217 lines
7.8 KiB
Java
217 lines
7.8 KiB
Java
package org.gcube.portlets.admin;
|
|
|
|
import java.io.IOException;
|
|
import java.io.UnsupportedEncodingException;
|
|
import java.net.URL;
|
|
import java.net.URLEncoder;
|
|
import java.util.ArrayList;
|
|
import java.util.List;
|
|
|
|
import javax.portlet.PortletException;
|
|
import javax.portlet.RenderRequest;
|
|
import javax.portlet.RenderResponse;
|
|
import javax.portlet.ResourceRequest;
|
|
import javax.portlet.ResourceResponse;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
import java.util.Base64;
|
|
|
|
import org.gcube.common.portal.PortalContext;
|
|
import org.gcube.common.scope.impl.ScopeBean;
|
|
import org.gcube.common.scope.impl.ScopeBean.Type;
|
|
import org.gcube.oidc.rest.JWTToken;
|
|
import org.gcube.oidc.rest.OpenIdConnectConfiguration;
|
|
import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
|
|
//import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
|
|
import org.gcube.oidc.rest.OpenIdConnectRESTHelperException;
|
|
import org.gcube.portal.oidc.lr62.JWTCacheProxy;
|
|
import org.gcube.portal.oidc.lr62.LiferayOpenIdConnectConfiguration;
|
|
import org.gcube.vomanagement.usermanagement.GroupManager;
|
|
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
|
|
import org.gcube.vomanagement.usermanagement.model.GCubeGroup;
|
|
|
|
import com.liferay.portal.kernel.json.JSONFactoryUtil;
|
|
import com.liferay.portal.kernel.json.JSONObject;
|
|
import com.liferay.portal.kernel.json.JSONArray;
|
|
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
|
import com.liferay.portal.kernel.util.ParamUtil;
|
|
import com.liferay.portal.model.User;
|
|
import com.liferay.portal.util.PortalUtil;
|
|
import com.liferay.util.bridges.mvc.MVCPortlet;
|
|
|
|
/**
|
|
* Portlet implementation class RPTTokenReader
|
|
*/
|
|
public class RPTTokenReader extends MVCPortlet {
|
|
private static com.liferay.portal.kernel.log.Log log = LogFactoryUtil.getLog(RPTTokenReader.class);
|
|
|
|
@Override
|
|
public void render(RenderRequest renderRequest, RenderResponse renderResponse)
|
|
throws PortletException, IOException {
|
|
GroupManager gm = new LiferayGroupManager();
|
|
try {
|
|
User theUser = PortalUtil.getUser(renderRequest);
|
|
String currentContext = getCurrentContext(renderRequest);
|
|
ScopeBean bean = new ScopeBean(currentContext);
|
|
List<String> userContexts = new ArrayList<String>();
|
|
List<String> vreContexts = new ArrayList<String>();
|
|
List<GCubeGroup> userGroups = gm.listGroupsByUser(theUser.getUserId());
|
|
if (bean.is(Type.VRE)) {
|
|
userContexts.add(currentContext);
|
|
vreContexts.add(currentContext);
|
|
} else {
|
|
for (GCubeGroup g : userGroups) {
|
|
// skipping these sites
|
|
if (!(g.getFriendlyURL().equals("/guest") || g.getFriendlyURL().equals("/global"))) {
|
|
if (g.getGroupName().equals(PortalContext.getConfiguration().getInfrastructureName())) {
|
|
String context = gm.getInfrastructureScope(g.getGroupId());
|
|
userContexts.add(context);
|
|
if (context.split("/").length == 4){
|
|
vreContexts.add(context);
|
|
}
|
|
}
|
|
if (g.getParentGroupId() > 0) {
|
|
String context = gm.getInfrastructureScope(g.getGroupId());
|
|
userContexts.add(context);
|
|
if (context.split("/").length == 4){
|
|
vreContexts.add(context);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
renderRequest.setAttribute("userGroups", userGroups);
|
|
renderRequest.setAttribute("userContexts", userContexts);
|
|
renderRequest.setAttribute("vreContexts", vreContexts);
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
}
|
|
super.render(renderRequest, renderResponse);
|
|
}
|
|
|
|
public void serveResource(ResourceRequest resourceRequest, ResourceResponse resourceResponse)
|
|
throws IOException, PortletException {
|
|
String context = ParamUtil.getString(resourceRequest, "context", null);
|
|
System.out.println("Selected context=" + context);
|
|
HttpServletRequest httpReq = PortalUtil
|
|
.getOriginalServletRequest(PortalUtil.getHttpServletRequest(resourceRequest));
|
|
JWTToken umaToken = null;
|
|
JWTToken exchangedToken = null;
|
|
|
|
GroupManager gm = new LiferayGroupManager();
|
|
|
|
|
|
resourceResponse.setContentType("application/json");
|
|
JSONObject jsonObject = JSONFactoryUtil.createJSONObject();
|
|
|
|
try {
|
|
User theUser = PortalUtil.getUser(resourceRequest);
|
|
OpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(httpReq);
|
|
|
|
jsonObject.put("token_url", configuration.getTokenURL().toString());
|
|
JWTCacheProxy jwtCacheProxy = JWTCacheProxy.getInstance();
|
|
String sessionId = httpReq.getSession().getId();
|
|
String urlEncodedContext = null;
|
|
try {
|
|
urlEncodedContext = URLEncoder.encode(context, "UTF-8");
|
|
} catch (UnsupportedEncodingException e) {
|
|
// Almost impossible
|
|
log.error("Cannot URL encode context", e);
|
|
}
|
|
|
|
JWTToken authToken = jwtCacheProxy.getOIDCToken(theUser, sessionId);
|
|
umaToken = OpenIdConnectRESTHelper.queryUMAToken(configuration.getTokenURL(),
|
|
authToken.getAccessTokenAsBearer(), urlEncodedContext, null);
|
|
|
|
// URL auth_url = configuration.getTokenURL();
|
|
// log.info("auth_url " + auth_url);
|
|
// log.info("authToken " + authToken.getAccessTokenString());
|
|
// log.info("umaToken " + umaToken.getAccessTokenString());
|
|
// log.info("context " + context);
|
|
// log.info("encoded_context " + urlEncodedContext);
|
|
// log.info("client_id " + configuration.getPortalClientId());
|
|
// log.info("client_secret " + configuration.getPortalClientSecret());
|
|
|
|
exchangedToken = OpenIdConnectRESTHelperExtended.queryExchangeToken(
|
|
configuration.getTokenURL(),
|
|
umaToken.getAccessTokenString(),
|
|
urlEncodedContext,
|
|
configuration.getPortalClientId(),
|
|
configuration.getPortalClientSecret(),
|
|
null);
|
|
|
|
|
|
// log.info("exchangedToken " + exchangedToken.getAccessTokenString());
|
|
|
|
// log.debug("Got a new UMA token " + exchangedToken.getTokenEssentials());
|
|
} catch (OpenIdConnectRESTHelperException e) {
|
|
resourceResponse.setProperty(ResourceResponse.HTTP_STATUS_CODE, "" + e.getStatus());
|
|
|
|
e.printStackTrace();
|
|
jsonObject.put("success", false);
|
|
jsonObject.put("comment", e.getMessage());
|
|
resourceResponse.getWriter().println(jsonObject);
|
|
super.serveResource(resourceRequest, resourceResponse);
|
|
return;
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
jsonObject.put("success", false);
|
|
jsonObject.put("comment", e.getMessage());
|
|
resourceResponse.getWriter().println(jsonObject);
|
|
super.serveResource(resourceRequest, resourceResponse);
|
|
return;
|
|
}
|
|
|
|
// } catch (Exception e) {
|
|
// e.printStackTrace();
|
|
// JSONObject jsonObject = JSONFactoryUtil.createJSONObject();
|
|
// jsonObject.put("success", false);
|
|
// jsonObject.put("comment", e.getMessage());
|
|
// resourceResponse.getWriter().println(jsonObject);
|
|
// super.serveResource(resourceRequest, resourceResponse);
|
|
// }
|
|
|
|
jsonObject.put("success", true);
|
|
jsonObject.put("access_token", exchangedToken.getAccessTokenString());
|
|
jsonObject.put("refresh_token", exchangedToken.getRefreshTokenString());
|
|
|
|
jsonObject.put("raw_token", exchangedToken.getRaw());
|
|
|
|
jsonObject.put("access_token_exp", exchangedToken.getExp());
|
|
jsonObject.put("essential", exchangedToken.getTokenEssentials());
|
|
|
|
jsonObject.put("client_id", umaToken.getAzp());
|
|
|
|
JSONArray audiences = JSONFactoryUtil.createJSONArray();
|
|
List<String> list_audiences = exchangedToken.getAud();
|
|
for (int i = 0; i < list_audiences.size(); i++) {
|
|
audiences.put((String) list_audiences.get(i));
|
|
}
|
|
jsonObject.put("audience", audiences);
|
|
|
|
resourceResponse.getWriter().println(jsonObject);
|
|
super.serveResource(resourceRequest, resourceResponse);
|
|
}
|
|
|
|
private String getCurrentContext(RenderRequest request) {
|
|
long groupId = -1;
|
|
try {
|
|
groupId = PortalUtil.getScopeGroupId(request);
|
|
return getCurrentContext(groupId);
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
}
|
|
return null;
|
|
}
|
|
|
|
private String getCurrentContext(long groupId) {
|
|
try {
|
|
PortalContext pContext = PortalContext.getConfiguration();
|
|
return pContext.getCurrentScope("" + groupId);
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
}
|
|
return null;
|
|
}
|
|
}
|