|
|
|
|
@ -1,12 +1,10 @@
|
|
|
|
|
package org.gcube.common.authorization.client.proxy;
|
|
|
|
|
|
|
|
|
|
import static org.gcube.common.authorization.client.Constants.CONTEXT_PARAM;
|
|
|
|
|
import static org.gcube.common.authorization.client.Constants.CLIENT_ID_PARAM;
|
|
|
|
|
import static org.gcube.common.authorization.client.Constants.CONTEXT_PARAM;
|
|
|
|
|
|
|
|
|
|
import java.io.BufferedOutputStream;
|
|
|
|
|
import java.io.BufferedReader;
|
|
|
|
|
import java.io.File;
|
|
|
|
|
import java.io.FileOutputStream;
|
|
|
|
|
import java.io.InputStream;
|
|
|
|
|
import java.io.InputStreamReader;
|
|
|
|
|
import java.io.OutputStream;
|
|
|
|
|
@ -17,29 +15,18 @@ import java.util.Collections;
|
|
|
|
|
import java.util.HashMap;
|
|
|
|
|
import java.util.List;
|
|
|
|
|
import java.util.Map;
|
|
|
|
|
import java.util.Map.Entry;
|
|
|
|
|
import java.util.stream.Collectors;
|
|
|
|
|
|
|
|
|
|
import javax.net.ssl.HttpsURLConnection;
|
|
|
|
|
|
|
|
|
|
import org.gcube.common.authorization.client.Binder;
|
|
|
|
|
import org.gcube.common.authorization.client.Constants;
|
|
|
|
|
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
|
|
|
|
import org.gcube.common.authorization.library.AuthorizationEntry;
|
|
|
|
|
import org.gcube.common.authorization.library.ExternalServiceList;
|
|
|
|
|
import org.gcube.common.authorization.library.Policies;
|
|
|
|
|
import org.gcube.common.authorization.library.QualifiersList;
|
|
|
|
|
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpoint;
|
|
|
|
|
import org.gcube.common.authorization.library.enpoints.AuthorizationEndpointScanner;
|
|
|
|
|
import org.gcube.common.authorization.library.enpoints.EndpointsContainer;
|
|
|
|
|
import org.gcube.common.authorization.library.policies.Policy;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.ServiceInfo;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.UserInfo;
|
|
|
|
|
import org.gcube.common.authorization.library.utils.AuthorizationEntryList;
|
|
|
|
|
import org.gcube.common.authorization.library.utils.ListMapper;
|
|
|
|
|
import org.gcube.common.authorization.library.utils.MultiServiceTokenRequest;
|
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
|
|
|
|
|
@ -68,111 +55,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String generateServiceToken(ServiceInfo client) throws Exception {
|
|
|
|
|
|
|
|
|
|
String methodPath = "/token/service";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
|
|
|
|
Binder.getContext().createMarshaller().marshal(client, os);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
String token= "";
|
|
|
|
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
|
|
|
|
StringBuilder result = new StringBuilder();
|
|
|
|
|
String line;
|
|
|
|
|
while((line = reader.readLine()) != null)
|
|
|
|
|
result.append(line);
|
|
|
|
|
token = result.toString();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public List<String> generateServiceToken(ServiceInfo client, List<String> containerTokens) throws Exception {
|
|
|
|
|
|
|
|
|
|
String methodPath = "/token/service/bunch";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
List<String> realTokens = containerTokens.stream().map(t -> Utils.getRealToken(t)).collect(Collectors.toList());
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
|
|
|
|
Binder.getContext().createMarshaller().marshal(new MultiServiceTokenRequest(realTokens, client), os);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
List<String> tokensToReturn = new ArrayList<String>();
|
|
|
|
|
|
|
|
|
|
try(InputStream stream = (InputStream)connection.getContent();){
|
|
|
|
|
ListMapper entries = (ListMapper)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
|
|
|
|
|
|
|
|
|
for (String token: entries.getList())
|
|
|
|
|
tokensToReturn.add(Utils.addInfrastructureHashToToken(token, infrastructureHash));
|
|
|
|
|
return tokensToReturn;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String generateExternalServiceToken(String serviceId) throws Exception {
|
|
|
|
|
|
|
|
|
|
String methodPath = "/token/external/";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath).append(serviceId);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
String token= "";
|
|
|
|
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
|
|
|
|
StringBuilder result = new StringBuilder();
|
|
|
|
|
String line;
|
|
|
|
|
while((line = reader.readLine()) != null)
|
|
|
|
|
result.append(line);
|
|
|
|
|
token = result.toString();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String resolveTokenByUserAndContext(String user, String context) throws ObjectNotFound, Exception {
|
|
|
|
|
|
|
|
|
|
@ -183,7 +66,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath).append(user).append("?context=").append(context);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET");
|
|
|
|
|
|
|
|
|
|
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
|
|
|
|
|
|
|
|
|
@ -213,7 +96,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
.append(CONTEXT_PARAM).append("=").append(context);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT");
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
@ -248,7 +131,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT");
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
@ -274,7 +157,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
.append(CONTEXT_PARAM).append("=").append(context).append("&").append(CLIENT_ID_PARAM).append("=").append(clientId);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "DELETE", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "DELETE");
|
|
|
|
|
//connection.setDoOutput(false);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
|
|
|
|
|
@ -283,181 +166,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
if (connection.getResponseCode()!=200 && connection.getResponseCode()!=204) throw new Exception("error contacting authorization service");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String generateApiKey(String apiQualifier) throws Exception {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
String methodPath = String.format("/apikey?qualifier=%s",apiQualifier);
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setFixedLengthStreamingMode(0);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
String token= "";
|
|
|
|
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
|
|
|
|
StringBuilder result = new StringBuilder();
|
|
|
|
|
String line;
|
|
|
|
|
while((line = reader.readLine()) != null)
|
|
|
|
|
result.append(line);
|
|
|
|
|
token = result.toString();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
/**
|
|
|
|
|
* return a map with key qualifier and value token
|
|
|
|
|
*/
|
|
|
|
|
public Map<String, String> retrieveApiKeys() throws Exception{
|
|
|
|
|
String methodPath = "/apikey/";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error retrieving keys (error code is "+connection.getResponseCode()+")");
|
|
|
|
|
if (connection.getContentLengthLong()==0) return Collections.emptyMap();
|
|
|
|
|
|
|
|
|
|
Map<String, String> tokensQulifiersMap;
|
|
|
|
|
try(InputStream stream = (InputStream)connection.getContent();){
|
|
|
|
|
QualifiersList entries = (QualifiersList)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
|
|
|
|
tokensQulifiersMap = entries.getQualifiers();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (tokensQulifiersMap!=null && !tokensQulifiersMap.isEmpty()){
|
|
|
|
|
Map<String, String> toReturnMap = new HashMap<String, String>();
|
|
|
|
|
for (Entry<String, String> entry: tokensQulifiersMap.entrySet())
|
|
|
|
|
toReturnMap.put(entry.getKey(), Utils.addInfrastructureHashToToken(entry.getValue(), infrastructureHash));
|
|
|
|
|
return toReturnMap;
|
|
|
|
|
} else return Collections.emptyMap();
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
/**
|
|
|
|
|
* return a map with key external service id and value token
|
|
|
|
|
*/
|
|
|
|
|
public Map<String, String> retrieveExternalServiceGenerated() throws Exception{
|
|
|
|
|
String methodPath = "/token/external";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error retrieving externalServices (error code is "+connection.getResponseCode()+")");
|
|
|
|
|
if (connection.getContentLengthLong()==0) return Collections.emptyMap();
|
|
|
|
|
|
|
|
|
|
Map<String, String> externalServiceMap;
|
|
|
|
|
try(InputStream stream = (InputStream)connection.getContent();){
|
|
|
|
|
ExternalServiceList entries = (ExternalServiceList)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
|
|
|
|
externalServiceMap = entries.getExternalServiceMap();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (externalServiceMap!=null && !externalServiceMap.isEmpty()){
|
|
|
|
|
Map<String, String> toReturnMap = new HashMap<String, String>();
|
|
|
|
|
for (Entry<String, String> entry: externalServiceMap.entrySet())
|
|
|
|
|
toReturnMap.put(entry.getKey(), Utils.addInfrastructureHashToToken(entry.getValue(), infrastructureHash));
|
|
|
|
|
return toReturnMap;
|
|
|
|
|
} else return Collections.emptyMap();
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String requestActivation(ContainerInfo container, String context) throws Exception {
|
|
|
|
|
|
|
|
|
|
String methodPath = "/token/node";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashfromContext(context);
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl;
|
|
|
|
|
|
|
|
|
|
callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath).append("?context=").append(context);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", false);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
|
|
|
|
Binder.getContext().createMarshaller().marshal(container, os);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.debug("response code is "+connection.getResponseCode());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
String token= "";
|
|
|
|
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
|
|
|
|
StringBuilder result = new StringBuilder();
|
|
|
|
|
String line;
|
|
|
|
|
while((line = reader.readLine()) != null)
|
|
|
|
|
result.append(line);
|
|
|
|
|
token = result.toString();
|
|
|
|
|
}
|
|
|
|
|
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public String requestActivation(ContainerInfo container) throws Exception {
|
|
|
|
|
|
|
|
|
|
String methodPath = "/token/node";
|
|
|
|
|
|
|
|
|
|
int infrastructureHash = Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure());
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl;
|
|
|
|
|
|
|
|
|
|
callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "PUT", true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
|
|
|
|
Binder.getContext().createMarshaller().marshal(container, os);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.debug("response code is "+connection.getResponseCode());
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
|
|
|
|
String token= "";
|
|
|
|
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
|
|
|
|
StringBuilder result = new StringBuilder();
|
|
|
|
|
String line;
|
|
|
|
|
while((line = reader.readLine()) != null)
|
|
|
|
|
result.append(line);
|
|
|
|
|
token = result.toString();
|
|
|
|
|
}
|
|
|
|
|
return Utils.addInfrastructureHashToToken(token, infrastructureHash);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public AuthorizationEntry get(String token) throws ObjectNotFound, Exception{
|
|
|
|
|
@ -478,7 +187,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
.append(methodPath).append(realToken);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET");
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()==404) throw new ObjectNotFound("token "+maskedToken+" not found");
|
|
|
|
|
@ -529,7 +238,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", false);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET");
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()==404) throw new ObjectNotFound("token not found");
|
|
|
|
|
@ -543,103 +252,12 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public void addPolicies(List<Policy> policies) throws Exception {
|
|
|
|
|
final String methodPath = "/policyManager";
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "POST", true);
|
|
|
|
|
connection.setDoOutput(true);
|
|
|
|
|
connection.setRequestProperty("Content-type", "application/xml");
|
|
|
|
|
|
|
|
|
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
|
|
|
|
Binder.getContext().createMarshaller().marshal(new Policies(policies), os);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error adding policies");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public void removePolicies(long... ids) throws Exception {
|
|
|
|
|
final String methodPath = "/policyManager/";
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure()))).append(methodPath);
|
|
|
|
|
List<Long> errorIds = new ArrayList<Long>();
|
|
|
|
|
for (long id: ids){
|
|
|
|
|
URL url = new URL(callUrl.toString()+id);
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "DELETE", true);
|
|
|
|
|
if (connection.getResponseCode()!=200) errorIds.add(id);
|
|
|
|
|
}
|
|
|
|
|
if (!errorIds.isEmpty())
|
|
|
|
|
throw new Exception("error removing policies with ids: "+errorIds);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public List<Policy> getPolicies(String context) throws Exception{
|
|
|
|
|
final String methodPath = "/policyManager/";
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashfromContext(context))).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
if (connection.getResponseCode()!=200){
|
|
|
|
|
log.info("response code is not 200");
|
|
|
|
|
throw new Exception("error retrieving policies");
|
|
|
|
|
}
|
|
|
|
|
if (connection.getContentLengthLong()==0)
|
|
|
|
|
return Collections.emptyList();
|
|
|
|
|
|
|
|
|
|
try(InputStreamReader stream = new InputStreamReader((InputStream)connection.getContent())){
|
|
|
|
|
Policies policies = (Policies)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
|
|
|
|
return policies.getPolicies();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public File getSymmKey(String filePath) throws Exception{
|
|
|
|
|
final String methodPath = "/symmKey/";
|
|
|
|
|
|
|
|
|
|
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(Utils.getInfrastructureHashFromToken(SecurityTokenProvider.instance.get(), endpoints.getDefaultInfrastructure())))
|
|
|
|
|
.append(methodPath);
|
|
|
|
|
|
|
|
|
|
URL url = new URL(callUrl.toString());
|
|
|
|
|
HttpURLConnection connection = makeRequest(url, "GET", true);
|
|
|
|
|
connection.setDoInput(true);
|
|
|
|
|
if (connection.getResponseCode()!=200) throw new Exception("error retrieving key");
|
|
|
|
|
if (connection.getContentLengthLong()<=0) return null;
|
|
|
|
|
|
|
|
|
|
String resourceName = (String)connection.getHeaderField("resource-name");
|
|
|
|
|
File toReturnFile = new File(filePath+"/"+resourceName);
|
|
|
|
|
toReturnFile.createNewFile();
|
|
|
|
|
|
|
|
|
|
try(InputStream stream = (InputStream)connection.getContent();
|
|
|
|
|
OutputStream os = new FileOutputStream(toReturnFile)){
|
|
|
|
|
|
|
|
|
|
int read = 0;
|
|
|
|
|
byte[] bytes = new byte[1024];
|
|
|
|
|
|
|
|
|
|
while ((read = stream.read(bytes)) != -1) {
|
|
|
|
|
os.write(bytes, 0, read);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return toReturnFile;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private HttpURLConnection makeRequest(URL url, String method, boolean includeTokenInHeader) throws Exception{
|
|
|
|
|
private HttpURLConnection makeRequest(URL url, String method) throws Exception{
|
|
|
|
|
HttpURLConnection connection;
|
|
|
|
|
if (url.toString().startsWith("https://"))
|
|
|
|
|
connection = (HttpsURLConnection)url.openConnection();
|
|
|
|
|
else connection = (HttpURLConnection)url.openConnection();
|
|
|
|
|
|
|
|
|
|
if (includeTokenInHeader){
|
|
|
|
|
if (SecurityTokenProvider.instance.get()==null) throw new RuntimeException("null token passed");
|
|
|
|
|
connection.setRequestProperty(Constants.TOKEN_HEADER_ENTRY,Utils.getRealToken(SecurityTokenProvider.instance.get()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
connection.setRequestMethod(method);
|
|
|
|
|
return connection;
|
|
|
|
|
}
|
|
|
|
|
|
