From 7a1c5ef6227b294f23a1fa7a2a30c05a1b26b3c3 Mon Sep 17 00:00:00 2001 From: "francesco.mangiacrapa" Date: Tue, 5 Apr 2022 14:01:00 +0200 Subject: [PATCH] #23113 added gettoken interface --- CHANGELOG.md | 4 ++ pom.xml | 2 +- .../services/AnalyticsCreateResolver.java | 3 - .../resolver/services/GoatResolver.java | 72 +++++++++++++++++++ src/main/webapp/WEB-INF/gcube-app.xml | 1 + 5 files changed, 78 insertions(+), 4 deletions(-) create mode 100644 src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java diff --git a/CHANGELOG.md b/CHANGELOG.md index 586d5a4..b0c9139 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [v2-7.2-SNAPSHOT] - 2022-04-05 + +- [#23113] Implemented a new legacy-token resolver interface + ## [v2-7.1-SNAPSHOT] - 2022-03-29 **New** diff --git a/pom.xml b/pom.xml index 61f49c9..58476b0 100644 --- a/pom.xml +++ b/pom.xml @@ -9,7 +9,7 @@ org.gcube.data.transfer uri-resolver - 2.7.1-SNAPSHOT + 2.7.2-SNAPSHOT war The URI Resolver is an HTTP URI resolver implemented as a REST service which gives access trough HTTP to different gcube Resolvers and gCube Applications. diff --git a/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java b/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java index ad76f38..4b9a1c3 100644 --- a/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java +++ b/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java @@ -204,9 +204,6 @@ public class AnalyticsCreateResolver { this.getClass(), helpURI); } -// FileContainer fileContainer = shc.getWSRoot().uploadFile(new FileInputStream(tempInvocationFile), tempInvocationFile.getName(), "DataMinerInvocation Request created by "+this.getClass().getSimpleName()); -// logger.info("UPLOADED FILE at: "+fileContainer.getPublicLink()); -// URL thePublicLink = fileContainer.getPublicLink(); publicLinkToDMInvFile = thePublicLink != null ? thePublicLink.toString() : null; } catch (Exception e) { diff --git a/src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java b/src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java new file mode 100644 index 0000000..af5d130 --- /dev/null +++ b/src/main/java/org/gcube/datatransfer/resolver/services/GoatResolver.java @@ -0,0 +1,72 @@ +package org.gcube.datatransfer.resolver.services; + +import static org.gcube.common.authorization.client.Constants.authorizationService; + +import java.util.ArrayList; + +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; + +import org.gcube.common.authorization.library.provider.AuthorizationProvider; +import org.gcube.common.authorization.library.provider.SecurityTokenProvider; +import org.gcube.common.authorization.library.provider.UserInfo; +import org.gcube.common.scope.api.ScopeProvider; +import org.gcube.datatransfer.resolver.requesthandler.RequestHandler; +import org.gcube.datatransfer.resolver.services.error.ExceptionManager; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@Path("goat") +public class GoatResolver { + + private static Logger LOG = LoggerFactory.getLogger(GoatResolver.class); + + @GET + @Path("/gettoken") + @Produces(MediaType.TEXT_PLAIN) + public Response getLegacyToken(@Context HttpServletRequest req) throws WebApplicationException { + LOG.info(this.getClass().getSimpleName() + " GET starts..."); + + try { + + String oldToken = SecurityTokenProvider.instance.get(); + String scope = ScopeProvider.instance.get(); + LOG.info("ScopeProvider has scope: " + scope); + + String appToken = req.getServletContext().getInitParameter(RequestHandler.ROOT_APP_TOKEN); + + if (oldToken.compareTo(appToken) == 0) { + LOG.error("Token not passed, SecurityTokenProvider contains the root app token: " + + appToken.substring(0, 10) + "..."); + throw ExceptionManager.unauthorizedException(req, + "You are not authorized. You must pass a valid D4Science token", this.getClass(), ""); + } + + String username = AuthorizationProvider.instance.get().getClient().getId(); + UserInfo userInfo = new UserInfo(username, new ArrayList<>()); + String userToken = authorizationService().generateUserToken(userInfo, scope); + String msgToken = userToken.substring(0, 10) + "_MASKED_TOKEN"; + LOG.info("returning legacy token {} for user {}", msgToken, username); + return Response.ok(userToken).build(); + } catch (Exception e) { + + if (!(e instanceof WebApplicationException)) { + // UNEXPECTED EXCEPTION managing it as WebApplicationException + String error = "Error occurred on getting legacy token. Please, contact the support!"; + if (e.getCause() != null) + error += "\n\nCaused: " + e.getCause().getMessage(); + throw ExceptionManager.internalErrorException(req, error, this.getClass(), null); + } + // ALREADY MANAGED AS WebApplicationException + LOG.error("Exception:", e); + throw (WebApplicationException) e; + } + } + +} diff --git a/src/main/webapp/WEB-INF/gcube-app.xml b/src/main/webapp/WEB-INF/gcube-app.xml index dd44721..36ba0e2 100644 --- a/src/main/webapp/WEB-INF/gcube-app.xml +++ b/src/main/webapp/WEB-INF/gcube-app.xml @@ -6,4 +6,5 @@ /analytics/create/* /knime/create/* /wekeo/gettoken/* + /goat/gettoken/* \ No newline at end of file