Added provider inspection to get the current context
This commit is contained in:
parent
d668721d09
commit
c4a4381fdd
4
pom.xml
4
pom.xml
|
@ -58,6 +58,10 @@
|
|||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>gcube-jackson-databind</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>keycloak-client</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Test libraries -->
|
||||
<dependency>
|
||||
|
|
|
@ -8,8 +8,12 @@ import org.gcube.com.fasterxml.jackson.databind.JsonNode;
|
|||
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.gcube.com.fasterxml.jackson.databind.node.ArrayNode;
|
||||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.keycloak.model.AccessToken;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.common.scope.impl.ScopeBean;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* @author Luca Frosini (ISTI - CNR)
|
||||
|
@ -17,34 +21,69 @@ import org.gcube.common.scope.impl.ScopeBean;
|
|||
@SuppressWarnings("deprecation")
|
||||
public class ContextUtility {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(ContextUtility.class);
|
||||
|
||||
public static String getCurrentContextFullName() {
|
||||
String context = ScopeProvider.instance.get();
|
||||
if(context==null) {
|
||||
logger.trace("ScopeProvider is null. Going to get context from AccessTokenProvider.");
|
||||
String token = AccessTokenProvider.instance.get();
|
||||
String realUmaTokenEncoded = token.split("\\.")[1];
|
||||
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
JsonNode tokenJsonNode = mapper.readTree(realUmaToken);
|
||||
JsonNode jsonNode = tokenJsonNode.get("aud");
|
||||
if(jsonNode.isArray()) {
|
||||
ArrayNode arrayNode = (ArrayNode) jsonNode;
|
||||
for (JsonNode aud : arrayNode) {
|
||||
if (aud != null && aud.isTextual() && aud.asText().compareTo("") != 0) {
|
||||
String audience = aud.asText();
|
||||
String contextToBeValidated = URLDecoder.decode(audience, StandardCharsets.UTF_8.toString());
|
||||
ScopeBean scopeBean = new ScopeBean(contextToBeValidated);
|
||||
context = scopeBean.toString();
|
||||
return context;
|
||||
if(token!=null) {
|
||||
String realUmaTokenEncoded = token.split("\\.")[1];
|
||||
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
JsonNode tokenJsonNode = mapper.readTree(realUmaToken);
|
||||
JsonNode jsonNode = tokenJsonNode.get("aud");
|
||||
if(jsonNode.isArray()) {
|
||||
ArrayNode arrayNode = (ArrayNode) jsonNode;
|
||||
for (JsonNode aud : arrayNode) {
|
||||
if (aud != null && aud.isTextual() && aud.asText().compareTo("") != 0) {
|
||||
String audience = aud.asText();
|
||||
String contextToBeValidated = URLDecoder.decode(audience, StandardCharsets.UTF_8.toString());
|
||||
ScopeBean scopeBean = new ScopeBean(contextToBeValidated);
|
||||
context = scopeBean.toString();
|
||||
return context;
|
||||
}
|
||||
}
|
||||
}
|
||||
if(jsonNode.isTextual()) {
|
||||
return jsonNode.asText();
|
||||
}
|
||||
throw new Exception("Unable to get Current Context");
|
||||
}catch (Exception e) {
|
||||
new RuntimeException(e);
|
||||
}
|
||||
if(jsonNode.isTextual()) {
|
||||
return jsonNode.asText();
|
||||
}else {
|
||||
logger.trace("ScopeProvider AND AccessTokenProvider are null. Going to get context from SecurityTokenProvider.");
|
||||
token = SecurityTokenProvider.instance.get();
|
||||
if(token!=null) {
|
||||
String realUmaTokenEncoded = token.split("\\.")[1];
|
||||
String realUmaToken = new String(Base64.getDecoder().decode(realUmaTokenEncoded.getBytes()));
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
try {
|
||||
AccessToken accessToken = mapper.readValue(realUmaToken, AccessToken.class);
|
||||
String[] audience = accessToken.getAudience();
|
||||
for (String aud : audience) {
|
||||
if (aud != null && aud.compareTo("") != 0) {
|
||||
try {
|
||||
String contextToBeValidated = URLDecoder.decode(aud, StandardCharsets.UTF_8.toString());
|
||||
ScopeBean scopeBean = new ScopeBean(contextToBeValidated);
|
||||
context = scopeBean.toString();
|
||||
return context;
|
||||
} catch (Exception e) {
|
||||
// logger.trace("Invalid context name for audience {} in access token. Trying next one if any.", aud, e);
|
||||
}
|
||||
}
|
||||
}
|
||||
throw new Exception("Unable to find valid context in audience: " + audience.toString());
|
||||
}catch(Exception e){
|
||||
throw new RuntimeException("Error parsing JWT token.", e);
|
||||
}
|
||||
}else {
|
||||
logger.trace("ScopeProvider, AccessTokenProvider AND SecurityTokenProvider are null. There is no other possibility to get the context.");
|
||||
throw new RuntimeException("ScopeProvider, AccessTokenProvider AND SecurityTokenProvider are null. There is no other possibility to get the context.");
|
||||
}
|
||||
throw new Exception("Unable to get Current Context");
|
||||
}catch (Exception e) {
|
||||
new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
return context;
|
||||
|
|
Loading…
Reference in New Issue