moved again code to run on top of smartgears
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/data-catalogue/grsf-publisher-ws@135053 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
4c740c7a95
commit
26d4f35f5c
33
pom.xml
33
pom.xml
|
@ -29,7 +29,7 @@
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.distribution</groupId>
|
<groupId>org.gcube.distribution</groupId>
|
||||||
<artifactId>maven-portal-bom</artifactId>
|
<artifactId>maven-smartgears-bom</artifactId>
|
||||||
<version>LATEST</version>
|
<version>LATEST</version>
|
||||||
<type>pom</type>
|
<type>pom</type>
|
||||||
<scope>import</scope>
|
<scope>import</scope>
|
||||||
|
@ -47,9 +47,15 @@
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
<!-- SmartGears -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.slf4j</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>slf4j-log4j12</artifactId>
|
<artifactId>common-smartgears</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.resources.discovery</groupId>
|
||||||
|
<artifactId>ic-client</artifactId>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -73,25 +79,17 @@
|
||||||
<artifactId>authorization-client</artifactId>
|
<artifactId>authorization-client</artifactId>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.gcube.common.portal</groupId>
|
|
||||||
<artifactId>portal-manager</artifactId>
|
|
||||||
<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
|
|
||||||
</dependency>
|
|
||||||
<!-- <dependency> -->
|
|
||||||
<!-- <groupId>org.gcube.accounting</groupId> -->
|
|
||||||
<!-- <artifactId>accounting-lib</artifactId> -->
|
|
||||||
<!-- <scope>provided</scope> -->
|
|
||||||
<!-- </dependency> -->
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
<artifactId>home-library-jcr</artifactId>
|
<artifactId>home-library-jcr</artifactId>
|
||||||
<scope>provided</scope>
|
<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
|
||||||
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
<artifactId>home-library</artifactId>
|
<artifactId>home-library</artifactId>
|
||||||
<scope>provided</scope>
|
<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
|
||||||
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
|
@ -129,11 +127,6 @@
|
||||||
<artifactId>jersey-bean-validation</artifactId>
|
<artifactId>jersey-bean-validation</artifactId>
|
||||||
<version>${version.jersey}</version>
|
<version>${version.jersey}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.gcube.resources.discovery</groupId>
|
|
||||||
<artifactId>ic-client</artifactId>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
|
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
|
||||||
<artifactId>jersey-test-framework-provider-jetty</artifactId>
|
<artifactId>jersey-test-framework-provider-jetty</artifactId>
|
||||||
|
|
|
@ -1,144 +0,0 @@
|
||||||
package org.gcube.data_catalogue.grsf_publish_ws.filters;
|
|
||||||
|
|
||||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.InputStream;
|
|
||||||
|
|
||||||
import javax.ws.rs.container.ContainerRequestContext;
|
|
||||||
import javax.ws.rs.container.ContainerRequestFilter;
|
|
||||||
import javax.ws.rs.core.Context;
|
|
||||||
import javax.ws.rs.core.MediaType;
|
|
||||||
import javax.ws.rs.core.MultivaluedMap;
|
|
||||||
import javax.ws.rs.core.Response;
|
|
||||||
import javax.ws.rs.core.UriInfo;
|
|
||||||
import javax.ws.rs.ext.Provider;
|
|
||||||
|
|
||||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
|
||||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
||||||
import org.gcube.common.authorization.library.utils.Caller;
|
|
||||||
import org.gcube.common.portal.PortalContext;
|
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
|
||||||
import org.gcube.data_catalogue.grsf_publish_ws.json.output.ResponseBean;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
import com.google.common.base.Charsets;
|
|
||||||
|
|
||||||
import eu.trentorise.opendata.traceprov.internal.org.apache.commons.io.IOUtils;
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Requests filter: is invoked before any request reaches a service method
|
|
||||||
* @author Costantino Perciante at ISTI-CNR
|
|
||||||
*/
|
|
||||||
@Provider
|
|
||||||
public class RequestsAuthAccountingFilter implements ContainerRequestFilter{
|
|
||||||
|
|
||||||
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(RequestsAuthAccountingFilter.class);
|
|
||||||
private static final String AUTH_TOKEN = "gcube-token";
|
|
||||||
|
|
||||||
@Context UriInfo info;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void filter(ContainerRequestContext requestContext)
|
|
||||||
throws IOException {
|
|
||||||
|
|
||||||
logger.info("Intercepted request, checking if it contains authorization token");
|
|
||||||
String pathRequest = info.getAbsolutePath().toString();
|
|
||||||
|
|
||||||
if(pathRequest.contains("hello") || pathRequest.endsWith("rest/"))
|
|
||||||
return;
|
|
||||||
|
|
||||||
try {
|
|
||||||
if (isJson(requestContext)) {
|
|
||||||
// read it
|
|
||||||
String json = IOUtils.toString(requestContext.getEntityStream(), Charsets.UTF_8);
|
|
||||||
|
|
||||||
// replace input stream for Jersey as we've already read it
|
|
||||||
InputStream in = IOUtils.toInputStream(json);
|
|
||||||
logger.debug("JSON REQUEST IS " + json);
|
|
||||||
requestContext.setEntityStream(in);
|
|
||||||
}
|
|
||||||
} catch (Exception ex) {
|
|
||||||
logger.error("JSON IS MISSING", ex);
|
|
||||||
}
|
|
||||||
|
|
||||||
// check if the request contains gcube-token
|
|
||||||
String tokenInHeader = null, tokenAsQueryParameter = null;
|
|
||||||
MultivaluedMap<String, String> headers = requestContext.getHeaders();
|
|
||||||
if( headers != null && headers.containsKey(AUTH_TOKEN))
|
|
||||||
tokenInHeader = headers.get(AUTH_TOKEN).get(0);
|
|
||||||
|
|
||||||
MultivaluedMap<String, String> queryParameters = requestContext.getUriInfo().getQueryParameters();
|
|
||||||
if(queryParameters != null && queryParameters.containsKey(AUTH_TOKEN))
|
|
||||||
tokenAsQueryParameter = queryParameters.get(AUTH_TOKEN).get(0);
|
|
||||||
|
|
||||||
if(tokenInHeader != null){
|
|
||||||
logger.info("Token in " + tokenInHeader.substring(0, 5) + "********************");
|
|
||||||
AuthorizationEntry ae = validateToken(tokenInHeader);
|
|
||||||
if(ae != null){
|
|
||||||
setTokenInThread(ae, tokenInHeader);
|
|
||||||
}else
|
|
||||||
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).type(MediaType.APPLICATION_JSON).entity(new ResponseBean(false, "Invalid or missing gcube-token", null)).build());
|
|
||||||
}else if(tokenAsQueryParameter != null){
|
|
||||||
logger.info("Token is " + tokenAsQueryParameter.substring(0, 5) + "********************");
|
|
||||||
AuthorizationEntry ae = validateToken(tokenAsQueryParameter);
|
|
||||||
if(ae != null){
|
|
||||||
setTokenInThread(ae, tokenAsQueryParameter);
|
|
||||||
}else
|
|
||||||
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).type(MediaType.APPLICATION_JSON).entity(new ResponseBean(false, "Invalid or missing gcube-token", null)).build());
|
|
||||||
|
|
||||||
}
|
|
||||||
else
|
|
||||||
requestContext.abortWith(Response.status(Response.Status.UNAUTHORIZED).type(MediaType.APPLICATION_JSON).entity(new ResponseBean(false, "Invalid or missing gcube-token", null)).build());
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set token and scope in thread.
|
|
||||||
* @param ae
|
|
||||||
* @param token
|
|
||||||
*/
|
|
||||||
private static void setTokenInThread(AuthorizationEntry ae, String token){
|
|
||||||
logger.debug("Setting scope " + ae.getContext());
|
|
||||||
AuthorizationProvider.instance.set(new Caller(ae.getClientInfo(), ae.getQualifier()));
|
|
||||||
ScopeProvider.instance.set(ae.getContext());
|
|
||||||
SecurityTokenProvider.instance.set(token);
|
|
||||||
logger.info("Authorization entry set in thread local");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Validate token.
|
|
||||||
* @param token
|
|
||||||
* @return null if validation fails
|
|
||||||
*/
|
|
||||||
private static AuthorizationEntry validateToken(String token){
|
|
||||||
AuthorizationEntry res = null;
|
|
||||||
try {
|
|
||||||
// set the root scope
|
|
||||||
ScopeProvider.instance.set("/" + PortalContext.getConfiguration().getInfrastructureName());
|
|
||||||
logger.debug("Validating token " + token);
|
|
||||||
res = authorizationService().get(token);
|
|
||||||
logger.debug("Token seems valid for scope " + res.getContext() + " and user " + res.getClientInfo().getId());
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
logger.error("The token is not valid. This request will be rejected!!! (" + token + ")", e);
|
|
||||||
}finally{
|
|
||||||
ScopeProvider.instance.reset();
|
|
||||||
}
|
|
||||||
return res;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Check the request is of type application/json
|
|
||||||
* @param request
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
boolean isJson(ContainerRequestContext request) {
|
|
||||||
// define rules when to read body
|
|
||||||
return request.getMediaType().toString().contains(MediaType.APPLICATION_JSON);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -72,6 +72,7 @@ public class GrsfPublisherFisheryService {
|
||||||
Map<String, String> licenses = new HashMap<String, String>();
|
Map<String, String> licenses = new HashMap<String, String>();
|
||||||
Status status;
|
Status status;
|
||||||
try{
|
try{
|
||||||
|
logger.info("Requested licenses...");
|
||||||
licenses = HelperMethods.getLicenses(HelperMethods.getDataCatalogueRunningInstance(ScopeProvider.instance.get()));
|
licenses = HelperMethods.getLicenses(HelperMethods.getDataCatalogueRunningInstance(ScopeProvider.instance.get()));
|
||||||
status = Status.OK;
|
status = Status.OK;
|
||||||
}catch(Exception e){
|
}catch(Exception e){
|
||||||
|
|
|
@ -72,6 +72,7 @@ public class GrsfPublisherStockService {
|
||||||
Map<String, String> licenses = new HashMap<String, String>();
|
Map<String, String> licenses = new HashMap<String, String>();
|
||||||
Status status;
|
Status status;
|
||||||
try{
|
try{
|
||||||
|
logger.info("Requested licenses...");
|
||||||
licenses = HelperMethods.getLicenses(HelperMethods.getDataCatalogueRunningInstance(ScopeProvider.instance.get()));
|
licenses = HelperMethods.getLicenses(HelperMethods.getDataCatalogueRunningInstance(ScopeProvider.instance.get()));
|
||||||
status = Status.OK;
|
status = Status.OK;
|
||||||
}catch(Exception e){
|
}catch(Exception e){
|
||||||
|
|
|
@ -204,6 +204,9 @@ public class ManageTimeSeriesThread extends Thread{
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// delete the file
|
||||||
|
csvFile.delete();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue