git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/authorization-service/2.0@164657 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
b0917974aa
commit
5ffa392720
2
pom.xml
2
pom.xml
|
@ -10,7 +10,7 @@
|
||||||
|
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
<artifactId>authorization-service</artifactId>
|
<artifactId>authorization-service</artifactId>
|
||||||
<version>2.0.1-SNAPSHOT</version>
|
<version>2.0.2-SNAPSHOT</version>
|
||||||
<name>authorization service</name>
|
<name>authorization service</name>
|
||||||
|
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
|
|
@ -6,6 +6,7 @@ import javax.inject.Inject;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.validation.constraints.NotNull;
|
import javax.validation.constraints.NotNull;
|
||||||
import javax.ws.rs.Consumes;
|
import javax.ws.rs.Consumes;
|
||||||
|
import javax.ws.rs.DELETE;
|
||||||
import javax.ws.rs.GET;
|
import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.PUT;
|
import javax.ws.rs.PUT;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
|
@ -155,6 +156,36 @@ public class TokenManager {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* REmoves a token for a user.
|
||||||
|
*
|
||||||
|
* @param userName
|
||||||
|
* @param roles
|
||||||
|
* @return the generated token or the token related to the user (if it was already created)
|
||||||
|
*/
|
||||||
|
@Path("user")
|
||||||
|
@DELETE
|
||||||
|
@Consumes(MediaType.APPLICATION_XML)
|
||||||
|
public void removeUserToken(@NotNull @QueryParam("client_id") String clientId,
|
||||||
|
@NotNull @QueryParam("context") String context) {
|
||||||
|
|
||||||
|
try{
|
||||||
|
|
||||||
|
log.info("generator called with user {} in context {} ",clientId, context);
|
||||||
|
|
||||||
|
if (clientId.split(":").length>1) throw new Exception("invalid user id: "+clientId);
|
||||||
|
|
||||||
|
persistence.removeAllAuthorizationsEntryForClientId(context, clientId);
|
||||||
|
|
||||||
|
}catch(Exception e){
|
||||||
|
log.error("error generating token ",e);
|
||||||
|
throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST)
|
||||||
|
.entity("Error removing Token: "+e.getMessage()).type(MediaType.TEXT_PLAIN).build());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Generates a token for a service if it doesn't exist yet.
|
* Generates a token for a service if it doesn't exist yet.
|
||||||
|
|
|
@ -349,4 +349,23 @@ public class RelationDBPersistence implements TokenPersistence{
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void removeAllAuthorizationsEntryForClientId(String context, String clientId) {
|
||||||
|
EntityManager em = emFactory.createEntityManager();
|
||||||
|
try{
|
||||||
|
em.getTransaction().begin();
|
||||||
|
TypedQuery<AuthorizationEntity> queryS = em.createNamedQuery("Authz.getGeneratedTokenByClientId", AuthorizationEntity.class);
|
||||||
|
queryS.setParameter("clientid", clientId);
|
||||||
|
queryS.setParameter("context", context);
|
||||||
|
List<AuthorizationEntity> authEntries = queryS.getResultList();
|
||||||
|
for (AuthorizationEntity entry:authEntries)
|
||||||
|
em.remove(entry);
|
||||||
|
em.getTransaction().commit();
|
||||||
|
}catch (Exception e) {
|
||||||
|
log.error("error removing client authorization for user {} ", clientId);
|
||||||
|
em.close();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,7 +39,9 @@ import org.jboss.weld.exceptions.IllegalArgumentException;
|
||||||
@NamedQuery(name="Authz.getQualifiers", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
|
@NamedQuery(name="Authz.getQualifiers", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
|
||||||
+ " info.id.qualifier!='"+Constants.DEFAULT_TOKEN_QUALIFIER+"' AND info.id.clientId=:clientId AND info.id.context=:context"),
|
+ " info.id.qualifier!='"+Constants.DEFAULT_TOKEN_QUALIFIER+"' AND info.id.clientId=:clientId AND info.id.context=:context"),
|
||||||
@NamedQuery(name="Authz.getByToken", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
|
@NamedQuery(name="Authz.getByToken", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
|
||||||
+ " info.token=:token")
|
+ " info.token=:token"),
|
||||||
|
@NamedQuery(name="Authz.getGeneratedTokenByClientId", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
|
||||||
|
+ " (info.id.clientId=:clientid OR info.generatedBy=:clientid) AND info.id.context=:context")
|
||||||
})
|
})
|
||||||
public abstract class AuthorizationEntity {
|
public abstract class AuthorizationEntity {
|
||||||
|
|
||||||
|
|
|
@ -12,6 +12,8 @@ public interface TokenPersistence {
|
||||||
|
|
||||||
void saveAuthorizationEntry(String token, String context, ClientInfo info, String tokenQualifier, String generateBy);
|
void saveAuthorizationEntry(String token, String context, ClientInfo info, String tokenQualifier, String generateBy);
|
||||||
|
|
||||||
|
void removeAllAuthorizationsEntryForClientId(String context, String clientId);
|
||||||
|
|
||||||
AuthorizationEntry getAuthorizationEntry(String token);
|
AuthorizationEntry getAuthorizationEntry(String token);
|
||||||
|
|
||||||
String getExistingToken(String clientId, String context, String tokenQualifier);
|
String getExistingToken(String clientId, String context, String tokenQualifier);
|
||||||
|
@ -33,4 +35,6 @@ public interface TokenPersistence {
|
||||||
|
|
||||||
Map<String, String> getExistingExternalServices(String generatorId,
|
Map<String, String> getExistingExternalServices(String generatorId,
|
||||||
String context);
|
String context);
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue