@ -1,5 +1,10 @@
package org.gcube.portlet.user.my_vres.server ;
import java.io.BufferedReader ;
import java.io.DataOutputStream ;
import java.io.InputStreamReader ;
import java.net.HttpURLConnection ;
import java.net.URL ;
import java.util.ArrayList ;
import java.util.Collections ;
import java.util.LinkedHashMap ;
@ -327,7 +332,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
String userToken = pContext . getCurrentUserToken ( context , username ) ;
String appName = authorisedApp . profile ( ) . name ( ) ;
String qToken = AuthUtil . generateAuthorizationQualifierToken ( appName , userToken ) ;
_log . info ( "Received qualifier token for useer " + username + "=" + qToken ) ;
_log . debug ( "Received qualifier token for useer " + username + "=" + qToken ) ;
if ( qToken = = null ) {
_log . error ( "Something wrong in retrieving the user qualifier token in this context: " + context + " username=" + username ) ;
return new AuthorizationBean ( null , null , false , "Something wrong in retrieving the user qualifier token in this context: " + context + " username=" + username ) ;
@ -337,7 +342,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
_log . error ( "Something wrong in authorizing this application in this context: " + context ) ;
return new AuthorizationBean ( null , null , false , "Something wrong in authorizing this application in this context: " + context + " an error occurred in the oAuth Service" ) ;
}
_log . debug ( "Authorisation OAUTH 2 OK returning temporary code in this context: " + context + " username=" + username ) ;
return new AuthorizationBean ( tempCode , state , true , null ) ;
}
@ -351,7 +356,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
* /
@SuppressWarnings ( "unchecked" )
private boolean authorizeApplication ( String infrastructureName , String qToken , String tempCode , String clientId , String redirectURL ) {
String fullPath2oAuthService = null ;
try {
fullPath2oAuthService = AuthUtil . getOAuthServiceEndPoint ( infrastructureName ) +
@ -360,33 +365,67 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
_log . error ( "failed to discover oauth service endpoint " ) ;
return false ;
}
fullPath2oAuthService = fullPath2oAuthService . replaceAll ( "http" , "https" ) ;
fullPath2oAuthService = fullPath2oAuthService . replaceAll ( "80" , "443" ) ;
JSONObject object = new JSONObject ( ) ;
object . put ( "code" , tempCode ) ;
object . put ( "redirect_uri" , redirectURL ) ;
object . put ( "client_id" , clientId ) ;
try ( CloseableHttpClient httpClient = HttpClientBuilder . create ( ) . setRedirectStrategy ( new LaxRedirectStrategy ( ) ) . build ( ) ) {
try {
String USER_AGENT = "Mozilla/5.0" ;
URL obj = new URL ( fullPath2oAuthService ) ;
HttpURLConnection con = ( HttpURLConnection ) obj . openConnection ( ) ;
// Setting basic post request
con . setRequestMethod ( "POST" ) ;
con . setRequestProperty ( "User-Agent" , USER_AGENT ) ;
con . setRequestProperty ( "Accept-Language" , "en-US,en;q=0.5" ) ;
con . setRequestProperty ( "Content-Type" , "application/json" ) ;
String postJsonData = object . toJSONString ( ) ;
con . setDoOutput ( true ) ;
DataOutputStream wr = new DataOutputStream ( con . getOutputStream ( ) ) ;
wr . writeBytes ( postJsonData ) ;
wr . flush ( ) ;
wr . close ( ) ;
int responseCode = con . getResponseCode ( ) ;
boolean redirect = false ;
// normally, 3xx is redirect
int status = con . getResponseCode ( ) ;
if ( status ! = HttpURLConnection . HTTP_OK ) {
if ( status = = HttpURLConnection . HTTP_MOVED_TEMP
| | status = = HttpURLConnection . HTTP_MOVED_PERM
| | status = = HttpURLConnection . HTTP_SEE_OTHER )
redirect = true ;
}
if ( redirect )
// get redirect url from "location" header field
fullPath2oAuthService = con . getHeaderField ( "Location" ) ;
CloseableHttpClient httpClient = HttpClientBuilder . create ( ) . setRedirectStrategy ( new LaxRedirectStrategy ( ) ) . build ( ) ;
HttpPost httpPostRequest = new HttpPost ( fullPath2oAuthService ) ;
httpPostRequest . addHeader ( "Content-type" , "application/json" ) ;
StringEntity params = new StringEntity ( object . toJSONString ( ) , ContentType . APPLICATION_JSON ) ;
httpPostRequest . setEntity ( params ) ;
HttpResponse response = httpClient . execute ( httpPostRequest ) ;
if ( response . getStatusLine ( ) . getStatusCode ( ) < 200 | | response . getStatusLine ( ) . getStatusCode ( ) > = 300 ) {
responseCode = response . getStatusLine ( ) . getStatusCode ( ) ;
if ( responseCode < 200 | | responseCode > = 300 ) {
_log . error ( "failed to patch the product. response status line from "
+ fullPath2oAuthService + " was: " + response . getStatusLine ( ) ) ;
+ fullPath2oAuthService + " was: " + response Code ) ;
return false ;
}
//
} catch ( Exception e ) {
_log . error ( "Failed to perform request" , e ) ;
return false ;
}
return true ;
}
}