From 645835d36a30da859d483d6fa3a1f3b5470ad689 Mon Sep 17 00:00:00 2001 From: "lucio.lelii" Date: Wed, 29 Jun 2016 12:54:12 +0000 Subject: [PATCH] git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@129641 82a268e6-3cf1-43bd-a215-b396298e98cf --- .../authorization/client/Constants.java | 2 +- .../client/proxy/AuthorizationProxy.java | 2 + .../proxy/DefaultAuthorizationProxy.java | 56 +++++++++++++++---- 3 files changed, 48 insertions(+), 12 deletions(-) diff --git a/src/main/java/org/gcube/common/authorization/client/Constants.java b/src/main/java/org/gcube/common/authorization/client/Constants.java index 84828b3..94ee8e0 100644 --- a/src/main/java/org/gcube/common/authorization/client/Constants.java +++ b/src/main/java/org/gcube/common/authorization/client/Constants.java @@ -14,7 +14,7 @@ public class Constants { public static String ROLES_PARAM= "roles"; - public static final String SCOPE_HEADER_ENTRY = "gcube-scope"; + public static final String TOKEN_HEADER_ENTRY = "gcube-token"; public static final long TIME_TO_LIVE_CACHE_IN_MILLIS = (60*1000)*60; //1 hour diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java index 3a61cf3..f515c31 100644 --- a/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java +++ b/src/main/java/org/gcube/common/authorization/client/proxy/AuthorizationProxy.java @@ -29,4 +29,6 @@ public interface AuthorizationProxy { void removePolicies(long ... ids) throws Exception; List getPolicies(String context) throws Exception; + + String generateApiKey(String apiQualifier) throws Exception; } diff --git a/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java index 67c1105..d543be1 100644 --- a/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java +++ b/src/main/java/org/gcube/common/authorization/client/proxy/DefaultAuthorizationProxy.java @@ -16,6 +16,7 @@ import java.util.Map; import java.util.WeakHashMap; import org.gcube.common.authorization.client.Binder; +import org.gcube.common.authorization.client.Constants; import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.Policies; @@ -65,8 +66,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { .append(CONTEXT_PARAM).append("=").append(context); URL url = new URL(callUrl.toString()); - HttpURLConnection connection = (HttpURLConnection)url.openConnection(); - connection.setRequestMethod("PUT"); + HttpURLConnection connection = makeRequest(url, "PUT", false); connection.setDoOutput(true); connection.setDoInput(true); connection.setRequestProperty("Content-type", "application/xml"); @@ -78,18 +78,51 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage()); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); - String encryptedToken= ""; + String token= ""; try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){ StringBuilder result = new StringBuilder(); String line; while((line = reader.readLine()) != null) result.append(line); - encryptedToken = result.toString(); + token = result.toString(); } - return StringEncrypter.getEncrypter().decrypt(encryptedToken, context); + return token; } + @Override + public String generateApiKey(String apiQualifier) throws Exception { + + String methodPath = String.format("/generate/apikey/%s",apiQualifier); + + AuthorizationEntry entry = this.get(SecurityTokenProvider.instance.get()); + + int infrastructureHash = getInfrastructureHashfromContext(entry.getContext()); + + StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath); + + URL url = new URL(callUrl.toString()); + HttpURLConnection connection = makeRequest(url, "PUT", true); + connection.setDoInput(true); + connection.setRequestProperty("Content-type", "application/xml"); + + + log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage()); + + if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); + String token= ""; + try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){ + StringBuilder result = new StringBuilder(); + String line; + while((line = reader.readLine()) != null) + result.append(line); + token = result.toString(); + } + + return token; + } + + private int getInfrastructureHashfromContext(String context) { try{ String infrastructure = context.split("/")[1]; @@ -154,7 +187,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(token))).append(methodPath).append(token); URL url = new URL(callUrl.toString()); - HttpURLConnection connection = makeRequest(url, "GET"); + HttpURLConnection connection = makeRequest(url, "GET", false); connection.setDoInput(true); if (connection.getResponseCode()==404) throw new ObjectNotFound("token "+token+" not found"); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); @@ -175,7 +208,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath); URL url = new URL(callUrl.toString()); - HttpURLConnection connection = makeRequest(url, "POST"); + HttpURLConnection connection = makeRequest(url, "POST", true); connection.setDoOutput(true); connection.setRequestProperty("Content-type", "application/xml"); @@ -194,7 +227,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { List errorIds = new ArrayList(); for (long id: ids){ URL url = new URL(callUrl.toString()+id); - HttpURLConnection connection = makeRequest(url, "DELETE"); + HttpURLConnection connection = makeRequest(url, "DELETE", true); if (connection.getResponseCode()!=200) errorIds.add(id); } if (!errorIds.isEmpty()) @@ -208,7 +241,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context); URL url = new URL(callUrl.toString()); - HttpURLConnection connection = makeRequest(url, "GET"); + HttpURLConnection connection = makeRequest(url, "GET", true); connection.setDoInput(true); if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies"); if (connection.getContentLengthLong()<=0) return Collections.emptyList(); @@ -219,9 +252,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy { } } - private HttpURLConnection makeRequest(URL url, String method) throws Exception{ + private HttpURLConnection makeRequest(URL url, String method, boolean includeTokenInHeader) throws Exception{ HttpURLConnection connection = (HttpURLConnection)url.openConnection(); - //connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get()); + if (includeTokenInHeader) + connection.setRequestProperty(Constants.TOKEN_HEADER_ENTRY,SecurityTokenProvider.instance.get()); connection.setRequestMethod(method); return connection; }