removing application token used as default

2022-04-05 14:23:37 +02:00 · 2022-04-05 14:23:37 +02:00 · 6f57ebec3d
parent 7a1c5ef622
commit 6f57ebec3d
2 changed files with 6 additions and 15 deletions
--- a/enunciate.xml
+++ b/enunciate.xml
@ -10,6 +10,8 @@
 			pattern="org.gcube.datatransfer.resolver.services.UriResolverIndex" />
 		<exclude
 			pattern="org.gcube.datatransfer.resolver.services.UriResolverInfo" />
+		<!-- <exclude pattern="org.gcube.datatransfer.resolver.services.GoatResolver" 
+			/> -->
 		<exclude
 			pattern="org.gcube.datatransfer.resolver.services.tobackward.BackCatalogueResolver" />
 		<exclude
@ -24,11 +26,13 @@
 		<javascript-client disabled="true" />
 		<docs docsDir="${project.build.directory}" docsSubdir="docs" />
 		<!-- REPLACE THE ${project.artifactId} WITH YOUR APPLICATION NAME. E.g. 
-			/gcat, /uri-resolver /> if the ${project.artifactId} is not equal to YOUR APPLICATION NAME -->
+			/gcat, /uri-resolver /> if the ${project.artifactId} is not equal to YOUR 
+			APPLICATION NAME -->
 		<!-- <swagger basePath="${project.artifactId}" /> -->
 		<docs
 			freemarkerTemplate="${project.basedir}/src/main/resources/META-INF/enunciate/d4science_docs.fmt">
-			<additional-css file="css/d4science_enunciate_custom.css" />
+			<additional-css
+				file="css/d4science_enunciate_custom.css" />
 		</docs>
 	</modules>

--- a/src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java
+++ b/src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java
@ -14,10 +14,8 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;

 import org.gcube.common.authorization.library.provider.AuthorizationProvider;
-import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
 import org.gcube.common.authorization.library.provider.UserInfo;
 import org.gcube.common.scope.api.ScopeProvider;
-import org.gcube.datatransfer.resolver.requesthandler.RequestHandler;
 import org.gcube.datatransfer.resolver.services.error.ExceptionManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -35,19 +33,8 @@ public class GoatResolver {

 		try {

-			String oldToken = SecurityTokenProvider.instance.get();
 			String scope = ScopeProvider.instance.get();
 			LOG.info("ScopeProvider has scope: " + scope);
-
-			String appToken = req.getServletContext().getInitParameter(RequestHandler.ROOT_APP_TOKEN);
-
-			if (oldToken.compareTo(appToken) == 0) {
-				LOG.error("Token not passed, SecurityTokenProvider contains the root app token: "
-						+ appToken.substring(0, 10) + "...");
-				throw ExceptionManager.unauthorizedException(req,
-						"You are not authorized. You must pass a valid D4Science token", this.getClass(), "");
-			}
-
 			String username = AuthorizationProvider.instance.get().getClient().getId();
 			UserInfo userInfo = new UserInfo(username, new ArrayList<>());
 			String userToken = authorizationService().generateUserToken(userInfo, scope);