package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.server; import static org.gcube.common.authorization.client.Constants.authorizationService; import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpSession; import org.gcube.application.framework.core.session.ASLSession; import org.gcube.application.framework.core.session.SessionManager; import org.gcube.common.scope.api.ScopeProvider; import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper; import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService; import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.gwt.user.server.rpc.RemoteServiceServlet; /** * The server side implementation of the RPC service. * * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it * Jun 10, 2016 */ @SuppressWarnings("serial") public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implements GcubeCkanDataCatalogService { private static final String PORT_HTTP = ":80"; private static final String PORT_HTTPS = ":443"; private static final String GCUBE_TOKEN = "gcube-token"; private static final String HTTPS = "https"; private static final String HTTP = "http"; public static String CKANCONNECTORCONTEXT = "CkanConnectorContext"; public static final String USERNAME_ATTRIBUTE = ScopeHelper.USERNAME_ATTRIBUTE; private static Logger logger = LoggerFactory.getLogger(GcubeCkanDataCatalogServiceImpl.class); private final static String DEFAULT_ROLE = "OrganizationMember"; private final static String TEST_USER = "francesco.mangiacrapa"; private final static String TEST_SCOPE = "/gcube/devsec/devVRE"; private final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810"; // private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5"; /* (non-Javadoc) * @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector() */ @Override public String getCKanConnector() throws Exception{ logger.trace("getCKanConnector..."); try{ String ckanContext = getServletContext().getInitParameter(CKANCONNECTORCONTEXT); logger.debug(CKANCONNECTORCONTEXT + " is: "+ckanContext); ASLSession session = getASLSession(this.getThreadLocalRequest().getSession()); GcoreEndpointReader ckanEndPoint = SessionUtil.getCkanEndPoint(session); String ckanConnectorUri = ckanEndPoint.getCkanResourceEntyName(); logger.debug(ckanConnectorUri + "is : "+ckanConnectorUri); ckanConnectorUri = ckanConnectorUri.startsWith(HTTP) && !ckanConnectorUri.startsWith(HTTPS)?ckanConnectorUri.replaceFirst(HTTP, HTTPS):ckanConnectorUri; ckanConnectorUri = ckanConnectorUri.contains(PORT_HTTP)?ckanConnectorUri.replace(PORT_HTTP, PORT_HTTPS):ckanConnectorUri; ckanConnectorUri+=ckanContext; logger.debug("CKanConnector URI + Context: "+ckanConnectorUri); logger.debug("adding gcube token parameter..."); if(SessionUtil.isIntoPortal()){ ckanConnectorUri+="?"+GCUBE_TOKEN+"="+getGcubeSecurityToken(); }else{ logger.warn("******** Using TEST_USER security token!!!"); ckanConnectorUri+="?"+GCUBE_TOKEN+"="+TEST_SEC_TOKEN; } logger.info("returning ckanConnectorUri: "+ckanConnectorUri); return ckanConnectorUri; // return "http://ckan-d-d4s.d4science.org"; }catch(Exception e ){ String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue"; logger.error(message, e); throw new Exception(message); } } /** * Gets the gcube security token. * * @return the gcube security token */ protected String getGcubeSecurityToken() { HttpSession httpSession = this.getThreadLocalRequest().getSession(); ASLSession session = getASLSession(httpSession); logger.debug("Get security token return: "+session.getSecurityToken()); if(session.getSecurityToken()==null || session.getSecurityToken().isEmpty()){ logger.warn("Security token retured from ASL is null or empty, I'm setting security token..."); setAuthorizationToken(session); } return session.getSecurityToken(); } /** * Temporary method to set the authorization token. * * @param session the new authorization token */ private static void setAuthorizationToken(ASLSession session) { String username = session.getUsername(); String scope = session.getScope(); ScopeProvider.instance.set(scope); logger.debug("calling service token on scope " + scope); List userRoles = new ArrayList(); userRoles.add(DEFAULT_ROLE); session.setSecurityToken(null); String token = authorizationService().build().generate(session.getUsername(), userRoles); logger.debug("received token: "+token); session.setSecurityToken(token); logger.info("Security token set in session for: "+username + " on " + scope); } /** * Gets the ASL session. * * @param httpSession the http session * @return the ASL session */ protected ASLSession getASLSession(HttpSession httpSession) { String sessionID = httpSession.getId(); String user = (String) httpSession.getAttribute(USERNAME_ATTRIBUTE); if (user == null) { logger.warn("****** STARTING IN TEST MODE - NO USER FOUND *******"); //for test only user = TEST_USER; httpSession.setAttribute(USERNAME_ATTRIBUTE, user); ASLSession session = SessionManager.getInstance().getASLSession(sessionID, user); session.setScope(TEST_SCOPE); //session.setScope("/gcube/devsec/devVRE"); return session; } else logger.trace("user found in session "+user); return SessionManager.getInstance().getASLSession(sessionID, user); } /* (non-Javadoc) * @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getMyRole() */ @Override public CkanRole getMyRole() throws Exception{ //TODO READ FROM IS return CkanRole.ADMIN; } }