From 0764ef320635f1ef04df69415898cc7d87311299 Mon Sep 17 00:00:00 2001
From: Roberto Cirillo <roberto.cirillo@isti.cnr.it>
Date: Thu, 9 Feb 2023 10:28:26 +0100
Subject: [PATCH] clean code,method getServiceEndpoint refactored

---
 CHANGELOG.md                                  |   2 +
 pom.xml                                       |  34 +-----
 .../resources/ServiceEndpointResource.java    | 104 ++++++------------
 3 files changed, 38 insertions(+), 102 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 14ff12d..02567a3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,7 +5,9 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
 
 ## [v1.3.0-SNAPSHOT] - [2023-01-27]
 
+- add support for UMA token
 - Feature #24253 add support for decrypted ServiceEndpoint
+- update lombok library to 1.18.4 with scope provided
 
 ## [v1.2.0] - [2021-06-08]
 
diff --git a/pom.xml b/pom.xml
index 0079729..42bec3e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,7 +30,6 @@
 		<maven.compiler.target>1.8</maven.compiler.target>
 		<maven.compiler.source>1.8</maven.compiler.source>
 	</properties>
-
 	<dependencyManagement>
 		<dependencies>
 			<dependency>
@@ -49,10 +48,7 @@
 			</dependency>
 		</dependencies>
 	</dependencyManagement>
-
 	<dependencies>
-
-
 		<!-- smartgears -->
 		<dependency>
 			<groupId>org.gcube.core</groupId>
@@ -104,55 +100,29 @@
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
 		</dependency>
-
-		
 		<!-- lombok -->
 		<dependency>
 			<groupId>org.projectlombok</groupId>
 			<artifactId>lombok</artifactId>
-			<version>1.18.2</version>
+			<version>1.18.4</version>
+			<scope>provided</scope>
 		</dependency>
-
 		<dependency>
 			<groupId>org.glassfish.jersey.test-framework</groupId>
 			<artifactId>jersey-test-framework-util</artifactId>
 			<scope>test</scope>
 		</dependency>
-
 		<dependency>
 			<groupId>org.glassfish.jersey.test-framework.providers</groupId>
 			<artifactId>jersey-test-framework-provider-simple</artifactId>
 			<scope>test</scope>
 		</dependency>
-
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
 			<version>4.12</version>
 			<scope>test</scope>
 		</dependency>
- <!--jaxb jdk11 support-->
-		<!--dependency>
-			<groupId>javax.xml.bind</groupId>
-			<artifactId>jaxb-api</artifactId>
-			<version>2.3.1</version>
-		</dependency>
-		<dependency>
-			<groupId>org.glassfish.jaxb</groupId>
-			<artifactId>jaxb-runtime</artifactId>
-			<version>2.3.1</version>
-		</dependency>
-		<dependency>
-			<groupId>javax.activation</groupId>
-			<artifactId>activation</artifactId>
-			<version>1.1</version>
-		</dependency>
-		<dependency>
-			<groupId>com.sun.xml.ws</groupId>
-			<artifactId>jaxws-ri</artifactId>
-			<version>2.3.2</version>
-			<type>pom</type>
-		</dependency-->
 		<dependency>
 			<groupId>org.gcube.common</groupId>
 			<artifactId>keycloak-client</artifactId>
diff --git a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
index 006d8fb..dfcc80b 100644
--- a/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
+++ b/src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java
@@ -3,19 +3,13 @@ package org.gcube.informationsystem.icproxy.resources;
 import static org.gcube.resources.discovery.icclient.ICFactory.client;
 import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
 import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
-
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
-
 import javax.validation.constraints.NotNull;
 import javax.ws.rs.*;
 import javax.ws.rs.core.MediaType;
-
 import lombok.extern.slf4j.Slf4j;
-
-//import org.gcube.common.authorization.library.provider.AccessTokenProvider;
-//import org.gcube.common.keycloak.model.ModelUtils;
 import org.gcube.common.authorization.library.provider.AccessTokenProvider;
 import org.gcube.common.keycloak.model.ModelUtils;
 import org.gcube.common.resources.gcore.*;
@@ -23,7 +17,6 @@ import org.gcube.common.resources.gcore.utils.Group;
 import org.gcube.common.scope.api.ScopeProvider;
 import org.gcube.resources.discovery.client.api.DiscoveryClient;
 import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
-//import org.gcube.resources.discovery.client.queries.impl.XQuery;
 import org.gcube.common.encryption.StringEncrypter;
 
 @Slf4j
@@ -43,20 +36,6 @@ public class ServiceEndpointResource {
 		return endpoints; 
 	}
 
-//	@GET
-//	@Path("/{category}/{name}")
-//	@Produces(MediaType.APPLICATION_XML)
-//	public List<ServiceEndpoint> retrieve(@NotNull @PathParam("name") String resourceName,
-//			@NotNull @PathParam("category") String resourceCategory) {
-//		log.info("ServiceEndpoint called with category {} and name {} in scope {}",resourceCategory, resourceName, ScopeProvider.instance.get());
-//
-//		DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
-//
-//		List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceName, resourceCategory));
-//		log.debug("retrieved resources are "+endpoints.size());
-//		return endpoints;
-//	}
-
 	@GET
 	@Path("/{category}/{name}")
 	@Produces(MediaType.APPLICATION_XML)
@@ -67,56 +46,13 @@ public class ServiceEndpointResource {
 		List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceName, resourceCategory));
 		if(Objects.nonNull(endpoints)) {
 			log.debug("retrieved resources are "+endpoints.size());
-			if (isDecrypt) {
-				if (isRoleEnabled()){
-					List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
-					for (ServiceEndpoint resource : endpoints) {
-						ses.add(decryptResource(resource));
-					}
-					return ses;
-				}else{
-					log.info("user not enabled to see the resource free to air, sorry");
-				}
-			}
+			return getServiceEndpoints(isDecrypt, endpoints);
+		}else{
+			log.error("ServiceEndpoint called with category {} and name {} in scope {}, return NULL",resourceCategory, resourceName, ScopeProvider.instance.get());
+			return null;
 		}
-		return endpoints;
 	}
 
-	private boolean isRoleEnabled(){
-		String at= AccessTokenProvider.instance.get();
-		try{
-			if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
-				log.info("The client is authorized to see the resource as 'free-to-air'");
-				return true;
-			}
-		}catch (Exception e){
-			log.error("token not retrieved properly: "+e.getMessage());
-			e.printStackTrace();
-		}
-		log.info("user not authorized, sorry");
-		return false;
-	}
-
-//	@GET
-//	@Path("/{category}/{name}/{ap}")
-//	@Produces(MediaType.TEXT_XML)
-//	public String retrieve(@NotNull @PathParam("name") String resourceName,
-//										  @NotNull @PathParam("category") String resourceCategory,
-//										  @NotNull @PathParam("ap") String accessPoint) {
-//		log.info("ServiceEndpoint called with category {}, name {} and accessPoint {} in scope {}",resourceCategory, resourceName, accessPoint, ScopeProvider.instance.get());
-//		XQuery query=queryFor(ServiceEndpoint.class);
-//		query.addCondition(String.format("$resource/Profile/Name/text() eq '%s'",resourceName));
-//		query.addCondition(String.format("$resource/Profile/Category/text() eq '%s'",resourceCategory));
-//		query.setResult("$resource/Profile/AccessPoint/Interface/Endpoint[@EntryName='"+accessPoint+"']/text()");
-//		DiscoveryClient<String> client = client();
-//		List<String> accessList= client.submit(query);
-//		if (Objects.nonNull(accessList))
-//			return accessList.get(0).toString();
-//		else
-//			log.warn("endpoint not found with following coordinates: {} {} and accesspoint: {}", resourceCategory, resourceName,accessPoint);
-//		return null;
-//	}
-
 	@GET
 	@Path("/{category}/{name}/Result/{result:([^$\\?]+)}")
 	@Produces(MediaType.TEXT_XML)
@@ -168,12 +104,40 @@ public class ServiceEndpointResource {
 		return resource;
 	}
 
-	public static String decryptString(String toDecrypt){
+	private static String decryptString(String toDecrypt){
 		try{
 			return StringEncrypter.getEncrypter().decrypt(toDecrypt);
 		}catch(Exception e) {
 			throw new RuntimeException("Unable to decrypt : "+toDecrypt,e);
 		}
 	}
+	private List<ServiceEndpoint> getServiceEndpoints(boolean isDecrypt, List<ServiceEndpoint> endpoints) {
+		if (isDecrypt) {
+			if (isRoleEnabled()){
+				List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
+				for (ServiceEndpoint resource : endpoints) {
+					ses.add(decryptResource(resource));
+				}
+				return ses;
+			}else{
+				log.info("user not enabled to see the resource free to air, sorry");
+			}
+		}
+		return null;
+	}
 
-}
+	private boolean isRoleEnabled(){
+		String at= AccessTokenProvider.instance.get();
+		try{
+			if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
+				log.info("The client is authorized to see the resource as 'free-to-air'");
+				return true;
+			}
+		}catch (Exception e){
+			log.error("token not retrieved properly: "+e.getMessage());
+			e.printStackTrace();
+		}
+		log.info("user not authorized, sorry");
+		return false;
+	}
+}
\ No newline at end of file