for checking user's token into the request, a set scope to the root is needed

git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/data-catalogue/grsf-publisher-ws@133341 82a268e6-3cf1-43bd-a215-b396298e98cf
2016-10-19 07:57:31 +00:00 · 2016-10-19 07:57:31 +00:00 · 095223c0d6
parent 0a7bbeb5a6
commit 095223c0d6
2 changed files with 13 additions and 8 deletions
--- a/pom.xml
+++ b/pom.xml
@ -34,13 +34,6 @@
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
-			<dependency>
-				<groupId>org.gcube.distribution</groupId>
-				<artifactId>maven-smartgears-bom</artifactId>
-				<version>LATEST</version>
-				<type>pom</type>
-				<scope>import</scope>
-			</dependency>
 		</dependencies>
 	</dependencyManagement>

@ -80,6 +73,11 @@
 			<artifactId>authorization-client</artifactId>
 			<scope>provided</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.gcube.common.portal</groupId>
+			<artifactId>portal-manager</artifactId>
+			<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
+		</dependency>
 		<dependency>
 			<groupId>org.gcube.common</groupId>
 			<artifactId>common-authorization</artifactId>
--- a/src/main/java/org/gcube/data_catalogue/grsf_publish_ws/filters/RequestsAuthFilter.java
+++ b/src/main/java/org/gcube/data_catalogue/grsf_publish_ws/filters/RequestsAuthFilter.java
@ -13,6 +13,7 @@ import javax.ws.rs.ext.Provider;
 import org.gcube.common.authorization.library.AuthorizationEntry;
 import org.gcube.common.authorization.library.provider.AuthorizationProvider;
 import org.gcube.common.authorization.library.utils.Caller;
+import org.gcube.common.portal.PortalContext;
 import org.gcube.common.scope.api.ScopeProvider;
 import org.slf4j.LoggerFactory;

@ -77,15 +78,21 @@ public class RequestsAuthFilter implements ContainerRequestFilter{
 	 * @return null if validation fails
 	 */
 	private static AuthorizationEntry validateToken(String token){
+		
 		AuthorizationEntry res = null;
+		
 		try {
-
+			
+			// set the root scope
+			ScopeProvider.instance.set("/" + PortalContext.getConfiguration().getInfrastructureName());
 			logger.debug("Validating token " + token);
 			res = authorizationService().get(token);
 			logger.debug("Token seems valid for scope " + res.getContext() + " and user " + res.getClientInfo().getId());

 		} catch (Exception e) {
 			logger.error("The token is not valid. This request will be rejected!!! (" + token + ")", e);
+		}finally{
+			ScopeProvider.instance.reset();
 		}

 		return res;