diff --git a/pom.xml b/pom.xml
index 9f33662..d6ef527 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
org.gcube.common
authorization-service
- 2.0.1-SNAPSHOT
+ 2.0.2-SNAPSHOT
authorization service
war
diff --git a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
index d010773..4cd4c5f 100644
--- a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
+++ b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
@@ -6,6 +6,7 @@ import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
@@ -155,6 +156,36 @@ public class TokenManager {
}
}
+
+ /**
+ *
+ * REmoves a token for a user.
+ *
+ * @param userName
+ * @param roles
+ * @return the generated token or the token related to the user (if it was already created)
+ */
+ @Path("user")
+ @DELETE
+ @Consumes(MediaType.APPLICATION_XML)
+ public void removeUserToken(@NotNull @QueryParam("client_id") String clientId,
+ @NotNull @QueryParam("context") String context) {
+
+ try{
+
+ log.info("generator called with user {} in context {} ",clientId, context);
+
+ if (clientId.split(":").length>1) throw new Exception("invalid user id: "+clientId);
+
+ persistence.removeAllAuthorizationsEntryForClientId(context, clientId);
+
+ }catch(Exception e){
+ log.error("error generating token ",e);
+ throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST)
+ .entity("Error removing Token: "+e.getMessage()).type(MediaType.TEXT_PLAIN).build());
+ }
+ }
+
/**
*
* Generates a token for a service if it doesn't exist yet.
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
index b8571eb..06dec3c 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
@@ -349,4 +349,23 @@ public class RelationDBPersistence implements TokenPersistence{
}
}
+ @Override
+ public void removeAllAuthorizationsEntryForClientId(String context, String clientId) {
+ EntityManager em = emFactory.createEntityManager();
+ try{
+ em.getTransaction().begin();
+ TypedQuery queryS = em.createNamedQuery("Authz.getGeneratedTokenByClientId", AuthorizationEntity.class);
+ queryS.setParameter("clientid", clientId);
+ queryS.setParameter("context", context);
+ List authEntries = queryS.getResultList();
+ for (AuthorizationEntity entry:authEntries)
+ em.remove(entry);
+ em.getTransaction().commit();
+ }catch (Exception e) {
+ log.error("error removing client authorization for user {} ", clientId);
+ em.close();
+ }
+
+ }
+
}
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
index 35661c8..7670ba1 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
@@ -39,7 +39,9 @@ import org.jboss.weld.exceptions.IllegalArgumentException;
@NamedQuery(name="Authz.getQualifiers", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
+ " info.id.qualifier!='"+Constants.DEFAULT_TOKEN_QUALIFIER+"' AND info.id.clientId=:clientId AND info.id.context=:context"),
@NamedQuery(name="Authz.getByToken", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
- + " info.token=:token")
+ + " info.token=:token"),
+ @NamedQuery(name="Authz.getGeneratedTokenByClientId", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
+ + " (info.id.clientId=:clientid OR info.generatedBy=:clientid) AND info.id.context=:context")
})
public abstract class AuthorizationEntity {
diff --git a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
index 6a4b884..a9dcfb8 100644
--- a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
+++ b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
@@ -12,6 +12,8 @@ public interface TokenPersistence {
void saveAuthorizationEntry(String token, String context, ClientInfo info, String tokenQualifier, String generateBy);
+ void removeAllAuthorizationsEntryForClientId(String context, String clientId);
+
AuthorizationEntry getAuthorizationEntry(String token);
String getExistingToken(String clientId, String context, String tokenQualifier);
@@ -33,4 +35,6 @@ public interface TokenPersistence {
Map getExistingExternalServices(String generatorId,
String context);
+
+
}