From e5ff5c2f24b065df9fb4ca126abcd96c4db8185d Mon Sep 17 00:00:00 2001 From: "francesco.mangiacrapa" Date: Thu, 27 May 2021 14:22:03 +0200 Subject: [PATCH] reverted to previous oidc-library-portal (1.3.0-SNAPSHOT) as requested at #21346#note-19 --- CHANGELOG.md | 2 +- .../server/SyncronizeWithThredds.java | 96 ++++++++++--------- 2 files changed, 50 insertions(+), 48 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7ee7a17..820112a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm #### Enhancements [#21379] Moved to new ws-synchronized-module-library (based on w-thredds 1.x) and performed UMA tokens "context switches" -[#21444] Moved to maven-portal-bom >= 3.6.2-SNAPSHOT +[#21444] Moved to maven-portal-bom 3.6.2 ## [v1.3.0] - 2021-03-17 diff --git a/src/main/java/org/gcube/portlets/widgets/wsthreddssync/server/SyncronizeWithThredds.java b/src/main/java/org/gcube/portlets/widgets/wsthreddssync/server/SyncronizeWithThredds.java index a6d9da0..590f738 100644 --- a/src/main/java/org/gcube/portlets/widgets/wsthreddssync/server/SyncronizeWithThredds.java +++ b/src/main/java/org/gcube/portlets/widgets/wsthreddssync/server/SyncronizeWithThredds.java @@ -8,12 +8,11 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; -import org.gcube.common.authorization.library.provider.AccessTokenProvider; import org.gcube.common.authorization.library.provider.SecurityTokenProvider; +import org.gcube.common.authorization.library.provider.UmaJWTProvider; import org.gcube.common.portal.PortalContext; import org.gcube.common.scope.api.ScopeProvider; import org.gcube.oidc.rest.JWTToken; -import org.gcube.portal.oidc.lr62.JWTTokenUtil; import org.gcube.portal.oidc.lr62.OIDCUmaUtil; import org.gcube.portal.wssynclibrary.shared.ItemNotSynched; import org.gcube.portal.wssynclibrary.shared.WorkspaceFolderLocked; @@ -29,11 +28,12 @@ import org.gcube.vomanagement.usermanagement.model.GCubeUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; + /** * The Class SyncronizeWithThredds. * * @author Francesco Mangiacrapa francesco.mangiacrapa@isti.cnr.it Feb 7, 2018 - * updated May, 2021 + * updated May, 2021 */ public class SyncronizeWithThredds { @@ -84,31 +84,40 @@ public class SyncronizeWithThredds { logger.debug("Setting UMA context with target scope: " + targetScope + ", user: " + user.getUsername()); String previousUMAToken = null; try { - previousUMAToken = AccessTokenProvider.instance.get(); + previousUMAToken = UmaJWTProvider.instance.get(); JWTToken umaToken = OIDCUmaUtil.getUMAToken(httpRequest, user.getUsername(), targetScope); - - if (umaToken == null) { - logger.info("Uma Token is null or empty, skipping operation and returning null"); - return null; - } - - String subAccessToken = umaToken.getAccessTokenString().substring(0, 10); - logger.info("Going to set UMA Token: " + subAccessToken+ "-MASKED-TOKEN"); - // UmaJWTProvider.instance.set(umaToken); - AccessTokenProvider.instance.set(JWTTokenUtil.getAccessTokenString(umaToken)); - logger.debug("UmaJWTProvider instance set performed to : " + subAccessToken+ "-MASKED-TOKEN"); - + setContextForUMA(umaToken.getRaw()); } catch (Exception e) { logger.warn("Error on set context for UMA: ", e); if (previousUMAToken != null) { logger.info("Setting previous UMA Token: " + previousUMAToken.substring(0, 10) + "-MASKED-TOKEN"); - AccessTokenProvider.instance.set(previousUMAToken); + setContextForUMA(previousUMAToken); } } return previousUMAToken; } + /** + * Reset context for UMA. + * + * @param umaToken the uma token + * @return the string + */ + private void setContextForUMA(String umaToken) { + logger.info("called set context for UMA"); + + if (umaToken == null || umaToken.isEmpty()) { + logger.info("Uma Token is null or empty, skipping operation"); + return; + } + + logger.info("Going to set UMA Token: " + umaToken.substring(0, 10) + "-MASKED-TOKEN"); + UmaJWTProvider.instance.set(umaToken); + logger.debug("UmaJWTProvider instance set performed to : " + umaToken.substring(0, 10) + "-MASKED-TOKEN"); + + } + /** * Checks if is item synched. * @@ -131,19 +140,19 @@ public class SyncronizeWithThredds { /** * Gets the configuration. * - * @param folderId the folder id - * @param loadStatus the load status. If true it loads the status by calling - * the {@link SyncEngine#check(String, boolean)} but it is - * time consuming. Otherwise it calls the - * {@link SyncEngine#getConfig(String)} without sync status + * @param folderId the folder id + * @param loadStatus the load status. If true it loads the status by calling the + * {@link SyncEngine#check(String, boolean)} but it is time + * consuming. Otherwise it calls the + * {@link SyncEngine#getConfig(String)} without sync status * @param httpRequest the http request - * @param user the user + * @param user the user * @return the configuration * @throws ItemNotSynched the item not synched * @throws Exception the exception */ - public ThSyncFolderDescriptor getConfiguration(String folderId, boolean loadStatus, HttpServletRequest httpRequest, - GCubeUser user) throws ItemNotSynched, Exception { + public ThSyncFolderDescriptor getConfiguration(String folderId, boolean loadStatus, HttpServletRequest httpRequest, GCubeUser user) + throws ItemNotSynched, Exception { ThSyncFolderDescriptor config = null; String wsScope = PortalContext.getConfiguration().getCurrentScope(httpRequest); @@ -153,11 +162,11 @@ public class SyncronizeWithThredds { String previousUmaToken = null; String targetScope = null; try { - + setContextParameters(wsScope, wsUserToken); if (loadStatus) { - + config = workspaceThreddsSynchronizeLib.getConfiguration(folderId); // context switch for UMA token targetScope = config.getConfiguration().getTargetContext(); @@ -165,10 +174,10 @@ public class SyncronizeWithThredds { // context switch for gcube-token and scope // getting token into target scope - String targetScopeUserToken = PortalContext.getConfiguration().getCurrentUserToken(targetScope, + String targetScopeUserToken = PortalContext.getConfiguration().getCurrentUserToken(targetScope, user.getUsername()); setContextParameters(targetScope, targetScopeUserToken); - + config = workspaceThreddsSynchronizeLib.checkItemSynched(folderId); } else { config = workspaceThreddsSynchronizeLib.getConfiguration(folderId); @@ -178,19 +187,18 @@ public class SyncronizeWithThredds { logger.debug("WorkspaceNotSynchedException catched. The item with id: " + folderId + " is not synched"); } catch (WorkspaceFolderLocked e1) { logger.info("The folder with id: " + folderId + " is locked"); - throw new Exception( - "The folder with id: " + folderId + " is currently locked. Another sync process is in progress"); + throw new Exception("The folder with id: "+folderId +" is currently locked. Another sync process is in progress"); } catch (Exception e) { logger.error("Error on reading the configuration for id: " + folderId, e); throw e; } finally { - if (previousUmaToken != null) { + if(previousUmaToken!=null) { // resetting UMA token in the WS scope - AccessTokenProvider.instance.set(previousUmaToken); + setContextForUMA(previousUmaToken); } - if (originalScope != null && targetScope != null && originalScope.compareTo(targetScope) != 0) { + if (originalScope != null && targetScope!=null && originalScope.compareTo(targetScope) != 0) { logger.info("Resetting the scope: " + originalScope + " which was original WS context"); ScopeProvider.instance.set(originalScope); if (originalToken != null) { @@ -242,10 +250,8 @@ public class SyncronizeWithThredds { } finally { - if (previousUmaToken != null) { - // resetting UMA token in the WS scope - AccessTokenProvider.instance.set(previousUmaToken); - } + // resetting UMA token in the WS scope + setContextForUMA(previousUmaToken); if (originalScope != null && originalScope.compareTo(targetScope) != 0) { logger.info("Resetting the scope: " + originalScope + " which was original WS context"); @@ -326,15 +332,13 @@ public class SyncronizeWithThredds { return workspaceThreddsSynchronizeLib.doSync(folderId); } catch (Exception e) { - logger.error("Error on doSyncFolder for folderId: " + folderId, e); + logger.error("Error on doSyncFolder for folderId: "+folderId, e); throw e; } finally { - if (previousUmaToken != null) { - // resetting UMA token in the WS scope - AccessTokenProvider.instance.set(previousUmaToken); - } + // resetting UMA token in the WS scope + setContextForUMA(previousUmaToken); if (originalScope != null && originalScope.compareTo(targetScope) != 0) { logger.info("Resetting the scope: " + originalScope + " which was original WS context"); @@ -404,10 +408,8 @@ public class SyncronizeWithThredds { } finally { - if (previousUmaToken != null) { - // resetting UMA token in the WS scope - AccessTokenProvider.instance.set(previousUmaToken); - } + // resetting UMA token in the WS scope + setContextForUMA(previousUmaToken); if (originalScope != null && originalScope.compareTo(targetScope) != 0) { logger.info("Resetting the scope: " + originalScope + " which was original WS context");