auth provider modified

src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java

@@ -114,6 +114,7 @@ public class ContainerConfigurationBinder {
 		if (authorizationSection != null) {
 			
 			String provider = authorizationSection.get("factory");
+			String authEndpoint = authorizationSection.get("endpoint");
 			AuthorizationProviderFactory<?> authProviderFactory;
 			if (provider!=null) {
 				try {
@@ -138,7 +139,7 @@ public class ContainerConfigurationBinder {
 			}
 			authorizationSection.to(credentials, "credentials.");
 			
-			AuthorizationProvider authProvider = authProviderFactory.connect(credentials);
+			AuthorizationProvider authProvider = authProviderFactory.connect(credentials, authEndpoint);
 			
 			conf.setAuthorizationProvider(authProvider);	
 		}

src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ProfileManager.java

@@ -164,7 +164,7 @@ public class ProfileManager extends ApplicationLifecycleHandler {
 			@Observes(value = addToContext)
 			void addTo(String token) {
 				try {
-					log.trace("publishing application with new token");
+					log.trace("publishing application in new context");
 					publisher.addTo(Collections.singleton(token));
 					publisher.update();
 				}catch (Exception e) {
@@ -183,7 +183,7 @@ public class ProfileManager extends ApplicationLifecycleHandler {
 			@Observes(value = removeFromContext)
 			void removeFrom(String token) {
 				try {
-					log.trace("unpublishing application with token");
+					log.trace("unpublishing application from context");
 					publisher.removeFrom(Collections.singleton(token));
 					publisher.update();
 				}catch (Exception e) {

src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerPublisher.java

@@ -47,8 +47,7 @@ public class ContainerPublisher extends AbstractProfilePublisher<HostingNode> {
 
 	@Override
 	protected Set<String> getAllowedContexts() {
-		// TODO Auto-generated method stub
-		return null;
+		return context.configuration().allowedContexts();
 	}
 
 

src/main/java/org/gcube/smartgears/managers/ContainerManager.java

@@ -101,7 +101,7 @@ public class ContainerManager {
 		Set<String> foundContexts;
 						
 		try {
-			foundContexts = context.configuration().authorizationProvider().getAllowedContexts();
+			foundContexts = context.configuration().authorizationProvider().getContexts();
 		} catch (Exception e) {
 			log.error("error authorizing container",e);
 			throw new RuntimeException("error authorizing container, moving the container to failed",e);

src/main/java/org/gcube/smartgears/security/AuthorizationProvider.java

@@ -4,5 +4,5 @@ import java.util.Set;
 
 public interface AuthorizationProvider {
 
-	Set<String> getAllowedContexts();
+	Set<String> getContexts();
 }

src/main/java/org/gcube/smartgears/security/AuthorizationProviderFactory.java

@@ -2,6 +2,7 @@ package org.gcube.smartgears.security;
 
 public interface AuthorizationProviderFactory<T extends AuthorizationProvider> {
 
-	T connect(Credentials credentials);
+	T connect(Credentials credentials, String endpoint);
+	
 	
 }

src/main/java/org/gcube/smartgears/security/SimpleCredentials.java

@@ -11,9 +11,6 @@ public class SimpleCredentials implements Credentials{
 	@NotNull @NotEmpty
 	String secret;
 	
-	@NotNull @NotEmpty
-	String endpoint;
-
 	public String getClientID() {
 		return clientID;
 	}
@@ -21,14 +18,6 @@ public class SimpleCredentials implements Credentials{
 	public void setClientID(String clientID) {
 		this.clientID = clientID;
 	}	
-	
-	public String getEndpoint() {
-		return endpoint;
-	}
-
-	public void setEndpoint(String endpoint) {
-		this.endpoint = endpoint;
-	}
 
 	public String getSecret() {
 		return secret;

src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProvider.java

@@ -25,16 +25,22 @@ public class DefaultAuthorizationProvider implements AuthorizationProvider {
 	
 	private SimpleCredentials credentials;
 	
-	public DefaultAuthorizationProvider(SimpleCredentials credentials) {
+	private String endpoint;
+	
+	public DefaultAuthorizationProvider(SimpleCredentials credentials, String endpoint) {
 		this.credentials = credentials;				
+		this.endpoint = endpoint;
 	}
 	
-
 	@Override
-	public Set<String> getAllowedContexts() {
+	public Set<String> getContexts() {
 		Set<String> contexts = new HashSet<String>();
 		try {
-			TokenResponse response = client.queryOIDCToken(new URL(credentials.getEndpoint()), credentials.getClientID(), credentials.getSecret());
+			TokenResponse response;
+			if (this.endpoint == null)
+				response = client.queryOIDCToken(credentials.getClientID(), credentials.getSecret());
+			else 
+				response = client.queryOIDCToken(new URL(this.endpoint), credentials.getClientID(), credentials.getSecret());
 			Map<String, Access> resourceAccess = ModelUtils.getAccessTokenFrom(response).getResourceAccess();
 			for (String context : resourceAccess.keySet()) {
 				try {

src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProviderFactory.java

@@ -7,10 +7,10 @@ import org.gcube.smartgears.security.SimpleCredentials;
 public class DefaultAuthorizationProviderFactory implements AuthorizationProviderFactory<DefaultAuthorizationProvider>{
 
 	@Override
-	public DefaultAuthorizationProvider connect(Credentials credentials) {
+	public DefaultAuthorizationProvider connect(Credentials credentials, String enpoint) {
 		if (!SimpleCredentials.class.isInstance(credentials))
 			throw new IllegalArgumentException("invalid credential type passed");
-		return new DefaultAuthorizationProvider((SimpleCredentials)credentials);
+		return new DefaultAuthorizationProvider((SimpleCredentials)credentials, enpoint);
 	}
 
 	

src/test/resources/container.ini

@@ -30,10 +30,10 @@ location = rome
 ; mandatory
 ; optional fields: provider factory (=org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory)
 factory = org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory
+endpoint = testEndpoint
 credentials.class = org.gcube.smartgears.security.SimpleCredentials
 credentials.clientID = testClient
 credentials.secret = testSecret
-credentials.endpoint = testSecret
 
 ;[persistence]
 ; not mandatory (default is LocalPersistence writing in the ghn home)

src/test/resources/test-configuration.ini

@@ -1,41 +0,0 @@
-[node]
-; mandatory
-; optional fields: mode (=online), publication-frequency-seconds (=60), authorizeChildrenContext (=false)
-mode = offline
-hostname = localhost
-protocol= https
-port = 8080
-infrastructure = gcube
-authorizeChildrenContext = true
-publicationFrequencyInSeconds = 60
-
-[properties]
-; not mandatory
-SmartGearsDistribution = 0.0.1
-SmartGearsDistributionBundle = UnBundled
-
-[site]
-; mandatory
-; optional fields: latitude, logitude
-country = it
-location = rome
-
-[proxy]
-; not mandatory
-protocol = https
-hostname = proxy
-port = 80
-
-[authorization]
-; mandatory
-; optional fields: factory provider (=org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory)
-factory = org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory
-credentials.class = org.gcube.smartgears.security.SimpleCredentials
-credentials.clientID = testClient
-credentials.secret = testSecret
-credentials.enpoint = https://accounts.dev.d4science.org/auth/realms/d4science/protocol/openid-connect/token
-
-[persistence]
-; not mandatory (default is LocalPersistence writing in the ghn home)
-class = utils.PersistenceWriterTest
-location = /tmp