Feature #17265, provide oAuth2 service with capability to be deployed on
a multi instance cluster
This commit is contained in:
parent
5ccda365b1
commit
f6de43b5ef
11
.classpath
11
.classpath
|
@ -22,17 +22,6 @@
|
|||
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
||||
<attributes>
|
||||
<attribute name="owner.project.facets" value="java"/>
|
||||
|
|
|
@ -5,9 +5,6 @@
|
|||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/target/generated-sources/gwt"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||
<dependent-module archiveName="gcube-widgets-2.2.0-SNAPSHOT.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/gcube-widgets/gcube-widgets">
|
||||
<dependency-type>uses</dependency-type>
|
||||
</dependent-module>
|
||||
<property name="java-output-path" value="/${module}/target/www/WEB-INF/classes"/>
|
||||
<property name="context-root" value="my-vres"/>
|
||||
</wb-module>
|
||||
|
|
50
pom.xml
50
pom.xml
|
@ -1,31 +1,33 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<artifactId>maven-parent</artifactId>
|
||||
<groupId>org.gcube.tools</groupId>
|
||||
<version>1.0.0</version>
|
||||
<version>1.1.0-SNAPSHOT</version>
|
||||
<relativePath />
|
||||
</parent>
|
||||
|
||||
|
||||
<groupId>org.gcube.portlets.user</groupId>
|
||||
<artifactId>my-vres</artifactId>
|
||||
<packaging>war</packaging>
|
||||
<version>2.5.0-SNAPSHOT</version>
|
||||
<version>2.6.0-SNAPSHOT</version>
|
||||
<name>My VREs Portlet</name>
|
||||
<description>
|
||||
gCube My VREs Portlet shows only the VO and VREs a user is member of, divided by category.
|
||||
</description>
|
||||
<scm>
|
||||
<connection>scm:svn:http://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</connection>
|
||||
<developerConnection>scm:https://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</developerConnection>
|
||||
<url>http://svn.d4science.research-infrastructures.eu/gcube/trunk/portlets/user/${project.artifactId}</url>
|
||||
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/my-vres.git</connection>
|
||||
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/my-vres.git</developerConnection>
|
||||
<url>https://code-repo.d4science.org/gCubeSystem/my-vres</url>
|
||||
</scm>
|
||||
<properties>
|
||||
<!-- Convenience property to set the GWT version -->
|
||||
<gwtVersion>2.8.1</gwtVersion>
|
||||
<gwtVersion>2.8.2</gwtVersion>
|
||||
<distroDirectory>distro</distroDirectory>
|
||||
<liferay.version>6.2.5</liferay.version>
|
||||
<maven.compiler.source>1.8</maven.compiler.source>
|
||||
|
@ -77,11 +79,6 @@
|
|||
<artifactId>json-simple</artifactId>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
<version>4.5.3</version>
|
||||
</dependency>
|
||||
<!-- FWS DEPS -->
|
||||
<dependency>
|
||||
<groupId>org.gcube.resources.discovery</groupId>
|
||||
|
@ -91,7 +88,6 @@
|
|||
<dependency>
|
||||
<groupId>org.gcube.portal.auth</groupId>
|
||||
<artifactId>portal-auth-library</artifactId>
|
||||
<version>[1.0.0-SNAPSHOT,)</version>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
@ -104,6 +100,16 @@
|
|||
<artifactId>common-encryption</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>authorization-client</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>net.spy</groupId>
|
||||
<artifactId>spymemcached</artifactId>
|
||||
<version>2.12.3</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.liferay.portal</groupId>
|
||||
<artifactId>portal-service</artifactId>
|
||||
|
@ -221,6 +227,24 @@
|
|||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-javadoc-plugin</artifactId>
|
||||
<configuration>
|
||||
<additionalparam>-Xdoclint:none</additionalparam>
|
||||
<additionalJOption>-Xdoclint:none</additionalJOption>
|
||||
</configuration>
|
||||
<version>3.1.0</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>generate-doc</id>
|
||||
<phase>install</phase>
|
||||
<goals>
|
||||
<goal>jar</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
|
|
@ -1,8 +1,7 @@
|
|||
package org.gcube.portlet.user.my_vres.server;
|
||||
|
||||
import java.io.DataOutputStream;
|
||||
import java.net.HttpURLConnection;
|
||||
import java.net.URL;
|
||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.LinkedHashMap;
|
||||
|
@ -11,13 +10,6 @@ import java.util.UUID;
|
|||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.entity.ContentType;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.http.impl.client.LaxRedirectStrategy;
|
||||
import org.gcube.common.portal.GCubePortalConstants;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
|
@ -43,6 +35,8 @@ import org.slf4j.LoggerFactory;
|
|||
import com.google.gwt.user.server.rpc.RemoteServiceServlet;
|
||||
import com.liferay.portal.service.UserLocalServiceUtil;
|
||||
|
||||
import net.spy.memcached.MemcachedClient;
|
||||
|
||||
/**
|
||||
* The server side implementation of the RPC service.
|
||||
* @author Massimiliano Assante - ISTI CNR
|
||||
|
@ -62,6 +56,11 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
|||
|
||||
public static final String ADD_MORE_CATEGORY = "Add More";
|
||||
public static final String ADD_MORE_IMAGE_PATH= "images/More.png";
|
||||
private static final int CACHE_SECONDS_EXPIRATION = 10;
|
||||
/**
|
||||
* This map contains couples as <code, {qualifier-token, insert time, scope, redirect uri, client id}>
|
||||
*/
|
||||
private MemcachedClient entries;
|
||||
|
||||
@Override
|
||||
public String getSiteLandingPagePath() {
|
||||
|
@ -86,10 +85,9 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
|||
* first method called by the UI
|
||||
*/
|
||||
public LinkedHashMap<String, ArrayList<VRE>> getUserVREs() {
|
||||
//_log.trace("getInfrastructureVOs method called");
|
||||
_log.trace("getInfrastructureVOs method called");
|
||||
if (!isWithinPortal())
|
||||
return getFakeVREs();
|
||||
//return new ArrayList<VO>();
|
||||
else
|
||||
try {
|
||||
PortalContext context = PortalContext.getConfiguration();
|
||||
|
@ -106,8 +104,6 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
|||
String cat = gName;
|
||||
toReturn.put(cat, toCreate);
|
||||
}
|
||||
|
||||
|
||||
GCubeGroup rootGroupVO = gm.getRootVO();
|
||||
try {
|
||||
_log.debug("root: " + rootGroupVO.getGroupName() );
|
||||
|
@ -344,7 +340,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
|||
return new AuthorizationBean(tempCode, state, true, null);
|
||||
}
|
||||
/**
|
||||
* we post to the auth service a temporary code to be used within seconds from the application
|
||||
* post to the memcached cluster a temporary code to be used within 10 seconds from the application
|
||||
* @param qToken the user qualifier token
|
||||
* @param tempCode the temporary code
|
||||
* @param clientId tha app id
|
||||
|
@ -353,73 +349,23 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
|
|||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
private boolean authorizeApplication(String infrastructureName, String qToken, String tempCode, String clientId, String redirectURL) {
|
||||
|
||||
String fullPath2oAuthService = null;
|
||||
try {
|
||||
fullPath2oAuthService = AuthUtil.getOAuthServiceEndPoint(infrastructureName) +
|
||||
"/v2/push-authentication-code?gcube-token=" + qToken;
|
||||
} catch (Exception e1) {
|
||||
_log.error("failed to discover oauth service endpoint ");
|
||||
return false;
|
||||
}
|
||||
|
||||
//instance the client if first time
|
||||
if (entries == null)
|
||||
entries = DistributedCacheClient.getInstance().getMemcachedClient();
|
||||
//retrieve the context of the token owner
|
||||
String context = authorizationService().get(qToken).getContext();
|
||||
JSONObject object = new JSONObject();
|
||||
object.put("code", tempCode);
|
||||
object.put("token", qToken);
|
||||
object.put("context", context);
|
||||
object.put("redirect_uri", redirectURL);
|
||||
object.put("client_id", clientId);
|
||||
try {
|
||||
String USER_AGENT = "Mozilla/5.0";
|
||||
URL obj = new URL(fullPath2oAuthService);
|
||||
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
|
||||
|
||||
// Setting basic post request
|
||||
con.setRequestMethod("POST");
|
||||
con.setRequestProperty("User-Agent", USER_AGENT);
|
||||
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
|
||||
con.setRequestProperty("Content-Type","application/json");
|
||||
|
||||
String postJsonData = object.toJSONString();
|
||||
|
||||
con.setDoOutput(true);
|
||||
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
|
||||
wr.writeBytes(postJsonData);
|
||||
wr.flush();
|
||||
wr.close();
|
||||
|
||||
int responseCode = con.getResponseCode();
|
||||
|
||||
boolean redirect = false;
|
||||
// normally, 3xx is redirect
|
||||
int status = con.getResponseCode();
|
||||
if (status != HttpURLConnection.HTTP_OK) {
|
||||
if (status == HttpURLConnection.HTTP_MOVED_TEMP
|
||||
|| status == HttpURLConnection.HTTP_MOVED_PERM
|
||||
|| status == HttpURLConnection.HTTP_SEE_OTHER)
|
||||
redirect = true;
|
||||
}
|
||||
|
||||
if (redirect)
|
||||
// get redirect url from "location" header field
|
||||
fullPath2oAuthService = con.getHeaderField("Location");
|
||||
|
||||
CloseableHttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new LaxRedirectStrategy()).build();
|
||||
HttpPost httpPostRequest = new HttpPost(fullPath2oAuthService);
|
||||
httpPostRequest.addHeader("Content-type", "application/json");
|
||||
StringEntity params = new StringEntity(object.toJSONString(), ContentType.APPLICATION_JSON);
|
||||
httpPostRequest.setEntity(params);
|
||||
HttpResponse response = httpClient.execute(httpPostRequest);
|
||||
responseCode = response.getStatusLine().getStatusCode();
|
||||
if (responseCode < 200 || responseCode >= 300) {
|
||||
_log.error("error: response status line from "
|
||||
+ fullPath2oAuthService + " was: " + responseCode);
|
||||
String JSONData = object.toJSONString();
|
||||
entries.set(tempCode, CACHE_SECONDS_EXPIRATION, JSONData);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return false;
|
||||
}
|
||||
//
|
||||
}catch(Exception e){
|
||||
_log.error("Failed to perform request", e);
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue