This commit is contained in:
Lucio Lelii 2016-06-23 16:14:16 +00:00
parent e09f53b3b5
commit 01d1a84dd9
3 changed files with 57 additions and 23 deletions

15
pom.xml
View File

@ -12,6 +12,18 @@
<version>1.0.0</version>
</parent>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.gcube.distribution</groupId>
<artifactId>gcube-bom</artifactId>
<version>1.0.0-SNAPSHOT</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<properties>
<distroDirectory>distro</distroDirectory>
</properties>
@ -20,19 +32,16 @@
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>common-authorization</artifactId>
<version>[2.0.0-SNAPSHOT,3.0.0-SNAPSHOT)</version>
</dependency>
<dependency>
<groupId>org.gcube.core</groupId>
<artifactId>common-encryption</artifactId>
<version>[2.0.0-SNAPSHOT,3.0.0-SNAPSHOT)</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.5</version>
</dependency>
<dependency>
<groupId>junit</groupId>

View File

@ -1,6 +1,7 @@
package org.gcube.common.authorization.client.proxy;
import java.util.List;
import java.util.Map;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.AuthorizationEntry;
@ -11,9 +12,9 @@ import org.gcube.common.authorization.library.provider.ServiceInfo;
public interface AuthorizationProxy {
AuthorizationEndpoint getEndpoint();
AuthorizationEndpoint getEndpoint(int infrastructureHash);
void setEndpoint(AuthorizationEndpoint endpoint);
void setEndpoint(Map<Integer,AuthorizationEndpoint> endpoints);
AuthorizationEntry get(String token) throws ObjectNotFound, Exception;

View File

@ -13,7 +13,7 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.WeakHashMap;
import org.gcube.common.authorization.client.Binder;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
@ -23,6 +23,7 @@ import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpointScanner;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.provider.ClientInfo;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.ServiceInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.encryption.StringEncrypter;
@ -33,18 +34,19 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
private static Map<String, AuthorizationEntryCache> cache = new ConcurrentHashMap<String, AuthorizationEntryCache>();
private static Map<String, AuthorizationEntryCache> cache = Collections.synchronizedMap(new WeakHashMap<String, AuthorizationEntryCache>());
private List<AuthorizationEndpoint> endpoints;
private Map<Integer, AuthorizationEndpoint> endpoints;
private static final String TOKEN_SEPARATOR ="|";
public DefaultAuthorizationProxy() {
endpoints = AuthorizationEndpointScanner.endpoints();
this.setEndpoint(endpoints.get(0));
}
private String getInternalEnpoint(){
StringBuilder endpoint = new StringBuilder("http://").append(getEndpoint().getHost()).append(":")
.append(getEndpoint().getPort()).append("/authorization-service/gcube/service");
private String getInternalEnpoint(int infrastructureHash){
StringBuilder endpoint = new StringBuilder("http://").append(getEndpoint(infrastructureHash).getHost()).append(":")
.append(getEndpoint(infrastructureHash).getPort()).append("/authorization-service/gcube/service");
return endpoint.toString();
}
@ -57,7 +59,9 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
methodPath+="user";
else methodPath+="service";
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath).append("?")
int infrastructureHash = getInfrastructureHashfromContext(context);
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath).append("?")
.append(CONTEXT_PARAM).append("=").append(context);
URL url = new URL(callUrl.toString());
@ -86,6 +90,24 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
return StringEncrypter.getEncrypter().decrypt(encryptedToken, context);
}
private int getInfrastructureHashfromContext(String context) {
try{
String infrastructure = context.split("/")[1];
return infrastructure.hashCode();
}catch(Exception e){
throw new RuntimeException("invalid contex");
}
}
private int getInfrastructureHashFromToken(String token) {
try{
String hashCodeAsString = token.split(TOKEN_SEPARATOR)[1];
return Integer.parseInt(hashCodeAsString);
}catch(Exception e){
throw new RuntimeException("invalid token");
}
}
@Override
public String requestActivation(ServiceInfo container, String context) throws Exception {
@ -93,7 +115,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath).append("?")
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?")
.append(CONTEXT_PARAM).append("=").append(context);
URL url = new URL(callUrl.toString());
@ -129,7 +151,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
final String methodPath = "/retrieve/";
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath).append(token);
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(token))).append(methodPath).append(token);
URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "GET");
@ -150,7 +172,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
public void addPolicies(List<Policy> policies) throws Exception {
final String methodPath = "/policyManager";
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath);
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath);
URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "POST");
@ -168,7 +190,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
@Override
public void removePolicies(long... ids) throws Exception {
final String methodPath = "/policyManager/";
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath);
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath);
List<Long> errorIds = new ArrayList<Long>();
for (long id: ids){
URL url = new URL(callUrl.toString()+id);
@ -183,7 +205,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
public List<Policy> getPolicies(String context) throws Exception{
final String methodPath = "/policyManager/";
StringBuilder callUrl = new StringBuilder(getInternalEnpoint()).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context);
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context);
URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "GET");
@ -205,13 +227,15 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
}
@Override
public AuthorizationEndpoint getEndpoint() {
return this.endpoints.get(0);
public AuthorizationEndpoint getEndpoint(int infrastructureHash) {
if (!this.endpoints.containsKey(infrastructureHash))
throw new RuntimeException("Authorization Endpoint not found for the required infrastructure");
return this.endpoints.get(infrastructureHash);
}
@Override
public void setEndpoint(AuthorizationEndpoint authEndpoint) {
this.endpoints = Collections.singletonList(authEndpoint);
public void setEndpoint(Map<Integer,AuthorizationEndpoint> endpoints) {
this.endpoints = endpoints;
}