common-smartgears/src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java

package org.gcube.smartgears.handlers.application.request;

import static org.gcube.smartgears.Constants.scope_header;
import static org.gcube.smartgears.Constants.token_header;
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;

import java.util.Base64;

import javax.xml.bind.annotation.XmlRootElement;

import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.secret.GCubeSecret;
import org.gcube.common.authorization.utils.secret.JWTSecret;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.smartgears.Constants;
import org.gcube.smartgears.handlers.application.RequestEvent;
import org.gcube.smartgears.handlers.application.RequestHandler;
import org.gcube.smartgears.handlers.application.ResponseEvent;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@XmlRootElement(name = Constants.request_context_retriever)
public class RequestContextRetriever extends RequestHandler {

	private static Logger log = LoggerFactory.getLogger(RequestContextRetriever.class);

	private static final String BEARER_AUTH_PREFIX ="Bearer"; 
	private static final String BASIC_AUTH_PREFIX ="Basic"; 


	@Override
	public String getName() {
		return Constants.request_context_retriever;
	}

	@Override
	public void handleRequest(RequestEvent call) {
		String token = call.request().getParameter(token_header)==null?	call.request().getHeader(token_header):call.request().getParameter(token_header);
		String scope = call.request().getParameter(scope_header)==null?	call.request().getHeader(scope_header):call.request().getParameter(scope_header);
		
		String authHeader  = call.request().getHeader(Constants.authorization_header);
		
		log.trace("authorization header is {}",authHeader);
		log.trace("token header is {}", token);
		log.trace("scope header is {}", scope);
		
		String retrievedUser = null;
		String accessToken = null;
		if (authHeader!=null && !authHeader.isEmpty()) {
			if (authHeader.startsWith(BEARER_AUTH_PREFIX))
				accessToken = authHeader.substring(BEARER_AUTH_PREFIX.length()).trim();
			else if (token==null && authHeader.startsWith(BASIC_AUTH_PREFIX)) {
				String basicAuthToken = authHeader.substring(BASIC_AUTH_PREFIX.length()).trim();
				String decodedAuth = new String(Base64.getDecoder().decode(basicAuthToken.getBytes()));
				String[] splitAuth = decodedAuth.split(":");
				token = splitAuth[1];
				retrievedUser = splitAuth[0];
			}
		}
	
		SecretManager secretManager = SecretManager.instance.get();
		
		if (accessToken!=null) {
			JWTSecret jwtSecret = new JWTSecret(accessToken);
			secretManager.addSecret(jwtSecret);
		} 
		
		if (token!=null) {
			GCubeSecret gCubeSecret = new GCubeSecret(token);
			secretManager.addSecret(gCubeSecret);
			try {
				if (retrievedUser != null && !gCubeSecret.getClientInfo().getId().equals(retrievedUser)) {
					internal_server_error.fire("user and token owner are not the same");
				}
			}catch (Exception e) {
				internal_server_error.fire(e.getMessage());
			}
		}
		
		if(accessToken==null && token==null) {
			if(scope!=null) {
				ScopeProvider.instance.set(scope);
			}
		}else {
			try {
				secretManager.set();
			} catch (Exception e) {
				internal_server_error.fire(e.getMessage());
			}
		}
		
	}

	@Override
	public void handleResponse(ResponseEvent e) {
		log.debug("resetting all the Thread local for this call.");
		SecretManager.instance.get().reset();
	}
	
}
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`package org.gcube.smartgears.handlers.application.request;`

			`import static org.gcube.smartgears.Constants.scope_header;`
			`import static org.gcube.smartgears.Constants.token_header;`
			`import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;`

commit for new IAM release 2020-11-18 18:50:49 +01:00			`import java.util.Base64;`

merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`import javax.xml.bind.annotation.XmlRootElement;`

Added authorization-utils refs #22871 2022-02-24 17:49:38 +01:00			`import org.gcube.common.authorization.utils.manager.SecretManager;`
Intregrated authorization-utils in place of ad-hoc code 2022-02-25 15:07:09 +01:00			`import org.gcube.common.authorization.utils.secret.GCubeSecret;`
			`import org.gcube.common.authorization.utils.secret.JWTSecret;`
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`import org.gcube.common.scope.api.ScopeProvider;`
			`import org.gcube.smartgears.Constants;`
			`import org.gcube.smartgears.handlers.application.RequestEvent;`
			`import org.gcube.smartgears.handlers.application.RequestHandler;`
			`import org.gcube.smartgears.handlers.application.ResponseEvent;`
			`import org.slf4j.Logger;`
			`import org.slf4j.LoggerFactory;`

			`@XmlRootElement(name = Constants.request_context_retriever)`
			`public class RequestContextRetriever extends RequestHandler {`

			`private static Logger log = LoggerFactory.getLogger(RequestContextRetriever.class);`
git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@179054 82a268e6-3cf1-43bd-a215-b396298e98cf 2019-04-16 17:12:48 +02:00
			`private static final String BEARER_AUTH_PREFIX ="Bearer";`
			`private static final String BASIC_AUTH_PREFIX ="Basic";`


merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`@Override`
			`public String getName() {`
			`return Constants.request_context_retriever;`
			`}`

			`@Override`
			`public void handleRequest(RequestEvent call) {`
			`String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header);`
			`String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);`
commit for new IAM release 2020-11-18 18:50:49 +01:00
			`String authHeader = call.request().getHeader(Constants.authorization_header);`

- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00			`log.trace("authorization header is {}",authHeader);`
Intregrated authorization-utils in place of ad-hoc code 2022-02-25 15:07:09 +01:00			`log.trace("token header is {}", token);`
			`log.trace("scope header is {}", scope);`
commit for new IAM release 2020-11-18 18:50:49 +01:00
- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00			`String retrievedUser = null;`
			`String accessToken = null;`
commit for new IAM release 2020-11-18 18:50:49 +01:00			`if (authHeader!=null && !authHeader.isEmpty()) {`
			`if (authHeader.startsWith(BEARER_AUTH_PREFIX))`
- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00			`accessToken = authHeader.substring(BEARER_AUTH_PREFIX.length()).trim();`
commit for new IAM release 2020-11-18 18:50:49 +01:00			`else if (token==null && authHeader.startsWith(BASIC_AUTH_PREFIX)) {`
			`String basicAuthToken = authHeader.substring(BASIC_AUTH_PREFIX.length()).trim();`
			`String decodedAuth = new String(Base64.getDecoder().decode(basicAuthToken.getBytes()));`
- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00			`String[] splitAuth = decodedAuth.split(":");`
			`token = splitAuth[1];`
			`retrievedUser = splitAuth[0];`
commit for new IAM release 2020-11-18 18:50:49 +01:00			`}`
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`}`
- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00
Intregrated authorization-utils in place of ad-hoc code 2022-02-25 15:07:09 +01:00			`SecretManager secretManager = SecretManager.instance.get();`

- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00			`if (accessToken!=null) {`
Intregrated authorization-utils in place of ad-hoc code 2022-02-25 15:07:09 +01:00			`JWTSecret jwtSecret = new JWTSecret(accessToken);`
			`secretManager.addSecret(jwtSecret);`
			`}`

			`if (token!=null) {`
			`GCubeSecret gCubeSecret = new GCubeSecret(token);`
			`secretManager.addSecret(gCubeSecret);`
			`try {`
			`if (retrievedUser != null && !gCubeSecret.getClientInfo().getId().equals(retrievedUser)) {`
			`internal_server_error.fire("user and token owner are not the same");`
			`}`
			`}catch (Exception e) {`
			`internal_server_error.fire(e.getMessage());`
			`}`
			`}`

			`if(accessToken==null && token==null) {`
			`if(scope!=null) {`
			`ScopeProvider.instance.set(scope);`
			`}`
			`}else {`
			`try {`
			`secretManager.set();`
			`} catch (Exception e) {`
			`internal_server_error.fire(e.getMessage());`
			`}`
			`}`
- use of AccessTokenProvider - use gcube-jackson instead of minimal-json for access token parsing [#21097] 2021-05-24 16:31:46 +02:00
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`}`

			`@Override`
			`public void handleResponse(ResponseEvent e) {`
			`log.debug("resetting all the Thread local for this call.");`
Intregrated authorization-utils in place of ad-hoc code 2022-02-25 15:07:09 +01:00			`SecretManager.instance.get().reset();`
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`}`
commit for new IAM release 2020-11-18 18:50:49 +01:00
merge for relese 4.6.1 git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@151408 82a268e6-3cf1-43bd-a215-b396298e98cf 2017-07-28 12:09:32 +02:00			`}`