251 lines
8.9 KiB
Java
251 lines
8.9 KiB
Java
package eu.dnetlib.uoamonitorservice.handlers.utils;
|
|
|
|
import org.apache.log4j.Logger;
|
|
|
|
import javax.servlet.http.Cookie;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import java.io.BufferedReader;
|
|
import java.io.InputStreamReader;
|
|
import java.io.StringReader;
|
|
import java.net.HttpURLConnection;
|
|
import java.net.URL;
|
|
import java.util.Enumeration;
|
|
|
|
import com.google.gson.Gson;
|
|
|
|
public class AuthorizationUtils {
|
|
private final Logger log = Logger.getLogger(this.getClass());
|
|
private String userInfoUrl = null;
|
|
// private String communityAPI ="";
|
|
// List<String> adminRoles = new ArrayList<String>(Arrays.asList("Super Administrator", "Portal Administrator"));
|
|
private String originServer= null;
|
|
public Boolean checkCookies(HttpServletRequest request){
|
|
Boolean valid = true;
|
|
String cookieValue = this.getCookie(request,"AccessToken");
|
|
if(cookieValue == null || cookieValue.isEmpty()){
|
|
log.info("no cookie available ");
|
|
valid = false;
|
|
}else {
|
|
String headerValue = this.getHeadersInfo(request, "x-xsrf-token");
|
|
if(headerValue == null || headerValue.isEmpty()){
|
|
log.info("no header available ");
|
|
valid = false;
|
|
}else{
|
|
if(!cookieValue.equals(headerValue)){
|
|
log.info("no proper header or cookie ");
|
|
valid = false;
|
|
}else if(!hasValidOrigin(this.getHeadersInfo(request, "origin"))){
|
|
log.info("no proper origin ");
|
|
valid = false;
|
|
}
|
|
}
|
|
}
|
|
return valid;
|
|
}
|
|
public String getToken(HttpServletRequest request){
|
|
return this.getHeadersInfo(request, "x-xsrf-token");
|
|
}
|
|
private String getCookie(HttpServletRequest request, String cookieName){
|
|
if(request.getCookies() == null){
|
|
return null;
|
|
}
|
|
for(Cookie c: request.getCookies()){
|
|
// log.debug("cookie "+ c.getName()+ " "+ c.getValue());
|
|
if(c.getName().equals(cookieName)){
|
|
return c.getValue();
|
|
}
|
|
|
|
}
|
|
return null;
|
|
}
|
|
private String getHeadersInfo(HttpServletRequest request, String name) {
|
|
|
|
Enumeration headerNames = request.getHeaderNames();
|
|
while (headerNames.hasMoreElements()) {
|
|
String key = (String) headerNames.nextElement();
|
|
String value = request.getHeader(key);
|
|
// log.debug(" key: "+ key+" value: "+ value);
|
|
if(name.equals(key)){
|
|
return value;
|
|
}
|
|
}
|
|
return null;
|
|
}
|
|
public boolean hasValidOrigin(String origin) {
|
|
if (origin != null && origin.indexOf(originServer)!=-1) {
|
|
return true;
|
|
}
|
|
log.debug("Not valid origin. Origin server is \"" + origin + "\", but expected value is \"" + originServer + "\". If the expec cted value is not right, check properties file. ");
|
|
return false;
|
|
}
|
|
public UserInfo getUserInfo(String accessToken){
|
|
String url=userInfoUrl+accessToken;
|
|
URL obj = null;
|
|
String responseStr=null;
|
|
// log.debug("User info url is "+url);
|
|
|
|
try {
|
|
obj = new URL(url);
|
|
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
|
|
if (con.getResponseCode() != 200) {
|
|
log.debug("User info response code is: " + con.getResponseCode());
|
|
return null;
|
|
}
|
|
BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
|
|
StringBuffer response = new StringBuffer();
|
|
String inputLine;
|
|
while ((inputLine = in.readLine()) != null) {
|
|
response.append(inputLine).append("\n");
|
|
}
|
|
in.close();
|
|
responseStr = response.toString();
|
|
}catch(Exception e){
|
|
log.error("An error occured while trying to fetch user info ",e);
|
|
return null;
|
|
}
|
|
return json2UserInfo(responseStr);
|
|
}
|
|
private UserInfo json2UserInfo(String json) {
|
|
|
|
// log.debug("Try to create userInfo class from json: "+json);
|
|
if (json == null){
|
|
return null;
|
|
}
|
|
|
|
BufferedReader br = new BufferedReader(new StringReader(json));
|
|
//convert the json string back to object
|
|
Gson gson = new Gson();
|
|
UserInfo userInfo = null;
|
|
try {
|
|
userInfo = gson.fromJson(br, UserInfo.class);
|
|
}catch(Exception e){
|
|
log.debug("Error in parsing json response. Given json is : "+json, e);
|
|
return null;
|
|
}
|
|
|
|
// log.debug("Original response.........: "+userInfo.toString());
|
|
try {
|
|
if(userInfo != null && userInfo.getEdu_person_entitlements() != null ) {
|
|
|
|
for (int i = 0; i < userInfo.getEdu_person_entitlements().size(); i++) {
|
|
String role = userInfo.getEdu_person_entitlements().get(i);
|
|
// log.debug("AAI role: "+role);
|
|
role = role.split(":")[role.split(":").length-1];
|
|
role = role.replace("+"," ");
|
|
// log.debug("Adding parsed role : "+role);
|
|
userInfo.getEdu_person_entitlements().set(i,role);
|
|
}
|
|
}
|
|
}catch(Exception e){
|
|
log.debug("Error in parsing Edu_person_entitlements : ",e);
|
|
return null;
|
|
}
|
|
// log.debug("After handling roles : "+userInfo.toString());
|
|
|
|
|
|
return userInfo;
|
|
}
|
|
public boolean isAuthorized(String token) {
|
|
UserInfo userInfo = getUserInfo(token);
|
|
if (userInfo != null ) {
|
|
return true;
|
|
} else {
|
|
log.debug(" User has no Valid UserInfo");
|
|
return false;
|
|
}
|
|
|
|
}
|
|
|
|
public String getUserInfoUrl() {
|
|
return userInfoUrl;
|
|
}
|
|
|
|
public String getOriginServer() {
|
|
return originServer;
|
|
}
|
|
|
|
public void setUserInfoUrl(String userInfoUrl) {
|
|
this.userInfoUrl = userInfoUrl;
|
|
}
|
|
|
|
public void setOriginServer(String originServer) {
|
|
this.originServer = originServer;
|
|
}
|
|
// private boolean hasRole(List<String> givenRoles, List<String> authorizedRoles) {
|
|
// log.debug("It's registered with role " + givenRoles);
|
|
// for (String gRole : givenRoles) {
|
|
// if (authorizedRoles.indexOf(gRole) != -1) {
|
|
// return true;
|
|
// }
|
|
// }
|
|
// log.debug("Not Authorized. Authorized roles are" + authorizedRoles);
|
|
// return false;
|
|
//
|
|
// }
|
|
// private boolean isCommunityManager(String community, String email) {
|
|
//
|
|
// CommunityInfo communityInfo = getCommunityInfo(community);
|
|
// if(communityInfo != null && communityInfo.getManagers() != null ) {
|
|
//
|
|
// for (int i = 0; i < communityInfo.getManagers().size(); i++) {
|
|
// String manager = communityInfo.getManagers().get(i);
|
|
// log.debug("Community manager: "+manager);
|
|
//
|
|
// }
|
|
// }
|
|
// return false;
|
|
//
|
|
// }
|
|
// private CommunityInfo getCommunityInfo(String community) {
|
|
// String url = userInfoUrl + community;
|
|
// URL obj = null;
|
|
// String responseStr = null;
|
|
// log.debug("Community info url is " + url);
|
|
//
|
|
// try {
|
|
// obj = new URL(url);
|
|
// HttpURLConnection con = (HttpURLConnection) obj.openConnection();
|
|
// log.debug("User info response code is: " + con.getResponseCode());
|
|
// if (con.getResponseCode() != 200) {
|
|
// return null;
|
|
// }
|
|
// BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
|
|
// StringBuffer response = new StringBuffer();
|
|
// String inputLine;
|
|
// while ((inputLine = in.readLine()) != null) {
|
|
// response.append(inputLine).append("\n");
|
|
// }
|
|
// in.close();
|
|
// responseStr = response.toString();
|
|
// } catch (Exception e) {
|
|
// log.error("An error occured while trying to fetch user info ", e);
|
|
// return null;
|
|
// }
|
|
// return json2CommunityInfo(community);
|
|
// }
|
|
// private CommunityInfo json2CommunityInfo(String json){
|
|
//
|
|
// log.debug("Try to create CommunityInfo class from json: "+json);
|
|
// if (json == null){
|
|
// return null;
|
|
// }
|
|
//
|
|
// BufferedReader br = new BufferedReader(new StringReader(json));
|
|
// //convert the json string back to object
|
|
// Gson gson = new Gson();
|
|
// CommunityInfo communityInfo = null;
|
|
// try {
|
|
// communityInfo = gson.fromJson(br, CommunityInfo.class);
|
|
// }catch(Exception e){
|
|
// log.debug("Error in parsing json response. Given json is : "+json, e);
|
|
// return null;
|
|
// }
|
|
//
|
|
// log.debug("Original response.........: "+communityInfo.toString());
|
|
//
|
|
//
|
|
//
|
|
// return communityInfo;
|
|
// }
|
|
}
|