From e1423021d931c708ea7750e6e2f0d4b4b1cf9bf3 Mon Sep 17 00:00:00 2001 From: Luca Frosini Date: Tue, 30 Nov 2021 11:48:35 +0100 Subject: [PATCH] Stated switching to new authz --- pom.xml | 6 ++ .../org/gcube/gcat/social/SocialPost.java | 2 +- .../java/org/gcube/gcat/utils/Constants.java | 59 +++++++++++++++---- .../CatalogueStorageHubManagement.java | 12 ++-- src/test/resources/.gitignore | 7 +-- 5 files changed, 64 insertions(+), 22 deletions(-) diff --git a/pom.xml b/pom.xml index afbfc8b..2cb36e9 100644 --- a/pom.xml +++ b/pom.xml @@ -149,6 +149,12 @@ storagehub-application-persistence [1.0.0,2.0.0-SNAPSHOT) + + + org.gcube.common + keycloak-client + [1.0.0,2.0.0-SNAPSHOT) + io.taliox diff --git a/src/main/java/org/gcube/gcat/social/SocialPost.java b/src/main/java/org/gcube/gcat/social/SocialPost.java index 75c8ed2..2f0bd87 100644 --- a/src/main/java/org/gcube/gcat/social/SocialPost.java +++ b/src/main/java/org/gcube/gcat/social/SocialPost.java @@ -183,7 +183,7 @@ public class SocialPost extends Thread { GXHTTPStringRequest gxhttpStringRequest = GXHTTPStringRequest.newRequest(basePath); gxhttpStringRequest.from(Constants.CATALOGUE_NAME); gxhttpStringRequest.header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON); - gxhttpStringRequest.setSecurityToken(Constants.getCatalogueApplicationToken()); + gxhttpStringRequest.setSecurityToken(Constants.getSecurityToken()); gxhttpStringRequest.path(SOCIAL_SERVICE_WRITE_APPLICATION_POST_PATH); HttpURLConnection httpURLConnection = gxhttpStringRequest.post(objectMapper.writeValueAsString(objectNode)); diff --git a/src/main/java/org/gcube/gcat/utils/Constants.java b/src/main/java/org/gcube/gcat/utils/Constants.java index ff97647..3ca8588 100644 --- a/src/main/java/org/gcube/gcat/utils/Constants.java +++ b/src/main/java/org/gcube/gcat/utils/Constants.java @@ -9,6 +9,9 @@ import java.util.Properties; import javax.ws.rs.InternalServerErrorException; import javax.ws.rs.WebApplicationException; +import org.gcube.common.keycloak.KeycloakClientFactory; +import org.gcube.common.keycloak.model.TokenResponse; + /** * @author Luca Frosini (ISTI - CNR) */ @@ -17,22 +20,12 @@ public class Constants { public static final String CATALOGUE_NAME = "gCat"; private static final String PROPERTY_FILENAME = "config.properties"; - /* * Key : Context * Value : Application Token */ protected static final Map applicationTokens; - public static String getCatalogueApplicationToken() { - try { - return applicationTokens.get(ContextUtility.getCurrentContext()); - } catch(Exception e) { - throw new InternalServerErrorException( - "Unable to retrieve Application Token for context " + ContextUtility.getCurrentContext(), e); - } - } - static { try { applicationTokens = new HashMap<>(); @@ -50,4 +43,50 @@ public class Constants { throw new WebApplicationException(e); } } + + @Deprecated + public static String getCatalogueApplicationToken() { + try { + return applicationTokens.get(ContextUtility.getCurrentContext()); + } catch(Exception e) { + throw new InternalServerErrorException( + "Unable to retrieve Application Token for context " + ContextUtility.getCurrentContext(), e); + } + } + + private static final String CLIENT_SECRET_FILENAME = "clientSecret"; + private static final String CLIENT_ID = "gcat"; + protected static String clientSecret; + + private static String getClientSecret(String context) { + try { + if(clientSecret==null) { + Properties properties = new Properties(); + InputStream input = Constants.class.getClassLoader().getResourceAsStream(CLIENT_SECRET_FILENAME); + properties.load(input); + String root = context.substring(0, context.indexOf('/', 1)); + clientSecret = properties.getProperty(root); + } + return clientSecret; + } catch(Exception e) { + throw new InternalServerErrorException( + "Unable to retrieve Application Token for context " + ContextUtility.getCurrentContext(), e); + } + } + + public static String getJWTAccessToken() throws Exception { + String contextToAuthorise = ContextUtility.getCurrentContext(); + TokenResponse tr = KeycloakClientFactory.newInstance().queryUMAToken(CLIENT_ID, getClientSecret(contextToAuthorise), contextToAuthorise, null); + return tr.getAccessToken(); + } + + + public static String getSecurityToken() throws Exception { + try { + return getJWTAccessToken(); + }catch (Exception e) { + return getCatalogueApplicationToken(); + } + } + } diff --git a/src/main/java/org/gcube/gcat/workspace/CatalogueStorageHubManagement.java b/src/main/java/org/gcube/gcat/workspace/CatalogueStorageHubManagement.java index c1f8749..763f268 100644 --- a/src/main/java/org/gcube/gcat/workspace/CatalogueStorageHubManagement.java +++ b/src/main/java/org/gcube/gcat/workspace/CatalogueStorageHubManagement.java @@ -43,7 +43,7 @@ public class CatalogueStorageHubManagement { } public URL ensureResourcePersistence(URL persistedURL, String itemID, String resourceID) throws Exception { - ApplicationMode applicationMode = new ApplicationMode(Constants.getCatalogueApplicationToken()); + ApplicationMode applicationMode = new ApplicationMode(Constants.getSecurityToken()); try { applicationMode.start(); GXHTTPStringRequest gxhttpStringRequest = GXHTTPStringRequest.newRequest(persistedURL.toString()); @@ -68,7 +68,7 @@ public class CatalogueStorageHubManagement { } public void deleteResourcePersistence(String itemID, String resourceID, String mimeType) throws Exception { - ApplicationMode applicationMode = new ApplicationMode(Constants.getCatalogueApplicationToken()); + ApplicationMode applicationMode = new ApplicationMode(Constants.getSecurityToken()); try { applicationMode.start(); storageHubManagement = new StorageHubManagement(); @@ -97,7 +97,7 @@ public class CatalogueStorageHubManagement { } public void renameFile(String resourceID, String revisionID) throws Exception { - ApplicationMode applicationMode = new ApplicationMode(Constants.getCatalogueApplicationToken()); + ApplicationMode applicationMode = new ApplicationMode(Constants.getSecurityToken()); try { applicationMode.start(); FileContainer createdfile = storageHubManagement.getPersistedFile(); @@ -110,7 +110,7 @@ public class CatalogueStorageHubManagement { } public void addRevisionID(String resourceID, String revisionID) throws Exception { - ApplicationMode applicationMode = new ApplicationMode(Constants.getCatalogueApplicationToken()); + ApplicationMode applicationMode = new ApplicationMode(Constants.getSecurityToken()); try { applicationMode.start(); internalAddRevisionID(resourceID, revisionID); @@ -120,7 +120,7 @@ public class CatalogueStorageHubManagement { } public FileContainer retrievePersistedFile(String id, String mimeType) throws Exception { - ApplicationMode applicationMode = new ApplicationMode(Constants.getCatalogueApplicationToken()); + ApplicationMode applicationMode = new ApplicationMode(Constants.getSecurityToken()); try { applicationMode.start(); return storageHubManagement.getPersistedFile(id, mimeType); @@ -129,8 +129,8 @@ public class CatalogueStorageHubManagement { } } - public FileContainer getPersistedFile() { return storageHubManagement.getPersistedFile(); } + } diff --git a/src/test/resources/.gitignore b/src/test/resources/.gitignore index 0c413ec..94a4d23 100644 --- a/src/test/resources/.gitignore +++ b/src/test/resources/.gitignore @@ -1,7 +1,4 @@ /*.gcubekey /*.properties -/gCat_zuliprc -/leonardo.candela_zuliprc -/luca.frosini_zuliprc -/pasquale.pagano_zuliprc -/clientID +/*_zuliprc +/clientSecret \ No newline at end of file