This commit is contained in:
Lucio Lelii 2016-06-29 12:54:12 +00:00
parent 01d1a84dd9
commit 645835d36a
3 changed files with 48 additions and 12 deletions

View File

@ -14,7 +14,7 @@ public class Constants {
public static String ROLES_PARAM= "roles"; public static String ROLES_PARAM= "roles";
public static final String SCOPE_HEADER_ENTRY = "gcube-scope"; public static final String TOKEN_HEADER_ENTRY = "gcube-token";
public static final long TIME_TO_LIVE_CACHE_IN_MILLIS = (60*1000)*60; //1 hour public static final long TIME_TO_LIVE_CACHE_IN_MILLIS = (60*1000)*60; //1 hour

View File

@ -29,4 +29,6 @@ public interface AuthorizationProxy {
void removePolicies(long ... ids) throws Exception; void removePolicies(long ... ids) throws Exception;
List<Policy> getPolicies(String context) throws Exception; List<Policy> getPolicies(String context) throws Exception;
String generateApiKey(String apiQualifier) throws Exception;
} }

View File

@ -16,6 +16,7 @@ import java.util.Map;
import java.util.WeakHashMap; import java.util.WeakHashMap;
import org.gcube.common.authorization.client.Binder; import org.gcube.common.authorization.client.Binder;
import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.Policies; import org.gcube.common.authorization.library.Policies;
@ -65,8 +66,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
.append(CONTEXT_PARAM).append("=").append(context); .append(CONTEXT_PARAM).append("=").append(context);
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = (HttpURLConnection)url.openConnection(); HttpURLConnection connection = makeRequest(url, "PUT", false);
connection.setRequestMethod("PUT");
connection.setDoOutput(true); connection.setDoOutput(true);
connection.setDoInput(true); connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/xml"); connection.setRequestProperty("Content-type", "application/xml");
@ -78,18 +78,51 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage()); log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
String encryptedToken= ""; String token= "";
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){ try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
StringBuilder result = new StringBuilder(); StringBuilder result = new StringBuilder();
String line; String line;
while((line = reader.readLine()) != null) while((line = reader.readLine()) != null)
result.append(line); result.append(line);
encryptedToken = result.toString(); token = result.toString();
} }
return StringEncrypter.getEncrypter().decrypt(encryptedToken, context); return token;
} }
@Override
public String generateApiKey(String apiQualifier) throws Exception {
String methodPath = String.format("/generate/apikey/%s",apiQualifier);
AuthorizationEntry entry = this.get(SecurityTokenProvider.instance.get());
int infrastructureHash = getInfrastructureHashfromContext(entry.getContext());
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(infrastructureHash)).append(methodPath);
URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "PUT", true);
connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/xml");
log.debug("response code for "+callUrl.toString()+" is "+connection.getResponseCode()+" "+connection.getResponseMessage());
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
String token= "";
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
StringBuilder result = new StringBuilder();
String line;
while((line = reader.readLine()) != null)
result.append(line);
token = result.toString();
}
return token;
}
private int getInfrastructureHashfromContext(String context) { private int getInfrastructureHashfromContext(String context) {
try{ try{
String infrastructure = context.split("/")[1]; String infrastructure = context.split("/")[1];
@ -154,7 +187,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(token))).append(methodPath).append(token); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(token))).append(methodPath).append(token);
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "GET"); HttpURLConnection connection = makeRequest(url, "GET", false);
connection.setDoInput(true); connection.setDoInput(true);
if (connection.getResponseCode()==404) throw new ObjectNotFound("token "+token+" not found"); if (connection.getResponseCode()==404) throw new ObjectNotFound("token "+token+" not found");
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
@ -175,7 +208,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashFromToken(SecurityTokenProvider.instance.get()))).append(methodPath);
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "POST"); HttpURLConnection connection = makeRequest(url, "POST", true);
connection.setDoOutput(true); connection.setDoOutput(true);
connection.setRequestProperty("Content-type", "application/xml"); connection.setRequestProperty("Content-type", "application/xml");
@ -194,7 +227,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
List<Long> errorIds = new ArrayList<Long>(); List<Long> errorIds = new ArrayList<Long>();
for (long id: ids){ for (long id: ids){
URL url = new URL(callUrl.toString()+id); URL url = new URL(callUrl.toString()+id);
HttpURLConnection connection = makeRequest(url, "DELETE"); HttpURLConnection connection = makeRequest(url, "DELETE", true);
if (connection.getResponseCode()!=200) errorIds.add(id); if (connection.getResponseCode()!=200) errorIds.add(id);
} }
if (!errorIds.isEmpty()) if (!errorIds.isEmpty())
@ -208,7 +241,7 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context); StringBuilder callUrl = new StringBuilder(getInternalEnpoint(getInfrastructureHashfromContext(context))).append(methodPath).append("?").append(CONTEXT_PARAM).append("=").append(context);
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "GET"); HttpURLConnection connection = makeRequest(url, "GET", true);
connection.setDoInput(true); connection.setDoInput(true);
if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies"); if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies");
if (connection.getContentLengthLong()<=0) return Collections.emptyList(); if (connection.getContentLengthLong()<=0) return Collections.emptyList();
@ -219,9 +252,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
} }
} }
private HttpURLConnection makeRequest(URL url, String method) throws Exception{ private HttpURLConnection makeRequest(URL url, String method, boolean includeTokenInHeader) throws Exception{
HttpURLConnection connection = (HttpURLConnection)url.openConnection(); HttpURLConnection connection = (HttpURLConnection)url.openConnection();
//connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get()); if (includeTokenInHeader)
connection.setRequestProperty(Constants.TOKEN_HEADER_ENTRY,SecurityTokenProvider.instance.get());
connection.setRequestMethod(method); connection.setRequestMethod(method);
return connection; return connection;
} }