the method access-token now doesn't require a gcube-token but an application token in the field client_secret. The file gcube-handlers.xml specifies that a validation handler with oauth support needs to be used. Other filters have been removed since are useless now
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/oauth@141908 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
cd61182ac6
commit
ff6c10ac46
|
@ -146,8 +146,8 @@ public class OauthService {
|
|||
|
||||
Status status = Status.BAD_REQUEST;
|
||||
logger.info("Request to exchange code for token");
|
||||
logger.info("Params are client_id = " + clientId + ", client_secret = " + clientSecret.substring(0, 10) +
|
||||
"*******************"+ ", redirect_uri = " +redirectUri + ", code = " + code.substring(0, 10) + "*******************" + ", grant_type = " + grantType);
|
||||
logger.info("Params are client_id = " + clientId + ", client_secret = " + clientSecret +
|
||||
"*******************"+ ", redirect_uri = " +redirectUri + ", code = " + code + "*******************" + ", grant_type = " + grantType);
|
||||
|
||||
try{
|
||||
// check if something is missing
|
||||
|
|
|
@ -37,17 +37,20 @@ public class CacheCleaner extends Thread {
|
|||
sleep(CHECK_AFTER_MS);
|
||||
logger.info("Going to clean up cache and old codes [" + new Date() + "]");
|
||||
|
||||
int removedEntries = 0;
|
||||
|
||||
Iterator<Entry<String, CacheBean>> iterator = cacheReference.entrySet().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean> entry = (Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean>) iterator
|
||||
.next();
|
||||
if(CacheBean.isExpired(entry.getValue())){
|
||||
logger.debug("Removing entry " + entry.getValue());
|
||||
removedEntries ++;
|
||||
iterator.remove();
|
||||
}
|
||||
}
|
||||
|
||||
logger.info("Going to sleep [" + new Date() + "]");
|
||||
logger.info("Going to sleep . Number of removed entries is " + removedEntries + " [" + new Date() + "]");
|
||||
|
||||
} catch (InterruptedException e) {
|
||||
logger.warn("Exception was " + e.getMessage());
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
package org.gcube.portal.oauth.request.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.annotation.Priority;
|
||||
import javax.ws.rs.container.ContainerRequestContext;
|
||||
import javax.ws.rs.container.ContainerRequestFilter;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.Form;
|
||||
import javax.ws.rs.core.MultivaluedMap;
|
||||
import javax.ws.rs.core.UriInfo;
|
||||
import javax.ws.rs.ext.Provider;
|
||||
|
||||
import org.gcube.portal.oauth.OauthService;
|
||||
import org.glassfish.jersey.server.internal.InternalServerProperties;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* This filter is used to manage request directed to the method "access-token".
|
||||
* It maps the "security_code" of the request into the gcube-token and then redirect this call
|
||||
* to the SmartGears's filters. Please note that FormParams are put by previous filters under
|
||||
* a property named InternalServerProperties.FORM_DECODED_PROPERTY.
|
||||
*/
|
||||
@Provider
|
||||
@Priority(value = 0) // it should be the highest (so that it is called before the smartgears'one)
|
||||
public class OauthFilter implements ContainerRequestFilter{
|
||||
|
||||
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(OauthFilter.class);
|
||||
|
||||
@Context UriInfo info;
|
||||
|
||||
@Override
|
||||
public void filter(ContainerRequestContext requestContext)
|
||||
throws IOException {
|
||||
|
||||
logger.debug("Filter oauth called, checking the called method");
|
||||
logger.debug("Request method type is " + requestContext.getMethod());
|
||||
String pathRequest = info.getAbsolutePath().toString();
|
||||
logger.debug("Requested method url is " + info.getAbsolutePath());
|
||||
|
||||
if(pathRequest.endsWith(OauthService.OAUTH_TOKEN_GET_METHOD_NAME_REQUEST)){
|
||||
|
||||
Form propertiesForm = (Form)requestContext.getProperty(InternalServerProperties.FORM_DECODED_PROPERTY);
|
||||
MultivaluedMap<String, String> map = propertiesForm.asMap();
|
||||
logger.debug("Request form parameters are " + map);
|
||||
|
||||
if(map.containsKey("client_secret")){
|
||||
requestContext.getHeaders().add("gcube-token", map.get("client_secret").get(0));
|
||||
}else{
|
||||
logger.error("Parameter client_secret is missing");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||
<handlers>
|
||||
<lifecycle>
|
||||
<profile-management />
|
||||
</lifecycle>
|
||||
<request>
|
||||
<request-validation oauth="true"/>
|
||||
<request-accounting />
|
||||
</request>
|
||||
</handlers>
|
|
@ -4,13 +4,13 @@
|
|||
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||
version="3.0">
|
||||
|
||||
<display-name>RESTFul Web Service - OAUTH</display-name>
|
||||
<display-name>RESTFul Web Service - OAUTH</display-name>
|
||||
<servlet>
|
||||
<servlet-name>jersey-servlet</servlet-name>
|
||||
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
|
||||
<init-param>
|
||||
<param-name>jersey.config.server.provider.packages</param-name>
|
||||
<param-value>org.gcube.portal.oauth,org.gcube.portal.oauth.filter</param-value>
|
||||
<param-value>org.gcube.portal.oauth</param-value>
|
||||
</init-param>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
|
@ -18,6 +18,7 @@
|
|||
<servlet-name>jersey-servlet</servlet-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<welcome-file-list>
|
||||
<welcome-file>index.jsp</welcome-file>
|
||||
</welcome-file-list>
|
||||
|
|
Loading…
Reference in New Issue