diff --git a/pom.xml b/pom.xml
index f731812..f1f7731 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
4.0.0
org.gcube.common
common-authorization
- 1.0.0-SNAPSHOT
+ 2.0.0-SNAPSHOT
authorization service common library
@@ -22,6 +22,12 @@
common-scope
[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)
+
+ junit
+ junit
+ 4.11
+ test
+
org.slf4j
slf4j-api
diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java b/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java
index 434aab2..6171f07 100644
--- a/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java
+++ b/src/main/java/org/gcube/common/authorization/library/AuthorizationEntry.java
@@ -11,49 +11,49 @@ import javax.xml.bind.annotation.XmlRootElement;
@XmlAccessorType(XmlAccessType.FIELD)
public class AuthorizationEntry {
- private String userName;
+ private String clientId;
private List roles;
- private String scope;
- private List bannedServices = new ArrayList();
+ private String context;
+ private List bannedServices = new ArrayList();
protected AuthorizationEntry(){}
- public AuthorizationEntry(String userName, List roles, String scope) {
+ public AuthorizationEntry(String clientId, List roles, String context) {
super();
- this.userName = userName;
+ this.clientId = clientId;
this.roles = roles;
- this.scope = scope;
+ this.context = context;
}
- public AuthorizationEntry(String userName, List roles, String scope, List bannedServices) {
+ public AuthorizationEntry(String userName, List roles, String scope, List bannedServices) {
this(userName, roles, scope);
this.bannedServices = bannedServices;
}
- public String getUserName() {
- return userName;
+ public String getClientId() {
+ return clientId;
}
public List getRoles() {
return roles;
}
- public String getScope() {
- return scope;
+ public String getContext() {
+ return context;
}
- public List getBannedServices() {
+ public List getBannedServices() {
return bannedServices;
}
- public void setBannedServices(List bannedServices) {
+ public void setBannedServices(List bannedServices) {
this.bannedServices = bannedServices;
}
@Override
public String toString() {
- return "AuthorizationEntry [userName=" + userName + ", roles=" + roles
- + ", scope=" + scope + " bannedServices "+ bannedServices+"]";
+ return "AuthorizationEntry [clientId=" + clientId + ", roles=" + roles
+ + ", context=" + context + " bannedServices "+ bannedServices+"]";
}
diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java b/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java
index c294760..7dd37ad 100644
--- a/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java
+++ b/src/main/java/org/gcube/common/authorization/library/AuthorizationInvocationHandler.java
@@ -2,13 +2,9 @@ package org.gcube.common.authorization.library;
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
-import java.util.Arrays;
-import java.util.List;
-import org.gcube.common.authorization.library.annotations.IsAllowedFor;
-import org.gcube.common.authorization.library.annotations.SubjectToQuota;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
-import org.gcube.common.authorization.library.provider.UserInfo;
+import org.gcube.common.authorization.library.provider.ClientInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -21,7 +17,7 @@ public class AuthorizationInvocationHandler implements Invocatio
private Object obj;
ResourceAuthorizationProxy resourceAuthorizationProxy;
-
+
protected AuthorizationInvocationHandler(I obj, String className, ResourceAuthorizationProxy resourceAuthorizationProxy) {
handledClass = className;
this.obj = obj;
@@ -31,12 +27,12 @@ public class AuthorizationInvocationHandler implements Invocatio
public Object invoke(Object proxy, Method method,
Object[] args) throws Throwable {
log.trace("calling proxed method "+method.getName()+" on "+handledClass);
- UserInfo info = AuthorizationProvider.instance.get();
- checkSubjectToQuota(info, method);
- checkIsAllowedFor(info, method);
+ ClientInfo info = AuthorizationProvider.instance.get();
+ //checkSubjectToQuota(info, method);
+ //checkIsAllowedFor(info, method);
return method.invoke(obj, args);
}
-
+/*
private static boolean isOneElementContainedinRoles(List elements, String[] allowedRoles){
for (String role: allowedRoles )
if (elements.contains(role))
@@ -44,11 +40,11 @@ public class AuthorizationInvocationHandler implements Invocatio
return false;
}
- private void checkSubjectToQuota(UserInfo info, Method method){
+ private void checkSubjectToQuota(ClientInfo info, Method method){
if(method.isAnnotationPresent(SubjectToQuota.class)){
BannedService service = new BannedService(resourceAuthorizationProxy.getServiceClass(), resourceAuthorizationProxy.getServiceName());
log.debug("subjectToQuota annotation present, checking for service {} in bannedServices {}",service, info.getBannedServices());
- if (info.getBannedServices().contains(service)){
+ if (info.getPolicies().contains(service)){
String message = "blocking method "+method.getName()+" for user "+info.getUserName()+": overquota reached";
log.warn(message);
throw new SecurityException(message);
@@ -56,7 +52,7 @@ public class AuthorizationInvocationHandler implements Invocatio
} else log.debug("is subjectToQuota not present in "+method.getName());
}
- private void checkIsAllowedFor(UserInfo info, Method method){
+ private void checkIsAllowedFor(ClientInfo info, Method method){
if(method.isAnnotationPresent(IsAllowedFor.class)){
IsAllowedFor allowed = method.getAnnotation(IsAllowedFor.class);
if (allowed.roles().length>0 && !isOneElementContainedinRoles(info.getRoles(), allowed.roles())){
@@ -66,5 +62,5 @@ public class AuthorizationInvocationHandler implements Invocatio
}
} else log.debug("is allowedFor not present in "+method.getName());
}
-
+ */
}
diff --git a/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java b/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java
index 494aaf2..8e1f8ee 100644
--- a/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java
+++ b/src/main/java/org/gcube/common/authorization/library/AuthorizedTasks.java
@@ -3,7 +3,7 @@ package org.gcube.common.authorization.library;
import java.util.concurrent.Callable;
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
-import org.gcube.common.authorization.library.provider.UserInfo;
+import org.gcube.common.authorization.library.provider.ClientInfo;
import org.gcube.common.scope.api.ScopeProvider;
@@ -18,7 +18,7 @@ public class AuthorizedTasks {
final String callScope = ScopeProvider.instance.get();
- final UserInfo userCall = AuthorizationProvider.instance.get();
+ final ClientInfo userCall = AuthorizationProvider.instance.get();
return new Callable() {
@Override
@@ -49,7 +49,7 @@ public class AuthorizedTasks {
final String callScope = ScopeProvider.instance.get();
- final UserInfo userCall = AuthorizationProvider.instance.get();
+ final ClientInfo userCall = AuthorizationProvider.instance.get();
return new Runnable() {
@Override
diff --git a/src/main/java/org/gcube/common/authorization/library/BannedService.java b/src/main/java/org/gcube/common/authorization/library/BannedService.java
deleted file mode 100644
index 89a8137..0000000
--- a/src/main/java/org/gcube/common/authorization/library/BannedService.java
+++ /dev/null
@@ -1,86 +0,0 @@
-package org.gcube.common.authorization.library;
-
-import java.util.Calendar;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlRootElement;
-
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-public class BannedService {
-
- private String serviceClass;
- private String serviceName;
- private Calendar banTime;
-
- protected BannedService() {
- super();
- }
-
- public BannedService(String serviceClass, String serviceName, Calendar banTime) {
- super();
- this.serviceClass = serviceClass;
- this.serviceName = serviceName;
- this.banTime = banTime;
- }
-
- public BannedService(String serviceClass, String serviceName) {
- super();
- this.serviceClass = serviceClass;
- this.serviceName = serviceName;
- this.banTime = Calendar.getInstance();
- }
-
- public String getServiceClass() {
- return serviceClass;
- }
-
- public String getServiceName() {
- return serviceName;
- }
-
- public Calendar getCreationTime() {
- return banTime;
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result
- + ((serviceClass == null) ? 0 : serviceClass.hashCode());
- result = prime * result
- + ((serviceName == null) ? 0 : serviceName.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj)
- return true;
- if (obj == null)
- return false;
- if (getClass() != obj.getClass())
- return false;
- BannedService other = (BannedService) obj;
- if (serviceClass == null) {
- if (other.serviceClass != null)
- return false;
- } else if (!serviceClass.equals(other.serviceClass))
- return false;
- if (serviceName == null) {
- if (other.serviceName != null)
- return false;
- } else if (!serviceName.equals(other.serviceName))
- return false;
- return true;
- }
-
- @Override
- public String toString() {
- return "BannedService [serviceClass=" + serviceClass + ", serviceName="
- + serviceName + ", banTime=" + banTime.getTimeInMillis() + "]";
- }
-
-}
diff --git a/src/main/java/org/gcube/common/authorization/library/BannedServices.java b/src/main/java/org/gcube/common/authorization/library/BannedServices.java
deleted file mode 100644
index 1e2ce55..0000000
--- a/src/main/java/org/gcube/common/authorization/library/BannedServices.java
+++ /dev/null
@@ -1,30 +0,0 @@
-package org.gcube.common.authorization.library;
-
-import java.util.List;
-
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlRootElement;
-
-@XmlRootElement
-@XmlAccessorType(XmlAccessType.FIELD)
-public class BannedServices {
-
- private List services;
-
- protected BannedServices(){}
-
- public BannedServices(List services) {
- super();
- this.services = services;
- }
-
-
-
- public List get() {
- return services;
- }
-
-
-
-}
diff --git a/src/main/java/org/gcube/common/authorization/library/CalledService.java b/src/main/java/org/gcube/common/authorization/library/CalledService.java
new file mode 100644
index 0000000..2ce330c
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/CalledService.java
@@ -0,0 +1,32 @@
+package org.gcube.common.authorization.library;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class CalledService {
+
+ private String serviceClass;
+ private String serviceName;
+
+ protected CalledService() {
+ super();
+ }
+
+ public CalledService(String serviceClass, String serviceName) {
+ super();
+ this.serviceClass = serviceClass;
+ this.serviceName = serviceName;
+ }
+
+ public String getServiceClass() {
+ return serviceClass;
+ }
+
+ public String getServiceName() {
+ return serviceName;
+ }
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java
new file mode 100644
index 0000000..4fa20bd
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/EnvironmentPolicy.java
@@ -0,0 +1,77 @@
+package org.gcube.common.authorization.library.policies;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class EnvironmentPolicy extends Policy{
+
+ private String environment;
+ private ServiceAccess service;
+
+
+ protected EnvironmentPolicy() {}
+
+ public EnvironmentPolicy(String environment, ServiceAccess service) {
+ super();
+ this.environment = environment;
+ this.service = service;
+ }
+
+ @Override
+ public PolicyType getPolicyType() {
+ return PolicyType.ENVIRONMENT;
+ }
+
+ @Override
+ public String getPolicyAsString() {
+ return service.getAsString();
+ }
+
+ public String getEnvironment() {
+ return environment;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((environment == null) ? 0 : environment.hashCode());
+ result = prime * result + ((service == null) ? 0 : service.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ EnvironmentPolicy other = (EnvironmentPolicy) obj;
+ if (environment == null) {
+ if (other.environment != null)
+ return false;
+ } else if (!environment.equals(other.environment))
+ return false;
+ if (service == null) {
+ if (other.service != null)
+ return false;
+ } else if (!service.equals(other.service))
+ return false;
+ return true;
+ }
+
+ @Override
+ public String toString() {
+ return "EnvironmentPolicy [environment=" + environment + ", service="
+ + service + "]";
+ }
+
+
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/Policy.java b/src/main/java/org/gcube/common/authorization/library/policies/Policy.java
new file mode 100644
index 0000000..390f6df
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/Policy.java
@@ -0,0 +1,17 @@
+package org.gcube.common.authorization.library.policies;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public abstract class Policy {
+
+ protected Policy() {}
+
+ public abstract PolicyType getPolicyType();
+
+ public abstract String getPolicyAsString();
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java b/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java
new file mode 100644
index 0000000..0593348
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/PolicyType.java
@@ -0,0 +1,8 @@
+package org.gcube.common.authorization.library.policies;
+
+public enum PolicyType {
+
+ ENVIRONMENT,
+ SERVICE,
+ USER
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java b/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java
new file mode 100644
index 0000000..89a509e
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/ServiceAccess.java
@@ -0,0 +1,113 @@
+package org.gcube.common.authorization.library.policies;
+
+import java.util.HashMap;
+import java.util.Map.Entry;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class ServiceAccess {
+
+ private String serviceClass;
+ private String name ;
+ private String serviceId;
+ private HashMap serviceSpecificPolices;
+
+ public ServiceAccess() {}
+
+ public ServiceAccess(String name, String serviceClass) {
+ super();
+ this.name = name;
+ this.serviceClass = serviceClass;
+ }
+
+ public ServiceAccess(String name, String serviceClass, String serviceId) {
+ this(name, serviceClass);
+ this.serviceId = serviceId;
+ }
+
+ public ServiceAccess(String name, String serviceClass, String serviceId,
+ HashMap serviceSpecificPolices) {
+ this(name, serviceClass, serviceId);
+ this.serviceSpecificPolices = serviceSpecificPolices;
+ }
+
+ public String getAsString(){
+ if (serviceClass == null)
+ return "*";
+ StringBuilder toReturn = new StringBuilder(serviceClass);
+ if (name == null)
+ return toReturn.append(":").append("*").toString();
+ toReturn.append(":").append(name);
+ if (serviceId==null && (serviceSpecificPolices==null || serviceSpecificPolices.size()==0))
+ return toReturn.append(":").append("*").toString();
+ if (serviceId!=null)
+ toReturn.append(":").append(serviceId);
+ if (serviceSpecificPolices!=null && serviceSpecificPolices.size()!=0){
+ toReturn.append("{");
+ for (Entry entry: serviceSpecificPolices.entrySet())
+ toReturn.append(entry.getKey()).append(":").append(entry.getValue());
+ toReturn.append("}");
+ }
+ return toReturn.toString();
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result
+ + ((serviceClass == null) ? 0 : serviceClass.hashCode());
+ result = prime * result
+ + ((serviceId == null) ? 0 : serviceId.hashCode());
+ result = prime
+ * result
+ + ((serviceSpecificPolices == null) ? 0
+ : serviceSpecificPolices.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ServiceAccess other = (ServiceAccess) obj;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (serviceClass == null) {
+ if (other.serviceClass != null)
+ return false;
+ } else if (!serviceClass.equals(other.serviceClass))
+ return false;
+ if (serviceId == null) {
+ if (other.serviceId != null)
+ return false;
+ } else if (!serviceId.equals(other.serviceId))
+ return false;
+ if (serviceSpecificPolices == null) {
+ if (other.serviceSpecificPolices != null)
+ return false;
+ } else if (!serviceSpecificPolices.equals(other.serviceSpecificPolices))
+ return false;
+ return true;
+ }
+
+ @Override
+ public String toString() {
+ return "ServiceAccess ["+getAsString()+"]";
+ }
+
+
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java
new file mode 100644
index 0000000..a018df0
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/ServicePolicy.java
@@ -0,0 +1,93 @@
+package org.gcube.common.authorization.library.policies;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class ServicePolicy extends Policy{
+
+ private String clientID;
+ private String environment;
+ private ServiceAccess serviceAccess;
+
+ protected ServicePolicy(){}
+
+ public ServicePolicy(String environment, ServiceAccess serviceAccess,
+ String clientID) {
+ this.environment = environment;
+ this.serviceAccess = serviceAccess;
+ this.clientID = clientID;
+ }
+
+ @Override
+ public PolicyType getPolicyType() {
+ return PolicyType.SERVICE;
+ }
+
+ @Override
+ public String getPolicyAsString() {
+ return serviceAccess.getAsString();
+ }
+
+ public String getClientID() {
+ return clientID;
+ }
+
+ public String getEnvironment() {
+ return environment;
+ }
+
+ public ServiceAccess getServiceAccess() {
+ return serviceAccess;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((clientID == null) ? 0 : clientID.hashCode());
+ result = prime * result
+ + ((environment == null) ? 0 : environment.hashCode());
+ result = prime * result
+ + ((serviceAccess == null) ? 0 : serviceAccess.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ServicePolicy other = (ServicePolicy) obj;
+ if (clientID == null) {
+ if (other.clientID != null)
+ return false;
+ } else if (!clientID.equals(other.clientID))
+ return false;
+ if (environment == null) {
+ if (other.environment != null)
+ return false;
+ } else if (!environment.equals(other.environment))
+ return false;
+ if (serviceAccess == null) {
+ if (other.serviceAccess != null)
+ return false;
+ } else if (!serviceAccess.equals(other.serviceAccess))
+ return false;
+ return true;
+ }
+
+ @Override
+ public String toString() {
+ return "ServicePolicy [clientID=" + clientID + ", environment="
+ + environment + ", serviceAccess=" + serviceAccess + "]";
+ }
+
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java b/src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java
new file mode 100644
index 0000000..7cc0d5c
--- /dev/null
+++ b/src/main/java/org/gcube/common/authorization/library/policies/UserPolicy.java
@@ -0,0 +1,87 @@
+package org.gcube.common.authorization.library.policies;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+@XmlAccessorType(XmlAccessType.FIELD)
+public class UserPolicy extends Policy {
+
+ private String clientID;
+ private String environment;
+ private ServiceAccess serviceAccess;
+
+ protected UserPolicy(){}
+
+ public UserPolicy(String environment, ServiceAccess serviceAccess, String clientID) {
+ this.environment = environment;
+ this.serviceAccess = serviceAccess;
+ this.clientID = clientID;
+ }
+
+ public String getClientID() {
+ return clientID;
+ }
+
+ @Override
+ public PolicyType getPolicyType() {
+ return PolicyType.USER;
+ }
+
+ @Override
+ public String getPolicyAsString() {
+ return serviceAccess.getAsString();
+ }
+
+ public String getEnvironment() {
+ return environment;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result
+ + ((clientID == null) ? 0 : clientID.hashCode());
+ result = prime * result
+ + ((environment == null) ? 0 : environment.hashCode());
+ result = prime * result
+ + ((serviceAccess == null) ? 0 : serviceAccess.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ UserPolicy other = (UserPolicy) obj;
+ if (clientID == null) {
+ if (other.clientID != null)
+ return false;
+ } else if (!clientID.equals(other.clientID))
+ return false;
+ if (environment == null) {
+ if (other.environment != null)
+ return false;
+ } else if (!environment.equals(other.environment))
+ return false;
+ if (serviceAccess == null) {
+ if (other.serviceAccess != null)
+ return false;
+ } else if (!serviceAccess.equals(other.serviceAccess))
+ return false;
+ return true;
+ }
+
+ @Override
+ public String toString() {
+ return "UserPolicy [clientID=" + clientID + ", environment="
+ + environment + ", serviceAccess=" + serviceAccess + "]";
+ }
+
+}
diff --git a/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java b/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java
index b472fe0..eb4ada4 100644
--- a/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java
+++ b/src/main/java/org/gcube/common/authorization/library/provider/AuthorizationProvider.java
@@ -11,10 +11,10 @@ public class AuthorizationProvider {
private static Logger logger = LoggerFactory.getLogger(AuthorizationProvider.class);
// Thread local variable containing each thread's ID
- private static final InheritableThreadLocal threadAuth =
- new InheritableThreadLocal() {
+ private static final InheritableThreadLocal threadAuth =
+ new InheritableThreadLocal() {
- @Override protected UserInfo initialValue() {
+ @Override protected ClientInfo initialValue() {
return null;
}
@@ -22,13 +22,13 @@ public class AuthorizationProvider {
private AuthorizationProvider(){}
- public UserInfo get(){
- UserInfo info = threadAuth.get();
+ public ClientInfo get(){
+ ClientInfo info = threadAuth.get();
logger.trace("getting "+info+" in thread "+Thread.currentThread().getId() );
return info;
}
- public void set(UserInfo authorizationToken){
+ public void set(ClientInfo authorizationToken){
threadAuth.set(authorizationToken);
logger.trace("setting "+authorizationToken+" in thread "+Thread.currentThread().getId() );
}
diff --git a/src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java b/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java
similarity index 50%
rename from src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java
rename to src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java
index 465b056..b720331 100644
--- a/src/main/java/org/gcube/common/authorization/library/provider/UserInfo.java
+++ b/src/main/java/org/gcube/common/authorization/library/provider/ClientInfo.java
@@ -1,56 +1,55 @@
package org.gcube.common.authorization.library.provider;
+import java.util.Collections;
import java.util.List;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlRootElement;
-import org.gcube.common.authorization.library.BannedService;
+import org.gcube.common.authorization.library.policies.Policy;
@XmlRootElement
@XmlAccessorType(XmlAccessType.FIELD)
-public class UserInfo {
+public class ClientInfo {
- private String userName;
- private List roles;
- private List bannedServices;
+ private String clientId;
+ private List roles = Collections.emptyList();
+ private List policies;
- protected UserInfo(){}
+ protected ClientInfo(){}
- public UserInfo(String userName, List roles, List bannedServices) {
+ public ClientInfo(String clientId, List roles, List policies) {
super();
- this.userName = userName;
+ this.clientId = clientId;
this.roles = roles;
- this.bannedServices = bannedServices;
+ this.policies = policies;
}
- public String getUserName() {
- return userName;
+ public String getClientId() {
+ return clientId;
}
- public List getRoles() {
- return roles;
+ public List getPolicies() {
+ return policies;
}
-
- public List getBannedServices() {
- return bannedServices;
- }
-
+ /*
public boolean isTokenBannedForService(BannedService service){
return (bannedServices.contains(service));
- }
-
+ }*/
+
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
- result = prime * result + ((roles == null) ? 0 : roles.hashCode());
result = prime * result
- + ((userName == null) ? 0 : userName.hashCode());
+ + ((clientId == null) ? 0 : clientId.hashCode());
+ result = prime * result
+ + ((policies == null) ? 0 : policies.hashCode());
+ result = prime * result + ((roles == null) ? 0 : roles.hashCode());
return result;
}
-
+
@Override
public boolean equals(Object obj) {
if (this == obj)
@@ -59,25 +58,32 @@ public class UserInfo {
return false;
if (getClass() != obj.getClass())
return false;
- UserInfo other = (UserInfo) obj;
+ ClientInfo other = (ClientInfo) obj;
+ if (clientId == null) {
+ if (other.clientId != null)
+ return false;
+ } else if (!clientId.equals(other.clientId))
+ return false;
+ if (policies == null) {
+ if (other.policies != null)
+ return false;
+ } else if (!policies.equals(other.policies))
+ return false;
if (roles == null) {
if (other.roles != null)
return false;
} else if (!roles.equals(other.roles))
return false;
- if (userName == null) {
- if (other.userName != null)
- return false;
- } else if (!userName.equals(other.userName))
- return false;
return true;
}
@Override
public String toString() {
- return "UserInfo [userName=" + userName + ", roles=" + roles + "]";
+ return "ClientInfo [clientId=" + clientId + ", roles=" + roles
+ + ", policies=" + policies + "]";
}
-
+
+
}
diff --git a/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java
new file mode 100644
index 0000000..e2168c1
--- /dev/null
+++ b/src/test/java/org/gcube/common/authorization/library/policies/SerializationTest.java
@@ -0,0 +1,47 @@
+package org.gcube.common.authorization.library.policies;
+
+import java.io.StringReader;
+import java.io.StringWriter;
+
+import javax.xml.bind.JAXBContext;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class SerializationTest {
+
+ static JAXBContext context;
+
+ @BeforeClass
+ public static void before() throws Exception{
+ context = JAXBContext.newInstance(EnvironmentPolicy.class, UserPolicy.class, ServicePolicy.class);
+ }
+
+ @Test
+ public void serializeEnvironmentPolicy() throws Exception{
+ EnvironmentPolicy ep = new EnvironmentPolicy("/gcube", new ServiceAccess());
+ StringWriter sw = new StringWriter();
+ context.createMarshaller().marshal(ep, sw);
+ EnvironmentPolicy epCopy = (EnvironmentPolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString()));
+ Assert.assertEquals(ep, epCopy);
+ }
+
+ @Test
+ public void serializeUserPolicy() throws Exception{
+ UserPolicy up = new UserPolicy("/gcube", new ServiceAccess("ServiceName", "ServiceClass","serviceID"), "userID");
+ StringWriter sw = new StringWriter();
+ context.createMarshaller().marshal(up, sw);
+ UserPolicy upCopy = (UserPolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString()));
+ Assert.assertEquals(up, upCopy);
+ }
+
+ @Test
+ public void serializeServicePolicy() throws Exception{
+ ServicePolicy sp = new ServicePolicy("/gcube", new ServiceAccess("ServiceName","ServiceClass"),"ServiceName:ServiceClass");
+ StringWriter sw = new StringWriter();
+ context.createMarshaller().marshal(sp, sw);
+ ServicePolicy spCopy = (ServicePolicy)context.createUnmarshaller().unmarshal(new StringReader(sw.toString()));
+ Assert.assertEquals(sp, spCopy);
+ }
+}