commit for release 2.24
This commit is contained in:
parent
d6b6d4135e
commit
0e2a8dfbed
|
@ -0,0 +1,9 @@
|
|||
# Changelog for "auhtorization-service"
|
||||
|
||||
|
||||
## \[v2.1.3] [r4.24.0] - 2020-06-22
|
||||
|
||||
### Fixes
|
||||
- bug on ApiKey Management (https://support.d4science.org/issues/19487)
|
||||
|
||||
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
@ -15,7 +15,7 @@
|
|||
<includes>
|
||||
<include>README.md</include>
|
||||
<include>LICENSE.md</include>
|
||||
<include>changelog.xml</include>
|
||||
<include>CHANGELOG.md</include>
|
||||
<include>profile.xml</include>
|
||||
</includes>
|
||||
<fileMode>755</fileMode>
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -11,7 +11,7 @@
|
|||
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>authorization-service</artifactId>
|
||||
<version>2.1.2-SNASPHOT</version>
|
||||
<version>2.1.3</version>
|
||||
<name>authorization service</name>
|
||||
|
||||
<packaging>war</packaging>
|
||||
|
|
|
@ -7,7 +7,6 @@ import javax.ws.rs.ApplicationPath;
|
|||
import javax.ws.rs.core.Application;
|
||||
|
||||
import org.gcube.common.authorizationservice.configuration.AuthorizationConfiguration;
|
||||
import org.glassfish.jersey.server.ResourceConfig;
|
||||
|
||||
@ApplicationPath("/gcube/service/*")
|
||||
public class AuthorizationService extends Application {
|
||||
|
@ -22,6 +21,7 @@ public class AuthorizationService extends Application {
|
|||
classes.add(KeyRetriever.class);
|
||||
classes.add(PolicyManager.class);
|
||||
classes.add(TokenManager.class);
|
||||
classes.add(ApiKeyManager.class);
|
||||
return classes;
|
||||
}
|
||||
|
||||
|
|
|
@ -27,8 +27,6 @@ import org.gcube.common.authorizationservice.configuration.AuthorizationRule;
|
|||
import org.gcube.common.authorizationservice.configuration.ConfigurationHolder;
|
||||
import org.gcube.common.authorizationservice.util.TokenPersistence;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.jboss.weld.context.ApplicationContext;
|
||||
import org.omg.PortableInterceptor.SUCCESSFUL;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
|
@ -52,6 +50,7 @@ public class AuthorizedCallFilter implements Filter {
|
|||
public void doFilter(ServletRequest request, ServletResponse response,
|
||||
FilterChain chain) throws IOException, ServletException {
|
||||
|
||||
|
||||
String token = request.getParameter(TOKEN_HEADER)==null?((HttpServletRequest)request).getHeader(TOKEN_HEADER):
|
||||
request.getParameter(TOKEN_HEADER);
|
||||
|
||||
|
@ -82,15 +81,20 @@ public class AuthorizedCallFilter implements Filter {
|
|||
pathInfo = servletPath.replace("/gcube/service", "");
|
||||
log.info("called path info {} ", pathInfo);
|
||||
if (pathInfo==null || pathInfo.isEmpty()){
|
||||
log.info("call rejected from filters: invalid path");
|
||||
((HttpServletResponse)response).sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
|
||||
log.error("call rejected from filters: invalid path");
|
||||
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
if (requiresToken(pathInfo) && token==null ){
|
||||
((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
log.info("call rejected from filters, call requires caller token");
|
||||
log.error("call rejected from filters, call requires caller token");
|
||||
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -107,13 +111,15 @@ public class AuthorizedCallFilter implements Filter {
|
|||
|
||||
if (!checkAllowed(pathInfo, callerIp, info)){
|
||||
((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
log.info("call rejected from filters");
|
||||
log.error("call rejected from filters");
|
||||
generateAccounting("Unknown", "Unknown", callerIp, false, startTime, request.getLocalName());
|
||||
return;
|
||||
}
|
||||
|
||||
chain.doFilter(request, response);
|
||||
|
||||
//generateAccounting("Unknown", "Unknown", callerIp, true, startTime, request.getLocalName());
|
||||
generateAccounting("Unknown", "Unknown", callerIp, true, startTime, request.getLocalName());
|
||||
|
||||
}
|
||||
|
||||
private boolean requiresToken(String pathInfo) {
|
||||
|
@ -188,7 +194,7 @@ public class AuthorizedCallFilter implements Filter {
|
|||
public void destroy() {}
|
||||
|
||||
void generateAccounting(String caller, String callerQualifier, String remoteHost, boolean success, long startTime, String host){
|
||||
AuthorizationConfiguration conf = ConfigurationHolder.getConfiguration();
|
||||
/*AuthorizationConfiguration conf = ConfigurationHolder.getConfiguration();
|
||||
AccountingPersistenceFactory.setFallbackLocation(conf.getAccountingDir());
|
||||
AccountingPersistence persistence = AccountingPersistenceFactory.getPersistence();
|
||||
ServiceUsageRecord serviceUsageRecord = new ServiceUsageRecord();
|
||||
|
@ -210,6 +216,8 @@ public class AuthorizedCallFilter implements Filter {
|
|||
}catch(Exception ex){
|
||||
log.warn("invalid record passed to accounting ",ex);
|
||||
}
|
||||
*/
|
||||
log.info("REQUEST SERVED for method {} in {} ms with result {}", CalledMethodProvider.instance.get(), System.currentTimeMillis()-startTime, success?OperationResult.SUCCESS:OperationResult.FAILED);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue