From 663b3e7675f88bf83d6bd093cb97ff76e02165aa Mon Sep 17 00:00:00 2001 From: lucio Date: Tue, 26 Jul 2022 17:21:39 +0200 Subject: [PATCH] added d4s-user Header --- CHANGELOG.md | 5 +++ pom.xml | 9 +++-- .../AuthorizationInterceptor.java | 34 +++++++++++++++++++ 3 files changed, 46 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f26408..9816cb9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,11 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm # Changelog for Common Smartgears +## [v1.3.0] - 2020-11-18 + +- added d4s-user as header + + ## [v1.3.0] - 2020-11-18 - Changed UmaTokenProvider with AccessTokenProvider diff --git a/pom.xml b/pom.xml index 31611e8..f4c3228 100644 --- a/pom.xml +++ b/pom.xml @@ -11,7 +11,7 @@ org.gcube.core common-gcube-calls - 1.3.0 + 1.3.1-SNAPSHOT distro @@ -29,7 +29,7 @@ common-authorization [2.0.0-SNAPSHOT,3.0.0-SNAPSHOT) - + org.gcube.core common-scope @@ -40,6 +40,11 @@ slf4j-api 1.7.5 + + org.gcube.common + gcube-jackson-databind + 2.8.11 + diff --git a/src/main/java/org/gcube/common/calls/interceptors/AuthorizationInterceptor.java b/src/main/java/org/gcube/common/calls/interceptors/AuthorizationInterceptor.java index 67e6c06..7b8b87a 100644 --- a/src/main/java/org/gcube/common/calls/interceptors/AuthorizationInterceptor.java +++ b/src/main/java/org/gcube/common/calls/interceptors/AuthorizationInterceptor.java @@ -1,5 +1,10 @@ package org.gcube.common.calls.interceptors; +import java.util.Base64; + +import org.gcube.com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import org.gcube.com.fasterxml.jackson.annotation.JsonProperty; +import org.gcube.com.fasterxml.jackson.databind.ObjectMapper; import org.gcube.common.authorization.library.provider.AccessTokenProvider; import org.gcube.common.authorization.library.provider.SecurityTokenProvider; import org.gcube.common.calls.Call; @@ -15,6 +20,7 @@ public class AuthorizationInterceptor implements Interceptor { public static final String token_header="gcube-token"; public static final String uma_token_header="Authorization"; + public static final String user_header="d4s-user"; @Override public void handleRequest(Request request, Call call) { @@ -24,6 +30,11 @@ public class AuthorizationInterceptor implements Interceptor { if (accessToken!=null) { request.addHeader(uma_token_header, "Bearer "+accessToken); logger.trace("uma token set"); + try { + request.addHeader(user_header, getUserFromToken(accessToken) ); + }catch (Exception e) { + logger.warn("errror setting {} header", user_header ); + } } else logger.warn("uma token is not set"); if (token==null) @@ -36,4 +47,27 @@ public class AuthorizationInterceptor implements Interceptor { @Override public void handleResponse(Response context, Call callContext) {} + + @JsonIgnoreProperties(ignoreUnknown = true) + private static class AccessTokenJSON { + @JsonProperty("preferred_username") + private String username; + + public String getUsername() { + return username; + } + + } + + private static String getUserFromToken(String accessToken) throws Exception { + String realAccessTokenEncoded = accessToken.split("\\.")[1]; + + String decodedAccessPart = new String(Base64.getDecoder().decode(realAccessTokenEncoded.getBytes())); + + ObjectMapper mapper = new ObjectMapper(); + AccessTokenJSON tokenMapped = mapper.readValue(decodedAccessPart, AccessTokenJSON.class); + + String userName = Base64.getEncoder().encodeToString(tokenMapped.getUsername().getBytes()); + return userName; + } }