From 7cedebeba9e9303365d1674f7121487babd3dd0d Mon Sep 17 00:00:00 2001
From: Francesco Mangiacrapa <francesco.mangiacrapa@isti.cnr.it>
Date: Fri, 7 Dec 2018 09:41:18 +0000
Subject: [PATCH] testing new smartgear 2.1.6

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/data-transfer/uri-resolver@174650 82a268e6-3cf1-43bd-a215-b396298e98cf
---
 pom.xml                                       |  1 +
 .../resolver/requesthandler/TokenSetter.java  |  8 ++-
 .../services/AnalyticsCreateResolver.java     | 65 +++++++++++++++++--
 .../resolver/services/StorageHubResolver.java |  4 +-
 src/main/webapp/WEB-INF/gcube-app.xml         | 29 +++++----
 src/test/java/rest/TestResolvers.java         |  9 +--
 6 files changed, 92 insertions(+), 24 deletions(-)

diff --git a/pom.xml b/pom.xml
index be449db..289c817 100644
--- a/pom.xml
+++ b/pom.xml
@@ -42,6 +42,7 @@
 		<dependency>
 			<groupId>org.gcube.core</groupId>
 			<artifactId>common-smartgears</artifactId>
+			<version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version>
 		</dependency>
 
 		<dependency>
diff --git a/src/main/java/org/gcube/datatransfer/resolver/requesthandler/TokenSetter.java b/src/main/java/org/gcube/datatransfer/resolver/requesthandler/TokenSetter.java
index d962ffb..8526590 100644
--- a/src/main/java/org/gcube/datatransfer/resolver/requesthandler/TokenSetter.java
+++ b/src/main/java/org/gcube/datatransfer/resolver/requesthandler/TokenSetter.java
@@ -19,6 +19,10 @@ import org.slf4j.LoggerFactory;
 @Provider
 public class TokenSetter implements ContainerRequestFilter, ContainerResponseFilter {
 
+	public static final String ROOT_SCOPE = "root-scope";
+
+	public static final String ROOT_APP_TOKEN = "root-app-token";
+
 	private static final Logger log = LoggerFactory.getLogger(TokenSetter.class);
 
 	@Context ServletContext context;
@@ -28,10 +32,10 @@ public class TokenSetter implements ContainerRequestFilter, ContainerResponseFil
     	log.info("TokenSetter Request called");
 
     	if(SecurityTokenProvider.instance.get()==null)
-    		SecurityTokenProvider.instance.set(context.getInitParameter("root-app-token"));
+    		SecurityTokenProvider.instance.set(context.getInitParameter(ROOT_APP_TOKEN));
 
     	if(ScopeProvider.instance.get()==null)
-    		ScopeProvider.instance.set(context.getInitParameter("root-scope"));
+    		ScopeProvider.instance.set(context.getInitParameter(ROOT_SCOPE));
     }
 
 	@Override
diff --git a/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java b/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java
index c6e1ebf..db1c4a5 100644
--- a/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java
+++ b/src/main/java/org/gcube/datatransfer/resolver/services/AnalyticsCreateResolver.java
@@ -24,6 +24,7 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.xml.bind.JAXBException;
 
+import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
 import org.gcube.common.scope.api.ScopeProvider;
 import org.gcube.common.scope.impl.ScopeBean;
 import org.gcube.common.scope.impl.ScopeBean.Type;
@@ -34,6 +35,7 @@ import org.gcube.data.analysis.dminvocation.model.DataMinerInvocation;
 import org.gcube.data.analysis.dminvocation.model.DataMinerParam;
 import org.gcube.data.analysis.dminvocation.model.DataMinerParameters;
 import org.gcube.datatransfer.resolver.dataminer.DataMinerRequest;
+import org.gcube.datatransfer.resolver.requesthandler.TokenSetter;
 import org.gcube.datatransfer.resolver.services.error.ExceptionManager;
 import org.gcube.datatransfer.resolver.util.Util;
 import org.slf4j.Logger;
@@ -50,12 +52,16 @@ import org.slf4j.LoggerFactory;
 public class AnalyticsCreateResolver {
 
 
+	/**
+	 * 
+	 */
+	private static final String DATAMINER_INVOCATION_MODEL = "dim";
 	/**
 	 *
 	 */
 	private static final String UTF_8 = "UTF-8";
 	private static Logger logger = LoggerFactory.getLogger(AnalyticsCreateResolver.class);
-	private static String helpURI = "https://wiki.gcube-system.org/gcube/URI_Resolver";
+	private static String helpURI = "https://wiki.gcube-system.org/gcube/URI_Resolver#Analitycs_Resolver";
 
 	/**
 	 * Post catalogue.
@@ -73,7 +79,56 @@ public class AnalyticsCreateResolver {
 
 		logger.info("The body contains the request: "+jsonRequest.toString());
 
+		//SIMULATING SMART GEAR BEHAVIOUR - VALIDATING TOKEN
+		/*String contextToken = req.getParameter("gcube-token");
+		if(contextToken==null || contextToken.isEmpty()){
+			contextToken = req.getHeader("gcube-token");
+			logger.info("Read context token from HTTP header...");
+		}
+
+		if(contextToken==null || contextToken.isEmpty()){
+			logger.error("Context Token not passed");
+			ExceptionManager.throwUnauthorizedException(req, "You are not authorized. You must pass a gcube-token of VRE", this.getClass(), helpURI);
+		}
+
+		String scope = "";
+		try {
+			AuthorizationEntry entry = authorizationService().get(contextToken);
+			scope = entry.getContext();
+		}
+		catch (Exception e1) {
+			logger.error("Unresolved token: "+contextToken, e1);
+			ExceptionManager.throwUnauthorizedException(req, "Your token "+contextToken+" seems not valid, it is unscoped. Have you passed a valid token of VRE?", this.getClass(), helpURI);
+		}
+
+		String appToken = req.getServletContext().getInitParameter(TokenSetter.ROOT_APP_TOKEN);
+
+		if(contextToken.compareTo(appToken)==0){
+			logger.error("Token not passed, SecurityTokenProvider contains the root app token: "+appToken.substring(0,10)+"...");
+			ExceptionManager.throwUnauthorizedException(req, "You are not authorized. You must pass a token of VRE", this.getClass(), helpURI);
+		}
+
+		//TOKEN AND SCOPE SHOULD BE VALID SETTINGS THEM
+		SecurityTokenProvider.instance.set(contextToken);
+		ScopeProvider.instance.set(scope);
+
+		//END SIMULATING SMART GEAR BEHAVIOUR - VALIDATING TOKEN
+
+		*/
+
+
+		String contextToken = SecurityTokenProvider.instance.get();
 		String scope = ScopeProvider.instance.get();
+		logger.info("SecurityTokenProvider contextToken: "+contextToken);
+		logger.info("ScopeProvider scope: "+scope);
+
+		String appToken = req.getServletContext().getInitParameter(TokenSetter.ROOT_APP_TOKEN);
+
+		if(contextToken.compareTo(appToken)==0){
+			logger.error("Token not passed, SecurityTokenProvider contains the root app token: "+appToken.substring(0,10)+"...");
+			ExceptionManager.throwUnauthorizedException(req, "You are not authorized. You must pass a token of VRE", this.getClass(), helpURI);
+		}
+
 		String operatorID = jsonRequest.getOperatorId();
 
 		if(scope==null || scope.isEmpty()){
@@ -114,7 +169,7 @@ public class AnalyticsCreateResolver {
 				try {
 
 					ByteArrayOutputStream xmlByteArray = DataMinerInvocationManager.marshaling(dmInvocation, org.gcube.data.analysis.dminvocation.MediaType.ApplicationXML);
-					tempInvocationFile = createTempFile(operatorID+UUID.randomUUID(), ".xml", xmlByteArray.toByteArray());
+					tempInvocationFile = createTempFile("dataminer-invocation"+UUID.randomUUID(), ".xml", xmlByteArray.toByteArray());
 
 					//CREATE THE FILE ON STORAGE HUB
 
@@ -124,12 +179,12 @@ public class AnalyticsCreateResolver {
 					ExceptionManager.throwBadRequestException(req, "Error on creating you request with "+dmInvocation, this.getClass(), helpURI);
 				}finally{
 					//DELETING THE TEMP FILE
-//					if(tempInvocationFile!=null && tempInvocationFile.exists())
-//						tempInvocationFile.delete();
+					if(tempInvocationFile!=null && tempInvocationFile.exists())
+						tempInvocationFile.delete();
 				}
 
 
-				String dataMinerURL = String.format("%s/%s?%s=%s", dataminerResolverURL, vreName, "di", URLEncoder.encode(publicLinkToDMInvFile, UTF_8));
+				String dataMinerURL = String.format("%s/%s?%s=%s", dataminerResolverURL, vreName, DATAMINER_INVOCATION_MODEL, URLEncoder.encode(publicLinkToDMInvFile, UTF_8));
 				logger.info("Returning Analytics URL: "+dataMinerURL);
 				return Response.ok(dataMinerURL).header("Location", dataMinerURL).build();
 
diff --git a/src/main/java/org/gcube/datatransfer/resolver/services/StorageHubResolver.java b/src/main/java/org/gcube/datatransfer/resolver/services/StorageHubResolver.java
index 54744ae..06050a3 100644
--- a/src/main/java/org/gcube/datatransfer/resolver/services/StorageHubResolver.java
+++ b/src/main/java/org/gcube/datatransfer/resolver/services/StorageHubResolver.java
@@ -25,7 +25,7 @@ public class StorageHubResolver {
 
 	private static Logger logger = LoggerFactory.getLogger(StorageHubResolver.class);
 
-	private String help = "https://wiki.gcube-system.org/gcube/URI_Resolver";
+	private String help = "https://wiki.gcube-system.org/gcube/URI_Resolver#STORAGE-HUB_Resolver";
 
 	@RequestScoped
 	@PathParam(STORAGE_HUB_ID)
@@ -62,7 +62,7 @@ public class StorageHubResolver {
 	@Path("{version}")
 	public Response downloadVersion(@Context HttpServletRequest httpRequest, @PathParam("version") String version) {
 		InnerMethodName.instance.set("resolveStorageHubPublicLinkWithVersion");
-		logger.info(StorageHubResolver.class.getSimpleName() +" downloadVersion called");
+		logger.info(this.getClass().getSimpleName() +" downloadVersion called");
 		StorageHubClient shc = new StorageHubClient();
 
 		//Checking mandatory parameter id
diff --git a/src/main/webapp/WEB-INF/gcube-app.xml b/src/main/webapp/WEB-INF/gcube-app.xml
index edfdd72..ce0917f 100644
--- a/src/main/webapp/WEB-INF/gcube-app.xml
+++ b/src/main/webapp/WEB-INF/gcube-app.xml
@@ -3,15 +3,22 @@
 	<group>DataTransfer</group>
 	<version>1.0.0-SNAPSHOT</version>
 	<description>URIResolver RESTful</description>
-	<exclude handlers='request-validation context-retriever'>/smp</exclude>
-	<exclude handlers='request-validation context-retriever'>/id</exclude>
-	<exclude handlers='request-validation context-retriever'>/gis</exclude>
-	<exclude handlers='request-validation context-retriever'>/storage*</exclude>
-	<exclude handlers='request-validation context-retriever'>/ctlg*</exclude>
-	<exclude handlers='request-validation context-retriever'>/catalogue</exclude>
-	<exclude handlers='request-validation context-retriever'>/geonetwork*</exclude>
-	<exclude handlers='request-validation context-retriever'>/shub*</exclude>
-	<exclude handlers='request-validation context-retriever'>/parthenos_registry</exclude>
-	<exclude handlers='request-validation context-retriever'>/analytics/get</exclude>
-	<exclude handlers='request-validation context-retriever'>/knime/get</exclude>
+
+	<include>/analytics/create</include>
+	<include>/knime/create</include>
+
+	<!-- <exclude handlers='request-validation context-retriever'>/smp</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/id</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/gis</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/storage*</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/ctlg*</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/catalogue</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/geonetwork*</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/shub*</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/parthenos_registry</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/analytics/get</exclude> -->
+	<!-- <exclude handlers='request-validation context-retriever'>/knime/get</exclude> -->
+
+	<!-- <exclude handlers='request-validation context-retriever'>/*</exclude> -->
+
 </application>
\ No newline at end of file
diff --git a/src/test/java/rest/TestResolvers.java b/src/test/java/rest/TestResolvers.java
index 08c2fe1..6518bdb 100644
--- a/src/test/java/rest/TestResolvers.java
+++ b/src/test/java/rest/TestResolvers.java
@@ -19,6 +19,7 @@ import org.apache.commons.io.FilenameUtils;
 import org.apache.commons.io.IOUtils;
 import org.apache.http.HttpStatus;
 import org.gcube.datatransfer.resolver.util.HTTPCallsUtils;
+import org.junit.Test;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -85,11 +86,11 @@ public class TestResolvers {
 	 *
 	 * @throws Exception the exception
 	 */
-	//@Test
+	@Test
 	public void testStorageID() throws Exception{
 
 		String storageID = "clZ2YmxTYytETzVLaHkwMjM3TmVETTFMb256YVRMS3lHbWJQNStIS0N6Yz0";
-		String url = String.format("%s/%s",URI_RESOLVER_SERVICE_ENDPOINT,storageID);
+		String url = String.format("%s/storage/%s",URI_RESOLVER_SERVICE_ENDPOINT,storageID);
 		logger.info("Request to URL: "+url);
 		URL toURL;
 		int status;
@@ -129,11 +130,11 @@ public class TestResolvers {
 	 *
 	 * @throws Exception the exception
 	 */
-	//@Test
+	@Test
 	public void testStorageIDdoHEAD() throws Exception{
 
 		String storageID = "clZ2YmxTYytETzVLaHkwMjM3TmVETTFMb256YVRMS3lHbWJQNStIS0N6Yz0";
-		String url = String.format("%s/%s",URI_RESOLVER_SERVICE_ENDPOINT,storageID);
+		String url = String.format("%s/storage/%s",URI_RESOLVER_SERVICE_ENDPOINT,storageID);
 		logger.info("Request to URL: "+url);
 		URL toURL;
 		int status;