From cbf6122576fcec7e1adf08732b52dfe9703b1b6c Mon Sep 17 00:00:00 2001 From: "lucio.lelii" Date: Mon, 18 May 2015 17:15:58 +0000 Subject: [PATCH] 70: Authetication Token Task-Url: https://support.d4science.org/issues/70 git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@114787 82a268e6-3cf1-43bd-a215-b396298e98cf --- distro/INSTALL | 1 + distro/LICENSE | 6 + distro/MAINTAINERS | 1 + distro/README | 38 +++++++ distro/changelog.xml | 5 + distro/descriptor.xml | 42 +++++++ distro/profile.xml | 26 +++++ distro/svnpath.txt | 1 + pom.xml | 105 ++++++++++++++++++ .../common/authorization/client/Binder.java | 19 ++++ .../authorization/client/Constants.java | 33 ++++++ .../client/JaxRSEndpointReference.java | 60 ++++++++++ .../common/authorization/client/Utils.java | 9 ++ .../client/plugin/AbstractPlugin.java | 37 ++++++ .../client/plugin/AuthorizationPlugin.java | 35 ++++++ .../client/proxy/AuthorizationProxy.java | 10 ++ .../proxy/DefaultAuthorizationProxy.java | 74 ++++++++++++ .../authorizationservice/cl/CallTest.java | 34 ++++++ 18 files changed, 536 insertions(+) create mode 100644 distro/INSTALL create mode 100644 distro/LICENSE create mode 100644 distro/MAINTAINERS create mode 100644 distro/README create mode 100644 distro/changelog.xml create mode 100644 distro/descriptor.xml create mode 100644 distro/profile.xml create mode 100644 distro/svnpath.txt create mode 100644 pom.xml create mode 100644 src/main/java/org/gcube/common/authorization/client/Binder.java create mode 100644 src/main/java/org/gcube/common/authorization/client/Constants.java create mode 100644 src/main/java/org/gcube/common/authorization/client/JaxRSEndpointReference.java create mode 100644 src/main/java/org/gcube/common/authorization/client/Utils.java create mode 100644 src/main/java/org/gcube/common/authorization/client/plugin/AbstractPlugin.java create mode 100644 src/main/java/org/gcube/common/authorization/client/plugin/AuthorizationPlugin.java create mode 100644 src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java create mode 100644 src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java create mode 100644 src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java diff --git a/distro/INSTALL b/distro/INSTALL new file mode 100644 index 0000000..8d1c8b6 --- /dev/null +++ b/distro/INSTALL @@ -0,0 +1 @@ + diff --git a/distro/LICENSE b/distro/LICENSE new file mode 100644 index 0000000..630ba97 --- /dev/null +++ b/distro/LICENSE @@ -0,0 +1,6 @@ +gCube System - License +------------------------------------------------------------ + +The gCube/gCore software is licensed as Free Open Source software conveying to the EUPL (http://ec.europa.eu/idabc/eupl). +The software and documentation is provided by its authors/distributors "as is" and no expressed or +implied warranty is given for its use, quality or fitness for a particular case. diff --git a/distro/MAINTAINERS b/distro/MAINTAINERS new file mode 100644 index 0000000..6e1540b --- /dev/null +++ b/distro/MAINTAINERS @@ -0,0 +1 @@ +* Lucio Lelii (lucio.lelii@isti.cnr.it), CNR, Italy \ No newline at end of file diff --git a/distro/README b/distro/README new file mode 100644 index 0000000..6b65683 --- /dev/null +++ b/distro/README @@ -0,0 +1,38 @@ +The gCube System - ${name} +---------------------- + +This work has been partially supported by the following European projects: DILIGENT (FP6-2003-IST-2), D4Science (FP7-INFRA-2007-1.2.2), +D4Science-II (FP7-INFRA-2008-1.2.2), iMarine (FP7-INFRASTRUCTURES-2011-2), and EUBrazilOpenBio (FP7-ICT-2011-EU-Brazil). + +Authors +------- + +* Lucio Lelii (lucio.lelii@isti.cnr.it), CNR, Italy + +Version and Release Date +------------------------ +${version} + +Description +----------- +${description} + +Download information +-------------------- + +Source code is available from SVN: +${scm.url} + +Binaries can be downloaded from: + + +Documentation +------------- +Documentation is available on-line from the Projects Documentation Wiki: +https://gcube.wiki.gcube-system.org/gcube/index.php/.... + + +Licensing +--------- + +This software is licensed under the terms you may find in the file named "LICENSE" in this directory. diff --git a/distro/changelog.xml b/distro/changelog.xml new file mode 100644 index 0000000..ef80242 --- /dev/null +++ b/distro/changelog.xml @@ -0,0 +1,5 @@ + + + First Release + + \ No newline at end of file diff --git a/distro/descriptor.xml b/distro/descriptor.xml new file mode 100644 index 0000000..21d8c88 --- /dev/null +++ b/distro/descriptor.xml @@ -0,0 +1,42 @@ + + servicearchive + + tar.gz + + / + + + ${distroDirectory} + / + true + + README + LICENSE + INSTALL + MAINTAINERS + changelog.xml + + 755 + true + + + + + ${distroDirectory}/profile.xml + / + true + + + target/${build.finalName}.jar + /${artifactId} + + + ${distroDirectory}/svnpath.txt + /${artifactId} + true + + + \ No newline at end of file diff --git a/distro/profile.xml b/distro/profile.xml new file mode 100644 index 0000000..91c49e4 --- /dev/null +++ b/distro/profile.xml @@ -0,0 +1,26 @@ + + + + Service + + ${description} + Common + ${artifactId} + 1.0.0 + + + ${artifactId} + ${version} + + ${groupId} + ${artifactId} + ${version} + + + ${build.finalName}.jar + + + + + + diff --git a/distro/svnpath.txt b/distro/svnpath.txt new file mode 100644 index 0000000..f416f9d --- /dev/null +++ b/distro/svnpath.txt @@ -0,0 +1 @@ +${scm.url} diff --git a/pom.xml b/pom.xml new file mode 100644 index 0000000..ba00c38 --- /dev/null +++ b/pom.xml @@ -0,0 +1,105 @@ + + 4.0.0 + org.gcube.common + authorization-client + 1.0.0-SNAPSHOT + authorization service client library + + + maven-parent + org.gcube.tools + 1.0.0 + + + + distro + + + + + org.gcube.common + authorization-library + [1.0.0-SNAPSHOT,2.0.0-SNAPSHOT) + + + + org.gcube.core + common-generic-clients + [1.0.0-SNAPSHOT,2.0.0-SNAPSHOT) + + + + org.slf4j + slf4j-api + 1.7.5 + + + junit + junit + 4.11 + test + + + ch.qos.logback + logback-classic + 1.0.13 + test + + + + + + + + + + + org.apache.maven.plugins + maven-resources-plugin + 2.5 + + + copy-profile + install + + copy-resources + + + target + + + ${distroDirectory} + true + + profile.xml + + + + + + + + + + org.apache.maven.plugins + maven-assembly-plugin + + + ${distroDirectory}/descriptor.xml + + + + + servicearchive + install + + single + + + + + + + + \ No newline at end of file diff --git a/src/main/java/org/gcube/common/authorization/client/Binder.java b/src/main/java/org/gcube/common/authorization/client/Binder.java new file mode 100644 index 0000000..95f4739 --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/Binder.java @@ -0,0 +1,19 @@ +package org.gcube.common.authorization.client; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.JAXBException; + +import org.gcube.common.authorization.library.AuthorizationEntry; + +public class Binder { + + private static JAXBContext context ; + + public static JAXBContext getContext() throws JAXBException{ + if (context==null) + context = JAXBContext.newInstance(AuthorizationEntry.class); + return context; + } + + +} diff --git a/src/main/java/org/gcube/common/authorization/client/Constants.java b/src/main/java/org/gcube/common/authorization/client/Constants.java new file mode 100644 index 0000000..f9dee6a --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/Constants.java @@ -0,0 +1,33 @@ +package org.gcube.common.authorization.client; + +import java.util.concurrent.TimeUnit; + +import javax.xml.namespace.QName; + +import org.gcube.common.authorization.client.plugin.AuthorizationPlugin; +import org.gcube.common.authorization.client.proxy.AuthorizationProxy; +import org.gcube.common.clients.ProxyBuilder; +import org.gcube.common.clients.ProxyBuilderImpl; + +public class Constants { + + /** Service name. */ + public static final String SERVICE_NAME = "AuthorizationService"; + + /** Service class. */ + public static final String SERVICE_CLASS = "Common"; + + public static final String CONTEXT_SERVICE_NAME="authorization-service"; + + public static final int DEFAULT_TIMEOUT= (int) TimeUnit.SECONDS.toMillis(10); + + private static final String TNS = "http://gcube-system.org/"; + + public static final QName AUTHORIZATION_QNAME = new QName(TNS, "authorization-service"); + + public static final String SCOPE_HEADER_ENTRY = "gcube-scope"; + + public static ProxyBuilder authorizationService() { + return new ProxyBuilderImpl(new AuthorizationPlugin()); + } +} diff --git a/src/main/java/org/gcube/common/authorization/client/JaxRSEndpointReference.java b/src/main/java/org/gcube/common/authorization/client/JaxRSEndpointReference.java new file mode 100644 index 0000000..04f7faa --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/JaxRSEndpointReference.java @@ -0,0 +1,60 @@ +package org.gcube.common.authorization.client; + +import java.io.StringReader; +import java.io.StringWriter; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.transform.stream.StreamResult; +import javax.xml.ws.EndpointReference; +import org.w3c.dom.Document; +import org.w3c.dom.NodeList; +import org.xml.sax.InputSource; + +public class JaxRSEndpointReference { + + private static final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); + + private static final String addressLocalName = "Address"; + //private static final String keyLocalName = "ResourceKey"; + + String address; + //Element key; + + static { + factory.setNamespaceAware(true); + } + + public JaxRSEndpointReference(EndpointReference reference) { + this(serialise(reference)); + } + + public JaxRSEndpointReference(String reference) { + + try { + + Document document = factory.newDocumentBuilder().parse(new InputSource(new StringReader(reference))); + + NodeList addresses = document.getElementsByTagNameNS("*", addressLocalName); + + if (addresses.getLength() == 0) + throw new RuntimeException("reference does not contain an address"); + + address = addresses.item(0).getTextContent(); + + } catch (Exception e) { + throw new IllegalArgumentException("reference is not a gCore reference", e); + } + + } + + @Override + public String toString() { + return address; + } + + // helper + private static String serialise(EndpointReference reference) { + StringWriter writer = new StringWriter(); + reference.writeTo(new StreamResult(writer)); + return writer.toString(); + } +} diff --git a/src/main/java/org/gcube/common/authorization/client/Utils.java b/src/main/java/org/gcube/common/authorization/client/Utils.java new file mode 100644 index 0000000..3677c5c --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/Utils.java @@ -0,0 +1,9 @@ +package org.gcube.common.authorization.client; + +public class Utils { + + static void notNull(String message,Object o) { + if (o==null) + throw new IllegalArgumentException(o+" cannot be null"); + } +} diff --git a/src/main/java/org/gcube/common/authorization/client/plugin/AbstractPlugin.java b/src/main/java/org/gcube/common/authorization/client/plugin/AbstractPlugin.java new file mode 100644 index 0000000..9b4e910 --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/plugin/AbstractPlugin.java @@ -0,0 +1,37 @@ +package org.gcube.common.authorization.client.plugin; + +import org.gcube.common.authorization.client.Constants; +import org.gcube.common.clients.Plugin; + + + +public abstract class AbstractPlugin implements Plugin { + + + public final String name; + + public AbstractPlugin(String name) { + this.name=name; + } + + @Override + public String serviceClass() { + return Constants.SERVICE_CLASS; + } + + @Override + public String serviceName() { + return Constants.SERVICE_NAME; + } + + @Override + public String name() { + return name; + } + + @Override + public String namespace() { + return ""; + } + +} \ No newline at end of file diff --git a/src/main/java/org/gcube/common/authorization/client/plugin/AuthorizationPlugin.java b/src/main/java/org/gcube/common/authorization/client/plugin/AuthorizationPlugin.java new file mode 100644 index 0000000..0c5d98d --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/plugin/AuthorizationPlugin.java @@ -0,0 +1,35 @@ +package org.gcube.common.authorization.client.plugin; + + +import javax.xml.ws.EndpointReference; + +import org.gcube.common.authorization.client.JaxRSEndpointReference; +import org.gcube.common.authorization.client.proxy.AuthorizationProxy; +import org.gcube.common.authorization.client.proxy.DefaultAuthorizationProxy; +import org.gcube.common.clients.config.ProxyConfig; +import org.gcube.common.clients.delegates.ProxyDelegate; + +public class AuthorizationPlugin extends AbstractPlugin{ + + public AuthorizationPlugin() { + super("authorization-service/gcube/service"); + } + + @Override + public Exception convert(Exception fault, ProxyConfig config) { + return fault; + } + + @Override + public String resolve(EndpointReference address, ProxyConfig config) + throws Exception { + return new JaxRSEndpointReference(address).toString(); + + } + + @Override + public AuthorizationProxy newProxy(ProxyDelegate delegate) { + return new DefaultAuthorizationProxy(delegate); + } + +} diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java new file mode 100644 index 0000000..caa343f --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java @@ -0,0 +1,10 @@ +package org.gcube.common.authorization.client.proxy; + +import org.gcube.common.authorization.library.AuthorizationEntry; + +public interface AuthorizationProxy { + + String generate(String userName, String role); + + AuthorizationEntry get(String token); +} diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java new file mode 100644 index 0000000..558f2af --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java @@ -0,0 +1,74 @@ +package org.gcube.common.authorization.client.proxy; + +import static org.gcube.common.clients.exceptions.FaultDSL.again; + +import java.io.BufferedReader; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.net.HttpURLConnection; +import java.net.URL; + +import javax.xml.bind.JAXBContext; + +import org.gcube.common.authorization.client.Binder; +import org.gcube.common.authorization.client.Constants; +import org.gcube.common.authorization.library.AuthorizationEntry; +import org.gcube.common.clients.Call; +import org.gcube.common.clients.delegates.ProxyDelegate; +import org.gcube.common.scope.api.ScopeProvider; + +public class DefaultAuthorizationProxy implements AuthorizationProxy { + + private final ProxyDelegate delegate; + + public DefaultAuthorizationProxy(ProxyDelegate config){ + this.delegate = config; + } + + @Override + public String generate(final String userName, final String role) { + Call call = new Call() { + + @Override + public String call(String endpoint) throws Exception { + URL url = new URL(endpoint+"/generate/"+userName+"/"+role); + HttpURLConnection connection = (HttpURLConnection)url.openConnection(); + connection.setRequestMethod("GET"); + connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get()); + BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent())); + StringBuilder result = new StringBuilder(); + String line; + while((line = reader.readLine()) != null) + result.append(line); + return result.toString(); + } + }; + try { + return delegate.make(call); + } catch (Exception e) { + throw again(e).asServiceException(); + } + } + + @Override + public AuthorizationEntry get(final String token) { + Call call = new Call() { + + @Override + public AuthorizationEntry call(String endpoint) throws Exception { + URL url = new URL(endpoint+"/retrieve/"+token); + HttpURLConnection connection = (HttpURLConnection)url.openConnection(); + connection.setRequestMethod("GET"); + if (connection.getContentLengthLong()<=0) return null; + return (AuthorizationEntry)Binder.getContext().createUnmarshaller().unmarshal((InputStream)connection.getContent()); + + } + }; + try { + return delegate.make(call); + } catch (Exception e) { + throw again(e).asServiceException(); + } + } + +} diff --git a/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java b/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java new file mode 100644 index 0000000..68242a1 --- /dev/null +++ b/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java @@ -0,0 +1,34 @@ +package org.gcube.common.authorizationservice.cl; + +import static org.gcube.common.authorization.client.Constants.authorizationService; + +import org.gcube.common.authorization.library.AuthorizationEntry; +import org.gcube.common.scope.api.ScopeProvider; +import org.junit.Test; + +public class CallTest { + + + @Test + public void call(){ + + ScopeProvider.instance.set("/gcube/devsec"); + String token = authorizationService().build().generate("lucio.lelii", "God"); + + System.out.println("token is "+token); + + AuthorizationEntry entry = authorizationService().build().get(token); + + System.out.println("entry is "+entry.toString()); + + } + + @Test + public void requestToken(){ + + ScopeProvider.instance.set("/gcube/devsec"); + String token = authorizationService().build().generate("lucio.lelii", "God"); + System.out.println("token is: "+token); + + } +}