gCubeSystem
/
common-smartgears
15
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@141905 82a268e6-3cf1-43bd-a215-b396298e98cf

This commit is contained in:
Lucio Lelii 2017-01-30 14:05:08 +00:00
parent 0590be702e
commit 800d697b45
2 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/gcube/smartgears/Constants.java
View File

@ -160,6 +160,12 @@ public class Constants {
*/ */
public static final String token_header="gcube-token"; public static final String token_header="gcube-token";
/**
* The name of the oauth secret parameter
*/
public static final String oauth_secret="client_secret";
/** /**
* The event for token registration for app. * The event for token registration for app.
*/ */

9
src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
View File

@ -3,6 +3,7 @@ package org.gcube.smartgears.handlers.application.request;
import static org.gcube.common.authorization.client.Constants.authorizationService; import static org.gcube.common.authorization.client.Constants.authorizationService;
import static org.gcube.smartgears.Constants.scope_header; import static org.gcube.smartgears.Constants.scope_header;
import static org.gcube.smartgears.Constants.token_header; import static org.gcube.smartgears.Constants.token_header;
import static org.gcube.smartgears.Constants.oauth_secret;
import static org.gcube.smartgears.handlers.application.request.RequestError.application_failed_error; import static org.gcube.smartgears.handlers.application.request.RequestError.application_failed_error;
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error; import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error; import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
@ -11,6 +12,7 @@ import static org.gcube.smartgears.handlers.application.request.RequestError.inv
import java.io.IOException; import java.io.IOException;
import javax.xml.bind.DatatypeConverter; import javax.xml.bind.DatatypeConverter;
import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlRootElement; import javax.xml.bind.annotation.XmlRootElement;
import org.gcube.common.authorization.client.exceptions.ObjectNotFound; import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
@ -36,6 +38,9 @@ import org.slf4j.LoggerFactory;
@XmlRootElement(name = Constants.request_validation) @XmlRootElement(name = Constants.request_validation)
public class RequestValidator extends RequestHandler { public class RequestValidator extends RequestHandler {
@XmlAttribute(required=false, name="oauth")
boolean oauthCompatibility = false;
private static Logger log = LoggerFactory.getLogger(RequestValidator.class); private static Logger log = LoggerFactory.getLogger(RequestValidator.class);
private ApplicationContext context; private ApplicationContext context;
@ -109,6 +114,10 @@ public class RequestValidator extends RequestHandler {
String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header); String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);
if(token==null && scope==null && oauthCompatibility)
token = call.request().getParameter(oauth_secret);
if (token == null && scope==null){ if (token == null && scope==null){
log.warn("rejecting call to {}, authorization required",context.name(),token); log.warn("rejecting call to {}, authorization required",context.name(),token);
if (call.context().container().configuration().authenticationEnpoint()==null){ if (call.context().container().configuration().authenticationEnpoint()==null){