|
|
|
@ -1,12 +1,14 @@
|
|
|
|
|
package org.gcube.usecases.ws.thredds.engine.impl.security;
|
|
|
|
|
|
|
|
|
|
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
|
|
|
|
import org.gcube.common.authorization.library.AuthorizationEntry;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.ClientInfo;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
|
|
|
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
|
|
|
|
|
import org.gcube.common.scope.api.ScopeProvider;
|
|
|
|
|
import org.gcube.usecases.ws.thredds.model.SynchFolderConfiguration;
|
|
|
|
|
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
|
|
|
|
|
|
|
|
|
import lombok.extern.slf4j.Slf4j;
|
|
|
|
|
|
|
|
|
@ -35,12 +37,21 @@ public class Security {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public static void set(User toSet) {
|
|
|
|
|
//cleanup everything
|
|
|
|
|
resetUser();
|
|
|
|
|
log.debug("Setting User {} ",toSet);
|
|
|
|
|
if(toSet.getUma_token()!=null)UmaJWTProvider.instance.set(toSet.getUma_token());
|
|
|
|
|
if(toSet.getGcube_token()!=null)SecurityTokenProvider.instance.set(toSet.getGcube_token());
|
|
|
|
|
if(ScopeProvider.instance.get()==null)ScopeProvider.instance.set(toSet.getContext());
|
|
|
|
|
if(toSet.getContext()!=null)ScopeProvider.instance.set(toSet.getContext());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public static void resetUser(){
|
|
|
|
|
log.debug("Resetting user");
|
|
|
|
|
SecurityTokenProvider.instance.reset();
|
|
|
|
|
UmaJWTProvider.instance.reset();
|
|
|
|
|
ScopeProvider.instance.reset();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public static void checkOperator(SynchFolderConfiguration config) throws SecurityException{
|
|
|
|
|
User current=getCurrent();
|
|
|
|
|
log.debug("Checking if current user {} can synch {} ",getCurrent(), config);
|
|
|
|
@ -61,10 +72,9 @@ public class Security {
|
|
|
|
|
log.debug("Checking context of gcube-token {}...",token.substring(0,6));
|
|
|
|
|
User caller=getCurrent();
|
|
|
|
|
try {
|
|
|
|
|
SecurityTokenProvider.instance.reset();
|
|
|
|
|
UmaJWTProvider.instance.reset();
|
|
|
|
|
SecurityTokenProvider.instance.set(token);
|
|
|
|
|
return ScopeProvider.instance.get();
|
|
|
|
|
resetUser();
|
|
|
|
|
AuthorizationEntry entry = authorizationService().get(token);
|
|
|
|
|
return entry.getContext();
|
|
|
|
|
}finally {
|
|
|
|
|
log.debug("Resetting user "+caller);
|
|
|
|
|
set(caller);
|
|
|
|
|