authorization-library/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java

package eu.dnetlib.uoaauthorizationlibrary.utils;

import eu.dnetlib.uoaauthorizationlibrary.configuration.SecurityConfig;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.Collections;

@Component
public class AuthorizationUtils {
    private final Logger log = Logger.getLogger(this.getClass());
    private final SecurityConfig securityConfig;
    private final static String TOKEN = "AccessToken";
    private final static String SESSION = "OpenAIRESession";

    @Autowired
    AuthorizationUtils(SecurityConfig securityConfig) {
        this.securityConfig = securityConfig;
    }

    private String getToken(HttpServletRequest request) {
        if (request.getCookies() == null) {
            return null;
        }
        for (Cookie c : request.getCookies()) {
            if (c.getName().equals(TOKEN)) {
                return c.getValue();
            }
        }
        return null;
    }

    public UserInfo getUserInfo(HttpServletRequest request) {
        String url = securityConfig.getUserInfoUrl() + (securityConfig.isDeprecated()?getToken(request):"");
        RestTemplate restTemplate = new RestTemplate();
        try {
            if(hasCookie(request)) {
                ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class);
                return  response.getBody();
            }
            return null;
        } catch (RestClientException e) {
            log.error(url + ":" + e.getMessage());
            return null;
        }
    }

    private boolean hasCookie(HttpServletRequest request) {
        Cookie[] cookies = request.getCookies();
        if(securityConfig.isDeprecated()) {
            return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(TOKEN));
        } else {
            return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(SESSION));
        }
    }

    private HttpEntity<HttpHeaders> createHeaders(HttpServletRequest request) {
        HttpHeaders headers = new HttpHeaders();
        headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
        headers.set("Cookie", request.getHeader("Cookie"));
        return new HttpEntity<>(headers);
    }
}