From 5ffa39272045d134e8130c55d21c76f4d788d814 Mon Sep 17 00:00:00 2001 From: Lucio Lelii Date: Fri, 2 Mar 2018 10:50:45 +0000 Subject: [PATCH] git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/authorization-service/2.0@164657 82a268e6-3cf1-43bd-a215-b396298e98cf --- pom.xml | 2 +- .../authorizationservice/TokenManager.java | 31 +++++++++++++++++++ .../persistence/RelationDBPersistence.java | 19 ++++++++++++ .../entities/AuthorizationEntity.java | 4 ++- .../util/TokenPersistence.java | 4 +++ 5 files changed, 58 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 9f33662..d6ef527 100644 --- a/pom.xml +++ b/pom.xml @@ -10,7 +10,7 @@ org.gcube.common authorization-service - 2.0.1-SNAPSHOT + 2.0.2-SNAPSHOT authorization service war diff --git a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java index d010773..4cd4c5f 100644 --- a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java +++ b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java @@ -6,6 +6,7 @@ import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; import javax.validation.constraints.NotNull; import javax.ws.rs.Consumes; +import javax.ws.rs.DELETE; import javax.ws.rs.GET; import javax.ws.rs.PUT; import javax.ws.rs.Path; @@ -155,6 +156,36 @@ public class TokenManager { } } + + /** + * + * REmoves a token for a user. + * + * @param userName + * @param roles + * @return the generated token or the token related to the user (if it was already created) + */ + @Path("user") + @DELETE + @Consumes(MediaType.APPLICATION_XML) + public void removeUserToken(@NotNull @QueryParam("client_id") String clientId, + @NotNull @QueryParam("context") String context) { + + try{ + + log.info("generator called with user {} in context {} ",clientId, context); + + if (clientId.split(":").length>1) throw new Exception("invalid user id: "+clientId); + + persistence.removeAllAuthorizationsEntryForClientId(context, clientId); + + }catch(Exception e){ + log.error("error generating token ",e); + throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST) + .entity("Error removing Token: "+e.getMessage()).type(MediaType.TEXT_PLAIN).build()); + } + } + /** * * Generates a token for a service if it doesn't exist yet. diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java index b8571eb..06dec3c 100644 --- a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java +++ b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java @@ -349,4 +349,23 @@ public class RelationDBPersistence implements TokenPersistence{ } } + @Override + public void removeAllAuthorizationsEntryForClientId(String context, String clientId) { + EntityManager em = emFactory.createEntityManager(); + try{ + em.getTransaction().begin(); + TypedQuery queryS = em.createNamedQuery("Authz.getGeneratedTokenByClientId", AuthorizationEntity.class); + queryS.setParameter("clientid", clientId); + queryS.setParameter("context", context); + List authEntries = queryS.getResultList(); + for (AuthorizationEntity entry:authEntries) + em.remove(entry); + em.getTransaction().commit(); + }catch (Exception e) { + log.error("error removing client authorization for user {} ", clientId); + em.close(); + } + + } + } diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java index 35661c8..7670ba1 100644 --- a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java +++ b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java @@ -39,7 +39,9 @@ import org.jboss.weld.exceptions.IllegalArgumentException; @NamedQuery(name="Authz.getQualifiers", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE " + " info.id.qualifier!='"+Constants.DEFAULT_TOKEN_QUALIFIER+"' AND info.id.clientId=:clientId AND info.id.context=:context"), @NamedQuery(name="Authz.getByToken", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE " - + " info.token=:token") + + " info.token=:token"), + @NamedQuery(name="Authz.getGeneratedTokenByClientId", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE " + + " (info.id.clientId=:clientid OR info.generatedBy=:clientid) AND info.id.context=:context") }) public abstract class AuthorizationEntity { diff --git a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java index 6a4b884..a9dcfb8 100644 --- a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java +++ b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java @@ -12,6 +12,8 @@ public interface TokenPersistence { void saveAuthorizationEntry(String token, String context, ClientInfo info, String tokenQualifier, String generateBy); + void removeAllAuthorizationsEntryForClientId(String context, String clientId); + AuthorizationEntry getAuthorizationEntry(String token); String getExistingToken(String clientId, String context, String tokenQualifier); @@ -33,4 +35,6 @@ public interface TokenPersistence { Map getExistingExternalServices(String generatorId, String context); + + }