From 708df14e12a42ccae7468828b29aae3611a93de0 Mon Sep 17 00:00:00 2001 From: Katerina Iatropoulou Date: Fri, 9 Oct 2020 10:06:54 +0000 Subject: [PATCH] Registered services relates methods added --- .../usermanagement/EditRegisteredService.java | 24 ++++++++ .../usermanagement/OverviewServlet.java | 12 ++++ .../RegisterServiceServlet.java | 2 - .../RegisteredServicesServlet.java | 57 ++++++++++++++++++ .../usermanagement/ServiceRequest.java | 6 +- .../usermanagement/ServiceResponse.java | 4 +- .../utils/AuthenticationUtils.java | 13 ++++ .../utils/RegisteredServicesUtils.java | 9 +++ .../usermanagement/utils/TokenUtils.java | 10 +--- src/main/webapp/editRegisteredService.jsp | 11 +--- src/main/webapp/overview.jsp | 30 ++++++---- src/main/webapp/personal.jsp | 2 +- src/main/webapp/registerService.jsp | 2 +- src/main/webapp/registeredServices.jsp | 60 +++++++++++-------- 14 files changed, 183 insertions(+), 59 deletions(-) create mode 100644 src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/EditRegisteredService.java b/src/main/java/eu/dnetlib/openaire/usermanagement/EditRegisteredService.java index 34d1fc8..5986956 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/EditRegisteredService.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/EditRegisteredService.java @@ -1,18 +1,31 @@ package eu.dnetlib.openaire.usermanagement; +import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; import org.apache.http.HttpResponse; import org.mitre.openid.connect.model.OIDCAuthenticationToken; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.context.support.SpringBeanAutowiringSupport; +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.sql.SQLException; public class EditRegisteredService extends HttpServlet { + @Autowired + private RegisteredServicesUtils registeredServicesUtils; + + public void init(ServletConfig config) throws ServletException { + super.init(config); + SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, + config.getServletContext()); + } @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { @@ -21,6 +34,17 @@ public class EditRegisteredService extends HttpServlet { String accessToken = authentication.getAccessTokenValue(); String serviceId = request.getParameter("id"); + + try { + if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceId)) { + request.getSession().setAttribute("message", "You have no permission to edit the service."); + response.sendRedirect("./registeredService"); + } + } catch (SQLException throwables) { + request.getSession().setAttribute("message", "There was an error accessing your service."); + response.sendRedirect("./registeredService"); + } + if (serviceId == null || serviceId.isEmpty()) { request.getSession().setAttribute("message", "No selected service is provided."); } diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java index 2e487fc..df20e52 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java @@ -1,5 +1,12 @@ package eu.dnetlib.openaire.usermanagement; +import eu.dnetlib.openaire.usermanagement.utils.AuthenticationUtils; +import org.mitre.openid.connect.model.OIDCAuthenticationToken; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.context.support.SpringBeanAutowiringSupport; + +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; @@ -10,6 +17,11 @@ public class OverviewServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + + request.getSession().setAttribute("authenticated", + !SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString() + .equals("anonymousUser")); + response.setContentType("text/html"); request.getRequestDispatcher("./overview.jsp").include(request, response); } diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java index 126dcf7..c4a43ec 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java @@ -2,7 +2,6 @@ package eu.dnetlib.openaire.usermanagement; import com.google.gson.Gson; import eu.dnetlib.openaire.user.pojos.RegisteredService; -import eu.dnetlib.openaire.user.utils.VerificationActions; import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; import org.apache.log4j.Logger; @@ -72,7 +71,6 @@ public class RegisterServiceServlet extends HttpServlet { RegisteredService registeredService = new RegisteredService(aai_id, owner, name); try { - System.out.println("I WILL CONTACT THE DB"); registeredServicesUtils.addRegistedService(registeredService); } catch (SQLException sqle) { diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java index 33e1142..b081a4f 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java @@ -1,15 +1,72 @@ package eu.dnetlib.openaire.usermanagement; +import eu.dnetlib.openaire.user.pojos.RegisteredService; +import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; +import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; +import org.apache.log4j.Logger; +import org.mitre.openid.connect.model.OIDCAuthenticationToken; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.web.context.support.SpringBeanAutowiringSupport; + +import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.sql.SQLException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; public class RegisteredServicesServlet extends HttpServlet { + private Logger logger = Logger.getLogger(RegisteredServicesServlet.class); + + @Autowired + private RegisteredServicesUtils registeredServicesUtils; + + public void init(ServletConfig config) throws ServletException { + super.init(config); + SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, + config.getServletContext()); + } + public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + + request.getSession().setAttribute("authenticated", + !SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString() + .equals("anonymousUser")); + + OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. + getContext().getAuthentication(); + + String userId = authentication.getSub(); + + List registeredServices = null; + try { + registeredServices = registeredServicesUtils. + getRegisteredServiceDao().fetchAllRegisteredServicesByOwner(userId); + + } catch (SQLException sqle) { + logger.error("Error fetching registered services for user " + userId , sqle); + request.getSession().setAttribute("message", "Error fetching registered services. " + + "Please try again later."); + request.getSession().setAttribute("showEmptyList", false); + request.getRequestDispatcher("./registeredServices.jsp").include(request, response); + } + + Map serviceResponses = new HashMap<>(); + for (RegisteredService registeredService:registeredServices) { + serviceResponses.put(registeredService.getId(), + TokenUtils.getRegisteredService(registeredService.getAai_id(),authentication.getAccessTokenValue())); + } + + request.getSession().setAttribute("services", serviceResponses); + request.getSession().setAttribute("registeredServices", registeredServices); response.setContentType("text/html"); request.getRequestDispatcher("./registeredServices.jsp").include(request, response); } diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java index 1e214e3..2167c4c 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java @@ -3,6 +3,8 @@ package eu.dnetlib.openaire.usermanagement; import com.google.gson.Gson; import com.google.gson.GsonBuilder; +import java.io.Serializable; + public class ServiceRequest { String clientName; String clientId; @@ -146,11 +148,11 @@ public class ServiceRequest { } } -class Jwks { +class Jwks implements Serializable { Key[] keys = new Key[]{new Key()}; } -class Key { +class Key implements Serializable { String kty = "RSA"; String e = "AQAB"; String kid = "05794a3c-a6f5-430c-9822-da4e53597ba5"; diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceResponse.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceResponse.java index a0161b8..178d041 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceResponse.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceResponse.java @@ -1,6 +1,8 @@ package eu.dnetlib.openaire.usermanagement; -public class ServiceResponse { +import java.io.Serializable; + +public class ServiceResponse implements Serializable { String id; String clientId; String clientSecret; diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java new file mode 100644 index 0000000..a205f89 --- /dev/null +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java @@ -0,0 +1,13 @@ +package eu.dnetlib.openaire.usermanagement.utils; + +import org.mitre.openid.connect.model.OIDCAuthenticationToken; + +public class AuthenticationUtils { + public static boolean isAuthenticated(OIDCAuthenticationToken authenticationToken) { + if (authenticationToken != null) { + return true; + } + + return false; + } +} diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegisteredServicesUtils.java b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegisteredServicesUtils.java index 55549ce..e43aeb2 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegisteredServicesUtils.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegisteredServicesUtils.java @@ -25,4 +25,13 @@ public class RegisteredServicesUtils { registeredServiceDao.insertRegisteredService(registeredService); } + public boolean isAuthorized(String userid, String id) throws SQLException { + RegisteredService registeredService = registeredServiceDao.fetchRegisteredServiceById(id); + System.out.println(registeredService.getAai_id()); + System.out.println(registeredService.getOwner()); + if (registeredService.getOwner().equals(userid)) return true; + + return false; + } + } diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java index a228746..afdffb1 100644 --- a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java +++ b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java @@ -15,6 +15,7 @@ import org.apache.http.client.methods.HttpPut; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; +import org.apache.log4j.Logger; import org.springframework.http.HttpStatus; import javax.xml.ws.Service; @@ -26,6 +27,8 @@ import java.util.List; public class TokenUtils { + Logger logger = Logger.getLogger(TokenUtils.class); + public static String registerService(String userId, String name, String description, String email, String accessToken) throws IOException { @@ -71,13 +74,6 @@ public class TokenUtils { CloseableHttpClient httpclient = HttpClients.createDefault(); HttpResponse httpResponse = httpclient.execute(httpGet); String registeredService = IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name()); - System.out.println("registered Service " + registeredService); - //List registeredServices; - //Type listType = new TypeToken>(){}.getType(); - //String registeredServicesJson = - //registeredServices = new Gson().fromJson(IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name()), - // listType); - //return registeredServices.get(0); return new Gson().fromJson(registeredService,ServiceResponse.class); } diff --git a/src/main/webapp/editRegisteredService.jsp b/src/main/webapp/editRegisteredService.jsp index 2697da3..3d974cb 100644 --- a/src/main/webapp/editRegisteredService.jsp +++ b/src/main/webapp/editRegisteredService.jsp @@ -1,10 +1,3 @@ -<%-- - Created by IntelliJ IDEA. - User: sofia - Date: 19/10/2017 - Time: 4:30 μμ - To change this template use File | Settings | File Templates. ---%> <%@ page contentType="text/html;charset=UTF-8" language="java" %> <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> @@ -50,12 +43,12 @@
-

Add a new service

+

Update your service

-

Please provide the basic information on your new service

+
Please fill in the updated values for your service
diff --git a/src/main/webapp/overview.jsp b/src/main/webapp/overview.jsp index ab55899..d4a4f8c 100644 --- a/src/main/webapp/overview.jsp +++ b/src/main/webapp/overview.jsp @@ -42,12 +42,18 @@
@@ -79,19 +85,21 @@
-

OpenAIRE AAI Service

+

OpenAIRE APIs Authentication

- OpenAIRE AAI Service mpla mpla mpla + The OpenAIRE APIs can be accessed over HTTPS both by authenticated and unauthenticated requests. + To achieve better rate limits you need to make authenticated requests. We support personal access tokens and service registration. + For more information please read the documentation.
-
+
-
mpla mpla mpla
+
Access the OpenAIRE APIs with your personal access token.
-
mpla mpla mpla
+
Register your service to enable requests to the OpenAIRE APIs.
diff --git a/src/main/webapp/personal.jsp b/src/main/webapp/personal.jsp index e5cd8d2..a0a9fd2 100644 --- a/src/main/webapp/personal.jsp +++ b/src/main/webapp/personal.jsp @@ -68,7 +68,7 @@
-
Sidebar title
+
API Access