Auth utils integration

pull/1/head
Fabio Sinibaldi 2 years ago
parent d1c7465c6b
commit b458e786cd

@ -4,6 +4,8 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
## [v1.0.3-SNAPSHOT] - 2020-09-03
Integrated auth-utils
### Fixes
- Integration with gcube distribution (https://support.d4science.org/issues/19612)

@ -17,7 +17,7 @@
<dependency>
<groupId>org.gcube.distribution</groupId>
<artifactId>gcube-bom</artifactId>
<version>2.0.0-SNAPSHOT</version>
<version>2.0.2</version>
<type>pom</type>
<scope>import</scope>
</dependency>
@ -56,6 +56,12 @@
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>authorization-utils</artifactId>
<version>[2.0.0, 3.0.0-SNAPSHOT)</version>
</dependency>
<!-- IS -->
<dependency>
<groupId>org.gcube.resources.discovery</groupId>

@ -10,6 +10,9 @@ import java.util.function.Function;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
import org.gcube.common.authorization.utils.user.User;
import org.gcube.common.encryption.StringEncrypter;
import org.gcube.common.resources.gcore.ServiceEndpoint;
import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
@ -43,16 +46,22 @@ public class BasicConnectionManager implements ConnectionManager {
private synchronized DataBaseDescriptor getDatabase() {
try {
final String currentToken=SecurityTokenProvider.instance.get();
if(currentToken==null) throw new Exception("Unauthorized request. No gcube token found.");
AuthorizationEntry entry = authorizationService().get(currentToken);
final String context=entry.getContext();
log.info("Looking for database, checking caller context..");
SecretManager cm = SecretManagerProvider.instance.get();
final String context = cm.getContext();
User user = cm.getUser();
log.info("Identified caller {} in context {}",user.getUsername(),context);
return cache.computeIfAbsent(context, new Function<String, DataBaseDescriptor>(){
@Override
public DataBaseDescriptor apply(String t) {
try{
log.debug("Querying for database in context {} ",context);
SecurityTokenProvider.instance.set(currentToken);
log.info("Database for {} not found in cache. Querying IS .. ",context);
SecretManager cm = SecretManagerProvider.instance.get();
final String context = cm.getContext();
User user = cm.getUser();
log.debug("CACHE FUNCTION : Identified caller {} in context {}",user.getUsername(),context);
SimpleQuery query = ICFactory.queryFor(ServiceEndpoint.class);
query.addCondition("$resource/Profile/Category/text() eq 'Database'")
.addCondition("$resource/Profile/Name/text() eq 'AccountingDashboard'");

@ -1,20 +1,17 @@
package org.gcube.accounting.accounting.summary.access.impl;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import org.gcube.accounting.accounting.summary.access.model.ScopeDescriptor;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
public class BasicContextTreeProvider implements ContextTreeProvider {
@Override
public ScopeDescriptor getTree(Object unuseful) throws Exception {
final String currentToken=SecurityTokenProvider.instance.get();
if(currentToken==null) throw new Exception("Unauthorized request. No gcube token found.");
AuthorizationEntry entry = authorizationService().get(currentToken);
final String context=entry.getContext();
SecretManager cm = SecretManagerProvider.instance.get();
final String context = cm.getContext();
return new ScopeDescriptor(context.substring(context.lastIndexOf("/")+1, context.length()),context);

@ -56,7 +56,7 @@ public class ReportElement implements Serializable {
@Override
public String toString() {
StringBuilder builder=new StringBuilder("REPORT "+label);
StringBuilder builder=new StringBuilder("REPORT "+"{cat : "+category+"}"+label);
builder.append(" Y : "+yAxis+" X : "+xAxis+"\n");
for(Series s:serieses){
builder.append(s.toString()+"\n");

@ -17,9 +17,11 @@ public class SimpleTest {
public static void main(String[] args) throws ParameterException, Exception {
TokenSetter.set("/gcube/devNext");
// AccountingDao dao=AccountingDao.get();
AccountingDao dao=AccountingDao.get(new DummyContextTreeProvider());
TokenSetter.set("/d4science.research-infrastructures.eu/D4OS/GeoNA-Prototype");
// TokenSetter.set("/gcube/devsec/devVRE");
// TokenSetter.set("/pred4s/preprod/preVRE");
AccountingDao dao=AccountingDao.get();
// AccountingDao dao=AccountingDao.get(new DummyContextTreeProvider());
ScopeDescriptor desc=dao.getTree(null);
@ -49,6 +51,7 @@ public class SimpleTest {
System.out.println("**********************************************************************************************************");
System.out.println(desc);
System.out.println(dao.getReportByScope(desc, from, to, MeasureResolution.MONTHLY));
// if(desc.hasChildren()) {
// for(ScopeDescriptor child:desc.getChildren())
// scan(child,from,to,dao);

@ -2,54 +2,57 @@ package org.gcube.data.access.accounting.summary.access.test;
import static org.gcube.common.authorization.client.Constants.authorizationService;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.Properties;
import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
import org.gcube.common.authorization.utils.secret.GCubeSecret;
import org.gcube.common.authorization.utils.secret.Secret;
import org.gcube.common.scope.api.ScopeProvider;
import lombok.extern.slf4j.Slf4j;
@Slf4j
public class TokenSetter{
public class TokenSetter {
private static Properties props=null;
static{
private static Properties props=new Properties();
}
public static synchronized void set(String scope){
try{
if(props==null) {
props=new Properties();
try {
props.load(TokenSetter.class.getResourceAsStream("/tokens.properties"));
} catch (Exception e) {
throw new RuntimeException("YOU NEED TO SET TOKEN FILE IN CONFIGURATION");
}
static{
try {
props.load(TokenSetter.class.getResourceAsStream("/tokens.properties"));
} catch (Exception e) {
throw new RuntimeException("YOU NEED TO SET TOKEN FILE IN CONFIGURATION",e);
}
if(!props.containsKey(scope)) throw new Exception("No token found for scope : "+scope);
SecurityTokenProvider.instance.set(props.getProperty(scope));
}catch(Throwable e){
log.trace("Unable to set token for scope "+scope,e);
}
ScopeProvider.instance.set(scope);
}
public static void setToken(String token){
try{
AuthorizationEntry entry = authorizationService().get(token);
ScopeProvider.instance.set(entry.getContext());
SecurityTokenProvider.instance.set(token);
}catch(Throwable t) {
throw new RuntimeException("Unable to set token "+token,t);
public static void set(String scope){
SecretManagerProvider.instance.set(new SecretManager());
if(!props.containsKey(scope)) throw new RuntimeException("No token found for scope : "+scope);
// Secret secret = SecretUtility. getSecretByTokenString(token); // se non sai con che token hai a che fare;
// oppure
Secret secret = new GCubeSecret(props.getProperty(scope)); // se vecchio token
// oppure
// Secret secret = new JWTSecret(token); // se nuovo token
SecretManagerProvider.instance.get().addSecret(secret);
try{
SecretManagerProvider.instance.get().set();
}catch(Exception e ){throw new RuntimeException("Unable to set secret for context "+scope,e);}
}
}
//
// public static void setUma() throws IOException {
// File umaFile = new File("uma.json");
// String uma= Files.readFileAsString(umaFile.getAbsolutePath(), Charset.defaultCharset());
// AccessTokenProvider.instance.set(uma);
//
// }
public static String getCurrentToken() {
return SecurityTokenProvider.instance.get();
}
}
Loading…
Cancel
Save