git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@131606 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
9748b7af14
commit
0355825fb4
|
@ -1,6 +1,5 @@
|
|||
package org.gcube.common.authorization.client.proxy;
|
||||
|
||||
import org.gcube.common.authorization.client.Constants;
|
||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
|
||||
public class AuthorizationEntryCache {
|
||||
|
@ -17,7 +16,7 @@ public class AuthorizationEntryCache {
|
|||
return entry;
|
||||
}
|
||||
|
||||
public boolean isValid(){
|
||||
return (System.currentTimeMillis()-Constants.TIME_TO_LIVE_CACHE_IN_MILLIS)<this.creationDate;
|
||||
public boolean isValid(long timeToLive){
|
||||
return (System.currentTimeMillis()-timeToLive)<this.creationDate;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,6 +6,7 @@ import java.util.Map;
|
|||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
|
||||
import org.gcube.common.authorization.library.enpoints.EndpointsContainer;
|
||||
import org.gcube.common.authorization.library.policies.Policy;
|
||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||
import org.gcube.common.authorization.library.provider.ServiceInfo;
|
||||
|
@ -15,7 +16,7 @@ public interface AuthorizationProxy {
|
|||
|
||||
AuthorizationEndpoint getEndpoint(int infrastructureHash);
|
||||
|
||||
void setEndpoint(Map<Integer,AuthorizationEndpoint> endpoints);
|
||||
void setEndpoint(EndpointsContainer endpoints);
|
||||
|
||||
AuthorizationEntry get(String token) throws ObjectNotFound, Exception;
|
||||
|
||||
|
|
|
@ -11,9 +11,9 @@ import java.net.HttpURLConnection;
|
|||
import java.net.URL;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.WeakHashMap;
|
||||
|
||||
import org.gcube.common.authorization.client.Binder;
|
||||
import org.gcube.common.authorization.client.Constants;
|
||||
|
@ -23,6 +23,7 @@ import org.gcube.common.authorization.library.Policies;
|
|||
import org.gcube.common.authorization.library.QualifiersList;
|
||||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
|
||||
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpointScanner;
|
||||
import org.gcube.common.authorization.library.enpoints.EndpointsContainer;
|
||||
import org.gcube.common.authorization.library.policies.Policy;
|
||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
|
@ -35,11 +36,12 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
|
||||
|
||||
private static Map<String, AuthorizationEntryCache> cache = Collections.synchronizedMap(new WeakHashMap<String, AuthorizationEntryCache>());
|
||||
private static Map<String, AuthorizationEntryCache> cache = Collections.synchronizedMap(new HashMap<String, AuthorizationEntryCache>());
|
||||
|
||||
private Map<Integer, AuthorizationEndpoint> endpoints;
|
||||
private static EndpointsContainer endpoints;
|
||||
|
||||
public DefaultAuthorizationProxy() {
|
||||
if (endpoints==null)
|
||||
endpoints = AuthorizationEndpointScanner.endpoints();
|
||||
}
|
||||
|
||||
|
@ -54,7 +56,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
String methodPath = "/token/service";
|
||||
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get());
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
||||
|
||||
|
@ -125,7 +127,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
String methodPath = String.format("/apikey?qualifier=%s",apiQualifier);
|
||||
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get());
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
||||
|
||||
|
@ -157,7 +159,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
public Map<String, String> retrieveApiKeys() throws Exception{
|
||||
String methodPath = "/apikey/";
|
||||
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get());
|
||||
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
||||
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
||||
|
@ -172,7 +174,6 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
try(InputStream stream = (InputStream)connection.getContent();){
|
||||
QualifiersList entries = (QualifiersList)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
||||
//cache.put(token, new AuthorizationEntryCache(entry));
|
||||
return entries.getQualifiers();
|
||||
}
|
||||
}
|
||||
|
@ -210,19 +211,25 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
result.append(line);
|
||||
token = result.toString();
|
||||
}
|
||||
|
||||
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
||||
}
|
||||
|
||||
@Override
|
||||
public AuthorizationEntry get(String token) throws ObjectNotFound, Exception{
|
||||
if (cache.containsKey(token) && cache.get(token).isValid())
|
||||
return cache.get(token).getEntry();
|
||||
String realToken = Utils.getRealToken(token);
|
||||
int infrastructureHashFromToken = Utils.getInfrastructureHashFromToken(token, endpoints.getDefaultInfrastructure());
|
||||
AuthorizationEndpoint endpoint = getEndpoint(infrastructureHashFromToken);
|
||||
|
||||
if (cache.containsKey(realToken) && cache.get(realToken).isValid(endpoint.getClientCacheValidity())){
|
||||
log.trace("valid entry found in cache for token {}, returning it",String.format("%s********",realToken.substring(0, token.length()-8)));
|
||||
return cache.get(realToken).getEntry();
|
||||
} else
|
||||
log.trace("invalid entry found in cache for token {}, contacting auth service",String.format("%s********",token.substring(0, token.length()-8)));
|
||||
|
||||
final String methodPath = "/token/";
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(token)))
|
||||
.append(methodPath).append(Utils.getRealToken(token));
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHashFromToken))
|
||||
.append(methodPath).append(realToken);
|
||||
|
||||
URL url = new URL(callUrl.toString());
|
||||
HttpURLConnection connection = makeRequest(url, "GET", false);
|
||||
|
@ -233,17 +240,17 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
try(InputStream stream = (InputStream)connection.getContent();){
|
||||
AuthorizationEntry entry = (AuthorizationEntry)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
||||
//cache.put(token, new AuthorizationEntryCache(entry));
|
||||
if (entry!=null) cache.put(realToken, new AuthorizationEntryCache(entry));
|
||||
return entry;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void addPolicies(List<Policy> policies) throws Exception {
|
||||
final String methodPath = "/policyManager";
|
||||
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath);
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath);
|
||||
|
||||
URL url = new URL(callUrl.toString());
|
||||
HttpURLConnection connection = makeRequest(url, "POST", true);
|
||||
|
@ -261,7 +268,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
@Override
|
||||
public void removePolicies(long... ids) throws Exception {
|
||||
final String methodPath = "/policyManager/";
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath);
|
||||
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath);
|
||||
List<Long> errorIds = new ArrayList<Long>();
|
||||
for (long id: ids){
|
||||
URL url = new URL(callUrl.toString()+id);
|
||||
|
@ -302,14 +309,14 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|||
|
||||
@Override
|
||||
public AuthorizationEndpoint getEndpoint(int infrastructureHash) {
|
||||
if (!this.endpoints.containsKey(infrastructureHash))
|
||||
if (!endpoints.getEndpoints().containsKey(infrastructureHash))
|
||||
throw new RuntimeException("Authorization Endpoint not found for the required infrastructure");
|
||||
return this.endpoints.get(infrastructureHash);
|
||||
return endpoints.getEndpoints().get(infrastructureHash);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setEndpoint(Map<Integer,AuthorizationEndpoint> endpoints) {
|
||||
this.endpoints = endpoints;
|
||||
public void setEndpoint(EndpointsContainer newEndpoints) {
|
||||
endpoints = newEndpoints;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -11,8 +11,6 @@ public class Utils {
|
|||
|
||||
private static final String REAL_TOKEN_REGEXPR ="([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})(-[0-9]+)?";
|
||||
|
||||
private static final String DEFAULT_INFRASTRUCTURE_FOR_OLD_TOKEN = "gcube";
|
||||
|
||||
|
||||
protected static int getInfrastructureHashfromContext(String context) {
|
||||
try{
|
||||
|
@ -23,13 +21,13 @@ public class Utils {
|
|||
}
|
||||
}
|
||||
|
||||
public static int getInfrastructureHashFromToken(String token) {
|
||||
public static int getInfrastructureHashFromToken(String token, String defaultInfrastructureToUse) {
|
||||
if (token==null) throw new RuntimeException("token required for this method");
|
||||
else if (token.matches(NEW_TOKEN_REGEXPR)){
|
||||
String hashCodeAsString = token.substring(token.lastIndexOf("-")+1, token.length());
|
||||
return Integer.parseInt(hashCodeAsString);
|
||||
} else if (token.matches(OLD_TOKEN_REGEXPR))
|
||||
return DEFAULT_INFRASTRUCTURE_FOR_OLD_TOKEN.hashCode();
|
||||
return defaultInfrastructureToUse.hashCode();
|
||||
|
||||
throw new RuntimeException("valid token required for this method");
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ public class CallTest {
|
|||
|
||||
@Test
|
||||
public void resolveNodeToken() throws Exception{
|
||||
System.out.println(resolveToken("c3c52f5b-ea65-4364-8357-be930763fdad")); //81caac0f-8a0d-4923-9312-7ff0eb3f2d5e|98187548"));
|
||||
System.out.println(resolveToken("46311827-6000-480a-8f75-01b7943d490b")); //81caac0f-8a0d-4923-9312-7ff0eb3f2d5e|98187548"));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -40,8 +40,8 @@ public class CallTest {
|
|||
|
||||
@Test
|
||||
public void getPolicies() throws Exception{
|
||||
SecurityTokenProvider.instance.set(requestTestToken("/gcube/devsec/devVRE"));
|
||||
List<Policy> policies = authorizationService().getPolicies("/gcube/devsec/devVRE");
|
||||
SecurityTokenProvider.instance.set(requestTestToken("/gcube/devNext"));
|
||||
List<Policy> policies = authorizationService().getPolicies("/gcube/devNext");
|
||||
System.out.println(policies);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue