for checking user's token into the request, a set scope to the root is needed
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/data-catalogue/grsf-publisher-ws@133341 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
0a7bbeb5a6
commit
095223c0d6
12
pom.xml
12
pom.xml
|
@ -34,13 +34,6 @@
|
|||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.distribution</groupId>
|
||||
<artifactId>maven-smartgears-bom</artifactId>
|
||||
<version>LATEST</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
|
||||
|
@ -80,6 +73,11 @@
|
|||
<artifactId>authorization-client</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common.portal</groupId>
|
||||
<artifactId>portal-manager</artifactId>
|
||||
<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>common-authorization</artifactId>
|
||||
|
|
|
@ -13,6 +13,7 @@ import javax.ws.rs.ext.Provider;
|
|||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
@ -77,15 +78,21 @@ public class RequestsAuthFilter implements ContainerRequestFilter{
|
|||
* @return null if validation fails
|
||||
*/
|
||||
private static AuthorizationEntry validateToken(String token){
|
||||
|
||||
AuthorizationEntry res = null;
|
||||
|
||||
try {
|
||||
|
||||
|
||||
// set the root scope
|
||||
ScopeProvider.instance.set("/" + PortalContext.getConfiguration().getInfrastructureName());
|
||||
logger.debug("Validating token " + token);
|
||||
res = authorizationService().get(token);
|
||||
logger.debug("Token seems valid for scope " + res.getContext() + " and user " + res.getClientInfo().getId());
|
||||
|
||||
} catch (Exception e) {
|
||||
logger.error("The token is not valid. This request will be rejected!!! (" + token + ")", e);
|
||||
}finally{
|
||||
ScopeProvider.instance.reset();
|
||||
}
|
||||
|
||||
return res;
|
||||
|
|
Loading…
Reference in New Issue