This commit is contained in:
Lucio Lelii 2016-01-26 17:45:27 +00:00
parent 3bc4671ad1
commit ae430ef365
3 changed files with 37 additions and 55 deletions

View File

@ -5,6 +5,11 @@ import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException; import javax.xml.bind.JAXBException;
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.Policies;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.provider.ClientInfo;
import org.gcube.common.authorization.library.provider.ServiceInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
public class Binder { public class Binder {
@ -12,7 +17,8 @@ public class Binder {
public static JAXBContext getContext() throws JAXBException{ public static JAXBContext getContext() throws JAXBException{
if (context==null) if (context==null)
context = JAXBContext.newInstance(AuthorizationEntry.class); context = JAXBContext.newInstance(AuthorizationEntry.class, ClientInfo.class, UserInfo.class,
ServiceInfo.class, Policies.class, Policy.class);
return context; return context;
} }

View File

@ -7,6 +7,7 @@ import java.io.BufferedReader;
import java.io.InputStream; import java.io.InputStream;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.io.OutputStream; import java.io.OutputStream;
import java.io.StringWriter;
import java.net.HttpURLConnection; import java.net.HttpURLConnection;
import java.net.URL; import java.net.URL;
import java.util.ArrayList; import java.util.ArrayList;
@ -14,10 +15,8 @@ import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException; import javax.xml.bind.JAXBException;
import org.gcube.common.authorization.client.Binder; import org.gcube.common.authorization.client.Binder;
import org.gcube.common.authorization.client.Constants; import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
@ -39,18 +38,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class); private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
private static Map<String, AuthorizationEntryCache> cache = new HashMap<String, AuthorizationEntryCache>(); private static Map<String, AuthorizationEntryCache> cache = new HashMap<String, AuthorizationEntryCache>();
private static JAXBContext jaxbContext;
private List<AuthorizationEndpoint> endpoints; private List<AuthorizationEndpoint> endpoints;
public DefaultAuthorizationProxy() { public DefaultAuthorizationProxy() {
try {
jaxbContext = JAXBContext.newInstance(ClientInfo.class, UserInfo.class, ServiceInfo.class, Policies.class);
} catch (JAXBException e) {
log.error("error creating jaxb context",e);
throw new RuntimeException(e);
}
endpoints = AuthorizationEndpointScanner.endpoints(); endpoints = AuthorizationEndpointScanner.endpoints();
this.setEndpoint(endpoints.get(0)); this.setEndpoint(endpoints.get(0));
} }
@ -78,11 +69,15 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
HttpURLConnection connection = (HttpURLConnection)url.openConnection(); HttpURLConnection connection = (HttpURLConnection)url.openConnection();
connection.setRequestMethod("PUT"); connection.setRequestMethod("PUT");
connection.setDoOutput(true); connection.setDoOutput(true);
connection.setDoInput(true);
connection.setRequestProperty("Content-type", "application/xml");
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){ try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
jaxbContext.createMarshaller().marshal(client, os); Binder.getContext().createMarshaller().marshal(client, os);
} }
log.debug("response code is "+connection.getResponseCode());
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
String encryptedToken= ""; String encryptedToken= "";
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){ try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
@ -126,9 +121,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "POST"); HttpURLConnection connection = makeRequest(url, "POST");
connection.setDoOutput(true); connection.setDoOutput(true);
connection.setRequestProperty("Content-type", "application/xml");
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){ try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
jaxbContext.createMarshaller().marshal(new Policies(policies), os); Binder.getContext().createMarshaller().marshal(new Policies(policies), os);
} }
if (connection.getResponseCode()!=200) throw new Exception("error adding policies"); if (connection.getResponseCode()!=200) throw new Exception("error adding policies");
@ -157,18 +153,16 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
URL url = new URL(callUrl.toString()); URL url = new URL(callUrl.toString());
HttpURLConnection connection = makeRequest(url, "GET"); HttpURLConnection connection = makeRequest(url, "GET");
connection.setDoInput(true);
if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies"); if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies");
if (connection.getContentLengthLong()<=0) return null; if (connection.getContentLengthLong()<=0) return Collections.emptyList();
try(InputStream stream = (InputStream)connection.getContent()){ try(InputStreamReader stream = new InputStreamReader((InputStream)connection.getContent())){
Policies policies = (Policies)Binder.getContext().createUnmarshaller().unmarshal(stream); Policies policies = (Policies)Binder.getContext().createUnmarshaller().unmarshal(stream);
return policies.getPolicies(); return policies.getPolicies();
} }
} }
private HttpURLConnection makeRequest(URL url, String method) throws Exception{ private HttpURLConnection makeRequest(URL url, String method) throws Exception{
HttpURLConnection connection = (HttpURLConnection)url.openConnection(); HttpURLConnection connection = (HttpURLConnection)url.openConnection();
connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get()); connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get());

View File

@ -3,8 +3,13 @@ package org.gcube.common.authorizationservice.cl;
import static org.gcube.common.authorization.client.Constants.authorizationService; import static org.gcube.common.authorization.client.Constants.authorizationService;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.policies.ServiceAccess;
import org.gcube.common.authorization.library.policies.User;
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
import org.gcube.common.authorization.library.provider.UserInfo; import org.gcube.common.authorization.library.provider.UserInfo;
import org.junit.Test; import org.junit.Test;
public class CallTest { public class CallTest {
@ -13,8 +18,7 @@ public class CallTest {
@Test @Test
public void call() throws Exception{ public void call() throws Exception{
try{ try{
//devsec cec80de1-0e1a-47be-81cd-e8534753bff7 System.out.println(authorizationService().get("f676d94d-af4c-4805-9225-98620f2e1aa0"));
System.out.println(authorizationService().get("6d17f525-02de-4786-b454-d24150af7d49"));
}catch(ObjectNotFound onf){ }catch(ObjectNotFound onf){
onf.printStackTrace(); onf.printStackTrace();
} }
@ -28,44 +32,22 @@ public class CallTest {
System.out.println("token is: "+token); System.out.println("token is: "+token);
} }
/*
@Test
public void denyService() throws Exception {
ScopeProvider.instance.set("/gcube/devsec");
authorizationService().deny("giancarlo.panichi", "WPS", "DataMiner");
}
@Test
public void allowService() throws Exception{
ScopeProvider.instance.set("/gcube/devsec"); @Test
authorizationService().allow("lucio.lelii", "Test", "AuthorizationTest"); public void addPolicy() throws Exception {
List<Policy> policies = new ArrayList<Policy>();
policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), new User("lucio.lelii") ));
authorizationService().addPolicies(policies);
} }
@Test @Test
public void getBannedServices() throws Exception{ public void getPolicies() throws Exception{
List<Policy> policies = authorizationService().getPolicies("/gcube/devsec");
ScopeProvider.instance.set("/gcube/devsec"); System.out.println(policies);
List<BannedService> bannedServices = authorizationService().getBannedServices("lucio.lelii");
for (BannedService banService : bannedServices)
System.out.println(banService);
} }
@Test @Test
public void retreiveTest() throws Exception{ public void removePolicy() throws Exception {
ScopeProvider.instance.set("/gcube"); authorizationService().removePolicies(3);
SimpleQuery query = queryFor(ServiceEndpoint.class);
query.addCondition("$resource/Profile/Category/text() eq 'Database'")
.addCondition("$resource/Profile/Name/text() eq 'AuthorizationDB'")
.setResult("$resource/Profile//AccessPoint[./Interface/Endpoint/@EntryName eq 'authorization']");
DiscoveryClient<AccessPoint> client = clientFor(AccessPoint.class);
List<AccessPoint> results = client.submit(query);
for (AccessPoint ap : results){
System.out.println(ap.username()+" "+StringEncrypter.getEncrypter().decrypt(ap.password()));
}
} }
*/
} }