From f7d01c61afe48ca91a0a972952b31eba3523254a Mon Sep 17 00:00:00 2001
From: Massimiliano Assante <massimiliano.assante@isti.cnr.it>
Date: Thu, 10 Nov 2016 14:10:01 +0000
Subject: [PATCH] updated to read the header request params for context and set
 the token and scope in the thread local

git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/portal/threadlocal-vars-cleaner@134040 82a268e6-3cf1-43bd-a215-b396298e98cf
---
 pom.xml                                       | 12 +++-
 .../SmartGearsPortalValve.java                | 67 ++++++++++++++++++-
 2 files changed, 77 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7855b83..b8eb95a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
 
 	<groupId>org.gcube.portal</groupId>
 	<artifactId>threadlocal-vars-cleaner</artifactId>
-	<version>2.0.0-SNAPSHOT</version>
+	<version>2.1.0-SNAPSHOT</version>
 	<packaging>jar</packaging>
 
 	<name>threadlocal-vars-cleaner</name>
@@ -58,6 +58,16 @@
 			<artifactId>common-authorization</artifactId>
 			<scope>provided</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.gcube.common.portal</groupId>
+			<artifactId>portal-manager</artifactId>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.liferay.portal</groupId>
+			<artifactId>portal-service</artifactId>
+			<scope>provided</scope>
+		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
diff --git a/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java b/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
index cea3359..10b8fa3 100644
--- a/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
+++ b/src/main/java/org/gcube/portal/threadlocalexec/SmartGearsPortalValve.java
@@ -1,17 +1,26 @@
 package org.gcube.portal.threadlocalexec;
 
+import static org.gcube.common.authorization.client.Constants.authorizationService;
+
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
 
 import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
 
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.catalina.valves.ValveBase;
 import org.gcube.common.authorization.library.provider.AuthorizationProvider;
 import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
+import org.gcube.common.authorization.library.provider.UserInfo;
+import org.gcube.common.portal.PortalContext;
 import org.gcube.common.scope.api.ScopeProvider;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
+import com.liferay.portal.service.UserLocalServiceUtil;
 /**
  * 
  * @author Massimiliano Assante, CNR ISTI
@@ -20,14 +29,70 @@ import org.slf4j.LoggerFactory;
  */
 public class SmartGearsPortalValve extends ValveBase  {
 	private static final Logger _log = LoggerFactory.getLogger(SmartGearsPortalValve.class);
+	private final static String DEFAULT_ROLE = "OrganizationMember";
+
+
 
 	@Override
 	public void invoke(Request req, Response resp) throws IOException,	ServletException {
 		SecurityTokenProvider.instance.reset();
 		ScopeProvider.instance.reset();
 		AuthorizationProvider.instance.reset();
+		_log.trace("SmartGearsPortalValve SecurityTokenProvider and AuthorizationProvider reset OK");
+		if (req instanceof HttpServletRequest) {
+			HttpServletRequest request =  (HttpServletRequest) req;
+			PortalContext context = PortalContext.getConfiguration();
+
+			String scope = context.getCurrentScope(request);
+			String username = getCurrentUsername(request);
+			if (scope != null && username != null) {
+				try {
+					String userToken = getAuthorizationToken(username, scope);
+					SecurityTokenProvider.instance.set(userToken);
+				} catch (Exception e) {
+					_log.error("Something went wrong in generating token for " + username + " in scope " + scope);
+					e.printStackTrace();
+				}
+				_log.trace("Security token set OK for " + username + " in scope " + scope);
+			}
+		}
 		getNext().invoke(req, resp);
-//		_log.trace("SmartGearsPortalValve SecurityTokenProvider and AuthorizationProvider reset OK");
+	}
+
+	/**
+	 * 
+	 * @param username
+	 * @param scope
+	 * @throws Exception
+	 */
+	private static String getAuthorizationToken(String username, String scope) throws Exception {
+		ScopeProvider.instance.set(scope);
+		List<String> userRoles = new ArrayList<>();
+		userRoles.add(DEFAULT_ROLE);
+		String token = authorizationService().generateUserToken(new UserInfo(username, userRoles), scope);
+		return token;
+	}
+	
+	/**
+	 * 
+	 * @param httpServletRequest the httpServletRequest object
+	 * @return the instance of the user 
+	 * @see GCubeUser
+	 */
+	public static String getCurrentUsername(HttpServletRequest httpServletRequest) {
+		String userIdNo = httpServletRequest.getHeader(PortalContext.USER_ID_ATTR_NAME);
+		if (userIdNo != null) {
+			long userId = -1;
+			try {
+				userId = Long.parseLong(userIdNo);
+				return UserLocalServiceUtil.getUser(userId).getScreenName();
+			} catch (NumberFormatException e) {
+				_log.error("The userId is not a number -> " + userId);
+			} catch (Exception e) {
+				_log.error("The userId does not belong to any user -> " + userId);
+			}
+		} 
+		return null;
 	}
 }