.x).
|
||||||
|
The only way to use this library in a project with spring security 5.x.x
|
||||||
|
is the Stateless strategy with the following modification in Application
|
||||||
|
class:
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.AuthorizationConfiguration;
|
||||||
|
|
||||||
|
@PropertySources({@PropertySource("classpath:authorization.properties")})
|
||||||
|
@Import(AuthorizationConfiguration.class)
|
||||||
|
public class Application {
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
SpringApplication.run(Application.class, args);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public WebMvcConfigurer corsConfigurer() {
|
||||||
|
return new WebMvcConfigurer() {
|
||||||
|
@Override
|
||||||
|
public void addCorsMappings(CorsRegistry registry) {
|
||||||
|
registry.addMapping("/**")
|
||||||
|
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||||
|
.allowedOriginPatterns("*")
|
||||||
|
.allowCredentials(true);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
97
pom.xml
97
pom.xml
|
@ -3,71 +3,88 @@
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<parent>
|
<parent>
|
||||||
<groupId>eu.dnetlib</groupId>
|
<groupId>eu.dnetlib</groupId>
|
||||||
<artifactId>dnet45-parent</artifactId>
|
<artifactId>uoa-spring-boot-parent</artifactId>
|
||||||
<version>1.0.0</version>
|
<version>1.0.0</version>
|
||||||
</parent>
|
</parent>
|
||||||
<artifactId>uoa-authorization-library</artifactId>
|
<artifactId>uoa-authorization-library</artifactId>
|
||||||
<version>2.0.1-SNAPSHOT</version>
|
<version>2.1.5-SNAPSHOT</version>
|
||||||
<packaging>jar</packaging>
|
<packaging>jar</packaging>
|
||||||
<scm>
|
|
||||||
<developerConnection>scm:svn:https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-authorization-library/trunk</developerConnection>
|
|
||||||
</scm>
|
|
||||||
<name>uoa-authorization-library</name>
|
<name>uoa-authorization-library</name>
|
||||||
|
<scm>
|
||||||
|
<developerConnection>scm:git:gitea@code-repo.d4science.org:MaDgIK/authorization-library.git</developerConnection>
|
||||||
|
<tag>HEAD</tag>
|
||||||
|
</scm>
|
||||||
<properties>
|
<properties>
|
||||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
||||||
<java.version>1.8</java.version>
|
|
||||||
<timestampAuthorizationLibrary>${maven.build.timestamp}</timestampAuthorizationLibrary>
|
<timestampAuthorizationLibrary>${maven.build.timestamp}</timestampAuthorizationLibrary>
|
||||||
<maven.build.timestamp.format>E MMM dd HH:mm:ss z yyyy</maven.build.timestamp.format>
|
<maven.build.timestamp.format>E MMM dd HH:mm:ss z yyyy</maven.build.timestamp.format>
|
||||||
</properties>
|
</properties>
|
||||||
<dependencyManagement>
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.boot</groupId>
|
|
||||||
<artifactId>spring-boot-dependencies</artifactId>
|
|
||||||
<version>1.5.8.RELEASE</version>
|
|
||||||
<type>pom</type>
|
|
||||||
<scope>import</scope>
|
|
||||||
</dependency>
|
|
||||||
</dependencies>
|
|
||||||
</dependencyManagement>
|
|
||||||
<dependencies>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.boot</groupId>
|
|
||||||
<artifactId>spring-boot-starter-web</artifactId>
|
|
||||||
<exclusions>
|
|
||||||
<exclusion>
|
|
||||||
<groupId> org.springframework.boot</groupId>
|
|
||||||
<artifactId>spring-boot-starter-logging</artifactId>
|
|
||||||
</exclusion>
|
|
||||||
</exclusions>
|
|
||||||
</dependency>
|
|
||||||
<!-- Starter for using Spring Security -->
|
<!-- Starter for using Spring Security -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-starter-security</artifactId>
|
<artifactId>spring-boot-starter-security</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.google.code.gson</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>gson</artifactId>
|
<artifactId>spring-boot-starter-data-redis</artifactId>
|
||||||
<version>2.8.2</version>
|
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>log4j</groupId>
|
<groupId>org.springframework.session</groupId>
|
||||||
<artifactId>log4j</artifactId>
|
<artifactId>spring-session-data-redis</artifactId>
|
||||||
<version>1.2.17</version>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>biz.paluch.redis</groupId>
|
||||||
|
<artifactId>lettuce</artifactId>
|
||||||
|
<version>4.3.3.Final</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.mitre</groupId>
|
||||||
|
<artifactId>openid-connect-client</artifactId>
|
||||||
|
<version>1.3.0</version>
|
||||||
|
<exclusions>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.bouncycastle</groupId>
|
||||||
|
<artifactId>bcprov-jdk15on</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
<build>
|
<build>
|
||||||
<plugins>
|
<plugins>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-jar-plugin</artifactId>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>default-jar</id>
|
||||||
|
<phase>package</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>jar</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<excludes>
|
||||||
|
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/redis/**</exclude>
|
||||||
|
</excludes>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
<execution>
|
||||||
|
<id>redis</id>
|
||||||
|
<phase>package</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>jar</goal>
|
||||||
|
</goals>
|
||||||
|
<configuration>
|
||||||
|
<classifier>redis</classifier>
|
||||||
|
<excludes>
|
||||||
|
<exclude>**/eu/dnetlib/uoaauthorizationlibrary/stateless/**</exclude>
|
||||||
|
</excludes>
|
||||||
|
</configuration>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
<finalName>uoa-authorization-library</finalName>
|
<finalName>uoa-authorization-library</finalName>
|
||||||
<resources>
|
|
||||||
<resource>
|
|
||||||
<directory>src/main/resources</directory>
|
|
||||||
<filtering>true</filtering>
|
|
||||||
</resource>
|
|
||||||
</resources>
|
|
||||||
</build>
|
</build>
|
||||||
</project>
|
</project>
|
||||||
|
|
|
@ -2,8 +2,24 @@ package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||||
|
|
||||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||||
import org.springframework.context.annotation.*;
|
import org.springframework.context.annotation.*;
|
||||||
|
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableConfigurationProperties({SecurityConfig.class, GlobalVars.class})
|
@EnableConfigurationProperties({SecurityConfig.class, GlobalVars.class})
|
||||||
@ComponentScan(basePackages = { "eu.dnetlib.uoaauthorizationlibrary" })
|
@ComponentScan(basePackages = { "eu.dnetlib.uoaauthorizationlibrary" })
|
||||||
public class AuthorizationConfiguration { }
|
public class AuthorizationConfiguration {
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public WebMvcConfigurer corsConfigurer() {
|
||||||
|
return new WebMvcConfigurerAdapter() {
|
||||||
|
@Override
|
||||||
|
public void addCorsMappings(CorsRegistry registry) {
|
||||||
|
registry.addMapping("/**")
|
||||||
|
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
||||||
|
.allowCredentials(true);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -4,10 +4,11 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
|
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
|
|
||||||
@ConfigurationProperties("authorization.globalVars")
|
@ConfigurationProperties("authorization.global-vars")
|
||||||
public class GlobalVars {
|
public class GlobalVars {
|
||||||
public static Date date = new Date();
|
public static Date date = new Date();
|
||||||
private Date buildDate;
|
private Date buildDate;
|
||||||
|
private String version;
|
||||||
|
|
||||||
public String getBuildDate() {
|
public String getBuildDate() {
|
||||||
if(buildDate == null) {
|
if(buildDate == null) {
|
||||||
|
@ -19,4 +20,12 @@ public class GlobalVars {
|
||||||
public void setBuildDate(Date buildDate) {
|
public void setBuildDate(Date buildDate) {
|
||||||
this.buildDate = buildDate;
|
this.buildDate = buildDate;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getVersion() {
|
||||||
|
return this.version;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setVersion(String version) {
|
||||||
|
this.version = version;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.security.AuthorizationService;
|
||||||
|
import org.springframework.context.annotation.ComponentScan;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@ComponentScan(
|
||||||
|
basePackageClasses = {AuthorizationService.class}
|
||||||
|
)
|
||||||
|
public class IgnoreSecurityConfiguration {
|
||||||
|
}
|
|
@ -0,0 +1,44 @@
|
||||||
|
package eu.dnetlib.uoaauthorizationlibrary.configuration;
|
||||||
|
|
||||||
|
public class Redis {
|
||||||
|
|
||||||
|
private String host = "localhost";
|
||||||
|
private String port = "6379";
|
||||||
|
private String password;
|
||||||
|
|
||||||
|
public Redis() {
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getHost() {
|
||||||
|
return host;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setHost(String host) {
|
||||||
|
this.host = host;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getPort() {
|
||||||
|
return port;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPort(String port) {
|
||||||
|
this.port = port;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getPassword() {
|
||||||
|
return password;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPassword(String password) {
|
||||||
|
this.password = password;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String toString() {
|
||||||
|
return "Redis{" +
|
||||||
|
"host='" + host + '\'' +
|
||||||
|
", port='" + port + '\'' +
|
||||||
|
", password='" + password + '\'' +
|
||||||
|
'}';
|
||||||
|
}
|
||||||
|
}
|
|
@ -5,7 +5,18 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
@ConfigurationProperties("authorization.security")
|
@ConfigurationProperties("authorization.security")
|
||||||
public class SecurityConfig {
|
public class SecurityConfig {
|
||||||
|
|
||||||
|
private Redis redis = new Redis();
|
||||||
private String userInfoUrl;
|
private String userInfoUrl;
|
||||||
|
private String domain;
|
||||||
|
private String session;
|
||||||
|
|
||||||
|
public Redis getRedis() {
|
||||||
|
return redis;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setRedis(Redis redis) {
|
||||||
|
this.redis = redis;
|
||||||
|
}
|
||||||
|
|
||||||
public String getUserInfoUrl() {
|
public String getUserInfoUrl() {
|
||||||
return userInfoUrl;
|
return userInfoUrl;
|
||||||
|
@ -15,8 +26,19 @@ public class SecurityConfig {
|
||||||
this.userInfoUrl = userInfoUrl;
|
this.userInfoUrl = userInfoUrl;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** @deprecated */
|
public String getDomain() {
|
||||||
public boolean isDeprecated() {
|
return domain;
|
||||||
return userInfoUrl.contains("accessToken");
|
}
|
||||||
|
|
||||||
|
public void setDomain(String domain) {
|
||||||
|
this.domain = domain;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getSession() {
|
||||||
|
return session;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setSession(String session) {
|
||||||
|
this.session = session;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,7 +2,8 @@ package eu.dnetlib.uoaauthorizationlibrary.controllers;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.GlobalVars;
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.GlobalVars;
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||||
import org.apache.log4j.Logger;
|
import org.apache.logging.log4j.LogManager;
|
||||||
|
import org.apache.logging.log4j.Logger;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||||
|
@ -17,7 +18,7 @@ import java.util.Map;
|
||||||
@CrossOrigin(origins = "*")
|
@CrossOrigin(origins = "*")
|
||||||
@RequestMapping("/authorization-library")
|
@RequestMapping("/authorization-library")
|
||||||
public class AuthorizationLibraryCheckDeployController {
|
public class AuthorizationLibraryCheckDeployController {
|
||||||
private final Logger log = Logger.getLogger(this.getClass());
|
private final Logger log = LogManager.getLogger(this.getClass());
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private SecurityConfig securityConfig;
|
private SecurityConfig securityConfig;
|
||||||
|
@ -27,21 +28,27 @@ public class AuthorizationLibraryCheckDeployController {
|
||||||
|
|
||||||
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
|
@RequestMapping(value = {"", "/health_check"}, method = RequestMethod.GET)
|
||||||
public String hello() {
|
public String hello() {
|
||||||
log.debug("Hello from uoa-authorization-service!");
|
log.debug("Hello from uoa-authorization-library!");
|
||||||
return "Hello from uoa-authorization-service!";
|
return "Hello from uoa-authorization-library!";
|
||||||
}
|
}
|
||||||
|
|
||||||
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
@PreAuthorize("hasAnyAuthority(@AuthorizationService.PORTAL_ADMIN)")
|
||||||
@RequestMapping(value = "/health_check/advanced", method = RequestMethod.GET)
|
@RequestMapping(value = "/health_check/advanced", method = RequestMethod.GET)
|
||||||
public Map<String, String> checkEverything() {
|
public Map<String, String> checkEverything() {
|
||||||
Map<String, String> response = new HashMap<>();
|
Map<String, String> response = new HashMap<>();
|
||||||
|
response.put("authorization.security.redis.host", securityConfig.getRedis().getHost());
|
||||||
response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
|
response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
|
||||||
|
response.put("authorization.security.session", securityConfig.getSession());
|
||||||
|
response.put("authorization.security.domain", securityConfig.getDomain());
|
||||||
if(GlobalVars.date != null) {
|
if(GlobalVars.date != null) {
|
||||||
response.put("Date of deploy", GlobalVars.date.toString());
|
response.put("Date of deploy", GlobalVars.date.toString());
|
||||||
}
|
}
|
||||||
if(globalVars.getBuildDate() != null) {
|
if(globalVars.getBuildDate() != null) {
|
||||||
response.put("Date of build", globalVars.getBuildDate());
|
response.put("Date of build", globalVars.getBuildDate());
|
||||||
}
|
}
|
||||||
|
if (globalVars.getVersion() != null) {
|
||||||
|
response.put("Version", globalVars.getVersion());
|
||||||
|
}
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,40 @@
|
||||||
|
package eu.dnetlib.uoaauthorizationlibrary.redis.configuration;
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||||
|
import org.apache.logging.log4j.LogManager;
|
||||||
|
import org.apache.logging.log4j.Logger;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
|
||||||
|
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
|
||||||
|
import org.springframework.session.web.http.CookieSerializer;
|
||||||
|
import org.springframework.session.web.http.DefaultCookieSerializer;
|
||||||
|
|
||||||
|
@EnableRedisHttpSession
|
||||||
|
@Configuration
|
||||||
|
public class RedisConfig {
|
||||||
|
|
||||||
|
private final SecurityConfig securityConfig;
|
||||||
|
private static final Logger logger = LogManager.getLogger(RedisConfig.class);
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
public RedisConfig(SecurityConfig securityConfig) {this.securityConfig = securityConfig;}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public LettuceConnectionFactory connectionFactory() {
|
||||||
|
logger.info(String.format("Redis connection listens to %s:%s ", securityConfig.getRedis().getHost(), securityConfig.getRedis().getPort()));
|
||||||
|
LettuceConnectionFactory factory = new LettuceConnectionFactory(securityConfig.getRedis().getHost(), Integer.parseInt(securityConfig.getRedis().getPort()));
|
||||||
|
if (securityConfig.getRedis().getPassword() != null) factory.setPassword(securityConfig.getRedis().getPassword());
|
||||||
|
return factory;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public CookieSerializer cookieSerializer() {
|
||||||
|
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
|
||||||
|
serializer.setCookieName(securityConfig.getSession());
|
||||||
|
serializer.setCookiePath("/");
|
||||||
|
serializer.setDomainName(securityConfig.getDomain());
|
||||||
|
return serializer;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,20 @@
|
||||||
|
package eu.dnetlib.uoaauthorizationlibrary.redis.security;
|
||||||
|
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||||
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
|
|
||||||
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
|
@EnableWebSecurity
|
||||||
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
http.csrf().disable();
|
||||||
|
http.authorizeRequests().anyRequest().permitAll();
|
||||||
|
http.httpBasic().authenticationEntryPoint(new EntryPoint());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -1,6 +1,7 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||||
|
|
||||||
import org.apache.log4j.Logger;
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
@ -11,7 +12,6 @@ import java.util.stream.Collectors;
|
||||||
|
|
||||||
@Component(value = "AuthorizationService")
|
@Component(value = "AuthorizationService")
|
||||||
public class AuthorizationService {
|
public class AuthorizationService {
|
||||||
private final Logger log = Logger.getLogger(this.getClass());
|
|
||||||
|
|
||||||
public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
|
public final String PORTAL_ADMIN = "PORTAL_ADMINISTRATOR";
|
||||||
public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
|
public final String ANONYMOUS_USER = "ROLE_ANONYMOUS";
|
||||||
|
@ -24,6 +24,9 @@ public class AuthorizationService {
|
||||||
} else if (type.equals("ri") && communityMap) {
|
} else if (type.equals("ri") && communityMap) {
|
||||||
type = "community";
|
type = "community";
|
||||||
}
|
}
|
||||||
|
while (type.contains(".")) {
|
||||||
|
type = type.replace(".", "_");
|
||||||
|
}
|
||||||
return type;
|
return type;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -36,7 +39,7 @@ public class AuthorizationService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
|
* Type = FUNDER | COMMUNITY | INSTITUTION | PROJECT
|
||||||
* <p>
|
*
|
||||||
* Id = EE, EGI, etc
|
* Id = EE, EGI, etc
|
||||||
*/
|
*/
|
||||||
public String manager(String type, String id) {
|
public String manager(String type, String id) {
|
||||||
|
@ -45,7 +48,7 @@ public class AuthorizationService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
|
* Type = FUNDER | COMMUNITY | RI | INSTITUTION | PROJECT
|
||||||
* <p>
|
*
|
||||||
* Id = EE, EGI, etc
|
* Id = EE, EGI, etc
|
||||||
*/
|
*/
|
||||||
public String member(String type, String id) {
|
public String member(String type, String id) {
|
||||||
|
@ -69,7 +72,7 @@ public class AuthorizationService {
|
||||||
}
|
}
|
||||||
|
|
||||||
public List<String> getRoles() {
|
public List<String> getRoles() {
|
||||||
OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
|
Authentication authentication = getAuthentication();
|
||||||
if (authentication != null && authentication.isAuthenticated()) {
|
if (authentication != null && authentication.isAuthenticated()) {
|
||||||
return authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
|
return authentication.getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
|
||||||
}
|
}
|
||||||
|
@ -77,18 +80,35 @@ public class AuthorizationService {
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getAaiId() {
|
public String getAaiId() {
|
||||||
OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
|
Authentication authentication = getAuthentication();
|
||||||
if (authentication != null && authentication.isAuthenticated()) {
|
if (authentication != null && authentication.isAuthenticated()) {
|
||||||
return authentication.getUser().getSub();
|
if(authentication instanceof OpenAIREAuthentication) {
|
||||||
|
return ((OpenAIREAuthentication) authentication).getUser().getSub();
|
||||||
|
} else {
|
||||||
|
return ((OIDCAuthenticationToken) authentication).getUserInfo().getSub();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public String getEmail() {
|
public String getEmail() {
|
||||||
OpenAIREAuthentication authentication = (OpenAIREAuthentication) SecurityContextHolder.getContext().getAuthentication();
|
Authentication authentication = getAuthentication();
|
||||||
if (authentication != null && authentication.isAuthenticated()) {
|
if (authentication != null && authentication.isAuthenticated()) {
|
||||||
return authentication.getUser().getEmail();
|
if(authentication instanceof OpenAIREAuthentication) {
|
||||||
|
return ((OpenAIREAuthentication) authentication).getUser().getEmail();
|
||||||
|
} else {
|
||||||
|
return ((OIDCAuthenticationToken) authentication).getUserInfo().getEmail();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private Authentication getAuthentication() {
|
||||||
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
if(authentication instanceof OpenAIREAuthentication || authentication instanceof OIDCAuthenticationToken) {
|
||||||
|
return authentication;
|
||||||
|
} else {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +0,0 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
|
||||||
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.web.servlet.config.annotation.CorsRegistry;
|
|
||||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
|
||||||
|
|
||||||
@Configuration
|
|
||||||
public class CorsConfig extends WebMvcConfigurerAdapter {
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void addCorsMappings(CorsRegistry registry) {
|
|
||||||
registry.addMapping("/**")
|
|
||||||
.allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS")
|
|
||||||
.allowCredentials(true);
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,6 +1,6 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.security;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
|
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||||
|
|
||||||
public class OpenAIREAuthentication extends AbstractAuthenticationToken {
|
public class OpenAIREAuthentication extends AbstractAuthenticationToken {
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||||
import org.apache.log4j.Logger;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
@ -14,7 +13,6 @@ import java.io.IOException;
|
||||||
public class AuthorizationFilter implements Filter {
|
public class AuthorizationFilter implements Filter {
|
||||||
|
|
||||||
private final AuthorizationProvider authorizationProvider;
|
private final AuthorizationProvider authorizationProvider;
|
||||||
private final Logger log = Logger.getLogger(this.getClass());
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
AuthorizationFilter(AuthorizationProvider authorizationProvider) {
|
AuthorizationFilter(AuthorizationProvider authorizationProvider) {
|
||||||
|
@ -27,7 +25,7 @@ public class AuthorizationFilter implements Filter {
|
||||||
@Override
|
@Override
|
||||||
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
|
public void doFilter(ServletRequest req, ServletResponse res, FilterChain filterChain) throws IOException, ServletException {
|
||||||
OpenAIREAuthentication auth = authorizationProvider.getAuthentication((HttpServletRequest) req);
|
OpenAIREAuthentication auth = authorizationProvider.getAuthentication((HttpServletRequest) req);
|
||||||
if(auth != null) {
|
if(auth.isAuthenticated()) {
|
||||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||||
}
|
}
|
||||||
filterChain.doFilter(req, res);
|
filterChain.doFilter(req, res);
|
|
@ -1,6 +1,5 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
|
||||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
import org.springframework.security.web.DefaultSecurityFilterChain;
|
|
@ -1,7 +1,8 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
import eu.dnetlib.uoaauthorizationlibrary.security.OpenAIREAuthentication;
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.UserInfo;
|
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.AuthorizationUtils;
|
||||||
|
import eu.dnetlib.uoaauthorizationlibrary.stateless.utils.UserInfo;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.security;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.security;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.utils.AuthorizationUtils;
|
import eu.dnetlib.uoaauthorizationlibrary.security.EntryPoint;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
|
@ -11,7 +10,6 @@ import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
|
|
||||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@ComponentScan(basePackages = {"eu.dnetlib.uoaauthorizationlibrary.*"})
|
|
||||||
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
private final AuthorizationFilter filter;
|
private final AuthorizationFilter filter;
|
|
@ -1,7 +1,8 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.utils;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
|
||||||
|
|
||||||
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
|
||||||
import org.apache.log4j.Logger;
|
import org.apache.logging.log4j.LogManager;
|
||||||
|
import org.apache.logging.log4j.Logger;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.*;
|
import org.springframework.http.*;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
@ -10,11 +11,12 @@ import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
import javax.servlet.http.Cookie;
|
import javax.servlet.http.Cookie;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
|
||||||
@Component
|
@Component
|
||||||
public class AuthorizationUtils {
|
public class AuthorizationUtils {
|
||||||
private final Logger log = Logger.getLogger(this.getClass());
|
private final Logger log = LogManager.getLogger(this.getClass());
|
||||||
private final SecurityConfig securityConfig;
|
private final SecurityConfig securityConfig;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
|
@ -22,31 +24,29 @@ public class AuthorizationUtils {
|
||||||
this.securityConfig = securityConfig;
|
this.securityConfig = securityConfig;
|
||||||
}
|
}
|
||||||
|
|
||||||
private String getToken(HttpServletRequest request) {
|
|
||||||
if (request.getCookies() == null) {
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
for (Cookie c : request.getCookies()) {
|
|
||||||
if (c.getName().equals("AccessToken")) {
|
|
||||||
return c.getValue();
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
public UserInfo getUserInfo(HttpServletRequest request) {
|
public UserInfo getUserInfo(HttpServletRequest request) {
|
||||||
String url = securityConfig.getUserInfoUrl() + (securityConfig.isDeprecated()?getToken(request):"");
|
String url = securityConfig.getUserInfoUrl();
|
||||||
RestTemplate restTemplate = new RestTemplate();
|
RestTemplate restTemplate = new RestTemplate();
|
||||||
try {
|
try {
|
||||||
|
if(url != null && hasCookie(request)) {
|
||||||
ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
|
ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
|
||||||
return response.getBody();
|
return response.getBody();
|
||||||
|
}
|
||||||
|
return null;
|
||||||
} catch (RestClientException e) {
|
} catch (RestClientException e) {
|
||||||
log.error(e.getMessage());
|
log.error(url + ": " + e.getMessage());
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean hasCookie(HttpServletRequest request) {
|
||||||
|
Cookie[] cookies = request.getCookies();
|
||||||
|
if(cookies != null) {
|
||||||
|
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(this.securityConfig.getSession()));
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
private HttpEntity<HttpHeaders> createHeaders(HttpServletRequest request) {
|
private HttpEntity<HttpHeaders> createHeaders(HttpServletRequest request) {
|
||||||
HttpHeaders headers = new HttpHeaders();
|
HttpHeaders headers = new HttpHeaders();
|
||||||
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
|
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
|
|
@ -1,4 +1,4 @@
|
||||||
package eu.dnetlib.uoaauthorizationlibrary.utils;
|
package eu.dnetlib.uoaauthorizationlibrary.stateless.utils;
|
||||||
|
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
@ -1,9 +1,7 @@
|
||||||
#dev
|
#dev
|
||||||
authorization.security.userInfoUrl = http://mpagasas.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=
|
spring.session.store-type=none
|
||||||
authorization.globalVars.buildDate=@timestampAuthorizationLibrary@
|
authorization.security.userInfoUrl=
|
||||||
|
authorization.security.domain=di.uoa.gr
|
||||||
#beta
|
authorization.security.session=openAIRESession
|
||||||
#authorization.security.userInfoUrl = https://beta.services.openaire.eu/uoa-user-management/api/users/getUserInfo?accessToken=
|
authorization.global-vars.buildDate=@timestampAuthorizationLibrary@
|
||||||
|
authorization.global-vars.version=@project.version@
|
||||||
#production
|
|
||||||
#authorization.security.userInfoUrl = https://services.openaire.eu/uoa-user-management/api/users/getUserInfo?accessToken=
|
|
||||||
|
|
Loading…
Reference in New Issue