Reorganizing library
This commit is contained in:
parent
82cc974d00
commit
a8c35a17e4
|
|
@ -1,8 +1,11 @@
|
|||
package org.gcube.common.authorization.utils.secret;
|
||||
package org.gcube.common.authorization.utils.clientid;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.gcube.common.authorization.utils.secret.Secret;
|
||||
import org.gcube.common.keycloak.KeycloakClientFactory;
|
||||
import org.gcube.common.keycloak.model.TokenResponse;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
|
|
@ -64,4 +67,21 @@ public class ClienIDSecret extends Secret {
|
|||
int res = super.compareTo(obj);
|
||||
return res == 0 ? clientID.compareTo(clientID) : res;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setToken() throws Exception {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public ClientInfo getClientInfo() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Caller getCaller() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
package org.gcube.common.authorization.utils.provider;
|
||||
package org.gcube.common.authorization.utils.clientid;
|
||||
|
||||
import org.gcube.common.authorization.utils.provider.SecretProvider;
|
||||
import org.gcube.common.authorization.utils.secret.Secret;
|
||||
import org.gcube.common.authorization.utils.secret.ClienIDSecret;
|
||||
|
||||
/**
|
||||
* @author Luca Frosini (ISTI - CNR)
|
||||
|
|
@ -1,14 +1,13 @@
|
|||
package org.gcube.common.authorization.utils.manager;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.SortedSet;
|
||||
|
||||
import org.gcube.common.authorization.utils.provider.SecretProvider;
|
||||
import org.gcube.common.authorization.utils.provider.ClientIDSecretProvider;
|
||||
import org.gcube.common.authorization.utils.provider.GCubeSecretProvider;
|
||||
import org.gcube.common.authorization.utils.secret.Secret;
|
||||
import org.gcube.common.authorization.utils.provider.SecretProvider;
|
||||
import org.gcube.common.authorization.utils.secret.JWTSecret;
|
||||
import org.gcube.common.authorization.utils.secret.Secret;
|
||||
|
||||
/**
|
||||
* @author Luca Frosini (ISTI - CNR)
|
||||
|
|
@ -38,7 +37,7 @@ public class SecretManager {
|
|||
|
||||
@SuppressWarnings("unchecked")
|
||||
Class<SecretProvider>[] classes = new Class[]{
|
||||
JWTSecret.class, GCubeSecretProvider.class, ClientIDSecretProvider.class
|
||||
JWTSecret.class, GCubeSecretProvider.class
|
||||
};
|
||||
|
||||
for(Class<SecretProvider> clz : classes) {
|
||||
|
|
@ -63,7 +62,7 @@ public class SecretManager {
|
|||
authorizationSecrets.set();
|
||||
}
|
||||
|
||||
public void startSession(Collection<Secret> authorizationSecrets) throws Exception {
|
||||
public void startSession(SortedSet<Secret> authorizationSecrets) throws Exception {
|
||||
setAll(authorizationSecrets);
|
||||
}
|
||||
|
||||
|
|
@ -71,9 +70,15 @@ public class SecretManager {
|
|||
setAll(secretHolder.getAuthorizationSecrets());
|
||||
}
|
||||
|
||||
private void setAll(Collection<Secret> authorizationSecrets) throws Exception {
|
||||
private void setAll(SortedSet<Secret> authorizationSecrets) throws Exception {
|
||||
boolean first = true;
|
||||
for(Secret authorizationSecret : authorizationSecrets) {
|
||||
authorizationSecret.set();
|
||||
if(first) {
|
||||
authorizationSecret.set();
|
||||
first = false;
|
||||
}else {
|
||||
authorizationSecret.setToken();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,12 +7,9 @@ import java.util.regex.Pattern;
|
|||
import org.gcube.common.authorization.client.Constants;
|
||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.exception.AuthorizationException;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.common.scope.impl.ScopeBean;
|
||||
|
||||
/**
|
||||
* @author Luca Frosini (ISTI - CNR)
|
||||
|
|
@ -21,6 +18,8 @@ public class GCubeSecret extends Secret {
|
|||
|
||||
public static final String GCUBE_TOKEN_REGEX = "^([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}-[a-fA-F0-9]{8,9}){1}$";
|
||||
|
||||
protected AuthorizationEntry authorizationEntry;
|
||||
|
||||
@Override
|
||||
protected void check(String token) throws AuthorizationException {
|
||||
super.check(token);
|
||||
|
|
@ -33,27 +32,33 @@ public class GCubeSecret extends Secret {
|
|||
super(20, token);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void set() throws Exception {
|
||||
SecurityTokenProvider.instance.set(token);
|
||||
|
||||
AuthorizationEntry authorizationEntry = Constants.authorizationService().get(token);
|
||||
ClientInfo clientInfo = authorizationEntry.getClientInfo();
|
||||
String qualifier = authorizationEntry.getQualifier();
|
||||
Caller caller = new Caller(clientInfo, qualifier);
|
||||
AuthorizationProvider.instance.set(caller);
|
||||
|
||||
ScopeBean scopeBean = new ScopeBean(getContext());
|
||||
ScopeProvider.instance.set(scopeBean.toString());
|
||||
protected AuthorizationEntry getAuthorizationEntry() throws Exception {
|
||||
if(authorizationEntry==null) {
|
||||
authorizationEntry = Constants.authorizationService().get(token);
|
||||
}
|
||||
return authorizationEntry;
|
||||
}
|
||||
|
||||
protected ClientInfo getClientInfo() throws Exception {
|
||||
return Constants.authorizationService().get(token).getClientInfo();
|
||||
public void setToken() throws Exception {
|
||||
SecurityTokenProvider.instance.set(token);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ClientInfo getClientInfo() throws Exception {
|
||||
return getAuthorizationEntry().getClientInfo();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Caller getCaller() throws Exception {
|
||||
ClientInfo clientInfo = getClientInfo();
|
||||
String qualifier = authorizationEntry.getQualifier();
|
||||
Caller caller = new Caller(clientInfo, qualifier);
|
||||
return caller;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getContext() throws Exception {
|
||||
return Constants.authorizationService().get(token).getContext();
|
||||
return getAuthorizationEntry().getContext();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -61,7 +66,6 @@ public class GCubeSecret extends Secret {
|
|||
return getClientInfo().getId();
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Map<String, String> getHTTPAuthorizationHeaders() {
|
||||
Map<String, String> authorizationHeaders = new HashMap<>();
|
||||
|
|
|
|||
|
|
@ -6,12 +6,10 @@ import java.util.Map;
|
|||
|
||||
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.gcube.common.authorization.utils.secret.jwt.JWToken;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.common.scope.impl.ScopeBean;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
@ -23,44 +21,56 @@ public class JWTSecret extends Secret {
|
|||
|
||||
private static final Logger logger = LoggerFactory.getLogger(JWTSecret.class);
|
||||
|
||||
protected JWToken jwt;
|
||||
|
||||
public JWTSecret(String token) {
|
||||
super(10, token);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void set() throws Exception {
|
||||
public void setToken() throws Exception {
|
||||
AccessTokenProvider.instance.set(token);
|
||||
|
||||
|
||||
String realUmaTokenEncoded = token.split("\\.")[1];
|
||||
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
JWToken jwt = null;
|
||||
try {
|
||||
jwt = mapper.readValue(realUmaToken, JWToken.class);
|
||||
}catch(Exception e){
|
||||
logger.error("Error parsing JWT token",e);
|
||||
throw new Exception("Error parsing JWT token", e);
|
||||
}
|
||||
|
||||
protected JWToken getJWToken() throws Exception {
|
||||
if(jwt==null) {
|
||||
String realUmaTokenEncoded = token.split("\\.")[1];
|
||||
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
jwt = mapper.readValue(realUmaToken, JWToken.class);
|
||||
}catch(Exception e){
|
||||
logger.error("Error parsing JWT token",e);
|
||||
throw new Exception("Error parsing JWT token", e);
|
||||
}
|
||||
}
|
||||
|
||||
return jwt;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public ClientInfo getClientInfo() throws Exception {
|
||||
getJWToken();
|
||||
ClientInfo clientInfo = new UserInfo(jwt.getUsername(), jwt.getRoles(), jwt.getEmail(), jwt.getFirstName(), jwt.getLastName());
|
||||
Caller caller = new Caller(clientInfo, "token");
|
||||
AuthorizationProvider.instance.set(caller);
|
||||
|
||||
return clientInfo;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Caller getCaller() throws Exception {
|
||||
Caller caller = new Caller(getClientInfo(), "token");
|
||||
return caller;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getContext() throws Exception {
|
||||
ScopeBean scopeBean = null;
|
||||
try {
|
||||
scopeBean = new ScopeBean(jwt.getContext());
|
||||
scopeBean = new ScopeBean(getJWToken().getContext());
|
||||
}catch(Exception e){
|
||||
logger.error("Invalid context in access token",e);
|
||||
throw new Exception("Invalid context in access token");
|
||||
}
|
||||
ScopeProvider.instance.set(scopeBean.toString());
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getContext() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
return scopeBean.toString();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -76,4 +86,8 @@ public class JWTSecret extends Secret {
|
|||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,10 @@ import java.util.Map;
|
|||
import java.util.Objects;
|
||||
|
||||
import org.gcube.common.authorization.library.exception.AuthorizationException;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
|
@ -36,8 +40,21 @@ public abstract class Secret implements Comparable<Secret> {
|
|||
return token;
|
||||
}
|
||||
|
||||
public abstract void set() throws Exception;
|
||||
public void set() throws Exception {
|
||||
setToken();
|
||||
|
||||
Caller caller = getCaller();
|
||||
AuthorizationProvider.instance.set(caller);
|
||||
|
||||
ScopeProvider.instance.set(getContext());
|
||||
}
|
||||
|
||||
public abstract void setToken() throws Exception;
|
||||
|
||||
public abstract ClientInfo getClientInfo() throws Exception;
|
||||
|
||||
public abstract Caller getCaller() throws Exception;
|
||||
|
||||
public abstract String getContext() throws Exception;
|
||||
|
||||
public abstract String getUsername() throws Exception;
|
||||
|
|
@ -74,5 +91,9 @@ public abstract class Secret implements Comparable<Secret> {
|
|||
}
|
||||
return token.compareTo(obj.token);
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue