commit
2bec681fe3
|
@ -5,6 +5,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
|
|||
## [v1.0.0]
|
||||
Integration with new IAM
|
||||
Security Fixes
|
||||
Fixes [#21537]
|
||||
|
||||
|
||||
## [v0.2.5]
|
||||
|
|
4
pom.xml
4
pom.xml
|
@ -51,6 +51,10 @@
|
|||
<artifactId>storagehub-client-library</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>authorization-client</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.data.transfer</groupId>
|
||||
|
|
|
@ -1,12 +1,14 @@
|
|||
package org.gcube.usecases.ws.thredds.engine.impl.security;
|
||||
|
||||
import org.gcube.common.authorization.client.exceptions.ObjectNotFound;
|
||||
import org.gcube.common.authorization.library.AuthorizationEntry;
|
||||
import org.gcube.common.authorization.library.provider.AuthorizationProvider;
|
||||
import org.gcube.common.authorization.library.provider.ClientInfo;
|
||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
||||
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
|
||||
import org.gcube.common.scope.api.ScopeProvider;
|
||||
import org.gcube.usecases.ws.thredds.model.SynchFolderConfiguration;
|
||||
import static org.gcube.common.authorization.client.Constants.authorizationService;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
|
@ -35,12 +37,21 @@ public class Security {
|
|||
|
||||
|
||||
public static void set(User toSet) {
|
||||
//cleanup everything
|
||||
resetUser();
|
||||
log.debug("Setting User {} ",toSet);
|
||||
if(toSet.getUma_token()!=null)UmaJWTProvider.instance.set(toSet.getUma_token());
|
||||
if(toSet.getGcube_token()!=null)SecurityTokenProvider.instance.set(toSet.getGcube_token());
|
||||
if(ScopeProvider.instance.get()==null)ScopeProvider.instance.set(toSet.getContext());
|
||||
if(toSet.getContext()!=null)ScopeProvider.instance.set(toSet.getContext());
|
||||
}
|
||||
|
||||
|
||||
public static void resetUser(){
|
||||
log.debug("Resetting user");
|
||||
SecurityTokenProvider.instance.reset();
|
||||
UmaJWTProvider.instance.reset();
|
||||
ScopeProvider.instance.reset();
|
||||
}
|
||||
|
||||
public static void checkOperator(SynchFolderConfiguration config) throws SecurityException{
|
||||
User current=getCurrent();
|
||||
log.debug("Checking if current user {} can synch {} ",getCurrent(), config);
|
||||
|
@ -61,10 +72,9 @@ public class Security {
|
|||
log.debug("Checking context of gcube-token {}...",token.substring(0,6));
|
||||
User caller=getCurrent();
|
||||
try {
|
||||
SecurityTokenProvider.instance.reset();
|
||||
UmaJWTProvider.instance.reset();
|
||||
SecurityTokenProvider.instance.set(token);
|
||||
return ScopeProvider.instance.get();
|
||||
resetUser();
|
||||
AuthorizationEntry entry = authorizationService().get(token);
|
||||
return entry.getContext();
|
||||
}finally {
|
||||
log.debug("Resetting user "+caller);
|
||||
set(caller);
|
||||
|
|
Loading…
Reference in New Issue