2017-07-28 12:09:32 +02:00
|
|
|
package org.gcube.smartgears.handlers.application.request;
|
|
|
|
|
|
|
|
import static org.gcube.smartgears.Constants.scope_header;
|
|
|
|
import static org.gcube.smartgears.Constants.token_header;
|
|
|
|
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
|
|
|
|
|
2020-11-18 18:50:49 +01:00
|
|
|
import java.util.Base64;
|
|
|
|
|
2017-07-28 12:09:32 +02:00
|
|
|
import javax.xml.bind.annotation.XmlRootElement;
|
|
|
|
|
2022-02-24 17:49:38 +01:00
|
|
|
import org.gcube.common.authorization.utils.manager.SecretManager;
|
2022-02-28 13:26:40 +01:00
|
|
|
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
|
2022-02-25 15:07:09 +01:00
|
|
|
import org.gcube.common.authorization.utils.secret.GCubeSecret;
|
|
|
|
import org.gcube.common.authorization.utils.secret.JWTSecret;
|
2017-07-28 12:09:32 +02:00
|
|
|
import org.gcube.common.scope.api.ScopeProvider;
|
|
|
|
import org.gcube.smartgears.Constants;
|
|
|
|
import org.gcube.smartgears.handlers.application.RequestEvent;
|
|
|
|
import org.gcube.smartgears.handlers.application.RequestHandler;
|
|
|
|
import org.gcube.smartgears.handlers.application.ResponseEvent;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
|
|
|
@XmlRootElement(name = Constants.request_context_retriever)
|
|
|
|
public class RequestContextRetriever extends RequestHandler {
|
|
|
|
|
|
|
|
private static Logger log = LoggerFactory.getLogger(RequestContextRetriever.class);
|
2019-04-16 17:12:48 +02:00
|
|
|
|
|
|
|
private static final String BEARER_AUTH_PREFIX ="Bearer";
|
|
|
|
private static final String BASIC_AUTH_PREFIX ="Basic";
|
|
|
|
|
|
|
|
|
2017-07-28 12:09:32 +02:00
|
|
|
@Override
|
|
|
|
public String getName() {
|
|
|
|
return Constants.request_context_retriever;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void handleRequest(RequestEvent call) {
|
|
|
|
String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header);
|
|
|
|
String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);
|
2020-11-18 18:50:49 +01:00
|
|
|
|
|
|
|
String authHeader = call.request().getHeader(Constants.authorization_header);
|
|
|
|
|
2021-05-24 16:31:46 +02:00
|
|
|
log.trace("authorization header is {}",authHeader);
|
2022-02-25 15:07:09 +01:00
|
|
|
log.trace("token header is {}", token);
|
|
|
|
log.trace("scope header is {}", scope);
|
2020-11-18 18:50:49 +01:00
|
|
|
|
2021-05-24 16:31:46 +02:00
|
|
|
String retrievedUser = null;
|
|
|
|
String accessToken = null;
|
2020-11-18 18:50:49 +01:00
|
|
|
if (authHeader!=null && !authHeader.isEmpty()) {
|
|
|
|
if (authHeader.startsWith(BEARER_AUTH_PREFIX))
|
2021-05-24 16:31:46 +02:00
|
|
|
accessToken = authHeader.substring(BEARER_AUTH_PREFIX.length()).trim();
|
2020-11-18 18:50:49 +01:00
|
|
|
else if (token==null && authHeader.startsWith(BASIC_AUTH_PREFIX)) {
|
|
|
|
String basicAuthToken = authHeader.substring(BASIC_AUTH_PREFIX.length()).trim();
|
|
|
|
String decodedAuth = new String(Base64.getDecoder().decode(basicAuthToken.getBytes()));
|
2021-05-24 16:31:46 +02:00
|
|
|
String[] splitAuth = decodedAuth.split(":");
|
|
|
|
token = splitAuth[1];
|
|
|
|
retrievedUser = splitAuth[0];
|
2020-11-18 18:50:49 +01:00
|
|
|
}
|
2017-07-28 12:09:32 +02:00
|
|
|
}
|
2022-02-28 17:07:57 +01:00
|
|
|
|
|
|
|
SecretManager secretManager = new SecretManager();
|
|
|
|
SecretManagerProvider.instance.set(secretManager);
|
2022-02-25 15:07:09 +01:00
|
|
|
|
2021-05-24 16:31:46 +02:00
|
|
|
if (accessToken!=null) {
|
2022-02-25 15:07:09 +01:00
|
|
|
JWTSecret jwtSecret = new JWTSecret(accessToken);
|
|
|
|
secretManager.addSecret(jwtSecret);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (token!=null) {
|
|
|
|
GCubeSecret gCubeSecret = new GCubeSecret(token);
|
|
|
|
secretManager.addSecret(gCubeSecret);
|
|
|
|
try {
|
|
|
|
if (retrievedUser != null && !gCubeSecret.getClientInfo().getId().equals(retrievedUser)) {
|
|
|
|
internal_server_error.fire("user and token owner are not the same");
|
|
|
|
}
|
|
|
|
}catch (Exception e) {
|
|
|
|
internal_server_error.fire(e.getMessage());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if(accessToken==null && token==null) {
|
|
|
|
if(scope!=null) {
|
|
|
|
ScopeProvider.instance.set(scope);
|
|
|
|
}
|
|
|
|
}else {
|
|
|
|
try {
|
|
|
|
secretManager.set();
|
|
|
|
} catch (Exception e) {
|
|
|
|
internal_server_error.fire(e.getMessage());
|
|
|
|
}
|
|
|
|
}
|
2021-05-24 16:31:46 +02:00
|
|
|
|
2017-07-28 12:09:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void handleResponse(ResponseEvent e) {
|
|
|
|
log.debug("resetting all the Thread local for this call.");
|
2022-02-28 16:56:56 +01:00
|
|
|
SecretManagerProvider.instance.reset();
|
2017-07-28 12:09:32 +02:00
|
|
|
}
|
2020-11-18 18:50:49 +01:00
|
|
|
|
2017-07-28 12:09:32 +02:00
|
|
|
}
|