From 85230de9bbabc62a32c1e69c13256f60125be00e Mon Sep 17 00:00:00 2001 From: "francesco.mangiacrapa" Date: Thu, 23 Sep 2021 18:18:02 +0200 Subject: [PATCH] #22042 Implemented the public access --- CHANGELOG.md | 1 + pom.xml | 5 + .../ApplicationProfileNotFoundException.java | 40 ++--- .../server/ConcessioniMongoService.java | 49 ------ .../server/ConcessioniMongoService2.java | 163 ++++++++++++++++++ .../GeoportalDataViewerServiceImpl.java | 43 +++-- .../geoportaldataviewer/server/TestModel.java | 124 ------------- .../ConcessioneImageUtil.java | 6 +- .../mongoservice/ConcessioniMongoService.java | 66 +++++++ .../ConcessioniMongoServiceIdentityProxy.java | 77 +++++++++ .../IAMClientCredentialsReader.java | 82 +++++++++ .../accessidentities/GcubeIdentity.java | 28 +++ .../IAMClientCredentials.java | 91 ++++++++++ .../accessidentities/IAMClientIdentity.java | 83 +++++++++ .../accessidentities/UserIdentity.java | 28 +++ .../accesspolicy/GeoNACheckAccessPolicy.java} | 8 +- .../server/util/SessionUtil.java | 40 ++++- .../ConcessioneReader.java | 60 +++++++ .../geoportaldataviewer/GetConcessione.java | 67 ------- .../user/geoportaldataviewer/IAMClient.java | 40 +++++ .../{TestShortener.java => Shortener.java} | 10 +- 21 files changed, 818 insertions(+), 293 deletions(-) delete mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService2.java delete mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/TestModel.java rename src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/{ => mongoservice}/ConcessioneImageUtil.java (91%) create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoService.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoServiceIdentityProxy.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/IAMClientCredentialsReader.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/GcubeIdentity.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientCredentials.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientIdentity.java create mode 100644 src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/UserIdentity.java rename src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/{util/CheckAccessPolicyUtil.java => mongoservice/accesspolicy/GeoNACheckAccessPolicy.java} (87%) create mode 100644 src/test/java/org/gcube/portlets/user/geoportaldataviewer/ConcessioneReader.java delete mode 100644 src/test/java/org/gcube/portlets/user/geoportaldataviewer/GetConcessione.java create mode 100644 src/test/java/org/gcube/portlets/user/geoportaldataviewer/IAMClient.java rename src/test/java/org/gcube/portlets/user/geoportaldataviewer/{TestShortener.java => Shortener.java} (84%) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1c56088..f35f630 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,6 +12,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm [#20595] Porting and using the model view provided by geoportal-common [#21946] Show layers of a concessione automatically on map according to zoom level [#21976] Access policies checked on server-side +[#22042] Implemented the public access ## [v1.2.0-SNAPSHOT] - 2021-07-19 diff --git a/pom.xml b/pom.xml index bea5067..bc610d1 100644 --- a/pom.xml +++ b/pom.xml @@ -179,6 +179,11 @@ + + org.gcube.common + keycloak-client + [1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT) + com.liferay.portal portal-service diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ApplicationProfileNotFoundException.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ApplicationProfileNotFoundException.java index 436675c..b21b33d 100644 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ApplicationProfileNotFoundException.java +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ApplicationProfileNotFoundException.java @@ -1,20 +1,20 @@ -package org.gcube.portlets.user.geoportaldataviewer.server; - -/** - * The Class ApplicationProfileException. - * - * @author Francesco Mangiacrapa francesco.mangiacrapa{@literal @}isti.cnr.it - * Sep 6, 2016 - */ -@SuppressWarnings("serial") -public class ApplicationProfileNotFoundException extends Exception { - - /** - * Instantiates a new application profile exception. - * - * @param message the message - */ - public ApplicationProfileNotFoundException(String message) { - super(message); - } -} \ No newline at end of file +//package org.gcube.portlets.user.geoportaldataviewer.server; +// +///** +// * The Class ApplicationProfileException. +// * +// * @author Francesco Mangiacrapa francesco.mangiacrapa{@literal @}isti.cnr.it +// * Sep 6, 2016 +// */ +//@SuppressWarnings("serial") +//public class ApplicationProfileNotFoundException extends Exception { +// +// /** +// * Instantiates a new application profile exception. +// * +// * @param message the message +// */ +// public ApplicationProfileNotFoundException(String message) { +// super(message); +// } +//} \ No newline at end of file diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService.java deleted file mode 100644 index c3317db..0000000 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService.java +++ /dev/null @@ -1,49 +0,0 @@ -package org.gcube.portlets.user.geoportaldataviewer.server; - -import static org.gcube.application.geoportal.client.GeoportalAbstractPlugin.statefulMongoConcessioni; - -import javax.servlet.http.HttpServletRequest; - -import org.gcube.application.geoportal.client.legacy.ConcessioniManagerI; -import org.gcube.application.geoportal.common.model.legacy.Concessione; -import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; - - -/** - * The Class ConcessioniMongoService. - * - * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it - * - * Sep 9, 2021 - */ -public class ConcessioniMongoService { - - - /** - * Instantiates a new concessioni mongo service, interface for client statefulMongoConcessioni. - */ - public ConcessioniMongoService() { - } - - - /** - * Gets the item by id. - * - * @param request the request - * @param mongoItemId the mongo item id - * @return the item by id - * @throws Exception the exception - */ - Concessione getItemById(HttpServletRequest request, String mongoItemId) throws Exception{ - SessionUtil.getCurrentContext(request, true); - SessionUtil.getCurrentToken(request, true); - //Obtain the client - ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); - //Returning item by Id - return concessioniManager.getById(mongoItemId); - } - - - - -} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService2.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService2.java new file mode 100644 index 0000000..729a247 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioniMongoService2.java @@ -0,0 +1,163 @@ +//package org.gcube.portlets.user.geoportaldataviewer.server; +// +//import static org.gcube.application.geoportal.client.GeoportalAbstractPlugin.statefulMongoConcessioni; +// +//import javax.servlet.http.HttpServletRequest; +// +//import org.gcube.application.geoportal.client.legacy.ConcessioniManagerI; +//import org.gcube.application.geoportal.common.model.legacy.Concessione; +//import org.gcube.common.authorization.library.provider.AccessTokenProvider; +//import org.gcube.common.keycloak.KeycloakClientFactory; +//import org.gcube.common.keycloak.model.TokenResponse; +//import org.gcube.common.scope.api.ScopeProvider; +//import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; +//import org.slf4j.Logger; +//import org.slf4j.LoggerFactory; +// +// +///** +// * The Class ConcessioniMongoServiceIdentityProxy. +// * +// * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it +// * +// * Sep 23, 2021 +// */ +//public class ConcessioniMongoService2 { +// +// private static final Logger LOG = LoggerFactory.getLogger(ConcessioniMongoService2.class); +// +// /** +// * Instantiates a new concessioni mongo service, interface for client +// * statefulMongoConcessioni. +// */ +// public ConcessioniMongoService2() { +// } +// +// /** +// * Gets the item by id. +// * +// * @param request the request +// * @param mongoItemId the mongo item id +// * @return the item by id +// * @throws Exception the exception +// */ +// public Concessione getItemById(HttpServletRequest request, String mongoItemId) throws Exception { +// LOG.info("called getItemById: " + mongoItemId); +// SessionUtil.getCurrentContext(request, true); +// SessionUtil.getCurrentToken(request, true); +// // Obtain the client +// ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); +// // Returning item by Id +// return concessioniManager.getById(mongoItemId); +// } +// +// /** +// * Gets the item by id. +// * +// * @param request the request +// * @param mongoItemId the mongo item id +// * @return the item by id +// * @throws Exception the exception +// */ +// public Concessione getItemById(String mongoItemId) throws Exception { +// LOG.info("called getItemById: " + mongoItemId); +// ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); +// // Returning item by Id +// return concessioniManager.getById(mongoItemId); +// } +// +// /** +// * Iam client get item by. +// * +// * @param scope the scope +// * @param mongoItemId the mongo item id +// * @param clientId the client id +// * @param clientSecret the secret +// * @return the concessione +// * @throws Exception the exception +// */ +// public Concessione iamClientGetItemBy(String scope, String mongoItemId, String clientId, String clientSecret) +// throws Exception { +// LOG.info("called IAM Client getItemById: " + mongoItemId); +// +// ScopeProvider.instance.set(scope); +// +// if (clientId == null) { +// throw new Exception("Invalid parameter 'clientId'"); +// } +// +// if (clientSecret == null) { +// throw new Exception("Invalid parameter 'secret'"); +// } +// +// String umaAcessToken = null; +// try { +// +// LOG.info("Querying KeycloakClientFactory to get UMA token.."); +// TokenResponse tr = KeycloakClientFactory.newInstance().queryUMAToken(clientId, clientSecret, scope, null); +// umaAcessToken = tr.getAccessToken(); +// if (umaAcessToken != null && !umaAcessToken.isEmpty()) { +// LOG.info("UMA Access Token read correctly"); +// } else { +// LOG.error("UMA Access Token NOT RETRIEVED!!!"); +// throw new Exception("UMA Access Token is null or empty"); +// } +// } catch (Exception e2) { +// throw new Exception("Error occurred on reading UMA access token:", e2); +// } +// +// String previousUMAToken = null; +// try { +// +// try { +// // Here the previousUMAToken should be null +// previousUMAToken = AccessTokenProvider.instance.get(); +// } catch (Exception e) { +// // catching excpetion to be sure +// // silent +// } +// +// LOG.debug("JWT token: " + umaAcessToken.substring(0, 20) + "_MASKED_TOKEN_"); +// LOG.info("Setting clientId '" + clientId + "' identity by JWT token in the " +// + AccessTokenProvider.class.getSimpleName()); +// AccessTokenProvider.instance.set(umaAcessToken); +// ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); +// // Returning item by Id +// return concessioniManager.getById(mongoItemId); +// +// } catch (Exception e) { +// LOG.error(e.getMessage(), e); +// throw new Exception(e.getMessage()); +// } finally { +// try { +// AccessTokenProvider.instance.set(previousUMAToken); +// LOG.info("Done reset to prevoius UMA token into " + AccessTokenProvider.class.getSimpleName()); +// } catch (Exception e) { +// } +// } +// } +// +// /** +// * To concessione. +// * +// * @param jsonString the json string +// * @return the concessione +// */ +// public Concessione toConcessione(String jsonString) { +// LOG.info("toConcessione called"); +// try { +// return org.gcube.application.geoportal.client.utils.Serialization.read(jsonString, Concessione.class); +// } catch (Exception e) { +// LOG.warn("Error on serializing: ", e); +// return null; +// } +// } +// +// /* +// * For testing public Concessione iamClientGetItemBy(HttpServletRequest request, +// * String mongoItemId, String clientId, String secret) throws Exception { String +// * scope = SessionUtil.getCurrentContext(request, true); return +// * iamClientGetItemBy(scope, mongoItemId, clientId, secret); } +// */ +// +//} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/GeoportalDataViewerServiceImpl.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/GeoportalDataViewerServiceImpl.java index e945088..501ac19 100644 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/GeoportalDataViewerServiceImpl.java +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/GeoportalDataViewerServiceImpl.java @@ -26,7 +26,9 @@ import org.gcube.application.geoportalcommon.util.URLParserUtil; import org.gcube.portlets.user.geoportaldataviewer.client.GeoportalDataViewerService; import org.gcube.portlets.user.geoportaldataviewer.server.gis.FeatureParser; import org.gcube.portlets.user.geoportaldataviewer.server.gis.WMSUrlValidator; -import org.gcube.portlets.user.geoportaldataviewer.server.util.CheckAccessPolicyUtil; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.ConcessioneImageUtil; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.ConcessioniMongoServiceIdentityProxy; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accesspolicy.GeoNACheckAccessPolicy; import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; import org.gcube.portlets.user.geoportaldataviewer.shared.GeoNaSpatialQueryResult; import org.gcube.portlets.user.geoportaldataviewer.shared.gis.LayerObject; @@ -142,8 +144,8 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme maxWFSFeature); LOG.debug("For layer name: " + layerObject.getLayerItem().getName() + " got features: " + features); geoDAO.setFeatures(features); - - //Getting the concessioneId from WFS features + + // Getting the concessioneId from WFS features for (FeatureRow fRow : features) { if (fRow.getMapProperties() != null) { List concessioneIds = fRow.getMapProperties().get("product_id"); @@ -216,15 +218,16 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme String userName = null; try { userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername(); - }catch (Exception e) { + } catch (Exception e) { LOG.info("User not found in session, the userName for cecking policy will be null"); } if (itemType.equalsIgnoreCase("concessione")) { LOG.info("Trying to get concessione for id " + itemId); - ConcessioniMongoService cms = new ConcessioniMongoService(); - Concessione concessione = cms.getItemById(this.getThreadLocalRequest(), itemId); + ConcessioniMongoServiceIdentityProxy cms = new ConcessioniMongoServiceIdentityProxy( + this.getThreadLocalRequest()); + Concessione concessione = cms.getItemById(itemId); BaseConcessioneDV baseConcessione = ConvertToDataViewModel.toBaseConcessione(concessione); if (concessione != null) { @@ -233,7 +236,7 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme if (concessione.getPianteFineScavo() != null) { for (LayerConcessione lc : concessione.getPianteFineScavo()) { - if (CheckAccessPolicyUtil.isAccessible(lc.getPolicy().name(), userName)) { + if (GeoNACheckAccessPolicy.isAccessible(lc.getPolicy().name(), userName)) { listLayers.add(ConvertToDataViewModel.toLayerConcessione(lc, baseConcessione)); } } @@ -242,7 +245,7 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme if (lcPosizionamento != null) { - if (CheckAccessPolicyUtil.isAccessible(lcPosizionamento.getPolicy().name(), userName)) { + if (GeoNACheckAccessPolicy.isAccessible(lcPosizionamento.getPolicy().name(), userName)) { LayerConcessioneDV thePosizScavo = ConvertToDataViewModel .toLayerConcessione(lcPosizionamento, baseConcessione); @@ -286,8 +289,9 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme try { LOG.info("Trying to get record for id " + mongoId); - ConcessioniMongoService cms = new ConcessioniMongoService(); - Concessione concessione = cms.getItemById(this.getThreadLocalRequest(), mongoId); + ConcessioniMongoServiceIdentityProxy cms = new ConcessioniMongoServiceIdentityProxy( + this.getThreadLocalRequest()); + Concessione concessione = cms.getItemById(mongoId); LOG.info("Got concessione for mongoId: " + mongoId); if (concessione != null) { @@ -297,11 +301,12 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme try { userName = SessionUtil.getCurrentUser(this.getThreadLocalRequest()).getUsername(); - }catch (Exception e) { + } catch (Exception e) { LOG.info("User not found in session, so going to apply the acess policies"); } - // TODO THIS IS A WORKAROUND WAITING FOR ADOPTING OF USER ROLES. AT THE MOMENT, A USER AUTHENTICATED CAN ACCESS EVERYTHING + // TODO THIS IS A WORKAROUND WAITING FOR ADOPTING OF USER ROLES. AT THE MOMENT, + // A USER AUTHENTICATED CAN ACCESS EVERYTHING // I CAN CHECK THE ACCCESS POLICIES IF AND ONLY IF THE USER IS NOT LOGGED IN. if (userName == null) { @@ -309,9 +314,9 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme LOG.info("Applying access policies for concessione " + mongoId + " returned by service"); LayerConcessioneDV layerPosizionamento = concessionDV.getPosizionamentoScavo(); if (layerPosizionamento != null) { - if (!CheckAccessPolicyUtil.isAccessible(layerPosizionamento.getPolicy(), userName)) { + if (!GeoNACheckAccessPolicy.isAccessible(layerPosizionamento.getPolicy(), userName)) { concessionDV.setPosizionamentoScavo(null); - }else { + } else { LOG.info("Posizionamento di Scavo is not accessible by current user"); } } @@ -320,7 +325,7 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme if (listLayersDV != null) { List accessibleListLayersDV = new ArrayList(); for (LayerConcessioneDV layerDV : listLayersDV) { - if (CheckAccessPolicyUtil.isAccessible(layerDV.getPolicy(), userName)) { + if (GeoNACheckAccessPolicy.isAccessible(layerDV.getPolicy(), userName)) { accessibleListLayersDV.add(layerDV); } } @@ -329,14 +334,14 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme AbstractRelazioneScavoDV abstractRS = concessionDV.getAbstractRelazioneScavo(); if (abstractRS != null) { - if (!CheckAccessPolicyUtil.isAccessible(abstractRS.getPolicy(), userName)) { + if (!GeoNACheckAccessPolicy.isAccessible(abstractRS.getPolicy(), userName)) { concessionDV.setAbstractRelazioneScavo(null); } } RelazioneScavoDV relazioneScavo = concessionDV.getRelazioneScavo(); if (relazioneScavo != null) { - if (!CheckAccessPolicyUtil.isAccessible(relazioneScavo.getPolicy(), userName)) { + if (!GeoNACheckAccessPolicy.isAccessible(relazioneScavo.getPolicy(), userName)) { concessionDV.setRelazioneScavo(null); } } @@ -348,7 +353,7 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme // SHOWING ACESSIBLE IMAGES for (UploadedImageDV uploadedImageDV : immagini) { - if (CheckAccessPolicyUtil.isAccessible(uploadedImageDV.getPolicy(), userName)) { + if (GeoNACheckAccessPolicy.isAccessible(uploadedImageDV.getPolicy(), userName)) { accessibleListImages.add(uploadedImageDV); } @@ -495,7 +500,7 @@ public class GeoportalDataViewerServiceImpl extends RemoteServiceServlet impleme SessionUtil.getCurrentContext(this.getThreadLocalRequest(), true); GeoportalCommon gc = new GeoportalCommon(); - return gc.getPublicLinksFor(item,true); + return gc.getPublicLinksFor(item, true); } catch (Exception e) { LOG.error("Error on getPublicLinksFor for: " + item, e); diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/TestModel.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/TestModel.java deleted file mode 100644 index eedffc7..0000000 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/TestModel.java +++ /dev/null @@ -1,124 +0,0 @@ -//package org.gcube.portlets.user.geoportaldataviewer.server; -// -//import java.time.LocalDateTime; -//import java.util.ArrayList; -//import java.util.Arrays; -//import java.util.List; -// -//import org.gcube.application.geoportal.common.model.legacy.AccessPolicy; -//import org.gcube.application.geoportal.common.model.legacy.BBOX; -//import org.gcube.application.geoportal.common.model.legacy.Concessione; -//import org.gcube.application.geoportal.common.model.legacy.LayerConcessione; -//import org.gcube.application.geoportal.common.model.legacy.PersistedContent; -//import org.gcube.application.geoportal.common.model.legacy.RelazioneScavo; -//import org.gcube.application.geoportal.common.model.legacy.UploadedImage; -//import org.gcube.application.geoportal.common.model.legacy.WorkspaceContent; -// -// -//public class TestModel { -// -// public static Concessione prepareEmptyConcessione() { -// Concessione concessione = new Concessione(); -// -// // Generic fields -// -// // Concessione fields -// -// concessione.setNome("Italia, forse"); -// concessione.setIntroduzione("This is my project"); -// concessione.setDescrizioneContenuto("It contains this and that"); -// -// concessione.setAuthors(Arrays.asList(new String[] { "Some one", "Some, oneelse" })); -// -// concessione.setContributore("Contrib 1"); -// concessione.setTitolari(Arrays.asList(new String[] { "Some one", "Some, oneelse" })); -// concessione.setResponsabile("Someone"); -// concessione.setEditore("Editore"); -// -// concessione.setFontiFinanziamento(Arrays.asList(new String[] { "Big pharma", "Pentagon" })); -// -// concessione.setSoggetto(Arrays.asList(new String[] { "Research Excavation", "Archeology" })); -// -// concessione -// .setRisorseCorrelate(Arrays.asList(new String[] { "https://google.com", "https://www.repubblica.it" })); -// -// concessione.setDataInizioProgetto(LocalDateTime.now()); -// concessione.setDataFineProgetto(LocalDateTime.now()); -// -// concessione.setLicenzaID("CC-BY"); -// -// concessione.setTitolareLicenza("Qualcun altro"); -// concessione.setTitolareCopyright("Chiedilo in giro"); -// -// concessione.setParoleChiaveLibere(Arrays.asList(new String[] { "Robba", "Stuff" })); -// concessione.setParoleChiaveICCD(Arrays.asList(new String[] { "vattelapesca", "somthing something" })); -// -// concessione.setLastUpdateTime(LocalDateTime.now()); -// concessione.setCreationTime(LocalDateTime.now()); -// concessione.setLastUpdateUser("fake user"); -// -// concessione.setCentroidLat(43.0); // N-S -// concessione.setCentroidLong(9.0); // E-W -// -// return concessione; -// } -// -// public static Concessione prepareConcessione() { -// -// Concessione concessione = prepareEmptyConcessione(); -// -// // Attachments -// -// // Relazione scavo -// RelazioneScavo relScavo = new RelazioneScavo(); -// -// relScavo.setAbstractSection("simple abstract section"); -// relScavo.setResponsabili(concessione.getAuthors()); -// -// concessione.setRelazioneScavo(relScavo); -// // Immagini rappresentative -// ArrayList imgs = new ArrayList<>(); -// for (int i = 0; i < 5; i++) { -// UploadedImage img = new UploadedImage(); -// img.setTitolo("My image number " + i); -// img.setDidascalia("You can see my image number " + i); -// img.setFormat("TIFF"); -// img.setCreationTime(LocalDateTime.now()); -// img.setResponsabili(concessione.getAuthors()); -// List actualContentList = new ArrayList(1); -// WorkspaceContent ws = new WorkspaceContent(); -// ws.setLink("https://data.dev.d4science.org/shub/E_azRkaVhqTFExMzZvTG9pY0hwSFJNV2tVTHBEMGEycFVsQitvWjZvb29WZjkwRU84b1hXQnp0QjRuSGhrODJqQg=="); -// actualContentList.add(ws); -// img.setActualContent(actualContentList); -// imgs.add(img); -// } -// concessione.setImmaginiRappresentative(imgs); -// // Posizionamento -// LayerConcessione posizionamento = new LayerConcessione(); -// posizionamento.setValutazioneQualita("Secondo me si"); -// posizionamento.setMetodoRaccoltaDati("Fattobbene"); -// posizionamento.setScalaAcquisizione("1:10000"); -// posizionamento.setAuthors(concessione.getAuthors()); -// concessione.setPosizionamentoScavo(posizionamento); -// -// // Piante fine scavo -// ArrayList piante = new ArrayList(); -// for (int i = 0; i < 4; i++) { -// LayerConcessione pianta = new LayerConcessione(); -// pianta.setValutazioneQualita("Secondo me si"); -// pianta.setMetodoRaccoltaDati("Fattobbene"); -// pianta.setScalaAcquisizione("1:10000"); -// pianta.setAuthors(concessione.getAuthors()); -// pianta.setPolicy(AccessPolicy.RESTRICTED); -// pianta.setLayerName("gna_conc_12:pos"); -// pianta.setWmsLink( -// "https://geoserver1.dev.d4science.org/geoserver/gna_conc_12/wms?service=WMS&version=1.1.0&request=GetMap&layers=gna_conc_12:pos&styles=&bbox=8.62091913167495,40.62975046683799,8.621178639172953,40.630257904721645&width=392&height=768&srs=EPSG:4326&format=application/openlayers#toggle"); -// -// pianta.setBbox(new BBOX(40.630257904721645,8.621178639172953,40.62975046683799,8.62091913167495)); -// piante.add(pianta); -// } -// concessione.setPianteFineScavo(piante); -// -// return concessione; -// } -//} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioneImageUtil.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioneImageUtil.java similarity index 91% rename from src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioneImageUtil.java rename to src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioneImageUtil.java index 6e52f6a..5309815 100644 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/ConcessioneImageUtil.java +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioneImageUtil.java @@ -1,4 +1,4 @@ -package org.gcube.portlets.user.geoportaldataviewer.server; +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice; import java.util.ArrayList; import java.util.List; @@ -50,8 +50,8 @@ public class ConcessioneImageUtil { if (itemType.equalsIgnoreCase("concessione")) { LOG.info("Trying to get concessione for id " + itemId); - ConcessioniMongoService cms = new ConcessioniMongoService(); - Concessione concessione = cms.getItemById(httpServletRequest, itemId); + ConcessioniMongoServiceIdentityProxy cms = new ConcessioniMongoServiceIdentityProxy(httpServletRequest); + Concessione concessione = cms.getItemById(itemId); if (concessione != null) { LOG.info("For id " + itemId + ", got concessione " + concessione.getNome() + " from service"); List images = concessione.getImmaginiRappresentative(); diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoService.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoService.java new file mode 100644 index 0000000..2d1dc18 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoService.java @@ -0,0 +1,66 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice; + +import static org.gcube.application.geoportal.client.GeoportalAbstractPlugin.statefulMongoConcessioni; + +import org.gcube.application.geoportal.client.legacy.ConcessioniManagerI; +import org.gcube.application.geoportal.common.model.legacy.Concessione; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class ConcessioniMongoService. + * + * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it + * + * Sep 23, 2021 + */ +public class ConcessioniMongoService { + + private static final Logger LOG = LoggerFactory.getLogger(ConcessioniMongoService.class); + + /** + * Instantiates a new concessioni mongo service. + */ + protected ConcessioniMongoService() { + } + + /** + * Gets the item by id. + * + * @param mongoItemId the mongo item id + * @return the item by id + * @throws Exception the exception + */ + protected Concessione getItemById(String mongoItemId) throws Exception { + LOG.info("called getItemById: " + mongoItemId); + ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); + // Returning item by Id + return concessioniManager.getById(mongoItemId); + } + + + /** + * To concessione. + * + * @param jsonString the json string + * @return the concessione + */ + protected Concessione toConcessione(String jsonString) { + LOG.info("toConcessione called"); + try { + return org.gcube.application.geoportal.client.utils.Serialization.read(jsonString, Concessione.class); + } catch (Exception e) { + LOG.warn("Error on serializing: ", e); + return null; + } + } + + /* + * For testing public Concessione iamClientGetItemBy(HttpServletRequest request, + * String mongoItemId, String clientId, String secret) throws Exception { String + * scope = SessionUtil.getCurrentContext(request, true); return + * iamClientGetItemBy(scope, mongoItemId, clientId, secret); } + */ + +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoServiceIdentityProxy.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoServiceIdentityProxy.java new file mode 100644 index 0000000..b15fb78 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/ConcessioniMongoServiceIdentityProxy.java @@ -0,0 +1,77 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice; + +import javax.servlet.http.HttpServletRequest; + +import org.gcube.application.geoportal.common.model.legacy.Concessione; +import org.gcube.common.portal.PortalContext; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.GcubeIdentity; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.IAMClientIdentity; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.UserIdentity; +import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + + +/** + * The Class ConcessioniMongoServiceIdentityProxy. + * + * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it + * + * Sep 23, 2021 + */ +public class ConcessioniMongoServiceIdentityProxy { + + private static final Logger LOG = LoggerFactory.getLogger(ConcessioniMongoServiceIdentityProxy.class); + + private GcubeIdentity gCubeIdentity; + + + /** + * Instantiates a new concessioni mongo service proxy. + * + * @param request the request + * @throws Exception the exception + */ + public ConcessioniMongoServiceIdentityProxy(HttpServletRequest request) throws Exception { + SessionUtil.getCurrentContext(request, true); + PortalContext pContext = PortalContext.getConfiguration(); + String username = null; + try { + username = pContext.getCurrentUser(request).getUsername(); + }catch (Exception e) { + LOG.info("Username not detected in session"); + } + if (username != null) { + LOG.info("User detected, using its identity"); + gCubeIdentity = new UserIdentity(); + } else { + LOG.info("User not detected, using IAM Client identity"); + gCubeIdentity = new IAMClientIdentity(); + } + + gCubeIdentity.setIdentity(request); + } + + + /** + * Gets the item by id. + * + * @param mongoItemId the mongo item id + * @return the item by id + * @throws Exception the exception + */ + public Concessione getItemById(String mongoItemId) throws Exception { + + try { + // Obtain the client + ConcessioniMongoService concessioniManager = new ConcessioniMongoService(); + // Returning item by Id + return concessioniManager.getItemById(mongoItemId); + }catch(Exception e) { + LOG.error("Error on reading itemById: "+mongoItemId, e); + throw(e); + }finally { + gCubeIdentity.resetIdentity(); + } + } +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/IAMClientCredentialsReader.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/IAMClientCredentialsReader.java new file mode 100644 index 0000000..6d1ab37 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/IAMClientCredentialsReader.java @@ -0,0 +1,82 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice; + +import static org.gcube.resources.discovery.icclient.ICFactory.clientFor; +import static org.gcube.resources.discovery.icclient.ICFactory.queryFor; + +import java.util.Collection; +import java.util.List; + +import org.gcube.common.encryption.StringEncrypter; +import org.gcube.common.resources.gcore.ServiceEndpoint; +import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint; +import org.gcube.common.scope.api.ScopeProvider; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.IAMClientCredentials; +import org.gcube.resources.discovery.client.api.DiscoveryClient; +import org.gcube.resources.discovery.client.queries.api.SimpleQuery; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * The Class IAMClientCredentialsReader. + * + * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it + * + * Sep 23, 2021 + */ +public class IAMClientCredentialsReader { + + private static Logger LOG = LoggerFactory.getLogger(IAMClientCredentialsReader.class); + + private static final String SE_PROFILE_NAME = "geoportal-data-viewer-app"; + private static final String SE_CATEGORY_NAME = "SystemClient"; + + /** + * Gets the credentials. + * + * @return the credentials + * @throws Exception the exception + */ + public static IAMClientCredentials getCredentials() throws Exception { + + LOG.info("Searching SE in the scope: " + ScopeProvider.instance.get() + " with profile name: " + SE_PROFILE_NAME + + " and category name: " + SE_CATEGORY_NAME); + + SimpleQuery query = queryFor(ServiceEndpoint.class); + query.addCondition("$resource/Profile/Name/text() eq '" + SE_PROFILE_NAME + "'"); + query.addCondition("$resource/Profile/Category/text() eq '" + SE_CATEGORY_NAME + "'"); + + DiscoveryClient client = clientFor(ServiceEndpoint.class); + List resources = client.submit(query); + + if (resources.size() > 0) + LOG.info("The query returned " + resources.size() + " ServiceEndpoint/s"); + else + throw new RuntimeException("ServiceEndpoint not found. Searching for profile name: " + SE_PROFILE_NAME + + " and category name: " + SE_CATEGORY_NAME + "in the scope: " + ScopeProvider.instance.get()); + + ServiceEndpoint se = resources.get(0); + Collection theAccessPoints = se.profile().accessPoints().asCollection(); + String clientId = null; + String secredPwd = null; + for (AccessPoint accessPoint : theAccessPoints) { + clientId = accessPoint.username(); + secredPwd = accessPoint.password(); + LOG.debug("Found clientId: " + clientId + " and encrypted secret: " + secredPwd); + // decrypting the pwd + try { + if (secredPwd != null) { + secredPwd = StringEncrypter.getEncrypter().decrypt(secredPwd); + LOG.debug("Secret decrypted is: " + secredPwd.substring(0, secredPwd.length() / 2) + + "_MASKED_TOKEN_"); + } + } catch (Exception e) { + throw new RuntimeException("Error on decrypting the pwd: ", e); + } + } + + LOG.info("Returning keycloack credentials read from SE"); + return new IAMClientCredentials(clientId, secredPwd); + + } + +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/GcubeIdentity.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/GcubeIdentity.java new file mode 100644 index 0000000..ac81b18 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/GcubeIdentity.java @@ -0,0 +1,28 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities; + +import javax.servlet.http.HttpServletRequest; + + +/** + * The Interface GcubeIdentity. + * + * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it + * + * Sep 23, 2021 + */ +public interface GcubeIdentity { + + /** + * Sets the identity. + * + * @param httpRequest the new identity + * @throws Exception the exception + */ + public void setIdentity(HttpServletRequest httpRequest) throws Exception; + + /** + * Reset identity. + */ + public void resetIdentity(); + +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientCredentials.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientCredentials.java new file mode 100644 index 0000000..267b991 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientCredentials.java @@ -0,0 +1,91 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities; + +import java.io.Serializable; + + +/** + * The Class IAMClientCredentials. + * + * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it + * + * Sep 23, 2021 + */ +public class IAMClientCredentials implements Serializable { + + /** + * + */ + private static final long serialVersionUID = 7242909633989611318L; + private String clientId; + private String clientSecret; + + /** + * Instantiates a new IAM client credentials. + */ + public IAMClientCredentials() { + } + + /** + * Instantiates a new IAM client credentials. + * + * @param clientId the client id + * @param clientSecret the client secret + */ + public IAMClientCredentials(String clientId, String clientSecret) { + this.clientId = clientId; + this.clientSecret = clientSecret; + } + + /** + * Gets the client id. + * + * @return the client id + */ + public String getClientId() { + return clientId; + } + + /** + * Gets the client secret. + * + * @return the client secret + */ + public String getClientSecret() { + return clientSecret; + } + + /** + * Sets the client id. + * + * @param clientId the new client id + */ + public void setClientId(String clientId) { + this.clientId = clientId; + } + + /** + * Sets the client secret. + * + * @param clientSecret the new client secret + */ + public void setClientSecret(String clientSecret) { + this.clientSecret = clientSecret; + } + + /** + * To string. + * + * @return the string + */ + @Override + public String toString() { + StringBuilder builder = new StringBuilder(); + builder.append("IAMClientCredentials [clientId="); + builder.append(clientId); + builder.append(", clientSecret="); + builder.append(clientSecret); + builder.append("]"); + return builder.toString(); + } + +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientIdentity.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientIdentity.java new file mode 100644 index 0000000..edf61e6 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/IAMClientIdentity.java @@ -0,0 +1,83 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities; + +import javax.servlet.http.HttpServletRequest; + +import org.gcube.common.authorization.library.provider.AccessTokenProvider; +import org.gcube.common.keycloak.KeycloakClientFactory; +import org.gcube.common.keycloak.model.TokenResponse; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.IAMClientCredentialsReader; +import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class IAMClientIdentity implements GcubeIdentity { + + private static final Logger LOG = LoggerFactory.getLogger(IAMClientIdentity.class); + + private String previousUMAToken = null; + + @Override + public void setIdentity(HttpServletRequest httpRequest) throws Exception { + LOG.info("setIdentity called"); + String currentScope = SessionUtil.getCurrentContext(httpRequest, true); + IAMClientCredentials credentials = SessionUtil.getIAMClientCredentials(httpRequest); + try { + if(credentials==null) { + credentials = IAMClientCredentialsReader.getCredentials(); + SessionUtil.setIAMClientCredentials(httpRequest,credentials); + } + } catch (Exception e) { + LOG.error("Error on discovering IAM Client credentials", e); + throw new Exception("IAM Client discovery failed"); + } + + LOG.trace("Read credentials: " + credentials); + String umaAcessToken = null; + String clientId = credentials.getClientId(); + String clientSecret = credentials.getClientSecret(); + try { + + LOG.info("Querying KeycloakClientFactory to get UMA token.."); + TokenResponse tr = KeycloakClientFactory.newInstance().queryUMAToken(clientId, clientSecret, currentScope, + null); + umaAcessToken = tr.getAccessToken(); + if (umaAcessToken != null && !umaAcessToken.isEmpty()) { + LOG.info("UMA Access Token read correctly"); + } else { + LOG.error("UMA Access Token NOT RETRIEVED!!!"); + throw new Exception("UMA Access Token is null or empty"); + } + } catch (Exception e2) { + throw new Exception("Error occurred on reading UMA access token:", e2); + } + + try { + + try { + // Here the previousUMAToken should be null + previousUMAToken = AccessTokenProvider.instance.get(); + } catch (Exception e) { + // catching excpetion to be sure + // silent + } + + LOG.debug("JWT token: " + umaAcessToken.substring(0, 20) + "_MASKED_TOKEN_"); + LOG.info("Setting clientId '" + clientId + "' identity by JWT token in the " + + AccessTokenProvider.class.getSimpleName()); + AccessTokenProvider.instance.set(umaAcessToken); + } catch (Exception e) { + LOG.error(e.getMessage(), e); + throw new Exception(e.getMessage()); + } + + } + + @Override + public void resetIdentity() { + LOG.info("resetIdentity called"); + AccessTokenProvider.instance.set(previousUMAToken); + LOG.info("resetIdentity to previous AccessToken"); + + } + +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/UserIdentity.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/UserIdentity.java new file mode 100644 index 0000000..c59f0c0 --- /dev/null +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accessidentities/UserIdentity.java @@ -0,0 +1,28 @@ +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities; + +import javax.servlet.http.HttpServletRequest; + +import org.gcube.portlets.user.geoportaldataviewer.server.util.SessionUtil; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class UserIdentity implements GcubeIdentity { + + private static final Logger LOG = LoggerFactory.getLogger(UserIdentity.class); + + public UserIdentity() { + } + + @Override + public void setIdentity(HttpServletRequest httpRequest) throws Exception { + LOG.info("setIdentity called"); + SessionUtil.getCurrentToken(httpRequest, true); + + } + + @Override + public void resetIdentity() { + LOG.info("resetIdentity called, doing nothing"); + // doing nothing + } +} diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/CheckAccessPolicyUtil.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accesspolicy/GeoNACheckAccessPolicy.java similarity index 87% rename from src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/CheckAccessPolicyUtil.java rename to src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accesspolicy/GeoNACheckAccessPolicy.java index 0be6c5b..6eeda7a 100644 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/CheckAccessPolicyUtil.java +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/mongoservice/accesspolicy/GeoNACheckAccessPolicy.java @@ -1,18 +1,18 @@ -package org.gcube.portlets.user.geoportaldataviewer.server.util; +package org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accesspolicy; import org.slf4j.Logger; import org.slf4j.LoggerFactory; /** - * The Class CheckAccessPolicyUtil. + * The Class GeoNACheckAccessPolicy. * * @author Francesco Mangiacrapa at ISTI-CNR francesco.mangiacrapa@isti.cnr.it * * Sep 9, 2021 */ -public class CheckAccessPolicyUtil { +public class GeoNACheckAccessPolicy { - private static final Logger LOG = LoggerFactory.getLogger(CheckAccessPolicyUtil.class); + private static final Logger LOG = LoggerFactory.getLogger(GeoNACheckAccessPolicy.class); /** * The Enum ACCESS_POLICY. * diff --git a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/SessionUtil.java b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/SessionUtil.java index 7293449..7d1cf93 100644 --- a/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/SessionUtil.java +++ b/src/main/java/org/gcube/portlets/user/geoportaldataviewer/server/util/SessionUtil.java @@ -14,7 +14,8 @@ import org.gcube.application.geoportalcommon.shared.products.model.UploadedImage import org.gcube.common.authorization.library.provider.SecurityTokenProvider; import org.gcube.common.portal.PortalContext; import org.gcube.common.scope.api.ScopeProvider; -import org.gcube.portlets.user.geoportaldataviewer.server.ConcessioneImageUtil; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.ConcessioneImageUtil; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.IAMClientCredentials; import org.gcube.portlets.user.urlshortener.UrlShortener; import org.gcube.vomanagement.usermanagement.GroupManager; import org.gcube.vomanagement.usermanagement.exception.GroupRetrievalFault; @@ -39,9 +40,11 @@ public class SessionUtil { /** The log. */ private static Logger LOG = LoggerFactory.getLogger(SessionUtil.class); - public static final String URL_SHORTENER_SERVICE = "URL_SHORTENER_SERVICE"; + private static final String URL_SHORTENER_SERVICE = "URL_SHORTENER_SERVICE"; - public static final String CACHE_IMAGE_PREVIEW_FOR_CONCESSIONE = "MAP_IMAGE_PREVIEW_FOR_CONCESSIONE"; + private static final String CACHE_IMAGE_PREVIEW_FOR_CONCESSIONE = "MAP_IMAGE_PREVIEW_FOR_CONCESSIONE"; + + private static final String IAM_CLIENT_CREDENTIALS = "IAM_CLIENT_CREDENTIALS"; /** * Checks if is into portal. @@ -222,4 +225,35 @@ public class SessionUtil { return lUI.get(0); } + + /** + * Gets the IAM client credentials. + * + * @param httpRequest the http request + * @return the IAM client credentials + */ + public static IAMClientCredentials getIAMClientCredentials(HttpServletRequest httpRequest) { + HttpSession session = httpRequest.getSession(); + try { + return (IAMClientCredentials) session.getAttribute(IAM_CLIENT_CREDENTIALS); + } catch (Exception e) { + LOG.warn("Error occurred when reading " + IAM_CLIENT_CREDENTIALS + " from session"); + return null; + } + } + + /** + * Sets the IAM client credentials. + * + * @param httpRequest the http request + * @param iamCC the iam CC + */ + public static void setIAMClientCredentials(HttpServletRequest httpRequest, IAMClientCredentials iamCC) { + HttpSession session = httpRequest.getSession(); + try { + session.setAttribute(IAM_CLIENT_CREDENTIALS, iamCC); + } catch (Exception e) { + LOG.warn("Error occurred when setting " + IAM_CLIENT_CREDENTIALS + " into session"); + } + } } diff --git a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/ConcessioneReader.java b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/ConcessioneReader.java new file mode 100644 index 0000000..dce5720 --- /dev/null +++ b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/ConcessioneReader.java @@ -0,0 +1,60 @@ +package org.gcube.portlets.user.geoportaldataviewer; + +import static org.gcube.application.geoportal.client.GeoportalAbstractPlugin.statefulMongoConcessioni; + +import org.gcube.application.geoportal.client.legacy.ConcessioniManagerI; +import org.gcube.application.geoportal.common.model.legacy.Concessione; +import org.gcube.application.geoportalcommon.ConvertToDataViewModel; +import org.gcube.application.geoportalcommon.shared.products.ConcessioneDV; +import org.gcube.common.authorization.library.provider.SecurityTokenProvider; +import org.gcube.common.scope.api.ScopeProvider; + +public class ConcessioneReader { + + private static final String YOUR_TOKEN = ""; + + public static String SCOPE = "/gcube/devsec/devVRE"; + public static String mongoConcessioneID = "6102c07002ad3d05b5f81ddc"; + + //@Before + public void setEnviroment() { + ScopeProvider.instance.set(SCOPE); + SecurityTokenProvider.instance.set(YOUR_TOKEN); + + } + + //@Test + public void readConcessione() throws Exception { + System.out.println("getConcessioneForId " + mongoConcessioneID + "called"); + + ConcessioneDV concessionDV = null; + + if (mongoConcessioneID == null) + throw new Exception("Invalid parameter. The Id is null"); + + try { + System.out.println("Trying to get record for id " + mongoConcessioneID); + ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); + Concessione concessione = concessioniManager.getById(mongoConcessioneID); + System.out.println("For id " + mongoConcessioneID + ", got concessione " + concessione); + System.out.println("Immagini Rappresentative are: " + concessione.getImmaginiRappresentative()); + System.out.println("Relazione scavo: " + concessione.getRelazioneScavo()); + System.out.println("Pianta Fine scavo: " + concessione.getPianteFineScavo()); + System.out.println("Posizionamento scavo: " + concessione.getPosizionamentoScavo()); + + if (concessione != null) { + concessionDV = ConvertToDataViewModel.toConcessione(concessione); + } + + if (concessionDV == null) + throw new Exception("Concessione not retrieved"); + + System.out.println("Got concessione: " + concessionDV); + + } catch (Exception e) { + String erroMsg = Concessione.class.getSimpleName() + " with id " + mongoConcessioneID + " not available"; + throw new Exception(erroMsg); + } + } + +} diff --git a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/GetConcessione.java b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/GetConcessione.java deleted file mode 100644 index 58b3a59..0000000 --- a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/GetConcessione.java +++ /dev/null @@ -1,67 +0,0 @@ -package org.gcube.portlets.user.geoportaldataviewer; - -import static org.gcube.application.geoportal.client.GeoportalAbstractPlugin.statefulMongoConcessioni; - -import org.gcube.application.geoportal.client.legacy.ConcessioniManagerI; -import org.gcube.application.geoportal.common.model.legacy.Concessione; -import org.gcube.application.geoportalcommon.ConvertToDataViewModel; -import org.gcube.application.geoportalcommon.shared.products.ConcessioneDV; -import org.gcube.common.authorization.library.provider.SecurityTokenProvider; -import org.gcube.common.scope.api.ScopeProvider; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -public class GetConcessione { - - private static final Logger LOG = LoggerFactory.getLogger(GetConcessione.class); - - private static final String YOUR_TOKEN = ""; - - public static String SCOPE = "/gcube/devsec/devVRE"; - public static String concessioneId = "6102c07002ad3d05b5f81ddc"; - - public static ConcessioneDV getConcessioneForId(String mongoID) throws Exception{ - LOG.info("getConcessioneForId "+mongoID+ "called"); - - ConcessioneDV concessionDV = null; - - if(mongoID==null) - throw new Exception("Invalid parameter. The Id is null"); - - try { - LOG.info("Trying to get record for id "+mongoID); - ConcessioniManagerI concessioniManager = statefulMongoConcessioni().build(); - Concessione concessione = concessioniManager.getById(mongoID); - LOG.info("For id "+mongoID+", got concessione "+concessione); - LOG.info("Immagini Rappresentative are: "+concessione.getImmaginiRappresentative()); - LOG.info("Relazione scavo: "+concessione.getRelazioneScavo()); - LOG.info("Pianta Fine scavo: "+concessione.getPianteFineScavo()); - LOG.info("Posizionamento scavo: "+concessione.getPosizionamentoScavo()); - - if(concessione !=null) { - concessionDV = ConvertToDataViewModel.toConcessione(concessione); - } - - if(concessionDV==null) - throw new Exception("Concessione not retrieved"); - - return concessionDV; - - }catch (Exception e) { - String erroMsg = Concessione.class.getSimpleName() +" with id "+mongoID+" not available"; - LOG.error(erroMsg,e); - throw new Exception(erroMsg); - } - - } - - public static void main(String[] args) throws Exception { - ScopeProvider.instance.set(SCOPE); - SecurityTokenProvider.instance.set(YOUR_TOKEN); - LOG.info("Trying to get record for id "+concessioneId); - ConcessioneDV concessione = getConcessioneForId(concessioneId); - LOG.info("Got record for id "+concessione); - } - - -} diff --git a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/IAMClient.java b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/IAMClient.java new file mode 100644 index 0000000..1df1bc7 --- /dev/null +++ b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/IAMClient.java @@ -0,0 +1,40 @@ +package org.gcube.portlets.user.geoportaldataviewer; + +import java.util.List; + +import org.gcube.application.geoportal.common.model.legacy.Concessione; +import org.gcube.common.scope.api.ScopeProvider; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.IAMClientCredentialsReader; +import org.gcube.portlets.user.geoportaldataviewer.server.mongoservice.accessidentities.IAMClientCredentials; +import org.junit.Test; + +public class IAMClient { + + private static final String SCOPE = "/gcube/devsec/devVRE"; + private static final String MONGO_ITEM_ID = "614af6a502ad3d6128abd43f"; + + @Test + public void readCredentials() { + System.out.println("called readCredentials test"); + ScopeProvider.instance.set(SCOPE); + IAMClientCredentials credentials = null; + try { + credentials = IAMClientCredentialsReader.getCredentials(); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + System.out.println("Read credentials: " + credentials); + Concessione concessione; + try { +// concessione = new ConcessioniMongoServiceIdentityProxy(); + + // System.out.println("Get concessione: " + concessione); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + +} diff --git a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/TestShortener.java b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/Shortener.java similarity index 84% rename from src/test/java/org/gcube/portlets/user/geoportaldataviewer/TestShortener.java rename to src/test/java/org/gcube/portlets/user/geoportaldataviewer/Shortener.java index a13f365..ec844c5 100644 --- a/src/test/java/org/gcube/portlets/user/geoportaldataviewer/TestShortener.java +++ b/src/test/java/org/gcube/portlets/user/geoportaldataviewer/Shortener.java @@ -7,9 +7,11 @@ import java.util.Arrays; import org.gcube.common.scope.api.ScopeProvider; import org.gcube.portlets.user.urlshortener.UrlShortener; -public class TestShortener { +public class Shortener { - public static void main(String[] args) { + //@Test + public void availableInTheScope() { + System.out.println("called availableInTheScope test"); try { String toShort = "https://next.d4science.org/group/nextnext/geona-data-viewer"; String[] splitted = toShort.split("\\?"); @@ -27,12 +29,12 @@ public class TestShortener { System.out.println("encodedQuery is: "+encodedQuery); link = String.format("%s?%s", splitted[0], encodedQuery); } - ScopeProvider.instance.set("/gcube/devNext/NextNext"); + ScopeProvider.instance.set("/gcube/devsec/devVRE"); UrlShortener shortener = new UrlShortener(); System.out.println(shortener.shorten(link)); } catch (Exception e) { e.printStackTrace(); } - } + }