68 lines
2.1 KiB
Java
68 lines
2.1 KiB
Java
package org.gcube.service.helloworld.services;
|
|
|
|
import jakarta.ws.rs.GET;
|
|
import jakarta.ws.rs.Path;
|
|
import jakarta.ws.rs.Produces;
|
|
import jakarta.ws.rs.core.MediaType;
|
|
|
|
import org.gcube.common.authorization.control.annotations.AuthorizationControl;
|
|
import org.gcube.common.security.providers.SecretManagerProvider;
|
|
import org.gcube.common.security.secrets.Secret;
|
|
import org.gcube.smartgears.utils.InnerMethodName;
|
|
|
|
/**
|
|
* @author Lucio Lelii (ISTI - CNR)
|
|
* @author Alfredo Oliviero (ISTI - CNR)
|
|
*/
|
|
|
|
@Path("auth")
|
|
public class AuthenticatedService {
|
|
|
|
private static final String ALLOWED_ROLE = "myRole";
|
|
private static final String ALLOWED_ROLE_ORG = "OrganizationMember";
|
|
private static final String ALLOWED_ROLE_MEMBER = "Member";
|
|
|
|
@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_ORG })
|
|
@GET
|
|
@Path("org_member")
|
|
@Produces(MediaType.TEXT_PLAIN)
|
|
public String authorizedOrg() {
|
|
InnerMethodName.set("auth");
|
|
Secret secret = SecretManagerProvider.get();
|
|
String userId = secret.getOwner().getId();
|
|
String context = secret.getContext();
|
|
return String.format(
|
|
"User %s in context %s is authorized to execute this method because he has the role %s", userId,
|
|
context, ALLOWED_ROLE_ORG);
|
|
}
|
|
|
|
@AuthorizationControl(allowedRoles = { ALLOWED_ROLE_MEMBER })
|
|
@GET
|
|
@Path("member")
|
|
@Produces(MediaType.TEXT_PLAIN)
|
|
public String authorizedMember() {
|
|
InnerMethodName.set("auth");
|
|
Secret secret = SecretManagerProvider.get();
|
|
String userId = secret.getOwner().getId();
|
|
String context = secret.getContext();
|
|
return String.format(
|
|
"User %s in context %s is authorized to execute this method because he has the role %s", userId,
|
|
context, ALLOWED_ROLE_MEMBER);
|
|
}
|
|
|
|
@AuthorizationControl(allowedRoles = { ALLOWED_ROLE })
|
|
@GET
|
|
@Path("")
|
|
@Produces(MediaType.TEXT_PLAIN)
|
|
public String authorized() {
|
|
InnerMethodName.set("auth");
|
|
Secret secret = SecretManagerProvider.get();
|
|
String userId = secret.getOwner().getId();
|
|
String context = secret.getContext();
|
|
return String.format(
|
|
"User %s in context %s is authorized to execute this method because he has the role %s", userId,
|
|
context, ALLOWED_ROLE);
|
|
}
|
|
|
|
}
|