This commit is contained in:
Lucio Lelii 2015-07-21 10:39:32 +00:00
parent af9a0f80f0
commit ed1e6a29b2
4 changed files with 22 additions and 26 deletions

View File

@ -5,8 +5,8 @@ import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException; import javax.xml.bind.JAXBException;
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.BannedService;
import org.gcube.common.authorization.library.BannedServices; import org.gcube.common.authorization.library.BannedServices;
import org.gcube.common.authorization.library.provider.Service;
public class Binder { public class Binder {
@ -14,7 +14,7 @@ public class Binder {
public static JAXBContext getContext() throws JAXBException{ public static JAXBContext getContext() throws JAXBException{
if (context==null) if (context==null)
context = JAXBContext.newInstance(AuthorizationEntry.class, Service.class, BannedServices.class); context = JAXBContext.newInstance(AuthorizationEntry.class, BannedService.class, BannedServices.class);
return context; return context;
} }

View File

@ -4,7 +4,6 @@ import java.util.List;
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.BannedService; import org.gcube.common.authorization.library.BannedService;
import org.gcube.common.authorization.library.provider.Service;
public interface AuthorizationProxy { public interface AuthorizationProxy {
@ -12,9 +11,9 @@ public interface AuthorizationProxy {
AuthorizationEntry get(String token); AuthorizationEntry get(String token);
Service deny(String userName, Service service); BannedService deny(String userName, String serviceClass, String serviceName);
void allow(String userName, Service service); void allow(String userName, String serviceClass, String serviceName);
List<BannedService> getBannedServices(String userName); List<BannedService> getBannedServices(String userName);
} }

View File

@ -17,7 +17,6 @@ import org.gcube.common.authorization.client.Constants;
import org.gcube.common.authorization.library.AuthorizationEntry; import org.gcube.common.authorization.library.AuthorizationEntry;
import org.gcube.common.authorization.library.BannedService; import org.gcube.common.authorization.library.BannedService;
import org.gcube.common.authorization.library.BannedServices; import org.gcube.common.authorization.library.BannedServices;
import org.gcube.common.authorization.library.provider.Service;
import org.gcube.common.clients.Call; import org.gcube.common.clients.Call;
import org.gcube.common.clients.delegates.ProxyDelegate; import org.gcube.common.clients.delegates.ProxyDelegate;
import org.gcube.common.clients.stubs.jaxws.JAXWSUtils.Empty; import org.gcube.common.clients.stubs.jaxws.JAXWSUtils.Empty;
@ -70,7 +69,6 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
@Override @Override
public AuthorizationEntry call(String endpoint) throws Exception { public AuthorizationEntry call(String endpoint) throws Exception {
System.out.println("calling get to "+endpoint);
URL url = new URL(endpoint+"/retrieve/"+token); URL url = new URL(endpoint+"/retrieve/"+token);
HttpURLConnection connection = makeRequest(url, "GET"); HttpURLConnection connection = makeRequest(url, "GET");
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
@ -84,8 +82,8 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
} }
}; };
/*if (cache.containsKey(token) && cache.get(token).isValid()) if (cache.containsKey(token) && cache.get(token).isValid())
return cache.get(token).getEntry();*/ return cache.get(token).getEntry();
try { try {
return delegate.make(call); return delegate.make(call);
} catch (Exception e) { } catch (Exception e) {
@ -94,18 +92,18 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
} }
@Override @Override
public Service deny(final String userName, final Service service) { public BannedService deny(final String userName, final String serviceClass, final String serviceName) {
Call<String, Service> call = new Call<String, Service>() { Call<String, BannedService> call = new Call<String, BannedService>() {
@Override @Override
public Service call(String endpoint) throws Exception { public BannedService call(String endpoint) throws Exception {
URL url = new URL(endpoint+"/deny/"+userName+"/"+service.getServiceClass()+"/"+service.getServiceName()); URL url = new URL(endpoint+"/deny/"+userName+"/"+serviceClass+"/"+serviceName);
HttpURLConnection connection = makeRequest(url, "POST"); HttpURLConnection connection = makeRequest(url, "POST");
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (connection.getResponseCode()!=200 && connection.getResponseCode()!=200) throw new Exception("error contacting authorization service");
if (connection.getContentLengthLong()<=0) return null; if (connection.getContentLengthLong()<=0) return null;
try(InputStream stream = (InputStream)connection.getContent();){ try(InputStream stream = (InputStream)connection.getContent();){
Service service = (Service)Binder.getContext().createUnmarshaller().unmarshal(stream); BannedService service = (BannedService)Binder.getContext().createUnmarshaller().unmarshal(stream);
return service; return service;
} }
} }
@ -119,14 +117,14 @@ public class DefaultAuthorizationProxy implements AuthorizationProxy {
} }
@Override @Override
public void allow(final String userName, final Service service) { public void allow(final String userName, final String serviceClass, final String serviceName) {
Call<String, Empty> call = new Call<String, Empty>() { Call<String, Empty> call = new Call<String, Empty>() {
@Override @Override
public Empty call(String endpoint) throws Exception { public Empty call(String endpoint) throws Exception {
URL url = new URL(endpoint+"/deny/"+userName+"/"+service.getServiceClass()+"/"+service.getServiceName()); URL url = new URL(endpoint+"/deny/"+userName+"/"+serviceClass+"/"+serviceName);
HttpURLConnection connection = makeRequest(url, "DELETE"); HttpURLConnection connection = makeRequest(url, "DELETE");
if (connection.getResponseCode()!=200) throw new Exception("error contacting authorization service"); if (!(connection.getResponseCode()>=200 && connection.getResponseCode()<=206)) throw new Exception("error contacting authorization service");
return new Empty(); return new Empty();
} }

View File

@ -6,7 +6,6 @@ import java.util.Arrays;
import java.util.List; import java.util.List;
import org.gcube.common.authorization.library.BannedService; import org.gcube.common.authorization.library.BannedService;
import org.gcube.common.authorization.library.provider.Service;
import org.gcube.common.scope.api.ScopeProvider; import org.gcube.common.scope.api.ScopeProvider;
import org.junit.Test; import org.junit.Test;
public class CallTest { public class CallTest {
@ -15,14 +14,14 @@ public class CallTest {
@Test @Test
public void call(){ public void call(){
ScopeProvider.instance.set("/gcube/devsec"); ScopeProvider.instance.set("/gcube/devsec");
System.out.println(authorizationService().build().get("d7a4076c-e8c1-42fe-81e0-bdecb1e8074a")); System.out.println(authorizationService().build().get("df75336d-0944-4324-b444-c711d21f705b"));
} }
@Test @Test
public void requestToken(){ public void requestToken(){
ScopeProvider.instance.set("/gcube/devsec"); ScopeProvider.instance.set("/gcube/devNext/NextNext");
String token = authorizationService().build().generate("lucio.lelii", Arrays.asList("User")); String token = authorizationService().build().generate("fabio.sinibaldi", Arrays.asList("User"));
System.out.println("token is: "+token); System.out.println("token is: "+token);
} }
@ -31,7 +30,7 @@ public class CallTest {
public void denyService(){ public void denyService(){
ScopeProvider.instance.set("/gcube/devsec"); ScopeProvider.instance.set("/gcube/devsec");
authorizationService().build().deny("gianpaolo.coro", new Service("Test", "AuthorizationTest")); authorizationService().build().deny("lucio.lelii", "Test", "AuthorizationTest");
} }
@ -39,7 +38,7 @@ public class CallTest {
public void allowService(){ public void allowService(){
ScopeProvider.instance.set("/gcube/devsec"); ScopeProvider.instance.set("/gcube/devsec");
authorizationService().build().allow("gianpaolo.coro", new Service("Test", "AuthorizationTest")); authorizationService().build().allow("lucio.lelii", "Test", "AuthorizationTest");
} }
@ -49,7 +48,7 @@ public class CallTest {
ScopeProvider.instance.set("/gcube/devsec"); ScopeProvider.instance.set("/gcube/devsec");
List<BannedService> bannedServices = authorizationService().build().getBannedServices("lucio.lelii"); List<BannedService> bannedServices = authorizationService().build().getBannedServices("lucio.lelii");
for (BannedService banService : bannedServices) for (BannedService banService : bannedServices)
System.out.println(banService.getService()); System.out.println(banService);
} }