authorization-utils/src/main/java/org/gcube/common/authorization/utils/secret/JWTSecret.java

package org.gcube.common.authorization.utils.secret;

import java.util.Base64;
import java.util.HashMap;
import java.util.Map;

import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.authorization.library.provider.ClientInfo;
import org.gcube.common.authorization.library.provider.UserInfo;
import org.gcube.common.authorization.library.utils.Caller;
import org.gcube.common.authorization.utils.secret.jwt.JWToken;
import org.gcube.common.scope.impl.ScopeBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * @author Luca Frosini (ISTI - CNR)
 */
public class JWTSecret extends Secret {

	private static final Logger logger = LoggerFactory.getLogger(JWTSecret.class);
	
	protected JWToken jwt;
	
	public JWTSecret(String token) {
		super(10, token);
	}
	
	@Override
	public void setToken() throws Exception {
		AccessTokenProvider.instance.set(token);
	}

	protected JWToken getJWToken() throws Exception {
		if(jwt==null) {
			String realUmaTokenEncoded = token.split("\\.")[1];
			String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
			ObjectMapper mapper = new ObjectMapper();
			try {
				 jwt = mapper.readValue(realUmaToken, JWToken.class);
			}catch(Exception e){
				logger.error("Error parsing JWT token",e);
				throw new Exception("Error parsing JWT token", e);
			}
		}
		return jwt;
	}


	@Override
	public ClientInfo getClientInfo() throws Exception {
		getJWToken();
		ClientInfo clientInfo = new UserInfo(jwt.getUsername(), jwt.getRoles(), jwt.getEmail(), jwt.getFirstName(), jwt.getLastName());
		return clientInfo;
	}

	@Override
	public Caller getCaller() throws Exception {
		Caller caller = new Caller(getClientInfo(), "token");
		return caller;
	}
	
	@Override
	public String getContext() throws Exception {
		ScopeBean scopeBean = null;
		try { 
			scopeBean = new ScopeBean(getJWToken().getContext());
		}catch(Exception e){
			logger.error("Invalid context in access token",e);
			throw new Exception("Invalid context in access token");
		}
		return scopeBean.toString();
	}

	@Override
	public Map<String, String> getHTTPAuthorizationHeaders() {
		Map<String, String> authorizationHeaders = new HashMap<>();
		authorizationHeaders.put("Authorization", "Bearer " + token);
		return authorizationHeaders;
	}

}