diff --git a/.classpath b/.classpath
index e43402f..63c80a6 100644
--- a/.classpath
+++ b/.classpath
@@ -15,11 +15,13 @@
+
+
@@ -30,6 +32,7 @@
+
diff --git a/.project b/.project
index 34bcc98..ebd0631 100644
--- a/.project
+++ b/.project
@@ -15,6 +15,11 @@
+
+ org.eclipse.wst.validation.validationbuilder
+
+
+
org.eclipse.m2e.core.maven2Builder
@@ -22,8 +27,11 @@
+ org.eclipse.jem.workbench.JavaEMFNature
+ org.eclipse.wst.common.modulecore.ModuleCoreNature
org.eclipse.jdt.core.javanature
org.eclipse.m2e.core.maven2Nature
org.eclipse.wst.common.project.facet.core.nature
+ org.eclipse.wst.jsdt.core.jsNature
diff --git a/.settings/org.eclipse.jdt.core.prefs b/.settings/org.eclipse.jdt.core.prefs
index ec4300d..8db228c 100644
--- a/.settings/org.eclipse.jdt.core.prefs
+++ b/.settings/org.eclipse.jdt.core.prefs
@@ -1,5 +1,9 @@
eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.release=disabled
org.eclipse.jdt.core.compiler.source=1.7
diff --git a/pom.xml b/pom.xml
index 68de193..861e2ce 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
org.gcube.common
authorization-service
- 2.0.2-SNAPSHOT
+ 2.0.3-SNAPSHOT
authorization service
war
@@ -115,7 +115,7 @@
eclipselink
org.eclipse.persistence
- 2.5.1
+ 2.6.6
diff --git a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
index 4cd4c5f..d0d497b 100644
--- a/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
+++ b/src/main/java/org/gcube/common/authorizationservice/TokenManager.java
@@ -1,8 +1,12 @@
package org.gcube.common.authorizationservice;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
import java.util.UUID;
import javax.inject.Inject;
+import javax.print.attribute.HashAttributeSet;
import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import javax.ws.rs.Consumes;
@@ -26,9 +30,12 @@ import org.gcube.common.authorization.library.provider.ContainerInfo;
import org.gcube.common.authorization.library.provider.ExternalServiceInfo;
import org.gcube.common.authorization.library.provider.ServiceInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
+import org.gcube.common.authorization.library.utils.ListMapper;
import org.gcube.common.authorizationservice.filters.AuthorizedCallFilter;
import org.gcube.common.authorizationservice.util.Constants;
import org.gcube.common.authorizationservice.util.TokenPersistence;
+import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.common.scope.api.ServiceMap;
@Path("token")
@Slf4j
@@ -61,11 +68,13 @@ public class TokenManager {
throw new WebApplicationException(Response.status(Response.Status.NOT_FOUND)
.entity("token "+token+" not found").type(MediaType.TEXT_PLAIN).build());
}
-
- //TODO: re-add it with common-scope 2.0
- /*
+
+
+ /*
try{
- ServiceMap map = .instance.getMap(info.getContext());
+ ScopeProvider.instance.set(info.getContext());
+ ServiceMap map = ServiceMap.instance;
+ ScopeProvider.instance.reset();
info.setMap(map);
}catch(Exception e){
log.error("error retrieving map for {}", info.getContext(), e);
@@ -77,7 +86,10 @@ public class TokenManager {
return info;
}
+
+
+
/**
*
* retrieves the AuthorzationEntry connected to the specified token
@@ -155,7 +167,35 @@ public class TokenManager {
.entity("Error Generating Token: "+e.getMessage()).type(MediaType.TEXT_PLAIN).build());
}
}
+
+ /**
+ *
+ * Generates a token for a user (saving the passed roles) if it doesn't exist yet.
+ *
+ * @param userName
+ * @param roles
+ * @return the generated token or the token related to the user (if it was already created)
+ */
+ @Path("user/{token}/roles")
+ @PUT
+ @Consumes(MediaType.APPLICATION_XML)
+ public String setRoles(ListMapper roles,
+ @NotNull @PathParam("token") String token) {
+ try{
+
+ log.info("update roles called");
+
+ persistence.updateAuthorizationEntry(token, roles.getList()) ;
+
+ return token;
+ }catch(Exception e){
+ log.error("error setting roles to token ",e);
+ throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST)
+ .entity("Error setting roles to token: "+e.getMessage()).type(MediaType.TEXT_PLAIN).build());
+ }
+ }
+
/**
*
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
index 06dec3c..f485324 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/RelationDBPersistence.java
@@ -18,6 +18,7 @@ import javax.persistence.TypedQuery;
import lombok.extern.slf4j.Slf4j;
import org.gcube.common.authorization.library.AuthorizationEntry;
+import org.gcube.common.authorization.library.ClientType;
import org.gcube.common.authorization.library.policies.Policy;
import org.gcube.common.authorization.library.policies.PolicyType;
import org.gcube.common.authorization.library.policies.Service2ServicePolicy;
@@ -147,6 +148,42 @@ public class RelationDBPersistence implements TokenPersistence{
}
}
}
+
+ @Override
+ public void updateAuthorizationEntry(String token,
+ List roles) {
+
+ EntityManager em = emFactory.createEntityManager();
+
+
+ TypedQuery query = em.createNamedQuery("Authz.get", AuthorizationEntity.class);
+ query.setParameter("token", token);
+ AuthorizationEntity authEntity;
+ try{
+ authEntity = query.getSingleResult();
+ }catch (NoResultException e){
+ log.warn("no result found for token {}",token);
+ throw new IllegalArgumentException("the token does not exist");
+ }
+
+
+ if (authEntity.getInfo().getType()== ClientType.USER) {
+ log.debug("setting roles {}", roles);
+ UserInfo ui = new UserInfo(authEntity.getInfo().getId(), roles);
+ authEntity.setInfo(ui);
+ EntityTransaction tx = em.getTransaction();
+ try {
+ tx.begin();
+ AuthorizationEntity merged = em.merge(authEntity);
+ tx.commit();
+ log.debug("entity merged: {}", merged);
+ }finally {
+ em.close();
+ }
+ } else
+ throw new IllegalArgumentException("the token is not representing a user");
+
+ }
@Override
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
index 7670ba1..b7ac49f 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationEntity.java
@@ -1,8 +1,12 @@
package org.gcube.common.authorizationservice.persistence.entities;
+import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
+import javax.persistence.Access;
+import javax.persistence.AccessType;
import javax.persistence.Column;
import javax.persistence.Convert;
import javax.persistence.DiscriminatorColumn;
@@ -28,11 +32,14 @@ import org.gcube.common.authorizationservice.persistence.entities.ServicePolicyE
import org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter;
import org.gcube.common.authorizationservice.util.Constants;
import org.jboss.weld.exceptions.IllegalArgumentException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
@Entity
@Inheritance
@DiscriminatorColumn(name="EntryType")
@Table(name="Authorizations")
+@Access(AccessType.FIELD)
@NamedQueries({
@NamedQuery(name="Authz.get", query="SELECT DISTINCT info FROM AuthorizationEntity info WHERE "
+ " info.token=:token"),
@@ -112,6 +119,11 @@ public abstract class AuthorizationEntity {
return this.info;
}
+ public void setInfo(ClientInfo info) {
+ this.info = info;
+ this.internalInfo = retriveInternalInfo(info);
+ }
+
public String getEntryType() {
return entryType;
}
@@ -139,7 +151,7 @@ public abstract class AuthorizationEntity {
private ClientInfo retieveInfo() {
switch (entryType) {
case EntityConstants.USER_AUTHORIZATION:
- return new UserInfo(this.internalInfo.identifier, this.internalInfo.roles);
+ return new UserInfo(this.internalInfo.identifier, this.internalInfo.getRoles());
case EntityConstants.SERVICE_AUTHORIZATION:
return new ServiceInfo(new ServiceIdentifier(this.internalInfo.service.clientServiceClass, this.internalInfo.service.clientServiceName, this.internalInfo.service.clientServiceIdentifier));
case EntityConstants.EXTERNAL_SERVICE_AUTHORIZATION:
@@ -155,15 +167,15 @@ public abstract class AuthorizationEntity {
private ClientInfoEntity retriveInternalInfo(ClientInfo info2) {
switch (entryType) {
case EntityConstants.USER_AUTHORIZATION:
- return ClientInfoEntity.forUser(info.getId(), info.getRoles());
+ return ClientInfoEntity.forUser(info2.getId(), info2.getRoles());
case EntityConstants.SERVICE_AUTHORIZATION:
- ServiceIdentifier identifier = ((ServiceInfo) this.info).getServiceIdentifier();
+ ServiceIdentifier identifier = ((ServiceInfo) info2).getServiceIdentifier();
return ClientInfoEntity.forService(identifier.getServiceClass(), identifier.getServiceName(), identifier.getServiceId());
case EntityConstants.EXTERNAL_SERVICE_AUTHORIZATION:
- ExternalServiceInfo externalServiceInfo = (ExternalServiceInfo) this.info;
+ ExternalServiceInfo externalServiceInfo = (ExternalServiceInfo) info2;
return ClientInfoEntity.forExternalService(externalServiceInfo.getId(), externalServiceInfo.getGeneratedBy());
case EntityConstants.CONTAINER_AUTHORIZATION:
- ContainerInfo containerInfo = (ContainerInfo) this.info;
+ ContainerInfo containerInfo = (ContainerInfo) info2 ;
return ClientInfoEntity.forContainer(containerInfo.getHost(), containerInfo.getPort());
default:
throw new IllegalArgumentException("invalid entity type");
@@ -173,20 +185,23 @@ public abstract class AuthorizationEntity {
@Override
public String toString() {
return "AuthorizationEntity [id=" + id + ", token=" + token
- + ", creationTime=" + creationTime + ", entryType=" + entryType
+ + ", creationTime=" + creationTime + ", entryType=" + entryType +", "+internalInfo
+ "]";
}
+
+
@Embeddable
+ @Access(AccessType.FIELD)
private static class ClientInfoEntity {
// userInfo
@Column(name="info_identifier")
private String identifier;
+
@Column(name="info_roles", length=2000)
- @Convert(converter=StringListConverter.class)
- private List roles;
+ private String internalRoles;
//serviceInfo
@Embedded
@@ -202,6 +217,10 @@ public abstract class AuthorizationEntity {
@Column(name="info_port")
private int port;
+ protected List getRoles(){
+ return stringToRoles(internalRoles);
+ }
+
protected static ClientInfoEntity forExternalService(String identifier, String generatedBy){
ClientInfoEntity entry =new ClientInfoEntity();
entry.generatedBy= generatedBy;
@@ -222,7 +241,7 @@ public abstract class AuthorizationEntity {
protected static ClientInfoEntity forUser(String identifier, List roles){
ClientInfoEntity entry =new ClientInfoEntity();
- entry.roles= roles;
+ entry.internalRoles= rolesToString(roles);
entry.identifier = identifier;
return entry;
}
@@ -233,6 +252,28 @@ public abstract class AuthorizationEntity {
entry.port = port;
return entry;
}
+
+ @Override
+ public String toString() {
+ return "ClientInfoEntity [identifier=" + identifier + ", roles=" + internalRoles + ", service=" + service
+ + ", generatedBy=" + generatedBy + ", host=" + host + ", port=" + port + "]";
+ }
+
+ private static String rolesToString(List roles) {
+ if (roles!=null && roles.size()>0){
+ StringBuilder builder = new StringBuilder();
+ for (String value: roles)
+ builder.append(value).append(",||,");
+ return builder.substring(0, builder.length()-4);
+ } else return "";
+ }
+
+ private static List stringToRoles(String entry){
+ if (entry!=null && !entry.isEmpty()){
+ return Arrays.asList(entry.split(",\\|\\|,"));
+ }
+ else return new ArrayList(0);
+ }
}
}
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationId.java b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationId.java
index 8e6fcd8..45a2816 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationId.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/AuthorizationId.java
@@ -1,15 +1,22 @@
package org.gcube.common.authorizationservice.persistence.entities;
+import java.io.Serializable;
+
import javax.persistence.Embeddable;
@Embeddable
-public class AuthorizationId {
+public class AuthorizationId implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
String context;
String clientId;
String qualifier;
- protected AuthorizationId() {
+ public AuthorizationId() {
super();
}
diff --git a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/converters/StringListConverter.java b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/converters/StringListConverter.java
index 3b4af9a..9286ad9 100644
--- a/src/main/java/org/gcube/common/authorizationservice/persistence/entities/converters/StringListConverter.java
+++ b/src/main/java/org/gcube/common/authorizationservice/persistence/entities/converters/StringListConverter.java
@@ -4,13 +4,9 @@ import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
-import javax.persistence.AttributeConverter;
-import javax.persistence.Converter;
-@Converter
-public class StringListConverter implements AttributeConverter, String>{
+public class StringListConverter {
- @Override
public String convertToDatabaseColumn(List list) {
if (list!=null && list.size()>0){
@@ -21,7 +17,6 @@ public class StringListConverter implements AttributeConverter, Str
} else return "";
}
- @Override
public List convertToEntityAttribute(String dbEntry) {
if (dbEntry!=null && !dbEntry.isEmpty()){
return Arrays.asList(dbEntry.split(",\\|\\|,"));
diff --git a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
index a9dcfb8..76e1f5e 100644
--- a/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
+++ b/src/main/java/org/gcube/common/authorizationservice/util/TokenPersistence.java
@@ -36,5 +36,7 @@ public interface TokenPersistence {
Map getExistingExternalServices(String generatorId,
String context);
+ void updateAuthorizationEntry(String token, List roles);
+
}
diff --git a/src/main/resources/META-INF/beans.xml b/src/main/resources/META-INF/beans.xml
index 7c7e8db..00e43a2 100644
--- a/src/main/resources/META-INF/beans.xml
+++ b/src/main/resources/META-INF/beans.xml
@@ -1,5 +1,4 @@
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee">
\ No newline at end of file
diff --git a/src/main/resources/META-INF/persistence.xml b/src/main/resources/META-INF/persistence.xml
index c8809e3..51ebc92 100644
--- a/src/main/resources/META-INF/persistence.xml
+++ b/src/main/resources/META-INF/persistence.xml
@@ -6,18 +6,19 @@
org.eclipse.persistence.jpa.PersistenceProvider
-
- org.gcube.common.authorizationservice.persistence.entities.converters.StringListConverter
-
-
+
org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity
- org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity
- org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.AuthorizationEntity.ClientInfoEntity
+ org.gcube.common.authorizationservice.persistence.entities.AuthorizationId
org.gcube.common.authorizationservice.persistence.entities.ExternalServiceAuthorizationEntity
org.gcube.common.authorizationservice.persistence.entities.NodeAuthorizationEntity
+ org.gcube.common.authorizationservice.persistence.entities.PendingEntity
org.gcube.common.authorizationservice.persistence.entities.PolicyEntity
+ org.gcube.common.authorizationservice.persistence.entities.ServiceAuthorizationEntity
org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity
+ org.gcube.common.authorizationservice.persistence.entities.ServicePolicyEntity.ServiceAccessEntity
+ org.gcube.common.authorizationservice.persistence.entities.UserAuthorizationEntity
org.gcube.common.authorizationservice.persistence.entities.UserPolicyEntity
+
\ No newline at end of file
diff --git a/src/test/resources/META-INF/beans.xml b/src/test/resources/META-INF/beans.xml
index 5cfb427..2177022 100644
--- a/src/test/resources/META-INF/beans.xml
+++ b/src/test/resources/META-INF/beans.xml
@@ -1,7 +1,6 @@
+ xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee">
org.gcube.common.authorizationservice.persistence.DataBaseProducer