diff --git a/.settings/org.eclipse.wst.common.project.facet.core.prefs.xml b/.settings/org.eclipse.wst.common.project.facet.core.prefs.xml
new file mode 100644
index 0000000..cc81385
--- /dev/null
+++ b/.settings/org.eclipse.wst.common.project.facet.core.prefs.xml
@@ -0,0 +1,7 @@
+
+
+
+
+
+
+
diff --git a/.settings/org.eclipse.wst.common.project.facet.core.xml b/.settings/org.eclipse.wst.common.project.facet.core.xml
index a2e86a5..79af1c2 100644
--- a/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -5,4 +5,5 @@
+
diff --git a/src/main/java/org/gcube/portal/usersaccount/WorkspaceCreateAccountThread.java b/src/main/java/org/gcube/portal/usersaccount/WorkspaceCreateAccountThread.java
index e7bf766..0a12d77 100644
--- a/src/main/java/org/gcube/portal/usersaccount/WorkspaceCreateAccountThread.java
+++ b/src/main/java/org/gcube/portal/usersaccount/WorkspaceCreateAccountThread.java
@@ -3,10 +3,14 @@ import java.util.ArrayList;
import java.util.List;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
+import org.gcube.common.authorization.library.provider.UmaJWTProvider;
+
import static org.gcube.common.authorization.client.Constants.authorizationService;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.common.storagehub.client.dsl.StorageHubClient;
+import org.gcube.common.storagehub.model.exceptions.UserNotAuthorizedException;
+import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.vomanagement.usermanagement.RoleManager;
import org.gcube.vomanagement.usermanagement.UserManager;
import org.gcube.vomanagement.usermanagement.impl.LiferayGroupManager;
@@ -30,7 +34,9 @@ public class WorkspaceCreateAccountThread implements Runnable {
@Override
public void run() {
+
getWS(newUserUserName, "/"+PortalContext.getConfiguration().getInfrastructureName());
+
}
public static void getWS(String currentUsername, String context) {
String username = currentUsername;
@@ -38,6 +44,7 @@ public class WorkspaceCreateAccountThread implements Runnable {
SecurityTokenProvider.instance.set(authorizationToken);
ScopeProvider.instance.set(context);
String previousToken = authorizationToken;
+ String previousUMAToken = UmaJWTProvider.instance.get();
try {
//get the super user
String infraContext = "/"+PortalContext.getConfiguration().getInfrastructureName();
@@ -52,6 +59,7 @@ public class WorkspaceCreateAccountThread implements Runnable {
}
else {
GCubeUser theAdmin = users.get(0);
+ _log.debug("Using admin user: " + theAdmin.getUsername() + " to trigger ws creation for new user: " + username);
String theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, theAdmin.getUsername());
List theAdminRoles = rm.listRolesByUserAndGroup(theAdmin.getUserId(), groupId);
List rolesString = new ArrayList();
@@ -59,10 +67,27 @@ public class WorkspaceCreateAccountThread implements Runnable {
rolesString.add(gCubeRole.getRoleName());
}
authorizationService().setTokenRoles(theAdminToken, rolesString);
+ _log.debug("setTokenRoles performed on context: " + infraContext + " with token" + theAdminToken + " ("+rolesString+")");
SecurityTokenProvider.instance.set(theAdminToken);
+ OIDCUmaUtil.provideConfiguredPortalClientUMATokenInThreadLocal("/" + PortalContext.getConfiguration().getInfrastructureName());
+ _log.info("\n\n\n*** new authorizationService PortalClient UMA-Token In ThreadLocal done ****\n\n");
StorageHubClient shc = new StorageHubClient();
- shc.createUserAccount(currentUsername);
+ try {
+ shc.createUserAccount(currentUsername);
+ }
+ catch (UserNotAuthorizedException e) {
+ _log.error("shub.createUserAccount failed for "+username + " trying with super mega admin ...");
+ theAdminToken = PortalContext.getConfiguration().getCurrentUserToken(infraContext, "lucio.lelii");
+ SecurityTokenProvider.instance.set(theAdminToken);
+ shc = new StorageHubClient();
+ shc.createUserAccount(currentUsername);
+ SecurityTokenProvider.instance.set(previousToken);
+ UmaJWTProvider.instance.set(previousUMAToken);
+ _log.info("shub.createUserAccount performed for "+username + " with super mega admin (Hopefully)");
+ }
+ _log.debug("shub.createUserAccount completed for "+username);
SecurityTokenProvider.instance.set(previousToken);
+ UmaJWTProvider.instance.set(previousUMAToken);
}
}
catch (Exception e) {