1 |
51049
|
argiro.kok
|
package eu.dnetlib.uoaadmintools.handlers;
|
2 |
|
|
|
3 |
|
|
import eu.dnetlib.uoaadmintools.handlers.utils.AuthorizationUtils;
|
4 |
|
|
import org.apache.log4j.Logger;
|
5 |
55272
|
k.triantaf
|
import org.springframework.beans.factory.annotation.Value;
|
6 |
51049
|
argiro.kok
|
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
7 |
|
|
|
8 |
|
|
import javax.servlet.http.HttpServletRequest;
|
9 |
|
|
import javax.servlet.http.HttpServletResponse;
|
10 |
55272
|
k.triantaf
|
import java.util.List;
|
11 |
51049
|
argiro.kok
|
|
12 |
|
|
/**
|
13 |
|
|
* Created by argirok on 23/2/2018.
|
14 |
|
|
*/
|
15 |
|
|
public class AuthorizationHandler extends HandlerInterceptorAdapter {
|
16 |
|
|
private final Logger log = Logger.getLogger(this.getClass());
|
17 |
|
|
private AuthorizationUtils helper = new AuthorizationUtils();
|
18 |
55272
|
k.triantaf
|
private List<String> allowedPostRequests;
|
19 |
51049
|
argiro.kok
|
|
20 |
55272
|
k.triantaf
|
public AuthorizationHandler(String userInfoUrl, String originServer, List<String> allowedPostRequests){
|
21 |
51049
|
argiro.kok
|
helper.setOriginServer(originServer);
|
22 |
|
|
helper.setUserInfoUrl(userInfoUrl);
|
23 |
55272
|
k.triantaf
|
this.allowedPostRequests = allowedPostRequests;
|
24 |
51049
|
argiro.kok
|
}
|
25 |
|
|
@Override
|
26 |
|
|
public boolean preHandle(
|
27 |
|
|
HttpServletRequest request,
|
28 |
|
|
HttpServletResponse response,
|
29 |
|
|
Object handler) throws Exception {
|
30 |
|
|
// log.debug("request method " + request.getRemoteHost());
|
31 |
58363
|
argiro.kok
|
// log.debug("properties: " + helper.getOriginServer() + " "+ helper.getUserInfoUrl());
|
32 |
|
|
// log.debug(allowedPostRequests);
|
33 |
|
|
// log.debug(allowedPostRequests.contains(request.getServletPath()));
|
34 |
|
|
// log.debug(request.getServletPath());
|
35 |
55272
|
k.triantaf
|
if((request.getMethod().equals("POST") || request.getMethod().equals("DELETE")) &&
|
36 |
55305
|
k.triantaf
|
!allowedPostRequests.contains(request.getServletPath())) {
|
37 |
51049
|
argiro.kok
|
//TODO check domain & check user info
|
38 |
|
|
if(!this.helper.checkCookies(request) || !helper.isAuthorized(helper.getToken(request))){
|
39 |
|
|
|
40 |
|
|
response.setHeader("Access-Control-Allow-Credentials","true");
|
41 |
|
|
response.setHeader("Access-Control-Allow-Origin","*");
|
42 |
|
|
response.setHeader("Vary","Origin");
|
43 |
|
|
|
44 |
|
|
response.setStatus(403);
|
45 |
|
|
response.sendError(403, "Forbidden: You don't have permission to access. Maybe you are not registered.");
|
46 |
|
|
return false;
|
47 |
|
|
}
|
48 |
|
|
|
49 |
|
|
}
|
50 |
|
|
return true;
|
51 |
|
|
}
|
52 |
|
|
|
53 |
|
|
|
54 |
|
|
// @Override
|
55 |
|
|
// public void postHandle(
|
56 |
|
|
// HttpServletRequest request,
|
57 |
|
|
// HttpServletResponse response,
|
58 |
|
|
// Object handler,
|
59 |
|
|
// ModelAndView modelAndView) throws Exception {
|
60 |
|
|
// log.info("I am here - postHandle ");
|
61 |
|
|
// }
|
62 |
|
|
//
|
63 |
|
|
// @Override
|
64 |
|
|
// public void afterCompletion(
|
65 |
|
|
// HttpServletRequest request,
|
66 |
|
|
// HttpServletResponse response,
|
67 |
|
|
// Object handler, Exception ex) {
|
68 |
|
|
// log.info("I am here - afterCompletion ");
|
69 |
|
|
// }
|
70 |
|
|
|
71 |
58363
|
argiro.kok
|
}
|