gcube-ckan-datacatalog/src/main/java/org/gcube/portlets/gcubeckan/gcubeckandatacatalog/server/GcubeCkanDataCatalogServiceImpl.java

package org.gcube.portlets.gcubeckan.gcubeckandatacatalog.server;

import static org.gcube.common.authorization.client.Constants.authorizationService;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpSession;

import org.gcube.application.framework.core.session.ASLSession;
import org.gcube.application.framework.core.session.SessionManager;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.portal.custom.scopemanager.scopehelper.ScopeHelper;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService;
import org.gcube.portlets.gcubeckan.gcubeckandatacatalog.shared.CkanRole;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.google.gwt.user.server.rpc.RemoteServiceServlet;

/**
 * The server side implementation of the RPC service.
 *
 * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
 * Jun 10, 2016
 */
@SuppressWarnings("serial")
public class GcubeCkanDataCatalogServiceImpl extends RemoteServiceServlet implements GcubeCkanDataCatalogService {


	private static final String PORT_HTTP = ":80";
	private static final String PORT_HTTPS = ":443";
	private static final String GCUBE_TOKEN = "gcube-token";
	private static final String HTTPS = "https";
	private static final String HTTP = "http";
	public static String CKANCONNECTORCONTEXT = "CkanConnectorContext";
	public static final String USERNAME_ATTRIBUTE = ScopeHelper.USERNAME_ATTRIBUTE;
	private static Logger logger = LoggerFactory.getLogger(GcubeCkanDataCatalogServiceImpl.class);
	private final static String DEFAULT_ROLE = "OrganizationMember";

	private final static String TEST_USER = "francesco.mangiacrapa";
	private final static String TEST_SCOPE = "/gcube/devsec/devVRE";
	private final static String TEST_SEC_TOKEN = "4620e6d0-2313-4f48-9d54-eb3efd01a810";
//	private final static String TEST_SEC_TOKEN = "f539884c-8697-4ac0-9bbf-2f4d595281f5";

	/* (non-Javadoc)
	 * @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getCKanConnector()
	 */
	@Override
	public String getCKanConnector() throws Exception{
		logger.trace("getCKanConnector...");

		try{
			String ckanContext = getServletContext().getInitParameter(CKANCONNECTORCONTEXT);
			logger.debug(CKANCONNECTORCONTEXT + " is: "+ckanContext);
			ASLSession session = getASLSession(this.getThreadLocalRequest().getSession());
			GcoreEndpointReader ckanEndPoint = SessionUtil.getCkanEndPoint(session);
			String ckanConnectorUri = ckanEndPoint.getCkanResourceEntyName();
			logger.debug(ckanConnectorUri + "is : "+ckanConnectorUri);
			ckanConnectorUri = ckanConnectorUri.startsWith(HTTP) && !ckanConnectorUri.startsWith(HTTPS)?ckanConnectorUri.replaceFirst(HTTP, HTTPS):ckanConnectorUri;
			ckanConnectorUri = ckanConnectorUri.contains(PORT_HTTP)?ckanConnectorUri.replace(PORT_HTTP, PORT_HTTPS):ckanConnectorUri;
			ckanConnectorUri+=ckanContext;
			logger.debug("CKanConnector URI + Context: "+ckanConnectorUri);
			logger.debug("adding gcube token parameter...");
			if(SessionUtil.isIntoPortal()){
				ckanConnectorUri+="?"+GCUBE_TOKEN+"="+getGcubeSecurityToken();
			}else{
				logger.warn("******** Using TEST_USER security token!!!");
				ckanConnectorUri+="?"+GCUBE_TOKEN+"="+TEST_SEC_TOKEN;
			}
			logger.info("returning ckanConnectorUri: "+ckanConnectorUri);
			return ckanConnectorUri;
//			return "http://ckan-d-d4s.d4science.org";
		}catch(Exception e ){
			String message = "Sorry an error occurred during contacting gCube Ckan Data Catalogue";
			logger.error(message, e);
			throw new Exception(message);
		}
	}

	/**
	 * Gets the gcube security token.
	 *
	 * @return the gcube security token
	 */
	protected String getGcubeSecurityToken() {
		HttpSession httpSession = this.getThreadLocalRequest().getSession();
		ASLSession session = getASLSession(httpSession);
		logger.debug("Get security token return: "+session.getSecurityToken());

		if(session.getSecurityToken()==null || session.getSecurityToken().isEmpty()){
			logger.warn("Security token retured from ASL is null or empty, I'm setting security token...");
			setAuthorizationToken(session);
		}

		return session.getSecurityToken();
	}


	/**
	 * Temporary method to set the authorization token.
	 *
	 * @param session the new authorization token
	 */
	private static void setAuthorizationToken(ASLSession session) {
		String username = session.getUsername();
		String scope = session.getScope();
		ScopeProvider.instance.set(scope);
		logger.debug("calling service token on scope " + scope);
		List<String> userRoles = new ArrayList<String>();
		userRoles.add(DEFAULT_ROLE);
		session.setSecurityToken(null);
		String token = authorizationService().build().generate(session.getUsername(), userRoles);
		logger.debug("received token: "+token);
		session.setSecurityToken(token);
		logger.info("Security token set in session for: "+username + " on " + scope);
	}

	/**
	 * Gets the ASL session.
	 *
	 * @param httpSession the http session
	 * @return the ASL session
	 */
	protected ASLSession getASLSession(HttpSession httpSession)
	{
		String sessionID = httpSession.getId();
		String user = (String) httpSession.getAttribute(USERNAME_ATTRIBUTE);

		if (user == null) {

			logger.warn("****** STARTING IN TEST MODE - NO USER FOUND *******");
			//for test only
			user = TEST_USER;
			httpSession.setAttribute(USERNAME_ATTRIBUTE, user);
			ASLSession session = SessionManager.getInstance().getASLSession(sessionID, user);
			session.setScope(TEST_SCOPE);
			//session.setScope("/gcube/devsec/devVRE");

			return session;
		} else logger.trace("user found in session "+user);
		return SessionManager.getInstance().getASLSession(sessionID, user);
	}


	/* (non-Javadoc)
	 * @see org.gcube.portlets.gcubeckan.gcubeckandatacatalog.client.GcubeCkanDataCatalogService#getMyRole()
	 */
	@Override
	public CkanRole getMyRole() throws Exception{
		//TODO READ FROM IS
		return CkanRole.ADMIN;
	}
}