diff --git a/.classpath b/.classpath
new file mode 100644
index 0000000..7bd7856
--- /dev/null
+++ b/.classpath
@@ -0,0 +1,26 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/.project b/.project
new file mode 100644
index 0000000..ea1b8a8
--- /dev/null
+++ b/.project
@@ -0,0 +1,23 @@
+
+
+ portal-auth-library
+
+
+
+
+
+ org.eclipse.jdt.core.javabuilder
+
+
+
+
+ org.eclipse.m2e.core.maven2Builder
+
+
+
+
+
+ org.eclipse.jdt.core.javanature
+ org.eclipse.m2e.core.maven2Nature
+
+
diff --git a/.settings/org.eclipse.core.resources.prefs b/.settings/org.eclipse.core.resources.prefs
new file mode 100644
index 0000000..f9fe345
--- /dev/null
+++ b/.settings/org.eclipse.core.resources.prefs
@@ -0,0 +1,4 @@
+eclipse.preferences.version=1
+encoding//src/main/java=UTF-8
+encoding//src/test/java=UTF-8
+encoding/=UTF-8
diff --git a/.settings/org.eclipse.jdt.core.prefs b/.settings/org.eclipse.jdt.core.prefs
new file mode 100644
index 0000000..ec4300d
--- /dev/null
+++ b/.settings/org.eclipse.jdt.core.prefs
@@ -0,0 +1,5 @@
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
+org.eclipse.jdt.core.compiler.compliance=1.7
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.7
diff --git a/.settings/org.eclipse.m2e.core.prefs b/.settings/org.eclipse.m2e.core.prefs
new file mode 100644
index 0000000..f897a7f
--- /dev/null
+++ b/.settings/org.eclipse.m2e.core.prefs
@@ -0,0 +1,4 @@
+activeProfiles=
+eclipse.preferences.version=1
+resolveWorkspaceProjects=true
+version=1
diff --git a/distro/LICENSE b/distro/LICENSE
new file mode 100644
index 0000000..2d9616a
--- /dev/null
+++ b/distro/LICENSE
@@ -0,0 +1 @@
+${gcube.license}
\ No newline at end of file
diff --git a/distro/README b/distro/README
new file mode 100644
index 0000000..35c99c0
--- /dev/null
+++ b/distro/README
@@ -0,0 +1,67 @@
+The gCube System - ${name}
+--------------------------------------------------
+
+${description}
+
+
+${gcube.description}
+
+${gcube.funding}
+
+
+Version
+--------------------------------------------------
+
+${version} (${buildDate})
+
+Please see the file named "changelog.xml" in this directory for the release notes.
+
+
+Authors
+--------------------------------------------------
+
+* Massimiliano Assante (massimiliano.assante-AT-isti.cnr.it), Istituto di Scienza e Tecnologie dell'Informazione "A. Faedo" - CNR, Pisa (Italy).
+
+
+
+Maintainers
+-----------
+
+* Massimiliano Assante (massimiliano.assante-AT-isti.cnr.it), Istituto di Scienza e Tecnologie dell'Informazione "A. Faedo" - CNR, Pisa (Italy).
+
+
+Download information
+--------------------------------------------------
+
+Source code is available from SVN:
+ ${scm.url}
+
+Binaries can be downloaded from the gCube website:
+ ${gcube.website}
+
+
+Installation
+--------------------------------------------------
+
+Installation documentation is available on-line in the gCube Wiki:
+ ${gcube.wikiRoot}/
+
+
+Documentation
+--------------------------------------------------
+
+Documentation is available on-line in the gCube Wiki:
+ ${gcube.wikiRoot}/
+ ${gcube.wikiRoot}/
+
+Support
+--------------------------------------------------
+
+Bugs and support requests can be reported in the gCube issue tracking tool:
+ ${gcube.issueTracking}
+
+
+Licensing
+--------------------------------------------------
+
+This software is licensed under the terms you may find in the file named "LICENSE" in this directory.
diff --git a/distro/changelog.xml b/distro/changelog.xml
new file mode 100644
index 0000000..cc869bd
--- /dev/null
+++ b/distro/changelog.xml
@@ -0,0 +1,4 @@
+
+
+
\ No newline at end of file
diff --git a/distro/descriptor.xml b/distro/descriptor.xml
new file mode 100644
index 0000000..9144461
--- /dev/null
+++ b/distro/descriptor.xml
@@ -0,0 +1,42 @@
+
+ servicearchive
+
+ tar.gz
+
+ /
+
+
+ ${distroDirectory}
+ /
+ true
+
+ README
+ LICENSE
+ changelog.xml
+ profile.xml
+
+ 755
+ true
+
+
+ target/apidocs
+ /${artifactId}/doc/api
+ true
+ 755
+
+
+
+
+
+ ./
+ true
+
+
+
+ /${artifactId}
+
+
+
\ No newline at end of file
diff --git a/distro/profile.xml b/distro/profile.xml
new file mode 100644
index 0000000..3a8d912
--- /dev/null
+++ b/distro/profile.xml
@@ -0,0 +1,25 @@
+
+
+
+ Library
+
+ ${description}
+ Portal
+ ${artifactId}
+ 1.0.0
+
+
+ ${artifactId}
+ ${version}
+
+ ${groupId}
+ ${artifactId}
+ ${version}
+
+
+ ${build.finalName}.jar
+
+
+
+
+
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..2603cb9
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,206 @@
+
+ 4.0.0
+
+ maven-parent
+ org.gcube.tools
+ 1.0.0
+
+
+
+ org.gcube.portal.auth
+ portal-auth-library
+ 1.0.0-SNAPSHOT
+ jar
+
+ portal-auth-library
+
+ portal-auth-library contains utils for managing authorisation in the infrastructure
+
+
+ scm:svn:http://svn.d4science.research-infrastructures.eu/gcube/trunk/portal/${project.artifactId}
+ scm:https://svn.d4science.research-infrastructures.eu/gcube/trunk/portal/${project.artifactId}
+ http://svn.d4science.research-infrastructures.eu/gcube/trunk/portlal/${project.artifactId}
+
+
+ distro
+ 1.7
+ 1.7
+ 6.2.5
+ UTF-8
+ UTF-8
+
+
+
+
+ org.gcube.distribution
+ maven-portal-bom
+ LATEST
+ pom
+ import
+
+
+
+
+
+ org.gcube.common
+ authorization-client
+
+
+ org.gcube.common
+ common-authorization
+
+
+ org.gcube.common.portal
+ portal-manager
+
+
+ org.gcube.resources.discovery
+ ic-client
+
+
+ org.gcube.resources
+ registry-publisher
+
+
+ javax.portlet
+ portlet-api
+ provided
+
+
+ com.liferay.portal
+ portal-service
+ provided
+
+
+ com.liferay.portal
+ util-java
+ provided
+
+
+ com.liferay.portal
+ util-bridges
+ ${liferay.version}
+ provided
+
+
+ com.liferay.portal
+ util-taglib
+ ${liferay.version}
+ provided
+
+
+ log4j
+ log4j
+
+
+ org.slf4j
+ slf4j-log4j12
+
+
+ org.slf4j
+ slf4j-api
+
+
+ junit
+ junit
+ 3.8.1
+ test
+
+
+
+
+
+ src/main/java
+
+ **/*.*
+
+
+
+
+
+ maven-compiler-plugin
+ 3.0
+
+
+ 1.7
+
+
+
+
+ org.apache.maven.plugins
+ maven-jar-plugin
+ 2.2
+
+
+
+ test-jar
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-surefire-plugin
+ 2.12
+
+ true
+
+
+
+ org.apache.maven.plugins
+ maven-resources-plugin
+ 2.5
+
+
+ copy-profile
+ install
+
+ copy-resources
+
+
+ target
+
+
+ ${distroDirectory}
+ true
+
+ profile.xml
+
+
+
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-assembly-plugin
+ 2.2
+
+
+ ${distroDirectory}/descriptor.xml
+
+
+
+ fully.qualified.MainClass
+
+
+
+
+
+ servicearchive
+ install
+
+ single
+
+
+
+
+
+
+
+
+
diff --git a/src/main/java/org/gcube/portal/auth/library/AuthUtil.java b/src/main/java/org/gcube/portal/auth/library/AuthUtil.java
new file mode 100644
index 0000000..9de2cc5
--- /dev/null
+++ b/src/main/java/org/gcube/portal/auth/library/AuthUtil.java
@@ -0,0 +1,118 @@
+package org.gcube.portal.auth.library;
+import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
+import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
+
+import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.gcube.common.portal.PortalContext;
+import org.gcube.common.resources.gcore.ServiceEndpoint;
+import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
+import org.gcube.common.resources.gcore.ServiceEndpoint.Property;
+import org.gcube.common.resources.gcore.utils.Group;
+import org.gcube.common.scope.api.ScopeProvider;
+
+import org.gcube.resources.discovery.client.api.DiscoveryClient;
+import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+
+
+/**
+ *
+ * @author Massimiliano Assante, CNR-ISTI
+ *
+ */
+public class AuthUtil {
+ private static final Logger _log = LoggerFactory.getLogger(AuthUtil.class);
+
+ final String REDIRECT_URL = "RedirectURL";
+ final String SERVICE_ENDPOINT_CATEGORY = "OnlineService";
+ final String LOGOURL_ATTR = "Logo";
+
+ public List getPortalConfigurationFromIS(String infrastructureName, String clientId)
+ throws Exception {
+ String scope = "/" + infrastructureName;
+ String currScope = ScopeProvider.instance.get();
+ ScopeProvider.instance.set(scope);
+ SimpleQuery query = queryFor(ServiceEndpoint.class);
+ query.addCondition("$resource/Profile/Category/text() eq '" + SERVICE_ENDPOINT_CATEGORY + "'");
+ query.addCondition("$resource/Profile/Name/text() eq '" + clientId + "'");
+ DiscoveryClient client = clientFor(ServiceEndpoint.class);
+ List toReturn = client.submit(query);
+ ScopeProvider.instance.set(currScope);
+ return toReturn;
+ }
+
+ /**
+ * look for the clientId AccessEndpoint passes as parameter
+ * @param clientId
+ * @return a RequestingApp
contanining the application name, the description and the application logo URL if any, or null if non existent
+ */
+ private RequestingApp getAuthorisedApplicationInfoFromIs(String clientId) {
+ RequestingApp toReturn = new RequestingApp();
+ String infraName = PortalContext.getConfiguration().getInfrastructureName();
+ System.out.println("infraName="+infraName);
+
+ try {
+ List list = getPortalConfigurationFromIS(infraName, clientId);
+ if (list.size() > 1) {
+ _log.error("Too many Service Endpoints having name " + clientId +" in this scope having Category " + SERVICE_ENDPOINT_CATEGORY);
+ return null;
+ } else if (list.size() == 0) {
+ _log.warn("There is no Service Endpoint having name " + clientId +" and Category " + SERVICE_ENDPOINT_CATEGORY + " in this scope: /" + infraName);
+ return null;
+ } else {
+ for (ServiceEndpoint res : list) {
+ toReturn.setApplicationId(res.profile().name());
+ Group apGroup = res.profile().accessPoints();
+ AccessPoint[] accessPoints = (AccessPoint[]) apGroup.toArray(new AccessPoint[apGroup.size()]);
+ AccessPoint found = accessPoints[0];
+ for (Property prop : found.properties()) {
+ if (prop.name().compareTo(LOGOURL_ATTR) == 0) {
+ toReturn.setLogoURL(prop.value());
+ return toReturn;
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ return null;
+ }
+ return toReturn;
+ }
+
+ /**
+ * construct a map for getting attributes from the quiery string
+ * @param redirectionURL the string in redirect
+ * @return a map containing the attributes, takes into account escaped characters
+ */
+ private static Map getQueryMap(String redirectionURL) {
+ String decodedURL = "";
+ try {
+ decodedURL = java.net.URLDecoder.decode(redirectionURL, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ System.out.println("UnsupportedEncodingException=" + e.getMessage());
+ return new HashMap();
+ }
+ String[] url = decodedURL.split("\\?");
+ if (url == null || url.length < 2)
+ return new HashMap();
+ final String query = url[1];
+ String[] params = query.split("&");
+ Map map = new HashMap();
+ for (String param : params) {
+ String name = param.split("=")[0];
+ String value = param.split("=")[1];
+ map.put(name, value);
+ }
+ return map;
+ }
+}
diff --git a/src/main/java/org/gcube/portal/auth/library/RequestingApp.java b/src/main/java/org/gcube/portal/auth/library/RequestingApp.java
new file mode 100644
index 0000000..a9aba94
--- /dev/null
+++ b/src/main/java/org/gcube/portal/auth/library/RequestingApp.java
@@ -0,0 +1,47 @@
+package org.gcube.portal.auth.library;
+
+import java.io.Serializable;
+
+@SuppressWarnings("serial")
+public class RequestingApp implements Serializable {
+
+
+ private String applicationId;
+ private String description;
+ private String logoURL;
+
+ public RequestingApp() {
+ super();
+ // TODO Auto-generated constructor stub
+ }
+ public RequestingApp(String applicationId, String description, String logoURL) {
+ super();
+ this.applicationId = applicationId;
+ this.description = description;
+ this.logoURL = logoURL;
+ }
+ public String getApplicationId() {
+ return applicationId;
+ }
+ public void setApplicationId(String applicationId) {
+ this.applicationId = applicationId;
+ }
+ public String getDescription() {
+ return description;
+ }
+ public void setDescription(String description) {
+ this.description = description;
+ }
+ public String getLogoURL() {
+ return logoURL;
+ }
+ public void setLogoURL(String logoURL) {
+ this.logoURL = logoURL;
+ }
+ @Override
+ public String toString() {
+ return "RequestingApp [applicationId=" + applicationId + ", description=" + description + ", logoURL=" + logoURL
+ + "]";
+ }
+
+}
diff --git a/src/test/java/org/gcube/portal/auth/library/AppTest.java b/src/test/java/org/gcube/portal/auth/library/AppTest.java
new file mode 100644
index 0000000..0ab5365
--- /dev/null
+++ b/src/test/java/org/gcube/portal/auth/library/AppTest.java
@@ -0,0 +1,36 @@
+package org.gcube.portal.auth.library;
+
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+/**
+ * Unit test for simple App.
+ */
+public class AppTest extends TestCase {
+ /**
+ * Create the test case
+ *
+ * @param testName name of the test case
+ */
+ public AppTest( String testName )
+ {
+ super( testName );
+ }
+
+ /**
+ * @return the suite of tests being tested
+ */
+ public static Test suite()
+ {
+ return new TestSuite( AppTest.class );
+ }
+
+ /**
+ * Rigourous Test :-)
+ */
+ public void testApp()
+ {
+ assertTrue( true );
+ }
+}