AuthorizationProvider moved from Configuration to context

1 year ago · d12e4a33b2
parent de2c95f134
commit d12e4a33b2
14 changed files with 105 additions and 38 deletions
--- a/pom.xml
+++ b/pom.xml
@ -122,7 +122,6 @@
 		<dependency>
   			<groupId>javax.xml.bind</groupId>
   			<artifactId>jaxb-api</artifactId>
-   			<scope>provided</scope>
 		</dependency>
 		<!-- END Added to support Java 11 JDK -->

--- a/src/main/java/org/gcube/smartgears/configuration/AuthorizationProviderConfiguration.java
+++ b/src/main/java/org/gcube/smartgears/configuration/AuthorizationProviderConfiguration.java
@ -0,0 +1,37 @@
+package org.gcube.smartgears.configuration;
+
+import org.gcube.common.security.credentials.Credentials;
+import org.gcube.common.validator.annotations.NotEmpty;
+import org.gcube.common.validator.annotations.NotNull;
+import org.gcube.smartgears.security.AuthorizationProviderFactory;
+
+public class AuthorizationProviderConfiguration {
+
+	@NotNull @NotEmpty
+	AuthorizationProviderFactory<?> authProviderFactory;
+	
+	@NotNull @NotEmpty
+	Credentials credentials;
+	
+	public AuthorizationProviderConfiguration(AuthorizationProviderFactory<?> authProviderFactory,
+			Credentials credentials) {
+		super();
+		this.authProviderFactory = authProviderFactory;
+		this.credentials = credentials;
+	}
+
+	public AuthorizationProviderFactory<?> getAuthProviderFactory() {
+		return authProviderFactory;
+	}
+
+	public Credentials getCredentials() {
+		return credentials;
+	}
+
+	@Override
+	public String toString() {
+		return "AuthorizationProviderConfiguration [authProviderFactory=" + authProviderFactory.getClass() + "]";
+	}
+	
+	
+}
--- a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java
+++ b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java
@ -12,6 +12,7 @@ import org.gcube.common.validator.ValidatorFactory;
 import org.gcube.common.validator.annotations.IsValid;
 import org.gcube.common.validator.annotations.NotEmpty;
 import org.gcube.common.validator.annotations.NotNull;
+import org.gcube.smartgears.configuration.AuthorizationProviderConfiguration;
 import org.gcube.smartgears.configuration.Mode;
 import org.gcube.smartgears.configuration.ProxyAddress;
 import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
@ -26,8 +27,6 @@ import org.gcube.smartgears.security.AuthorizationProvider;
 */
 public class ContainerConfiguration {

-
-
 	@NotNull  @IsValid
 	private BaseConfiguration baseConfiguration;

@ -45,12 +44,13 @@ public class ContainerConfiguration {

 	private List<ApplicationConfiguration> apps = new ArrayList<ApplicationConfiguration>();

+	

 	@NotNull @IsValid
 	private PersistenceWriter persistenceManager;

 	@NotNull @IsValid
-	private AuthorizationProvider authorizationProvider;
+	private AuthorizationProviderConfiguration authorizationConfiguration;
 	
 	
 	protected void setBaseConfiguration(BaseConfiguration baseConfiguration) {
@ -77,8 +77,13 @@ public class ContainerConfiguration {
 		this.persistenceManager = persistenceManager;
 	}

-	protected void setAuthorizationProvider(AuthorizationProvider authorizationProvider) {
-		this.authorizationProvider = authorizationProvider;
+	protected void setAuthorizationProviderConfiguration(
+			AuthorizationProviderConfiguration authorizationConfiguration) {
+		this.authorizationConfiguration = authorizationConfiguration;
+	}
+
+	public void setApps(List<ApplicationConfiguration> apps) {
+		this.apps = apps;
 	}

 	/**
@ -178,14 +183,6 @@ public class ContainerConfiguration {
 		return baseConfiguration.isAuthorizeChildrenContext();
 	}

-	/**
-	 * Returns the credentials.
-	 * @return the credentials
-	 */
-	public AuthorizationProvider authorizationProvider() {
-		return authorizationProvider;
-	}
-
 	/**
 	 * Returns the proxy of the container.
 	 * @return the proxy
@ -211,6 +208,14 @@ public class ContainerConfiguration {
 		return accountingFallbackLocation;
 	}

+	/**
+	 * Returns the authorization configuration.
+	 * @return AuthorizationProviderConfiguration the configuration
+	 */
+	public AuthorizationProviderConfiguration getauthorizationConfiguration() {
+		return authorizationConfiguration;
+	}
+	
 	/**
 	 * Returns the configuration properties of the container.
 	 * @return the properties
@ -251,7 +256,7 @@ public class ContainerConfiguration {
 		return "ContainerConfiguration [baseConfiguration=" + baseConfiguration + ", properties=" + properties
 				+ ", site=" + site + ", proxy=" + proxy + ", accountingFallbackLocation=" + accountingFallbackLocation
 				+ ", persistenceManager=" + persistenceManager.getClass().getSimpleName()
-				+ ", authorizationProvider=" + authorizationProvider.getClass().getSimpleName() + "]";
+				+ ", authorizationProvider=" + authorizationConfiguration + "]";
 	}

 	
--- a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java
+++ b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java
@ -9,6 +9,7 @@ import java.util.Map.Entry;
 import java.util.stream.Collectors;

 import org.gcube.common.security.credentials.Credentials;
+import org.gcube.smartgears.configuration.AuthorizationProviderConfiguration;
 import org.gcube.smartgears.configuration.ProxyAddress;
 import org.gcube.smartgears.handlers.container.ContainerHandler;
 import org.gcube.smartgears.handlers.container.lifecycle.AccountingManager;
@ -139,10 +140,8 @@ public class ContainerConfigurationBinder {
 				throw new Exception("ini file error: invalid credentials type in \"authorization\" section", e);
 			}
 			authorizationSection.to(credentials, "credentials.");
-			
-			AuthorizationProvider authProvider = authProviderFactory.connect(credentials);
-			
-			conf.setAuthorizationProvider(authProvider);	
+									
+			conf.setAuthorizationProviderConfiguration(new AuthorizationProviderConfiguration(authProviderFactory, credentials));	
 		}
 	}
 	
--- a/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java
+++ b/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java
@ -8,6 +8,7 @@ import org.gcube.smartgears.context.Properties;
 import org.gcube.smartgears.context.container.ContainerContext;
 import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
 import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;

 /**
 * The management context of an application.
@ -75,6 +76,11 @@ public interface ApplicationContext {
 	 * @return the properties
 	 */
 	Properties properties();
-
+	
+	/**
+	 * Returns the authorization provider.
+	 * @return the AuhtorizationProvider 
+	 **/
+	AuthorizationProvider authorizationProvider(); 

 }
--- a/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java
+++ b/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java
@ -8,6 +8,7 @@ import org.gcube.smartgears.context.Properties;
 import org.gcube.smartgears.context.container.ContainerContext;
 import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
 import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;

 /**
 * Default {@link ApplicationContext} implementation.
@ -87,6 +88,8 @@ public class DefaultApplicationContext implements ApplicationContext {
 		return configuration.persistence();
 	}

+	
+	
 	@Override
 	public Properties properties() {
 		return properties;
@ -97,4 +100,12 @@ public class DefaultApplicationContext implements ApplicationContext {
 		return id;
 	}

+	/**
+	 * Returns the authorization provider.
+	 * @return the AuhtorizationProvider 
+	 **/
+	public AuthorizationProvider authorizationProvider() {
+		return container().authorizationProvider();
+	}
+	
 }
--- a/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java
+++ b/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java
@ -1,11 +1,11 @@
 package org.gcube.smartgears.context.container;

 import org.gcube.common.events.Hub;
-import org.gcube.common.resources.gcore.HostingNode;
 import org.gcube.smartgears.configuration.container.ContainerConfiguration;
 import org.gcube.smartgears.context.Properties;
 import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
 import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;

 /**
 * The management context of the container.
@ -48,5 +48,7 @@ public interface ContainerContext {
 	Properties properties();
 	
 	String id();
+
 	
+	AuthorizationProvider authorizationProvider();
 }
--- a/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java
+++ b/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java
@ -8,6 +8,7 @@ import org.gcube.smartgears.configuration.container.ContainerConfiguration;
 import org.gcube.smartgears.context.Properties;
 import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
 import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;

 /**
 * Default {@link ContainerContext} implementation.
@ -21,6 +22,7 @@ public class DefaultContainerContext implements ContainerContext {
 	private final ContainerLifecycle lifecycle;
 	private final Properties properties;
 	private final Hub hub;
+	private final AuthorizationProvider authorizationProvider;
 	private final String id;
 	/**
 	 * Creates an instance with mandatory parameters.
@ -29,13 +31,14 @@ public class DefaultContainerContext implements ContainerContext {
 	 * @param lifecycle the lifecycle
 	 * @param properties the properties
 	 */
-	public DefaultContainerContext(String id,ContainerConfiguration configuration, Hub hub, ContainerLifecycle lifecycle, 
+	public DefaultContainerContext(String id,ContainerConfiguration configuration, Hub hub, ContainerLifecycle lifecycle, AuthorizationProvider authProvider,
 			Properties properties) {
 		this.id = id;		
 		this.configuration=configuration;
 		this.hub=hub;
 		this.lifecycle = lifecycle;
 		this.properties=properties;
+		this.authorizationProvider = authProvider;
 	}

 	public HostingNode profile() {
@ -72,6 +75,8 @@ public class DefaultContainerContext implements ContainerContext {
 		return id;
 	}
 	
-	
+	public AuthorizationProvider authorizationProvider() {
+		return authorizationProvider;
+	}
 	
 }
--- a/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java
@ -124,7 +124,7 @@ public class ApplicationProfileManager extends ApplicationLifecycleHandler {
 						publishers.forEach(p -> { 
 							try {
 								p.create(context, 
-										context.container().configuration().authorizationProvider().getContexts());
+										context.container().authorizationProvider().getContexts());
 							}catch (Exception e) {
 								log.error("cannot publish {} for first time with publisher type {} (see details)",context.name(), p.getClass().getCanonicalName(), e);
 							}
--- a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
@ -95,7 +95,7 @@ public class RequestValidator extends RequestHandler {
 		ContextBean bean = new ContextBean(context);

 		ContainerConfiguration conf = appContext.container().configuration();
-		Set<String> allowedContexts =conf.authorizationProvider().getContexts();
+		Set<String> allowedContexts =appContext.authorizationProvider().getContexts();
 		if (!allowedContexts.contains(context) && 
 				!(conf.authorizeChildrenContext() && bean.is(Type.VRE) 
 						&& allowedContexts.contains(bean.enclosingScope().toString()) ) ) {
@ -140,7 +140,7 @@ public class RequestValidator extends RequestHandler {
 		Secret secret = null;
 		if (accessToken!=null) {
 			secret = new AccessTokenSecret(accessToken);
-			SimpleCredentials credentials = (SimpleCredentials)appContext.container().configuration().authorizationProvider().getCredentials();
+			SimpleCredentials credentials = (SimpleCredentials)appContext.authorizationProvider().getCredentials();
 			KeycloakClient client = KeycloakClientFactory.newInstance();
 			try {
 				if(!client.isAccessTokenVerified(secret.getContext(), credentials.getClientID(), credentials.getSecret(), accessToken))
--- a/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java
+++ b/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java
@ -111,7 +111,7 @@ public class ContainerProfileManager extends ContainerHandler {
 						publishers.forEach(p -> { 
 							try {
 								p.create(context, 
-										context.configuration().authorizationProvider().getContexts());
+										context.authorizationProvider().getContexts());
 							}catch (Exception e) {
 								log.error("cannot publish container for first time with publisher type {} (see details)", p.getClass().getCanonicalName(), e);
 							}
--- a/src/main/java/org/gcube/smartgears/managers/ContainerManager.java
+++ b/src/main/java/org/gcube/smartgears/managers/ContainerManager.java
@ -102,7 +102,7 @@ public class ContainerManager {
 		Set<String> foundContexts;
 						
 		try {
-			foundContexts = context.configuration().authorizationProvider().getContexts();
+			foundContexts = context.authorizationProvider().getContexts();
 		} catch (Exception e) {
 			log.error("error authorizing container",e);
 			throw new RuntimeException("error authorizing container, moving the container to failed",e);
--- a/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java
+++ b/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java
@ -25,6 +25,7 @@ import javax.servlet.ServletContext;

 import org.gcube.common.events.Hub;
 import org.gcube.common.events.impl.DefaultHub;
+import org.gcube.common.security.credentials.Credentials;
 import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
 import org.gcube.smartgears.configuration.application.ApplicationConfigurationBinder;
 import org.gcube.smartgears.configuration.application.ApplicationExtensions;
@ -45,6 +46,7 @@ import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
 import org.gcube.smartgears.publishing.Publisher;
 import org.gcube.smartgears.publishing.SmartgearsProfilePublisher;
 import org.gcube.smartgears.security.AuthorizationProvider;
+import org.gcube.smartgears.security.AuthorizationProviderFactory;
 import org.gcube.smartgears.utils.Utils;
 import org.reflections.Reflections;
 import org.reflections.scanners.SubTypesScanner;
@ -107,7 +109,12 @@ public class DefaultProvider implements Provider {

 			} 

-			containerContext =  new DefaultContainerContext(id, configuration, hub, lifecycle, new Properties());
+			AuthorizationProviderFactory<?> authfactory = configuration.getauthorizationConfiguration().getAuthProviderFactory();
+			Credentials credentials = configuration.getauthorizationConfiguration().getCredentials();
+			
+			AuthorizationProvider authProvider = authfactory.connect(credentials);
+			
+			containerContext =  new DefaultContainerContext(id, configuration, hub, lifecycle, authProvider, new Properties());
 		}
 		return containerContext;
 	}
@ -373,10 +380,11 @@ public class DefaultProvider implements Provider {
 		return this.publishers;
 	}

-
+/*
 	@Override
 	public AuthorizationProvider authorizationProvider() {
-		return containerContext.configuration().authorizationProvider();
+		return containerContext.authorizationProvider();
 	}
-
+*/
+	
 }
--- a/src/main/java/org/gcube/smartgears/provider/Provider.java
+++ b/src/main/java/org/gcube/smartgears/provider/Provider.java
@ -72,11 +72,6 @@ public interface Provider {
 	 * @return the extensions
 	 */
 	ApplicationExtensions extensionsFor(ApplicationContext application);
-			
-	/**
-	 * Returns the authorization provider for this node
-	 * @return the AuthorizationProvider implementation
-	 */
-	AuthorizationProvider authorizationProvider();
+	

 }