updated to read the header request params for context and set the token and scope in the thread local
git-svn-id: https://svn.d4science.research-infrastructures.eu/gcube/trunk/portal/threadlocal-vars-cleaner@134040 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
e522a0f670
commit
f7d01c61af
12
pom.xml
12
pom.xml
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
<groupId>org.gcube.portal</groupId>
|
||||
<artifactId>threadlocal-vars-cleaner</artifactId>
|
||||
<version>2.0.0-SNAPSHOT</version>
|
||||
<version>2.1.0-SNAPSHOT</version>
|
||||
<packaging>jar</packaging>
|
||||
|
||||
<name>threadlocal-vars-cleaner</name>
|
||||
|
|
@ -58,6 +58,16 @@
|
|||
<artifactId>common-authorization</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common.portal</groupId>
|
||||
<artifactId>portal-manager</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.liferay.portal</groupId>
|
||||
<artifactId>portal-service</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-api</artifactId>
|
||||
|
|
|
|||
|
|
@ -1,17 +1,26 @@
|
|||
package org.gcube.portal.threadlocalexec;
|
||||
|
||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.catalina.connector.Request;
|
||||
import org.apache.catalina.connector.Response;
|
||||
import org.apache.catalina.valves.ValveBase;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||
import org.gcube.common.portal.PortalContext;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.liferay.portal.service.UserLocalServiceUtil;
|
||||
/**
|
||||
*
|
||||
* @author Massimiliano Assante, CNR ISTI
|
||||
|
|
@ -20,14 +29,70 @@ import org.slf4j.LoggerFactory;
|
|||
*/
|
||||
public class SmartGearsPortalValve extends ValveBase {
|
||||
private static final Logger _log = LoggerFactory.getLogger(SmartGearsPortalValve.class);
|
||||
private final static String DEFAULT_ROLE = "OrganizationMember";
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public void invoke(Request req, Response resp) throws IOException, ServletException {
|
||||
SecurityTokenProvider.instance.reset();
|
||||
ScopeProvider.instance.reset();
|
||||
AuthorizationProvider.instance.reset();
|
||||
_log.trace("SmartGearsPortalValve SecurityTokenProvider and AuthorizationProvider reset OK");
|
||||
if (req instanceof HttpServletRequest) {
|
||||
HttpServletRequest request = (HttpServletRequest) req;
|
||||
PortalContext context = PortalContext.getConfiguration();
|
||||
|
||||
String scope = context.getCurrentScope(request);
|
||||
String username = getCurrentUsername(request);
|
||||
if (scope != null && username != null) {
|
||||
try {
|
||||
String userToken = getAuthorizationToken(username, scope);
|
||||
SecurityTokenProvider.instance.set(userToken);
|
||||
} catch (Exception e) {
|
||||
_log.error("Something went wrong in generating token for " + username + " in scope " + scope);
|
||||
e.printStackTrace();
|
||||
}
|
||||
_log.trace("Security token set OK for " + username + " in scope " + scope);
|
||||
}
|
||||
}
|
||||
getNext().invoke(req, resp);
|
||||
// _log.trace("SmartGearsPortalValve SecurityTokenProvider and AuthorizationProvider reset OK");
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param username
|
||||
* @param scope
|
||||
* @throws Exception
|
||||
*/
|
||||
private static String getAuthorizationToken(String username, String scope) throws Exception {
|
||||
ScopeProvider.instance.set(scope);
|
||||
List<String> userRoles = new ArrayList<>();
|
||||
userRoles.add(DEFAULT_ROLE);
|
||||
String token = authorizationService().generateUserToken(new UserInfo(username, userRoles), scope);
|
||||
return token;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param httpServletRequest the httpServletRequest object
|
||||
* @return the instance of the user
|
||||
* @see GCubeUser
|
||||
*/
|
||||
public static String getCurrentUsername(HttpServletRequest httpServletRequest) {
|
||||
String userIdNo = httpServletRequest.getHeader(PortalContext.USER_ID_ATTR_NAME);
|
||||
if (userIdNo != null) {
|
||||
long userId = -1;
|
||||
try {
|
||||
userId = Long.parseLong(userIdNo);
|
||||
return UserLocalServiceUtil.getUser(userId).getScreenName();
|
||||
} catch (NumberFormatException e) {
|
||||
_log.error("The userId is not a number -> " + userId);
|
||||
} catch (Exception e) {
|
||||
_log.error("The userId does not belong to any user -> " + userId);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue