|
|
|
@ -14,12 +14,16 @@ import javax.ws.rs.core.MediaType;
|
|
|
|
|
|
|
|
|
|
import lombok.extern.slf4j.Slf4j;
|
|
|
|
|
|
|
|
|
|
//import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
|
|
|
//import org.gcube.common.keycloak.model.ModelUtils;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
|
|
|
import org.gcube.common.keycloak.model.ModelUtils;
|
|
|
|
|
import org.gcube.common.resources.gcore.*;
|
|
|
|
|
import org.gcube.common.resources.gcore.utils.Group;
|
|
|
|
|
import org.gcube.common.scope.api.ScopeProvider;
|
|
|
|
|
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
|
|
|
|
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
|
|
|
|
import org.gcube.resources.discovery.client.queries.impl.XQuery;
|
|
|
|
|
//import org.gcube.resources.discovery.client.queries.impl.XQuery;
|
|
|
|
|
import org.gcube.common.encryption.StringEncrypter;
|
|
|
|
|
|
|
|
|
|
@Slf4j
|
|
|
|
@ -64,16 +68,35 @@ public class ServiceEndpointResource {
|
|
|
|
|
if(Objects.nonNull(endpoints)) {
|
|
|
|
|
log.debug("retrieved resources are "+endpoints.size());
|
|
|
|
|
if (isDecrypt) {
|
|
|
|
|
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
|
|
|
|
for (ServiceEndpoint resource : endpoints) {
|
|
|
|
|
ses.add(decryptResource(resource));
|
|
|
|
|
if (isRoleEnabled()){
|
|
|
|
|
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
|
|
|
|
for (ServiceEndpoint resource : endpoints) {
|
|
|
|
|
ses.add(decryptResource(resource));
|
|
|
|
|
}
|
|
|
|
|
return ses;
|
|
|
|
|
}else{
|
|
|
|
|
log.info("user not enabled to see the resource free to air, sorry");
|
|
|
|
|
}
|
|
|
|
|
return ses;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return endpoints;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private boolean isRoleEnabled(){
|
|
|
|
|
String at= AccessTokenProvider.instance.get();
|
|
|
|
|
try{
|
|
|
|
|
if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
|
|
|
|
|
log.info("The client is authorized to see the resource as 'free-to-air'");
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}catch (Exception e){
|
|
|
|
|
log.error("token not retrieved properly: "+e.getMessage());
|
|
|
|
|
e.printStackTrace();
|
|
|
|
|
}
|
|
|
|
|
log.info("user not authorized, sorry");
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// @GET
|
|
|
|
|
// @Path("/{category}/{name}/{ap}")
|
|
|
|
|
// @Produces(MediaType.TEXT_XML)
|
|
|
|
|