ready for release
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/portal-auth-library@142112 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
f6d80e163c
commit
c50886a022
|
@ -1,6 +1,8 @@
|
|||
package org.gcube.portal.auth;
|
||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.client;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
@ -14,7 +16,9 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.resources.gcore.GCoreEndpoint;
|
||||
import org.gcube.common.resources.gcore.Resources;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
|
||||
|
@ -44,6 +48,10 @@ public class AuthUtil {
|
|||
public final static String ENDPOINT_TYPE = "ServiceEndpoint";
|
||||
public final static String ENDPOINT_CATEGORY = "OnlineService";
|
||||
|
||||
public final static String OAUTH_ENDPOINT_CLASS = "Portal";
|
||||
public final static String OAUTH_ENDPOINT_NAME = "oauth";
|
||||
private static final String OAUTH_ENDPOINT_ENTRYNAME = "jersey-servlet";
|
||||
|
||||
/**
|
||||
* look for the clientId passes as parameter
|
||||
* @param clientId
|
||||
|
@ -115,13 +123,34 @@ public class AuthUtil {
|
|||
}
|
||||
return map;
|
||||
}
|
||||
/**
|
||||
* <p>
|
||||
* @return a qualifier token for a given user token or <code>null</code> in case of problems
|
||||
* </p>
|
||||
* @param userToken
|
||||
*/
|
||||
public static String generateAuthorizationQualifierToken(String appName, String userToken) {
|
||||
String qToken;
|
||||
String apiQualifier = "AuthorisedApp-"+appName;
|
||||
try {
|
||||
String encodedApiQualifier = URLEncoder.encode(apiQualifier, "UTF-8").replaceAll("\\+", "%20");
|
||||
String currToken = SecurityTokenProvider.instance.get();
|
||||
SecurityTokenProvider.instance.set(userToken);
|
||||
qToken = authorizationService().generateApiKey(encodedApiQualifier);
|
||||
SecurityTokenProvider.instance.set(currToken);
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return null;
|
||||
}
|
||||
return qToken;
|
||||
}
|
||||
|
||||
/**
|
||||
* look for the clientId passes as parameter
|
||||
* @param clientId
|
||||
* @return a <code>RequestingApp</code> contanining the application name, the description and the application logo URL if any, or <code>null</code> if non existent
|
||||
*/
|
||||
public static List<ServiceEndpoint> getAuthorisedApplicationInfoFromIsICClient(String infrastructureName, String clientId) throws Exception {
|
||||
public static ServiceEndpoint getAuthorisedApplicationInfoFromIsICClient(String infrastructureName, String clientId) throws Exception {
|
||||
String scope = "/" + infrastructureName;
|
||||
String currScope = ScopeProvider.instance.get();
|
||||
ScopeProvider.instance.set(scope);
|
||||
|
@ -131,29 +160,21 @@ public class AuthUtil {
|
|||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||
List<ServiceEndpoint> toReturn = client.submit(query);
|
||||
ScopeProvider.instance.set(currScope);
|
||||
return toReturn;
|
||||
if (toReturn.size() > 0)
|
||||
return toReturn.get(0);
|
||||
else
|
||||
return null;
|
||||
}
|
||||
/**
|
||||
* look for the clientId AccessEndpoint passes as parameter
|
||||
* @param gatewayName
|
||||
* @param clientId
|
||||
* @return the client secret related to the id, or null if non existent
|
||||
* <p>
|
||||
* return the authorised redirect for the service endpoint of type OnlineService
|
||||
* </p>
|
||||
* @param toLookFor an instance of <code>ServiceEndpoint</code>
|
||||
* @return the list of authorised redirectURLs or <code>null
|
||||
*/
|
||||
public static List<String> getAuthorisedRedirectURLsFromIs(String clientId) {
|
||||
PortalContext pContext = PortalContext.getConfiguration();
|
||||
String scope = "/"+pContext.getInfrastructureName();
|
||||
public static List<String> getAuthorisedRedirectURLsFromIs(ServiceEndpoint toLookFor) {
|
||||
List<String> autRedirectURLs = new ArrayList<>();
|
||||
try {
|
||||
List<ServiceEndpoint> list = getAuthorisedApplicationInfoFromIsICClient(pContext.getInfrastructureName(), clientId);
|
||||
if (list.size() > 1) {
|
||||
_log.error("Too many Service Endpoints having name " + clientId +" in this scope having Category " + SERVICE_ENDPOINT_CATEGORY);
|
||||
}
|
||||
else if (list.size() == 0){
|
||||
_log.warn("There is no Service Endpoint having name " + clientId +" and Category " + SERVICE_ENDPOINT_CATEGORY + " in this scope: " + scope);
|
||||
}
|
||||
else {
|
||||
for (ServiceEndpoint res : list) {
|
||||
Group<AccessPoint> apGroup = res.profile().accessPoints();
|
||||
Group<AccessPoint> apGroup = toLookFor.profile().accessPoints();
|
||||
AccessPoint[] accessPoints = (AccessPoint[]) apGroup.toArray(new AccessPoint[apGroup.size()]);
|
||||
for (int i = 0; i < accessPoints.length; i++) {
|
||||
if (accessPoints[i].name().compareTo(REDIRECT_URL) == 0) {
|
||||
|
@ -161,12 +182,37 @@ public class AuthUtil {
|
|||
autRedirectURLs.add(found.address());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
return null;
|
||||
}
|
||||
return autRedirectURLs;
|
||||
}
|
||||
/**
|
||||
* Instantiates a new gcore endpoint reader.
|
||||
*
|
||||
* @param scope the scope
|
||||
* @throws Exception the exception
|
||||
*/
|
||||
public static String getOAuthServiceEndPoint(String infrastructureName) throws Exception {
|
||||
String scope = "/" + infrastructureName;
|
||||
String currScope = ScopeProvider.instance.get();
|
||||
ScopeProvider.instance.set(scope);
|
||||
|
||||
|
||||
SimpleQuery query = queryFor(GCoreEndpoint.class);
|
||||
query.addCondition(String.format("$resource/Profile/ServiceClass/text() eq '%s'",OAUTH_ENDPOINT_CLASS));
|
||||
query.addCondition("$resource/Profile/DeploymentData/Status/text() eq 'ready'");
|
||||
query.addCondition(String.format("$resource/Profile/ServiceName/text() eq '%s'",OAUTH_ENDPOINT_NAME));
|
||||
query.setResult("$resource/Profile/AccessPoint/RunningInstanceInterfaces//Endpoint[@EntryName/string() eq \""+OAUTH_ENDPOINT_ENTRYNAME+"\"]/text()");
|
||||
|
||||
|
||||
DiscoveryClient<String> client = client();
|
||||
List<String> toReturn = client.submit(query);
|
||||
if (toReturn == null || toReturn.isEmpty()) throw new Exception("Cannot retrieve the GCoreEndpoint serviceName: "+OAUTH_ENDPOINT_NAME +", serviceClass: " +OAUTH_ENDPOINT_CLASS +", in scope: "+scope);
|
||||
|
||||
|
||||
ScopeProvider.instance.set(currScope);
|
||||
if (toReturn.size() > 0)
|
||||
return toReturn.get(0);
|
||||
else
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -2,8 +2,17 @@ package org.gcube.portal.auth;
|
|||
|
||||
import java.util.List;
|
||||
|
||||
import org.gcube.portal.auth.AuthUtil;
|
||||
import org.gcube.portal.auth.RequestingApp;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.entity.ContentType;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.http.impl.client.LaxRedirectStrategy;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
|
||||
import com.liferay.portal.kernel.json.JSONObject;
|
||||
|
||||
import junit.framework.Test;
|
||||
import junit.framework.TestCase;
|
||||
|
@ -35,21 +44,22 @@ public class AppTest extends TestCase {
|
|||
* Rigourous Test :-)
|
||||
*/
|
||||
public void testApp() {
|
||||
// RequestingApp app = AuthUtil.getAuthorisedApplicationInfoFromIs("c96d4477-236c-4f98-ba7d-7897991ef412");
|
||||
// if (app != null) {
|
||||
// System.out.println(app.getApplicationId());
|
||||
// System.out.println(app.getLogoURL());
|
||||
// }
|
||||
// assertTrue( app != null );
|
||||
System.out.println("getAuthorisedRedirectURLsFromIs ... ");
|
||||
try {
|
||||
List<String> authreds = AuthUtil.getAuthorisedRedirectURLsFromIs("c96d4477-236c-4f98-ba7d-7897991ef412");
|
||||
for (String red : authreds) {
|
||||
ServiceEndpoint authorisedApp = AuthUtil.getAuthorisedApplicationInfoFromIsICClient(PortalContext.getConfiguration().getInfrastructureName(), "c96d4477-236c-4f98-ba7d-7897991ef412");
|
||||
List<String> authorisedRedirectURLs = AuthUtil.getAuthorisedRedirectURLsFromIs(authorisedApp);
|
||||
|
||||
for (String red : authorisedRedirectURLs) {
|
||||
System.out.println(red);
|
||||
}
|
||||
|
||||
String oauthendPoint = AuthUtil.getOAuthServiceEndPoint(PortalContext.getConfiguration().getInfrastructureName());
|
||||
System.out.println(oauthendPoint);
|
||||
} catch (Exception e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue