Feature #17265, provide oAuth2 service with capability to be deployed on
a multi instance cluster
This commit is contained in:
parent
5ccda365b1
commit
f6de43b5ef
11
.classpath
11
.classpath
|
@ -22,17 +22,6 @@
|
||||||
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
|
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
|
||||||
</attributes>
|
</attributes>
|
||||||
</classpathentry>
|
</classpathentry>
|
||||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="optional" value="true"/>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
|
|
||||||
<attributes>
|
|
||||||
<attribute name="maven.pomderived" value="true"/>
|
|
||||||
</attributes>
|
|
||||||
</classpathentry>
|
|
||||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
||||||
<attributes>
|
<attributes>
|
||||||
<attribute name="owner.project.facets" value="java"/>
|
<attribute name="owner.project.facets" value="java"/>
|
||||||
|
|
|
@ -5,9 +5,6 @@
|
||||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/target/generated-sources/gwt"/>
|
<wb-resource deploy-path="/WEB-INF/classes" source-path="/target/generated-sources/gwt"/>
|
||||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||||
<dependent-module archiveName="gcube-widgets-2.2.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/gcube-widgets/gcube-widgets">
|
|
||||||
<dependency-type>uses</dependency-type>
|
|
||||||
</dependent-module>
|
|
||||||
<property name="java-output-path" value="/${module}/target/www/WEB-INF/classes"/>
|
<property name="java-output-path" value="/${module}/target/www/WEB-INF/classes"/>
|
||||||
<property name="context-root" value="my-vres"/>
|
<property name="context-root" value="my-vres"/>
|
||||||
</wb-module>
|
</wb-module>
|
||||||
|
|
50
pom.xml
50
pom.xml
|
@ -1,31 +1,33 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||||
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<parent>
|
<parent>
|
||||||
<artifactId>maven-parent</artifactId>
|
<artifactId>maven-parent</artifactId>
|
||||||
<groupId>org.gcube.tools</groupId>
|
<groupId>org.gcube.tools</groupId>
|
||||||
<version>1.0.0</version>
|
<version>1.1.0-SNAPSHOT</version>
|
||||||
<relativePath />
|
<relativePath />
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
|
|
||||||
<groupId>org.gcube.portlets.user</groupId>
|
<groupId>org.gcube.portlets.user</groupId>
|
||||||
<artifactId>my-vres</artifactId>
|
<artifactId>my-vres</artifactId>
|
||||||
<packaging>war</packaging>
|
<packaging>war</packaging>
|
||||||
<version>2.5.0-SNAPSHOT</version>
|
<version>2.6.0-SNAPSHOT</version>
|
||||||
<name>My VREs Portlet</name>
|
<name>My VREs Portlet</name>
|
||||||
<description>
|
<description>
|
||||||
gCube My VREs Portlet shows only the VO and VREs a user is member of, divided by category.
|
gCube My VREs Portlet shows only the VO and VREs a user is member of, divided by category.
|
||||||
</description>
|
</description>
|
||||||
<scm>
|
<scm>
|
||||||
<connection>scm:svn:http://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</connection>
|
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/my-vres.git</connection>
|
||||||
<developerConnection>scm:https://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</developerConnection>
|
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/my-vres.git</developerConnection>
|
||||||
<url>http://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</url>
|
<url>https://code-repo.d4science.org/gCubeSystem/my-vres</url>
|
||||||
</scm>
|
</scm>
|
||||||
<properties>
|
<properties>
|
||||||
<!-- Convenience property to set the GWT version -->
|
<!-- Convenience property to set the GWT version -->
|
||||||
<gwtVersion>2.8.1</gwtVersion>
|
<gwtVersion>2.8.2</gwtVersion>
|
||||||
<distroDirectory>distro</distroDirectory>
|
<distroDirectory>distro</distroDirectory>
|
||||||
<liferay.version>6.2.5</liferay.version>
|
<liferay.version>6.2.5</liferay.version>
|
||||||
<maven.compiler.source>1.8</maven.compiler.source>
|
<maven.compiler.source>1.8</maven.compiler.source>
|
||||||
|
@ -77,11 +79,6 @@
|
||||||
<artifactId>json-simple</artifactId>
|
<artifactId>json-simple</artifactId>
|
||||||
<scope>compile</scope>
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.apache.httpcomponents</groupId>
|
|
||||||
<artifactId>httpclient</artifactId>
|
|
||||||
<version>4.5.3</version>
|
|
||||||
</dependency>
|
|
||||||
<!-- FWS DEPS -->
|
<!-- FWS DEPS -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resources.discovery</groupId>
|
<groupId>org.gcube.resources.discovery</groupId>
|
||||||
|
@ -91,7 +88,6 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.portal.auth</groupId>
|
<groupId>org.gcube.portal.auth</groupId>
|
||||||
<artifactId>portal-auth-library</artifactId>
|
<artifactId>portal-auth-library</artifactId>
|
||||||
<version>[1.0.0-SNAPSHOT,)</version>
|
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -104,6 +100,16 @@
|
||||||
<artifactId>common-encryption</artifactId>
|
<artifactId>common-encryption</artifactId>
|
||||||
<scope>provided</scope>
|
<scope>provided</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.gcube.common</groupId>
|
||||||
|
<artifactId>authorization-client</artifactId>
|
||||||
|
<scope>provided</scope>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>net.spy</groupId>
|
||||||
|
<artifactId>spymemcached</artifactId>
|
||||||
|
<version>2.12.3</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.liferay.portal</groupId>
|
<groupId>com.liferay.portal</groupId>
|
||||||
<artifactId>portal-service</artifactId>
|
<artifactId>portal-service</artifactId>
|
||||||
|
@ -221,6 +227,24 @@
|
||||||
</execution>
|
</execution>
|
||||||
</executions>
|
</executions>
|
||||||
</plugin>
|
</plugin>
|
||||||
|
<plugin>
|
||||||
|
<groupId>org.apache.maven.plugins</groupId>
|
||||||
|
<artifactId>maven-javadoc-plugin</artifactId>
|
||||||
|
<configuration>
|
||||||
|
<additionalparam>-Xdoclint:none</additionalparam>
|
||||||
|
<additionalJOption>-Xdoclint:none</additionalJOption>
|
||||||
|
</configuration>
|
||||||
|
<version>3.1.0</version>
|
||||||
|
<executions>
|
||||||
|
<execution>
|
||||||
|
<id>generate-doc</id>
|
||||||
|
<phase>install</phase>
|
||||||
|
<goals>
|
||||||
|
<goal>jar</goal>
|
||||||
|
</goals>
|
||||||
|
</execution>
|
||||||
|
</executions>
|
||||||
|
</plugin>
|
||||||
</plugins>
|
</plugins>
|
||||||
</build>
|
</build>
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
package org.gcube.portlet.user.my_vres.server;
|
package org.gcube.portlet.user.my_vres.server;
|
||||||
|
|
||||||
import java.io.DataOutputStream;
|
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||||
import java.net.HttpURLConnection;
|
|
||||||
import java.net.URL;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.LinkedHashMap;
|
import java.util.LinkedHashMap;
|
||||||
|
@ -11,13 +10,6 @@ import java.util.UUID;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
|
||||||
import org.apache.http.HttpResponse;
|
|
||||||
import org.apache.http.client.methods.HttpPost;
|
|
||||||
import org.apache.http.entity.ContentType;
|
|
||||||
import org.apache.http.entity.StringEntity;
|
|
||||||
import org.apache.http.impl.client.CloseableHttpClient;
|
|
||||||
import org.apache.http.impl.client.HttpClientBuilder;
|
|
||||||
import org.apache.http.impl.client.LaxRedirectStrategy;
|
|
||||||
import org.gcube.common.portal.GCubePortalConstants;
|
import org.gcube.common.portal.GCubePortalConstants;
|
||||||
import org.gcube.common.portal.PortalContext;
|
import org.gcube.common.portal.PortalContext;
|
||||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||||
|
@ -43,6 +35,8 @@ import org.slf4j.LoggerFactory;
|
||||||
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
||||||
import com.liferay.portal.service.UserLocalServiceUtil;
|
import com.liferay.portal.service.UserLocalServiceUtil;
|
||||||
|
|
||||||
|
import net.spy.memcached.MemcachedClient;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The server side implementation of the RPC service.
|
* The server side implementation of the RPC service.
|
||||||
* @author Massimiliano Assante - ISTI CNR
|
* @author Massimiliano Assante - ISTI CNR
|
||||||
|
@ -62,6 +56,11 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
||||||
|
|
||||||
public static final String ADD_MORE_CATEGORY = "Add More";
|
public static final String ADD_MORE_CATEGORY = "Add More";
|
||||||
public static final String ADD_MORE_IMAGE_PATH= "images/More.png";
|
public static final String ADD_MORE_IMAGE_PATH= "images/More.png";
|
||||||
|
private static final int CACHE_SECONDS_EXPIRATION = 10;
|
||||||
|
/**
|
||||||
|
* This map contains couples as <code, {qualifier-token, insert time, scope, redirect uri, client id}>
|
||||||
|
*/
|
||||||
|
private MemcachedClient entries;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getSiteLandingPagePath() {
|
public String getSiteLandingPagePath() {
|
||||||
|
@ -86,10 +85,9 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
||||||
* first method called by the UI
|
* first method called by the UI
|
||||||
*/
|
*/
|
||||||
public LinkedHashMap<String, ArrayList<VRE>> getUserVREs() {
|
public LinkedHashMap<String, ArrayList<VRE>> getUserVREs() {
|
||||||
//_log.trace("getInfrastructureVOs method called");
|
_log.trace("getInfrastructureVOs method called");
|
||||||
if (!isWithinPortal())
|
if (!isWithinPortal())
|
||||||
return getFakeVREs();
|
return getFakeVREs();
|
||||||
//return new ArrayList<VO>();
|
|
||||||
else
|
else
|
||||||
try {
|
try {
|
||||||
PortalContext context = PortalContext.getConfiguration();
|
PortalContext context = PortalContext.getConfiguration();
|
||||||
|
@ -106,8 +104,6 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
||||||
String cat = gName;
|
String cat = gName;
|
||||||
toReturn.put(cat, toCreate);
|
toReturn.put(cat, toCreate);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
GCubeGroup rootGroupVO = gm.getRootVO();
|
GCubeGroup rootGroupVO = gm.getRootVO();
|
||||||
try {
|
try {
|
||||||
_log.debug("root: " + rootGroupVO.getGroupName() );
|
_log.debug("root: " + rootGroupVO.getGroupName() );
|
||||||
|
@ -344,7 +340,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
||||||
return new AuthorizationBean(tempCode, state, true, null);
|
return new AuthorizationBean(tempCode, state, true, null);
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* we post to the auth service a temporary code to be used within seconds from the application
|
* post to the memcached cluster a temporary code to be used within 10 seconds from the application
|
||||||
* @param qToken the user qualifier token
|
* @param qToken the user qualifier token
|
||||||
* @param tempCode the temporary code
|
* @param tempCode the temporary code
|
||||||
* @param clientId tha app id
|
* @param clientId tha app id
|
||||||
|
@ -353,73 +349,23 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
private boolean authorizeApplication(String infrastructureName, String qToken, String tempCode, String clientId, String redirectURL) {
|
private boolean authorizeApplication(String infrastructureName, String qToken, String tempCode, String clientId, String redirectURL) {
|
||||||
|
|
||||||
String fullPath2oAuthService = null;
|
|
||||||
try {
|
try {
|
||||||
fullPath2oAuthService = AuthUtil.getOAuthServiceEndPoint(infrastructureName) +
|
//instance the client if first time
|
||||||
"/v2/push-authentication-code?gcube-token=" + qToken;
|
if (entries == null)
|
||||||
} catch (Exception e1) {
|
entries = DistributedCacheClient.getInstance().getMemcachedClient();
|
||||||
_log.error("failed to discover oauth service endpoint ");
|
//retrieve the context of the token owner
|
||||||
return false;
|
String context = authorizationService().get(qToken).getContext();
|
||||||
}
|
JSONObject object = new JSONObject();
|
||||||
|
object.put("token", qToken);
|
||||||
JSONObject object = new JSONObject();
|
object.put("context", context);
|
||||||
object.put("code", tempCode);
|
object.put("redirect_uri", redirectURL);
|
||||||
object.put("redirect_uri", redirectURL);
|
object.put("client_id", clientId);
|
||||||
object.put("client_id", clientId);
|
String JSONData = object.toJSONString();
|
||||||
try {
|
entries.set(tempCode, CACHE_SECONDS_EXPIRATION, JSONData);
|
||||||
String USER_AGENT = "Mozilla/5.0";
|
} catch (Exception e) {
|
||||||
URL obj = new URL(fullPath2oAuthService);
|
e.printStackTrace();
|
||||||
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
|
|
||||||
|
|
||||||
// Setting basic post request
|
|
||||||
con.setRequestMethod("POST");
|
|
||||||
con.setRequestProperty("User-Agent", USER_AGENT);
|
|
||||||
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
|
|
||||||
con.setRequestProperty("Content-Type","application/json");
|
|
||||||
|
|
||||||
String postJsonData = object.toJSONString();
|
|
||||||
|
|
||||||
con.setDoOutput(true);
|
|
||||||
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
|
|
||||||
wr.writeBytes(postJsonData);
|
|
||||||
wr.flush();
|
|
||||||
wr.close();
|
|
||||||
|
|
||||||
int responseCode = con.getResponseCode();
|
|
||||||
|
|
||||||
boolean redirect = false;
|
|
||||||
// normally, 3xx is redirect
|
|
||||||
int status = con.getResponseCode();
|
|
||||||
if (status != HttpURLConnection.HTTP_OK) {
|
|
||||||
if (status == HttpURLConnection.HTTP_MOVED_TEMP
|
|
||||||
|| status == HttpURLConnection.HTTP_MOVED_PERM
|
|
||||||
|| status == HttpURLConnection.HTTP_SEE_OTHER)
|
|
||||||
redirect = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (redirect)
|
|
||||||
// get redirect url from "location" header field
|
|
||||||
fullPath2oAuthService = con.getHeaderField("Location");
|
|
||||||
|
|
||||||
CloseableHttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new LaxRedirectStrategy()).build();
|
|
||||||
HttpPost httpPostRequest = new HttpPost(fullPath2oAuthService);
|
|
||||||
httpPostRequest.addHeader("Content-type", "application/json");
|
|
||||||
StringEntity params = new StringEntity(object.toJSONString(), ContentType.APPLICATION_JSON);
|
|
||||||
httpPostRequest.setEntity(params);
|
|
||||||
HttpResponse response = httpClient.execute(httpPostRequest);
|
|
||||||
responseCode = response.getStatusLine().getStatusCode();
|
|
||||||
if (responseCode < 200 || responseCode >= 300) {
|
|
||||||
_log.error("error: response status line from "
|
|
||||||
+ fullPath2oAuthService + " was: " + responseCode);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
//
|
|
||||||
}catch(Exception e){
|
|
||||||
_log.error("Failed to perform request", e);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue