MaDgIK
/
uoa-repository-manager-service
13
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1. Optimize imports on broker api. 

2. Add user api / user api impl for test purposes. Check aai
3. Add config class for redis
4. Add FrontEndLinkURIAuthenticationSuccessHandler for aai
5. Add redis / aai properties on application properties file
This commit is contained in:
Panagiotis Kanakakis 2018-01-24 10:11:57 +00:00
parent f43753253d
commit f3e55be459
9 changed files with 387 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
pom.xml
View File

@ -12,7 +12,7 @@
<groupId>eu.dnetlib</groupId>
<artifactId>uoa-repository-manager-service</artifactId>
<version>1.0.0-SNAPSHOT</version>
<packaging>jar</packaging>
<packaging>war</packaging>
<build>
@ -230,6 +230,29 @@
<version>9.1-901.jdbc3</version>
</dependency>
<dependency>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-client</artifactId>
<version>1.3.0</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
<artifactId>jcl-over-slf4j</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session-data-redis</artifactId>
<version>1.3.1.RELEASE</version>
<type>pom</type>
</dependency>
<dependency>
<groupId>biz.paluch.redis</groupId>
<artifactId>lettuce</artifactId>
<version>3.5.0.Final</version>
</dependency>
</dependencies>

2
src/main/java/eu/dnetlib/repo/manager/service/controllers/BrokerApi.java
View File

@ -3,7 +3,7 @@ package eu.dnetlib.repo.manager.service.controllers;
import eu.dnetlib.repo.manager.shared.BrokerException;
import eu.dnetlib.repo.manager.shared.Term;
import eu.dnetlib.repo.manager.shared.broker.*;
import io.swagger.annotations.*;
import io.swagger.annotations.Api;
import org.json.JSONException;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.*;

21
src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApi.java Normal file
View File

@ -0,0 +1,21 @@
package eu.dnetlib.repo.manager.service.controllers;
import io.swagger.annotations.Api;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@RestController
@RequestMapping(value = "/user")
@Api(description = "User API", tags = {"user"})
public interface UserApi {
@RequestMapping(value = "/login" , method = RequestMethod.GET)
void login(HttpServletRequest req,
HttpServletResponse resp);
}

25
src/main/java/eu/dnetlib/repo/manager/service/controllers/UserApiImpl.java Normal file
View File

@ -0,0 +1,25 @@
package eu.dnetlib.repo.manager.service.controllers;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Component
public class UserApiImpl implements UserApi {
private static final org.apache.log4j.Logger LOGGER = org.apache.log4j.Logger
.getLogger(UserApiImpl.class);
@Value("${oidc.issuer}")
private String oidc_issuer;
@Override
public void login(HttpServletRequest req,
HttpServletResponse resp) {
LOGGER.debug(oidc_issuer);
resp.setStatus(HttpServletResponse.SC_FOUND);
resp.setHeader("Location", oidc_issuer);
}
}

54
src/main/java/eu/dnetlib/repo/manager/service/utils/Config.java Normal file
View File

@ -0,0 +1,54 @@
package eu.dnetlib.repo.manager.service.utils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.session.web.http.DefaultCookieSerializer;
import javax.annotation.PostConstruct;
import java.util.logging.Logger;
@Configuration
@EnableRedisHttpSession
@PropertySource(value = { "classpath:eu/dnetlib/repo/manager/service/application.properties", "classpath:application.properties"} )
@ComponentScan(basePackages = "eu.dnetlib.repo.manager")
public class Config {
private static Logger LOGGER = Logger.getLogger(String.valueOf(Config.class));
@Value("${redis.host}")
private String host;
@Value("${redis.port:6379}")
private String port;
@Value("${redis.password:#{null}}")
private String password;
@PostConstruct
private void init(){
LOGGER.info(host);
}
@Bean
public LettuceConnectionFactory connectionFactory() {
LOGGER.info(String.format("Redis connection listens to %s:%s",host,port));
LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port));
if(password != null) factory.setPassword(password);
return factory;
}
@Bean
public CookieSerializer cookieSerializer() {
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
serializer.setCookieName("SESSION"); // <1>
serializer.setCookiePath("/"); // <2>
return serializer;
}
}

36
src/main/java/eu/dnetlib/repo/manager/service/utils/FrontEndLinkURIAuthenticationSuccessHandler.java Normal file
View File

@ -0,0 +1,36 @@
package eu.dnetlib.repo.manager.service.utils;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
private String frontEndURI;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
Cookie sessionCookie = new Cookie("currentUser", authOIDC.getSub());
int expireSec = -1;
sessionCookie.setMaxAge(expireSec);
sessionCookie.setPath("/");
response.addCookie(sessionCookie);
response.sendRedirect(frontEndURI);
}
public String getFrontEndURI() {
return frontEndURI;
}
public void setFrontEndURI(String frontEndURI) {
this.frontEndURI = frontEndURI;
}
}

184
src/main/resources/application-context.xml
View File

@ -1,13 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:task="http://www.springframework.org/schema/task" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd">
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:util="http://www.springframework.org/schema/util" xmlns:task="http://www.springframework.org/schema/task"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd"
default-autowire="byType">
<!--<import resource="classpath:META-INF/cxf/cxf.xml"/>
<import resource="classpath:META-INF/cxf/cxf-extension-jaxws.xml"/>
@ -28,6 +30,7 @@
<context:property-placeholder location="classpath*:/eu/**/application.properties" />
<tx:annotation-driven transaction-manager="txManager"/>
<!--
<bean class="eu.dnetlib.repo.manager.service.config.CascadingPropertyLoader" id="propertyLoader">
<property name="order" value="2" />
<property name="properties">
@ -56,6 +59,7 @@
</list>
</property>
</bean>
-->
<bean id="repomanager.dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="${repomanager.db.driverClassName}" />
@ -80,4 +84,168 @@
<property name="dataSource" ref="repomanager.dataSource"/>
</bean>
<bean id="webexpressionHandler"
class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/>
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true"
authentication-manager-ref="authenticationManager"/>
<security:http auto-config="false" use-expressions="true"
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
pattern="/**">
<security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" />
<security:logout />
</security:http>
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
<constructor-arg type="java.lang.String" value="/openid_connect_login"/>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="openIdConnectAuthenticationProvider" />
</security:authentication-manager>
<bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
<property name="authoritiesMapper">
<bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper">
<property name="admins" ref="namedAdmins" />
</bean>
</property>
</bean>
<util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
<!--
This is an example of how quantity set up a user as an administrator: they'll be given ROLE_ADMIN in addition quantity ROLE_USER.
Note that having an administrator role on the IdP doesn't grant administrator access on this client.
These are values from the demo "openid-connect-server-webapp" project of MITREid Connect.
-->
<bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority">
<constructor-arg name="subject" value="90342.ASDFJWFA" />
<constructor-arg name="issuer" value="${oidc.issuer}" />
</bean>
</util:set>
<bean class="eu.dnetlib.repo.manager.service.utils.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect">
<property name="frontEndURI" value="${webapp.front}"/>
</bean>
<!--
-
- The authentication filter
-
-->
<bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="issuerService" ref="staticIssuerService" />
<property name="serverConfigurationService" ref="staticServerConfigurationService" />
<property name="clientConfigurationService" ref="staticClientConfigurationService" />
<property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
<property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
<property name="authenticationSuccessHandler" ref="frontEndRedirect"/>
</bean>
<!--
-
- Issuer Services: Determine which identity provider issuer is used.
-
-->
<!--
Static issuer service, returns the same issuer for every request.
-->
<bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService">
<property name="issuer" value="${oidc.issuer}" />
</bean>
<bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService">
<property name="loginPageUrl" value="login" />
<property name="forceHttps" value="false" /> <!-- this default property forces the webfinger issuer URL quantity be HTTPS, turn off for development work -->
</bean>
<!--
Dynamic server configuration, fetches the server's information using OIDC Discovery.
-->
<bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService">
<property name="servers">
<map>
<entry key="${oidc.issuer}">
<bean class="org.mitre.openid.connect.config.ServerConfiguration">
<property name="issuer" value="${oidc.issuer}" />
<property name="authorizationEndpointUri" value="${oidc.issuer}authorize" />
<property name="tokenEndpointUri" value="${oidc.issuer}token" />
<property name="userInfoUri" value="${oidc.issuer}userinfo" />
<property name="jwksUri" value="${oidc.issuer}jwk" />
<property name="revocationEndpointUri" value="${oidc.issuer}revoke" />
</bean>
</entry>
</map>
</property>
</bean>
<!--
Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis.
-->
<bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService">
<property name="clients">
<map>
<entry key="${oidc.issuer}">
<bean class="org.mitre.oauth2.model.RegisteredClient">
<property name="clientId" value="${oidc.id}" />
<property name="clientSecret" value="${oidc.secret}" />
<property name="scope">
<set value-type="java.lang.String">
<value>openid</value>
</set>
</property>
<property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
<property name="redirectUris">
<set>
<value>${webapp.home}</value>
</set>
</property>
</bean>
</entry>
</map>
</property>
</bean>
<!--
-
- Auth request options service: returns the optional components of the request
-
-->
<bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService">
<property name="options">
<map>
<!-- Entries in this map are sent as key-value parameters quantity the auth request -->
<!--
<entry key="display" value="page" />
<entry key="max_age" value="30" />
<entry key="prompt" value="none" />
-->
</map>
</property>
</bean>
<!--
-
- Authorization URL Builders: create the URL quantity redirect the user quantity for authorization.
-
-->
<!--
Plain authorization request builder, puts all options as query parameters on the GET request
-->
<bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
</beans>

12
src/main/resources/eu/dnetlib/repo/manager/service/application.properties
View File

@ -96,4 +96,14 @@ repomanager.db.password = dnetPwd
services.repomanager.analyticsURL = http://analytics.openaire.eu/addsite.php?
topic_types.url = https://beta.services.openaire.eu/provision/mvc/vocabularies/dnet:topic_types.json
topic_types.url = https://beta.services.openaire.eu/provision/mvc/vocabularies/dnet:topic_types.json
oidc.issuer = https://aai.openminted.eu/oidc/
oidc.id = 24e83176-1312-4ba3-bc0b-ffeebea1603e
oidc.secret = U_gLOupYu2trYIOwfxGgZkkZoOHG_zGfaViOUsXcZ7qVQuF1rcJeQYKIDX1TY3z27CIoHaqq9ht2rmAiUmBRYQ
webapp.home = http://localhost:8380/repomanager-service/openid_connect_login
webapp.front=http://localhost:8380/
redis.host = 83.212.101.85
#redis.port = 6379
#redis.password

50
src/main/webapp/WEB-INF/web.xml
View File

@ -17,6 +17,14 @@ http://xmlns.jcp.org/xml/ns/javaee "
<param-name>log4jExposeWebAppRoot</param-name>
<param-value>false</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
@ -33,17 +41,37 @@ http://xmlns.jcp.org/xml/ns/javaee "
</context-param>
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD</param-value>
</init-param>
</filter>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>springSessionRepositoryFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSessionRepositoryFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
</web-app>