m.lettere
/
common-smartgears
forked from gCubeSystem/common-smartgears-legacy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

release 4.14 

git-svn-id: https://svn.d4science-ii.research-infrastructures.eu/gcube/branches/common/common-smartgears/2.1@178916 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Lucio Lelii 2019-04-08 14:47:08 +00:00
parent e78c8ee6ce
commit f637903677
2 changed files with 23 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/org/gcube/smartgears/Constants.java
View File

@ -168,6 +168,12 @@ public class Constants {
*/ */
public static final String token_header="gcube-token"; public static final String token_header="gcube-token";
/**
* The name of the oauth secret parameter
*/
public static final String oauth_secret="client_secret";
/** /**
* The event for token registration for app. * The event for token registration for app.
*/ */

38
src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java
View File

@ -1,6 +1,7 @@
package org.gcube.smartgears.handlers.application.request; package org.gcube.smartgears.handlers.application.request;
import static org.gcube.common.authorization.client.Constants.authorizationService; import static org.gcube.common.authorization.client.Constants.authorizationService;
import static org.gcube.smartgears.Constants.oauth_secret;
import static org.gcube.smartgears.Constants.scope_header; import static org.gcube.smartgears.Constants.scope_header;
import static org.gcube.smartgears.Constants.token_header; import static org.gcube.smartgears.Constants.token_header;
import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error; import static org.gcube.smartgears.handlers.application.request.RequestError.internal_server_error;
@ -26,11 +27,8 @@ import org.slf4j.LoggerFactory;
public class RequestContextRetriever extends RequestHandler { public class RequestContextRetriever extends RequestHandler {
private static Logger log = LoggerFactory.getLogger(RequestContextRetriever.class); private static Logger log = LoggerFactory.getLogger(RequestContextRetriever.class);
private static final String BEARER_AUTH_PREFIX ="Bearer";
private static final String BASIC_AUTH_PREFIX ="Basic";
@Override @Override
public String getName() { public String getName() {
return Constants.request_context_retriever; return Constants.request_context_retriever;
@ -40,27 +38,25 @@ public class RequestContextRetriever extends RequestHandler {
public void handleRequest(RequestEvent call) { public void handleRequest(RequestEvent call) {
String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header); String token = call.request().getParameter(token_header)==null? call.request().getHeader(token_header):call.request().getParameter(token_header);
String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header); String scope = call.request().getParameter(scope_header)==null? call.request().getHeader(scope_header):call.request().getParameter(scope_header);
if (token==null && call.request().getHeader(Constants.authorization_header)!=null){ if (token==null && call.request().getHeader(Constants.authorization_header)!=null){
String basicAuthorization = call.request().getHeader(Constants.authorization_header);
String authorization = call.request().getHeader(Constants.authorization_header); String base64Credentials = basicAuthorization.substring("Basic".length()).trim();
String credentials = new String(DatatypeConverter.parseBase64Binary(base64Credentials));
if (authorization.contains(BASIC_AUTH_PREFIX)) { // credentials = username:password
String base64Credentials = authorization.substring(BASIC_AUTH_PREFIX.length()).trim(); final String[] values = credentials.split(":",2);
String credentials = new String(DatatypeConverter.parseBase64Binary(base64Credentials)); token = values[1];
// credentials = username:password
final String[] values = credentials.split(":",2);
token = values[1];
} else if (authorization.contains(BEARER_AUTH_PREFIX))
token = authorization.substring(BEARER_AUTH_PREFIX.length()).trim();
} }
if (token==null && scope==null && call.request().getParameter(oauth_secret)!=null)
token = call.request().getParameter(oauth_secret);
//Gives priority to the token //Gives priority to the token
if (token!=null) if (token!=null)
this.retreiveAndSetInfo(token, call); this.retreiveAndSetInfo(token, call);
else if (scope!=null) else if (scope!=null)
ScopeProvider.instance.set(scope); ScopeProvider.instance.set(scope);
} }
@Override @Override
@ -70,7 +66,7 @@ public class RequestContextRetriever extends RequestHandler {
ScopeProvider.instance.reset(); ScopeProvider.instance.reset();
log.debug("resetting all the Thread local for this call."); log.debug("resetting all the Thread local for this call.");
} }
private void retreiveAndSetInfo(String token, RequestEvent call){ private void retreiveAndSetInfo(String token, RequestEvent call){
log.info("retrieving context using token {} ", token); log.info("retrieving context using token {} ", token);
AuthorizationEntry authEntry = null; AuthorizationEntry authEntry = null;
@ -83,7 +79,7 @@ public class RequestContextRetriever extends RequestHandler {
log.error("error contacting authorization service",e); log.error("error contacting authorization service",e);
internal_server_error.fire("error contacting authorization service"); internal_server_error.fire("error contacting authorization service");
} }
AuthorizationProvider.instance.set(new Caller(authEntry.getClientInfo(), authEntry.getQualifier())); AuthorizationProvider.instance.set(new Caller(authEntry.getClientInfo(), authEntry.getQualifier()));
SecurityTokenProvider.instance.set(token); SecurityTokenProvider.instance.set(token);
ScopeProvider.instance.set(authEntry.getContext()); ScopeProvider.instance.set(authEntry.getContext());