Compare commits
52 Commits
Author | SHA1 | Date |
---|---|---|
|
d024c129d5 | |
|
f01ee71e32 | |
|
952703c780 | |
|
0bf0708efd | |
|
a71d8d1fac | |
|
72a5e54edd | |
|
64d0c69ca2 | |
|
3af9a558f6 | |
|
c23e98d9bb | |
|
430cf04416 | |
|
b84b4fad81 | |
|
e9b6a7ad25 | |
|
0fe819c2ee | |
|
4b1b6471ca | |
|
125dc5b332 | |
|
8455825bb1 | |
|
9e5746fc37 | |
|
1e66ce01c0 | |
|
c42094df38 | |
|
3441742d44 | |
|
db87ad7f3b | |
|
406016cd29 | |
|
64c3f02996 | |
|
e27784741b | |
|
e8a32631f2 | |
|
bc1f02cdb5 | |
|
0ab8e327cf | |
|
943dc7065b | |
|
47f09fe3a5 | |
|
ed8e7d8811 | |
|
fd766ce080 | |
|
a4462eb325 | |
|
fd6857ab60 | |
|
621fd9d20c | |
|
d2f3af7f9e | |
|
f17d3e107d | |
|
9873a148f2 | |
|
7944226cca | |
|
b503e017cc | |
|
74dabde6f5 | |
|
0f54034ef9 | |
|
216f0f1389 | |
|
c04b3df2ff | |
|
f80301b867 | |
|
132f249e05 | |
|
fb52eb958b | |
|
568be1f0bb | |
|
72dbecf46d | |
|
d462893125 | |
|
441baf14b3 | |
|
c1e4956764 | |
|
ef7c65e0fb |
43
.classpath
43
.classpath
|
@ -1,43 +0,0 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
|
||||||
<classpath>
|
|
||||||
<classpathentry kind="src" output="target/classes" path="src/main/java">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="optional" value="true"/>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="optional" value="true"/>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
<attribute name="test" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
<attribute name="test" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="src" path="target/generated-sources">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="optional" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="output" path="target/classes"/>
|
|
||||||
</classpath>
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
/target/
|
||||||
|
/.classpath
|
||||||
|
/bin/
|
|
@ -0,0 +1,3 @@
|
||||||
|
/org.eclipse.core.resources.prefs
|
||||||
|
/org.eclipse.jdt.core.prefs
|
||||||
|
/org.eclipse.m2e.core.prefs
|
|
@ -0,0 +1,157 @@
|
||||||
|
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
|
# Changelog for Common Smartgears
|
||||||
|
|
||||||
|
## [v3.1.6]
|
||||||
|
|
||||||
|
- Added Linux distribution version [#22933]
|
||||||
|
|
||||||
|
## [v3.1.5] - 2022-04-20
|
||||||
|
|
||||||
|
- Added roles to ExternalService Info on request handler verification
|
||||||
|
|
||||||
|
## [v3.1.4] - 2022-03-29
|
||||||
|
|
||||||
|
- fixes issue [#23075]
|
||||||
|
|
||||||
|
## [v3.1.3] - 2022-03-21
|
||||||
|
|
||||||
|
- fixed bug on policies
|
||||||
|
|
||||||
|
|
||||||
|
## [v3.1.2] - 2022-01-19
|
||||||
|
|
||||||
|
- enabled policy check on smartgears
|
||||||
|
- container configuration for test added
|
||||||
|
|
||||||
|
## [v3.1.1] - 2021-09-29
|
||||||
|
|
||||||
|
- minimal privilege granted also on empty resource_access in JWT token
|
||||||
|
|
||||||
|
## [v3.1.0] - 2021-05-14
|
||||||
|
|
||||||
|
- use of AccessTokenProvider
|
||||||
|
- use gcube-jackson instead of minimal-json for access token parsing [#21097]
|
||||||
|
|
||||||
|
|
||||||
|
## [v3.0.2] - 2020-03-01
|
||||||
|
|
||||||
|
- check if response is already committed on error
|
||||||
|
|
||||||
|
|
||||||
|
## [v3.0.1] - 2020-11-18
|
||||||
|
|
||||||
|
- new Uma Token integration
|
||||||
|
|
||||||
|
## [v3.0.0] - 2020-10-20
|
||||||
|
|
||||||
|
- Switched container JSON management to gcube-jackson [#19283]
|
||||||
|
|
||||||
|
## [v.2.2.0] - 2020-01-23
|
||||||
|
|
||||||
|
- Multiple token are generated in the same call in place of one per call
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.9] - 2019-11-08
|
||||||
|
|
||||||
|
- Project adapted to be build with Jenkins
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.8] - 2019-05-27
|
||||||
|
|
||||||
|
- Support oauth2 protocol accepting token in the auhtorization header field
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.7] - 2019-02-26
|
||||||
|
|
||||||
|
- Added Proxy Address to Application Configuration
|
||||||
|
- Added protocol to Container Configuration (http by default)
|
||||||
|
- Changed the logs in accounting handler to log error or success and eventually error code
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.5] - 2017-09-19
|
||||||
|
|
||||||
|
- Added ThreadLocal InnerMethodName to set method name from application
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.4] - 2017-07-25
|
||||||
|
|
||||||
|
- Validation handler for application split in 2 different handlers: - ContextRetriever that set Token and Scope - RequestValidation that does all the required checks
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.3] - 2017-06-06
|
||||||
|
|
||||||
|
- Added gcube bom dependency
|
||||||
|
- Search for handlers in the root classpath
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.2] - 2017-05-02
|
||||||
|
|
||||||
|
- Modified the Authorization filter to accept also children scope when authorizeChildrenContext is enabled on ContianerConfiguration
|
||||||
|
- Shutdown of Accounting thread added
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.1.1] - 2017-03-16
|
||||||
|
|
||||||
|
- Minor issue on filter exclusion fixed
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.0.1] - 2016-12-15
|
||||||
|
|
||||||
|
- Proxy configuration added
|
||||||
|
- Solved a bug in events registration for ProfileManager
|
||||||
|
- Added a scheduler for period update of GCoreEnpoints
|
||||||
|
- Exclude modified to support exclude for sub-group of handlers
|
||||||
|
|
||||||
|
|
||||||
|
## [v.2.0.0] - 2016-11-07
|
||||||
|
|
||||||
|
- Integration with Authorization 2.0
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.7] - 2016-05-18
|
||||||
|
|
||||||
|
- Removed commons-io dependency [#2355]
|
||||||
|
|
||||||
|
## [v.1.2.6] - 2016-04-08
|
||||||
|
|
||||||
|
- Added missing class for service loader of org.gcube.smartgears.handlers.container.ContainerHandler [#2474]
|
||||||
|
- Added flush of accounting data [#1353]
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.5] - 2016-02-08
|
||||||
|
|
||||||
|
- Enhanced accounting version
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.4] - 2015-12-09
|
||||||
|
|
||||||
|
- Transparent accounting added on service calls
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.3] - 2015-07-27
|
||||||
|
|
||||||
|
- Authorization token control added
|
||||||
|
- Added support to HTTP Basic authorization
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.2] - 2015-04-27
|
||||||
|
|
||||||
|
- Fixed available space information on ghn profile
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.2.1] - 2014-02-13
|
||||||
|
|
||||||
|
- Scopes can be removed from container
|
||||||
|
- Node profile set to static
|
||||||
|
- Internal adjustments for move to Java 7
|
||||||
|
- Wildcard allowed in exclude directives
|
||||||
|
- Domain corrected derived in gHN profile
|
||||||
|
- Cleaner shutdown
|
||||||
|
- Further improvement in shutdown handling
|
||||||
|
|
||||||
|
|
||||||
|
## [v.1.0.0] - 2013-10-24
|
||||||
|
|
||||||
|
- First Release
|
||||||
|
|
|
@ -0,0 +1,312 @@
|
||||||
|
# European Union Public Licence V. 1.1
|
||||||
|
|
||||||
|
|
||||||
|
EUPL © the European Community 2007
|
||||||
|
|
||||||
|
|
||||||
|
This European Union Public Licence (the “EUPL”) applies to the Work or Software
|
||||||
|
(as defined below) which is provided under the terms of this Licence. Any use of
|
||||||
|
the Work, other than as authorised under this Licence is prohibited (to the
|
||||||
|
extent such use is covered by a right of the copyright holder of the Work).
|
||||||
|
|
||||||
|
The Original Work is provided under the terms of this Licence when the Licensor
|
||||||
|
(as defined below) has placed the following notice immediately following the
|
||||||
|
copyright notice for the Original Work:
|
||||||
|
|
||||||
|
Licensed under the EUPL V.1.1
|
||||||
|
|
||||||
|
or has expressed by any other mean his willingness to license under the EUPL.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 1. Definitions
|
||||||
|
|
||||||
|
In this Licence, the following terms have the following meaning:
|
||||||
|
|
||||||
|
- The Licence: this Licence.
|
||||||
|
|
||||||
|
- The Original Work or the Software: the software distributed and/or
|
||||||
|
communicated by the Licensor under this Licence, available as Source Code and
|
||||||
|
also as Executable Code as the case may be.
|
||||||
|
|
||||||
|
- Derivative Works: the works or software that could be created by the Licensee,
|
||||||
|
based upon the Original Work or modifications thereof. This Licence does not
|
||||||
|
define the extent of modification or dependence on the Original Work required
|
||||||
|
in order to classify a work as a Derivative Work; this extent is determined by
|
||||||
|
copyright law applicable in the country mentioned in Article 15.
|
||||||
|
|
||||||
|
- The Work: the Original Work and/or its Derivative Works.
|
||||||
|
|
||||||
|
- The Source Code: the human-readable form of the Work which is the most
|
||||||
|
convenient for people to study and modify.
|
||||||
|
|
||||||
|
- The Executable Code: any code which has generally been compiled and which is
|
||||||
|
meant to be interpreted by a computer as a program.
|
||||||
|
|
||||||
|
- The Licensor: the natural or legal person that distributes and/or communicates
|
||||||
|
the Work under the Licence.
|
||||||
|
|
||||||
|
- Contributor(s): any natural or legal person who modifies the Work under the
|
||||||
|
Licence, or otherwise contributes to the creation of a Derivative Work.
|
||||||
|
|
||||||
|
- The Licensee or “You”: any natural or legal person who makes any usage of the
|
||||||
|
Software under the terms of the Licence.
|
||||||
|
|
||||||
|
- Distribution and/or Communication: any act of selling, giving, lending,
|
||||||
|
renting, distributing, communicating, transmitting, or otherwise making
|
||||||
|
available, on-line or off-line, copies of the Work or providing access to its
|
||||||
|
essential functionalities at the disposal of any other natural or legal
|
||||||
|
person.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 2. Scope of the rights granted by the Licence
|
||||||
|
|
||||||
|
The Licensor hereby grants You a world-wide, royalty-free, non-exclusive,
|
||||||
|
sub-licensable licence to do the following, for the duration of copyright vested
|
||||||
|
in the Original Work:
|
||||||
|
|
||||||
|
- use the Work in any circumstance and for all usage, reproduce the Work, modify
|
||||||
|
- the Original Work, and make Derivative Works based upon the Work, communicate
|
||||||
|
- to the public, including the right to make available or display the Work or
|
||||||
|
- copies thereof to the public and perform publicly, as the case may be, the
|
||||||
|
- Work, distribute the Work or copies thereof, lend and rent the Work or copies
|
||||||
|
- thereof, sub-license rights in the Work or copies thereof.
|
||||||
|
|
||||||
|
Those rights can be exercised on any media, supports and formats, whether now
|
||||||
|
known or later invented, as far as the applicable law permits so.
|
||||||
|
|
||||||
|
In the countries where moral rights apply, the Licensor waives his right to
|
||||||
|
exercise his moral right to the extent allowed by law in order to make effective
|
||||||
|
the licence of the economic rights here above listed.
|
||||||
|
|
||||||
|
The Licensor grants to the Licensee royalty-free, non exclusive usage rights to
|
||||||
|
any patents held by the Licensor, to the extent necessary to make use of the
|
||||||
|
rights granted on the Work under this Licence.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 3. Communication of the Source Code
|
||||||
|
|
||||||
|
The Licensor may provide the Work either in its Source Code form, or as
|
||||||
|
Executable Code. If the Work is provided as Executable Code, the Licensor
|
||||||
|
provides in addition a machine-readable copy of the Source Code of the Work
|
||||||
|
along with each copy of the Work that the Licensor distributes or indicates, in
|
||||||
|
a notice following the copyright notice attached to the Work, a repository where
|
||||||
|
the Source Code is easily and freely accessible for as long as the Licensor
|
||||||
|
continues to distribute and/or communicate the Work.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 4. Limitations on copyright
|
||||||
|
|
||||||
|
Nothing in this Licence is intended to deprive the Licensee of the benefits from
|
||||||
|
any exception or limitation to the exclusive rights of the rights owners in the
|
||||||
|
Original Work or Software, of the exhaustion of those rights or of other
|
||||||
|
applicable limitations thereto.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 5. Obligations of the Licensee
|
||||||
|
|
||||||
|
The grant of the rights mentioned above is subject to some restrictions and
|
||||||
|
obligations imposed on the Licensee. Those obligations are the following:
|
||||||
|
|
||||||
|
Attribution right: the Licensee shall keep intact all copyright, patent or
|
||||||
|
trademarks notices and all notices that refer to the Licence and to the
|
||||||
|
disclaimer of warranties. The Licensee must include a copy of such notices and a
|
||||||
|
copy of the Licence with every copy of the Work he/she distributes and/or
|
||||||
|
communicates. The Licensee must cause any Derivative Work to carry prominent
|
||||||
|
notices stating that the Work has been modified and the date of modification.
|
||||||
|
|
||||||
|
Copyleft clause: If the Licensee distributes and/or communicates copies of the
|
||||||
|
Original Works or Derivative Works based upon the Original Work, this
|
||||||
|
Distribution and/or Communication will be done under the terms of this Licence
|
||||||
|
or of a later version of this Licence unless the Original Work is expressly
|
||||||
|
distributed only under this version of the Licence. The Licensee (becoming
|
||||||
|
Licensor) cannot offer or impose any additional terms or conditions on the Work
|
||||||
|
or Derivative Work that alter or restrict the terms of the Licence.
|
||||||
|
|
||||||
|
Compatibility clause: If the Licensee Distributes and/or Communicates Derivative
|
||||||
|
Works or copies thereof based upon both the Original Work and another work
|
||||||
|
licensed under a Compatible Licence, this Distribution and/or Communication can
|
||||||
|
be done under the terms of this Compatible Licence. For the sake of this clause,
|
||||||
|
“Compatible Licence” refers to the licences listed in the appendix attached to
|
||||||
|
this Licence. Should the Licensee’s obligations under the Compatible Licence
|
||||||
|
conflict with his/her obligations under this Licence, the obligations of the
|
||||||
|
Compatible Licence shall prevail.
|
||||||
|
|
||||||
|
Provision of Source Code: When distributing and/or communicating copies of the
|
||||||
|
Work, the Licensee will provide a machine-readable copy of the Source Code or
|
||||||
|
indicate a repository where this Source will be easily and freely available for
|
||||||
|
as long as the Licensee continues to distribute and/or communicate the Work.
|
||||||
|
|
||||||
|
Legal Protection: This Licence does not grant permission to use the trade names,
|
||||||
|
trademarks, service marks, or names of the Licensor, except as required for
|
||||||
|
reasonable and customary use in describing the origin of the Work and
|
||||||
|
reproducing the content of the copyright notice.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 6. Chain of Authorship
|
||||||
|
|
||||||
|
The original Licensor warrants that the copyright in the Original Work granted
|
||||||
|
hereunder is owned by him/her or licensed to him/her and that he/she has the
|
||||||
|
power and authority to grant the Licence.
|
||||||
|
|
||||||
|
Each Contributor warrants that the copyright in the modifications he/she brings
|
||||||
|
to the Work are owned by him/her or licensed to him/her and that he/she has the
|
||||||
|
power and authority to grant the Licence.
|
||||||
|
|
||||||
|
Each time You accept the Licence, the original Licensor and subsequent
|
||||||
|
Contributors grant You a licence to their contributions to the Work, under the
|
||||||
|
terms of this Licence.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 7. Disclaimer of Warranty
|
||||||
|
|
||||||
|
The Work is a work in progress, which is continuously improved by numerous
|
||||||
|
contributors. It is not a finished work and may therefore contain defects or
|
||||||
|
“bugs” inherent to this type of software development.
|
||||||
|
|
||||||
|
For the above reason, the Work is provided under the Licence on an “as is” basis
|
||||||
|
and without warranties of any kind concerning the Work, including without
|
||||||
|
limitation merchantability, fitness for a particular purpose, absence of defects
|
||||||
|
or errors, accuracy, non-infringement of intellectual property rights other than
|
||||||
|
copyright as stated in Article 6 of this Licence.
|
||||||
|
|
||||||
|
This disclaimer of warranty is an essential part of the Licence and a condition
|
||||||
|
for the grant of any rights to the Work.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 8. Disclaimer of Liability
|
||||||
|
|
||||||
|
Except in the cases of wilful misconduct or damages directly caused to natural
|
||||||
|
persons, the Licensor will in no event be liable for any direct or indirect,
|
||||||
|
material or moral, damages of any kind, arising out of the Licence or of the use
|
||||||
|
of the Work, including without limitation, damages for loss of goodwill, work
|
||||||
|
stoppage, computer failure or malfunction, loss of data or any commercial
|
||||||
|
damage, even if the Licensor has been advised of the possibility of such
|
||||||
|
damage. However, the Licensor will be liable under statutory product liability
|
||||||
|
laws as far such laws apply to the Work.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 9. Additional agreements
|
||||||
|
|
||||||
|
While distributing the Original Work or Derivative Works, You may choose to
|
||||||
|
conclude an additional agreement to offer, and charge a fee for, acceptance of
|
||||||
|
support, warranty, indemnity, or other liability obligations and/or services
|
||||||
|
consistent with this Licence. However, in accepting such obligations, You may
|
||||||
|
act only on your own behalf and on your sole responsibility, not on behalf of
|
||||||
|
the original Licensor or any other Contributor, and only if You agree to
|
||||||
|
indemnify, defend, and hold each Contributor harmless for any liability incurred
|
||||||
|
by, or claims asserted against such Contributor by the fact You have accepted
|
||||||
|
any such warranty or additional liability.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 10. Acceptance of the Licence
|
||||||
|
|
||||||
|
The provisions of this Licence can be accepted by clicking on an icon “I agree”
|
||||||
|
placed under the bottom of a window displaying the text of this Licence or by
|
||||||
|
affirming consent in any other similar way, in accordance with the rules of
|
||||||
|
applicable law. Clicking on that icon indicates your clear and irrevocable
|
||||||
|
acceptance of this Licence and all of its terms and conditions.
|
||||||
|
|
||||||
|
Similarly, you irrevocably accept this Licence and all of its terms and
|
||||||
|
conditions by exercising any rights granted to You by Article 2 of this Licence,
|
||||||
|
such as the use of the Work, the creation by You of a Derivative Work or the
|
||||||
|
Distribution and/or Communication by You of the Work or copies thereof.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 11. Information to the public
|
||||||
|
|
||||||
|
In case of any Distribution and/or Communication of the Work by means of
|
||||||
|
electronic communication by You (for example, by offering to download the Work
|
||||||
|
from a remote location) the distribution channel or media (for example, a
|
||||||
|
website) must at least provide to the public the information requested by the
|
||||||
|
applicable law regarding the Licensor, the Licence and the way it may be
|
||||||
|
accessible, concluded, stored and reproduced by the Licensee.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 12. Termination of the Licence
|
||||||
|
|
||||||
|
The Licence and the rights granted hereunder will terminate automatically upon
|
||||||
|
any breach by the Licensee of the terms of the Licence.
|
||||||
|
|
||||||
|
Such a termination will not terminate the licences of any person who has
|
||||||
|
received the Work from the Licensee under the Licence, provided such persons
|
||||||
|
remain in full compliance with the Licence.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 13. Miscellaneous
|
||||||
|
|
||||||
|
Without prejudice of Article 9 above, the Licence represents the complete
|
||||||
|
agreement between the Parties as to the Work licensed hereunder.
|
||||||
|
|
||||||
|
If any provision of the Licence is invalid or unenforceable under applicable
|
||||||
|
law, this will not affect the validity or enforceability of the Licence as a
|
||||||
|
whole. Such provision will be construed and/or reformed so as necessary to make
|
||||||
|
it valid and enforceable.
|
||||||
|
|
||||||
|
The European Commission may publish other linguistic versions and/or new
|
||||||
|
versions of this Licence, so far this is required and reasonable, without
|
||||||
|
reducing the scope of the rights granted by the Licence. New versions of the
|
||||||
|
Licence will be published with a unique version number.
|
||||||
|
|
||||||
|
All linguistic versions of this Licence, approved by the European Commission,
|
||||||
|
have identical value. Parties can take advantage of the linguistic version of
|
||||||
|
their choice.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 14. Jurisdiction
|
||||||
|
|
||||||
|
Any litigation resulting from the interpretation of this License, arising
|
||||||
|
between the European Commission, as a Licensor, and any Licensee, will be
|
||||||
|
subject to the jurisdiction of the Court of Justice of the European Communities,
|
||||||
|
as laid down in article 238 of the Treaty establishing the European Community.
|
||||||
|
|
||||||
|
Any litigation arising between Parties, other than the European Commission, and
|
||||||
|
resulting from the interpretation of this License, will be subject to the
|
||||||
|
exclusive jurisdiction of the competent court where the Licensor resides or
|
||||||
|
conducts its primary business.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## 15. Applicable Law
|
||||||
|
|
||||||
|
This Licence shall be governed by the law of the European Union country where
|
||||||
|
the Licensor resides or has his registered office.
|
||||||
|
|
||||||
|
This licence shall be governed by the Belgian law if:
|
||||||
|
|
||||||
|
- a litigation arises between the European Commission, as a Licensor, and any
|
||||||
|
- Licensee; the Licensor, other than the European Commission, has no residence
|
||||||
|
- or registered office inside a European Union country.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## Appendix
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
“Compatible Licences” according to article 5 EUPL are:
|
||||||
|
|
||||||
|
|
||||||
|
- GNU General Public License (GNU GPL) v. 2
|
||||||
|
|
||||||
|
- Open Software License (OSL) v. 2.1, v. 3.0
|
||||||
|
|
||||||
|
- Common Public License v. 1.0
|
||||||
|
|
||||||
|
- Eclipse Public License v. 1.0
|
||||||
|
|
||||||
|
- Cecill v. 2.0
|
||||||
|
|
|
@ -0,0 +1,79 @@
|
||||||
|
# Common Smartgears
|
||||||
|
|
||||||
|
A core gCube library which empower a servlet container (e.g. tomcat) with a set of functionality such as:
|
||||||
|
|
||||||
|
- node and application infrastructure registration
|
||||||
|
- authorization
|
||||||
|
- accounting
|
||||||
|
|
||||||
|
|
||||||
|
## Built With
|
||||||
|
|
||||||
|
* [OpenJDK](https://openjdk.java.net/) - The JDK used
|
||||||
|
* [Maven](https://maven.apache.org/) - Dependency Management
|
||||||
|
|
||||||
|
## Documentation
|
||||||
|
|
||||||
|
[SmartGears](https://wiki.gcube-system.org/gcube/SmartGears)
|
||||||
|
|
||||||
|
## Change log
|
||||||
|
|
||||||
|
See [Releases](https://code-repo.d4science.org/gCubeSystem/common-smartgears/releases).
|
||||||
|
|
||||||
|
## Authors
|
||||||
|
|
||||||
|
* **Luca Frosini** ([ORCID](https://orcid.org/0000-0003-3183-2291)) - [ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||||
|
* **Lucio Lelii** - [ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||||
|
* **Fabio Simeoni** - FAO of the UN, Italy
|
||||||
|
|
||||||
|
|
||||||
|
## How to Cite this Software
|
||||||
|
|
||||||
|
Tell people how to cite this software.
|
||||||
|
* Cite an associated paper?
|
||||||
|
* Use a specific BibTeX entry for the software?
|
||||||
|
|
||||||
|
|
||||||
|
@Manual{,
|
||||||
|
title = {Common Smartgears},
|
||||||
|
author = {{Frosini, Luca}, {Lelii, Lucio}, {Simeoni, Fabio}},
|
||||||
|
organization = {{ISTI - CNR}, {FAO}},
|
||||||
|
address = {{Pisa, Italy}, {Roma, Italy}},
|
||||||
|
year = 2019,
|
||||||
|
url = {http://www.gcube-system.org/}
|
||||||
|
}
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
This project is licensed under the EUPL V.1.1 License - see the [LICENSE.md](LICENSE.md) file for details.
|
||||||
|
|
||||||
|
|
||||||
|
## About the gCube Framework
|
||||||
|
This software is part of the [gCubeFramework](https://www.gcube-system.org/ "gCubeFramework"): an
|
||||||
|
open-source software toolkit used for building and operating Hybrid Data
|
||||||
|
Infrastructures enabling the dynamic deployment of Virtual Research Environments
|
||||||
|
by favouring the realisation of reuse oriented policies.
|
||||||
|
|
||||||
|
The projects leading to this software have received funding from a series of European Union programmes including:
|
||||||
|
|
||||||
|
- the Sixth Framework Programme for Research and Technological Development
|
||||||
|
- DILIGENT (grant no. 004260).
|
||||||
|
- the Seventh Framework Programme for research, technological development and demonstration
|
||||||
|
- D4Science (grant no. 212488);
|
||||||
|
- D4Science-II (grant no.239019);
|
||||||
|
- ENVRI (grant no. 283465);
|
||||||
|
- iMarine(grant no. 283644);
|
||||||
|
- EUBrazilOpenBio (grant no. 288754).
|
||||||
|
- the H2020 research and innovation programme
|
||||||
|
- SoBigData (grant no. 654024);
|
||||||
|
- PARTHENOS (grant no. 654119);
|
||||||
|
- EGIEngage (grant no. 654142);
|
||||||
|
- ENVRIplus (grant no. 654182);
|
||||||
|
- BlueBRIDGE (grant no. 675680);
|
||||||
|
- PerformFish (grant no. 727610);
|
||||||
|
- AGINFRAplus (grant no. 731001);
|
||||||
|
- DESIRA (grant no. 818194);
|
||||||
|
- ARIADNEplus (grant no. 823914);
|
||||||
|
- RISIS2 (grant no. 824091);
|
||||||
|
|
||||||
|
|
|
@ -1,4 +0,0 @@
|
||||||
gCube System - License
|
|
||||||
------------------------------------------------------------
|
|
||||||
|
|
||||||
${gcube.license}
|
|
|
@ -1,70 +0,0 @@
|
||||||
The gCube System - ${name}
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
${description}
|
|
||||||
|
|
||||||
|
|
||||||
${gcube.description}
|
|
||||||
|
|
||||||
${gcube.funding}
|
|
||||||
|
|
||||||
|
|
||||||
Version
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
${version} (${buildDate})
|
|
||||||
|
|
||||||
Please see the file named "changelog.xml" in this directory for the release notes.
|
|
||||||
|
|
||||||
|
|
||||||
Authors
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
* Fabio Simeoni (fabio.simeoni@fao.org), FAO of the UN, Italy
|
|
||||||
* Luca Frosini (luca.frosini@isti.cnr.it), CNR, Italy
|
|
||||||
* Lucio Lelii (lucio.lelii@isti.cnr.it), CNT, Italy
|
|
||||||
|
|
||||||
|
|
||||||
Maintainers
|
|
||||||
-----------
|
|
||||||
|
|
||||||
* Luca Frosini (luca.frosini@isti.cnr.it), CNR, Italy
|
|
||||||
* Lucio Lelii (lucio.lelii@isti.cnr.it), CNT, Italy
|
|
||||||
|
|
||||||
|
|
||||||
Download information
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
Source code is available from SVN:
|
|
||||||
${scm.url}
|
|
||||||
|
|
||||||
Binaries can be downloaded from the gCube website:
|
|
||||||
${gcube.website}
|
|
||||||
|
|
||||||
|
|
||||||
Installation
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
Installation documentation is available on-line in the gCube Wiki:
|
|
||||||
${gcube.wikiRoot}/Smartgears
|
|
||||||
|
|
||||||
|
|
||||||
Documentation
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
Documentation is available on-line in the gCube Wiki:
|
|
||||||
${gcube.wikiRoot}/Smartgears
|
|
||||||
|
|
||||||
|
|
||||||
Support
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
Bugs and support requests can be reported in the gCube issue tracking tool:
|
|
||||||
${gcube.issueTracking}
|
|
||||||
|
|
||||||
|
|
||||||
Licensing
|
|
||||||
--------------------------------------------------
|
|
||||||
|
|
||||||
This software is licensed under the terms you may find in the file named "LICENSE" in this directory.
|
|
||||||
|
|
|
@ -1,68 +0,0 @@
|
||||||
<ReleaseNotes>
|
|
||||||
<Changeset component="common-smartgears-2.1.9" date="2019-03-21">
|
|
||||||
<Change>Support oauth2 protocol accepting token in the auhtorization header field</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.7" date="2017-01-16">
|
|
||||||
<Change>Added Proxy Address to Application Configuration</Change>
|
|
||||||
<Change>Added protocol to Container Configuration (http by default)</Change>
|
|
||||||
<Change>Changed the logs in accounting handler to log error or success and eventually error code</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.5" date="2017-07-18">
|
|
||||||
<Change>Added ThreadLocal InnerMethodName to set method name from application</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.4" date="2017-05-30">
|
|
||||||
<Change>Validation handler for application split in 2 different handlers:
|
|
||||||
- ContextRetriever that set Token and Scope
|
|
||||||
- RequestValidation that does all the required checks
|
|
||||||
</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.3" date="2017-05-12">
|
|
||||||
<Change>Added gcube bom dependency</Change>
|
|
||||||
<Change>Search for handlers in the root classpath</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.2" date="2017-03-22">
|
|
||||||
<Change>Modified the Authorization filter to accept also children
|
|
||||||
scope when authorizeChildrenContext is enabled on ContianerConfiguration</Change>
|
|
||||||
<Change>Shutdown of Accounting thread added</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.1" date="2017-01-25">
|
|
||||||
<Change>Minor issue on filter exclusion fixed</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.1.0" date="2016-10-24">
|
|
||||||
<Change>proxy configuration added</Change>
|
|
||||||
<Change>solved a bug in events registration for ProfileManager</Change>
|
|
||||||
<Change>added a scheduler for period update of GCoreEnpoints</Change>
|
|
||||||
<Change>Exclude modified to support exclude for sub-group of handlers</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-2.0.0" date="2016-03-10">
|
|
||||||
<Change>integration with Authorization 2.0</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.6" date="2015-12-22">
|
|
||||||
<Change>Added flush of accounting data</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.5" date="2015-12-22">
|
|
||||||
<Change>Changed accounting version</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.4" date="2015-10-06">
|
|
||||||
<Change>Transparent accounting added on service calls</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.3" date="2015-07-27">
|
|
||||||
<Change>Authorization token control added</Change>
|
|
||||||
<Change>Added support to HTTP Basic authorization</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.2" date="2015-04-27">
|
|
||||||
<Change>Fixed available space information on ghn profile</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.2.1" date="2014-02-13">
|
|
||||||
<Change>scopes can be removed from container</Change>
|
|
||||||
<Change>node profile set to static</Change>
|
|
||||||
<Change>internal adjustments for move to Java 7</Change>
|
|
||||||
<Change>wildcard allowed in exclude directives</Change>
|
|
||||||
<Change>domain corrected derived in gHN profile</Change>
|
|
||||||
<Change>cleaner shutdown</Change>
|
|
||||||
<Change>further improvement in shutdown handling</Change>
|
|
||||||
</Changeset>
|
|
||||||
<Changeset component="common-smartgears-1.0.0" date="2013-10-24">
|
|
||||||
<Change>First Release</Change>
|
|
||||||
</Changeset>
|
|
||||||
</ReleaseNotes>
|
|
|
@ -1,31 +0,0 @@
|
||||||
<assembly
|
|
||||||
xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.0"
|
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
||||||
xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.0 http://maven.apache.org/xsd/assembly-1.1.0.xsd">
|
|
||||||
<id>servicearchive</id>
|
|
||||||
<formats>
|
|
||||||
<format>tar.gz</format>
|
|
||||||
</formats>
|
|
||||||
<baseDirectory>/</baseDirectory>
|
|
||||||
<fileSets>
|
|
||||||
<fileSet>
|
|
||||||
<directory>${distroDirectory}</directory>
|
|
||||||
<outputDirectory>${file.separator}</outputDirectory>
|
|
||||||
<useDefaultExcludes>true</useDefaultExcludes>
|
|
||||||
<includes>
|
|
||||||
<include>README</include>
|
|
||||||
<include>LICENSE</include>
|
|
||||||
<include>changelog.xml</include>
|
|
||||||
<include>profile.xml</include>
|
|
||||||
</includes>
|
|
||||||
<fileMode>755</fileMode>
|
|
||||||
<filtered>true</filtered>
|
|
||||||
</fileSet>
|
|
||||||
</fileSets>
|
|
||||||
<files>
|
|
||||||
<file>
|
|
||||||
<source>target${file.separator}${build.finalName}.${project.packaging}</source>
|
|
||||||
<outputDirectory>${file.separator}${artifactId}</outputDirectory>
|
|
||||||
</file>
|
|
||||||
</files>
|
|
||||||
</assembly>
|
|
64
pom.xml
64
pom.xml
|
@ -11,7 +11,7 @@
|
||||||
|
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>common-smartgears</artifactId>
|
<artifactId>common-smartgears</artifactId>
|
||||||
<version>2.1.10</version>
|
<version>3.1.6</version>
|
||||||
<name>SmartGears</name>
|
<name>SmartGears</name>
|
||||||
|
|
||||||
<dependencyManagement>
|
<dependencyManagement>
|
||||||
|
@ -19,7 +19,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.distribution</groupId>
|
<groupId>org.gcube.distribution</groupId>
|
||||||
<artifactId>gcube-bom</artifactId>
|
<artifactId>gcube-bom</artifactId>
|
||||||
<version>LATEST</version>
|
<version>2.1.0</version>
|
||||||
<type>pom</type>
|
<type>pom</type>
|
||||||
<scope>import</scope>
|
<scope>import</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
@ -34,13 +34,29 @@
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<scm>
|
<scm>
|
||||||
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/commmon-smartgears.git</connection>
|
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/common-smartgears.git</connection>
|
||||||
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/commmon-smartgears.git</developerConnection>
|
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/common-smartgears.git</developerConnection>
|
||||||
<url>https://code-repo.d4science.org/gCubeSystem/commmon-smartgears</url>
|
<url>https://code-repo.d4science.org/gCubeSystem/common-smartgears</url>
|
||||||
</scm>
|
</scm>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
|
||||||
|
<!-- gCube Jackson -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>gcube-jackson-databind</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>gcube-jackson-annotations</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>gcube-jackson-core</artifactId>
|
||||||
|
</dependency>
|
||||||
|
<!-- END gCube Jackson -->
|
||||||
|
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
<artifactId>authorization-client</artifactId>
|
<artifactId>authorization-client</artifactId>
|
||||||
|
@ -79,7 +95,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>common-validator</artifactId>
|
<artifactId>common-validator</artifactId>
|
||||||
<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
|
<version>[1.0.0,2.0.0-SNAPSHOT)</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -90,7 +106,7 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>common-events</artifactId>
|
<artifactId>common-events</artifactId>
|
||||||
<version>[1.0.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
|
<version>[1.0.0,2.0.0-SNAPSHOT)</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -100,6 +116,14 @@
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<!-- Added to support Java 11 JDK -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>javax.xml.bind</groupId>
|
||||||
|
<artifactId>jaxb-api</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
<!-- END Added to support Java 11 JDK -->
|
||||||
|
|
||||||
|
|
||||||
<!-- ***************** test ******************* -->
|
<!-- ***************** test ******************* -->
|
||||||
|
|
||||||
|
@ -165,7 +189,6 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>ch.qos.logback</groupId>
|
<groupId>ch.qos.logback</groupId>
|
||||||
<artifactId>logback-classic</artifactId>
|
<artifactId>logback-classic</artifactId>
|
||||||
<version>1.2.3</version>
|
|
||||||
<scope>runtime</scope>
|
<scope>runtime</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
@ -181,29 +204,10 @@
|
||||||
<build>
|
<build>
|
||||||
|
|
||||||
<plugins>
|
<plugins>
|
||||||
<plugin>
|
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
|
||||||
<artifactId>maven-assembly-plugin</artifactId>
|
|
||||||
<configuration>
|
|
||||||
<descriptors>
|
|
||||||
<descriptor>${distroDirectory}/descriptor.xml</descriptor>
|
|
||||||
</descriptors>
|
|
||||||
</configuration>
|
|
||||||
<executions>
|
|
||||||
<execution>
|
|
||||||
<id>servicearchive</id>
|
|
||||||
<phase>install</phase>
|
|
||||||
<goals>
|
|
||||||
<goal>single</goal>
|
|
||||||
</goals>
|
|
||||||
</execution>
|
|
||||||
</executions>
|
|
||||||
</plugin>
|
|
||||||
|
|
||||||
<!-- excludes probe package from jar -->
|
<!-- excludes probe package from jar -->
|
||||||
<plugin>
|
<plugin>
|
||||||
<artifactId>maven-jar-plugin</artifactId>
|
<artifactId>maven-jar-plugin</artifactId>
|
||||||
<version>2.3.2</version>
|
<!-- version>2.3.2</version -->
|
||||||
<executions>
|
<executions>
|
||||||
<execution>
|
<execution>
|
||||||
<id>default-jar</id>
|
<id>default-jar</id>
|
||||||
|
@ -224,7 +228,7 @@
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-war-plugin</artifactId>
|
<artifactId>maven-war-plugin</artifactId>
|
||||||
<version>2.4</version>
|
<!-- version>2.4</version -->
|
||||||
<configuration>
|
<configuration>
|
||||||
<primaryArtifact>false</primaryArtifact>
|
<primaryArtifact>false</primaryArtifact>
|
||||||
<classifier>probe</classifier>
|
<classifier>probe</classifier>
|
||||||
|
@ -247,7 +251,7 @@
|
||||||
<plugin>
|
<plugin>
|
||||||
<groupId>org.apache.maven.plugins</groupId>
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
<artifactId>maven-surefire-plugin</artifactId>
|
<artifactId>maven-surefire-plugin</artifactId>
|
||||||
<version>2.15</version>
|
<!-- version>2.15</version -->
|
||||||
<configuration>
|
<configuration>
|
||||||
<!-- tomcat annotation discovery won't work with the default manifest-only
|
<!-- tomcat annotation discovery won't work with the default manifest-only
|
||||||
jar -->
|
jar -->
|
||||||
|
|
|
@ -90,7 +90,7 @@ public class Bootstrap implements ServletContainerInitializer {
|
||||||
* using gcube facilities annotation based
|
* using gcube facilities annotation based
|
||||||
* ( i.e org.gcube.common.validator.annotations)
|
* ( i.e org.gcube.common.validator.annotations)
|
||||||
*/
|
*/
|
||||||
context.configuration().validate();
|
//context.configuration().validate();
|
||||||
|
|
||||||
} catch (RuntimeException e) {
|
} catch (RuntimeException e) {
|
||||||
|
|
||||||
|
|
|
@ -8,5 +8,6 @@ package org.gcube.smartgears.configuration;
|
||||||
*/
|
*/
|
||||||
public enum Mode {
|
public enum Mode {
|
||||||
online,
|
online,
|
||||||
offline
|
offline,
|
||||||
|
root
|
||||||
}
|
}
|
|
@ -15,7 +15,7 @@ import org.slf4j.LoggerFactory;
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
* @author Luca Frosini (ISTI - CNR) http://www.lucafrosini.com/
|
* @author Luca Frosini (ISTI - CNR)
|
||||||
*/
|
*/
|
||||||
public class BridgedApplicationConfiguration implements ApplicationConfiguration {
|
public class BridgedApplicationConfiguration implements ApplicationConfiguration {
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,7 @@ import org.gcube.smartgears.persistence.Persistence;
|
||||||
* Includes the list of its client services.
|
* Includes the list of its client services.
|
||||||
*
|
*
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
* @author Luca Frosini (ISTI - CNR) http://www.lucafrosini.com/
|
* @author Luca Frosini (ISTI - CNR)
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
@XmlRootElement(name="application")
|
@XmlRootElement(name="application")
|
||||||
|
|
|
@ -32,7 +32,7 @@ import org.gcube.smartgears.persistence.Persistence;
|
||||||
* The configuration of the container.
|
* The configuration of the container.
|
||||||
*
|
*
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
* @author Luca Frosini (ISTI - CNR) http://www.lucafrosini.com/
|
* @author Luca Frosini (ISTI - CNR)
|
||||||
*/
|
*/
|
||||||
@XmlRootElement(name="container")
|
@XmlRootElement(name="container")
|
||||||
public class ContainerConfiguration {
|
public class ContainerConfiguration {
|
||||||
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
package org.gcube.smartgears.handlers;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
|
||||||
|
public class OfflineProfilePublisher implements ProfilePublisher {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void addTo(Collection<String> tokens) {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void addToAll() {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void update() {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void removeFrom(Collection<String> tokens) {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,23 @@
|
||||||
|
package org.gcube.smartgears.handlers;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
|
||||||
|
public interface ProfilePublisher {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds for the first time the current resource profile of the application in one or more scopes.
|
||||||
|
* @param scopes the scopes
|
||||||
|
*/
|
||||||
|
void addTo(Collection<String> tokens);
|
||||||
|
|
||||||
|
void addToAll();
|
||||||
|
|
||||||
|
void update();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Removes the application from one or more scopes.
|
||||||
|
* @param scopes the scopes
|
||||||
|
*/
|
||||||
|
void removeFrom(Collection<String> tokens);
|
||||||
|
|
||||||
|
}
|
|
@ -12,14 +12,12 @@ import org.gcube.common.resources.gcore.HostingNode;
|
||||||
import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
|
import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
|
||||||
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
|
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
import org.slf4j.Logger;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
public class ProfileBuilder {
|
public class ProfileBuilder {
|
||||||
|
|
||||||
private static List<String> servletExcludes = Arrays.asList("default","jsp");
|
private static List<String> servletExcludes = Arrays.asList("default","jsp");
|
||||||
|
|
||||||
private static final Logger log = LoggerFactory.getLogger(ProfileBuilder.class);
|
// private static final Logger log = LoggerFactory.getLogger(ProfileBuilder.class);
|
||||||
|
|
||||||
private ApplicationContext context;
|
private ApplicationContext context;
|
||||||
|
|
||||||
|
|
|
@ -22,8 +22,11 @@ import org.gcube.common.events.Observes;
|
||||||
import org.gcube.common.events.Observes.Kind;
|
import org.gcube.common.events.Observes.Kind;
|
||||||
import org.gcube.common.resources.gcore.GCoreEndpoint;
|
import org.gcube.common.resources.gcore.GCoreEndpoint;
|
||||||
import org.gcube.smartgears.Constants;
|
import org.gcube.smartgears.Constants;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.context.Property;
|
import org.gcube.smartgears.context.Property;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
|
import org.gcube.smartgears.handlers.OfflineProfilePublisher;
|
||||||
|
import org.gcube.smartgears.handlers.ProfilePublisher;
|
||||||
import org.gcube.smartgears.handlers.application.ApplicationLifecycleEvent;
|
import org.gcube.smartgears.handlers.application.ApplicationLifecycleEvent;
|
||||||
import org.gcube.smartgears.handlers.application.ApplicationLifecycleHandler;
|
import org.gcube.smartgears.handlers.application.ApplicationLifecycleHandler;
|
||||||
import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
|
import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
|
||||||
|
@ -50,7 +53,7 @@ import org.slf4j.LoggerFactory;
|
||||||
*
|
*
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
* @see ProfileBuilder
|
* @see ProfileBuilder
|
||||||
* @see ProfilePublisher
|
* @see ProfilePublisherImpl
|
||||||
*/
|
*/
|
||||||
@XmlRootElement(name = profile_management)
|
@XmlRootElement(name = profile_management)
|
||||||
public class ProfileManager extends ApplicationLifecycleHandler {
|
public class ProfileManager extends ApplicationLifecycleHandler {
|
||||||
|
@ -90,7 +93,10 @@ public class ProfileManager extends ApplicationLifecycleHandler {
|
||||||
|
|
||||||
share(profile);
|
share(profile);
|
||||||
|
|
||||||
publisher = new ProfilePublisher(context);
|
publisher = context.container().configuration().mode()!=Mode.offline?
|
||||||
|
new ProfilePublisherImpl(context):
|
||||||
|
new OfflineProfilePublisher();
|
||||||
|
|
||||||
|
|
||||||
registerObservers();
|
registerObservers();
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,9 @@ import org.gcube.common.authorization.client.proxy.AuthorizationProxy;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
import org.gcube.common.resources.gcore.GCoreEndpoint;
|
import org.gcube.common.resources.gcore.GCoreEndpoint;
|
||||||
import org.gcube.informationsystem.publisher.ScopedPublisher;
|
import org.gcube.informationsystem.publisher.ScopedPublisher;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
|
import org.gcube.smartgears.handlers.ProfilePublisher;
|
||||||
import org.gcube.smartgears.provider.ProviderFactory;
|
import org.gcube.smartgears.provider.ProviderFactory;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
@ -26,9 +28,9 @@ import org.slf4j.LoggerFactory;
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public class ProfilePublisher {
|
public class ProfilePublisherImpl implements ProfilePublisher {
|
||||||
|
|
||||||
private static final Logger log = LoggerFactory.getLogger(ProfilePublisher.class);
|
private static final Logger log = LoggerFactory.getLogger(ProfilePublisherImpl.class);
|
||||||
|
|
||||||
//the underlying IS publisher
|
//the underlying IS publisher
|
||||||
private final ScopedPublisher publisher;
|
private final ScopedPublisher publisher;
|
||||||
|
@ -41,7 +43,7 @@ public class ProfilePublisher {
|
||||||
* Creates an instance for a given application.
|
* Creates an instance for a given application.
|
||||||
* @param context the context of the application
|
* @param context the context of the application
|
||||||
*/
|
*/
|
||||||
public ProfilePublisher(ApplicationContext context) {
|
public ProfilePublisherImpl(ApplicationContext context) {
|
||||||
this.context = context;
|
this.context = context;
|
||||||
this.publisher=ProviderFactory.provider().publisherFor(context);
|
this.publisher=ProviderFactory.provider().publisherFor(context);
|
||||||
this.authProxy = ProviderFactory.provider().authorizationProxy();
|
this.authProxy = ProviderFactory.provider().authorizationProxy();
|
||||||
|
@ -51,6 +53,7 @@ public class ProfilePublisher {
|
||||||
* Adds for the first time the current resource profile of the application in one or more scopes.
|
* Adds for the first time the current resource profile of the application in one or more scopes.
|
||||||
* @param scopes the scopes
|
* @param scopes the scopes
|
||||||
*/
|
*/
|
||||||
|
@Override
|
||||||
public void addTo(Collection<String> tokens) {
|
public void addTo(Collection<String> tokens) {
|
||||||
|
|
||||||
notEmpty("tokens",tokens);
|
notEmpty("tokens",tokens);
|
||||||
|
@ -81,29 +84,33 @@ public class ProfilePublisher {
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
|
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.container().configuration().mode()!=Mode.root) Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.create(profile, resolveScopesFromTokens(tokens));
|
profile = publisher.create(profile, resolveScopesFromTokens(tokens));
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally{
|
} finally{
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.container().configuration().mode()!=Mode.root) Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
|
|
||||||
sharePublished(profile);
|
sharePublished(profile);
|
||||||
log.debug("shared profile with scopes {}", profile.scopes().asCollection());
|
log.debug("shared profile with scopes {}", profile.scopes().asCollection());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
public void addToAll() {
|
public void addToAll() {
|
||||||
this.addTo(context.configuration().startTokens());
|
this.addTo(context.configuration().startTokens());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
public void update() {
|
public void update() {
|
||||||
|
|
||||||
|
|
||||||
|
@ -129,19 +136,23 @@ public class ProfilePublisher {
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
|
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)context.configuration().startTokens().toArray()[0]);
|
SecurityTokenProvider.instance.set((String)context.configuration().startTokens().toArray()[0]);
|
||||||
|
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.container().configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.update(profile);
|
profile = publisher.update(profile);
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally{
|
} finally{
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.container().configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
|
|
||||||
sharePublished(profile);
|
sharePublished(profile);
|
||||||
|
@ -152,6 +163,7 @@ public class ProfilePublisher {
|
||||||
* Removes the application from one or more scopes.
|
* Removes the application from one or more scopes.
|
||||||
* @param scopes the scopes
|
* @param scopes the scopes
|
||||||
*/
|
*/
|
||||||
|
@Override
|
||||||
public void removeFrom(Collection<String> tokens) {
|
public void removeFrom(Collection<String> tokens) {
|
||||||
|
|
||||||
GCoreEndpoint profile = context.profile(GCoreEndpoint.class);
|
GCoreEndpoint profile = context.profile(GCoreEndpoint.class);
|
||||||
|
@ -178,18 +190,22 @@ public class ProfilePublisher {
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
|
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.container().configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.remove(profile, resolveScopesFromTokens(tokens));
|
profile = publisher.remove(profile, resolveScopesFromTokens(tokens));
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally{
|
} finally{
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.container().configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
log.debug("after remove application profile contains scopes {}",profile.scopes().asCollection());
|
log.debug("after remove application profile contains scopes {}",profile.scopes().asCollection());
|
||||||
sharePublished(profile);
|
sharePublished(profile);
|
|
@ -12,6 +12,7 @@ import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.smartgears.Constants;
|
import org.gcube.smartgears.Constants;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
import org.gcube.smartgears.handlers.application.RequestEvent;
|
import org.gcube.smartgears.handlers.application.RequestEvent;
|
||||||
import org.gcube.smartgears.handlers.application.RequestHandler;
|
import org.gcube.smartgears.handlers.application.RequestHandler;
|
||||||
|
@ -42,6 +43,7 @@ public class RequestAccounting extends RequestHandler {
|
||||||
calledMethod = e.request().getRequestURI().substring(e.request().getContextPath().length());
|
calledMethod = e.request().getRequestURI().substring(e.request().getContextPath().length());
|
||||||
if (calledMethod.isEmpty())
|
if (calledMethod.isEmpty())
|
||||||
calledMethod = "/";
|
calledMethod = "/";
|
||||||
|
calledMethod= e.request().getMethod()+" "+calledMethod;
|
||||||
}
|
}
|
||||||
InnerMethodName.instance.set(calledMethod);
|
InnerMethodName.instance.set(calledMethod);
|
||||||
String caller = AuthorizationProvider.instance.get()!=null? AuthorizationProvider.instance.get().getClient().getId(): "UNKNOWN";
|
String caller = AuthorizationProvider.instance.get()!=null? AuthorizationProvider.instance.get().getClient().getId(): "UNKNOWN";
|
||||||
|
@ -72,7 +74,8 @@ public class RequestAccounting extends RequestHandler {
|
||||||
|
|
||||||
boolean success = e.response().getStatus()<400;
|
boolean success = e.response().getStatus()<400;
|
||||||
|
|
||||||
generateAccounting(caller,callerQualifier,callerIp==null?"UNKNOWN":callerIp , success, context);
|
if (context.container().configuration().mode()!=Mode.offline)
|
||||||
|
generateAccounting(caller,callerQualifier,callerIp==null?"UNKNOWN":callerIp , success, context);
|
||||||
|
|
||||||
log.info("REQUEST SERVED ON {}:{}({}) CALLED FROM {}@{} IN SCOPE {} {}(CODE {}) IN {} millis",
|
log.info("REQUEST SERVED ON {}:{}({}) CALLED FROM {}@{} IN SCOPE {} {}(CODE {}) IN {} millis",
|
||||||
context.configuration().name(),context.configuration().serviceClass(), InnerMethodName.instance.get(),
|
context.configuration().name(),context.configuration().serviceClass(), InnerMethodName.instance.get(),
|
||||||
|
|
|
@ -6,19 +6,27 @@ import static org.gcube.smartgears.Constants.token_header;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
||||||
|
|
||||||
import javax.xml.bind.DatatypeConverter;
|
import java.util.Base64;
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlRootElement;
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
|
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||||
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||||
|
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||||
|
import org.gcube.common.authorization.library.provider.ExternalServiceInfo;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
|
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||||
import org.gcube.common.authorization.library.utils.Caller;
|
import org.gcube.common.authorization.library.utils.Caller;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
|
import org.gcube.common.scope.impl.ScopeBean;
|
||||||
import org.gcube.smartgears.Constants;
|
import org.gcube.smartgears.Constants;
|
||||||
import org.gcube.smartgears.handlers.application.RequestEvent;
|
import org.gcube.smartgears.handlers.application.RequestEvent;
|
||||||
import org.gcube.smartgears.handlers.application.RequestHandler;
|
import org.gcube.smartgears.handlers.application.RequestHandler;
|
||||||
import org.gcube.smartgears.handlers.application.ResponseEvent;
|
import org.gcube.smartgears.handlers.application.ResponseEvent;
|
||||||
|
import org.gcube.smartgears.utils.GcubeJwt;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
@ -41,23 +49,31 @@ public class RequestContextRetriever extends RequestHandler {
|
||||||
String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header);
|
String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header);
|
||||||
String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);
|
String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);
|
||||||
|
|
||||||
if (token==null && call.request().getHeader(Constants.authorization_header)!=null){
|
String authHeader = call.request().getHeader(Constants.authorization_header);
|
||||||
|
|
||||||
String authorization = call.request().getHeader(Constants.authorization_header);
|
log.trace("authorization header is {}",authHeader);
|
||||||
|
log.trace("token header is {}",token);
|
||||||
|
log.trace("scope header is {}",scope);
|
||||||
|
|
||||||
if (authorization.contains(BASIC_AUTH_PREFIX)) {
|
String retrievedUser = null;
|
||||||
String base64Credentials = authorization.substring(BASIC_AUTH_PREFIX.length()).trim();
|
String accessToken = null;
|
||||||
String credentials = new String(DatatypeConverter.parseBase64Binary(base64Credentials));
|
if (authHeader!=null && !authHeader.isEmpty()) {
|
||||||
// credentials = username:password
|
if (authHeader.startsWith(BEARER_AUTH_PREFIX))
|
||||||
final String[] values = credentials.split(":",2);
|
accessToken = authHeader.substring(BEARER_AUTH_PREFIX.length()).trim();
|
||||||
token = values[1];
|
else if (token==null && authHeader.startsWith(BASIC_AUTH_PREFIX)) {
|
||||||
} else if (authorization.contains(BEARER_AUTH_PREFIX))
|
String basicAuthToken = authHeader.substring(BASIC_AUTH_PREFIX.length()).trim();
|
||||||
token = authorization.substring(BEARER_AUTH_PREFIX.length()).trim();
|
String decodedAuth = new String(Base64.getDecoder().decode(basicAuthToken.getBytes()));
|
||||||
|
String[] splitAuth = decodedAuth.split(":");
|
||||||
|
token = splitAuth[1];
|
||||||
|
retrievedUser = splitAuth[0];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//Gives priority to the token
|
//Gives priority to the umaToken
|
||||||
if (token!=null)
|
if (accessToken!=null) {
|
||||||
this.retreiveAndSetInfo(token, call);
|
this.retreiveAndSetInfoUmaToken(accessToken, token, call);
|
||||||
|
} else if (token!=null)
|
||||||
|
this.retreiveAndSetInfoGcubeToken(token, retrievedUser, call);
|
||||||
else if (scope!=null)
|
else if (scope!=null)
|
||||||
ScopeProvider.instance.set(scope);
|
ScopeProvider.instance.set(scope);
|
||||||
|
|
||||||
|
@ -67,15 +83,18 @@ public class RequestContextRetriever extends RequestHandler {
|
||||||
public void handleResponse(ResponseEvent e) {
|
public void handleResponse(ResponseEvent e) {
|
||||||
SecurityTokenProvider.instance.reset();
|
SecurityTokenProvider.instance.reset();
|
||||||
AuthorizationProvider.instance.reset();
|
AuthorizationProvider.instance.reset();
|
||||||
|
AccessTokenProvider.instance.reset();
|
||||||
ScopeProvider.instance.reset();
|
ScopeProvider.instance.reset();
|
||||||
log.debug("resetting all the Thread local for this call.");
|
log.debug("resetting all the Thread local for this call.");
|
||||||
}
|
}
|
||||||
|
|
||||||
private void retreiveAndSetInfo(String token, RequestEvent call){
|
private void retreiveAndSetInfoGcubeToken(String token, String retrievedUser, RequestEvent call){
|
||||||
log.info("retrieving context using token {} ", token);
|
log.trace("retrieving context using token {} ", token);
|
||||||
AuthorizationEntry authEntry = null;
|
AuthorizationEntry authEntry = null;
|
||||||
try{
|
try{
|
||||||
authEntry = authorizationService().get(token);
|
authEntry = authorizationService().get(token);
|
||||||
|
if (retrievedUser != null && !authEntry.getClientInfo().getId().equals(retrievedUser))
|
||||||
|
throw new Exception("user and token owner are not the same");
|
||||||
}catch(ObjectNotFound onf){
|
}catch(ObjectNotFound onf){
|
||||||
log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
|
log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
|
||||||
invalid_request_error.fire(call.context().name()+" invalid token : "+token);
|
invalid_request_error.fire(call.context().name()+" invalid token : "+token);
|
||||||
|
@ -89,4 +108,53 @@ public class RequestContextRetriever extends RequestHandler {
|
||||||
ScopeProvider.instance.set(authEntry.getContext());
|
ScopeProvider.instance.set(authEntry.getContext());
|
||||||
log.info("retrieved request authorization info {} in scope {} ", AuthorizationProvider.instance.get(), authEntry.getContext());
|
log.info("retrieved request authorization info {} in scope {} ", AuthorizationProvider.instance.get(), authEntry.getContext());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void retreiveAndSetInfoUmaToken(String accessToken, String gcubeToken, RequestEvent call){
|
||||||
|
log.debug("using UMA token for authorization");
|
||||||
|
log.trace("retrieving context using uma token {} ", accessToken);
|
||||||
|
|
||||||
|
AccessTokenProvider.instance.set(accessToken);
|
||||||
|
parseAccessTokenAndSet(accessToken);
|
||||||
|
log.info("retrieved request authorization info {} in scope {} ", AuthorizationProvider.instance.get(), ScopeProvider.instance.get());
|
||||||
|
}
|
||||||
|
|
||||||
|
private void parseAccessTokenAndSet(String umaToken) {
|
||||||
|
|
||||||
|
String realUmaTokenEncoded = umaToken.split("\\.")[1];
|
||||||
|
|
||||||
|
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||||
|
|
||||||
|
ObjectMapper mapper = new ObjectMapper();
|
||||||
|
|
||||||
|
GcubeJwt jwt = null;
|
||||||
|
try {
|
||||||
|
jwt = mapper.readValue(realUmaToken, GcubeJwt.class);
|
||||||
|
}catch(Exception e){
|
||||||
|
log.error("error decoding uma token",e);
|
||||||
|
internal_server_error.fire("error parsing access token");
|
||||||
|
}
|
||||||
|
|
||||||
|
ScopeBean scopeBean = null;
|
||||||
|
try {
|
||||||
|
scopeBean = new ScopeBean(jwt.getContext());
|
||||||
|
}catch(Exception e){
|
||||||
|
log.error("error decoding uma token",e);
|
||||||
|
internal_server_error.fire("invalid context in access token");
|
||||||
|
}
|
||||||
|
|
||||||
|
ClientInfo clientInfo;
|
||||||
|
if (!jwt.isExternalService())
|
||||||
|
clientInfo = new UserInfo(jwt.getUsername(), jwt.getRoles(), jwt.getEmail(), jwt.getFirstName(), jwt.getLastName());
|
||||||
|
else
|
||||||
|
clientInfo = new ExternalServiceInfo(jwt.getUsername(), "unknown", jwt.getRoles());
|
||||||
|
|
||||||
|
log.info("caller type is {}",clientInfo.getType());
|
||||||
|
AuthorizationProvider.instance.set(new Caller(clientInfo, "token"));
|
||||||
|
|
||||||
|
ScopeProvider.instance.set(scopeBean.toString());
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,24 +3,27 @@ package org.gcube.smartgears.handlers.application.request;
|
||||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.application_failed_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.application_failed_error;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
|
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.util.Collections;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlAttribute;
|
import javax.xml.bind.annotation.XmlAttribute;
|
||||||
import javax.xml.bind.annotation.XmlRootElement;
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
|
||||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
|
||||||
import org.gcube.common.authorization.library.PolicyUtils;
|
import org.gcube.common.authorization.library.PolicyUtils;
|
||||||
import org.gcube.common.authorization.library.policies.Policy;
|
import org.gcube.common.authorization.library.policies.Policy;
|
||||||
|
import org.gcube.common.authorization.library.policies.User2ServicePolicy;
|
||||||
|
import org.gcube.common.authorization.library.policies.UserEntity;
|
||||||
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||||
|
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
import org.gcube.common.authorization.library.provider.ServiceIdentifier;
|
import org.gcube.common.authorization.library.provider.ServiceIdentifier;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.common.scope.impl.ScopeBean;
|
import org.gcube.common.scope.impl.ScopeBean;
|
||||||
import org.gcube.common.scope.impl.ScopeBean.Type;
|
import org.gcube.common.scope.impl.ScopeBean.Type;
|
||||||
import org.gcube.smartgears.Constants;
|
import org.gcube.smartgears.Constants;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
|
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
import org.gcube.smartgears.handlers.application.RequestEvent;
|
import org.gcube.smartgears.handlers.application.RequestEvent;
|
||||||
|
@ -50,16 +53,21 @@ public class RequestValidator extends RequestHandler {
|
||||||
|
|
||||||
log.trace("executing request validator ON REQUEST");
|
log.trace("executing request validator ON REQUEST");
|
||||||
|
|
||||||
|
log.trace("accessToken is null? {} \nGcubeToken is null ? {} \nscope rpvideris null? {}",
|
||||||
|
AccessTokenProvider.instance.get()==null,
|
||||||
|
SecurityTokenProvider.instance.get()==null,
|
||||||
|
ScopeProvider.instance.get()==null);
|
||||||
|
|
||||||
context = call.context();
|
context = call.context();
|
||||||
|
|
||||||
validateAgainstLifecycle(call);
|
validateAgainstLifecycle(call);
|
||||||
|
|
||||||
rejectUnauthorizedCalls(call);
|
rejectUnauthorizedCalls(call);
|
||||||
|
|
||||||
validateScopeCall();
|
if (context.container().configuration().mode()!=Mode.offline) {
|
||||||
|
validateScopeCall();
|
||||||
if (SecurityTokenProvider.instance.get()!=null)
|
validatePolicy(ScopeProvider.instance.get(), call);
|
||||||
validatePolicy(SecurityTokenProvider.instance.get(), call);
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,24 +110,11 @@ public class RequestValidator extends RequestHandler {
|
||||||
private void rejectUnauthorizedCalls(RequestEvent call){
|
private void rejectUnauthorizedCalls(RequestEvent call){
|
||||||
|
|
||||||
String token = SecurityTokenProvider.instance.get();
|
String token = SecurityTokenProvider.instance.get();
|
||||||
String scope = ScopeProvider.instance.get();
|
String accessToken = AccessTokenProvider.instance.get();
|
||||||
|
|
||||||
if (token == null && scope==null){
|
if (token == null && accessToken==null){
|
||||||
log.warn("rejecting call to {}, authorization required",context.name(),token);
|
log.warn("rejecting call to {}, authorization required",context.name(),token);
|
||||||
if (call.context().container().configuration().authenticationEnpoint()==null){
|
RequestError.request_not_authorized_error.fire(context.name()+": authorization required");
|
||||||
log.warn("rejecting call to {}, authorization required",context.name(),token);
|
|
||||||
RequestError.request_not_authorized_error.fire(context.name()+": authorization required");
|
|
||||||
}else {
|
|
||||||
log.info("authorization enpoint found on configuration, redirecting the call");
|
|
||||||
String recallLocation = String.format("http://%s:%d%s", call.context().container().configuration().hostname(), call.context().container().configuration().port(), call.uri());
|
|
||||||
//call.response().setHeader("Allowed-Contexts", call.context().container().configuration().allowedContexts().toString());
|
|
||||||
try {
|
|
||||||
call.response().sendRedirect(context.container().configuration().authenticationEnpoint()+"?Recall-Location="+recallLocation);
|
|
||||||
} catch (IOException e) {
|
|
||||||
log.error("errror redirecting call",e );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -128,27 +123,45 @@ public class RequestValidator extends RequestHandler {
|
||||||
return getName();
|
return getName();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void validatePolicy(String token, RequestEvent call){
|
private void validatePolicy(String scope, RequestEvent call){
|
||||||
log.info("accessing policy validator with token {} ", token);
|
log.info("accessing policy validator in scope {} ", scope);
|
||||||
AuthorizationEntry authEntry = null;
|
|
||||||
try{
|
|
||||||
authEntry = authorizationService().get(token);
|
|
||||||
}catch(ObjectNotFound onf){
|
|
||||||
log.warn("rejecting call to {}, invalid token {}",context.name(),token);
|
|
||||||
invalid_request_error.fire(context.name()+" invalid token : "+token);
|
|
||||||
}catch(Exception e){
|
|
||||||
log.error("error contacting authorization service",e);
|
|
||||||
internal_server_error.fire("error contacting authorization service");
|
|
||||||
}
|
|
||||||
|
|
||||||
ServiceIdentifier serviceIdentifier = Utils.getServiceInfo(call.context()).getServiceIdentifier();
|
ServiceIdentifier serviceIdentifier = Utils.getServiceInfo(call.context()).getServiceIdentifier();
|
||||||
|
|
||||||
for (Policy policy: authEntry.getPolicies())
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
if (PolicyUtils.isPolicyValidForClient(policy.getServiceAccess(), serviceIdentifier)){
|
try {
|
||||||
log.error("rejecting call to {} : {} is not allowed to contact the service ",context.name(),authEntry.getClientInfo().getId());
|
String serviceToken = context.configuration().startTokens().stream().findFirst().get();
|
||||||
invalid_request_error.fire("rejecting call to "+context.name()+": "+authEntry.getClientInfo().getId()+" is not allowed to contact the service");
|
SecurityTokenProvider.instance.set(serviceToken);
|
||||||
|
String callerId = AuthorizationProvider.instance.get().getClient().getId();
|
||||||
|
|
||||||
|
List<Policy> policies = Collections.emptyList();
|
||||||
|
try {
|
||||||
|
policies = authorizationService().getPolicies(scope);
|
||||||
|
}catch (Exception e) {
|
||||||
|
log.error("error contacting authorization services for policies");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
for (Policy policy: policies) {
|
||||||
|
log.debug("policy: {}", policy.getPolicyAsString() );
|
||||||
|
|
||||||
|
if (PolicyUtils.isPolicyValidForClient(policy.getServiceAccess(), serviceIdentifier )) {
|
||||||
|
boolean toReject = false;
|
||||||
|
UserEntity entity = (((User2ServicePolicy) policy).getEntity());
|
||||||
|
if (entity.getIdentifier()!=null)
|
||||||
|
toReject = entity.getIdentifier().equals(callerId);
|
||||||
|
else if (entity.getExcludes().isEmpty())
|
||||||
|
toReject = true;
|
||||||
|
else toReject = !entity.getExcludes().contains(callerId);
|
||||||
|
if (toReject) {
|
||||||
|
log.error("rejecting call to {} : {} is not allowed to contact the service ",context.name(), callerId);
|
||||||
|
RequestError.request_not_authorized_error.fire("rejecting call to "+context.name()+" for polices: "+callerId+" is not allowed to contact the service: "+serviceIdentifier.getServiceName() );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}finally {
|
||||||
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Luca Frosini (ISTI - CNR) http://www.lucafrosini.com/
|
* @author Luca Frosini (ISTI - CNR)
|
||||||
*/
|
*/
|
||||||
@XmlRootElement(name = accounting_management)
|
@XmlRootElement(name = accounting_management)
|
||||||
public class AccountingManager extends ContainerHandler {
|
public class AccountingManager extends ContainerHandler {
|
||||||
|
|
|
@ -0,0 +1,93 @@
|
||||||
|
package org.gcube.smartgears.handlers.container.lifecycle;
|
||||||
|
|
||||||
|
import java.io.BufferedReader;
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileReader;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.InputStreamReader;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Luca Frosini (ISTI-CNR)
|
||||||
|
*/
|
||||||
|
public class LinuxDistributionInfo {
|
||||||
|
|
||||||
|
private static final Logger logger = LoggerFactory.getLogger(LinuxDistributionInfo.class);
|
||||||
|
|
||||||
|
public static final String LSB_RELEASE_COMMAND = "lsb_release -a";
|
||||||
|
public static final String OS_RELEASE_FILE_PATH = "/etc/os-release";
|
||||||
|
|
||||||
|
protected Map<String, String> info;
|
||||||
|
|
||||||
|
protected Map<String, String> getInfoViaLsbReleaseCommand() throws IOException {
|
||||||
|
logger.trace("Going to exec {}", LSB_RELEASE_COMMAND);
|
||||||
|
Process process = Runtime.getRuntime().exec(LSB_RELEASE_COMMAND);
|
||||||
|
BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(process.getInputStream()));
|
||||||
|
Map<String, String> map = parseBufferedReader(bufferedReader);
|
||||||
|
bufferedReader.close();
|
||||||
|
return map;
|
||||||
|
}
|
||||||
|
|
||||||
|
private Map<String, String> parseBufferedReader(BufferedReader bufferedReader) throws IOException {
|
||||||
|
Map<String, String> map = new HashMap<>();
|
||||||
|
String line = "";
|
||||||
|
while ((line = bufferedReader.readLine()) != null) {
|
||||||
|
String[] nameValue = parseLine(line);
|
||||||
|
map.put(nameValue[0], nameValue[1]);
|
||||||
|
}
|
||||||
|
return map;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String[] parseLine(String line) {
|
||||||
|
String[] splitted = line.split("=");
|
||||||
|
if (splitted.length < 2) {
|
||||||
|
splitted = line.split(":");
|
||||||
|
}
|
||||||
|
String[] ret = new String[2];
|
||||||
|
ret[0] = splitted[0].trim();
|
||||||
|
ret[1] = splitted[1].trim().replace("\"", "");
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
private Map<String, String> getInfoViaFile(File file) throws IOException {
|
||||||
|
logger.trace("Going to read file {}", file.getAbsolutePath());
|
||||||
|
BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
|
||||||
|
Map<String, String> map = parseBufferedReader(bufferedReader);
|
||||||
|
bufferedReader.close();
|
||||||
|
return map;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
protected Map<String, String> getInfoViaOsReleaseFile() throws IOException {
|
||||||
|
File osReleaseFile = new File(OS_RELEASE_FILE_PATH);
|
||||||
|
return getInfoViaFile(osReleaseFile);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Map<String, String> retriveInfo() {
|
||||||
|
try {
|
||||||
|
return getInfoViaLsbReleaseCommand();
|
||||||
|
} catch (IOException e) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
return getInfoViaOsReleaseFile();
|
||||||
|
}catch (IOException e) {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public Map<String, String> getInfo() {
|
||||||
|
if (info == null) {
|
||||||
|
info = retriveInfo();
|
||||||
|
}
|
||||||
|
return info;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -32,7 +32,7 @@ import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
* @author Luca Frosini (ISTI - CNR) http://www.lucafrosini.com/
|
* @author Luca Frosini (ISTI - CNR)
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public class ProfileBuilder {
|
public class ProfileBuilder {
|
||||||
|
@ -282,6 +282,15 @@ public class ProfileBuilder {
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
String osVersion = System.getProperty("os.name");
|
||||||
|
if(osVersion.compareToIgnoreCase("Linux")==0) {
|
||||||
|
LinuxDistributionInfo linuxDistributionInfo = new LinuxDistributionInfo();
|
||||||
|
Map<String,String> info = linuxDistributionInfo.getInfo();
|
||||||
|
for(String key : info.keySet()) {
|
||||||
|
variables.add().keyAndValue(key, info.get(key));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
variables.add().keyAndValue("Java", System.getProperty("java.version"));
|
variables.add().keyAndValue("Java", System.getProperty("java.version"));
|
||||||
|
|
||||||
SmartGearsConfiguration config = ProviderFactory.provider().smartgearsConfiguration();
|
SmartGearsConfiguration config = ProviderFactory.provider().smartgearsConfiguration();
|
||||||
|
|
|
@ -23,8 +23,11 @@ import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
import org.gcube.common.events.Observes;
|
import org.gcube.common.events.Observes;
|
||||||
import org.gcube.common.resources.gcore.HostingNode;
|
import org.gcube.common.resources.gcore.HostingNode;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.context.Property;
|
import org.gcube.smartgears.context.Property;
|
||||||
import org.gcube.smartgears.context.container.ContainerContext;
|
import org.gcube.smartgears.context.container.ContainerContext;
|
||||||
|
import org.gcube.smartgears.handlers.OfflineProfilePublisher;
|
||||||
|
import org.gcube.smartgears.handlers.ProfilePublisher;
|
||||||
import org.gcube.smartgears.handlers.container.ContainerHandler;
|
import org.gcube.smartgears.handlers.container.ContainerHandler;
|
||||||
import org.gcube.smartgears.handlers.container.ContainerLifecycleEvent.Start;
|
import org.gcube.smartgears.handlers.container.ContainerLifecycleEvent.Start;
|
||||||
import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
|
import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
|
||||||
|
@ -83,7 +86,9 @@ public class ProfileManager extends ContainerHandler {
|
||||||
|
|
||||||
share(profile);
|
share(profile);
|
||||||
|
|
||||||
publisher = new ProfilePublisher(context);
|
publisher = context.configuration().mode()!=Mode.offline?
|
||||||
|
new ProfilePublisherImpl(context):
|
||||||
|
new OfflineProfilePublisher();
|
||||||
|
|
||||||
registerObservers();
|
registerObservers();
|
||||||
|
|
||||||
|
|
|
@ -11,8 +11,10 @@ import org.gcube.common.authorization.client.proxy.AuthorizationProxy;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
import org.gcube.common.resources.gcore.HostingNode;
|
import org.gcube.common.resources.gcore.HostingNode;
|
||||||
import org.gcube.informationsystem.publisher.ScopedPublisher;
|
import org.gcube.informationsystem.publisher.ScopedPublisher;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.context.container.ContainerContext;
|
import org.gcube.smartgears.context.container.ContainerContext;
|
||||||
import org.gcube.smartgears.handlers.ProfileEvents;
|
import org.gcube.smartgears.handlers.ProfileEvents;
|
||||||
|
import org.gcube.smartgears.handlers.ProfilePublisher;
|
||||||
import org.gcube.smartgears.provider.ProviderFactory;
|
import org.gcube.smartgears.provider.ProviderFactory;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
@ -25,9 +27,9 @@ import org.slf4j.LoggerFactory;
|
||||||
* @author Fabio Simeoni
|
* @author Fabio Simeoni
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public class ProfilePublisher {
|
public class ProfilePublisherImpl implements ProfilePublisher {
|
||||||
|
|
||||||
private static final Logger log = LoggerFactory.getLogger(ProfilePublisher.class);
|
private static final Logger log = LoggerFactory.getLogger(ProfilePublisherImpl.class);
|
||||||
|
|
||||||
//the underlying IS publisher
|
//the underlying IS publisher
|
||||||
private final ScopedPublisher publisher;
|
private final ScopedPublisher publisher;
|
||||||
|
@ -40,7 +42,7 @@ public class ProfilePublisher {
|
||||||
* Creates an instance for the container.
|
* Creates an instance for the container.
|
||||||
* @param context the context of the application
|
* @param context the context of the application
|
||||||
*/
|
*/
|
||||||
public ProfilePublisher(ContainerContext context) {
|
public ProfilePublisherImpl(ContainerContext context) {
|
||||||
this.context = context;
|
this.context = context;
|
||||||
this.publisher=ProviderFactory.provider().publisherFor(context);
|
this.publisher=ProviderFactory.provider().publisherFor(context);
|
||||||
this.authProxy = ProviderFactory.provider().authorizationProxy();
|
this.authProxy = ProviderFactory.provider().authorizationProxy();
|
||||||
|
@ -88,18 +90,20 @@ public class ProfilePublisher {
|
||||||
}*/
|
}*/
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.create(profile, resolveScopesFromTokens(tokens));
|
profile = publisher.create(profile, resolveScopesFromTokens(tokens));
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally {
|
} finally {
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
|
|
||||||
sharePublished(profile);
|
sharePublished(profile);
|
||||||
|
@ -147,19 +151,21 @@ public class ProfilePublisher {
|
||||||
log.debug("[update] resource scopes are : {} ",profile.scopes().asCollection());
|
log.debug("[update] resource scopes are : {} ",profile.scopes().asCollection());
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)context.configuration().startTokens().toArray()[0]);
|
SecurityTokenProvider.instance.set((String)context.configuration().startTokens().toArray()[0]);
|
||||||
|
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.update(profile);
|
profile = publisher.update(profile);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally {
|
} finally {
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
|
|
||||||
sharePublished(profile);
|
sharePublished(profile);
|
||||||
|
@ -198,18 +204,20 @@ public class ProfilePublisher {
|
||||||
} */
|
} */
|
||||||
|
|
||||||
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
ClassLoader contextCL = Thread.currentThread().getContextClassLoader();
|
||||||
|
log.debug("using context {}",contextCL.getClass().getSimpleName());
|
||||||
String previousToken = SecurityTokenProvider.instance.get();
|
String previousToken = SecurityTokenProvider.instance.get();
|
||||||
try{//This classloader set is needed for the jaxb context
|
try{//This classloader set is needed for the jaxb context
|
||||||
if (previousToken==null)
|
if (previousToken==null)
|
||||||
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
SecurityTokenProvider.instance.set((String)tokens.toArray()[0]);
|
||||||
Thread.currentThread().setContextClassLoader(ProfilePublisher.class.getClassLoader());
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(ProfilePublisherImpl.class.getClassLoader());
|
||||||
profile = publisher.remove(profile, resolveScopesFromTokens(tokens));
|
profile = publisher.remove(profile, resolveScopesFromTokens(tokens));
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
rethrowUnchecked(e);
|
rethrowUnchecked(e);
|
||||||
} finally {
|
} finally {
|
||||||
SecurityTokenProvider.instance.set(previousToken);
|
SecurityTokenProvider.instance.set(previousToken);
|
||||||
Thread.currentThread().setContextClassLoader(contextCL);
|
if (context.configuration().mode()!=Mode.root)
|
||||||
|
Thread.currentThread().setContextClassLoader(contextCL);
|
||||||
}
|
}
|
||||||
|
|
||||||
log.debug("after remove container profile contains scopes {}",profile.scopes().asCollection());
|
log.debug("after remove container profile contains scopes {}",profile.scopes().asCollection());
|
|
@ -13,10 +13,9 @@ import java.io.File;
|
||||||
import java.io.FileOutputStream;
|
import java.io.FileOutputStream;
|
||||||
import java.io.ObjectOutputStream;
|
import java.io.ObjectOutputStream;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map.Entry;
|
import java.util.Map.Entry;
|
||||||
import java.util.Set;
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import javax.servlet.FilterRegistration;
|
import javax.servlet.FilterRegistration;
|
||||||
import javax.servlet.ServletContext;
|
import javax.servlet.ServletContext;
|
||||||
|
@ -28,6 +27,7 @@ import org.gcube.common.authorization.client.proxy.AuthorizationProxy;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
import org.gcube.common.events.Observes;
|
import org.gcube.common.events.Observes;
|
||||||
import org.gcube.smartgears.Constants;
|
import org.gcube.smartgears.Constants;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.configuration.application.ApplicationExtensions;
|
import org.gcube.smartgears.configuration.application.ApplicationExtensions;
|
||||||
import org.gcube.smartgears.configuration.application.ApplicationHandlers;
|
import org.gcube.smartgears.configuration.application.ApplicationHandlers;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
|
@ -76,16 +76,17 @@ public class ApplicationManager {
|
||||||
log.trace("servlet {} : {} {} ", application.getServletContextName(),servlet.getKey(), servlet.getValue().getMappings());
|
log.trace("servlet {} : {} {} ", application.getServletContextName(),servlet.getKey(), servlet.getValue().getMappings());
|
||||||
|
|
||||||
|
|
||||||
context.configuration().validate();
|
|
||||||
|
|
||||||
/* if (context.configuration().secure() &&
|
/* if (context.configuration().secure() &&
|
||||||
container.configuration().securePort()==null)
|
container.configuration().securePort()==null)
|
||||||
throw new IllegalStateException(
|
throw new IllegalStateException(
|
||||||
String.format("Application %s cannot be managed because is declared as secure without a secure connector port declared in the container", context.application().getContextPath()));
|
String.format("Application %s cannot be managed because is declared as secure without a secure connector port declared in the container", context.application().getContextPath()));
|
||||||
*/
|
*/
|
||||||
|
|
||||||
context.configuration().startTokens(generateTokensForApplication(container));
|
|
||||||
|
|
||||||
|
if (context.container().configuration().mode()!=Mode.offline) {
|
||||||
|
context.configuration().startTokens(generateTokensForApplication(container).stream().collect(Collectors.toSet()));
|
||||||
|
context.configuration().validate();
|
||||||
|
}
|
||||||
saveApplicationState();
|
saveApplicationState();
|
||||||
|
|
||||||
// make context available to application in case it is gcube-aware
|
// make context available to application in case it is gcube-aware
|
||||||
|
@ -142,13 +143,25 @@ public class ApplicationManager {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private Set<String> generateTokensForApplication(ContainerContext container){
|
private List<String> generateTokensForApplication(ContainerContext container){
|
||||||
log.info("generating token for app {}",context.configuration().name());
|
log.info("generating token for app {}",context.configuration().name());
|
||||||
Set<String> tokens = new HashSet<String>();
|
|
||||||
AuthorizationProxy authProxy = provider().authorizationProxy();
|
SecurityTokenProvider.instance.set(container.configuration().startTokens().get(0));
|
||||||
for (String containerToken :container.configuration().startTokens())
|
try {
|
||||||
tokens.add(generateApplicationToken(containerToken, authProxy));
|
AuthorizationProxy authProxy = provider().authorizationProxy();
|
||||||
return tokens;
|
try {
|
||||||
|
return authProxy.generateServiceToken(Utils.getServiceInfo(context), container.configuration().startTokens());
|
||||||
|
}catch (Exception e) {
|
||||||
|
log.error("error generating service token",e);
|
||||||
|
throw new RuntimeException(e);
|
||||||
|
}
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new RuntimeException("error contacting authorization service",e);
|
||||||
|
} finally{
|
||||||
|
SecurityTokenProvider.instance.reset();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private String generateApplicationToken(String containerToken, AuthorizationProxy authProxy){
|
private String generateApplicationToken(String containerToken, AuthorizationProxy authProxy){
|
||||||
|
@ -315,6 +328,7 @@ public class ApplicationManager {
|
||||||
log.trace("app token created : {} ", appToken);
|
log.trace("app token created : {} ", appToken);
|
||||||
context.events().fire(appToken, ProfileEvents.addToContext);
|
context.events().fire(appToken, ProfileEvents.addToContext);
|
||||||
context.events().fire(appToken, Constants.token_registered);
|
context.events().fire(appToken, Constants.token_registered);
|
||||||
|
saveApplicationState();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Observes(value = ContextEvents.REMOVE_TOKEN_FROM_APPLICATION, kind = critical)
|
@Observes(value = ContextEvents.REMOVE_TOKEN_FROM_APPLICATION, kind = critical)
|
||||||
|
@ -325,6 +339,7 @@ public class ApplicationManager {
|
||||||
log.trace("app token removed : {} ", appToken);
|
log.trace("app token removed : {} ", appToken);
|
||||||
context.events().fire(appToken, ProfileEvents.removeFromContext);
|
context.events().fire(appToken, ProfileEvents.removeFromContext);
|
||||||
context.events().fire(appToken, Constants.token_removed);
|
context.events().fire(appToken, Constants.token_removed);
|
||||||
|
saveApplicationState();
|
||||||
}
|
}
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
|
@ -10,7 +10,6 @@ import static org.gcube.smartgears.provider.ProviderFactory.provider;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.FileOutputStream;
|
import java.io.FileOutputStream;
|
||||||
import java.io.ObjectOutputStream;
|
import java.io.ObjectOutputStream;
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
@ -22,6 +21,7 @@ import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||||
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
import org.gcube.common.authorization.library.provider.ContainerInfo;
|
||||||
import org.gcube.common.events.Observes;
|
import org.gcube.common.events.Observes;
|
||||||
import org.gcube.common.events.Observes.Kind;
|
import org.gcube.common.events.Observes.Kind;
|
||||||
|
import org.gcube.smartgears.configuration.Mode;
|
||||||
import org.gcube.smartgears.configuration.container.ContainerHandlers;
|
import org.gcube.smartgears.configuration.container.ContainerHandlers;
|
||||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||||
import org.gcube.smartgears.context.container.ContainerContext;
|
import org.gcube.smartgears.context.container.ContainerContext;
|
||||||
|
@ -64,11 +64,9 @@ public class ContainerManager {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
// TODO Ask if is not enough that is already done in
|
|
||||||
// Bootstrap.initialiseContainer() function;
|
|
||||||
context.configuration().validate();
|
|
||||||
|
|
||||||
validateContainer(context);
|
if (context.configuration().mode()!=Mode.offline)
|
||||||
|
validateContainer(context);
|
||||||
|
|
||||||
saveContainerState();
|
saveContainerState();
|
||||||
|
|
||||||
|
@ -112,16 +110,22 @@ public class ContainerManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void validateContainer(ContainerContext context) {
|
private void validateContainer(ContainerContext context) {
|
||||||
List<String> tokensToRemove = new ArrayList<String>();
|
//List<String> tokensToRemove = new ArrayList<String>();
|
||||||
|
context.configuration().validate();
|
||||||
Set<String> foundContexts= new HashSet<String>();
|
Set<String> foundContexts= new HashSet<String>();
|
||||||
|
|
||||||
for (String token : context.configuration().startTokens()){
|
try {
|
||||||
String tokenContext = resolveTokenForAdd(foundContexts, token);
|
List<AuthorizationEntry> entries = authProvider.get(context.configuration().startTokens());
|
||||||
if (tokenContext!=null){
|
|
||||||
log.info("the container will be started in context {}",tokenContext);
|
log.info("requesting auth on {} tokens returned {} entries", context.configuration().startTokens().size(),entries.size());
|
||||||
foundContexts.add(tokenContext);
|
|
||||||
} else
|
for (AuthorizationEntry entry : entries ) {
|
||||||
tokensToRemove.add(token);
|
log.info("the container will be started in context {}",entry.getContext());
|
||||||
|
foundContexts.add(entry.getContext());
|
||||||
|
}
|
||||||
|
|
||||||
|
} catch (Exception e) {
|
||||||
|
log.error("error contacting auth service on container",e);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (foundContexts.isEmpty()){
|
if (foundContexts.isEmpty()){
|
||||||
|
@ -129,7 +133,7 @@ public class ContainerManager {
|
||||||
throw new RuntimeException("no valid starting token are specified");
|
throw new RuntimeException("no valid starting token are specified");
|
||||||
}
|
}
|
||||||
|
|
||||||
context.configuration().startTokens().removeAll(tokensToRemove);
|
//context.configuration().startTokens().removeAll(tokensToRemove);
|
||||||
context.configuration().allowedContexts(foundContexts);
|
context.configuration().allowedContexts(foundContexts);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -98,7 +98,7 @@ public class RequestManager implements Filter {
|
||||||
// dispatch to other filters for this servlet
|
// dispatch to other filters for this servlet
|
||||||
chain.doFilter(request, response);
|
chain.doFilter(request, response);
|
||||||
}catch(ServletException t){
|
}catch(ServletException t){
|
||||||
log.error("error in doFilter",t.getRootCause());
|
log.error("error in doFilter",t);
|
||||||
handleError(httprequest,httpresponse,t.getRootCause());
|
handleError(httprequest,httpresponse,t.getRootCause());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -260,7 +260,8 @@ public class RequestManager implements Filter {
|
||||||
RequestException.class.cast(t).error():
|
RequestException.class.cast(t).error():
|
||||||
application_error;
|
application_error;
|
||||||
|
|
||||||
response.resetBuffer();
|
if (!response.isCommitted())
|
||||||
|
response.resetBuffer();
|
||||||
if (error == request_not_authorized_error){
|
if (error == request_not_authorized_error){
|
||||||
response.setHeader("WWW-Authenticate", "Basic realm=\"Smartgears\"");
|
response.setHeader("WWW-Authenticate", "Basic realm=\"Smartgears\"");
|
||||||
log.info("setting WWW-Authenticate to response header");
|
log.info("setting WWW-Authenticate to response header");
|
||||||
|
|
|
@ -0,0 +1,86 @@
|
||||||
|
package org.gcube.smartgears.utils;
|
||||||
|
|
||||||
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.net.URLDecoder;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
import org.gcube.com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||||
|
import org.gcube.com.fasterxml.jackson.annotation.JsonProperty;
|
||||||
|
|
||||||
|
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||||
|
public class GcubeJwt {
|
||||||
|
|
||||||
|
protected final static List<String> MINIMAL_ROLES = Arrays.asList("Member");
|
||||||
|
|
||||||
|
@JsonProperty("aud")
|
||||||
|
private String context;
|
||||||
|
|
||||||
|
@JsonProperty("resource_access")
|
||||||
|
private Map<String, Roles> contextAccess = new HashMap<>();
|
||||||
|
|
||||||
|
@JsonProperty("preferred_username")
|
||||||
|
private String username;
|
||||||
|
|
||||||
|
@JsonProperty("given_name")
|
||||||
|
private String firstName;
|
||||||
|
|
||||||
|
@JsonProperty("family_name")
|
||||||
|
private String lastName;
|
||||||
|
|
||||||
|
@JsonProperty("clientId")
|
||||||
|
private String clientId;
|
||||||
|
|
||||||
|
@JsonProperty("email")
|
||||||
|
private String email;
|
||||||
|
|
||||||
|
public List<String> getRoles(){
|
||||||
|
return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getContext() {
|
||||||
|
try {
|
||||||
|
return URLDecoder.decode(context, StandardCharsets.UTF_8.toString());
|
||||||
|
}catch (UnsupportedEncodingException e) {
|
||||||
|
return context;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getUsername() {
|
||||||
|
return username;
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isExternalService() {
|
||||||
|
return clientId != null;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getFirstName() {
|
||||||
|
return firstName;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getLastName() {
|
||||||
|
return lastName;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getEmail() {
|
||||||
|
return email;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String toString() {
|
||||||
|
return "GcubeJwt [context=" + getContext() + ", roles=" + getRoles() + ", username=" + username
|
||||||
|
+ ", firstName=" + firstName + ", lastName=" + lastName + ", email=" + email + "]";
|
||||||
|
}
|
||||||
|
|
||||||
|
public static class Roles {
|
||||||
|
|
||||||
|
@JsonProperty("roles")
|
||||||
|
List<String> roles = new ArrayList<>();
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
/smartgears-config.xml
|
Loading…
Reference in New Issue