hello-world-service/src/main/java/org/gcube/service/helloworld/services/AuthenticatedService.java

package org.gcube.service.helloworld.services;

import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.Produces;
import jakarta.ws.rs.core.MediaType;

import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.common.security.providers.SecretManagerProvider;
import org.gcube.common.security.secrets.Secret;
import org.gcube.smartgears.utils.InnerMethodName;

/**
 * @author Lucio Lelii (ISTI - CNR)
 * @author Alfredo Oliviero (ISTI - CNR)
 */

@Path("auth")
public class AuthenticatedService {

	private static final String ALLOWED_ROLE = "myRole";
	private static final String ALLOWED_ROLE_ORG = "OrganizationMember";
	private static final String ALLOWED_ROLE_MEMBER = "Member";

	@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_ORG })
	@GET
	@Path("org_member")
	@Produces(MediaType.TEXT_PLAIN)
	public String authorizedOrg() {
		InnerMethodName.set("auth");
		Secret secret = SecretManagerProvider.get();
		String userId = secret.getOwner().getId();
		String context = secret.getContext();
		return String.format(
				"User %s in context %s is authorized to execute this method because he has the role %s", userId,
				context, ALLOWED_ROLE_ORG);
	}

	@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_MEMBER })
	@GET
	@Path("member")
	@Produces(MediaType.TEXT_PLAIN)
	public String authorizedMember() {
		InnerMethodName.set("auth");
		Secret secret = SecretManagerProvider.get();
		String userId = secret.getOwner().getId();
		String context = secret.getContext();
		return String.format(
				"User %s in context %s is authorized to execute this method because he has the role %s", userId,
				context, ALLOWED_ROLE_MEMBER);
	}

	@AuthorizationControl(allowedRoles = { ALLOWED_ROLE })
	@GET
	@Path("")
	@Produces(MediaType.TEXT_PLAIN)
	public String authorized() {
		InnerMethodName.set("auth");
		Secret secret = SecretManagerProvider.get();
		String userId = secret.getOwner().getId();
		String context = secret.getContext();
		return String.format(
				"User %s in context %s is authorized to execute this method because he has the role %s", userId,
				context, ALLOWED_ROLE);
	}

}
added authorized method 2024-02-22 09:56:36 +01:00			`package org.gcube.service.helloworld.services;`

testing porting to jakarta 2024-02-29 17:21:49 +01:00			`import jakarta.ws.rs.GET;`
			`import jakarta.ws.rs.Path;`
			`import jakarta.ws.rs.Produces;`
			`import jakarta.ws.rs.core.MediaType;`
added authorized method 2024-02-22 09:56:36 +01:00
			`import org.gcube.common.authorization.control.annotations.AuthorizationControl;`
			`import org.gcube.common.security.providers.SecretManagerProvider;`
			`import org.gcube.common.security.secrets.Secret;`
			`import org.gcube.smartgears.utils.InnerMethodName;`

style - code formatting 2024-02-23 17:35:59 +01:00			`/**`
testing porting to jakarta 2024-02-29 17:21:49 +01:00			`* @author Lucio Lelii (ISTI - CNR)`
style - code formatting 2024-02-23 17:35:59 +01:00			`* @author Alfredo Oliviero (ISTI - CNR)`
			`*/`

added authorized method 2024-02-22 09:56:36 +01:00			`@Path("auth")`
style - code formatting 2024-02-23 17:35:59 +01:00			`public class AuthenticatedService {`
added authorized method 2024-02-22 09:56:36 +01:00
			`private static final String ALLOWED_ROLE = "myRole";`
added examples 2024-02-23 12:14:09 +01:00			`private static final String ALLOWED_ROLE_ORG = "OrganizationMember";`
auth member 2024-02-23 19:01:34 +01:00			`private static final String ALLOWED_ROLE_MEMBER = "Member";`
style - code formatting 2024-02-23 17:35:59 +01:00
			`@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_ORG })`
added examples 2024-02-23 12:14:09 +01:00			`@GET`
			`@Path("org_member")`
			`@Produces(MediaType.TEXT_PLAIN)`
			`public String authorizedOrg() {`
			`InnerMethodName.set("auth");`
			`Secret secret = SecretManagerProvider.get();`
			`String userId = secret.getOwner().getId();`
			`String context = secret.getContext();`
style - code formatting 2024-02-23 17:35:59 +01:00			`return String.format(`
code format 2024-02-26 10:05:14 +01:00			`"User %s in context %s is authorized to execute this method because he has the role %s", userId,`
			`context, ALLOWED_ROLE_ORG);`
added examples 2024-02-23 12:14:09 +01:00			`}`
style - code formatting 2024-02-23 17:35:59 +01:00
auth member 2024-02-23 19:01:34 +01:00			`@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_MEMBER })`
			`@GET`
			`@Path("member")`
			`@Produces(MediaType.TEXT_PLAIN)`
			`public String authorizedMember() {`
			`InnerMethodName.set("auth");`
			`Secret secret = SecretManagerProvider.get();`
			`String userId = secret.getOwner().getId();`
			`String context = secret.getContext();`
			`return String.format(`
code format 2024-02-26 10:05:14 +01:00			`"User %s in context %s is authorized to execute this method because he has the role %s", userId,`
			`context, ALLOWED_ROLE_MEMBER);`
auth member 2024-02-23 19:01:34 +01:00			`}`

style - code formatting 2024-02-23 17:35:59 +01:00			`@AuthorizationControl(allowedRoles = { ALLOWED_ROLE })`
added authorized method 2024-02-22 09:56:36 +01:00			`@GET`
added examples 2024-02-23 12:14:09 +01:00			`@Path("")`
			`@Produces(MediaType.TEXT_PLAIN)`
added authorized method 2024-02-22 09:56:36 +01:00			`public String authorized() {`
			`InnerMethodName.set("auth");`
			`Secret secret = SecretManagerProvider.get();`
			`String userId = secret.getOwner().getId();`
			`String context = secret.getContext();`
style - code formatting 2024-02-23 17:35:59 +01:00			`return String.format(`
code format 2024-02-26 10:05:14 +01:00			`"User %s in context %s is authorized to execute this method because he has the role %s", userId,`
			`context, ALLOWED_ROLE);`
added authorized method 2024-02-22 09:56:36 +01:00			`}`
style - code formatting 2024-02-23 17:35:59 +01:00
added authorized method 2024-02-22 09:56:36 +01:00			`}`