gCubeSystem
/
authorization-client
16
0
Fork 0
Code Issues Pull Requests Releases 2 Wiki Activity

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@122871 82a268e6-3cf1-43bd-a215-b396298e98cf

This commit is contained in:
Lucio Lelii 2016-02-05 16:23:25 +00:00
parent ce089c4f5c
commit 276947bdd8
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/org/gcube/common/authorization/client/helper/Authorization.java
View File

@ -16,7 +16,7 @@ import org.gcube.common.authorization.client.exceptions.UnauthorizedAccessExcept
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.PolicyUtils; import org.gcube.common.authorization.library.PolicyUtils;
import org.gcube.common.authorization.library.annotations.AuthorizationControl; import org.gcube.common.authorization.library.annotations.AuthorizationControl;
import org.gcube.common.authorization.library.policies.Mode; import org.gcube.common.authorization.library.policies.Action;
import org.gcube.common.authorization.library.policies.Policy; import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider; import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.ServiceIdentifier; import org.gcube.common.authorization.library.provider.ServiceIdentifier;
@ -62,7 +62,7 @@ public class Authorization {
if (SecurityTokenProvider.instance.get()==null) if (SecurityTokenProvider.instance.get()==null)
throw new RuntimeException("the Security token is not set"); throw new RuntimeException("the Security token is not set");
Authorizable obj = (Authorizable) self; Authorizable obj = (Authorizable) self;
Mode[] modes = null; Action[] modes = null;
if (thisMethod.isAnnotationPresent(AuthorizationControl.class)) if (thisMethod.isAnnotationPresent(AuthorizationControl.class))
modes = thisMethod.getAnnotation(AuthorizationControl.class).check(); modes = thisMethod.getAnnotation(AuthorizationControl.class).check();
checkAuthorization(obj.getServiceClass(), obj.getServiceName(), modes); checkAuthorization(obj.getServiceClass(), obj.getServiceName(), modes);
@ -77,12 +77,12 @@ public class Authorization {
} }
} }
public static void checkAuthorization(String serviceClass, String serviceName, Mode ... modes) throws Exception{ public static void checkAuthorization(String serviceClass, String serviceName, Action ... modes) throws Exception{
if (modes==null || modes.length==0) return; if (modes==null || modes.length==0) return;
if (SecurityTokenProvider.instance.get()==null) if (SecurityTokenProvider.instance.get()==null)
throw new UnauthorizedAccessException("the Security token is not set"); throw new UnauthorizedAccessException("the Security token is not set");
List<Mode> modesList = Arrays.asList(modes); List<Action> modesList = Arrays.asList(modes);
AuthorizationEntry entry = authorizationService().get(SecurityTokenProvider.instance.get()); AuthorizationEntry entry = authorizationService().get(SecurityTokenProvider.instance.get());
@ -91,7 +91,7 @@ public class Authorization {
ServiceIdentifier serviceIdentifier = new ServiceIdentifier(serviceClass, serviceName, "*"); ServiceIdentifier serviceIdentifier = new ServiceIdentifier(serviceClass, serviceName, "*");
for (Policy policy: entry.getPolicies()) for (Policy policy: entry.getPolicies())
if (PolicyUtils.isPolicyValidForClient(policy.getServiceAccess(), serviceIdentifier)) if (PolicyUtils.isPolicyValidForClient(policy.getServiceAccess(), serviceIdentifier))
if (modesList.contains(policy.getMode()) || policy.getMode()==Mode.ALL) if (modesList.contains(policy.getMode()) || policy.getMode()==Action.ALL)
throw new UnauthorizedAccessException("the invoked method is protected by the Authorization system, cannot be invoked by "+entry.getClientInfo().getId()); throw new UnauthorizedAccessException("the invoked method is protected by the Authorization system, cannot be invoked by "+entry.getClientInfo().getId());
} }

8
src/test/java/org/gcube/common/authorizationservice/cl/CallTest.java
View File

@ -6,11 +6,11 @@ import java.util.ArrayList;
import java.util.List; import java.util.List;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.policies.Mode; import org.gcube.common.authorization.library.policies.Action;
import org.gcube.common.authorization.library.policies.Policy; import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.policies.ServiceAccess; import org.gcube.common.authorization.library.policies.ServiceAccess;
import org.gcube.common.authorization.library.policies.User;
import org.gcube.common.authorization.library.policies.User2ServicePolicy; import org.gcube.common.authorization.library.policies.User2ServicePolicy;
import org.gcube.common.authorization.library.policies.Users;
import org.gcube.common.authorization.library.provider.UserInfo; import org.gcube.common.authorization.library.provider.UserInfo;
import org.junit.Test; import org.junit.Test;
public class CallTest { public class CallTest {
@ -29,7 +29,7 @@ public class CallTest {
public void requestToken() throws Exception { public void requestToken() throws Exception {
//ScopeProvider.instance.set("/gcube/devsec"); //ScopeProvider.instance.set("/gcube/devsec");
String token = authorizationService().generateToken(new UserInfo("luca.frosini", new ArrayList<String>()), "/gcube/devsec"); String token = authorizationService().generateToken(new UserInfo("costantino", new ArrayList<String>()), "/gcube");
System.out.println("token is: "+token); System.out.println("token is: "+token);
} }
@ -37,7 +37,7 @@ public class CallTest {
@Test @Test
public void addPolicy() throws Exception { public void addPolicy() throws Exception {
List<Policy> policies = new ArrayList<Policy>(); List<Policy> policies = new ArrayList<Policy>();
policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), new User("lucio.lelii"), Mode.ACCESS )); policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), Users.one("lucio.lelii"), Action.ACCESS ));
authorizationService().addPolicies(policies); authorizationService().addPolicies(policies);
} }