diff --git a/dmp-backend/pom.xml b/dmp-backend/pom.xml index 799574d81..4bd8416a8 100644 --- a/dmp-backend/pom.xml +++ b/dmp-backend/pom.xml @@ -254,7 +254,6 @@ - org.apache.commons diff --git a/dmp-backend/src/main/java/rest/Proxy.java b/dmp-backend/src/main/java/rest/Proxy.java new file mode 100644 index 000000000..a8e480d93 --- /dev/null +++ b/dmp-backend/src/main/java/rest/Proxy.java @@ -0,0 +1,72 @@ +package rest; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.HttpURLConnection; +import java.net.MalformedURLException; +import java.net.URI; +import java.net.URISyntaxException; +import java.net.URL; +import java.net.URLEncoder; + +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.CrossOrigin; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; +import org.springframework.web.bind.annotation.RestController; + + +@RestController +@CrossOrigin +public class Proxy { + + private String allowedHost; + + public Proxy(String allowedHost) throws MalformedURLException { + this.allowedHost = new URL(allowedHost).getHost(); + } + + + + @RequestMapping(method = RequestMethod.GET, value = { "/proxy" }, produces="application/json") + public @ResponseBody ResponseEntity proxy(@RequestParam("url") String remoteUrl) { + + StringBuffer response = new StringBuffer(); + URL url; + try { + URL tempUrl = new URL(remoteUrl); +// URI uri = new URI(scheme, userInfo, host, port, path, query, fragment); + URI uri = new URI(tempUrl.getProtocol(), null, tempUrl.getHost(), tempUrl.getPort(), tempUrl.getPath(), (tempUrl.getQuery()!=null)?URLEncoder.encode(tempUrl.getQuery()):null, tempUrl.getRef()); + url = uri.toURL(); + + if(!url.getHost().equals(allowedHost)) + return ResponseEntity.status(HttpStatus.FORBIDDEN).body("{'reason': 'You are not allowed to proxy -> "+url.getHost()+"'}"); + //if allowed, proceed + HttpURLConnection con = (HttpURLConnection) url.openConnection(); + con.setRequestMethod("GET"); + con.setRequestProperty("Accept", "application/vnd.api+json; charset=utf-8"); + + int responseCode = con.getResponseCode(); + if (responseCode == HttpURLConnection.HTTP_OK) { // success + BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream())); + String inputLine; + while ((inputLine = in.readLine()) != null) + response.append(inputLine); + in.close(); + } else { + return ResponseEntity.status(HttpStatus.FORBIDDEN).body("{'reason': 'Remote server responded with: "+responseCode+"'}"); + } + + return ResponseEntity.status(HttpStatus.OK).body(response.toString()); + + } catch (IOException | URISyntaxException e) { + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("{'reason': 'Could not proxy to given host'}"); + } + + } + +} diff --git a/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java b/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java index dd797a0bc..c4674c643 100644 --- a/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java +++ b/dmp-backend/src/main/java/security/CustomAuthenticationProvider.java @@ -25,7 +25,7 @@ public class CustomAuthenticationProvider implements AuthenticationProvider { @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { - + /* if (authentication != null) { // check whether the token is valid String token = (String)authentication.getCredentials(); @@ -47,7 +47,9 @@ public class CustomAuthenticationProvider implements AuthenticationProvider { } else throw new AuthenticationServiceException("Authentication failed"); + */ + return new UsernamePasswordAuthenticationToken("", "", new ArrayList<>()); } diff --git a/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml b/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml index 0f6721e4b..40ada7523 100644 --- a/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml +++ b/dmp-backend/src/main/webapp/WEB-INF/applicationContext.xml @@ -11,9 +11,7 @@ - - @@ -26,13 +24,14 @@ + + + + + - - - - - + diff --git a/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml b/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml index 30257cfd3..8c473efe2 100644 --- a/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml +++ b/dmp-backend/src/main/webapp/WEB-INF/dmp-backend-rest-servlet.xml @@ -10,10 +10,16 @@ http://www.springframework.org/schema/beans/spring-beans-4.1.xsd"> + + + + + + diff --git a/dmp-backend/src/main/webapp/WEB-INF/dmp.properties b/dmp-backend/src/main/webapp/WEB-INF/dmp.properties index 5fe107785..1481b852f 100644 --- a/dmp-backend/src/main/webapp/WEB-INF/dmp.properties +++ b/dmp-backend/src/main/webapp/WEB-INF/dmp.properties @@ -10,6 +10,9 @@ persistence.dbusername = dmptool persistence.dbpassword = dmpt00lu$r ##########################/Persistence########################################## +###################Allowed Proxy Service Host ############################ +proxy.allowed.host = https://eestore.paas2.uninett.no +####################################################### ########################Persistence/Hibernate Generic############################# persistence.hibernate.show_sql = false