git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/Common/authorization-common-client@122535 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
3bc4671ad1
commit
ae430ef365
|
@ -5,6 +5,11 @@ import javax.xml.bind.JAXBContext;
|
||||||
import javax.xml.bind.JAXBException;
|
import javax.xml.bind.JAXBException;
|
||||||
|
|
||||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||||
|
import org.gcube.common.authorization.library.Policies;
|
||||||
|
import org.gcube.common.authorization.library.policies.Policy;
|
||||||
|
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||||
|
import org.gcube.common.authorization.library.provider.ServiceInfo;
|
||||||
|
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||||
|
|
||||||
public class Binder {
|
public class Binder {
|
||||||
|
|
||||||
|
@ -12,7 +17,8 @@ public class Binder {
|
||||||
|
|
||||||
public static JAXBContext getContext() throws JAXBException{
|
public static JAXBContext getContext() throws JAXBException{
|
||||||
if (context==null)
|
if (context==null)
|
||||||
context = JAXBContext.newInstance(AuthorizationEntry.class);
|
context = JAXBContext.newInstance(AuthorizationEntry.class, ClientInfo.class, UserInfo.class,
|
||||||
|
ServiceInfo.class, Policies.class, Policy.class);
|
||||||
return context;
|
return context;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -7,6 +7,7 @@ import java.io.BufferedReader;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.InputStreamReader;
|
import java.io.InputStreamReader;
|
||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
|
import java.io.StringWriter;
|
||||||
import java.net.HttpURLConnection;
|
import java.net.HttpURLConnection;
|
||||||
import java.net.URL;
|
import java.net.URL;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
@ -14,10 +15,8 @@ import java.util.Collections;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
import javax.xml.bind.JAXBContext;
|
import javax.xml.bind.JAXBContext;
|
||||||
import javax.xml.bind.JAXBException;
|
import javax.xml.bind.JAXBException;
|
||||||
|
|
||||||
import org.gcube.common.authorization.client.Binder;
|
import org.gcube.common.authorization.client.Binder;
|
||||||
import org.gcube.common.authorization.client.Constants;
|
import org.gcube.common.authorization.client.Constants;
|
||||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||||
|
@ -39,18 +38,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
||||||
private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
|
private static Logger log = LoggerFactory.getLogger(AuthorizationProxy.class);
|
||||||
|
|
||||||
private static Map<String, AuthorizationEntryCache> cache = new HashMap<String, AuthorizationEntryCache>();
|
private static Map<String, AuthorizationEntryCache> cache = new HashMap<String, AuthorizationEntryCache>();
|
||||||
|
|
||||||
private static JAXBContext jaxbContext;
|
|
||||||
|
|
||||||
private List<AuthorizationEndpoint> endpoints;
|
private List<AuthorizationEndpoint> endpoints;
|
||||||
|
|
||||||
public DefaultAuthorizationProxy() {
|
public DefaultAuthorizationProxy() {
|
||||||
try {
|
|
||||||
jaxbContext = JAXBContext.newInstance(ClientInfo.class, UserInfo.class, ServiceInfo.class, Policies.class);
|
|
||||||
} catch (JAXBException e) {
|
|
||||||
log.error("error creating jaxb context",e);
|
|
||||||
throw new RuntimeException(e);
|
|
||||||
}
|
|
||||||
endpoints = AuthorizationEndpointScanner.endpoints();
|
endpoints = AuthorizationEndpointScanner.endpoints();
|
||||||
this.setEndpoint(endpoints.get(0));
|
this.setEndpoint(endpoints.get(0));
|
||||||
}
|
}
|
||||||
|
@ -78,11 +69,15 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
||||||
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
||||||
connection.setRequestMethod("PUT");
|
connection.setRequestMethod("PUT");
|
||||||
connection.setDoOutput(true);
|
connection.setDoOutput(true);
|
||||||
|
connection.setDoInput(true);
|
||||||
|
connection.setRequestProperty("Content-type", "application/xml");
|
||||||
|
|
||||||
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
||||||
jaxbContext.createMarshaller().marshal(client, os);
|
Binder.getContext().createMarshaller().marshal(client, os);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.debug("response code is "+connection.getResponseCode());
|
||||||
|
|
||||||
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
|
||||||
String encryptedToken= "";
|
String encryptedToken= "";
|
||||||
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
try(BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream)connection.getContent()))){
|
||||||
|
@ -126,9 +121,10 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
||||||
URL url = new URL(callUrl.toString());
|
URL url = new URL(callUrl.toString());
|
||||||
HttpURLConnection connection = makeRequest(url, "POST");
|
HttpURLConnection connection = makeRequest(url, "POST");
|
||||||
connection.setDoOutput(true);
|
connection.setDoOutput(true);
|
||||||
|
connection.setRequestProperty("Content-type", "application/xml");
|
||||||
|
|
||||||
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
try(OutputStream os = new BufferedOutputStream(connection.getOutputStream())){
|
||||||
jaxbContext.createMarshaller().marshal(new Policies(policies), os);
|
Binder.getContext().createMarshaller().marshal(new Policies(policies), os);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (connection.getResponseCode()!=200) throw new Exception("error adding policies");
|
if (connection.getResponseCode()!=200) throw new Exception("error adding policies");
|
||||||
|
@ -157,18 +153,16 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
|
||||||
|
|
||||||
URL url = new URL(callUrl.toString());
|
URL url = new URL(callUrl.toString());
|
||||||
HttpURLConnection connection = makeRequest(url, "GET");
|
HttpURLConnection connection = makeRequest(url, "GET");
|
||||||
|
connection.setDoInput(true);
|
||||||
if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies");
|
if (connection.getResponseCode()!=200) throw new Exception("error retrieving policies");
|
||||||
if (connection.getContentLengthLong()<=0) return null;
|
if (connection.getContentLengthLong()<=0) return Collections.emptyList();
|
||||||
|
|
||||||
try(InputStream stream = (InputStream)connection.getContent()){
|
try(InputStreamReader stream = new InputStreamReader((InputStream)connection.getContent())){
|
||||||
Policies policies = (Policies)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
Policies policies = (Policies)Binder.getContext().createUnmarshaller().unmarshal(stream);
|
||||||
return policies.getPolicies();
|
return policies.getPolicies();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
private HttpURLConnection makeRequest(URL url, String method) throws Exception{
|
private HttpURLConnection makeRequest(URL url, String method) throws Exception{
|
||||||
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
HttpURLConnection connection = (HttpURLConnection)url.openConnection();
|
||||||
connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get());
|
connection.setRequestProperty(Constants.SCOPE_HEADER_ENTRY, ScopeProvider.instance.get());
|
||||||
|
|
|
@ -3,8 +3,13 @@ package org.gcube.common.authorizationservice.cl;
|
||||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||||
|
import org.gcube.common.authorization.library.policies.Policy;
|
||||||
|
import org.gcube.common.authorization.library.policies.ServiceAccess;
|
||||||
|
import org.gcube.common.authorization.library.policies.User;
|
||||||
|
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
|
||||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
public class CallTest {
|
public class CallTest {
|
||||||
|
@ -13,8 +18,7 @@ public class CallTest {
|
||||||
@Test
|
@Test
|
||||||
public void call() throws Exception{
|
public void call() throws Exception{
|
||||||
try{
|
try{
|
||||||
//devsec cec80de1-0e1a-47be-81cd-e8534753bff7
|
System.out.println(authorizationService().get("f676d94d-af4c-4805-9225-98620f2e1aa0"));
|
||||||
System.out.println(authorizationService().get("6d17f525-02de-4786-b454-d24150af7d49"));
|
|
||||||
}catch(ObjectNotFound onf){
|
}catch(ObjectNotFound onf){
|
||||||
onf.printStackTrace();
|
onf.printStackTrace();
|
||||||
}
|
}
|
||||||
|
@ -28,44 +32,22 @@ public class CallTest {
|
||||||
System.out.println("token is: "+token);
|
System.out.println("token is: "+token);
|
||||||
|
|
||||||
}
|
}
|
||||||
/*
|
|
||||||
@Test
|
|
||||||
public void denyService() throws Exception {
|
|
||||||
ScopeProvider.instance.set("/gcube/devsec");
|
|
||||||
authorizationService().deny("giancarlo.panichi", "WPS", "DataMiner");
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void allowService() throws Exception{
|
|
||||||
|
|
||||||
ScopeProvider.instance.set("/gcube/devsec");
|
@Test
|
||||||
authorizationService().allow("lucio.lelii", "Test", "AuthorizationTest");
|
public void addPolicy() throws Exception {
|
||||||
|
List<Policy> policies = new ArrayList<Policy>();
|
||||||
|
policies.add(new User2ServicePolicy("/gcube/devsec", new ServiceAccess(), new User("lucio.lelii") ));
|
||||||
|
authorizationService().addPolicies(policies);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getBannedServices() throws Exception{
|
public void getPolicies() throws Exception{
|
||||||
|
List<Policy> policies = authorizationService().getPolicies("/gcube/devsec");
|
||||||
ScopeProvider.instance.set("/gcube/devsec");
|
System.out.println(policies);
|
||||||
List<BannedService> bannedServices = authorizationService().getBannedServices("lucio.lelii");
|
|
||||||
for (BannedService banService : bannedServices)
|
|
||||||
System.out.println(banService);
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void retreiveTest() throws Exception{
|
public void removePolicy() throws Exception {
|
||||||
ScopeProvider.instance.set("/gcube");
|
authorizationService().removePolicies(3);
|
||||||
SimpleQuery query = queryFor(ServiceEndpoint.class);
|
|
||||||
query.addCondition("$resource/Profile/Category/text() eq 'Database'")
|
|
||||||
.addCondition("$resource/Profile/Name/text() eq 'AuthorizationDB'")
|
|
||||||
.setResult("$resource/Profile//AccessPoint[./Interface/Endpoint/@EntryName eq 'authorization']");
|
|
||||||
DiscoveryClient<AccessPoint> client = clientFor(AccessPoint.class);
|
|
||||||
List<AccessPoint> results = client.submit(query);
|
|
||||||
for (AccessPoint ap : results){
|
|
||||||
System.out.println(ap.username()+" "+StringEncrypter.getEncrypter().decrypt(ap.password()));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue