the method access-token now doesn't require a gcube-token but an application token in the field client_secret. The file gcube-handlers.xml specifies that a validation handler with oauth support needs to be used. Other filters have been removed since are useless now
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/oauth@141908 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
cd61182ac6
commit
ff6c10ac46
|
@ -146,8 +146,8 @@ public class OauthService {
|
||||||
|
|
||||||
Status status = Status.BAD_REQUEST;
|
Status status = Status.BAD_REQUEST;
|
||||||
logger.info("Request to exchange code for token");
|
logger.info("Request to exchange code for token");
|
||||||
logger.info("Params are client_id = " + clientId + ", client_secret = " + clientSecret.substring(0, 10) +
|
logger.info("Params are client_id = " + clientId + ", client_secret = " + clientSecret +
|
||||||
"*******************"+ ", redirect_uri = " +redirectUri + ", code = " + code.substring(0, 10) + "*******************" + ", grant_type = " + grantType);
|
"*******************"+ ", redirect_uri = " +redirectUri + ", code = " + code + "*******************" + ", grant_type = " + grantType);
|
||||||
|
|
||||||
try{
|
try{
|
||||||
// check if something is missing
|
// check if something is missing
|
||||||
|
|
|
@ -37,17 +37,20 @@ public class CacheCleaner extends Thread {
|
||||||
sleep(CHECK_AFTER_MS);
|
sleep(CHECK_AFTER_MS);
|
||||||
logger.info("Going to clean up cache and old codes [" + new Date() + "]");
|
logger.info("Going to clean up cache and old codes [" + new Date() + "]");
|
||||||
|
|
||||||
|
int removedEntries = 0;
|
||||||
|
|
||||||
Iterator<Entry<String, CacheBean>> iterator = cacheReference.entrySet().iterator();
|
Iterator<Entry<String, CacheBean>> iterator = cacheReference.entrySet().iterator();
|
||||||
while (iterator.hasNext()) {
|
while (iterator.hasNext()) {
|
||||||
Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean> entry = (Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean>) iterator
|
Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean> entry = (Map.Entry<java.lang.String, org.gcube.portal.oauth.cache.CacheBean>) iterator
|
||||||
.next();
|
.next();
|
||||||
if(CacheBean.isExpired(entry.getValue())){
|
if(CacheBean.isExpired(entry.getValue())){
|
||||||
logger.debug("Removing entry " + entry.getValue());
|
logger.debug("Removing entry " + entry.getValue());
|
||||||
|
removedEntries ++;
|
||||||
iterator.remove();
|
iterator.remove();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
logger.info("Going to sleep [" + new Date() + "]");
|
logger.info("Going to sleep . Number of removed entries is " + removedEntries + " [" + new Date() + "]");
|
||||||
|
|
||||||
} catch (InterruptedException e) {
|
} catch (InterruptedException e) {
|
||||||
logger.warn("Exception was " + e.getMessage());
|
logger.warn("Exception was " + e.getMessage());
|
||||||
|
|
|
@ -1,56 +0,0 @@
|
||||||
package org.gcube.portal.oauth.request.filter;
|
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
import javax.annotation.Priority;
|
|
||||||
import javax.ws.rs.container.ContainerRequestContext;
|
|
||||||
import javax.ws.rs.container.ContainerRequestFilter;
|
|
||||||
import javax.ws.rs.core.Context;
|
|
||||||
import javax.ws.rs.core.Form;
|
|
||||||
import javax.ws.rs.core.MultivaluedMap;
|
|
||||||
import javax.ws.rs.core.UriInfo;
|
|
||||||
import javax.ws.rs.ext.Provider;
|
|
||||||
|
|
||||||
import org.gcube.portal.oauth.OauthService;
|
|
||||||
import org.glassfish.jersey.server.internal.InternalServerProperties;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This filter is used to manage request directed to the method "access-token".
|
|
||||||
* It maps the "security_code" of the request into the gcube-token and then redirect this call
|
|
||||||
* to the SmartGears's filters. Please note that FormParams are put by previous filters under
|
|
||||||
* a property named InternalServerProperties.FORM_DECODED_PROPERTY.
|
|
||||||
*/
|
|
||||||
@Provider
|
|
||||||
@Priority(value = 0) // it should be the highest (so that it is called before the smartgears'one)
|
|
||||||
public class OauthFilter implements ContainerRequestFilter{
|
|
||||||
|
|
||||||
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(OauthFilter.class);
|
|
||||||
|
|
||||||
@Context UriInfo info;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void filter(ContainerRequestContext requestContext)
|
|
||||||
throws IOException {
|
|
||||||
|
|
||||||
logger.debug("Filter oauth called, checking the called method");
|
|
||||||
logger.debug("Request method type is " + requestContext.getMethod());
|
|
||||||
String pathRequest = info.getAbsolutePath().toString();
|
|
||||||
logger.debug("Requested method url is " + info.getAbsolutePath());
|
|
||||||
|
|
||||||
if(pathRequest.endsWith(OauthService.OAUTH_TOKEN_GET_METHOD_NAME_REQUEST)){
|
|
||||||
|
|
||||||
Form propertiesForm = (Form)requestContext.getProperty(InternalServerProperties.FORM_DECODED_PROPERTY);
|
|
||||||
MultivaluedMap<String, String> map = propertiesForm.asMap();
|
|
||||||
logger.debug("Request form parameters are " + map);
|
|
||||||
|
|
||||||
if(map.containsKey("client_secret")){
|
|
||||||
requestContext.getHeaders().add("gcube-token", map.get("client_secret").get(0));
|
|
||||||
}else{
|
|
||||||
logger.error("Parameter client_secret is missing");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
||||||
|
<handlers>
|
||||||
|
<lifecycle>
|
||||||
|
<profile-management />
|
||||||
|
</lifecycle>
|
||||||
|
<request>
|
||||||
|
<request-validation oauth="true"/>
|
||||||
|
<request-accounting />
|
||||||
|
</request>
|
||||||
|
</handlers>
|
|
@ -4,13 +4,13 @@
|
||||||
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
|
||||||
version="3.0">
|
version="3.0">
|
||||||
|
|
||||||
<display-name>RESTFul Web Service - OAUTH</display-name>
|
<display-name>RESTFul Web Service - OAUTH</display-name>
|
||||||
<servlet>
|
<servlet>
|
||||||
<servlet-name>jersey-servlet</servlet-name>
|
<servlet-name>jersey-servlet</servlet-name>
|
||||||
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
|
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
|
||||||
<init-param>
|
<init-param>
|
||||||
<param-name>jersey.config.server.provider.packages</param-name>
|
<param-name>jersey.config.server.provider.packages</param-name>
|
||||||
<param-value>org.gcube.portal.oauth,org.gcube.portal.oauth.filter</param-value>
|
<param-value>org.gcube.portal.oauth</param-value>
|
||||||
</init-param>
|
</init-param>
|
||||||
<load-on-startup>1</load-on-startup>
|
<load-on-startup>1</load-on-startup>
|
||||||
</servlet>
|
</servlet>
|
||||||
|
@ -18,6 +18,7 @@
|
||||||
<servlet-name>jersey-servlet</servlet-name>
|
<servlet-name>jersey-servlet</servlet-name>
|
||||||
<url-pattern>/*</url-pattern>
|
<url-pattern>/*</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
|
|
||||||
<welcome-file-list>
|
<welcome-file-list>
|
||||||
<welcome-file>index.jsp</welcome-file>
|
<welcome-file>index.jsp</welcome-file>
|
||||||
</welcome-file-list>
|
</welcome-file-list>
|
||||||
|
|
Loading…
Reference in New Issue