diff --git a/pom.xml b/pom.xml
index fdd083b..ca29b5e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -122,7 +122,6 @@
javax.xml.bind
jaxb-api
- provided
diff --git a/src/main/java/org/gcube/smartgears/configuration/AuthorizationProviderConfiguration.java b/src/main/java/org/gcube/smartgears/configuration/AuthorizationProviderConfiguration.java
new file mode 100644
index 0000000..01cda29
--- /dev/null
+++ b/src/main/java/org/gcube/smartgears/configuration/AuthorizationProviderConfiguration.java
@@ -0,0 +1,37 @@
+package org.gcube.smartgears.configuration;
+
+import org.gcube.common.security.credentials.Credentials;
+import org.gcube.common.validator.annotations.NotEmpty;
+import org.gcube.common.validator.annotations.NotNull;
+import org.gcube.smartgears.security.AuthorizationProviderFactory;
+
+public class AuthorizationProviderConfiguration {
+
+ @NotNull @NotEmpty
+ AuthorizationProviderFactory> authProviderFactory;
+
+ @NotNull @NotEmpty
+ Credentials credentials;
+
+ public AuthorizationProviderConfiguration(AuthorizationProviderFactory> authProviderFactory,
+ Credentials credentials) {
+ super();
+ this.authProviderFactory = authProviderFactory;
+ this.credentials = credentials;
+ }
+
+ public AuthorizationProviderFactory> getAuthProviderFactory() {
+ return authProviderFactory;
+ }
+
+ public Credentials getCredentials() {
+ return credentials;
+ }
+
+ @Override
+ public String toString() {
+ return "AuthorizationProviderConfiguration [authProviderFactory=" + authProviderFactory.getClass() + "]";
+ }
+
+
+}
diff --git a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java
index 6744a73..c749e9f 100644
--- a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java
+++ b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfiguration.java
@@ -12,6 +12,7 @@ import org.gcube.common.validator.ValidatorFactory;
import org.gcube.common.validator.annotations.IsValid;
import org.gcube.common.validator.annotations.NotEmpty;
import org.gcube.common.validator.annotations.NotNull;
+import org.gcube.smartgears.configuration.AuthorizationProviderConfiguration;
import org.gcube.smartgears.configuration.Mode;
import org.gcube.smartgears.configuration.ProxyAddress;
import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
@@ -26,8 +27,6 @@ import org.gcube.smartgears.security.AuthorizationProvider;
*/
public class ContainerConfiguration {
-
-
@NotNull @IsValid
private BaseConfiguration baseConfiguration;
@@ -45,12 +44,13 @@ public class ContainerConfiguration {
private List apps = new ArrayList();
+
@NotNull @IsValid
private PersistenceWriter persistenceManager;
@NotNull @IsValid
- private AuthorizationProvider authorizationProvider;
+ private AuthorizationProviderConfiguration authorizationConfiguration;
protected void setBaseConfiguration(BaseConfiguration baseConfiguration) {
@@ -77,8 +77,13 @@ public class ContainerConfiguration {
this.persistenceManager = persistenceManager;
}
- protected void setAuthorizationProvider(AuthorizationProvider authorizationProvider) {
- this.authorizationProvider = authorizationProvider;
+ protected void setAuthorizationProviderConfiguration(
+ AuthorizationProviderConfiguration authorizationConfiguration) {
+ this.authorizationConfiguration = authorizationConfiguration;
+ }
+
+ public void setApps(List apps) {
+ this.apps = apps;
}
/**
@@ -178,14 +183,6 @@ public class ContainerConfiguration {
return baseConfiguration.isAuthorizeChildrenContext();
}
- /**
- * Returns the credentials.
- * @return the credentials
- */
- public AuthorizationProvider authorizationProvider() {
- return authorizationProvider;
- }
-
/**
* Returns the proxy of the container.
* @return the proxy
@@ -211,6 +208,14 @@ public class ContainerConfiguration {
return accountingFallbackLocation;
}
+ /**
+ * Returns the authorization configuration.
+ * @return AuthorizationProviderConfiguration the configuration
+ */
+ public AuthorizationProviderConfiguration getauthorizationConfiguration() {
+ return authorizationConfiguration;
+ }
+
/**
* Returns the configuration properties of the container.
* @return the properties
@@ -251,7 +256,7 @@ public class ContainerConfiguration {
return "ContainerConfiguration [baseConfiguration=" + baseConfiguration + ", properties=" + properties
+ ", site=" + site + ", proxy=" + proxy + ", accountingFallbackLocation=" + accountingFallbackLocation
+ ", persistenceManager=" + persistenceManager.getClass().getSimpleName()
- + ", authorizationProvider=" + authorizationProvider.getClass().getSimpleName() + "]";
+ + ", authorizationProvider=" + authorizationConfiguration + "]";
}
diff --git a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java
index 95cc640..14d3f68 100644
--- a/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java
+++ b/src/main/java/org/gcube/smartgears/configuration/container/ContainerConfigurationBinder.java
@@ -9,6 +9,7 @@ import java.util.Map.Entry;
import java.util.stream.Collectors;
import org.gcube.common.security.credentials.Credentials;
+import org.gcube.smartgears.configuration.AuthorizationProviderConfiguration;
import org.gcube.smartgears.configuration.ProxyAddress;
import org.gcube.smartgears.handlers.container.ContainerHandler;
import org.gcube.smartgears.handlers.container.lifecycle.AccountingManager;
@@ -139,10 +140,8 @@ public class ContainerConfigurationBinder {
throw new Exception("ini file error: invalid credentials type in \"authorization\" section", e);
}
authorizationSection.to(credentials, "credentials.");
-
- AuthorizationProvider authProvider = authProviderFactory.connect(credentials);
-
- conf.setAuthorizationProvider(authProvider);
+
+ conf.setAuthorizationProviderConfiguration(new AuthorizationProviderConfiguration(authProviderFactory, credentials));
}
}
diff --git a/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java b/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java
index d213e29..399cead 100644
--- a/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java
+++ b/src/main/java/org/gcube/smartgears/context/application/ApplicationContext.java
@@ -8,6 +8,7 @@ import org.gcube.smartgears.context.Properties;
import org.gcube.smartgears.context.container.ContainerContext;
import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;
/**
* The management context of an application.
@@ -75,6 +76,11 @@ public interface ApplicationContext {
* @return the properties
*/
Properties properties();
-
+
+ /**
+ * Returns the authorization provider.
+ * @return the AuhtorizationProvider
+ **/
+ AuthorizationProvider authorizationProvider();
}
diff --git a/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java b/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java
index 2592ca9..386d330 100644
--- a/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java
+++ b/src/main/java/org/gcube/smartgears/context/application/DefaultApplicationContext.java
@@ -8,6 +8,7 @@ import org.gcube.smartgears.context.Properties;
import org.gcube.smartgears.context.container.ContainerContext;
import org.gcube.smartgears.lifecycle.application.ApplicationLifecycle;
import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;
/**
* Default {@link ApplicationContext} implementation.
@@ -87,6 +88,8 @@ public class DefaultApplicationContext implements ApplicationContext {
return configuration.persistence();
}
+
+
@Override
public Properties properties() {
return properties;
@@ -97,4 +100,12 @@ public class DefaultApplicationContext implements ApplicationContext {
return id;
}
+ /**
+ * Returns the authorization provider.
+ * @return the AuhtorizationProvider
+ **/
+ public AuthorizationProvider authorizationProvider() {
+ return container().authorizationProvider();
+ }
+
}
diff --git a/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java b/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java
index 3eecf4a..9cc70da 100644
--- a/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java
+++ b/src/main/java/org/gcube/smartgears/context/container/ContainerContext.java
@@ -1,11 +1,11 @@
package org.gcube.smartgears.context.container;
import org.gcube.common.events.Hub;
-import org.gcube.common.resources.gcore.HostingNode;
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
import org.gcube.smartgears.context.Properties;
import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;
/**
* The management context of the container.
@@ -48,5 +48,7 @@ public interface ContainerContext {
Properties properties();
String id();
+
+ AuthorizationProvider authorizationProvider();
}
diff --git a/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java b/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java
index 64fbfac..0cf4ad4 100644
--- a/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java
+++ b/src/main/java/org/gcube/smartgears/context/container/DefaultContainerContext.java
@@ -8,6 +8,7 @@ import org.gcube.smartgears.configuration.container.ContainerConfiguration;
import org.gcube.smartgears.context.Properties;
import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
import org.gcube.smartgears.persistence.PersistenceWriter;
+import org.gcube.smartgears.security.AuthorizationProvider;
/**
* Default {@link ContainerContext} implementation.
@@ -21,6 +22,7 @@ public class DefaultContainerContext implements ContainerContext {
private final ContainerLifecycle lifecycle;
private final Properties properties;
private final Hub hub;
+ private final AuthorizationProvider authorizationProvider;
private final String id;
/**
* Creates an instance with mandatory parameters.
@@ -29,13 +31,14 @@ public class DefaultContainerContext implements ContainerContext {
* @param lifecycle the lifecycle
* @param properties the properties
*/
- public DefaultContainerContext(String id,ContainerConfiguration configuration, Hub hub, ContainerLifecycle lifecycle,
+ public DefaultContainerContext(String id,ContainerConfiguration configuration, Hub hub, ContainerLifecycle lifecycle, AuthorizationProvider authProvider,
Properties properties) {
this.id = id;
this.configuration=configuration;
this.hub=hub;
this.lifecycle = lifecycle;
this.properties=properties;
+ this.authorizationProvider = authProvider;
}
public HostingNode profile() {
@@ -72,6 +75,8 @@ public class DefaultContainerContext implements ContainerContext {
return id;
}
-
+ public AuthorizationProvider authorizationProvider() {
+ return authorizationProvider;
+ }
}
diff --git a/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java b/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java
index 5528d18..25d2cf1 100644
--- a/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/lifecycle/ApplicationProfileManager.java
@@ -124,7 +124,7 @@ public class ApplicationProfileManager extends ApplicationLifecycleHandler {
publishers.forEach(p -> {
try {
p.create(context,
- context.container().configuration().authorizationProvider().getContexts());
+ context.container().authorizationProvider().getContexts());
}catch (Exception e) {
log.error("cannot publish {} for first time with publisher type {} (see details)",context.name(), p.getClass().getCanonicalName(), e);
}
diff --git a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
index 28a80ea..1ec7266 100644
--- a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
@@ -95,7 +95,7 @@ public class RequestValidator extends RequestHandler {
ContextBean bean = new ContextBean(context);
ContainerConfiguration conf = appContext.container().configuration();
- Set allowedContexts =conf.authorizationProvider().getContexts();
+ Set allowedContexts =appContext.authorizationProvider().getContexts();
if (!allowedContexts.contains(context) &&
!(conf.authorizeChildrenContext() && bean.is(Type.VRE)
&& allowedContexts.contains(bean.enclosingScope().toString()) ) ) {
@@ -140,7 +140,7 @@ public class RequestValidator extends RequestHandler {
Secret secret = null;
if (accessToken!=null) {
secret = new AccessTokenSecret(accessToken);
- SimpleCredentials credentials = (SimpleCredentials)appContext.container().configuration().authorizationProvider().getCredentials();
+ SimpleCredentials credentials = (SimpleCredentials)appContext.authorizationProvider().getCredentials();
KeycloakClient client = KeycloakClientFactory.newInstance();
try {
if(!client.isAccessTokenVerified(secret.getContext(), credentials.getClientID(), credentials.getSecret(), accessToken))
diff --git a/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java b/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java
index 80adbd9..58440b0 100644
--- a/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java
+++ b/src/main/java/org/gcube/smartgears/handlers/container/lifecycle/ContainerProfileManager.java
@@ -111,7 +111,7 @@ public class ContainerProfileManager extends ContainerHandler {
publishers.forEach(p -> {
try {
p.create(context,
- context.configuration().authorizationProvider().getContexts());
+ context.authorizationProvider().getContexts());
}catch (Exception e) {
log.error("cannot publish container for first time with publisher type {} (see details)", p.getClass().getCanonicalName(), e);
}
diff --git a/src/main/java/org/gcube/smartgears/managers/ContainerManager.java b/src/main/java/org/gcube/smartgears/managers/ContainerManager.java
index 4dc0bb3..5db0195 100644
--- a/src/main/java/org/gcube/smartgears/managers/ContainerManager.java
+++ b/src/main/java/org/gcube/smartgears/managers/ContainerManager.java
@@ -102,7 +102,7 @@ public class ContainerManager {
Set foundContexts;
try {
- foundContexts = context.configuration().authorizationProvider().getContexts();
+ foundContexts = context.authorizationProvider().getContexts();
} catch (Exception e) {
log.error("error authorizing container",e);
throw new RuntimeException("error authorizing container, moving the container to failed",e);
diff --git a/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java b/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java
index cfc6eb9..6b092bd 100644
--- a/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java
+++ b/src/main/java/org/gcube/smartgears/provider/DefaultProvider.java
@@ -25,6 +25,7 @@ import javax.servlet.ServletContext;
import org.gcube.common.events.Hub;
import org.gcube.common.events.impl.DefaultHub;
+import org.gcube.common.security.credentials.Credentials;
import org.gcube.smartgears.configuration.application.ApplicationConfiguration;
import org.gcube.smartgears.configuration.application.ApplicationConfigurationBinder;
import org.gcube.smartgears.configuration.application.ApplicationExtensions;
@@ -45,6 +46,7 @@ import org.gcube.smartgears.lifecycle.container.ContainerLifecycle;
import org.gcube.smartgears.publishing.Publisher;
import org.gcube.smartgears.publishing.SmartgearsProfilePublisher;
import org.gcube.smartgears.security.AuthorizationProvider;
+import org.gcube.smartgears.security.AuthorizationProviderFactory;
import org.gcube.smartgears.utils.Utils;
import org.reflections.Reflections;
import org.reflections.scanners.SubTypesScanner;
@@ -107,7 +109,12 @@ public class DefaultProvider implements Provider {
}
- containerContext = new DefaultContainerContext(id, configuration, hub, lifecycle, new Properties());
+ AuthorizationProviderFactory> authfactory = configuration.getauthorizationConfiguration().getAuthProviderFactory();
+ Credentials credentials = configuration.getauthorizationConfiguration().getCredentials();
+
+ AuthorizationProvider authProvider = authfactory.connect(credentials);
+
+ containerContext = new DefaultContainerContext(id, configuration, hub, lifecycle, authProvider, new Properties());
}
return containerContext;
}
@@ -373,10 +380,11 @@ public class DefaultProvider implements Provider {
return this.publishers;
}
-
+/*
@Override
public AuthorizationProvider authorizationProvider() {
- return containerContext.configuration().authorizationProvider();
+ return containerContext.authorizationProvider();
}
-
+*/
+
}
diff --git a/src/main/java/org/gcube/smartgears/provider/Provider.java b/src/main/java/org/gcube/smartgears/provider/Provider.java
index 1f95b22..3b6b694 100644
--- a/src/main/java/org/gcube/smartgears/provider/Provider.java
+++ b/src/main/java/org/gcube/smartgears/provider/Provider.java
@@ -72,11 +72,6 @@ public interface Provider {
* @return the extensions
*/
ApplicationExtensions extensionsFor(ApplicationContext application);
-
- /**
- * Returns the authorization provider for this node
- * @return the AuthorizationProvider implementation
- */
- AuthorizationProvider authorizationProvider();
+
}