From a26f583a0e71840e7a2a4d5624ca74e455d3b534 Mon Sep 17 00:00:00 2001
From: Luca Frosini <luca.frosini@isti.cnr.it>
Date: Thu, 27 May 2021 15:14:24 +0200
Subject: [PATCH] Supporting new UMA token

---
 gxHTTP/CHANGELOG.md                           |  1 +
 .../common/gxhttp/reference/GXConnection.java | 30 ++++++++++++++-----
 .../reference/GXHTTPRequestBuilder.java       | 15 ++++++++--
 .../gxhttp/GXHTTPStringRequestTest.java       |  3 +-
 4 files changed, 37 insertions(+), 12 deletions(-)

diff --git a/gxHTTP/CHANGELOG.md b/gxHTTP/CHANGELOG.md
index bcedd1b..3c0becb 100644
--- a/gxHTTP/CHANGELOG.md
+++ b/gxHTTP/CHANGELOG.md
@@ -5,6 +5,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 
 ## [v1.2.0-SNAPSHOT] [r5.0.0] -
 
+- Managing new UMA token and not only old authz gcube token [#21525]
 - Switched JSON management to gcube-jackson [#19737]
 
 
diff --git a/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXConnection.java b/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXConnection.java
index 06109c6..1286d3d 100644
--- a/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXConnection.java
+++ b/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXConnection.java
@@ -14,6 +14,7 @@ import java.util.Map;
 import java.util.Objects;
 import java.util.stream.Collectors;
 
+import org.gcube.common.authorization.library.provider.AccessTokenProvider;
 import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
 import org.gcube.common.gxhttp.request.GXHTTPStringRequest;
 import org.slf4j.Logger;
@@ -119,16 +120,29 @@ public class GXConnection {
 		return send(this.buildURL(), method);
 	}
 
+	private HttpURLConnection addGCubeAuthorizationToken(HttpURLConnection uConn) throws Exception {
+		if (!this.extCall) {
+			String oldGcubeAuthtoken = SecurityTokenProvider.instance.get();
+			
+			if (Objects.isNull(oldGcubeAuthtoken) || oldGcubeAuthtoken.isEmpty()) {
+				String umaToken = AccessTokenProvider.instance.get();
+				if(Objects.isNull(umaToken) || umaToken.isEmpty()) {
+					throw new IllegalStateException("The security token in the current environment is null.");
+				}else {
+					uConn.setRequestProperty("Authorization", "Bearer " + umaToken);
+				}
+			} else {
+				uConn.setRequestProperty(org.gcube.common.authorization.client.Constants.TOKEN_HEADER_ENTRY, oldGcubeAuthtoken);
+			}
+		}
+		return uConn;
+	}
+	
 	private HttpURLConnection send(URL url, HTTPMETHOD method) throws Exception {
 		HttpURLConnection uConn = (HttpURLConnection) url.openConnection();
-		if (!this.extCall) {
-			String token = SecurityTokenProvider.instance.get();
-			if (Objects.isNull(token) || token.isEmpty())
-				throw new IllegalStateException("The security token in the current environment is null.");
-	
-			uConn.setRequestProperty(org.gcube.common.authorization.client.Constants.TOKEN_HEADER_ENTRY,
-					token);
-		}
+		
+		uConn = addGCubeAuthorizationToken(uConn);
+		
 		uConn.setDoOutput(true);
 		// uConn.setRequestProperty("Content-type", APPLICATION_JSON_CHARSET_UTF_8);
 		if(this.agent!=null) {
diff --git a/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXHTTPRequestBuilder.java b/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXHTTPRequestBuilder.java
index 38663c1..089f0a0 100644
--- a/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXHTTPRequestBuilder.java
+++ b/gxHTTP/src/main/java/org/gcube/common/gxhttp/reference/GXHTTPRequestBuilder.java
@@ -5,6 +5,7 @@ import java.net.HttpURLConnection;
 import java.net.URLEncoder;
 import java.util.Map;
 import java.util.Objects;
+import java.util.regex.Pattern;
 import java.util.Map.Entry;
 
 import org.gcube.common.gxhttp.reference.GXConnection.HTTPMETHOD;
@@ -15,6 +16,7 @@ import org.slf4j.LoggerFactory;
  * Builder for GXHTTP Requests.
  * 
  * @author Manuele Simi (ISTI CNR)
+ * @author Luca Frosini (ISTI-CNR)
  *
  */
 public class GXHTTPRequestBuilder {
@@ -74,6 +76,8 @@ public class GXHTTPRequestBuilder {
 		return this;
 	}
 	
+	public static final String UUID_REGEX = "^([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}-[a-fA-F0-9]{8,9}){1}$";
+	
 	
 	/**
 	 * Overrides the default security token.
@@ -81,10 +85,15 @@ public class GXHTTPRequestBuilder {
 	 * @param token
 	 */
 	public void setSecurityToken(String token) {
-		if (!this.connection.isExtCall())
-			this.connection.setProperty(org.gcube.common.authorization.client.Constants.TOKEN_HEADER_ENTRY, token);
-		else
+		if (!this.connection.isExtCall()) {
+			if(Pattern.matches(UUID_REGEX, token)) {
+				this.connection.setProperty(org.gcube.common.authorization.client.Constants.TOKEN_HEADER_ENTRY, token);
+			}else {
+				this.connection.setProperty("Authorization", "Bearer " + token);
+			}
+		}else {
 			throw new UnsupportedOperationException("Cannot set the security token on an external call");
+		}
 	}
 
 	/**
diff --git a/gxHTTP/src/test/java/org/gcube/common/gxhttp/GXHTTPStringRequestTest.java b/gxHTTP/src/test/java/org/gcube/common/gxhttp/GXHTTPStringRequestTest.java
index e907e05..e281c87 100644
--- a/gxHTTP/src/test/java/org/gcube/common/gxhttp/GXHTTPStringRequestTest.java
+++ b/gxHTTP/src/test/java/org/gcube/common/gxhttp/GXHTTPStringRequestTest.java
@@ -1,6 +1,7 @@
 package org.gcube.common.gxhttp;
 
-import static org.junit.Assert.*;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
 
 import java.io.IOException;
 import java.io.InputStream;