diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java b/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java index f568e9e..989588c 100644 --- a/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java +++ b/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java @@ -1,6 +1,5 @@ package org.gcube.common.authorization.library; -import java.util.ArrayList; import java.util.List; import javax.xml.bind.annotation.XmlAccessType; @@ -9,6 +8,8 @@ import javax.xml.bind.annotation.XmlElementRef; import javax.xml.bind.annotation.XmlElementRefs; import javax.xml.bind.annotation.XmlRootElement; +import org.gcube.common.authorization.library.policies.Policy; +import org.gcube.common.authorization.library.provider.ClientInfo; import org.gcube.common.scope.api.ServiceMap; import org.gcube.common.scope.impl.DefaultServiceMap; @@ -16,33 +17,23 @@ import org.gcube.common.scope.impl.DefaultServiceMap; @XmlAccessorType(XmlAccessType.FIELD) public class AuthorizationEntry { - private String clientId; - private List roles; + ClientInfo clientInfo; private String context; @XmlElementRefs({@XmlElementRef(type=DefaultServiceMap.class)}) private ServiceMap map; - private List bannedServices = new ArrayList(); + private List policies; protected AuthorizationEntry(){} - public AuthorizationEntry(String clientId, List roles, String context) { + public AuthorizationEntry(ClientInfo clientInfo, String context, List policies) { super(); - this.clientId = clientId; - this.roles = roles; + this.clientInfo = clientInfo; this.context = context; - } - - public AuthorizationEntry(String userName, List roles, String context , List bannedServices) { - this(userName, roles, context); - this.bannedServices = bannedServices; + this.policies = policies; } - public String getClientId() { - return clientId; - } - - public List getRoles() { - return roles; + public ClientInfo getClientInfo() { + return clientInfo; } public String getContext() { @@ -52,28 +43,13 @@ public class AuthorizationEntry { public ServiceMap getMap() { return map; } - - public void setMap(ServiceMap map) { this.map = map; } - public List getBannedServices() { - return bannedServices; - } - - public void setBannedServices(List bannedServices) { - this.bannedServices = bannedServices; - } - - - - @Override - public String toString() { - return "AuthorizationEntry [clientId=" + clientId + ", roles=" + roles - + ", context=" + context + ", map=" + map + ", bannedServices=" - + bannedServices + "]"; + public List getPolicies() { + return policies; } @Override @@ -81,12 +57,8 @@ public class AuthorizationEntry { final int prime = 31; int result = 1; result = prime * result - + ((bannedServices == null) ? 0 : bannedServices.hashCode()); - result = prime * result - + ((clientId == null) ? 0 : clientId.hashCode()); + + ((clientInfo == null) ? 0 : clientInfo.hashCode()); result = prime * result + ((context == null) ? 0 : context.hashCode()); - result = prime * result + ((map == null) ? 0 : map.hashCode()); - result = prime * result + ((roles == null) ? 0 : roles.hashCode()); return result; } @@ -99,34 +71,17 @@ public class AuthorizationEntry { if (getClass() != obj.getClass()) return false; AuthorizationEntry other = (AuthorizationEntry) obj; - if (bannedServices == null) { - if (other.bannedServices != null) + if (clientInfo == null) { + if (other.clientInfo != null) return false; - } else if (!bannedServices.equals(other.bannedServices)) - return false; - if (clientId == null) { - if (other.clientId != null) - return false; - } else if (!clientId.equals(other.clientId)) + } else if (!clientInfo.equals(other.clientInfo)) return false; if (context == null) { if (other.context != null) return false; } else if (!context.equals(other.context)) return false; - if (map == null) { - if (other.map != null) - return false; - } else if (!map.equals(other.map)) - return false; - if (roles == null) { - if (other.roles != null) - return false; - } else if (!roles.equals(other.roles)) - return false; return true; } - - } diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java b/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java index 7dd37ad..426394b 100644 --- a/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java +++ b/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java @@ -4,7 +4,7 @@ import java.lang.reflect.InvocationHandler; import java.lang.reflect.Method; import org.gcube.common.authorization.library.provider.AuthorizationProvider; -import org.gcube.common.authorization.library.provider.ClientInfo; +import org.gcube.common.authorization.library.provider.UserInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -27,7 +27,7 @@ public class AuthorizationInvocationHandler implements Invocatio public Object invoke(Object proxy, Method method, Object[] args) throws Throwable { log.trace("calling proxed method "+method.getName()+" on "+handledClass); - ClientInfo info = AuthorizationProvider.instance.get(); + UserInfo info = AuthorizationProvider.instance.get(); //checkSubjectToQuota(info, method); //checkIsAllowedFor(info, method); return method.invoke(obj, args); diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java b/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java index 8e1f8ee..494aaf2 100644 --- a/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java +++ b/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java @@ -3,7 +3,7 @@ package org.gcube.common.authorization.library; import java.util.concurrent.Callable; import org.gcube.common.authorization.library.provider.AuthorizationProvider; -import org.gcube.common.authorization.library.provider.ClientInfo; +import org.gcube.common.authorization.library.provider.UserInfo; import org.gcube.common.scope.api.ScopeProvider; @@ -18,7 +18,7 @@ public class AuthorizedTasks { final String callScope = ScopeProvider.instance.get(); - final ClientInfo userCall = AuthorizationProvider.instance.get(); + final UserInfo userCall = AuthorizationProvider.instance.get(); return new Callable() { @Override @@ -49,7 +49,7 @@ public class AuthorizedTasks { final String callScope = ScopeProvider.instance.get(); - final ClientInfo userCall = AuthorizationProvider.instance.get(); + final UserInfo userCall = AuthorizationProvider.instance.get(); return new Runnable() { @Override diff --git a/src/main/java/org/gcube/common/authorization/library/PolicyUtils.java b/src/main/java/org/gcube/common/authorization/library/PolicyUtils.java new file mode 100644 index 0000000..921923a --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/PolicyUtils.java @@ -0,0 +1,49 @@ +package org.gcube.common.authorization.library; + +import java.util.ArrayList; +import java.util.List; + +import org.gcube.common.authorization.library.policies.Policy; +import org.gcube.common.authorization.library.policies.PolicyType; +import org.gcube.common.authorization.library.policies.Service2ServicePolicy; +import org.gcube.common.authorization.library.policies.User2ServicePolicy; +import org.gcube.common.authorization.library.policies.UserEntity.UserEntityType; +import org.gcube.common.authorization.library.provider.ClientInfo; +import org.gcube.common.authorization.library.provider.ServiceIdentifier; +import org.gcube.common.authorization.library.provider.ServiceInfo; +import org.gcube.common.authorization.library.provider.UserInfo; + +/** + * + * @author lucio lelii + * + */ +public class PolicyUtils { + + public static List getRetainedPolicies(ClientInfo client, List policies){ + + List retainedPolicies = new ArrayList(); + + for (Policy policy: policies){ + if ((client instanceof UserInfo && policy.getPolicyType()==PolicyType.USER && checkPolicy((UserInfo) client, (User2ServicePolicy)policy)) + || (client instanceof ServiceInfo && policy.getPolicyType()==PolicyType.SERVICE && checkPolicy((ServiceInfo) client, (Service2ServicePolicy)policy))) + retainedPolicies.add(policy); + } + return retainedPolicies; + } + + private static boolean checkPolicy(UserInfo client, User2ServicePolicy policy) { + if (policy.getEntity().getType()== UserEntityType.USER) + return client.getId().equals(policy.getEntity().getIdentifier()); + else + return client.getRoles().contains(policy.getEntity().getIdentifier()); + } + + private static boolean checkPolicy(ServiceInfo client, Service2ServicePolicy policy) { + ServiceIdentifier serviceId = client.getServiceIdentifier(); + String policyAsString = policy.getClient().getAsString(); + return policyAsString.equals("*") || policyAsString.equals(serviceId.getServiceClass()+":*") || + policyAsString.equals(serviceId.getServiceClass()+":"+serviceId.getServiceName()+":*") || + policyAsString.equals(serviceId.getFullIdentifier()); + } +} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java deleted file mode 100644 index 4fa20bd..0000000 --- a/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java +++ /dev/null @@ -1,77 +0,0 @@ -package org.gcube.common.authorization.library.policies; - -import javax.xml.bind.annotation.XmlAccessType; -import javax.xml.bind.annotation.XmlAccessorType; -import javax.xml.bind.annotation.XmlRootElement; - -@XmlRootElement -@XmlAccessorType(XmlAccessType.FIELD) -public class EnvironmentPolicy extends Policy{ - - private String environment; - private ServiceAccess service; - - - protected EnvironmentPolicy() {} - - public EnvironmentPolicy(String environment, ServiceAccess service) { - super(); - this.environment = environment; - this.service = service; - } - - @Override - public PolicyType getPolicyType() { - return PolicyType.ENVIRONMENT; - } - - @Override - public String getPolicyAsString() { - return service.getAsString(); - } - - public String getEnvironment() { - return environment; - } - - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result - + ((environment == null) ? 0 : environment.hashCode()); - result = prime * result + ((service == null) ? 0 : service.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - EnvironmentPolicy other = (EnvironmentPolicy) obj; - if (environment == null) { - if (other.environment != null) - return false; - } else if (!environment.equals(other.environment)) - return false; - if (service == null) { - if (other.service != null) - return false; - } else if (!service.equals(other.service)) - return false; - return true; - } - - @Override - public String toString() { - return "EnvironmentPolicy [environment=" + environment + ", service=" - + service + "]"; - } - - - -} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java b/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java index 0593348..8826b1e 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java @@ -2,7 +2,6 @@ package org.gcube.common.authorization.library.policies; public enum PolicyType { - ENVIRONMENT, SERVICE, USER } diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Role.java b/src/main/java/org/gcube/common/authorization/library/policies/Role.java new file mode 100644 index 0000000..86af854 --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/policies/Role.java @@ -0,0 +1,24 @@ +package org.gcube.common.authorization.library.policies; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class Role extends UserEntity { + + protected Role() { + super(); + } + + public Role(String identifier) { + super(identifier); + } + + @Override + public UserEntityType getType() { + return UserEntityType.ROLE; + } + +} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java similarity index 55% rename from src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java rename to src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java index a018df0..bdb4a04 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/Service2ServicePolicy.java @@ -6,19 +6,19 @@ import javax.xml.bind.annotation.XmlRootElement; @XmlRootElement @XmlAccessorType(XmlAccessType.FIELD) -public class ServicePolicy extends Policy{ +public class Service2ServicePolicy extends Policy{ - private String clientID; - private String environment; + private ServiceAccess client; + private String context; private ServiceAccess serviceAccess; - protected ServicePolicy(){} + protected Service2ServicePolicy(){} - public ServicePolicy(String environment, ServiceAccess serviceAccess, - String clientID) { - this.environment = environment; + public Service2ServicePolicy(String context, ServiceAccess serviceAccess, + ServiceAccess client) { + this.context = context; this.serviceAccess = serviceAccess; - this.clientID = clientID; + this.client = client; } @Override @@ -28,15 +28,15 @@ public class ServicePolicy extends Policy{ @Override public String getPolicyAsString() { - return serviceAccess.getAsString(); + return this.context+","+serviceAccess.getAsString()+","+serviceAccess.getAsString(); } - public String getClientID() { - return clientID; + public ServiceAccess getClient() { + return client; } - public String getEnvironment() { - return environment; + public String getContext() { + return context; } public ServiceAccess getServiceAccess() { @@ -47,10 +47,9 @@ public class ServicePolicy extends Policy{ public int hashCode() { final int prime = 31; int result = 1; + result = prime * result + ((client == null) ? 0 : client.hashCode()); result = prime * result - + ((clientID == null) ? 0 : clientID.hashCode()); - result = prime * result - + ((environment == null) ? 0 : environment.hashCode()); + + ((context == null) ? 0 : context.hashCode()); result = prime * result + ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); return result; @@ -64,16 +63,16 @@ public class ServicePolicy extends Policy{ return false; if (getClass() != obj.getClass()) return false; - ServicePolicy other = (ServicePolicy) obj; - if (clientID == null) { - if (other.clientID != null) + Service2ServicePolicy other = (Service2ServicePolicy) obj; + if (client == null) { + if (other.client != null) return false; - } else if (!clientID.equals(other.clientID)) + } else if (!client.equals(other.client)) return false; - if (environment == null) { - if (other.environment != null) + if (context == null) { + if (other.context != null) return false; - } else if (!environment.equals(other.environment)) + } else if (!context.equals(other.context)) return false; if (serviceAccess == null) { if (other.serviceAccess != null) @@ -85,9 +84,10 @@ public class ServicePolicy extends Policy{ @Override public String toString() { - return "ServicePolicy [clientID=" + clientID + ", environment=" - + environment + ", serviceAccess=" + serviceAccess + "]"; + return "Service2ServicePolicy [client=" + client + ", environment=" + + context + ", serviceAccess=" + serviceAccess + "]"; } + } diff --git a/src/main/java/org/gcube/common/authorization/library/policies/User.java b/src/main/java/org/gcube/common/authorization/library/policies/User.java new file mode 100644 index 0000000..c27275f --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/policies/User.java @@ -0,0 +1,24 @@ +package org.gcube.common.authorization.library.policies; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class User extends UserEntity { + + protected User() { + super(); + } + + public User(String identifier) { + super(identifier); + } + + @Override + public UserEntityType getType() { + return UserEntityType.USER; + } + +} diff --git a/src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java similarity index 54% rename from src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java rename to src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java index 7cc0d5c..9c51222 100644 --- a/src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java +++ b/src/main/java/org/gcube/common/authorization/library/policies/User2ServicePolicy.java @@ -6,22 +6,23 @@ import javax.xml.bind.annotation.XmlRootElement; @XmlRootElement @XmlAccessorType(XmlAccessType.FIELD) -public class UserPolicy extends Policy { +public class User2ServicePolicy extends Policy { - private String clientID; - private String environment; + + private UserEntity entity; + private String context; private ServiceAccess serviceAccess; - protected UserPolicy(){} + protected User2ServicePolicy(){} - public UserPolicy(String environment, ServiceAccess serviceAccess, String clientID) { - this.environment = environment; + public User2ServicePolicy(String context, ServiceAccess serviceAccess, UserEntity entity) { + this.context = context; this.serviceAccess = serviceAccess; - this.clientID = clientID; + this.entity = entity; } - public String getClientID() { - return clientID; + public UserEntity getEntity() { + return entity; } @Override @@ -31,21 +32,20 @@ public class UserPolicy extends Policy { @Override public String getPolicyAsString() { - return serviceAccess.getAsString(); + return this.context+","+serviceAccess.getAsString()+","+entity.getAsString(); } - public String getEnvironment() { - return environment; + public String getContext() { + return context; } @Override public int hashCode() { final int prime = 31; int result = 1; + result = prime * result + ((entity == null) ? 0 : entity.hashCode()); result = prime * result - + ((clientID == null) ? 0 : clientID.hashCode()); - result = prime * result - + ((environment == null) ? 0 : environment.hashCode()); + + ((context == null) ? 0 : context.hashCode()); result = prime * result + ((serviceAccess == null) ? 0 : serviceAccess.hashCode()); return result; @@ -59,16 +59,16 @@ public class UserPolicy extends Policy { return false; if (getClass() != obj.getClass()) return false; - UserPolicy other = (UserPolicy) obj; - if (clientID == null) { - if (other.clientID != null) + User2ServicePolicy other = (User2ServicePolicy) obj; + if (entity == null) { + if (other.entity != null) return false; - } else if (!clientID.equals(other.clientID)) + } else if (!entity.equals(other.entity)) return false; - if (environment == null) { - if (other.environment != null) + if (context == null) { + if (other.context != null) return false; - } else if (!environment.equals(other.environment)) + } else if (!context.equals(other.context)) return false; if (serviceAccess == null) { if (other.serviceAccess != null) @@ -80,8 +80,8 @@ public class UserPolicy extends Policy { @Override public String toString() { - return "UserPolicy [clientID=" + clientID + ", environment=" - + environment + ", serviceAccess=" + serviceAccess + "]"; + return "User2ServicePolicy [entity=" + entity + ", environment=" + + context + ", serviceAccess=" + serviceAccess + "]"; } } diff --git a/src/main/java/org/gcube/common/authorization/library/policies/UserEntity.java b/src/main/java/org/gcube/common/authorization/library/policies/UserEntity.java new file mode 100644 index 0000000..bd57eed --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/policies/UserEntity.java @@ -0,0 +1,67 @@ +package org.gcube.common.authorization.library.policies; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; +import javax.xml.bind.annotation.XmlSeeAlso; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +@XmlSeeAlso({User.class,Role.class}) +public abstract class UserEntity { + + private String identifier; + + public enum UserEntityType { + ROLE , USER + } + + protected UserEntity() { + super(); + } + + public UserEntity(String identifier) { + super(); + this.identifier = identifier; + } + + public String getIdentifier(){ + return identifier; + } + + public abstract UserEntityType getType(); + + public final String getAsString() { + return this.getType()+":"+this.identifier; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + + ((identifier == null) ? 0 : identifier.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + UserEntity other = (UserEntity) obj; + if (identifier == null) { + if (other.identifier != null) + return false; + } else if (!identifier.equals(other.identifier)) + return false; + return true; + } + + + + +} diff --git a/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java b/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java index eb4ada4..b472fe0 100644 --- a/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java +++ b/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java @@ -11,10 +11,10 @@ public class AuthorizationProvider { private static Logger logger = LoggerFactory.getLogger(AuthorizationProvider.class); // Thread local variable containing each thread's ID - private static final InheritableThreadLocal threadAuth = - new InheritableThreadLocal() { + private static final InheritableThreadLocal threadAuth = + new InheritableThreadLocal() { - @Override protected ClientInfo initialValue() { + @Override protected UserInfo initialValue() { return null; } @@ -22,13 +22,13 @@ public class AuthorizationProvider { private AuthorizationProvider(){} - public ClientInfo get(){ - ClientInfo info = threadAuth.get(); + public UserInfo get(){ + UserInfo info = threadAuth.get(); logger.trace("getting "+info+" in thread "+Thread.currentThread().getId() ); return info; } - public void set(ClientInfo authorizationToken){ + public void set(UserInfo authorizationToken){ threadAuth.set(authorizationToken); logger.trace("setting "+authorizationToken+" in thread "+Thread.currentThread().getId() ); } diff --git a/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java b/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java index b720331..f47a0b1 100644 --- a/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java +++ b/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java @@ -1,89 +1,21 @@ package org.gcube.common.authorization.library.provider; -import java.util.Collections; import java.util.List; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; import javax.xml.bind.annotation.XmlRootElement; - -import org.gcube.common.authorization.library.policies.Policy; - +import javax.xml.bind.annotation.XmlSeeAlso; @XmlRootElement @XmlAccessorType(XmlAccessType.FIELD) -public class ClientInfo { +@XmlSeeAlso(value={UserInfo.class, ServiceInfo.class}) +public abstract class ClientInfo { - private String clientId; - private List roles = Collections.emptyList(); - private List policies; - - protected ClientInfo(){} - - public ClientInfo(String clientId, List roles, List policies) { - super(); - this.clientId = clientId; - this.roles = roles; - this.policies = policies; - } - - public String getClientId() { - return clientId; - } - public List getPolicies() { - return policies; - } - /* - public boolean isTokenBannedForService(BannedService service){ - return (bannedServices.contains(service)); - }*/ + public abstract String getId(); + + public abstract List getRoles(); - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result - + ((clientId == null) ? 0 : clientId.hashCode()); - result = prime * result - + ((policies == null) ? 0 : policies.hashCode()); - result = prime * result + ((roles == null) ? 0 : roles.hashCode()); - return result; - } - - @Override - public boolean equals(Object obj) { - if (this == obj) - return true; - if (obj == null) - return false; - if (getClass() != obj.getClass()) - return false; - ClientInfo other = (ClientInfo) obj; - if (clientId == null) { - if (other.clientId != null) - return false; - } else if (!clientId.equals(other.clientId)) - return false; - if (policies == null) { - if (other.policies != null) - return false; - } else if (!policies.equals(other.policies)) - return false; - if (roles == null) { - if (other.roles != null) - return false; - } else if (!roles.equals(other.roles)) - return false; - return true; - } - - @Override - public String toString() { - return "ClientInfo [clientId=" + clientId + ", roles=" + roles - + ", policies=" + policies + "]"; - } - - } diff --git a/src/main/java/org/gcube/common/authorization/library/provider/ServiceIdentifier.java b/src/main/java/org/gcube/common/authorization/library/provider/ServiceIdentifier.java new file mode 100644 index 0000000..6ca8389 --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/provider/ServiceIdentifier.java @@ -0,0 +1,84 @@ +package org.gcube.common.authorization.library.provider; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class ServiceIdentifier { + + private String serviceClass; + private String serviceName; + private String serviceId; + + public ServiceIdentifier() {} + + public ServiceIdentifier(String serviceClass, String serviceName, String serviceId) { + super(); + this.serviceClass = serviceClass; + this.serviceName = serviceName; + this.serviceId = serviceId; + } + + public String getServiceClass() { + return serviceClass; + } + + public String getServiceName() { + return serviceName; + } + + public String getServiceId() { + return serviceId; + } + + public String getFullIdentifier(){ + return getIdentifier(serviceClass, serviceName, serviceId); + } + + public static String getIdentifier(String serviceClass, String serviceName, String serviceId){ + return serviceClass+":"+serviceName+":"+serviceId; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + + ((serviceClass == null) ? 0 : serviceClass.hashCode()); + result = prime * result + + ((serviceId == null) ? 0 : serviceId.hashCode()); + result = prime * result + + ((serviceName == null) ? 0 : serviceName.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + ServiceIdentifier other = (ServiceIdentifier) obj; + if (serviceClass == null) { + if (other.serviceClass != null) + return false; + } else if (!serviceClass.equals(other.serviceClass)) + return false; + if (serviceId == null) { + if (other.serviceId != null) + return false; + } else if (!serviceId.equals(other.serviceId)) + return false; + if (serviceName == null) { + if (other.serviceName != null) + return false; + } else if (!serviceName.equals(other.serviceName)) + return false; + return true; + } + +} diff --git a/src/main/java/org/gcube/common/authorization/library/provider/ServiceInfo.java b/src/main/java/org/gcube/common/authorization/library/provider/ServiceInfo.java new file mode 100644 index 0000000..3b74ad5 --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/provider/ServiceInfo.java @@ -0,0 +1,67 @@ +package org.gcube.common.authorization.library.provider; + +import java.util.Collections; +import java.util.List; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class ServiceInfo extends ClientInfo{ + + ServiceIdentifier serviceIdentifier; + + protected ServiceInfo() {} + + public ServiceInfo(ServiceIdentifier serviceIdentifier) { + super(); + this.serviceIdentifier = serviceIdentifier; + } + + @Override + public String getId() { + return serviceIdentifier.getFullIdentifier(); + } + + public ServiceIdentifier getServiceIdentifier() { + return serviceIdentifier; + } + + @Override + public List getRoles() { + return Collections.emptyList(); + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime + * result + + ((serviceIdentifier == null) ? 0 : serviceIdentifier + .hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + ServiceInfo other = (ServiceInfo) obj; + if (serviceIdentifier == null) { + if (other.serviceIdentifier != null) + return false; + } else if (!serviceIdentifier.equals(other.serviceIdentifier)) + return false; + return true; + } + + + +} diff --git a/src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java b/src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java new file mode 100644 index 0000000..915242b --- /dev/null +++ b/src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java @@ -0,0 +1,74 @@ +package org.gcube.common.authorization.library.provider; + +import java.util.Collections; +import java.util.List; + +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlRootElement; + + +@XmlRootElement +@XmlAccessorType(XmlAccessType.FIELD) +public class UserInfo extends ClientInfo { + + private String clientId; + private List roles = Collections.emptyList(); + + protected UserInfo(){} + + public UserInfo(String clientId, List roles) { + super(); + this.clientId = clientId; + this.roles = roles; + } + + + @Override + public String getId() { + return clientId; + } + + @Override + public List getRoles() { + return roles; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + + ((clientId == null) ? 0 : clientId.hashCode()); + result = prime * result + ((roles == null) ? 0 : roles.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + UserInfo other = (UserInfo) obj; + if (clientId == null) { + if (other.clientId != null) + return false; + } else if (!clientId.equals(other.clientId)) + return false; + if (roles == null) { + if (other.roles != null) + return false; + } else if (!roles.equals(other.roles)) + return false; + return true; + } + + @Override + public String toString() { + return "UserInfo [clientId=" + clientId + ", roles=" + roles + "]"; + } + +} diff --git a/src/test/java/org/gcube/common/authorization/library/binder/AuthorizationEntryBinder.java b/src/test/java/org/gcube/common/authorization/library/binder/AuthorizationEntryBinder.java index f7cc6f4..b06b9dc 100644 --- a/src/test/java/org/gcube/common/authorization/library/binder/AuthorizationEntryBinder.java +++ b/src/test/java/org/gcube/common/authorization/library/binder/AuthorizationEntryBinder.java @@ -2,6 +2,7 @@ package org.gcube.common.authorization.library.binder; import java.io.StringReader; import java.io.StringWriter; +import java.util.ArrayList; import java.util.HashMap; import java.util.Map; @@ -9,6 +10,8 @@ import javax.xml.bind.JAXBContext; import javax.xml.bind.JAXBException; import org.gcube.common.authorization.library.AuthorizationEntry; +import org.gcube.common.authorization.library.policies.Policy; +import org.gcube.common.authorization.library.provider.UserInfo; import org.gcube.common.scope.impl.DefaultServiceMap; import org.junit.Assert; import org.junit.Test; @@ -23,7 +26,7 @@ public class AuthorizationEntryBinder { public void bind() throws Exception{ JAXBContext context = getContext(); StringWriter sw = new StringWriter(); - AuthorizationEntry ae1 = new AuthorizationEntry("clientId", null, "scope"); + AuthorizationEntry ae1 = new AuthorizationEntry(new UserInfo("lucio.lelii", new ArrayList()), "scope", new ArrayList()); Map services = new HashMap(); services.put("service", "endpoint"); ae1.setMap(new DefaultServiceMap("scope","versione", services )); diff --git a/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java index e2168c1..038846e 100644 --- a/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java +++ b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java @@ -15,33 +15,26 @@ public class SerializationTest { @BeforeClass public static void before() throws Exception{ - context = JAXBContext.newInstance(EnvironmentPolicy.class, UserPolicy.class, ServicePolicy.class); - } - - @Test - public void serializeEnvironmentPolicy() throws Exception{ - EnvironmentPolicy ep = new EnvironmentPolicy("/gcube", new ServiceAccess()); - StringWriter sw = new StringWriter(); - context.createMarshaller().marshal(ep, sw); - EnvironmentPolicy epCopy = (EnvironmentPolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString())); - Assert.assertEquals(ep, epCopy); + context = JAXBContext.newInstance(User2ServicePolicy.class, Service2ServicePolicy.class); } @Test public void serializeUserPolicy() throws Exception{ - UserPolicy up = new UserPolicy("/gcube", new ServiceAccess("ServiceName", "ServiceClass","serviceID"), "userID"); + User2ServicePolicy up = new User2ServicePolicy("/gcube", new ServiceAccess("ServiceName", "ServiceClass","serviceID"), new User("userID")); StringWriter sw = new StringWriter(); context.createMarshaller().marshal(up, sw); - UserPolicy upCopy = (UserPolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString())); + User2ServicePolicy upCopy = (User2ServicePolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString())); + System.out.println(upCopy.getPolicyAsString()); Assert.assertEquals(up, upCopy); } @Test public void serializeServicePolicy() throws Exception{ - ServicePolicy sp = new ServicePolicy("/gcube", new ServiceAccess("ServiceName","ServiceClass"),"ServiceName:ServiceClass"); + Service2ServicePolicy sp = new Service2ServicePolicy("/gcube", new ServiceAccess("ServiceName","ServiceClass"),new ServiceAccess("ServiceName2", "ServiceClass2")); StringWriter sw = new StringWriter(); context.createMarshaller().marshal(sp, sw); - ServicePolicy spCopy = (ServicePolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString())); + Service2ServicePolicy spCopy = (Service2ServicePolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString())); + System.out.println(spCopy.getPolicyAsString()); Assert.assertEquals(sp, spCopy); } }