diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationEntryCache.java b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationEntryCache.java index 7adb697..cdaa230 100644 --- a/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationEntryCache.java +++ b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationEntryCache.java @@ -1,6 +1,5 @@ package org.gcube.common.authorization.client.proxy; -import org.gcube.common.authorization.client.Constants; import org.gcube.common.authorization.library.AuthorizationEntry; public class AuthorizationEntryCache { @@ -17,7 +16,7 @@ public class AuthorizationEntryCache { return entry; } - public boolean isValid(){ - return (System.currentTimeMillis()-Constants.TIME_TO_LIVE_CACHE_IN_MILLIS) endpoints); + void setEndpoint(EndpointsContainer endpoints); AuthorizationEntry get(String token) throws ObjectNotFound, Exception; diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java index 8c5382a..22ce263 100644 --- a/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java +++ b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java @@ -11,9 +11,9 @@ import java.net.HttpURLConnection; import java.net.URL; import java.util.ArrayList; import java.util.Collections; +import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.WeakHashMap; import org.gcube.common.authorization.client.Binder; import org.gcube.common.authorization.client.Constants; @@ -23,6 +23,7 @@ import org.gcube.common.authorization.library.Policies; import org.gcube.common.authorization.library.QualifiersList; import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint; import org.gcube.common.authorization.library.enpoints.AuthorizationEndpointScanner; +import org.gcube.common.authorization.library.enpoints.EndpointsContainer; import org.gcube.common.authorization.library.policies.Policy; import org.gcube.common.authorization.library.provider.ContainerInfo; import org.gcube.common.authorization.library.provider.SecurityTokenProvider; @@ -35,12 +36,13 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class); - private static Map cache = Collections.synchronizedMap(new WeakHashMap()); + private static Map cache = Collections.synchronizedMap(new HashMap()); - private Map endpoints; + private static EndpointsContainer endpoints; public DefaultAuthorizationProxy() { - endpoints = AuthorizationEndpointScanner.endpoints(); + if (endpoints==null) + endpoints = AuthorizationEndpointScanner.endpoints(); } private String getInternalEnpoint(int infrastructureHash){ @@ -54,7 +56,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { String methodPath = "/token/service"; - int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()); + int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath); @@ -125,7 +127,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { String methodPath = String.format("/apikey?qualifier=%s",apiQualifier); - int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()); + int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath); @@ -157,7 +159,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { public Map retrieveApiKeys() throws Exception{ String methodPath = "/apikey/"; - int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()); + int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath); @@ -172,7 +174,6 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { try(InputStream stream = (InputStream)connection.getContent();){ QualifiersList entries = (QualifiersList)Binder.getContext().createUnmarshaller().unmarshal(stream); - //cache.put(token, new AuthorizationEntryCache(entry)); return entries.getQualifiers(); } } @@ -210,19 +211,25 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { result.append(line); token = result.toString(); } - return Utils.addInfrastructureHashToToken(token, infrastructureHash); } @Override public AuthorizationEntry get(String token) throws ObjectNotFound, Exception{ - if (cache.containsKey(token) && cache.get(token).isValid()) - return cache.get(token).getEntry(); + String realToken = Utils.getRealToken(token); + int infrastructureHashFromToken = Utils.getInfrastructureHashFromToken(token, endpoints.getDefaultInfrastructure()); + AuthorizationEndpoint endpoint = getEndpoint(infrastructureHashFromToken); + + if (cache.containsKey(realToken) && cache.get(realToken).isValid(endpoint.getClientCacheValidity())){ + log.trace("valid entry found in cache for token {}, returning it",String.format("%s********",realToken.substring(0, token.length()-8))); + return cache.get(realToken).getEntry(); + } else + log.trace("invalid entry found in cache for token {}, contacting auth service",String.format("%s********",token.substring(0, token.length()-8))); final String methodPath = "/token/"; - StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(token))) - .append(methodPath).append(Utils.getRealToken(token)); + StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHashFromToken)) + .append(methodPath).append(realToken); URL url = new URL(callUrl.toString()); HttpURLConnection connection = makeRequest(url, "GET", false); @@ -233,17 +240,17 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { try(InputStream stream = (InputStream)connection.getContent();){ AuthorizationEntry entry = (AuthorizationEntry)Binder.getContext().createUnmarshaller().unmarshal(stream); - //cache.put(token, new AuthorizationEntryCache(entry)); + if (entry!=null) cache.put(realToken, new AuthorizationEntryCache(entry)); return entry; } - } + @Override public void addPolicies(List policies) throws Exception { final String methodPath = "/policyManager"; - StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath); + StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath); URL url = new URL(callUrl.toString()); HttpURLConnection connection = makeRequest(url, "POST", true); @@ -261,7 +268,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { @Override public void removePolicies(long... ids) throws Exception { final String methodPath = "/policyManager/"; - StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath); + StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath); List errorIds = new ArrayList(); for (long id: ids){ URL url = new URL(callUrl.toString()+id); @@ -302,14 +309,14 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { @Override public AuthorizationEndpoint getEndpoint(int infrastructureHash) { - if (!this.endpoints.containsKey(infrastructureHash)) + if (!endpoints.getEndpoints().containsKey(infrastructureHash)) throw new RuntimeException("Authorization Endpoint not found for the required infrastructure"); - return this.endpoints.get(infrastructureHash); + return endpoints.getEndpoints().get(infrastructureHash); } @Override - public void setEndpoint(Map endpoints) { - this.endpoints = endpoints; + public void setEndpoint(EndpointsContainer newEndpoints) { + endpoints = newEndpoints; } diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/Utils.java b/src/main/java/org/gcube/common/authorization/client/proxy/Utils.java index 47184f9..999e2ce 100644 --- a/src/main/java/org/gcube/common/authorization/client/proxy/Utils.java +++ b/src/main/java/org/gcube/common/authorization/client/proxy/Utils.java @@ -11,8 +11,6 @@ public class Utils { private static final String REAL_TOKEN_REGEXPR ="([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(-[0-9]+)?"; - private static final String DEFAULT_INFRASTRUCTURE_FOR_OLD_TOKEN = "gcube"; - protected static int getInfrastructureHashfromContext(String context) { try{ @@ -23,13 +21,13 @@ public class Utils { } } - public static int getInfrastructureHashFromToken(String token) { + public static int getInfrastructureHashFromToken(String token, String defaultInfrastructureToUse) { if (token==null) throw new RuntimeException("token required for this method"); else if (token.matches(NEW_TOKEN_REGEXPR)){ String hashCodeAsString = token.substring(token.lastIndexOf("-")+1, token.length()); return Integer.parseInt(hashCodeAsString); } else if (token.matches(OLD_TOKEN_REGEXPR)) - return DEFAULT_INFRASTRUCTURE_FOR_OLD_TOKEN.hashCode(); + return defaultInfrastructureToUse.hashCode(); throw new RuntimeException("valid token required for this method"); } diff --git a/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java b/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java index 413eff3..ab92fdf 100644 --- a/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java +++ b/src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java @@ -20,7 +20,7 @@ public class CallTest { @Test public void resolveNodeToken() throws Exception{ - System.out.println(resolveToken("c3c52f5b-ea65-4364-8357-be930763fdad")); //81caac0f-8a0d-4923-9312-7ff0eb3f2d5e|98187548")); + System.out.println(resolveToken("46311827-6000-480a-8f75-01b7943d490b")); //81caac0f-8a0d-4923-9312-7ff0eb3f2d5e|98187548")); } @Test @@ -28,7 +28,7 @@ public class CallTest { String token = authorizationService().requestActivation(new ContainerInfo("ckan-d-d4s.d4science.org",80), "/gcube/devNext/NextNext"); System.out.println(token); } - + @Test public void addPolicy() throws Exception { SecurityTokenProvider.instance.set(requestTestToken("/gcube/devsec/devVRE")); @@ -40,8 +40,8 @@ public class CallTest { @Test public void getPolicies() throws Exception{ - SecurityTokenProvider.instance.set(requestTestToken("/gcube/devsec/devVRE")); - List policies = authorizationService().getPolicies("/gcube/devsec/devVRE"); + SecurityTokenProvider.instance.set(requestTestToken("/gcube/devNext")); + List policies = authorizationService().getPolicies("/gcube/devNext"); System.out.println(policies); }