gCubeSystem
/
gcube-secrets
16
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

is application added to Owner

This commit is contained in:
lucio 2024-04-02 09:05:42 +02:00
parent f17613b4b4
commit 85637986d6
4 changed files with 18 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pom.xml
View File

@ -8,8 +8,10 @@
<name>gcube secrets</name>
<scm>
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/gcube-secrets</connection>
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/gcube-secrets</developerConnection>
<connection>
scm:git:https://code-repo.d4science.org/gCubeSystem/gcube-secrets</connection>
<developerConnection>
scm:git:https://code-repo.d4science.org/gCubeSystem/gcube-secrets</developerConnection>
<url>https://code-repo.d4science.org/gCubeSystem/gcube-secrets</url>
</scm>
@ -29,7 +31,7 @@
<dependency>
<groupId>org.gcube.distribution</groupId>
<artifactId>gcube-bom</artifactId>
<version>3.0.0</version>
<version>3.0.1-SNAPSHOT</version>
<type>pom</type>
<scope>import</scope>
</dependency>

5
src/main/java/org/gcube/common/security/secrets/GCubeJWTObject.java
View File

@ -51,6 +51,7 @@ public class GCubeJWTObject {
@JsonProperty("email")
private String email;
public List<String> getRoles(){
return contextAccess.get(this.context) == null ? MINIMAL_ROLES : contextAccess.get(this.context).roles;
}
@ -70,6 +71,10 @@ public class GCubeJWTObject {
return contactOrganisation != null && contactOrganisation.equals(INTERNAL_CLIENT_ORGANISATION_NAME);
}
public boolean isApplication() {
return clientId != null;
}
public String getFirstName() {
return firstName;
}

7
src/main/java/org/gcube/common/security/secrets/GCubeSecret.java
View File

@ -23,16 +23,17 @@ public class GCubeSecret extends Secret {
public GCubeSecret(String gcubeToken) {
if( gcubeToken == null || gcubeToken.isEmpty())
throw new RuntimeException("Invalid token: is null or empty");
throw new IllegalArgumentException("Invalid token: is null or empty");
if(!Pattern.matches(GCUBE_TOKEN_REGEX, gcubeToken))
throw new RuntimeException("Invalid token: the gCube token must comply with the regex " + GCUBE_TOKEN_REGEX);
throw new IllegalArgumentException("Invalid token: the gCube token must comply with the regex " + GCUBE_TOKEN_REGEX);
this.gcubeToken = gcubeToken;
}
private void init() throws Exception{
AuthorizationEntry authorizationEntry = Constants.authorizationService().get(gcubeToken);
this.owner = new Owner(authorizationEntry.getClientInfo().getId(),
authorizationEntry.getClientInfo().getRoles(), authorizationEntry.getClientInfo().getType()!=ClientType.USER);
authorizationEntry.getClientInfo().getRoles(), authorizationEntry.getClientInfo().getType()==ClientType.EXTERNALSERVICE,
authorizationEntry.getClientInfo().getType()==ClientType.SERVICE);
this.context = authorizationEntry.getContext();
}

6
src/main/java/org/gcube/common/security/secrets/UmaTokenSecret.java
View File

@ -68,14 +68,16 @@ public class UmaTokenSecret extends Secret {
String decodedAccessPart = new String(Base64.getDecoder().decode(realAccessTokenEncoded.getBytes()));
ObjectMapper objectMapper = new ObjectMapper();
this.accessToken = objectMapper.readValue(decodedAccessPart, AccessToken.class);
GCubeJWTObject obj = objectMapper.readValue(decodedAccessPart, GCubeJWTObject.class);
owner = new Owner(obj.getUsername(), obj.getRoles(), obj.getEmail(), obj.getFirstName(), obj.getLastName(), obj.isExternalService());
owner = new Owner(obj.getUsername(), obj.getRoles(), obj.getEmail(), obj.getFirstName(), obj.getLastName(), obj.isExternalService(), obj.isApplication());
owner.setClientName(obj.getClientName());
owner.setContactOrganisation(obj.getContactOrganisation());
owner.setClientName(obj.getClientName());
context = obj.getContext();
this.accessToken = objectMapper.readValue(decodedAccessPart, AccessToken.class);
initialised = true;
} catch (Exception e) {