removed jaxb jaxws as external libraries. it were added only for test. Add keycloak-client dep in order to work with the new authorization framework.
This commit is contained in:
parent
a3cafe2d53
commit
bc420b7050
4
pom.xml
4
pom.xml
|
@ -132,7 +132,7 @@
|
|||
<scope>test</scope>
|
||||
</dependency>
|
||||
<!--jaxb jdk11 support-->
|
||||
<dependency>
|
||||
<!--dependency>
|
||||
<groupId>javax.xml.bind</groupId>
|
||||
<artifactId>jaxb-api</artifactId>
|
||||
<version>2.3.1</version>
|
||||
|
@ -152,7 +152,7 @@
|
|||
<artifactId>jaxws-ri</artifactId>
|
||||
<version>2.3.2</version>
|
||||
<type>pom</type>
|
||||
</dependency>
|
||||
</dependency-->
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>keycloak-client</artifactId>
|
||||
|
|
|
@ -14,12 +14,16 @@ import javax.ws.rs.core.MediaType;
|
|||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
//import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||
//import org.gcube.common.keycloak.model.ModelUtils;
|
||||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||
import org.gcube.common.keycloak.model.ModelUtils;
|
||||
import org.gcube.common.resources.gcore.*;
|
||||
import org.gcube.common.resources.gcore.utils.Group;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||
import org.gcube.resources.discovery.client.queries.impl.XQuery;
|
||||
//import org.gcube.resources.discovery.client.queries.impl.XQuery;
|
||||
import org.gcube.common.encryption.StringEncrypter;
|
||||
|
||||
@Slf4j
|
||||
|
@ -64,16 +68,35 @@ public class ServiceEndpointResource {
|
|||
if(Objects.nonNull(endpoints)) {
|
||||
log.debug("retrieved resources are "+endpoints.size());
|
||||
if (isDecrypt) {
|
||||
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
||||
for (ServiceEndpoint resource : endpoints) {
|
||||
ses.add(decryptResource(resource));
|
||||
if (isRoleEnabled()){
|
||||
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
||||
for (ServiceEndpoint resource : endpoints) {
|
||||
ses.add(decryptResource(resource));
|
||||
}
|
||||
return ses;
|
||||
}else{
|
||||
log.info("user not enabled to see the resource free to air, sorry");
|
||||
}
|
||||
return ses;
|
||||
}
|
||||
}
|
||||
return endpoints;
|
||||
}
|
||||
|
||||
private boolean isRoleEnabled(){
|
||||
String at= AccessTokenProvider.instance.get();
|
||||
try{
|
||||
if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
|
||||
log.info("The client is authorized to see the resource as 'free-to-air'");
|
||||
return true;
|
||||
}
|
||||
}catch (Exception e){
|
||||
log.error("token not retrieved properly: "+e.getMessage());
|
||||
e.printStackTrace();
|
||||
}
|
||||
log.info("user not authorized, sorry");
|
||||
return false;
|
||||
}
|
||||
|
||||
// @GET
|
||||
// @Path("/{category}/{name}/{ap}")
|
||||
// @Produces(MediaType.TEXT_XML)
|
||||
|
|
Loading…
Reference in New Issue