removing application token used as default
This commit is contained in:
parent
7a1c5ef622
commit
6f57ebec3d
|
@ -10,6 +10,8 @@
|
||||||
pattern="org.gcube.datatransfer.resolver.services.UriResolverIndex" />
|
pattern="org.gcube.datatransfer.resolver.services.UriResolverIndex" />
|
||||||
<exclude
|
<exclude
|
||||||
pattern="org.gcube.datatransfer.resolver.services.UriResolverInfo" />
|
pattern="org.gcube.datatransfer.resolver.services.UriResolverInfo" />
|
||||||
|
<!-- <exclude pattern="org.gcube.datatransfer.resolver.services.GoatResolver"
|
||||||
|
/> -->
|
||||||
<exclude
|
<exclude
|
||||||
pattern="org.gcube.datatransfer.resolver.services.tobackward.BackCatalogueResolver" />
|
pattern="org.gcube.datatransfer.resolver.services.tobackward.BackCatalogueResolver" />
|
||||||
<exclude
|
<exclude
|
||||||
|
@ -24,11 +26,13 @@
|
||||||
<javascript-client disabled="true" />
|
<javascript-client disabled="true" />
|
||||||
<docs docsDir="${project.build.directory}" docsSubdir="docs" />
|
<docs docsDir="${project.build.directory}" docsSubdir="docs" />
|
||||||
<!-- REPLACE THE ${project.artifactId} WITH YOUR APPLICATION NAME. E.g.
|
<!-- REPLACE THE ${project.artifactId} WITH YOUR APPLICATION NAME. E.g.
|
||||||
/gcat, /uri-resolver /> if the ${project.artifactId} is not equal to YOUR APPLICATION NAME -->
|
/gcat, /uri-resolver /> if the ${project.artifactId} is not equal to YOUR
|
||||||
|
APPLICATION NAME -->
|
||||||
<!-- <swagger basePath="${project.artifactId}" /> -->
|
<!-- <swagger basePath="${project.artifactId}" /> -->
|
||||||
<docs
|
<docs
|
||||||
freemarkerTemplate="${project.basedir}/src/main/resources/META-INF/enunciate/d4science_docs.fmt">
|
freemarkerTemplate="${project.basedir}/src/main/resources/META-INF/enunciate/d4science_docs.fmt">
|
||||||
<additional-css file="css/d4science_enunciate_custom.css" />
|
<additional-css
|
||||||
|
file="css/d4science_enunciate_custom.css" />
|
||||||
</docs>
|
</docs>
|
||||||
</modules>
|
</modules>
|
||||||
|
|
||||||
|
|
|
@ -14,10 +14,8 @@ import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
|
|
||||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
||||||
import org.gcube.common.authorization.library.provider.UserInfo;
|
import org.gcube.common.authorization.library.provider.UserInfo;
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.datatransfer.resolver.requesthandler.RequestHandler;
|
|
||||||
import org.gcube.datatransfer.resolver.services.error.ExceptionManager;
|
import org.gcube.datatransfer.resolver.services.error.ExceptionManager;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
@ -35,19 +33,8 @@ public class GoatResolver {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
String oldToken = SecurityTokenProvider.instance.get();
|
|
||||||
String scope = ScopeProvider.instance.get();
|
String scope = ScopeProvider.instance.get();
|
||||||
LOG.info("ScopeProvider has scope: " + scope);
|
LOG.info("ScopeProvider has scope: " + scope);
|
||||||
|
|
||||||
String appToken = req.getServletContext().getInitParameter(RequestHandler.ROOT_APP_TOKEN);
|
|
||||||
|
|
||||||
if (oldToken.compareTo(appToken) == 0) {
|
|
||||||
LOG.error("Token not passed, SecurityTokenProvider contains the root app token: "
|
|
||||||
+ appToken.substring(0, 10) + "...");
|
|
||||||
throw ExceptionManager.unauthorizedException(req,
|
|
||||||
"You are not authorized. You must pass a valid D4Science token", this.getClass(), "");
|
|
||||||
}
|
|
||||||
|
|
||||||
String username = AuthorizationProvider.instance.get().getClient().getId();
|
String username = AuthorizationProvider.instance.get().getClient().getId();
|
||||||
UserInfo userInfo = new UserInfo(username, new ArrayList<>());
|
UserInfo userInfo = new UserInfo(username, new ArrayList<>());
|
||||||
String userToken = authorizationService().generateUserToken(userInfo, scope);
|
String userToken = authorizationService().generateUserToken(userInfo, scope);
|
||||||
|
|
Loading…
Reference in New Issue