diff --git a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java index b7b5325..01919b9 100644 --- a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java +++ b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java @@ -114,6 +114,7 @@ public class ContainerConfigurationBinder { if (authorizationSection != null) { String provider = authorizationSection.get("factory"); + String authEndpoint = authorizationSection.get("endpoint"); AuthorizationProviderFactory authProviderFactory; if (provider!=null) { try { @@ -138,7 +139,7 @@ public class ContainerConfigurationBinder { } authorizationSection.to(credentials, "credentials."); - AuthorizationProvider authProvider = authProviderFactory.connect(credentials); + AuthorizationProvider authProvider = authProviderFactory.connect(credentials, authEndpoint); conf.setAuthorizationProvider(authProvider); } diff --git a/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ProfileManager.java b/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ProfileManager.java index 8aa9daa..2418054 100644 --- a/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ProfileManager.java +++ b/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ProfileManager.java @@ -164,7 +164,7 @@ public class ProfileManager extends ApplicationLifecycleHandler { @Observes(value = addToContext) void addTo(String token) { try { - log.trace("publishing application with new token"); + log.trace("publishing application in new context"); publisher.addTo(Collections.singleton(token)); publisher.update(); }catch (Exception e) { @@ -183,7 +183,7 @@ public class ProfileManager extends ApplicationLifecycleHandler { @Observes(value = removeFromContext) void removeFrom(String token) { try { - log.trace("unpublishing application with token"); + log.trace("unpublishing application from context"); publisher.removeFrom(Collections.singleton(token)); publisher.update(); }catch (Exception e) { diff --git a/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerPublisher.java b/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerPublisher.java index bbf7110..a883ba7 100644 --- a/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerPublisher.java +++ b/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerPublisher.java @@ -47,8 +47,7 @@ public class ContainerPublisher extends AbstractProfilePublisher { @Override protected Set getAllowedContexts() { - // TODO Auto-generated method stub - return null; + return context.configuration().allowedContexts(); } diff --git a/src/main/java/org/gcube/smartgears/managers/ContainerManager.java b/src/main/java/org/gcube/smartgears/managers/ContainerManager.java index f44ad3d..c2c2d54 100644 --- a/src/main/java/org/gcube/smartgears/managers/ContainerManager.java +++ b/src/main/java/org/gcube/smartgears/managers/ContainerManager.java @@ -101,7 +101,7 @@ public class ContainerManager { Set foundContexts; try { - foundContexts = context.configuration().authorizationProvider().getAllowedContexts(); + foundContexts = context.configuration().authorizationProvider().getContexts(); } catch (Exception e) { log.error("error authorizing container",e); throw new RuntimeException("error authorizing container, moving the container to failed",e); diff --git a/src/main/java/org/gcube/smartgears/security/AuthorizationProvider.java b/src/main/java/org/gcube/smartgears/security/AuthorizationProvider.java index abafa2d..08cb7b4 100644 --- a/src/main/java/org/gcube/smartgears/security/AuthorizationProvider.java +++ b/src/main/java/org/gcube/smartgears/security/AuthorizationProvider.java @@ -4,5 +4,5 @@ import java.util.Set; public interface AuthorizationProvider { - Set getAllowedContexts(); + Set getContexts(); } diff --git a/src/main/java/org/gcube/smartgears/security/AuthorizationProviderFactory.java b/src/main/java/org/gcube/smartgears/security/AuthorizationProviderFactory.java index c18bcd7..6892b20 100644 --- a/src/main/java/org/gcube/smartgears/security/AuthorizationProviderFactory.java +++ b/src/main/java/org/gcube/smartgears/security/AuthorizationProviderFactory.java @@ -2,6 +2,7 @@ package org.gcube.smartgears.security; public interface AuthorizationProviderFactory { - T connect(Credentials credentials); + T connect(Credentials credentials, String endpoint); + } diff --git a/src/main/java/org/gcube/smartgears/security/SimpleCredentials.java b/src/main/java/org/gcube/smartgears/security/SimpleCredentials.java index ac45581..b9aca8b 100644 --- a/src/main/java/org/gcube/smartgears/security/SimpleCredentials.java +++ b/src/main/java/org/gcube/smartgears/security/SimpleCredentials.java @@ -11,9 +11,6 @@ public class SimpleCredentials implements Credentials{ @NotNull @NotEmpty String secret; - @NotNull @NotEmpty - String endpoint; - public String getClientID() { return clientID; } @@ -21,14 +18,6 @@ public class SimpleCredentials implements Credentials{ public void setClientID(String clientID) { this.clientID = clientID; } - - public String getEndpoint() { - return endpoint; - } - - public void setEndpoint(String endpoint) { - this.endpoint = endpoint; - } public String getSecret() { return secret; diff --git a/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProvider.java b/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProvider.java index 686426e..d030836 100644 --- a/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProvider.java +++ b/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProvider.java @@ -25,16 +25,22 @@ public class DefaultAuthorizationProvider implements AuthorizationProvider { private SimpleCredentials credentials; - public DefaultAuthorizationProvider(SimpleCredentials credentials) { + private String endpoint; + + public DefaultAuthorizationProvider(SimpleCredentials credentials, String endpoint) { this.credentials = credentials; + this.endpoint = endpoint; } - @Override - public Set getAllowedContexts() { + public Set getContexts() { Set contexts = new HashSet(); try { - TokenResponse response = client.queryOIDCToken(new URL(credentials.getEndpoint()), credentials.getClientID(), credentials.getSecret()); + TokenResponse response; + if (this.endpoint == null) + response = client.queryOIDCToken(credentials.getClientID(), credentials.getSecret()); + else + response = client.queryOIDCToken(new URL(this.endpoint), credentials.getClientID(), credentials.getSecret()); Map resourceAccess = ModelUtils.getAccessTokenFrom(response).getResourceAccess(); for (String context : resourceAccess.keySet()) { try { diff --git a/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProviderFactory.java b/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProviderFactory.java index 9903c0d..9fac9e0 100644 --- a/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProviderFactory.java +++ b/src/main/java/org/gcube/smartgears/security/defaults/DefaultAuthorizationProviderFactory.java @@ -7,10 +7,10 @@ import org.gcube.smartgears.security.SimpleCredentials; public class DefaultAuthorizationProviderFactory implements AuthorizationProviderFactory{ @Override - public DefaultAuthorizationProvider connect(Credentials credentials) { + public DefaultAuthorizationProvider connect(Credentials credentials, String enpoint) { if (!SimpleCredentials.class.isInstance(credentials)) throw new IllegalArgumentException("invalid credential type passed"); - return new DefaultAuthorizationProvider((SimpleCredentials)credentials); + return new DefaultAuthorizationProvider((SimpleCredentials)credentials, enpoint); } diff --git a/src/test/resources/container.ini b/src/test/resources/container.ini index e1a8526..dd6a102 100644 --- a/src/test/resources/container.ini +++ b/src/test/resources/container.ini @@ -30,10 +30,10 @@ location = rome ; mandatory ; optional fields: provider factory (=org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory) factory = org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory +endpoint = testEndpoint credentials.class = org.gcube.smartgears.security.SimpleCredentials credentials.clientID = testClient credentials.secret = testSecret -credentials.endpoint = testSecret ;[persistence] ; not mandatory (default is LocalPersistence writing in the ghn home) diff --git a/src/test/resources/test-configuration.ini b/src/test/resources/test-configuration.ini deleted file mode 100644 index 683fb11..0000000 --- a/src/test/resources/test-configuration.ini +++ /dev/null @@ -1,41 +0,0 @@ -[node] -; mandatory -; optional fields: mode (=online), publication-frequency-seconds (=60), authorizeChildrenContext (=false) -mode = offline -hostname = localhost -protocol= https -port = 8080 -infrastructure = gcube -authorizeChildrenContext = true -publicationFrequencyInSeconds = 60 - -[properties] -; not mandatory -SmartGearsDistribution = 0.0.1 -SmartGearsDistributionBundle = UnBundled - -[site] -; mandatory -; optional fields: latitude, logitude -country = it -location = rome - -[proxy] -; not mandatory -protocol = https -hostname = proxy -port = 80 - -[authorization] -; mandatory -; optional fields: factory provider (=org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory) -factory = org.gcube.smartgears.security.defaults.DefaultAuthorizationProviderFactory -credentials.class = org.gcube.smartgears.security.SimpleCredentials -credentials.clientID = testClient -credentials.secret = testSecret -credentials.enpoint = https://accounts.dev.d4science.org/auth/realms/d4science/protocol/openid-connect/token - -[persistence] -; not mandatory (default is LocalPersistence writing in the ghn home) -class = utils.PersistenceWriterTest -location = /tmp