1 |
59508
|
katerina.i
|
package eu.dnetlib.openaire.usermanagement;
|
2 |
|
|
|
3 |
59615
|
katerina.i
|
import com.google.gson.Gson;
|
4 |
|
|
import com.google.gson.GsonBuilder;
|
5 |
59536
|
katerina.i
|
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
6 |
|
|
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
|
7 |
|
|
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
|
8 |
59601
|
katerina.i
|
import org.apache.http.HttpResponse;
|
9 |
59536
|
katerina.i
|
import org.apache.log4j.Logger;
|
10 |
|
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
11 |
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
12 |
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
13 |
|
|
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
14 |
|
|
|
15 |
|
|
import javax.servlet.ServletConfig;
|
16 |
59508
|
katerina.i
|
import javax.servlet.ServletException;
|
17 |
|
|
import javax.servlet.http.HttpServlet;
|
18 |
|
|
import javax.servlet.http.HttpServletRequest;
|
19 |
|
|
import javax.servlet.http.HttpServletResponse;
|
20 |
|
|
import java.io.IOException;
|
21 |
59536
|
katerina.i
|
import java.sql.SQLException;
|
22 |
|
|
import java.util.HashMap;
|
23 |
|
|
import java.util.List;
|
24 |
|
|
import java.util.Map;
|
25 |
59508
|
katerina.i
|
|
26 |
|
|
public class RegisteredServicesServlet extends HttpServlet {
|
27 |
|
|
|
28 |
59536
|
katerina.i
|
private Logger logger = Logger.getLogger(RegisteredServicesServlet.class);
|
29 |
|
|
|
30 |
|
|
@Autowired
|
31 |
|
|
private RegisteredServicesUtils registeredServicesUtils;
|
32 |
|
|
|
33 |
59714
|
katerina.i
|
@Autowired
|
34 |
|
|
private TokenUtils tokenUtils;
|
35 |
|
|
|
36 |
59536
|
katerina.i
|
public void init(ServletConfig config) throws ServletException {
|
37 |
|
|
super.init(config);
|
38 |
|
|
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
39 |
|
|
config.getServletContext());
|
40 |
|
|
}
|
41 |
|
|
|
42 |
59508
|
katerina.i
|
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
43 |
|
|
throws ServletException, IOException {
|
44 |
59536
|
katerina.i
|
|
45 |
|
|
request.getSession().setAttribute("authenticated",
|
46 |
|
|
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
|
47 |
|
|
.equals("anonymousUser"));
|
48 |
|
|
|
49 |
|
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
50 |
|
|
getContext().getAuthentication();
|
51 |
|
|
|
52 |
|
|
String userId = authentication.getSub();
|
53 |
|
|
|
54 |
|
|
List<RegisteredService> registeredServices = null;
|
55 |
|
|
try {
|
56 |
|
|
registeredServices = registeredServicesUtils.
|
57 |
|
|
getRegisteredServiceDao().fetchAllRegisteredServicesByOwner(userId);
|
58 |
60042
|
katerina.i
|
//System.out.println("LOAD REGISTERED SERVICES. " + registeredServices.size());
|
59 |
59536
|
katerina.i
|
|
60 |
59806
|
k.triantaf
|
if (registeredServices.isEmpty()) {
|
61 |
59733
|
katerina.i
|
request.getSession().setAttribute("showEmptyList", true);
|
62 |
|
|
} else {
|
63 |
|
|
Map<String, ServiceResponse> serviceResponses = new HashMap<>();
|
64 |
|
|
Map<String, String> serviceKey = new HashMap<>();
|
65 |
|
|
|
66 |
|
|
for (RegisteredService registeredService:registeredServices) {
|
67 |
59806
|
k.triantaf
|
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(),registeredService.getRegistrationAccessToken());
|
68 |
59733
|
katerina.i
|
serviceResponses.put(registeredService.getId(), serviceResponse);
|
69 |
|
|
serviceKey.put(registeredService.getId(), extractPublicKeySet(serviceResponse));
|
70 |
|
|
}
|
71 |
|
|
|
72 |
|
|
boolean reachedLimit = reachedMaximumNumberOfServices(registeredServices);
|
73 |
|
|
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
74 |
|
|
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
75 |
|
|
request.getSession().setAttribute("name", name.toString());
|
76 |
|
|
request.getSession().setAttribute("reachedLimit", reachedLimit);
|
77 |
60042
|
katerina.i
|
//System.out.println("REACHED LIMIT??? " + reachedLimit);
|
78 |
59733
|
katerina.i
|
|
79 |
|
|
request.getSession().setAttribute("services", serviceResponses);
|
80 |
|
|
request.getSession().setAttribute("keys", serviceKey);
|
81 |
|
|
}
|
82 |
59806
|
k.triantaf
|
request.getSession().setAttribute("registeredServices", registeredServices);
|
83 |
59733
|
katerina.i
|
|
84 |
59536
|
katerina.i
|
} catch (SQLException sqle) {
|
85 |
|
|
logger.error("Error fetching registered services for user " + userId , sqle);
|
86 |
|
|
request.getSession().setAttribute("message", "Error fetching registered services. " +
|
87 |
|
|
"Please try again later.");
|
88 |
|
|
request.getSession().setAttribute("showEmptyList", false);
|
89 |
|
|
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
90 |
|
|
}
|
91 |
|
|
|
92 |
59508
|
katerina.i
|
response.setContentType("text/html");
|
93 |
|
|
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
94 |
|
|
}
|
95 |
59542
|
katerina.i
|
|
96 |
59615
|
katerina.i
|
private String extractPublicKeySet(ServiceResponse serviceResponse) {
|
97 |
|
|
if (serviceResponse.getJwksUri()!=null && !serviceResponse.getJwksUri().isEmpty())
|
98 |
|
|
return serviceResponse.getJwksUri();
|
99 |
|
|
|
100 |
|
|
return extractJSONJwk(serviceResponse.getJwks());
|
101 |
|
|
}
|
102 |
|
|
|
103 |
|
|
private String extractJSONJwk(Jwks jwks) {
|
104 |
|
|
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
105 |
60042
|
katerina.i
|
//System.out.println(gson.toJson(jwks));
|
106 |
59615
|
katerina.i
|
return gson.toJson(jwks);
|
107 |
|
|
}
|
108 |
|
|
|
109 |
59601
|
katerina.i
|
@Override
|
110 |
|
|
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
111 |
|
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
112 |
|
|
getContext().getAuthentication();
|
113 |
|
|
String id = request.getParameter("id");
|
114 |
|
|
|
115 |
60042
|
katerina.i
|
//System.out.println("POST " +id);
|
116 |
59601
|
katerina.i
|
|
117 |
|
|
if (id!=null && !id.isEmpty()) {
|
118 |
|
|
try {
|
119 |
|
|
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id));
|
120 |
|
|
|
121 |
|
|
if (!registeredService.getOwner().equals(authentication.getSub())) {
|
122 |
|
|
request.getSession().setAttribute("message", "You are not allowed to delete the service.");
|
123 |
60042
|
katerina.i
|
//System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub());
|
124 |
59650
|
katerina.i
|
response.sendRedirect("./registeredServices");
|
125 |
|
|
return;
|
126 |
59601
|
katerina.i
|
}
|
127 |
|
|
|
128 |
59806
|
k.triantaf
|
HttpResponse resp = tokenUtils.deleteService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
|
129 |
59601
|
katerina.i
|
|
130 |
|
|
int statusCode = resp.getStatusLine().getStatusCode();
|
131 |
60042
|
katerina.i
|
//System.out.println("STATUS CODE " + statusCode);
|
132 |
59601
|
katerina.i
|
|
133 |
59806
|
k.triantaf
|
if (statusCode != 204) {
|
134 |
59601
|
katerina.i
|
logger.error("Unable to delete the service. Status code was " + statusCode);
|
135 |
|
|
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode);
|
136 |
60042
|
katerina.i
|
//System.out.println("AAI blocked");
|
137 |
59650
|
katerina.i
|
response.sendRedirect("./registeredServices");
|
138 |
|
|
return;
|
139 |
59601
|
katerina.i
|
} else {
|
140 |
|
|
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id));
|
141 |
|
|
request.getSession().setAttribute("success", "The service was successfully deleted.");
|
142 |
60042
|
katerina.i
|
//System.out.println("HERE HERE");
|
143 |
59601
|
katerina.i
|
}
|
144 |
|
|
|
145 |
|
|
} catch (SQLException sqle) {
|
146 |
|
|
logger.error("Unable to contact db.", sqle);
|
147 |
|
|
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
148 |
|
|
}
|
149 |
|
|
|
150 |
|
|
} else {
|
151 |
|
|
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again.");
|
152 |
|
|
}
|
153 |
|
|
|
154 |
59638
|
katerina.i
|
response.sendRedirect("./registeredServices");
|
155 |
59601
|
katerina.i
|
}
|
156 |
|
|
|
157 |
59542
|
katerina.i
|
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) {
|
158 |
59908
|
katerina.i
|
return registeredServices.size() >= 5;
|
159 |
59542
|
katerina.i
|
}
|
160 |
59508
|
katerina.i
|
}
|