57 lines
2.0 KiB
Java
57 lines
2.0 KiB
Java
package org.gcube.portal.oauth.request.filter;
|
|
|
|
import java.io.IOException;
|
|
|
|
import javax.annotation.Priority;
|
|
import javax.ws.rs.container.ContainerRequestContext;
|
|
import javax.ws.rs.container.ContainerRequestFilter;
|
|
import javax.ws.rs.core.Context;
|
|
import javax.ws.rs.core.Form;
|
|
import javax.ws.rs.core.MultivaluedMap;
|
|
import javax.ws.rs.core.UriInfo;
|
|
import javax.ws.rs.ext.Provider;
|
|
|
|
import org.gcube.portal.oauth.OauthService;
|
|
import org.glassfish.jersey.server.internal.InternalServerProperties;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
/**
|
|
* This filter is used to manage request directed to the method "access-token".
|
|
* It maps the "security_code" of the request into the gcube-token and then redirect this call
|
|
* to the SmartGears's filters. Please note that FormParams are put by previous filters under
|
|
* a property named InternalServerProperties.FORM_DECODED_PROPERTY.
|
|
*/
|
|
@Provider
|
|
@Priority(value = 0) // it should be the highest (so that it is called before the smartgears'one)
|
|
public class OauthFilter implements ContainerRequestFilter{
|
|
|
|
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(OauthFilter.class);
|
|
|
|
@Context UriInfo info;
|
|
|
|
@Override
|
|
public void filter(ContainerRequestContext requestContext)
|
|
throws IOException {
|
|
|
|
logger.debug("Filter oauth called, checking the called method");
|
|
logger.debug("Request method type is " + requestContext.getMethod());
|
|
String pathRequest = info.getAbsolutePath().toString();
|
|
logger.debug("Requested method url is " + info.getAbsolutePath());
|
|
|
|
if(pathRequest.endsWith(OauthService.OAUTH_TOKEN_GET_METHOD_NAME_REQUEST)){
|
|
|
|
Form propertiesForm = (Form)requestContext.getProperty(InternalServerProperties.FORM_DECODED_PROPERTY);
|
|
MultivaluedMap<String, String> map = propertiesForm.asMap();
|
|
logger.debug("Request form parameters are " + map);
|
|
|
|
if(map.containsKey("client_secret")){
|
|
requestContext.getHeaders().add("gcube-token", map.get("client_secret").get(0));
|
|
}else{
|
|
logger.error("Parameter client_secret is missing");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
|