@ -8,11 +8,12 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest ;
import org.gcube.common.authorization.library.provider.AccessTokenProvider ;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider ;
import org.gcube.common.authorization.library.provider.UmaJWTProvider ;
import org.gcube.common.portal.PortalContext ;
import org.gcube.common.scope.api.ScopeProvider ;
import org.gcube.oidc.rest.JWTToken ;
import org.gcube.portal.oidc.lr62.JWTTokenUtil ;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil ;
import org.gcube.portal.wssynclibrary.shared.ItemNotSynched ;
import org.gcube.portal.wssynclibrary.shared.WorkspaceFolderLocked ;
@ -28,12 +29,11 @@ import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.slf4j.Logger ;
import org.slf4j.LoggerFactory ;
/ * *
* The Class SyncronizeWithThredds .
*
* @author Francesco Mangiacrapa francesco . mangiacrapa @isti.cnr.it Feb 7 , 2018
* updated May , 2021
* updated May , 2021
* /
public class SyncronizeWithThredds {
@ -84,40 +84,31 @@ public class SyncronizeWithThredds {
logger . debug ( "Setting UMA context with target scope: " + targetScope + ", user: " + user . getUsername ( ) ) ;
String previousUMAToken = null ;
try {
previousUMAToken = UmaJWT Provider. instance . get ( ) ;
previousUMAToken = AccessToken Provider. instance . get ( ) ;
JWTToken umaToken = OIDCUmaUtil . getUMAToken ( httpRequest , user . getUsername ( ) , targetScope ) ;
setContextForUMA ( umaToken . getRaw ( ) ) ;
if ( umaToken = = null ) {
logger . info ( "Uma Token is null or empty, skipping operation and returning null" ) ;
return null ;
}
String subAccessToken = umaToken . getAccessTokenString ( ) . substring ( 0 , 10 ) ;
logger . info ( "Going to set UMA Token: " + subAccessToken + "-MASKED-TOKEN" ) ;
// UmaJWTProvider.instance.set(umaToken);
AccessTokenProvider . instance . set ( JWTTokenUtil . getAccessTokenString ( umaToken ) ) ;
logger . debug ( "UmaJWTProvider instance set performed to : " + subAccessToken + "-MASKED-TOKEN" ) ;
} catch ( Exception e ) {
logger . warn ( "Error on set context for UMA: " , e ) ;
if ( previousUMAToken ! = null ) {
logger . info ( "Setting previous UMA Token: " + previousUMAToken . substring ( 0 , 10 ) + "-MASKED-TOKEN" ) ;
setContextForUMA ( previousUMAToken ) ;
AccessTokenProvider. instance . set ( previousUMAToken ) ;
}
}
return previousUMAToken ;
}
/ * *
* Reset context for UMA .
*
* @param umaToken the uma token
* @return the string
* /
private void setContextForUMA ( String umaToken ) {
logger . info ( "called set context for UMA" ) ;
if ( umaToken = = null | | umaToken . isEmpty ( ) ) {
logger . info ( "Uma Token is null or empty, skipping operation" ) ;
return ;
}
logger . info ( "Going to set UMA Token: " + umaToken . substring ( 0 , 10 ) + "-MASKED-TOKEN" ) ;
UmaJWTProvider . instance . set ( umaToken ) ;
logger . debug ( "UmaJWTProvider instance set performed to : " + umaToken . substring ( 0 , 10 ) + "-MASKED-TOKEN" ) ;
}
/ * *
* Checks if is item synched .
*
@ -140,19 +131,19 @@ public class SyncronizeWithThredds {
/ * *
* Gets the configuration .
*
* @param folderId the folder id
* @param loadStatus the load status . If true it loads the status by calling the
* { @link SyncEngine # check ( String , boolean ) } but it is time
* consuming . Otherwise it calls the
* { @link SyncEngine # getConfig ( String ) } without sync status
* @param folderId the folder id
* @param loadStatus the load status . If true it loads the status by calling
* the { @link SyncEngine # check ( String , boolean ) } but it is
* time consuming . Otherwise it calls the
* { @link SyncEngine # getConfig ( String ) } without sync status
* @param httpRequest the http request
* @param user the user
* @param user the user
* @return the configuration
* @throws ItemNotSynched the item not synched
* @throws Exception the exception
* /
public ThSyncFolderDescriptor getConfiguration ( String folderId , boolean loadStatus , HttpServletRequest httpRequest , GCubeUser user )
throws ItemNotSynched , Exception {
public ThSyncFolderDescriptor getConfiguration ( String folderId , boolean loadStatus , HttpServletRequest httpRequest ,
GCubeUser user ) throws ItemNotSynched , Exception {
ThSyncFolderDescriptor config = null ;
String wsScope = PortalContext . getConfiguration ( ) . getCurrentScope ( httpRequest ) ;
@ -162,11 +153,11 @@ public class SyncronizeWithThredds {
String previousUmaToken = null ;
String targetScope = null ;
try {
setContextParameters ( wsScope , wsUserToken ) ;
if ( loadStatus ) {
config = workspaceThreddsSynchronizeLib . getConfiguration ( folderId ) ;
// context switch for UMA token
targetScope = config . getConfiguration ( ) . getTargetContext ( ) ;
@ -174,10 +165,10 @@ public class SyncronizeWithThredds {
// context switch for gcube-token and scope
// getting token into target scope
String targetScopeUserToken = PortalContext . getConfiguration ( ) . getCurrentUserToken ( targetScope ,
String targetScopeUserToken = PortalContext . getConfiguration ( ) . getCurrentUserToken ( targetScope ,
user . getUsername ( ) ) ;
setContextParameters ( targetScope , targetScopeUserToken ) ;
config = workspaceThreddsSynchronizeLib . checkItemSynched ( folderId ) ;
} else {
config = workspaceThreddsSynchronizeLib . getConfiguration ( folderId ) ;
@ -187,18 +178,19 @@ public class SyncronizeWithThredds {
logger . debug ( "WorkspaceNotSynchedException catched. The item with id: " + folderId + " is not synched" ) ;
} catch ( WorkspaceFolderLocked e1 ) {
logger . info ( "The folder with id: " + folderId + " is locked" ) ;
throw new Exception ( "The folder with id: " + folderId + " is currently locked. Another sync process is in progress" ) ;
throw new Exception (
"The folder with id: " + folderId + " is currently locked. Another sync process is in progress" ) ;
} catch ( Exception e ) {
logger . error ( "Error on reading the configuration for id: " + folderId , e ) ;
throw e ;
} finally {
if ( previousUmaToken ! = null ) {
if ( previousUmaToken ! = null ) {
// resetting UMA token in the WS scope
setContextForUMA ( previousUmaToken ) ;
AccessTokenProvider. instance . set ( previousUmaToken ) ;
}
if ( originalScope ! = null & & targetScope ! = null & & originalScope . compareTo ( targetScope ) ! = 0 ) {
if ( originalScope ! = null & & targetScope ! = null & & originalScope . compareTo ( targetScope ) ! = 0 ) {
logger . info ( "Resetting the scope: " + originalScope + " which was original WS context" ) ;
ScopeProvider . instance . set ( originalScope ) ;
if ( originalToken ! = null ) {
@ -250,8 +242,10 @@ public class SyncronizeWithThredds {
} finally {
// resetting UMA token in the WS scope
setContextForUMA ( previousUmaToken ) ;
if ( previousUmaToken ! = null ) {
// resetting UMA token in the WS scope
AccessTokenProvider . instance . set ( previousUmaToken ) ;
}
if ( originalScope ! = null & & originalScope . compareTo ( targetScope ) ! = 0 ) {
logger . info ( "Resetting the scope: " + originalScope + " which was original WS context" ) ;
@ -332,13 +326,15 @@ public class SyncronizeWithThredds {
return workspaceThreddsSynchronizeLib . doSync ( folderId ) ;
} catch ( Exception e ) {
logger . error ( "Error on doSyncFolder for folderId: " + folderId , e ) ;
logger . error ( "Error on doSyncFolder for folderId: " + folderId , e ) ;
throw e ;
} finally {
// resetting UMA token in the WS scope
setContextForUMA ( previousUmaToken ) ;
if ( previousUmaToken ! = null ) {
// resetting UMA token in the WS scope
AccessTokenProvider . instance . set ( previousUmaToken ) ;
}
if ( originalScope ! = null & & originalScope . compareTo ( targetScope ) ! = 0 ) {
logger . info ( "Resetting the scope: " + originalScope + " which was original WS context" ) ;
@ -408,8 +404,10 @@ public class SyncronizeWithThredds {
} finally {
// resetting UMA token in the WS scope
setContextForUMA ( previousUmaToken ) ;
if ( previousUmaToken ! = null ) {
// resetting UMA token in the WS scope
AccessTokenProvider . instance . set ( previousUmaToken ) ;
}
if ( originalScope ! = null & & originalScope . compareTo ( targetScope ) ! = 0 ) {
logger . info ( "Resetting the scope: " + originalScope + " which was original WS context" ) ;