Updated code for oidc-library-portal as requested at

https://support.d4science.org/issues/21346#note-14
backup_master_for_oid_lib_portal_with_access_token
Francesco Mangiacrapa 3 years ago
parent 7bc7503c8e
commit 64ae1604c6

@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file.
This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [v1.4.0] - 2021-05-10
## [v1.4.0-SNAPSHOT] - 2021-05-10
#### Enhancements

@ -12,7 +12,7 @@
<groupId>org.gcube.portlets.widgets</groupId>
<artifactId>ws-thredds-sync-widget</artifactId>
<packaging>jar</packaging>
<version>1.4.0</version>
<version>1.4.0-SNAPSHOT</version>
<name>ws-thredds-sync-widget</name>
<description>
gCube ws-thredds-sync-widget is a widget to use and interact with ws-thredds facility in order to syncronize the Workspace folders with Thredds Reporitory folders
@ -42,7 +42,7 @@
<dependency>
<groupId>org.gcube.distribution</groupId>
<artifactId>maven-portal-bom</artifactId>
<version>3.6.2</version>
<version>3.6.2-SNAPSHOT</version>
<type>pom</type>
<scope>import</scope>
</dependency>
@ -80,6 +80,11 @@
<artifactId>oidc-library-portal</artifactId>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>oidc-library</artifactId>
</dependency>
<!-- PORTAL MANAGER -->
<dependency>
<groupId>org.gcube.common.portal</groupId>

@ -8,11 +8,12 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.portal.PortalContext;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.oidc.rest.JWTToken;
import org.gcube.portal.oidc.lr62.JWTTokenUtil;
import org.gcube.portal.oidc.lr62.OIDCUmaUtil;
import org.gcube.portal.wssynclibrary.shared.ItemNotSynched;
import org.gcube.portal.wssynclibrary.shared.WorkspaceFolderLocked;
@ -28,12 +29,11 @@ import org.gcube.vomanagement.usermanagement.model.GCubeUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* The Class SyncronizeWithThredds.
*
* @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it Feb 7, 2018
* updated May, 2021
* updated May, 2021
*/
public class SyncronizeWithThredds {
@ -84,40 +84,31 @@ public class SyncronizeWithThredds {
logger.debug("Setting UMA context with target scope: " + targetScope + ", user: " + user.getUsername());
String previousUMAToken = null;
try {
previousUMAToken = UmaJWTProvider.instance.get();
previousUMAToken = AccessTokenProvider.instance.get();
JWTToken umaToken = OIDCUmaUtil.getUMAToken(httpRequest, user.getUsername(), targetScope);
setContextForUMA(umaToken.getRaw());
if (umaToken == null) {
logger.info("Uma Token is null or empty, skipping operation and returning null");
return null;
}
String subAccessToken = umaToken.getAccessTokenString().substring(0, 10);
logger.info("Going to set UMA Token: " + subAccessToken+ "-MASKED-TOKEN");
// UmaJWTProvider.instance.set(umaToken);
AccessTokenProvider.instance.set(JWTTokenUtil.getAccessTokenString(umaToken));
logger.debug("UmaJWTProvider instance set performed to : " + subAccessToken+ "-MASKED-TOKEN");
} catch (Exception e) {
logger.warn("Error on set context for UMA: ", e);
if (previousUMAToken != null) {
logger.info("Setting previous UMA Token: " + previousUMAToken.substring(0, 10) + "-MASKED-TOKEN");
setContextForUMA(previousUMAToken);
AccessTokenProvider.instance.set(previousUMAToken);
}
}
return previousUMAToken;
}
/**
* Reset context for UMA.
*
* @param umaToken the uma token
* @return the string
*/
private void setContextForUMA(String umaToken) {
logger.info("called set context for UMA");
if (umaToken == null || umaToken.isEmpty()) {
logger.info("Uma Token is null or empty, skipping operation");
return;
}
logger.info("Going to set UMA Token: " + umaToken.substring(0, 10) + "-MASKED-TOKEN");
UmaJWTProvider.instance.set(umaToken);
logger.debug("UmaJWTProvider instance set performed to : " + umaToken.substring(0, 10) + "-MASKED-TOKEN");
}
/**
* Checks if is item synched.
*
@ -140,19 +131,19 @@ public class SyncronizeWithThredds {
/**
* Gets the configuration.
*
* @param folderId the folder id
* @param loadStatus the load status. If true it loads the status by calling the
* {@link SyncEngine#check(String, boolean)} but it is time
* consuming. Otherwise it calls the
* {@link SyncEngine#getConfig(String)} without sync status
* @param folderId the folder id
* @param loadStatus the load status. If true it loads the status by calling
* the {@link SyncEngine#check(String, boolean)} but it is
* time consuming. Otherwise it calls the
* {@link SyncEngine#getConfig(String)} without sync status
* @param httpRequest the http request
* @param user the user
* @param user the user
* @return the configuration
* @throws ItemNotSynched the item not synched
* @throws Exception the exception
*/
public ThSyncFolderDescriptor getConfiguration(String folderId, boolean loadStatus, HttpServletRequest httpRequest, GCubeUser user)
throws ItemNotSynched, Exception {
public ThSyncFolderDescriptor getConfiguration(String folderId, boolean loadStatus, HttpServletRequest httpRequest,
GCubeUser user) throws ItemNotSynched, Exception {
ThSyncFolderDescriptor config = null;
String wsScope = PortalContext.getConfiguration().getCurrentScope(httpRequest);
@ -162,11 +153,11 @@ public class SyncronizeWithThredds {
String previousUmaToken = null;
String targetScope = null;
try {
setContextParameters(wsScope, wsUserToken);
if (loadStatus) {
config = workspaceThreddsSynchronizeLib.getConfiguration(folderId);
// context switch for UMA token
targetScope = config.getConfiguration().getTargetContext();
@ -174,10 +165,10 @@ public class SyncronizeWithThredds {
// context switch for gcube-token and scope
// getting token into target scope
String targetScopeUserToken = PortalContext.getConfiguration().getCurrentUserToken(targetScope,
String targetScopeUserToken = PortalContext.getConfiguration().getCurrentUserToken(targetScope,
user.getUsername());
setContextParameters(targetScope, targetScopeUserToken);
config = workspaceThreddsSynchronizeLib.checkItemSynched(folderId);
} else {
config = workspaceThreddsSynchronizeLib.getConfiguration(folderId);
@ -187,18 +178,19 @@ public class SyncronizeWithThredds {
logger.debug("WorkspaceNotSynchedException catched. The item with id: " + folderId + " is not synched");
} catch (WorkspaceFolderLocked e1) {
logger.info("The folder with id: " + folderId + " is locked");
throw new Exception("The folder with id: "+folderId +" is currently locked. Another sync process is in progress");
throw new Exception(
"The folder with id: " + folderId + " is currently locked. Another sync process is in progress");
} catch (Exception e) {
logger.error("Error on reading the configuration for id: " + folderId, e);
throw e;
} finally {
if(previousUmaToken!=null) {
if (previousUmaToken != null) {
// resetting UMA token in the WS scope
setContextForUMA(previousUmaToken);
AccessTokenProvider.instance.set(previousUmaToken);
}
if (originalScope != null && targetScope!=null && originalScope.compareTo(targetScope) != 0) {
if (originalScope != null && targetScope != null && originalScope.compareTo(targetScope) != 0) {
logger.info("Resetting the scope: " + originalScope + " which was original WS context");
ScopeProvider.instance.set(originalScope);
if (originalToken != null) {
@ -250,8 +242,10 @@ public class SyncronizeWithThredds {
} finally {
// resetting UMA token in the WS scope
setContextForUMA(previousUmaToken);
if (previousUmaToken != null) {
// resetting UMA token in the WS scope
AccessTokenProvider.instance.set(previousUmaToken);
}
if (originalScope != null && originalScope.compareTo(targetScope) != 0) {
logger.info("Resetting the scope: " + originalScope + " which was original WS context");
@ -332,13 +326,15 @@ public class SyncronizeWithThredds {
return workspaceThreddsSynchronizeLib.doSync(folderId);
} catch (Exception e) {
logger.error("Error on doSyncFolder for folderId: "+folderId, e);
logger.error("Error on doSyncFolder for folderId: " + folderId, e);
throw e;
} finally {
// resetting UMA token in the WS scope
setContextForUMA(previousUmaToken);
if (previousUmaToken != null) {
// resetting UMA token in the WS scope
AccessTokenProvider.instance.set(previousUmaToken);
}
if (originalScope != null && originalScope.compareTo(targetScope) != 0) {
logger.info("Resetting the scope: " + originalScope + " which was original WS context");
@ -408,8 +404,10 @@ public class SyncronizeWithThredds {
} finally {
// resetting UMA token in the WS scope
setContextForUMA(previousUmaToken);
if (previousUmaToken != null) {
// resetting UMA token in the WS scope
AccessTokenProvider.instance.set(previousUmaToken);
}
if (originalScope != null && originalScope.compareTo(targetScope) != 0) {
logger.info("Resetting the scope: " + originalScope + " which was original WS context");

Loading…
Cancel
Save