[Feature #5052] Added code to encrypt folderID by StringEncrypter and then decode it in Base64 to provide a safe-url

git-svn-id: http://svn.d4science-ii.research-infrastructures.eu/gcube/trunk/portlets/user/workspace-tree-widget@131475 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Francesco Mangiacrapa 2016-09-19 10:17:33 +00:00
parent 36858068dc
commit fc95a2fad8
4 changed files with 201 additions and 33 deletions

View File

@ -188,6 +188,12 @@
<!-- <version>3.1</version> -->
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>

View File

@ -16,6 +16,7 @@ import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.gcube.application.framework.core.session.ASLSession;
import org.gcube.common.encryption.StringEncrypter;
import org.gcube.common.homelibary.model.items.type.FolderItemType;
import org.gcube.common.homelibary.model.items.type.WorkspaceItemType;
import org.gcube.common.homelibrary.home.Home;
@ -68,6 +69,7 @@ import org.gcube.portlets.user.workspace.server.reader.ApplicationProfileReader;
import org.gcube.portlets.user.workspace.server.resolver.UriResolverReaderParameterForResolverIndex;
import org.gcube.portlets.user.workspace.server.util.AclTypeComparator;
import org.gcube.portlets.user.workspace.server.util.DifferenceBetweenInfoContactModel;
import org.gcube.portlets.user.workspace.server.util.StringUtil;
import org.gcube.portlets.user.workspace.server.util.UserUtil;
import org.gcube.portlets.user.workspace.server.util.WsUtil;
import org.gcube.portlets.user.workspace.server.util.resource.PropertySpecialFolderReader;
@ -3565,8 +3567,13 @@ public class GWTWorkspaceServiceImpl extends RemoteServiceServlet implements GWT
workspaceLogger.info("HL returning folder link id: "+folderId);
ApplicationProfileReader apReader = new ApplicationProfileReader("Workspace-Explorer-App", "org.gcube.portlets.user.workspaceexplorerapp.server.WorkspaceExplorerAppServiceImpl");
ApplicationProfile ap = apReader.readProfileFromInfrastrucure();
String encriptedFId = StringEncrypter.getEncrypter().encrypt(folderId);
workspaceLogger.info("Encrypted folder Id: "+encriptedFId);
String encodedFId = StringUtil.base64EncodeStringURLSafe(encriptedFId);
workspaceLogger.info("Encoded in Base 64: "+encodedFId);
workspaceLogger.info("Application profile returning url: "+ap.getUrl());
String folderLink = ap.getUrl()+"?folderId="+folderId;
String folderLink = ap.getUrl()+"?folderId="+encodedFId;
String shortURL = null;
try{
shortURL = getShortUrl(folderLink);

View File

@ -1,41 +1,118 @@
/**
*
*/
package org.gcube.portlets.user.workspace.server.util;
/**
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
* @Jul 9, 2013
*
*/
public class StringUtil {
public static String regx = ",@+^'?!\"%&$£/#()";
package org.gcube.portlets.user.workspace.server.util;
import java.io.UnsupportedEncodingException;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/**
* The Class StringUtil.
*
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
* @Jul 9, 2013
*/
public class StringUtil {
/** The Constant UTF_8. */
public static final String UTF_8 = "UTF-8";
public static String regx = ",@+^'?!\"%&$£/#()";
protected static Logger logger = Logger.getLogger(StringUtil.class);
/**
* Removes the special characters.
*
* @param input
* the input
* @return the string
*/
public static String removeSpecialCharacters(String input) {
char[] ca = regx.toCharArray();
for (char c : ca) {
input = input.replace(""+c, "");
}
return input;
}
public static void main(String[] args) {
String input = "Just to clarify, Iì13ì? will have strings of varying "
+ "lengths. I want to strip characters from it, the exact "
+ "ones to be determined at !\"%&$£/ runtime, and return the "
+ "resulting string...";
input = removeSpecialCharacters(input);
System.out.println(input);
System.out.println(replaceAllWhiteSpace(input, "_"));
}
public static String replaceAllWhiteSpace(String input, String replacement){
return input.replaceAll("\\s",replacement);
char[] ca = regx.toCharArray();
for (char c : ca) {
input = input.replace("" + c, "");
}
return input;
}
/**
* Replace all white space.
*
* @param input
* the input
* @param replacement
* the replacement
* @return the string
*/
public static String replaceAllWhiteSpace(String input, String replacement) {
return input.replaceAll("\\s", replacement);
}
/**
* Base64 decode string.
*
* @param s the s
* @return the string
*/
public static String base64DecodeString(String s) {
try {
return new String(Base64.decodeBase64(s.getBytes(UTF_8)));
}
catch (UnsupportedEncodingException e) {
logger.error("Failed to decode the String", e);
logger.error("Returning input string: " + s);
return s;
}
}
/**
* Base64 encode string url safe.
*
* @param s the s
* @return the string
*/
public static String base64EncodeStringURLSafe(String s) {
try {
return Base64.encodeBase64URLSafeString(s.getBytes(UTF_8));
}
catch (UnsupportedEncodingException e) {
logger.error("Failed to decode the String", e);
logger.error("Returning input string: " + s);
return s;
}
}
/**
* Base64 encode string.
*
* @param s the s
* @return the string
*/
public static String base64EncodeString(String s) {
try {
return new String(Base64.encodeBase64(s.getBytes(UTF_8)));
}
catch (UnsupportedEncodingException e) {
logger.error("Failed to encode the String", e);
logger.error("Returning input string: " + s);
return s;
}
}
/*
* public static void main(String[] args) { String input =
* "Just to clarify, Iì13ì? will have strings of varying " +
* "lengths. I want to strip characters from it, the exact " +
* "ones to be determined at !\"%&$£/ runtime, and return the " +
* "resulting string..."; input = removeSpecialCharacters(input);
* System.out.println(input); System.out.println(replaceAllWhiteSpace(input,
* "_")); }
*/
}

View File

@ -0,0 +1,78 @@
/**
*
*/
package org.gcube.portlets.user.workspace;
import org.gcube.common.encryption.StringEncrypter;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.portlets.user.workspace.server.util.StringUtil;
/**
* The Class TestEncodeDecodeBase64.
*
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it
* Sep 19, 2016
*/
public class TestEncodeDecodeBase64 {
static final String SCOPE = "/gcube";
// static String folderId = "e7b6bc31-8c35-4398-a7fd-492e391e17d2";
static String folderId = "ce4866ee-8079-4acf-bcd6-1c9dd786eb73";
static String encrypted="";
static String encoded = "";
static String decoded = "";
static String decrypted = "";
/**
* The main method.
*
* @param args the arguments
*/
public static void main(String[] args) {
try {
ScopeProvider.instance.set(SCOPE);
System.out.println("Folder Id: "+folderId);
encode();
decode();
if(decrypted.compareTo(folderId)==0)
System.out.println("Encrypt/Decript works!");
else
System.out.println("Encrypt/Decript doesn't work!");
}
catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
/**
* Encode.
*
* @throws Exception the exception
*/
private static void encode() throws Exception {
encrypted = StringEncrypter.getEncrypter().encrypt(folderId);
System.out.println("Encrypted folder Id: "+encrypted);
encoded = StringUtil.base64EncodeStringURLSafe(encrypted);
System.out.println("Encoded folder Id: "+encoded);
}
/**
* Decode.
*
* @throws Exception the exception
*/
private static void decode() throws Exception {
decoded = StringUtil.base64DecodeString(encoded);
System.out.println("Decoded folder Id: "+decoded);
decrypted = StringEncrypter.getEncrypter().decrypt(decoded);
System.out.println("Decrypted folder Id: "+decrypted);
}
}