uoa-monitor-service/src/main/java/eu/dnetlib/uoamonitorservice/handlers/AuthorizationHandler.java

package eu.dnetlib.uoamonitorservice.handlers;

import eu.dnetlib.uoamonitorservice.handlers.utils.AuthorizationUtils;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

public class AuthorizationHandler extends HandlerInterceptorAdapter {
    private final Logger log = Logger.getLogger(this.getClass());
    private AuthorizationUtils helper = new AuthorizationUtils();
    private List<String> allowedPostRequests;

    public AuthorizationHandler(String userInfoUrl, String originServer, List<String> allowedPostRequests){
        helper.setOriginServer(originServer);
        helper.setUserInfoUrl(userInfoUrl);
        this.allowedPostRequests = allowedPostRequests;
    }
// Comment this method ONLY FOR TEST
//    @Override
//    public boolean preHandle(
//            HttpServletRequest request,
//            HttpServletResponse response,
//            Object handler) throws Exception {
////        log.debug("request method " + request.getRemoteHost());
//        log.debug("properties: " + helper.getOriginServer() + " "+ helper.getUserInfoUrl());
//        log.debug(allowedPostRequests);
//        log.debug(allowedPostRequests.contains(request.getServletPath()));
//        log.debug(request.getServletPath());
//        if((request.getMethod().equals("POST") || request.getMethod().equals("DELETE")) &&
//        !allowedPostRequests.contains(request.getServletPath())) {
//            //TODO check domain & check user info
//            if(!this.helper.checkCookies(request) || !helper.isAuthorized(helper.getToken(request))){
//
//                response.setHeader("Access-Control-Allow-Credentials","true");
//                response.setHeader("Access-Control-Allow-Origin","*");
//                response.setHeader("Vary","Origin");
//
//                response.setStatus(403);
//                response.sendError(403, "Forbidden: You don't have permission to access. Maybe you are not registered.");
//                return false;
//            }
//
//        }
//        return true;
//    }


//    @Override
//    public void postHandle(
//            HttpServletRequest request,
//            HttpServletResponse response,
//            Object handler,
//            ModelAndView modelAndView) throws Exception {
//        log.info("I am here - postHandle ");
//    }
//
//    @Override
//    public void afterCompletion(
//            HttpServletRequest request,
//            HttpServletResponse response,
//            Object handler, Exception ex) {
//        log.info("I am here - afterCompletion ");
//    }

}