From 9947bfbc7df818f508b5610109fc87333e9418f7 Mon Sep 17 00:00:00 2001 From: lucio lelii Date: Thu, 31 Mar 2022 11:58:49 +0200 Subject: [PATCH] update for 4.0.0 --- .../META-INF/smartgears-config.xml | 2 ++ pom.xml | 5 +++ .../java/org/gcube/smartgears/Constants.java | 2 +- .../library/SmartGearsConfiguration.java | 6 +++- .../smartgears/provider/DefaultProvider.java | 13 ++++--- .../DefaultAuthorizationProvider.java | 36 +++++++++++++++++-- 6 files changed, 56 insertions(+), 8 deletions(-) create mode 100644 gcube/extra-resources/META-INF/smartgears-config.xml diff --git a/gcube/extra-resources/META-INF/smartgears-config.xml b/gcube/extra-resources/META-INF/smartgears-config.xml new file mode 100644 index 0000000..5b56d71 --- /dev/null +++ b/gcube/extra-resources/META-INF/smartgears-config.xml @@ -0,0 +1,2 @@ + + \ No newline at end of file diff --git a/pom.xml b/pom.xml index 9e05530..d73d0bb 100644 --- a/pom.xml +++ b/pom.xml @@ -57,6 +57,11 @@ + + org.gcube.common + keycloak-client + [1.0.0,2.0.0-SNAPSHOT) + org.gcube.common diff --git a/src/main/java/org/gcube/smartgears/Constants.java b/src/main/java/org/gcube/smartgears/Constants.java index e0ec805..dc23857 100644 --- a/src/main/java/org/gcube/smartgears/Constants.java +++ b/src/main/java/org/gcube/smartgears/Constants.java @@ -28,7 +28,7 @@ public class Constants { /** * The container configuration file path, relative to the container configuration directory. */ - public static final String container_configuraton_file_path = "smartgears-node.ini"; + public static final String container_configuraton_file_path = "container.ini"; /** diff --git a/src/main/java/org/gcube/smartgears/configuration/library/SmartGearsConfiguration.java b/src/main/java/org/gcube/smartgears/configuration/library/SmartGearsConfiguration.java index f628c6a..1541837 100644 --- a/src/main/java/org/gcube/smartgears/configuration/library/SmartGearsConfiguration.java +++ b/src/main/java/org/gcube/smartgears/configuration/library/SmartGearsConfiguration.java @@ -3,14 +3,18 @@ package org.gcube.smartgears.configuration.library; import java.util.ArrayList; import java.util.List; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlRootElement; + import org.gcube.common.validator.ValidationError; import org.gcube.common.validator.Validator; import org.gcube.common.validator.ValidatorFactory; import org.gcube.common.validator.annotations.NotEmpty; +@XmlRootElement(name="smartgears") public class SmartGearsConfiguration { - @NotEmpty + @XmlAttribute @NotEmpty private String version; public SmartGearsConfiguration(){ diff --git a/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java b/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java index a113e56..334336b 100644 --- a/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java +++ b/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java @@ -349,13 +349,18 @@ public class DefaultProvider implements Provider { try { - SmartGearsConfiguration configuration = new SmartGearsConfiguration(); - configuration.version(System.getProperty("projectVersion")); - + InputStream config = getClass().getResourceAsStream(library_configuration_file_path); + + if (config == null) + throw new IllegalStateException("invalid distribution: cannot find " + library_configuration_file_path); + + SmartGearsConfigurationBinder binder = new SmartGearsConfigurationBinder(); + + SmartGearsConfiguration configuration = binder.bind(config); + configuration.validate(); return configuration; - } catch (RuntimeException e) { throw new RuntimeException("cannot read library configuration (see cause) ", e); diff --git a/src/main/java/org/gcube/smartgears/security/DefaultAuthorizationProvider.java b/src/main/java/org/gcube/smartgears/security/DefaultAuthorizationProvider.java index 82710d9..dd6a2e9 100644 --- a/src/main/java/org/gcube/smartgears/security/DefaultAuthorizationProvider.java +++ b/src/main/java/org/gcube/smartgears/security/DefaultAuthorizationProvider.java @@ -1,10 +1,26 @@ package org.gcube.smartgears.security; +import java.util.Collections; +import java.util.HashSet; +import java.util.Map; import java.util.Set; +import org.gcube.common.keycloak.KeycloakClient; +import org.gcube.common.keycloak.KeycloakClientFactory; +import org.gcube.common.keycloak.model.AccessToken.Access; +import org.gcube.common.keycloak.model.ModelUtils; +import org.gcube.common.keycloak.model.TokenResponse; +import org.gcube.common.scope.impl.ScopeBean; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class DefaultAuthorizationProvider implements AuthorizationProvider { - SimpleCredentials credentials; + private static Logger LOG = LoggerFactory.getLogger(DefaultAuthorizationProvider.class); + + private SimpleCredentials credentials; + + private KeycloakClient client = KeycloakClientFactory.newInstance(); @Override public void connect(Credentials credentials) { @@ -13,7 +29,23 @@ public class DefaultAuthorizationProvider implements AuthorizationProvider { @Override public Set getAllowedContexts() { - return null; + Set contexts = new HashSet(); + try { + TokenResponse response = client.queryOIDCToken(credentials.getClientID(), credentials.getSecret()); + Map resourceAccess = ModelUtils.getAccessTokenFrom(response).getResourceAccess(); + for (String context : resourceAccess.keySet()) { + try { + ScopeBean scope = new ScopeBean(context.replaceAll("%2F", "/")); + contexts.add(scope.toString()); + }catch (IllegalArgumentException e) { + LOG.warn("invalid context found in token: {}", context); + } + } + } catch (Exception e) { + LOG.error("error getting OIDToken from keycloak",e); + return Collections.emptySet(); + } + return contexts; } }