support ticket #28304
This commit is contained in:
parent
a9535591ab
commit
855820b2fa
|
@ -2,10 +2,12 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
|
|||
|
||||
# Changelog for Common Smartgears
|
||||
|
||||
## [v4.0.0]
|
||||
## [v4.0.0-SNAPSHOT]
|
||||
|
||||
- support ticket #28304
|
||||
- porting to keycloak
|
||||
- moved to jakarta and servlet6
|
||||
- added token expiration
|
||||
|
||||
|
||||
## [v3.2.0] - 2023-04-12
|
||||
|
|
2
pom.xml
2
pom.xml
|
@ -10,7 +10,7 @@
|
|||
</parent>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-smartgears</artifactId>
|
||||
<version>4.0.0</version>
|
||||
<version>4.0.0-SNAPSHOT</version>
|
||||
<name>SmartGears</name>
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
|
|
|
@ -27,6 +27,13 @@ public class BaseConfiguration {
|
|||
|
||||
long publicationFrequencyInSeconds = default_container_publication_frequency_in_seconds;
|
||||
|
||||
@NotNull @NotEmpty
|
||||
private Boolean checkTokenExpiration = false;
|
||||
|
||||
public boolean checkTokenExpiration() {
|
||||
return checkTokenExpiration;
|
||||
}
|
||||
|
||||
public Mode getMode() {
|
||||
return mode;
|
||||
}
|
||||
|
|
|
@ -93,6 +93,10 @@ public class ContainerConfiguration {
|
|||
return baseConfiguration.getMode();
|
||||
}
|
||||
|
||||
public boolean checkTokenExpiration() {
|
||||
return baseConfiguration.checkTokenExpiration();
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the application configurations included in this configuration.
|
||||
* @return the application configurations
|
||||
|
|
|
@ -49,7 +49,6 @@ public class RequestValidator extends RequestHandler {
|
|||
|
||||
if (appContext.container().configuration().mode()!=Mode.offline) {
|
||||
validateScopeCall();
|
||||
validatePolicy(call);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -113,9 +112,6 @@ public class RequestValidator extends RequestHandler {
|
|||
return getName();
|
||||
}
|
||||
|
||||
private void validatePolicy(RequestEvent call){
|
||||
//TODO: must be re-thought
|
||||
}
|
||||
|
||||
private Secret getSecret(RequestEvent call){
|
||||
|
||||
|
@ -136,8 +132,10 @@ public class RequestValidator extends RequestHandler {
|
|||
RequestError.request_not_authorized_error.fire("call not authorized");
|
||||
|
||||
if (!secret.isValid())
|
||||
RequestError.request_not_authorized_error.fire("authorization with secret "+secret.getClass().getSimpleName()+" is not valid ");
|
||||
RequestError.request_not_authorized_error.fire("authorization with secret "+secret.getClass().getSimpleName()+": token not valid ");
|
||||
|
||||
if (call.context().container().configuration().checkTokenExpiration() && secret.isExpired())
|
||||
RequestError.request_not_authorized_error.fire("authorization with secret "+secret.getClass().getSimpleName()+": token expired ");
|
||||
|
||||
return secret;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue