Revision 50325
Added by Panagiotis Kanakakis over 6 years ago
modules/uoa-repository-manager-gui/trunk/src/main/java/eu/dnetlib/repo/manager/server/utils/FrontEndLinkURIAuthenticationSuccessHandler.java | ||
---|---|---|
1 |
package eu.dnetlib.repo.manager.server.utils; |
|
2 |
|
|
3 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
4 |
import org.springframework.security.core.Authentication; |
|
5 |
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
|
6 |
|
|
7 |
import javax.servlet.ServletException; |
|
8 |
import javax.servlet.http.Cookie; |
|
9 |
import javax.servlet.http.HttpServletRequest; |
|
10 |
import javax.servlet.http.HttpServletResponse; |
|
11 |
import java.io.IOException; |
|
12 |
|
|
13 |
|
|
14 |
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler { |
|
15 |
|
|
16 |
|
|
17 |
private String frontEndURI; |
|
18 |
|
|
19 |
@Override |
|
20 |
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { |
|
21 |
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication; |
|
22 |
Cookie sessionCookie = new Cookie("name", authOIDC.getSub()); |
|
23 |
int expireSec = -1; |
|
24 |
sessionCookie.setMaxAge(expireSec); |
|
25 |
sessionCookie.setPath("/"); |
|
26 |
response.addCookie(sessionCookie); |
|
27 |
response.sendRedirect(frontEndURI); |
|
28 |
} |
|
29 |
|
|
30 |
public String getFrontEndURI() { |
|
31 |
return frontEndURI; |
|
32 |
} |
|
33 |
|
|
34 |
public void setFrontEndURI(String frontEndURI) { |
|
35 |
this.frontEndURI = frontEndURI; |
|
36 |
} |
|
37 |
} |
modules/uoa-repository-manager-gui/trunk/src/main/java/eu/dnetlib/repo/manager/server/services/RepositoryServiceImpl.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.repo.manager.server.services; |
2 | 2 |
|
3 |
import com.fasterxml.jackson.databind.DeserializationConfig; |
|
4 | 3 |
import com.fasterxml.jackson.databind.ObjectMapper; |
5 |
import com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException; |
|
6 |
import com.unboundid.util.Base64; |
|
7 | 4 |
import eu.dnetlib.domain.data.PiwikInfo; |
8 | 5 |
import eu.dnetlib.domain.data.Repository; |
9 | 6 |
import eu.dnetlib.domain.data.RepositoryInterface; |
... | ... | |
13 | 10 |
import eu.dnetlib.repo.manager.client.services.RepositoryService; |
14 | 11 |
import eu.dnetlib.repo.manager.server.utils.EmailUtils; |
15 | 12 |
import eu.dnetlib.repo.manager.server.utils.LocalVocabularies; |
16 |
import eu.dnetlib.domain.data.PiwikInfo; |
|
17 | 13 |
import eu.dnetlib.repo.manager.service.controllers.RepositoryApi; |
18 | 14 |
import eu.dnetlib.repo.manager.shared.*; |
19 | 15 |
import eu.dnetlib.repos.RepoApi; |
... | ... | |
23 | 19 |
import org.apache.commons.lang.WordUtils; |
24 | 20 |
import org.apache.log4j.Logger; |
25 | 21 |
import org.json.JSONException; |
26 |
import org.json.JSONObject; |
|
27 | 22 |
import org.springframework.beans.factory.annotation.Autowired; |
28 | 23 |
import org.springframework.beans.factory.annotation.Value; |
29 | 24 |
import org.springframework.core.ParameterizedTypeReference; |
... | ... | |
41 | 36 |
import java.io.IOException; |
42 | 37 |
import java.io.UnsupportedEncodingException; |
43 | 38 |
import java.net.URLEncoder; |
44 |
import java.text.Normalizer; |
|
45 | 39 |
import java.util.*; |
46 | 40 |
import java.util.concurrent.ConcurrentHashMap; |
47 | 41 |
import java.net.URL; |
... | ... | |
722 | 716 |
|
723 | 717 |
return null; |
724 | 718 |
} |
719 |
|
|
720 |
@Override |
|
721 |
public Aggregations getRepositoryAggregations(String repoId) throws JSONException { |
|
722 |
return repositoryApi.getRepositoryAggregations(repoId); |
|
723 |
} |
|
725 | 724 |
} |
modules/uoa-repository-manager-gui/trunk/src/main/java/eu/dnetlib/repo/manager/shared/Aggregations.java | ||
---|---|---|
1 |
package eu.dnetlib.repo.manager.shared; |
|
2 |
|
|
3 |
import com.google.gwt.user.client.rpc.IsSerializable; |
|
4 |
|
|
5 |
import java.util.ArrayList; |
|
6 |
import java.util.List; |
|
7 |
|
|
8 |
public class Aggregations implements IsSerializable{ |
|
9 |
|
|
10 |
private List<AggregationDetails> aggregationHistory = new ArrayList<>(); |
|
11 |
private AggregationDetails lastCollection; |
|
12 |
private AggregationDetails lastTransformation; |
|
13 |
|
|
14 |
public Aggregations() { |
|
15 |
} |
|
16 |
|
|
17 |
public List<AggregationDetails> getAggregationHistory() { |
|
18 |
return aggregationHistory; |
|
19 |
} |
|
20 |
|
|
21 |
public void setAggregationHistory(List<AggregationDetails> aggregationHistory) { |
|
22 |
this.aggregationHistory = aggregationHistory; |
|
23 |
} |
|
24 |
|
|
25 |
public AggregationDetails getLastCollection() { |
|
26 |
return lastCollection; |
|
27 |
} |
|
28 |
|
|
29 |
public void setLastCollection(AggregationDetails lastCollection) { |
|
30 |
this.lastCollection = lastCollection; |
|
31 |
} |
|
32 |
|
|
33 |
public AggregationDetails getLastTransformation() { |
|
34 |
return lastTransformation; |
|
35 |
} |
|
36 |
|
|
37 |
public void setLastTransformation(AggregationDetails lastTransformation) { |
|
38 |
this.lastTransformation = lastTransformation; |
|
39 |
} |
|
40 |
} |
modules/uoa-repository-manager-gui/trunk/src/main/java/eu/dnetlib/repo/manager/shared/AggregationDetails.java | ||
---|---|---|
1 |
package eu.dnetlib.repo.manager.shared; |
|
2 |
|
|
3 |
import java.util.Date; |
|
4 |
|
|
5 |
public class AggregationDetails { |
|
6 |
|
|
7 |
|
|
8 |
private String aggregationStage; |
|
9 |
private Date date; |
|
10 |
private int numberOfRecords; |
|
11 |
private String collectionMode; |
|
12 |
|
|
13 |
public AggregationDetails() { |
|
14 |
} |
|
15 |
|
|
16 |
public String getAggregationStage() { |
|
17 |
return aggregationStage; |
|
18 |
} |
|
19 |
|
|
20 |
public String getCollectionMode() { |
|
21 |
return collectionMode; |
|
22 |
} |
|
23 |
|
|
24 |
public void setCollectionMode(String collectionMode) { |
|
25 |
this.collectionMode = collectionMode; |
|
26 |
} |
|
27 |
|
|
28 |
public void setAggregationStage(String aggregationStage) { |
|
29 |
this.aggregationStage = aggregationStage; |
|
30 |
} |
|
31 |
|
|
32 |
public Date getDate() { |
|
33 |
return date; |
|
34 |
} |
|
35 |
|
|
36 |
public void setDate(Date date) { |
|
37 |
this.date = date; |
|
38 |
} |
|
39 |
|
|
40 |
public int getNumberOfRecords() { |
|
41 |
return numberOfRecords; |
|
42 |
} |
|
43 |
|
|
44 |
public void setNumberOfRecords(int numberOfRecords) { |
|
45 |
this.numberOfRecords = numberOfRecords; |
|
46 |
} |
|
47 |
} |
modules/uoa-repository-manager-gui/trunk/src/main/java/eu/dnetlib/repo/manager/client/services/RepositoryService.java | ||
---|---|---|
7 | 7 |
import eu.dnetlib.domain.data.RepositoryInterface; |
8 | 8 |
import eu.dnetlib.domain.functionality.UserProfile; |
9 | 9 |
import eu.dnetlib.repo.manager.shared.*; |
10 |
import org.json.JSONException; |
|
10 | 11 |
|
11 | 12 |
import java.util.List; |
12 | 13 |
import java.util.Map; |
... | ... | |
66 | 67 |
void markPiwikSiteAsValidated(String repositoryId) throws RepositoryServiceException; |
67 | 68 |
|
68 | 69 |
MetricsInfo getMetricsInfoForRepository(String repoId) throws RepositoryServiceException; |
70 |
|
|
71 |
|
|
72 |
Aggregations getRepositoryAggregations(String repoId) throws JSONException; |
|
69 | 73 |
} |
modules/uoa-repository-manager-gui/trunk/src/main/resources/eu/dnetlib/repo/manager/server/config/springContext-repo-manager.xml | ||
---|---|---|
6 | 6 |
xmlns:task="http://www.springframework.org/schema/task" |
7 | 7 |
xmlns:aop="http://www.springframework.org/schema/aop" |
8 | 8 |
xmlns:context="http://www.springframework.org/schema/context" |
9 |
xmlns:security="http://www.springframework.org/schema/c" xmlns:util="http://www.springframework.org/schema/util" |
|
9 | 10 |
|
10 | 11 |
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd |
11 | 12 |
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd |
12 | 13 |
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd |
13 |
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> |
|
14 |
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
|
|
14 | 15 |
|
15 | 16 |
<task:annotation-driven executor="myExecutor" scheduler="myScheduler"/> |
16 | 17 |
<task:executor id="myExecutor" pool-size="5"/> |
... | ... | |
28 | 29 |
<property name="debug" value="${services.validator.mail.debug}"/> |
29 | 30 |
</bean> |
30 | 31 |
|
31 |
<!--<bean id="validationService" class="eu.dnetlib.repo.manager.server.services.ValidationServiceImpl"> |
|
32 |
<property name="validatorServiceLocator" ref="validatorServiceLocator"/> |
|
32 |
<bean id="webexpressionHandler" |
|
33 |
class="org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler"/> |
|
34 |
|
|
35 |
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true" |
|
36 |
authentication-manager-ref="authenticationManager"/> |
|
37 |
|
|
38 |
<security:http auto-config="false" use-expressions="true" |
|
39 |
disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint" |
|
40 |
pattern="/**"> |
|
41 |
|
|
42 |
<security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" /> |
|
43 |
|
|
44 |
<security:logout /> |
|
45 |
|
|
46 |
</security:http> |
|
47 |
|
|
48 |
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" > |
|
49 |
<constructor-arg type="java.lang.String" value="/openid_connect_login"/> |
|
33 | 50 |
</bean> |
34 | 51 |
|
35 |
<bean id="repomanager.dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"> |
|
36 |
<property name="driverClassName" value="${repomanager.db.driverClassName}" /> |
|
37 |
<property name="url" value="${repomanager.db.url}" /> |
|
38 |
<property name="username" value="${repomanager.db.username}" /> |
|
39 |
<property name="password" value="${repomanager.db.password}" /> |
|
40 |
<property name="maxIdle" value="10" /> |
|
41 |
<property name="maxActive" value="100" /> |
|
42 |
<property name="maxWait" value="10000" /> |
|
43 |
<property name="validationQuery" value="SELECT 1;" /> |
|
44 |
<property name="testOnBorrow" value="true" /> |
|
45 |
<property name="testOnReturn" value="true" /> |
|
46 |
<property name="testWhileIdle" value="true" /> |
|
47 |
<property name="timeBetweenEvictionRunsMillis" value="1200000" /> |
|
48 |
<property name="minEvictableIdleTimeMillis" value="1800000" /> |
|
49 |
<property name="numTestsPerEvictionRun" value="5" /> |
|
50 |
<property name="poolPreparedStatements" value="true" /> |
|
51 |
<property name="defaultAutoCommit" value="true" /> |
|
52 |
<security:authentication-manager alias="authenticationManager"> |
|
53 |
<security:authentication-provider ref="openIdConnectAuthenticationProvider" /> |
|
54 |
</security:authentication-manager> |
|
55 |
|
|
56 |
<bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider"> |
|
57 |
<property name="authoritiesMapper"> |
|
58 |
<bean class="org.mitre.openid.connect.client.NamedAdminAuthoritiesMapper"> |
|
59 |
<property name="admins" ref="namedAdmins" /> |
|
60 |
</bean> |
|
61 |
</property> |
|
52 | 62 |
</bean> |
53 | 63 |
|
54 |
<aop:aspectj-autoproxy proxy-target-class="true" /> |
|
55 |
<tx:annotation-driven transaction-manager="txManager"/> |
|
64 |
<util:set id="namedAdmins" value-type="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority"> |
|
65 |
<!-- |
|
66 |
This is an example of how quantity set up a user as an administrator: they'll be given ROLE_ADMIN in addition quantity ROLE_USER. |
|
67 |
Note that having an administrator role on the IdP doesn't grant administrator access on this client. |
|
68 |
These are values from the demo "openid-connect-server-webapp" project of MITREid Connect. |
|
69 |
--> |
|
70 |
<bean class="org.mitre.openid.connect.client.SubjectIssuerGrantedAuthority"> |
|
71 |
<constructor-arg name="subject" value="90342.ASDFJWFA" /> |
|
72 |
<constructor-arg name="issuer" value="${oidc.issuer}" /> |
|
73 |
</bean> |
|
74 |
</util:set> |
|
56 | 75 |
|
57 |
<bean id="txManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager"> |
|
58 |
<property name="dataSource" ref="repomanager.dataSource"/> |
|
59 |
</bean>--> |
|
76 |
|
|
77 |
<bean class="eu.dnetlib.repo.manager.server.utils.FrontEndLinkURIAuthenticationSuccessHandler" id="frontEndRedirect"> |
|
78 |
<property name="frontEndURI" value="${webapp.front}"/> |
|
79 |
</bean> |
|
80 |
<!-- |
|
81 |
- |
|
82 |
- The authentication filter |
|
83 |
- |
|
84 |
--> |
|
85 |
<bean id="openIdConnectAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter"> |
|
86 |
<property name="authenticationManager" ref="authenticationManager" /> |
|
87 |
|
|
88 |
<property name="issuerService" ref="staticIssuerService" /> |
|
89 |
<property name="serverConfigurationService" ref="staticServerConfigurationService" /> |
|
90 |
<property name="clientConfigurationService" ref="staticClientConfigurationService" /> |
|
91 |
<property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" /> |
|
92 |
<property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" /> |
|
93 |
<property name="authenticationSuccessHandler" ref="frontEndRedirect"/> |
|
94 |
|
|
95 |
</bean> |
|
96 |
|
|
97 |
|
|
98 |
|
|
99 |
<!-- |
|
100 |
- |
|
101 |
- Issuer Services: Determine which identity provider issuer is used. |
|
102 |
- |
|
103 |
--> |
|
104 |
|
|
105 |
|
|
106 |
<!-- |
|
107 |
Static issuer service, returns the same issuer for every request. |
|
108 |
--> |
|
109 |
<bean class="org.mitre.openid.connect.client.service.impl.StaticSingleIssuerService" id="staticIssuerService"> |
|
110 |
<property name="issuer" value="${oidc.issuer}" /> |
|
111 |
</bean> |
|
112 |
|
|
113 |
<bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService"> |
|
114 |
<property name="loginPageUrl" value="login" /> |
|
115 |
<property name="forceHttps" value="false" /> <!-- this default property forces the webfinger issuer URL quantity be HTTPS, turn off for development work --> |
|
116 |
</bean> |
|
117 |
|
|
118 |
<!-- |
|
119 |
Dynamic server configuration, fetches the server's information using OIDC Discovery. |
|
120 |
--> |
|
121 |
<bean class="org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService" id="staticServerConfigurationService"> |
|
122 |
<property name="servers"> |
|
123 |
<map> |
|
124 |
<entry key="${oidc.issuer}"> |
|
125 |
<bean class="org.mitre.openid.connect.config.ServerConfiguration"> |
|
126 |
<property name="issuer" value="${oidc.issuer}" /> |
|
127 |
<property name="authorizationEndpointUri" value="${oidc.issuer}authorize" /> |
|
128 |
<property name="tokenEndpointUri" value="${oidc.issuer}token" /> |
|
129 |
<property name="userInfoUri" value="${oidc.issuer}userinfo" /> |
|
130 |
<property name="jwksUri" value="${oidc.issuer}jwk" /> |
|
131 |
<property name="revocationEndpointUri" value="${oidc.issuer}revoke" /> |
|
132 |
</bean> |
|
133 |
</entry> |
|
134 |
</map> |
|
135 |
</property> |
|
136 |
</bean> |
|
137 |
|
|
138 |
|
|
139 |
<!-- |
|
140 |
Static Client Configuration. Configures a client statically by storing configuration on a per-issuer basis. |
|
141 |
--> |
|
142 |
|
|
143 |
<bean class="org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService" id="staticClientConfigurationService"> |
|
144 |
<property name="clients"> |
|
145 |
<map> |
|
146 |
<entry key="${oidc.issuer}"> |
|
147 |
<bean class="org.mitre.oauth2.model.RegisteredClient"> |
|
148 |
<property name="clientId" value="${oidc.id}" /> |
|
149 |
<property name="clientSecret" value="${oidc.secret}" /> |
|
150 |
<property name="scope"> |
|
151 |
<set value-type="java.lang.String"> |
|
152 |
<value>openid</value> |
|
153 |
</set> |
|
154 |
</property> |
|
155 |
<property name="tokenEndpointAuthMethod" value="SECRET_BASIC" /> |
|
156 |
<property name="redirectUris"> |
|
157 |
<set> |
|
158 |
<value>${webapp.home}</value> |
|
159 |
</set> |
|
160 |
</property> |
|
161 |
</bean> |
|
162 |
</entry> |
|
163 |
</map> |
|
164 |
</property> |
|
165 |
</bean> |
|
166 |
|
|
167 |
|
|
168 |
<!-- |
|
169 |
- |
|
170 |
- Auth request options service: returns the optional components of the request |
|
171 |
- |
|
172 |
--> |
|
173 |
<bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService"> |
|
174 |
<property name="options"> |
|
175 |
<map> |
|
176 |
<!-- Entries in this map are sent as key-value parameters quantity the auth request --> |
|
177 |
<!-- |
|
178 |
<entry key="display" value="page" /> |
|
179 |
<entry key="max_age" value="30" /> |
|
180 |
<entry key="prompt" value="none" /> |
|
181 |
--> |
|
182 |
</map> |
|
183 |
</property> |
|
184 |
</bean> |
|
185 |
|
|
186 |
<!-- |
|
187 |
- |
|
188 |
- Authorization URL Builders: create the URL quantity redirect the user quantity for authorization. |
|
189 |
- |
|
190 |
--> |
|
191 |
|
|
192 |
<!-- |
|
193 |
Plain authorization request builder, puts all options as query parameters on the GET request |
|
194 |
--> |
|
195 |
<bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" /> |
|
60 | 196 |
</beans> |
modules/uoa-repository-manager-gui/trunk/src/main/resources/eu/dnetlib/repo/manager/server/springContext-repo-manager.properties | ||
---|---|---|
56 | 56 |
|
57 | 57 |
services.repomanager.usageStatisticsDiagramsBaseURL = https://beta.openaire.eu/stats3/ |
58 | 58 |
services.repomanager.usageStatisticsNumbersBaseURL = https://beta.services.openaire.eu/usagestats/datasources/ |
59 |
services.repomanager.usagestats.adminEmail = repositoryusagestats@openaire.eu |
|
59 |
services.repomanager.usagestats.adminEmail = repositoryusagestats@openaire.eu |
|
60 |
|
|
61 |
oidc.issuer = https://aai.openminted.eu/oidc/ |
|
62 |
oidc.id = id |
|
63 |
oidc.secret = secret |
|
64 |
webapp.home = https://localhost:8380/uoa-repository-manager-gui/openid_connect_login |
|
65 |
webapp.front=https://localhost:8380 |
modules/uoa-repository-manager-gui/trunk/pom.xml | ||
---|---|---|
276 | 276 |
</dependency> |
277 | 277 |
|
278 | 278 |
|
279 |
<dependency> |
|
280 |
<groupId>org.mitre</groupId> |
|
281 |
<artifactId>openid-connect-client</artifactId> |
|
282 |
<version>1.3.0</version> |
|
283 |
<exclusions> |
|
284 |
<exclusion> |
|
285 |
<groupId>org.slf4j</groupId> |
|
286 |
<artifactId>jcl-over-slf4j</artifactId> |
|
287 |
</exclusion> |
|
288 |
</exclusions> |
|
289 |
</dependency> |
|
279 | 290 |
|
280 | 291 |
</dependencies> |
281 | 292 |
|
Also available in: Unified diff
1. Add Aggregation , AggregationDetails class
2. Implement getAggregationHistory method.