git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@130708 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
af88f9d40f
commit
9e228feb92
5
pom.xml
5
pom.xml
|
|
@ -34,11 +34,6 @@
|
|||
<artifactId>common-authorization</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-encryption</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-api</artifactId>
|
||||
|
|
|
|||
|
|
@ -7,8 +7,9 @@ import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
|||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
|
||||
import org.gcube.common.authorization.library.policies.Policy;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||
import org.gcube.common.authorization.library.provider.ServiceInfo;
|
||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||
|
||||
public interface AuthorizationProxy {
|
||||
|
||||
|
|
@ -17,13 +18,7 @@ public interface AuthorizationProxy {
|
|||
void setEndpoint(Map<Integer,AuthorizationEndpoint> endpoints);
|
||||
|
||||
AuthorizationEntry get(String token) throws ObjectNotFound, Exception;
|
||||
|
||||
String generateToken(ClientInfo client, String context)
|
||||
throws Exception;
|
||||
|
||||
String requestActivation(ServiceInfo container, String context)
|
||||
throws Exception;
|
||||
|
||||
|
||||
void addPolicies(List<Policy> policies) throws Exception;
|
||||
|
||||
void removePolicies(long ... ids) throws Exception;
|
||||
|
|
@ -31,5 +26,12 @@ public interface AuthorizationProxy {
|
|||
List<Policy> getPolicies(String context) throws Exception;
|
||||
|
||||
String generateApiKey(String apiQualifier) throws Exception;
|
||||
|
||||
String generateServiceToken(ServiceInfo client) throws Exception;
|
||||
|
||||
String generateUserToken(UserInfo client, String context)
|
||||
throws Exception;
|
||||
|
||||
String requestActivation(ContainerInfo container, String context) throws Exception;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,11 +23,10 @@ import org.gcube.common.authorization.library.Policies;
|
|||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
|
||||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpointScanner;
|
||||
import org.gcube.common.authorization.library.policies.Policy;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.ServiceInfo;
|
||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||
import org.gcube.common.encryption.StringEncrypter;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
|
@ -52,14 +51,44 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
}
|
||||
|
||||
@Override
|
||||
public String generateToken(ClientInfo client, String context) throws Exception {
|
||||
public String generateServiceToken(ServiceInfo client) throws Exception {
|
||||
|
||||
String methodPath = "/token/";
|
||||
String methodPath = "/token/service";
|
||||
|
||||
int infrastructureHash = getInfrastructureHashFromToken(SecurityTokenProvider.instance.get());
|
||||
|
||||
if (client instanceof UserInfo)
|
||||
methodPath+="user";
|
||||
else methodPath+="service";
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
||||
|
||||
URL url = new URL(callUrl.toString());
|
||||
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
||||
connection.setDoOutput(true);
|
||||
connection.setDoInput(true);
|
||||
connection.setRequestProperty("Content-type", "application/xml");
|
||||
|
||||
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
||||
Binder.getContext().createMarshaller().marshal(client, os);
|
||||
}
|
||||
|
||||
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
||||
|
||||
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
||||
String token= "";
|
||||
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
||||
StringBuilder result = new StringBuilder();
|
||||
String line;
|
||||
while((line = reader.readLine()) != null)
|
||||
result.append(line);
|
||||
token = result.toString();
|
||||
}
|
||||
|
||||
return token;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String generateUserToken(UserInfo client, String context) throws Exception {
|
||||
|
||||
String methodPath = "/token/user";
|
||||
|
||||
int infrastructureHash = getInfrastructureHashfromContext(context);
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath).append("?")
|
||||
|
|
@ -144,18 +173,16 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
}
|
||||
|
||||
@Override
|
||||
public String requestActivation(ServiceInfo container, String context) throws Exception {
|
||||
|
||||
String methodPath = "/generate/node";
|
||||
|
||||
public String requestActivation(ContainerInfo container, String context) throws Exception {
|
||||
|
||||
String methodPath = "/token/node";
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?")
|
||||
StringBuilder callUrl =
|
||||
new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?")
|
||||
.append(CONTEXT_PARAM).append("=").append(context);
|
||||
|
||||
URL url = new URL(callUrl.toString());
|
||||
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
||||
connection.setRequestMethod("PUT");
|
||||
HttpURLConnection connection = makeRequest(url, "PUT", false);
|
||||
connection.setDoOutput(true);
|
||||
connection.setDoInput(true);
|
||||
connection.setRequestProperty("Content-type", "application/xml");
|
||||
|
|
@ -167,16 +194,16 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
log.debug("response code is "+connection.getResponseCode());
|
||||
|
||||
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
||||
String encryptedToken= "";
|
||||
String token= "";
|
||||
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
||||
StringBuilder result = new StringBuilder();
|
||||
String line;
|
||||
while((line = reader.readLine()) != null)
|
||||
result.append(line);
|
||||
encryptedToken = result.toString();
|
||||
token = result.toString();
|
||||
}
|
||||
|
||||
return StringEncrypter.getEncrypter().decrypt(encryptedToken, context);
|
||||
return token;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -5,15 +5,13 @@ import static org.gcube.common.authorization.client.Constants.authorizationServi
|
|||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import javax.annotation.Generated;
|
||||
|
||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.policies.Action;
|
||||
import org.gcube.common.authorization.library.policies.Policy;
|
||||
import org.gcube.common.authorization.library.policies.ServiceAccess;
|
||||
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
|
||||
import org.gcube.common.authorization.library.policies.Users;
|
||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||
import org.junit.Test;
|
||||
|
|
@ -21,8 +19,9 @@ public class CallTest {
|
|||
|
||||
|
||||
@Test
|
||||
public void requestToken() throws Exception {
|
||||
System.out.println(requestTestToken("/gcube"));
|
||||
public void requestNodeToken() throws Exception {
|
||||
String token = authorizationService().requestActivation(new ContainerInfo("dlib29.isti.cnr.it",8080), "/gcube");
|
||||
System.out.println(token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -59,7 +58,7 @@ public class CallTest {
|
|||
|
||||
|
||||
private String requestTestToken(String context) throws Exception{
|
||||
return authorizationService().generateToken(new UserInfo("test.token", new ArrayList<String>()), context);
|
||||
return authorizationService().generateUserToken(new UserInfo("test.token", new ArrayList<String>()), context);
|
||||
}
|
||||
|
||||
private AuthorizationEntry resolveToken(String token) throws Exception{
|
||||
|
|
|
|||
Loading…
Reference in New Issue