diff --git a/CHANGELOG.md b/CHANGELOG.md
index 14ff12d..02567a3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,9 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
## [v1.3.0-SNAPSHOT] - [2023-01-27]
+- add support for UMA token
- Feature #24253 add support for decrypted ServiceEndpoint
+- update lombok library to 1.18.4 with scope provided
## [v1.2.0] - [2021-06-08]
diff --git a/pom.xml b/pom.xml
index 0079729..42bec3e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,7 +30,6 @@
1.8
1.8
-
@@ -49,10 +48,7 @@
-
-
-
org.gcube.core
@@ -104,55 +100,29 @@
org.slf4j
slf4j-api
-
-
org.projectlombok
lombok
- 1.18.2
+ 1.18.4
+ provided
-
org.glassfish.jersey.test-framework
jersey-test-framework-util
test
-
org.glassfish.jersey.test-framework.providers
jersey-test-framework-provider-simple
test
-
junit
junit
4.12
test
-
-
org.gcube.common
keycloak-client
diff --git a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
index 006d8fb..dfcc80b 100644
--- a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
+++ b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
@@ -3,19 +3,13 @@ package org.gcube.informationsystem.icproxy.resources;
import static org.gcube.resources.discovery.icclient.ICFactory.client;
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
-
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
-
import javax.validation.constraints.NotNull;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
-
import lombok.extern.slf4j.Slf4j;
-
-//import org.gcube.common.authorization.library.provider.AccessTokenProvider;
-//import org.gcube.common.keycloak.model.ModelUtils;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.keycloak.model.ModelUtils;
import org.gcube.common.resources.gcore.*;
@@ -23,7 +17,6 @@ import org.gcube.common.resources.gcore.utils.Group;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.resources.discovery.client.api.DiscoveryClient;
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
-//import org.gcube.resources.discovery.client.queries.impl.XQuery;
import org.gcube.common.encryption.StringEncrypter;
@Slf4j
@@ -43,20 +36,6 @@ public class ServiceEndpointResource {
return endpoints;
}
-// @GET
-// @Path("/{category}/{name}")
-// @Produces(MediaType.APPLICATION_XML)
-// public List retrieve(@NotNull @PathParam("name") String resourceName,
-// @NotNull @PathParam("category") String resourceCategory) {
-// log.info("ServiceEndpoint called with category {} and name {} in scope {}",resourceCategory, resourceName, ScopeProvider.instance.get());
-//
-// DiscoveryClient client = clientFor(ServiceEndpoint.class);
-//
-// List endpoints = client.submit(getQuery(resourceName, resourceCategory));
-// log.debug("retrieved resources are "+endpoints.size());
-// return endpoints;
-// }
-
@GET
@Path("/{category}/{name}")
@Produces(MediaType.APPLICATION_XML)
@@ -67,56 +46,13 @@ public class ServiceEndpointResource {
List endpoints = client.submit(getQuery(resourceName, resourceCategory));
if(Objects.nonNull(endpoints)) {
log.debug("retrieved resources are "+endpoints.size());
- if (isDecrypt) {
- if (isRoleEnabled()){
- List ses = new ArrayList<>(endpoints.size());
- for (ServiceEndpoint resource : endpoints) {
- ses.add(decryptResource(resource));
- }
- return ses;
- }else{
- log.info("user not enabled to see the resource free to air, sorry");
- }
- }
+ return getServiceEndpoints(isDecrypt, endpoints);
+ }else{
+ log.error("ServiceEndpoint called with category {} and name {} in scope {}, return NULL",resourceCategory, resourceName, ScopeProvider.instance.get());
+ return null;
}
- return endpoints;
}
- private boolean isRoleEnabled(){
- String at= AccessTokenProvider.instance.get();
- try{
- if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
- log.info("The client is authorized to see the resource as 'free-to-air'");
- return true;
- }
- }catch (Exception e){
- log.error("token not retrieved properly: "+e.getMessage());
- e.printStackTrace();
- }
- log.info("user not authorized, sorry");
- return false;
- }
-
-// @GET
-// @Path("/{category}/{name}/{ap}")
-// @Produces(MediaType.TEXT_XML)
-// public String retrieve(@NotNull @PathParam("name") String resourceName,
-// @NotNull @PathParam("category") String resourceCategory,
-// @NotNull @PathParam("ap") String accessPoint) {
-// log.info("ServiceEndpoint called with category {}, name {} and accessPoint {} in scope {}",resourceCategory, resourceName, accessPoint, ScopeProvider.instance.get());
-// XQuery query=queryFor(ServiceEndpoint.class);
-// query.addCondition(String.format("$resource/Profile/Name/text() eq '%s'",resourceName));
-// query.addCondition(String.format("$resource/Profile/Category/text() eq '%s'",resourceCategory));
-// query.setResult("$resource/Profile/AccessPoint/Interface/Endpoint[@EntryName='"+accessPoint+"']/text()");
-// DiscoveryClient client = client();
-// List accessList= client.submit(query);
-// if (Objects.nonNull(accessList))
-// return accessList.get(0).toString();
-// else
-// log.warn("endpoint not found with following coordinates: {} {} and accesspoint: {}", resourceCategory, resourceName,accessPoint);
-// return null;
-// }
-
@GET
@Path("/{category}/{name}/Result/{result:([^$\\?]+)}")
@Produces(MediaType.TEXT_XML)
@@ -168,12 +104,40 @@ public class ServiceEndpointResource {
return resource;
}
- public static String decryptString(String toDecrypt){
+ private static String decryptString(String toDecrypt){
try{
return StringEncrypter.getEncrypter().decrypt(toDecrypt);
}catch(Exception e) {
throw new RuntimeException("Unable to decrypt : "+toDecrypt,e);
}
}
+ private List getServiceEndpoints(boolean isDecrypt, List endpoints) {
+ if (isDecrypt) {
+ if (isRoleEnabled()){
+ List ses = new ArrayList<>(endpoints.size());
+ for (ServiceEndpoint resource : endpoints) {
+ ses.add(decryptResource(resource));
+ }
+ return ses;
+ }else{
+ log.info("user not enabled to see the resource free to air, sorry");
+ }
+ }
+ return null;
+ }
-}
+ private boolean isRoleEnabled(){
+ String at= AccessTokenProvider.instance.get();
+ try{
+ if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
+ log.info("The client is authorized to see the resource as 'free-to-air'");
+ return true;
+ }
+ }catch (Exception e){
+ log.error("token not retrieved properly: "+e.getMessage());
+ e.printStackTrace();
+ }
+ log.info("user not authorized, sorry");
+ return false;
+ }
+}
\ No newline at end of file