74 lines
2.4 KiB
Java
74 lines
2.4 KiB
Java
package org.gcube.common.calls.interceptors;
|
|
|
|
import java.util.Base64;
|
|
|
|
import org.gcube.com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
|
import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
|
|
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
|
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
import org.gcube.common.calls.Call;
|
|
import org.gcube.common.calls.Interceptor;
|
|
import org.gcube.common.calls.Request;
|
|
import org.gcube.common.calls.Response;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
public class AuthorizationInterceptor implements Interceptor {
|
|
|
|
private Logger logger = LoggerFactory.getLogger(AuthorizationInterceptor.class);
|
|
|
|
public static final String token_header="gcube-token";
|
|
public static final String uma_token_header="Authorization";
|
|
public static final String user_header="d4s-user";
|
|
|
|
@Override
|
|
public void handleRequest(Request request, Call call) {
|
|
String token = SecurityTokenProvider.instance.get();
|
|
String accessToken = AccessTokenProvider.instance.get();
|
|
|
|
if (accessToken!=null) {
|
|
request.addHeader(uma_token_header, "Bearer "+accessToken);
|
|
logger.trace("uma token set");
|
|
try {
|
|
request.addHeader(user_header, getUserFromToken(accessToken) );
|
|
}catch (Throwable e) {
|
|
logger.warn("errror setting {} header", user_header );
|
|
}
|
|
} else logger.warn("uma token is not set");
|
|
|
|
if (token==null)
|
|
logger.warn("security token is not set");
|
|
else{
|
|
request.addHeader(token_header, token);
|
|
logger.trace("security token set in the header is "+token);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public void handleResponse(Response context, Call callContext) {}
|
|
|
|
@JsonIgnoreProperties(ignoreUnknown = true)
|
|
private static class AccessTokenJSON {
|
|
@JsonProperty("preferred_username")
|
|
private String username;
|
|
|
|
public String getUsername() {
|
|
return username;
|
|
}
|
|
|
|
}
|
|
|
|
private static String getUserFromToken(String accessToken) throws Exception {
|
|
String realAccessTokenEncoded = accessToken.split("\\.")[1];
|
|
|
|
String decodedAccessPart = new String(Base64.getDecoder().decode(realAccessTokenEncoded.getBytes()));
|
|
|
|
ObjectMapper mapper = new ObjectMapper();
|
|
AccessTokenJSON tokenMapped = mapper.readValue(decodedAccessPart, AccessTokenJSON.class);
|
|
|
|
String userName = Base64.getEncoder().encodeToString(tokenMapped.getUsername().getBytes());
|
|
return userName;
|
|
}
|
|
}
|