Compare commits
39 Commits
Feature/21
...
master
Author | SHA1 | Date |
---|---|---|
Roberto Cirillo | 86e9db2230 | |
Roberto Cirillo | acd016e1f2 | |
Roberto Cirillo | 8eb58fd6f4 | |
Roberto Cirillo | c11fb3b44d | |
Roberto Cirillo | 83240cb40f | |
Roberto Cirillo | 6f7dd0e4f2 | |
Roberto Cirillo | 26f9460cf3 | |
Roberto Cirillo | e35f2cd199 | |
Roberto Cirillo | 1e438436d5 | |
Roberto Cirillo | d6a6075f5a | |
Roberto Cirillo | d1d2d667e0 | |
Roberto Cirillo | 8aa338a5b6 | |
Roberto Cirillo | a49ef41abd | |
Roberto Cirillo | 14efce90a4 | |
Roberto Cirillo | aaa8cdd631 | |
Roberto Cirillo | 280e6877b5 | |
Roberto Cirillo | ee1560cce3 | |
Roberto Cirillo | fdb7fd354d | |
Roberto Cirillo | 5d4793210e | |
Roberto Cirillo | 09c6155a45 | |
Roberto Cirillo | aba203b651 | |
Roberto Cirillo | d53a917c45 | |
Roberto Cirillo | 5b9f1d927f | |
Roberto Cirillo | b064f74fbd | |
Roberto Cirillo | c939f13fad | |
Roberto Cirillo | b70ed135e9 | |
Roberto Cirillo | cb4b10caf0 | |
Roberto Cirillo | 039dbccd98 | |
Roberto Cirillo | 476a2f580b | |
Roberto Cirillo | 0764ef3206 | |
Roberto Cirillo | bc420b7050 | |
Roberto Cirillo | a3cafe2d53 | |
Roberto Cirillo | 03794cbc9c | |
Roberto Cirillo | 9f54528e1c | |
Roberto Cirillo | 7aba971bf6 | |
Roberto Cirillo | 1b76d204ac | |
Roberto Cirillo | 99e3f05ea5 | |
Massimiliano Assante | d9e6f95837 | |
Massimiliano Assante | 3a1fd378ec |
|
@ -0,0 +1,2 @@
|
||||||
|
.idea/
|
||||||
|
src/test/resources/
|
12
CHANGELOG.md
12
CHANGELOG.md
|
@ -3,14 +3,24 @@
|
||||||
All notable changes to this project will be documented in this file.
|
All notable changes to this project will be documented in this file.
|
||||||
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||||
|
|
||||||
## [v1.2.0-SNAPSHOT] - [2021-06-08]
|
## [v1.4.0] - [2023-03-09]
|
||||||
|
|
||||||
|
- Feature #24254 simple serviceEndpoint creation
|
||||||
|
- add support for UMA token
|
||||||
|
- Feature #24253 add support for decrypted ServiceEndpoint
|
||||||
|
- update lombok library to 1.18.4 with scope provided
|
||||||
|
|
||||||
|
|
||||||
|
## [v1.2.0] - [2021-06-08]
|
||||||
|
|
||||||
- Feature #21584 added support for /ServiceEndpoint/{category} REST call
|
- Feature #21584 added support for /ServiceEndpoint/{category} REST call
|
||||||
|
|
||||||
|
|
||||||
## [v1.1.0-SNAPSHOT] - [2016-10-03]
|
## [v1.1.0-SNAPSHOT] - [2016-10-03]
|
||||||
|
|
||||||
- porting to auth v.2
|
- porting to auth v.2
|
||||||
|
|
||||||
|
|
||||||
## [v1.0.0] - [2015-07-01]
|
## [v1.0.0] - [2015-07-01]
|
||||||
|
|
||||||
- First commit
|
- First commit
|
|
@ -18,7 +18,11 @@ See [Releases](https://code-repo.d4science.org/gCubeSystem/ic-proxy/releases).
|
||||||
## Authors
|
## Authors
|
||||||
|
|
||||||
* **Lucio Lelii** ([ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
* **Lucio Lelii** ([ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||||
|
* **Massimiliano Assante** - [ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||||
|
|
||||||
|
## Maintainers
|
||||||
|
|
||||||
|
* **Lucio Lelii** ([ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
|
|
81
pom.xml
81
pom.xml
|
@ -11,7 +11,7 @@
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<groupId>org.gcube.information-system</groupId>
|
<groupId>org.gcube.information-system</groupId>
|
||||||
<artifactId>icproxy</artifactId>
|
<artifactId>icproxy</artifactId>
|
||||||
<version>1.2.0-SNAPSHOT</version>
|
<version>1.4.0</version>
|
||||||
<name>ICProxy</name>
|
<name>ICProxy</name>
|
||||||
|
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
|
@ -27,8 +27,9 @@
|
||||||
<properties>
|
<properties>
|
||||||
<webappDirectory>${project.basedir}/src/main/webapp/WEB-INF</webappDirectory>
|
<webappDirectory>${project.basedir}/src/main/webapp/WEB-INF</webappDirectory>
|
||||||
<distroDirectory>${project.basedir}/distro</distroDirectory>
|
<distroDirectory>${project.basedir}/distro</distroDirectory>
|
||||||
|
<maven.compiler.target>1.8</maven.compiler.target>
|
||||||
|
<maven.compiler.source>1.8</maven.compiler.source>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
<dependencyManagement>
|
<dependencyManagement>
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -47,10 +48,7 @@
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</dependencyManagement>
|
</dependencyManagement>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
|
||||||
|
|
||||||
<!-- smartgears -->
|
<!-- smartgears -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
|
@ -68,11 +66,14 @@
|
||||||
<groupId>org.gcube.resources.discovery</groupId>
|
<groupId>org.gcube.resources.discovery</groupId>
|
||||||
<artifactId>ic-client</artifactId>
|
<artifactId>ic-client</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resources</groupId>
|
<groupId>org.gcube.resources</groupId>
|
||||||
<artifactId>common-gcore-resources</artifactId>
|
<artifactId>common-gcore-resources</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.core</groupId>
|
||||||
|
<artifactId>common-encryption</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- jersey -->
|
<!-- jersey -->
|
||||||
|
|
||||||
|
@ -80,12 +81,34 @@
|
||||||
<groupId>org.glassfish.jersey.containers</groupId>
|
<groupId>org.glassfish.jersey.containers</groupId>
|
||||||
<artifactId>jersey-container-servlet-core</artifactId>
|
<artifactId>jersey-container-servlet-core</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.glassfish.jersey.containers</groupId>
|
<groupId>org.glassfish.jersey.containers</groupId>
|
||||||
<!-- if your container implements Servlet API older than 3.0, use "jersey-container-servlet-core" -->
|
<!-- if your container implements Servlet API older than 3.0, use "jersey-container-servlet-core" -->
|
||||||
<artifactId>jersey-container-servlet</artifactId>
|
<artifactId>jersey-container-servlet</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.glassfish.jersey.test-framework</groupId>
|
||||||
|
<artifactId>jersey-test-framework-util</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
|
||||||
|
<artifactId>jersey-test-framework-provider-simple</artifactId>
|
||||||
|
<scope>test</scope>
|
||||||
|
</dependency>
|
||||||
|
<!-- used for converting xml request in json request -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.glassfish.jersey.media</groupId>
|
||||||
|
<artifactId>jersey-media-moxy</artifactId>
|
||||||
|
<version>2.39</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- lombok -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.projectlombok</groupId>
|
||||||
|
<artifactId>lombok</artifactId>
|
||||||
|
<version>1.18.4</version>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>javax.servlet</groupId>
|
<groupId>javax.servlet</groupId>
|
||||||
|
@ -93,40 +116,38 @@
|
||||||
<version>3.0.1</version>
|
<version>3.0.1</version>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.slf4j</groupId>
|
<groupId>org.slf4j</groupId>
|
||||||
<artifactId>slf4j-api</artifactId>
|
<artifactId>slf4j-api</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
||||||
<!-- lombok -->
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.projectlombok</groupId>
|
|
||||||
<artifactId>lombok</artifactId>
|
|
||||||
<version>1.14.8</version>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.glassfish.jersey.test-framework</groupId>
|
|
||||||
<artifactId>jersey-test-framework-util</artifactId>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
|
|
||||||
<artifactId>jersey-test-framework-provider-simple</artifactId>
|
|
||||||
<scope>test</scope>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>junit</groupId>
|
<groupId>junit</groupId>
|
||||||
<artifactId>junit</artifactId>
|
<artifactId>junit</artifactId>
|
||||||
<version>4.12</version>
|
<version>4.12</version>
|
||||||
<scope>test</scope>
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>keycloak-client</artifactId>
|
||||||
|
<version>[1.0.0,2.0.0-SNAPSHOT)</version>
|
||||||
|
</dependency>
|
||||||
|
<!-- JAXB DEPS IN ORDER TO WORK WITH JDK11-->
|
||||||
|
<dependency>
|
||||||
|
<groupId>javax.xml.bind</groupId>
|
||||||
|
<artifactId>jaxb-api</artifactId>
|
||||||
|
<version>2.3.0</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.sun.xml.bind</groupId>
|
||||||
|
<artifactId>jaxb-core</artifactId>
|
||||||
|
<version>2.3.0</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.sun.xml.bind</groupId>
|
||||||
|
<artifactId>jaxb-impl</artifactId>
|
||||||
|
<version>2.3.0</version>
|
||||||
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
|
|
||||||
<build>
|
<build>
|
||||||
<finalName>${artifactId}</finalName>
|
<finalName>${artifactId}</finalName>
|
||||||
</build>
|
</build>
|
||||||
|
|
|
@ -0,0 +1,34 @@
|
||||||
|
package org.gcube.informationsystem.icproxy.profiles;
|
||||||
|
import lombok.AccessLevel;
|
||||||
|
import lombok.Getter;
|
||||||
|
import lombok.Setter;
|
||||||
|
|
||||||
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
|
@XmlRootElement( name="resource")
|
||||||
|
public class ServiceEndpointProfile {
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
private String category;
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
private String name;
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
private String platform="d4science";
|
||||||
|
@Getter
|
||||||
|
@Setter
|
||||||
|
private String accessPointName;
|
||||||
|
@Getter
|
||||||
|
@Setter (AccessLevel.PROTECTED)
|
||||||
|
private String accessPointAddress;
|
||||||
|
@Getter
|
||||||
|
@Setter (AccessLevel.PROTECTED)
|
||||||
|
private String accessPointUsername;
|
||||||
|
@Getter
|
||||||
|
@Setter (AccessLevel.PROTECTED)
|
||||||
|
private String accessPointPass;
|
||||||
|
@Getter
|
||||||
|
@Setter (AccessLevel.PROTECTED)
|
||||||
|
private String host;
|
||||||
|
}
|
|
@ -3,35 +3,38 @@ package org.gcube.informationsystem.icproxy.resources;
|
||||||
import static org.gcube.resources.discovery.icclient.ICFactory.client;
|
import static org.gcube.resources.discovery.icclient.ICFactory.client;
|
||||||
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
|
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
|
||||||
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
|
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
|
||||||
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Objects;
|
||||||
import javax.validation.constraints.NotNull;
|
import javax.validation.constraints.NotNull;
|
||||||
import javax.ws.rs.GET;
|
import javax.ws.rs.*;
|
||||||
import javax.ws.rs.Path;
|
|
||||||
import javax.ws.rs.PathParam;
|
|
||||||
import javax.ws.rs.Produces;
|
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
||||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
import org.gcube.common.keycloak.model.ModelUtils;
|
||||||
|
import org.gcube.common.resources.gcore.*;
|
||||||
|
import org.gcube.common.resources.gcore.utils.Group;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
|
import org.gcube.informationsystem.icproxy.profiles.ServiceEndpointProfile;
|
||||||
|
import org.gcube.informationsystem.publisher.RegistryPublisher;
|
||||||
|
import org.gcube.informationsystem.publisher.RegistryPublisherFactory;
|
||||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||||
|
import org.gcube.common.encryption.StringEncrypter;
|
||||||
|
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@Path("ServiceEndpoint")
|
@Path("ServiceEndpoint")
|
||||||
public class ServiceEndpointResource {
|
public class ServiceEndpointResource {
|
||||||
|
|
||||||
|
public static final String DECRYPT_ROLE ="service-endpoint-key";
|
||||||
|
public static final String CREATE_ROLE ="is-resource-create";
|
||||||
|
|
||||||
@GET
|
@GET
|
||||||
@Path("/{category}")
|
@Path("/{category}")
|
||||||
@Produces(MediaType.APPLICATION_XML)
|
@Produces(MediaType.APPLICATION_XML)
|
||||||
public List<ServiceEndpoint> retrieve(@NotNull @PathParam("category") String resourceCategory) {
|
public List<ServiceEndpoint> retrieve(@NotNull @PathParam("category") String resourceCategory) {
|
||||||
log.info("ServiceEndpoint called with category {} in context {}",resourceCategory, ScopeProvider.instance.get());
|
log.info("ServiceEndpoint called with category {} in context {}",resourceCategory, ScopeProvider.instance.get());
|
||||||
|
|
||||||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||||
|
|
||||||
List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceCategory));
|
List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceCategory));
|
||||||
log.debug("retrieved resources are "+endpoints.size());
|
log.debug("retrieved resources are "+endpoints.size());
|
||||||
return endpoints;
|
return endpoints;
|
||||||
|
@ -40,15 +43,18 @@ public class ServiceEndpointResource {
|
||||||
@GET
|
@GET
|
||||||
@Path("/{category}/{name}")
|
@Path("/{category}/{name}")
|
||||||
@Produces(MediaType.APPLICATION_XML)
|
@Produces(MediaType.APPLICATION_XML)
|
||||||
public List<ServiceEndpoint> retrieve(@NotNull @PathParam("name") String resourceName,
|
public List<ServiceEndpoint> retrieve(@NotNull @PathParam("name") String resourceName,
|
||||||
@NotNull @PathParam("category") String resourceCategory) {
|
@NotNull @PathParam("category") String resourceCategory, @QueryParam("decrypt") boolean isDecrypt) {
|
||||||
log.info("ServiceEndpoint called with category {} and name {} in scope {}",resourceCategory, resourceName, ScopeProvider.instance.get());
|
log.info("ServiceEndpoint called with category {} and name {} in scope {}",resourceCategory, resourceName, ScopeProvider.instance.get());
|
||||||
|
|
||||||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||||
|
|
||||||
List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceName, resourceCategory));
|
List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceName, resourceCategory));
|
||||||
log.debug("retrieved resources are "+endpoints.size());
|
if(Objects.nonNull(endpoints)) {
|
||||||
return endpoints;
|
log.debug("retrieved resources are "+endpoints.size());
|
||||||
|
return getServiceEndpoints(isDecrypt, endpoints);
|
||||||
|
}else{
|
||||||
|
log.error("ServiceEndpoint called with category {} and name {} in scope {}, return NULL",resourceCategory, resourceName, ScopeProvider.instance.get());
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@GET
|
@GET
|
||||||
|
@ -58,26 +64,72 @@ public class ServiceEndpointResource {
|
||||||
@NotNull @PathParam("category") String resourceCategory, @NotNull @PathParam("result") String resultXPath) {
|
@NotNull @PathParam("category") String resourceCategory, @NotNull @PathParam("result") String resultXPath) {
|
||||||
log.info("ServiceEndpoint called with category {} and name {} and result {} in scope {}"
|
log.info("ServiceEndpoint called with category {} and name {} and result {} in scope {}"
|
||||||
,resourceCategory, resourceName, resultXPath, ScopeProvider.instance.get());
|
,resourceCategory, resourceName, resultXPath, ScopeProvider.instance.get());
|
||||||
|
|
||||||
SimpleQuery query = getQuery(resourceName, resourceCategory);
|
SimpleQuery query = getQuery(resourceName, resourceCategory);
|
||||||
|
|
||||||
if (resultXPath.startsWith("/"))
|
if (resultXPath.startsWith("/"))
|
||||||
query.setResult("$resource"+resultXPath);
|
query.setResult("$resource"+resultXPath);
|
||||||
else
|
else
|
||||||
query.setResult("$resource/"+resultXPath);
|
query.setResult("$resource/"+resultXPath);
|
||||||
|
|
||||||
DiscoveryClient<String> client = client();
|
DiscoveryClient<String> client = client();
|
||||||
List<String> endpoints = client.submit(query);
|
List<String> endpoints = client.submit(query);
|
||||||
StringBuilder builder = new StringBuilder("<Results>");
|
StringBuilder builder = new StringBuilder("<Results>");
|
||||||
for (String single: endpoints)
|
for (String single: endpoints)
|
||||||
builder.append("<Result>").append(single.replaceAll("\n", "")).append("</Result>");
|
builder.append("<Result>").append(single.replaceAll("\n", "")).append("</Result>");
|
||||||
|
|
||||||
builder.append("</Results>");
|
builder.append("</Results>");
|
||||||
|
|
||||||
log.debug("retrieved resources are "+endpoints.size());
|
log.debug("retrieved resources are "+endpoints.size());
|
||||||
return builder.toString();
|
return builder.toString();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Used for creating a new ServiceEndpoint resource starting from a XML resource as input param
|
||||||
|
* @param resourceProfile a complete ServiceEndpoint resource in XML
|
||||||
|
* @return the resource id
|
||||||
|
*/
|
||||||
|
@POST
|
||||||
|
@Produces(MediaType.TEXT_PLAIN)
|
||||||
|
@Consumes(MediaType.APPLICATION_XML)
|
||||||
|
public String create(ServiceEndpoint resourceProfile) {
|
||||||
|
log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
|
||||||
|
if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
|
||||||
|
log.debug("going to encrypt and push");
|
||||||
|
String id=registerSE(encryptResource(resourceProfile));
|
||||||
|
log.debug("pushed on IS");
|
||||||
|
return id;
|
||||||
|
}else{
|
||||||
|
throw new RuntimeException("ServiceEndpoint profile is null or user not enabled");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Used for creating a new ServiceEndpoint resource starting from a simplified JSON resource
|
||||||
|
* @param resourceProfile a simplified JSON resource defined by ServiceEndpointProfile class
|
||||||
|
* @return the new resource created in XML format
|
||||||
|
*/
|
||||||
|
@POST
|
||||||
|
@Produces(MediaType.APPLICATION_XML)
|
||||||
|
@Consumes(MediaType.APPLICATION_JSON)
|
||||||
|
public ServiceEndpoint create(ServiceEndpointProfile resourceProfile) {
|
||||||
|
log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
|
||||||
|
if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
|
||||||
|
ServiceEndpoint newResource= new ServiceEndpoint();
|
||||||
|
ServiceEndpoint.Profile profile=newResource.newProfile().category(resourceProfile.getCategory()).name(resourceProfile.getName());
|
||||||
|
profile.newPlatform().name(resourceProfile.getPlatform()).version((short)1).minorVersion((short)0).revisionVersion((short)0).buildVersion((short)0);
|
||||||
|
profile.newRuntime().hostedOn(resourceProfile.getHost()).status("ready").ghnId("");
|
||||||
|
ServiceEndpoint.AccessPoint ap=new ServiceEndpoint.AccessPoint();
|
||||||
|
ap.name(resourceProfile.getAccessPointName());
|
||||||
|
ap.address(resourceProfile.getAccessPointAddress());
|
||||||
|
ap.credentials(resourceProfile.getAccessPointPass(), resourceProfile.getAccessPointUsername());
|
||||||
|
profile.accessPoints().add(ap);
|
||||||
|
log.debug("going to encrypt and push");
|
||||||
|
registerSE(encryptResource(newResource));
|
||||||
|
log.debug("pushed on IS");
|
||||||
|
return newResource;
|
||||||
|
}else{
|
||||||
|
throw new RuntimeException("ServiceEndpoint profile is null or user not enabled");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
private SimpleQuery getQuery(String resourceName, String resourceCategory){
|
private SimpleQuery getQuery(String resourceName, String resourceCategory){
|
||||||
SimpleQuery query = queryFor(ServiceEndpoint.class);
|
SimpleQuery query = queryFor(ServiceEndpoint.class);
|
||||||
query.addCondition(String.format("$resource/Profile/Name/text() eq '%s'",resourceName));
|
query.addCondition(String.format("$resource/Profile/Name/text() eq '%s'",resourceName));
|
||||||
|
@ -90,5 +142,91 @@ public class ServiceEndpointResource {
|
||||||
query.addCondition(String.format("$resource/Profile/Category/text() eq '%s'",resourceCategory));
|
query.addCondition(String.format("$resource/Profile/Category/text() eq '%s'",resourceCategory));
|
||||||
return query;
|
return query;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private ServiceEndpoint decryptResource(ServiceEndpoint resource) {
|
||||||
|
log.debug("encrypting serviceEndpoint {} ", resource.id());
|
||||||
|
Group<ServiceEndpoint.AccessPoint> aps=resource.profile().accessPoints();
|
||||||
|
for (ServiceEndpoint.AccessPoint ap : aps){
|
||||||
|
String decrypted =decryptString(ap.password());
|
||||||
|
String user= ap.username();
|
||||||
|
|
||||||
|
ap.credentials(decrypted, user);
|
||||||
|
}
|
||||||
|
return resource;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
private ServiceEndpoint encryptResource(ServiceEndpoint resource) {
|
||||||
|
log.debug("encrypting serviceEndpoint {} ", resource.id());
|
||||||
|
Group<ServiceEndpoint.AccessPoint> aps=resource.profile().accessPoints();
|
||||||
|
for (ServiceEndpoint.AccessPoint ap : aps){
|
||||||
|
String decrypted =encryptString(ap.password());
|
||||||
|
String user= ap.username();
|
||||||
|
ap.credentials(decrypted, user);
|
||||||
|
}
|
||||||
|
return resource;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
private static String decryptString(String toDecrypt){
|
||||||
|
log.debug("decrypting string");
|
||||||
|
try{
|
||||||
|
return StringEncrypter.getEncrypter().decrypt(toDecrypt);
|
||||||
|
}catch(Exception e) {
|
||||||
|
throw new RuntimeException("Unable to decrypt : "+toDecrypt,e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String encryptString(String toEncrypt){
|
||||||
|
log.debug("encrypting string");
|
||||||
|
try{
|
||||||
|
return StringEncrypter.getEncrypter().encrypt(toEncrypt);
|
||||||
|
}catch(Exception e) {
|
||||||
|
throw new RuntimeException("Unable to encrypt : "+toEncrypt,e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<ServiceEndpoint> getServiceEndpoints(boolean isDecrypt, List<ServiceEndpoint> endpoints) {
|
||||||
|
if (isDecrypt) {
|
||||||
|
if (isRoleEnabled(DECRYPT_ROLE)){
|
||||||
|
List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
|
||||||
|
for (ServiceEndpoint resource : endpoints) {
|
||||||
|
ses.add(decryptResource(resource));
|
||||||
|
}
|
||||||
|
return ses;
|
||||||
|
}else{
|
||||||
|
log.warn("user not enabled to see the resource free to air, sorry");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return endpoints;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isRoleEnabled(String role){
|
||||||
|
boolean isEnabled = false;
|
||||||
|
log.debug("checking role: "+role);
|
||||||
|
String at= AccessTokenProvider.instance.get();
|
||||||
|
try{
|
||||||
|
if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(role)) {
|
||||||
|
isEnabled=true;
|
||||||
|
}
|
||||||
|
}catch (Exception e){
|
||||||
|
log.error("token not retrieved properly: "+e.getMessage());
|
||||||
|
e.printStackTrace();
|
||||||
|
}
|
||||||
|
log.debug("role enabled "+isEnabled);
|
||||||
|
return isEnabled;
|
||||||
|
}
|
||||||
|
private static String registerSE(ServiceEndpoint toRegister) {
|
||||||
|
log.trace("going to create a new ServiceEndpoint resource. registerSE method");
|
||||||
|
RegistryPublisher rp= RegistryPublisherFactory.create();
|
||||||
|
if(log.isDebugEnabled())
|
||||||
|
Resources.print(toRegister);
|
||||||
|
Resource r=rp.create(toRegister);
|
||||||
|
if (Objects.nonNull(r)) {
|
||||||
|
log.debug("resource registered with id " + r.id());
|
||||||
|
return r.id();
|
||||||
|
}else{
|
||||||
|
throw new RuntimeException("Creation failed, null returned: "+toRegister);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -2,6 +2,8 @@ package org.gcube.informationsystem.icproxy;
|
||||||
|
|
||||||
import javax.ws.rs.core.Application;
|
import javax.ws.rs.core.Application;
|
||||||
|
|
||||||
|
//import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||||
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.informationsystem.icproxy.resources.GCoreEndpointResource;
|
import org.gcube.informationsystem.icproxy.resources.GCoreEndpointResource;
|
||||||
import org.gcube.informationsystem.icproxy.resources.GenericResourceResource;
|
import org.gcube.informationsystem.icproxy.resources.GenericResourceResource;
|
||||||
import org.gcube.informationsystem.icproxy.resources.HostingNodeResource;
|
import org.gcube.informationsystem.icproxy.resources.HostingNodeResource;
|
||||||
|
@ -15,7 +17,9 @@ public class TestCall extends JerseyTest{
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected Application configure() {
|
protected Application configure() {
|
||||||
|
ScopeProvider.instance.set("/gcube/devsec");
|
||||||
return new ResourceConfig(ICResource.class,GCoreEndpointResource.class, ServiceEndpointResource.class, HostingNodeResource.class, GenericResourceResource.class);
|
return new ResourceConfig(ICResource.class,GCoreEndpointResource.class, ServiceEndpointResource.class, HostingNodeResource.class, GenericResourceResource.class);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
@ -34,8 +38,6 @@ public class TestCall extends JerseyTest{
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void gcoreEndpointWithResult() {
|
public void gcoreEndpointWithResult() {
|
||||||
|
|
||||||
|
|
||||||
final String ret = target("GCoreEndpoint").path("DataAnalysis")
|
final String ret = target("GCoreEndpoint").path("DataAnalysis")
|
||||||
.queryParam("result","/Profile/AccessPoint/RunningInstanceInterfaces//Endpoint[@EntryName/string() eq \"querymanager\"]")
|
.queryParam("result","/Profile/AccessPoint/RunningInstanceInterfaces//Endpoint[@EntryName/string() eq \"querymanager\"]")
|
||||||
.queryParam("scope", "/gcube/devsec").request().get(String.class);
|
.queryParam("scope", "/gcube/devsec").request().get(String.class);
|
||||||
|
@ -47,6 +49,12 @@ public class TestCall extends JerseyTest{
|
||||||
final String ret = target("ServiceEndpoint").path("BiodiversityRepository").path("CatalogueOfLife").queryParam("scope", "/gcube/devsec").request().get(String.class);
|
final String ret = target("ServiceEndpoint").path("BiodiversityRepository").path("CatalogueOfLife").queryParam("scope", "/gcube/devsec").request().get(String.class);
|
||||||
System.out.println(ret);
|
System.out.println(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void serviceEndpointFree() {
|
||||||
|
final String ret = target("ServiceEndpoint").path("Storage").path("StorageManager").queryParam("decrypt", true).queryParam("scope", "/gcube/devsec").request().get(String.class);
|
||||||
|
System.out.println(ret);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void hostingNode() {
|
public void hostingNode() {
|
||||||
|
@ -62,7 +70,7 @@ public class TestCall extends JerseyTest{
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void getById() {
|
public void getById() {
|
||||||
final String ret = target("/").path("92ee1020-5604-11e3-8182-e7053f61b8fe").queryParam("scope", "/gcube/devsec").request().get(String.class);
|
final String ret = target("/").path("aab08cf4-ed27-406c-b4a2-89888300976f").queryParam("scope", "/gcube/devsec").request().get(String.class);
|
||||||
System.out.println(ret);
|
System.out.println(ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue