gCubeSystem
/
authorization-service
14
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

commit for release 2.24

This commit is contained in:
Lucio Lelii 2020-06-22 15:47:34 +02:00
parent d6b6d4135e
commit 0e2a8dfbed
5 changed files with 28 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md Normal file
View File

@ -0,0 +1,9 @@
# Changelog for "auhtorization-service"
## \[v2.1.3] [r4.24.0] - 2020-06-22
### Fixes
- bug on ApiKey Management (https://support.d4science.org/issues/19487)
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

2
descriptor.xml
View File

@ -15,7 +15,7 @@
<includes>
<include>README.md</include>
<include>LICENSE.md</include>
<include>changelog.xml</include>
<include>CHANGELOG.md</include>
<include>profile.xml</include>
</includes>
<fileMode>755</fileMode>

2
pom.xml
View File

@ -11,7 +11,7 @@
<groupId>org.gcube.common</groupId>
<artifactId>authorization-service</artifactId>
<version>2.1.2-SNASPHOT</version>
<version>2.1.3</version>
<name>authorization service</name>
<packaging>war</packaging>

2
src/main/java/org/gcube/common/authorizationservice/AuthorizationService.java
View File

@ -7,7 +7,6 @@ import javax.ws.rs.ApplicationPath;
import javax.ws.rs.core.Application;
import org.gcube.common.authorizationservice.configuration.AuthorizationConfiguration;
import org.glassfish.jersey.server.ResourceConfig;
@ApplicationPath("/gcube/service/*")
public class AuthorizationService extends Application {
@ -22,6 +21,7 @@ public class AuthorizationService extends Application {
classes.add(KeyRetriever.class);
classes.add(PolicyManager.class);
classes.add(TokenManager.class);
classes.add(ApiKeyManager.class);
return classes;
}

24
src/main/java/org/gcube/common/authorizationservice/filters/AuthorizedCallFilter.java
View File

@ -27,8 +27,6 @@ import org.gcube.common.authorizationservice.configuration.AuthorizationRule;
import org.gcube.common.authorizationservice.configuration.ConfigurationHolder;
import org.gcube.common.authorizationservice.util.TokenPersistence;
import org.gcube.common.scope.api.ScopeProvider;
import org.jboss.weld.context.ApplicationContext;
import org.omg.PortableInterceptor.SUCCESSFUL;
import lombok.extern.slf4j.Slf4j;
@ -51,7 +49,8 @@ public class AuthorizedCallFilter implements Filter {
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
String token = request.getParameter(TOKEN_HEADER)==null?((HttpServletRequest)request).getHeader(TOKEN_HEADER):
request.getParameter(TOKEN_HEADER);
@ -82,15 +81,20 @@ public class AuthorizedCallFilter implements Filter {
pathInfo = servletPath.replace("/gcube/service", "");
log.info("called path info {} ", pathInfo);
if (pathInfo==null || pathInfo.isEmpty()){
log.info("call rejected from filters: invalid path");
((HttpServletResponse)response).sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
log.error("call rejected from filters: invalid path");
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
return;
}
}
if (requiresToken(pathInfo) && token==null ){
((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
log.info("call rejected from filters, call requires caller token");
log.error("call rejected from filters, call requires caller token");
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
return;
}
@ -107,13 +111,15 @@ public class AuthorizedCallFilter implements Filter {
if (!checkAllowed(pathInfo, callerIp, info)){
((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
log.info("call rejected from filters");
log.error("call rejected from filters");
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
return;
}
chain.doFilter(request, response);
generateAccounting("Unknown", "Unknown", callerIp, true, startTime, request.getLocalName());
//generateAccounting("Unknown", "Unknown", callerIp, true, startTime, request.getLocalName());
}
private boolean requiresToken(String pathInfo) {
@ -188,7 +194,7 @@ public class AuthorizedCallFilter implements Filter {
public void destroy() {}
void generateAccounting(String caller, String callerQualifier, String remoteHost, boolean success, long startTime, String host){
AuthorizationConfiguration conf = ConfigurationHolder.getConfiguration();
/*AuthorizationConfiguration conf = ConfigurationHolder.getConfiguration();
AccountingPersistenceFactory.setFallbackLocation(conf.getAccountingDir());
AccountingPersistence persistence = AccountingPersistenceFactory.getPersistence();
ServiceUsageRecord serviceUsageRecord = new ServiceUsageRecord();
@ -210,6 +216,8 @@ public class AuthorizedCallFilter implements Filter {
}catch(Exception ex){
log.warn("invalid record passed to accounting ",ex);
}
*/
log.info("REQUEST SERVED for method {} in {} ms with result {}", CalledMethodProvider.instance.get(), System.currentTimeMillis()-startTime, success?OperationResult.SUCCESS:OperationResult.FAILED);
}
}