diff --git a/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClient.java b/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClient.java index 5ba130b..eed4caa 100644 --- a/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClient.java +++ b/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClient.java @@ -3,6 +3,8 @@ package org.gcube.spatial.data.clients.geoserver; import java.util.List; import org.gcube.spatial.data.sdi.model.faults.RemoteException; +import org.json.simple.JSONArray; +import org.json.simple.JSONObject; public interface GSRESTClient { @@ -11,7 +13,8 @@ public interface GSRESTClient { // WS - public List getWorkspaces()throws RemoteException,Exception; + public JSONArray getWorkspaces()throws RemoteException,Exception; + public JSONObject getWorkspace(String workspace)throws RemoteException, Exception; // DS public List getDataStoresInWorkspace(String ws)throws RemoteException,Exception; diff --git a/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClientImpl.java b/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClientImpl.java index 76877e9..10e6ff1 100644 --- a/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClientImpl.java +++ b/gcube-geoserver-client/src/main/java/org/gcube/spatial/data/clients/geoserver/GSRESTClientImpl.java @@ -3,6 +3,7 @@ package org.gcube.spatial.data.clients.geoserver; import java.util.List; import javax.ws.rs.client.WebTarget; +import javax.ws.rs.core.MediaType; import org.gcube.common.clients.Call; import org.gcube.spatial.data.clients.AbstractGenericClient; @@ -10,11 +11,14 @@ import org.gcube.spatial.data.clients.GenericLoginClient; import org.gcube.spatial.data.clients.model.ConnectionDescriptor; import org.gcube.spatial.data.sdi.model.faults.RemoteException; import org.gcube.spatial.data.sdi.model.gn.LoginLevel; +import org.json.simple.JSONArray; +import org.json.simple.JSONObject; public class GSRESTClientImpl extends AbstractGenericClient implements GSRESTClient,GenericLoginClient{ protected GSRESTClientImpl(ConnectionDescriptor conn) { super(conn); +// localhost:8080/geoserver/rest } @Override @@ -30,16 +34,22 @@ public class GSRESTClientImpl extends AbstractGenericClient implements GSRESTCli } @Override - public List getWorkspaces() throws RemoteException,Exception { - return makeCall(new Call>() { + public JSONArray getWorkspaces() throws RemoteException,Exception { + return makeCall(new Call() { - public java.util.List call(WebTarget endpoint) throws Exception { - return null; + public JSONArray call(WebTarget endpoint) throws Exception { + return check(endpoint.path("workspace").request(MediaType.APPLICATION_JSON).get(),JSONArray.class); }; }); } + @Override + public JSONObject getWorkspace(String workspace) throws RemoteException, Exception { + // TODO Auto-generated method stub + return null; + } + @Override public List getDataStoresInWorkspace(String ws) { // TODO Auto-generated method stub diff --git a/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/GSTests.java b/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/GSTests.java new file mode 100644 index 0000000..9d1dac1 --- /dev/null +++ b/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/GSTests.java @@ -0,0 +1,28 @@ +package org.gcube.spatial.data.clients.geoserver; + +import org.gcube.spatial.data.clients.model.ConnectionDescriptor; +import org.gcube.spatial.data.sdi.model.faults.RemoteException; +import org.junit.BeforeClass; +import org.junit.Test; + +public class GSTests { + + +// static String sdiHostname="sdi-t.pre.d4science.org"; +// static String scope ="/pred4s/preprod/preVRE"; +// +// String sdiHostname="sdi-d-d4s.d4science.org"; + static String scope = "/gcube/devsec/devVRE"; + + @BeforeClass + public static void setScope(){ + TokenSetter.set(scope); + } + + @Test + public void getWS() throws RemoteException, Exception { + System.out.println(new GSRESTClientImpl(new ConnectionDescriptor("https://geoserver1.dev.d4science.org/geoserver/rest")).getWorkspaces()); + } + + +} diff --git a/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/TokenSetter.java b/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/TokenSetter.java new file mode 100644 index 0000000..5436fb9 --- /dev/null +++ b/gcube-geoserver-client/src/test/java/org/gcube/spatial/data/clients/geoserver/TokenSetter.java @@ -0,0 +1,33 @@ +package org.gcube.spatial.data.clients.geoserver; + +import java.util.Properties; + +import org.gcube.common.authorization.library.provider.SecurityTokenProvider; +import org.gcube.common.scope.api.ScopeProvider; + +import lombok.extern.slf4j.Slf4j; +@Slf4j +public class TokenSetter { + + +private static Properties props=new Properties(); + + static{ + try { + props.load(TokenSetter.class.getResourceAsStream("/tokens.properties")); + } catch (Exception e) { + throw new RuntimeException("YOU NEED TO SET TOKEN FILE IN CONFIGURATION"); + } + } + + + public static void set(String scope){ + try{ + if(!props.containsKey(scope)) throw new RuntimeException("No token found for scope : "+scope); + SecurityTokenProvider.instance.set(props.getProperty(scope)); + }catch(Throwable e){ + log.warn("Unable to set token for scope "+scope,e); + } + ScopeProvider.instance.set(scope); + } +} diff --git a/gcube-geoserver-connector/CHANGELOG.md b/gcube-geoserver-connector/CHANGELOG.md new file mode 100644 index 0000000..b775927 --- /dev/null +++ b/gcube-geoserver-connector/CHANGELOG.md @@ -0,0 +1,6 @@ +This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +# Changelog for org.gcube.spatial.data.gcube-geoserver-connector + +## [v0.2.0-SNAPSHOT] - 2021-2-11 +Migrated to git diff --git a/gcube-geoserver-connector/FUNDING.md b/gcube-geoserver-connector/FUNDING.md new file mode 100644 index 0000000..9e48b94 --- /dev/null +++ b/gcube-geoserver-connector/FUNDING.md @@ -0,0 +1,26 @@ +# Acknowledgments + +The projects leading to this software have received funding from a series of European Union programmes including: + +- the Sixth Framework Programme for Research and Technological Development + - [DILIGENT](https://cordis.europa.eu/project/id/004260) (grant no. 004260). +- the Seventh Framework Programme for research, technological development and demonstration + - [D4Science](https://cordis.europa.eu/project/id/212488) (grant no. 212488); + - [D4Science-II](https://cordis.europa.eu/project/id/239019) (grant no.239019); + - [ENVRI](https://cordis.europa.eu/project/id/283465) (grant no. 283465); + - [iMarine](https://cordis.europa.eu/project/id/283644) (grant no. 283644); + - [EUBrazilOpenBio](https://cordis.europa.eu/project/id/288754) (grant no. 288754). +- the H2020 research and innovation programme + - [SoBigData](https://cordis.europa.eu/project/id/654024) (grant no. 654024); + - [PARTHENOS](https://cordis.europa.eu/project/id/654119) (grant no. 654119); + - [EGI-Engage](https://cordis.europa.eu/project/id/654142) (grant no. 654142); + - [ENVRI PLUS](https://cordis.europa.eu/project/id/654182) (grant no. 654182); + - [BlueBRIDGE](https://cordis.europa.eu/project/id/675680) (grant no. 675680); + - [PerformFISH](https://cordis.europa.eu/project/id/727610) (grant no. 727610); + - [AGINFRA PLUS](https://cordis.europa.eu/project/id/731001) (grant no. 731001); + - [DESIRA](https://cordis.europa.eu/project/id/818194) (grant no. 818194); + - [ARIADNEplus](https://cordis.europa.eu/project/id/823914) (grant no. 823914); + - [RISIS 2](https://cordis.europa.eu/project/id/824091) (grant no. 824091); + - [EOSC-Pillar](https://cordis.europa.eu/project/id/857650) (grant no. 857650); + - [Blue Cloud](https://cordis.europa.eu/project/id/862409) (grant no. 862409); + - [SoBigData-PlusPlus](https://cordis.europa.eu/project/id/871042) (grant no. 871042); diff --git a/gcube-geoserver-connector/LICENSE.md b/gcube-geoserver-connector/LICENSE.md new file mode 100644 index 0000000..3af0507 --- /dev/null +++ b/gcube-geoserver-connector/LICENSE.md @@ -0,0 +1,312 @@ +# European Union Public Licence V. 1.1 + + +EUPL © the European Community 2007 + + +This European Union Public Licence (the “EUPL”) applies to the Work or Software +(as defined below) which is provided under the terms of this Licence. Any use of +the Work, other than as authorised under this Licence is prohibited (to the +extent such use is covered by a right of the copyright holder of the Work). + +The Original Work is provided under the terms of this Licence when the Licensor +(as defined below) has placed the following notice immediately following the +copyright notice for the Original Work: + +Licensed under the EUPL V.1.1 + +or has expressed by any other mean his willingness to license under the EUPL. + + + +## 1. Definitions + +In this Licence, the following terms have the following meaning: + +- The Licence: this Licence. + +- The Original Work or the Software: the software distributed and/or + communicated by the Licensor under this Licence, available as Source Code and + also as Executable Code as the case may be. + +- Derivative Works: the works or software that could be created by the Licensee, + based upon the Original Work or modifications thereof. This Licence does not + define the extent of modification or dependence on the Original Work required + in order to classify a work as a Derivative Work; this extent is determined by + copyright law applicable in the country mentioned in Article 15. + +- The Work: the Original Work and/or its Derivative Works. + +- The Source Code: the human-readable form of the Work which is the most + convenient for people to study and modify. + +- The Executable Code: any code which has generally been compiled and which is + meant to be interpreted by a computer as a program. + +- The Licensor: the natural or legal person that distributes and/or communicates + the Work under the Licence. + +- Contributor(s): any natural or legal person who modifies the Work under the + Licence, or otherwise contributes to the creation of a Derivative Work. + +- The Licensee or “You”: any natural or legal person who makes any usage of the + Software under the terms of the Licence. + +- Distribution and/or Communication: any act of selling, giving, lending, + renting, distributing, communicating, transmitting, or otherwise making + available, on-line or off-line, copies of the Work or providing access to its + essential functionalities at the disposal of any other natural or legal + person. + + + +## 2. Scope of the rights granted by the Licence + +The Licensor hereby grants You a world-wide, royalty-free, non-exclusive, +sub-licensable licence to do the following, for the duration of copyright vested +in the Original Work: + +- use the Work in any circumstance and for all usage, reproduce the Work, modify +- the Original Work, and make Derivative Works based upon the Work, communicate +- to the public, including the right to make available or display the Work or +- copies thereof to the public and perform publicly, as the case may be, the +- Work, distribute the Work or copies thereof, lend and rent the Work or copies +- thereof, sub-license rights in the Work or copies thereof. + +Those rights can be exercised on any media, supports and formats, whether now +known or later invented, as far as the applicable law permits so. + +In the countries where moral rights apply, the Licensor waives his right to +exercise his moral right to the extent allowed by law in order to make effective +the licence of the economic rights here above listed. + +The Licensor grants to the Licensee royalty-free, non exclusive usage rights to +any patents held by the Licensor, to the extent necessary to make use of the +rights granted on the Work under this Licence. + + + +## 3. Communication of the Source Code + +The Licensor may provide the Work either in its Source Code form, or as +Executable Code. If the Work is provided as Executable Code, the Licensor +provides in addition a machine-readable copy of the Source Code of the Work +along with each copy of the Work that the Licensor distributes or indicates, in +a notice following the copyright notice attached to the Work, a repository where +the Source Code is easily and freely accessible for as long as the Licensor +continues to distribute and/or communicate the Work. + + + +## 4. Limitations on copyright + +Nothing in this Licence is intended to deprive the Licensee of the benefits from +any exception or limitation to the exclusive rights of the rights owners in the +Original Work or Software, of the exhaustion of those rights or of other +applicable limitations thereto. + + + +## 5. Obligations of the Licensee + +The grant of the rights mentioned above is subject to some restrictions and +obligations imposed on the Licensee. Those obligations are the following: + +Attribution right: the Licensee shall keep intact all copyright, patent or +trademarks notices and all notices that refer to the Licence and to the +disclaimer of warranties. The Licensee must include a copy of such notices and a +copy of the Licence with every copy of the Work he/she distributes and/or +communicates. The Licensee must cause any Derivative Work to carry prominent +notices stating that the Work has been modified and the date of modification. + +Copyleft clause: If the Licensee distributes and/or communicates copies of the +Original Works or Derivative Works based upon the Original Work, this +Distribution and/or Communication will be done under the terms of this Licence +or of a later version of this Licence unless the Original Work is expressly +distributed only under this version of the Licence. The Licensee (becoming +Licensor) cannot offer or impose any additional terms or conditions on the Work +or Derivative Work that alter or restrict the terms of the Licence. + +Compatibility clause: If the Licensee Distributes and/or Communicates Derivative +Works or copies thereof based upon both the Original Work and another work +licensed under a Compatible Licence, this Distribution and/or Communication can +be done under the terms of this Compatible Licence. For the sake of this clause, +“Compatible Licence” refers to the licences listed in the appendix attached to +this Licence. Should the Licensee’s obligations under the Compatible Licence +conflict with his/her obligations under this Licence, the obligations of the +Compatible Licence shall prevail. + +Provision of Source Code: When distributing and/or communicating copies of the +Work, the Licensee will provide a machine-readable copy of the Source Code or +indicate a repository where this Source will be easily and freely available for +as long as the Licensee continues to distribute and/or communicate the Work. + +Legal Protection: This Licence does not grant permission to use the trade names, +trademarks, service marks, or names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the copyright notice. + + + +## 6. Chain of Authorship + +The original Licensor warrants that the copyright in the Original Work granted +hereunder is owned by him/her or licensed to him/her and that he/she has the +power and authority to grant the Licence. + +Each Contributor warrants that the copyright in the modifications he/she brings +to the Work are owned by him/her or licensed to him/her and that he/she has the +power and authority to grant the Licence. + +Each time You accept the Licence, the original Licensor and subsequent +Contributors grant You a licence to their contributions to the Work, under the +terms of this Licence. + + + +## 7. Disclaimer of Warranty + +The Work is a work in progress, which is continuously improved by numerous +contributors. It is not a finished work and may therefore contain defects or +“bugs” inherent to this type of software development. + +For the above reason, the Work is provided under the Licence on an “as is” basis +and without warranties of any kind concerning the Work, including without +limitation merchantability, fitness for a particular purpose, absence of defects +or errors, accuracy, non-infringement of intellectual property rights other than +copyright as stated in Article 6 of this Licence. + +This disclaimer of warranty is an essential part of the Licence and a condition +for the grant of any rights to the Work. + + + +## 8. Disclaimer of Liability + +Except in the cases of wilful misconduct or damages directly caused to natural +persons, the Licensor will in no event be liable for any direct or indirect, +material or moral, damages of any kind, arising out of the Licence or of the use +of the Work, including without limitation, damages for loss of goodwill, work +stoppage, computer failure or malfunction, loss of data or any commercial +damage, even if the Licensor has been advised of the possibility of such +damage. However, the Licensor will be liable under statutory product liability +laws as far such laws apply to the Work. + + + +## 9. Additional agreements + +While distributing the Original Work or Derivative Works, You may choose to +conclude an additional agreement to offer, and charge a fee for, acceptance of +support, warranty, indemnity, or other liability obligations and/or services +consistent with this Licence. However, in accepting such obligations, You may +act only on your own behalf and on your sole responsibility, not on behalf of +the original Licensor or any other Contributor, and only if You agree to +indemnify, defend, and hold each Contributor harmless for any liability incurred +by, or claims asserted against such Contributor by the fact You have accepted +any such warranty or additional liability. + + + +## 10. Acceptance of the Licence + +The provisions of this Licence can be accepted by clicking on an icon “I agree” +placed under the bottom of a window displaying the text of this Licence or by +affirming consent in any other similar way, in accordance with the rules of +applicable law. Clicking on that icon indicates your clear and irrevocable +acceptance of this Licence and all of its terms and conditions. + +Similarly, you irrevocably accept this Licence and all of its terms and +conditions by exercising any rights granted to You by Article 2 of this Licence, +such as the use of the Work, the creation by You of a Derivative Work or the +Distribution and/or Communication by You of the Work or copies thereof. + + + +## 11. Information to the public + +In case of any Distribution and/or Communication of the Work by means of +electronic communication by You (for example, by offering to download the Work +from a remote location) the distribution channel or media (for example, a +website) must at least provide to the public the information requested by the +applicable law regarding the Licensor, the Licence and the way it may be +accessible, concluded, stored and reproduced by the Licensee. + + + +## 12. Termination of the Licence + +The Licence and the rights granted hereunder will terminate automatically upon +any breach by the Licensee of the terms of the Licence. + +Such a termination will not terminate the licences of any person who has +received the Work from the Licensee under the Licence, provided such persons +remain in full compliance with the Licence. + + + +## 13. Miscellaneous + +Without prejudice of Article 9 above, the Licence represents the complete +agreement between the Parties as to the Work licensed hereunder. + +If any provision of the Licence is invalid or unenforceable under applicable +law, this will not affect the validity or enforceability of the Licence as a +whole. Such provision will be construed and/or reformed so as necessary to make +it valid and enforceable. + +The European Commission may publish other linguistic versions and/or new +versions of this Licence, so far this is required and reasonable, without +reducing the scope of the rights granted by the Licence. New versions of the +Licence will be published with a unique version number. + +All linguistic versions of this Licence, approved by the European Commission, +have identical value. Parties can take advantage of the linguistic version of +their choice. + + + +## 14. Jurisdiction + +Any litigation resulting from the interpretation of this License, arising +between the European Commission, as a Licensor, and any Licensee, will be +subject to the jurisdiction of the Court of Justice of the European Communities, +as laid down in article 238 of the Treaty establishing the European Community. + +Any litigation arising between Parties, other than the European Commission, and +resulting from the interpretation of this License, will be subject to the +exclusive jurisdiction of the competent court where the Licensor resides or +conducts its primary business. + + + +## 15. Applicable Law + +This Licence shall be governed by the law of the European Union country where +the Licensor resides or has his registered office. + +This licence shall be governed by the Belgian law if: + +- a litigation arises between the European Commission, as a Licensor, and any +- Licensee; the Licensor, other than the European Commission, has no residence +- or registered office inside a European Union country. + + + +## Appendix + + + +“Compatible Licences” according to article 5 EUPL are: + + +- GNU General Public License (GNU GPL) v. 2 + +- Open Software License (OSL) v. 2.1, v. 3.0 + +- Common Public License v. 1.0 + +- Eclipse Public License v. 1.0 + +- Cecill v. 2.0 + diff --git a/gcube-geoserver-connector/README.md b/gcube-geoserver-connector/README.md new file mode 100644 index 0000000..f7a10f4 --- /dev/null +++ b/gcube-geoserver-connector/README.md @@ -0,0 +1,52 @@ +gCube GeoServer Connector +-------------------------------------------------- + +gCube GeoServer Connector is a HTTP Filter that intercepts and interprets gCube-authenticated Calls + +## Built with +* [gCube SmartGears] (https://gcube.wiki.gcube-system.org/gcube/SmartGears) - The gCube SmartGears framework +* [OpenJDK](https://openjdk.java.net/) - The JDK used +* [JAX-RS](https://github.com/eclipse-ee4j/jaxrs-api) - Java™ API for RESTful Web Services +* [Jersey](https://jersey.github.io/) - JAX-RS runtime +* [Maven](https://maven.apache.org/) - Dependency Management + +## Documentation + +Documentation can be found [here](https://gcube.wiki.gcube-system.org/gcube/GFeed). + +## Change log + +See [CHANGELOG.md](CHANGELOG.md). + +## License + +This project is licensed under the EUPL V.1.1 License - see the [LICENSE.md](LICENSE.md) file for details. + +## About the gCube Framework +This software is part of the [gCubeFramework](https://www.gcube-system.org/ "gCubeFramework"): an +open-source software toolkit used for building and operating Hybrid Data +Infrastructures enabling the dynamic deployment of Virtual Research Environments +by favouring the realisation of reuse oriented policies. + +The projects leading to this software have received funding from a series of European Union programmes including: + +- the Sixth Framework Programme for Research and Technological Development + - DILIGENT (grant no. 004260). +- the Seventh Framework Programme for research, technological development and demonstration + - D4Science (grant no. 212488); + - D4Science-II (grant no.239019); + - ENVRI (grant no. 283465); + - iMarine(grant no. 283644); + - EUBrazilOpenBio (grant no. 288754). +- the H2020 research and innovation programme + - SoBigData (grant no. 654024); + - PARTHENOS (grant no. 654119); + - EGIEngage (grant no. 654142); + - ENVRIplus (grant no. 654182); + - BlueBRIDGE (grant no. 675680); + - PerformFish (grant no. 727610); + - AGINFRAplus (grant no. 731001); + - DESIRA (grant no. 818194); + - ARIADNEplus (grant no. 823914); + - RISIS2 (grant no. 824091); + diff --git a/gcube-geoserver-connector/pom.xml b/gcube-geoserver-connector/pom.xml new file mode 100644 index 0000000..985ae6e --- /dev/null +++ b/gcube-geoserver-connector/pom.xml @@ -0,0 +1,83 @@ + + 4.0.0 + + gcube-sdi-suite + org.gcube.spatial.data + 1.0.0-SNAPSHOT + + gcube-geoserver-connector + 0.2.0-SNAPSHOT + Generic SDI Client + + + + scm:git:${gitBaseUrl}/gcube-sdi-suite + scm:git:${gitBaseUrl}/gcube-sdi-suite + ${gitBaseUrl}/gcube-sdi-suite + + + + + + org.gcube.distribution + gcube-smartgears-bom + 2.0.0 + pom + import + + + + + + + + + javax.servlet + javax.servlet-api + 3.0.1 + + + org.slf4j + slf4j-api + + + ch.qos.logback + logback-classic + test + + + org.gcube.resources.discovery + ic-client + + + + org.gcube.core + common-smartgears + + + + + + + org.springframework + spring-web + 3.2.13.RELEASE + + + org.springframework + spring-core + 3.2.13.RELEASE + + + net.sf.json-lib + json-lib + 2.2.3 + jdk15 + + + + Java library used to implement SDI clients. + \ No newline at end of file diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java new file mode 100644 index 0000000..3db686d --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java @@ -0,0 +1,222 @@ +package org.gcube.data.access.connector; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; +import javax.xml.bind.annotation.XmlRootElement; + +import java.util.Base64; +import org.gcube.common.authorization.library.AuthorizationEntry; +import org.gcube.common.authorization.library.provider.SecurityTokenProvider; +import org.gcube.common.resources.gcore.GCoreEndpoint; +import org.gcube.common.scope.api.ScopeProvider; +import org.gcube.data.access.connector.rest.GCubeRestClient; +import org.gcube.data.access.connector.rest.entity.AccessibleCredentialsEntity; +import org.gcube.data.access.connector.utils.AuthenticationUtils; +import org.gcube.data.access.connector.utils.GCubeCache; +import org.gcube.resources.discovery.client.api.DiscoveryClient; +import org.gcube.resources.discovery.client.queries.api.SimpleQuery; +import org.gcube.resources.discovery.icclient.ICFactory; +import org.gcube.smartgears.handlers.application.RequestEvent; +import org.gcube.smartgears.handlers.application.RequestHandler; +import org.gcube.smartgears.handlers.application.request.RequestError; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.StringUtils; +import static org.gcube.common.authorization.client.Constants.authorizationService; + +@XmlRootElement(name = GeoServerConnectorRequestHandler.REQUEST_HANDLER_NAME) +public class GeoServerConnectorRequestHandler extends RequestHandler { + + protected static final String REQUEST_HANDLER_NAME = "authentication-filter"; + private static final String GEOSERVER_CREDENTIALS = "/GeoServer/credentials/"; + + private Logger logger; + private GCubeCache gCubeCache; + private GCubeRestClient restClient = new GCubeRestClient(); + + public GeoServerConnectorRequestHandler() { + logger = LoggerFactory.getLogger(this.getClass()); + gCubeCache = new GCubeCache<>(AuthenticationUtils.TIME_TO_LIVE, AuthenticationUtils.TIMER_INTERVAL, + AuthenticationUtils.MAX_ITEMS_CACHE); + } + + @Override + public String getName() { + return REQUEST_HANDLER_NAME; + } + + @Override + public void handleRequest(RequestEvent e) { + + logger.warn("Handling request"); + HttpServletRequest httpServletRequest = e.request(); + + // get host from ApplicationContext + String host = e.context().container().configuration().hostname(); + + // get token from request + String token = getToken(httpServletRequest); + logger.warn("Retrieve token from request = " + token); + + if (StringUtils.hasText(token)) { + logger.warn("Token found: " + token); + + if (validateToken(token)) { + // retrieve endpoint to get credentials in GeoServer + String endpoint = getEndpoint(token); + logger.warn("Endpoint found: " + endpoint); + // TODO - Can be the endpoint stored in the cache object? + if (StringUtils.hasText(endpoint)) { + + String usernameCache = gCubeCache.get(AuthenticationUtils.USERNAME); + String passwordCache = gCubeCache.get(AuthenticationUtils.PASSWORD); + String tokenCache = gCubeCache.get(AuthenticationUtils.TOKEN_CACHE); + + // check current token with tokenCache + if (token.equals(tokenCache)) { + logger.warn("Set credentials attribute retrieved from cache " + usernameCache + " " + + passwordCache); + httpServletRequest.setAttribute(AuthenticationUtils.USERNAME, usernameCache); + httpServletRequest.setAttribute(AuthenticationUtils.PASSWORD, passwordCache); + } else { + // create URL to get credentials + String url = endpoint + GEOSERVER_CREDENTIALS + host + "?" + + AuthenticationUtils.GCUBE_QUERY_STRING + "=" + token; + // put credentials in the filter + AccessibleCredentialsEntity accessibleCredentials = restClient.getAccessibleCredentials(url); + logger.warn("Credentials: " + accessibleCredentials.getUsername() + "/" + + accessibleCredentials.getPassword()); + httpServletRequest.setAttribute(AuthenticationUtils.USERNAME, + accessibleCredentials.getUsername()); + httpServletRequest.setAttribute(AuthenticationUtils.PASSWORD, + accessibleCredentials.getPassword()); + + // set/update data in the cache + logger.warn("Put token in the cache: " + token); + gCubeCache.put(AuthenticationUtils.TOKEN_CACHE, token); + + logger.warn("Put also username and password in the cache"); + gCubeCache.put(AuthenticationUtils.USERNAME, accessibleCredentials.getUsername()); + gCubeCache.put(AuthenticationUtils.PASSWORD, accessibleCredentials.getPassword()); + } + } + } else { + logger.error("Invalid token in the request"); + RequestError.request_not_authorized_error.fire("Invalid token in the request"); + } + } else { + logger.warn("Token not present in the request: NO/OP"); + } + } + + @Override + public String toString() { + return getName(); + } + + // retrieve the Token from request + private String getToken(HttpServletRequest httpServletRequest) { + + // case 1 - get token from gcube-token query-string + String gCubeToken = httpServletRequest.getParameter(AuthenticationUtils.GCUBE_QUERY_STRING); + if (StringUtils.hasText(gCubeToken)) { + logger.warn("Get token from query-string"); + return gCubeToken; + } + + // case 2 - get token from gcube-token header + gCubeToken = httpServletRequest.getHeader(AuthenticationUtils.GCUBE_QUERY_STRING); + if (StringUtils.hasText(gCubeToken)) { + logger.warn("Get token from gcube-token header"); + return gCubeToken; + } + + // case 3 - get token from basic authorization header + String authorization = httpServletRequest.getHeader(AuthenticationUtils.AUTHORIZATION); + if (StringUtils.hasText(authorization) + && StringUtils.startsWithIgnoreCase(authorization, AuthenticationUtils.BASIC)) { + logger.warn("Get token from basic authorization header"); + // header = Authorization: Basic base64credentials + String base64Credentials = StringUtils.delete(authorization, AuthenticationUtils.BASIC); + String credentials = new String(Base64.getDecoder().decode(StringUtils.trimWhitespace(base64Credentials))); + + // credentials = username:token + final String[] values = credentials.split(":", 2); + return values[1]; + } + + logger.warn("gcube-token not found in query-string, in header and in basic authorization header"); + + // case 4 - get token from HTML form in the password field + gCubeToken = httpServletRequest.getParameter(AuthenticationUtils.PASSWORD); + if (StringUtils.hasText(gCubeToken)) { + logger.warn("Get token from HTML form (in the password field)"); + String user = httpServletRequest.getParameter(AuthenticationUtils.USERNAME); + logger.warn("Get username from HTML form: " + user); + + if (StringUtils.hasText(user) && user.equals(getUser(gCubeToken))) //check username + return gCubeToken; + + logger.warn("Username doesn't match with ClientInfo of gcube"); + + } else + logger.warn("gcube-token also not found in the HTML form in the password field"); + + return null; + } + + private String getEndpoint(String token) { + + try { + AuthorizationEntry authorizationEntry = authorizationService().get(token); + String scope = authorizationEntry.getContext(); + logger.warn("Set scope in to " + scope); + ScopeProvider.instance.set(scope); + + SecurityTokenProvider.instance.set(token); + + String serviceClass = String.format("$resource/Profile/ServiceClass/text() eq '%s'", + AuthenticationUtils.SDI); + String serviceName = String.format("$resource/Profile/ServiceName/text() eq '%s'", + AuthenticationUtils.SDI_SERVICE); + String status = String.format("$resource/Profile/DeploymentData/Status/text() eq '%s'", + AuthenticationUtils.READY); + + SimpleQuery query = ICFactory.queryFor(GCoreEndpoint.class).addCondition(serviceClass) + .addCondition(serviceName).addCondition(status); + DiscoveryClient client = ICFactory.clientFor(GCoreEndpoint.class); + + List gCoreEndpoints = client.submit(query); + int size = gCoreEndpoints.size(); + logger.warn("gCoreEndpoints size = " + size); + + if (size > 0) {//I get only the first. Usually it must be only one + GCoreEndpoint gCoreEndpoint = gCoreEndpoints.get(0); + return gCoreEndpoint.profile().endpointMap().get("org.gcube.spatial.data.sdi.SDIService").uri() + .toString(); + } + + } catch (Exception ex) { + logger.error("Error in getEndpoint() method: " + ex.getMessage()); + } + + return null; + } + + private String getUser(String token) { + try { + AuthorizationEntry authorizationEntry = authorizationService().get(token); + return authorizationEntry.getClientInfo().getId(); + } catch (Exception ex) { + logger.error("Error in getUser() method: " + ex.getMessage()); + } + return null; + } + + private boolean validateToken(String token) { + // TODO How to implement the validation of the token + logger.warn("Validate token in progress..."); + return true; + } +} diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java new file mode 100644 index 0000000..249bba3 --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java @@ -0,0 +1,62 @@ +package org.gcube.data.access.connector; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Base64; +import org.gcube.data.access.connector.utils.AuthenticationUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.util.StringUtils; + +public class GeoServerFilter implements Filter { + + private Logger logger = LoggerFactory.getLogger(this.getClass()); + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + logger.warn("init() method"); + } + + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) + throws IOException, ServletException { + logger.warn("doFilter() method"); + + ServletRequestWrapper request = new ServletRequestWrapper((HttpServletRequest) servletRequest); + HttpServletResponse response = (HttpServletResponse) servletResponse; + + // get credentials + String username = (String) request.getAttribute(AuthenticationUtils.USERNAME); + String password = (String) request.getAttribute(AuthenticationUtils.PASSWORD); + + if (StringUtils.hasText(username) && StringUtils.hasText(password)){ + // set authorization header + String token = username + ":" + password; + String basic_authentication = AuthenticationUtils.BASIC + AuthenticationUtils.WHITESPACE + + Base64.getEncoder().encodeToString(token.getBytes()); + + request.addHeader(AuthenticationUtils.AUTHORIZATION, basic_authentication); + logger.warn("Added authorization header : " + request.getHeader(AuthenticationUtils.AUTHORIZATION)); + + request.addParameter(AuthenticationUtils.USERNAME, username); + request.addParameter(AuthenticationUtils.PASSWORD, password); + logger.warn("Added parameters in the request : " + username +"/" + password); + } + + filterChain.doFilter(request, response); + } + + @Override + public void destroy() { + logger.warn("destroy() method"); + } + +} diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java new file mode 100644 index 0000000..4a89df9 --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java @@ -0,0 +1,80 @@ +package org.gcube.data.access.connector; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; + +public class ServletRequestWrapper extends HttpServletRequestWrapper { + + private Map headerMap; + private Map paramsMap; + + public ServletRequestWrapper(HttpServletRequest request) { + super(request); + headerMap = new HashMap(); + paramsMap = new HashMap(); + } + + public void addHeader(String name, String value) { + headerMap.put(name, new String(value)); + } + + public Enumeration getHeaderNames() { + HttpServletRequest request = (HttpServletRequest) getRequest(); + List list = new ArrayList(); + for (Enumeration e = request.getHeaderNames(); e.hasMoreElements();) { + String header = e.nextElement().toString(); + list.add(header); + } + + for (Iterator i = headerMap.keySet().iterator(); i.hasNext();) { + list.add(i.next()); + } + return Collections.enumeration(list); + } + + public String getHeader(String name) { + Object value; + if ((value = headerMap.get("" + name)) != null) { + return value.toString(); + } else { + return ((HttpServletRequest) getRequest()).getHeader(name); + } + } + + @Override + public Enumeration getHeaders(String name) { + Enumeration e = super.getHeaders(name); + if (e != null && e.hasMoreElements()) { + return e; + } else { + List l = new ArrayList(); + if (headerMap.get(name) != null) { + l.add(headerMap.get(name)); + } + return Collections.enumeration(l); + } + } + + + public void addParameter(String name, String value) { + paramsMap.put(name, value); + } + + public String getParameter(String name) { + // if we added one, return that one + if (paramsMap.get(name) != null) { + return paramsMap.get(name); + } + // otherwise return what's in the original request + HttpServletRequest req = (HttpServletRequest) super.getRequest(); + return req.getParameter(name); + } +} \ No newline at end of file diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/GCubeRestClient.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/GCubeRestClient.java new file mode 100644 index 0000000..86be178 --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/GCubeRestClient.java @@ -0,0 +1,31 @@ +package org.gcube.data.access.connector.rest; + +import org.gcube.data.access.connector.rest.entity.AccessibleCredentialsEntity; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.web.client.RestTemplate; + +import net.sf.json.JSONObject; + +public class GCubeRestClient { + + private Logger logger = LoggerFactory.getLogger(this.getClass()); + + public AccessibleCredentialsEntity getAccessibleCredentials(String url) { + + logger.warn("REST call to URL: " + url); + RestTemplate restTemplate = new RestTemplate(); + + try { + String response = restTemplate.getForObject(url, String.class); + logger.warn("JSON response: \n" + response); + + JSONObject jsonObject = JSONObject.fromObject(response); + return (AccessibleCredentialsEntity) JSONObject.toBean(jsonObject, AccessibleCredentialsEntity.class); + } catch (Exception e) { + logger.error("Error in getAccessibleCredentials() method: " + e.getMessage()); + return new AccessibleCredentialsEntity(); + } + } + +} diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/entity/AccessibleCredentialsEntity.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/entity/AccessibleCredentialsEntity.java new file mode 100644 index 0000000..c9f309d --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/rest/entity/AccessibleCredentialsEntity.java @@ -0,0 +1,47 @@ +package org.gcube.data.access.connector.rest.entity; + +/** + accessibleCredentials +{ + "username" : "admin", + "password" : "gcube@geo2010", + "accessType" : "ADMIN" +} + */ + +public class AccessibleCredentialsEntity { + + private String username; + private String password; + private String accessType; + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + public String getAccessType() { + return accessType; + } + + public void setAccessType(String accessType) { + this.accessType = accessType; + } + + @Override + public String toString() { + return "Credentials [username=" + username + ", accessType=" + accessType + "]"; + } + +} diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/AuthenticationUtils.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/AuthenticationUtils.java new file mode 100644 index 0000000..48db82c --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/AuthenticationUtils.java @@ -0,0 +1,24 @@ +package org.gcube.data.access.connector.utils; + +public class AuthenticationUtils { + + public final static String AUTHORIZATION = "Authorization"; + public final static String BASIC = "Basic"; + public final static String WHITESPACE = " "; + + public final static String USERNAME = "username"; + public final static String PASSWORD = "password"; + + public final static String GCUBE_QUERY_STRING = "gcube-token"; + + public final static String SDI = "SDI"; + public final static String SDI_SERVICE = "sdi-service"; + public final static String READY = "ready"; + + //cache parameters + public final static String TOKEN_CACHE = "token"; + public final static int MAX_ITEMS_CACHE = 5; //max items in the cache object (LRUMap removes the least recently used entry if an entry is added when full) + public final static int TIME_TO_LIVE = 100; //in seconds + public final static int TIMER_INTERVAL = 100; //in seconds + +} diff --git a/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/GCubeCache.java b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/GCubeCache.java new file mode 100644 index 0000000..46c8dcb --- /dev/null +++ b/gcube-geoserver-connector/src/main/java/org/gcube/data/access/connector/utils/GCubeCache.java @@ -0,0 +1,108 @@ +package org.gcube.data.access.connector.utils; + +import java.util.ArrayList; +import org.apache.commons.collections.MapIterator; +import org.apache.commons.collections.map.LRUMap; + +public class GCubeCache { + + private long timeToLive; + private LRUMap cacheMap; + + protected class CacheObject { + public long lastAccessed = System.currentTimeMillis(); + public T value; + + protected CacheObject(T value) { + this.value = value; + } + } + + public GCubeCache(long timeToLive, final long timerInterval, int maxItems) { + this.timeToLive = timeToLive * 1000; + + cacheMap = new LRUMap(maxItems); + + if (timeToLive > 0 && timerInterval > 0) { + + Thread t = new Thread(new Runnable() { + public void run() { + while (true) { + try { + Thread.sleep(timerInterval * 1000); + } catch (InterruptedException ex) { + } + cleanup(); + } + } + }); + + t.setDaemon(true); + t.start(); + } + } + + public void put(K key, T value) { + synchronized (cacheMap) { + cacheMap.put(key, new CacheObject(value)); + } + } + + @SuppressWarnings("unchecked") + public T get(K key) { + synchronized (cacheMap) { + CacheObject c = (CacheObject) cacheMap.get(key); + + if (c == null) + return null; + else { + c.lastAccessed = System.currentTimeMillis(); + return c.value; + } + } + } + + public void remove(K key) { + synchronized (cacheMap) { + cacheMap.remove(key); + } + } + + public int size() { + synchronized (cacheMap) { + return cacheMap.size(); + } + } + + @SuppressWarnings("unchecked") + public void cleanup() { + + long now = System.currentTimeMillis(); + ArrayList deleteKey = null; + + synchronized (cacheMap) { + MapIterator itr = cacheMap.mapIterator(); + + deleteKey = new ArrayList((cacheMap.size() / 2) + 1); + K key = null; + CacheObject c = null; + + while (itr.hasNext()) { + key = (K) itr.next(); + c = (CacheObject) itr.getValue(); + + if (c != null && (now > (timeToLive + c.lastAccessed))) { + deleteKey.add(key); + } + } + } + + for (K key : deleteKey) { + synchronized (cacheMap) { + cacheMap.remove(key); + } + + Thread.yield(); + } + } +} diff --git a/pom.xml b/pom.xml index bd56269..a3558e7 100644 --- a/pom.xml +++ b/pom.xml @@ -28,6 +28,10 @@ + + + gcube-geoserver-connector + sdi-generic-client gcube-geonetwork-client diff --git a/sdi-library/src/test/java/org/gcube/spatial/data/sdi/SDITests.java b/sdi-library/src/test/java/org/gcube/spatial/data/sdi/SDITests.java index b16b43b..9fb3771 100644 --- a/sdi-library/src/test/java/org/gcube/spatial/data/sdi/SDITests.java +++ b/sdi-library/src/test/java/org/gcube/spatial/data/sdi/SDITests.java @@ -1,5 +1,8 @@ package org.gcube.spatial.data.sdi; +import java.net.MalformedURLException; +import java.net.URL; + import org.gcube.spatial.data.sdi.interfaces.SDIManagement; import org.gcube.spatial.data.sdi.model.faults.RemoteException; import org.gcube.spatial.data.sdi.plugins.SDIAbstractPlugin; @@ -8,16 +11,16 @@ import org.junit.Test; public class SDITests extends BasicScopedTests{ @Test - public void getScopeConfiguration() throws RemoteException { - SDIManagement sdi=SDIAbstractPlugin.management().build(); + public void getScopeConfiguration() throws RemoteException, IllegalArgumentException, MalformedURLException { + SDIManagement sdi=SDIAbstractPlugin.management().at(new URL("https://sdi-d-d4s.d4science.org/")).build(); System.out.println(sdi.getConfiguration()); } - @Test - public void getScopeHealth() throws RemoteException { - SDIManagement sdi=SDIAbstractPlugin.management().build(); - System.out.println(sdi.getReport()); - } +// @Test +// public void getScopeHealth() throws RemoteException { +// SDIManagement sdi=SDIAbstractPlugin.management().build(); +// System.out.println(sdi.getReport()); +// } }