Revision 61809
Added by Konstantinos Triantafyllou almost 3 years ago
| modules/uoa-authorization-library/trunk/pom.xml | ||
|---|---|---|
| 7 | 7 |
<version>1.0.0</version> |
| 8 | 8 |
</parent> |
| 9 | 9 |
<artifactId>uoa-authorization-library</artifactId> |
| 10 |
<version>2.0.4-SNAPSHOT</version>
|
|
| 10 |
<version>2.1.0-SNAPSHOT</version>
|
|
| 11 | 11 |
<packaging>jar</packaging> |
| 12 | 12 |
<scm> |
| 13 | 13 |
<developerConnection>scm:svn:https://svn.driver.research-infrastructures.eu/driver/dnet45/modules/uoa-authorization-library/trunk</developerConnection> |
| modules/uoa-authorization-library/trunk/src/main/java/eu/dnetlib/uoaauthorizationlibrary/configuration/SecurityConfig.java | ||
|---|---|---|
| 6 | 6 |
public class SecurityConfig {
|
| 7 | 7 |
|
| 8 | 8 |
private String userInfoUrl; |
| 9 |
private String session; |
|
| 9 | 10 |
|
| 10 | 11 |
public String getUserInfoUrl() {
|
| 11 | 12 |
return userInfoUrl; |
| ... | ... | |
| 15 | 16 |
this.userInfoUrl = userInfoUrl; |
| 16 | 17 |
} |
| 17 | 18 |
|
| 18 |
/** @deprecated */ |
|
| 19 |
public boolean isDeprecated() {
|
|
| 20 |
return userInfoUrl.contains("accessToken");
|
|
| 19 |
public String getSession() {
|
|
| 20 |
return session; |
|
| 21 | 21 |
} |
| 22 |
|
|
| 23 |
public void setSession(String session) {
|
|
| 24 |
this.session = session; |
|
| 25 |
} |
|
| 22 | 26 |
} |
| modules/uoa-authorization-library/trunk/src/main/java/eu/dnetlib/uoaauthorizationlibrary/controllers/AuthorizationLibraryCheckDeployController.java | ||
|---|---|---|
| 36 | 36 |
public Map<String, String> checkEverything() {
|
| 37 | 37 |
Map<String, String> response = new HashMap<>(); |
| 38 | 38 |
response.put("authorization.security.userInfoUrl", securityConfig.getUserInfoUrl());
|
| 39 |
response.put("authorization.security.session", securityConfig.getSession());
|
|
| 39 | 40 |
if(GlobalVars.date != null) {
|
| 40 | 41 |
response.put("Date of deploy", GlobalVars.date.toString());
|
| 41 | 42 |
} |
| modules/uoa-authorization-library/trunk/src/main/java/eu/dnetlib/uoaauthorizationlibrary/utils/AuthorizationUtils.java | ||
|---|---|---|
| 17 | 17 |
public class AuthorizationUtils {
|
| 18 | 18 |
private final Logger log = Logger.getLogger(this.getClass()); |
| 19 | 19 |
private final SecurityConfig securityConfig; |
| 20 |
private final static String TOKEN = "AccessToken"; |
|
| 21 |
private final static String SESSION = "OpenAIRESession"; |
|
| 22 | 20 |
|
| 23 | 21 |
@Autowired |
| 24 | 22 |
AuthorizationUtils(SecurityConfig securityConfig) {
|
| 25 | 23 |
this.securityConfig = securityConfig; |
| 26 | 24 |
} |
| 27 | 25 |
|
| 28 |
private String getToken(HttpServletRequest request) {
|
|
| 29 |
if (request.getCookies() == null) {
|
|
| 30 |
return null; |
|
| 31 |
} |
|
| 32 |
for (Cookie c : request.getCookies()) {
|
|
| 33 |
if (c.getName().equals(TOKEN)) {
|
|
| 34 |
return c.getValue(); |
|
| 35 |
} |
|
| 36 |
} |
|
| 37 |
return null; |
|
| 38 |
} |
|
| 39 |
|
|
| 40 | 26 |
public UserInfo getUserInfo(HttpServletRequest request) {
|
| 41 |
String url = securityConfig.getUserInfoUrl() + (securityConfig.isDeprecated()?getToken(request):"");
|
|
| 27 |
String url = securityConfig.getUserInfoUrl(); |
|
| 42 | 28 |
RestTemplate restTemplate = new RestTemplate(); |
| 43 | 29 |
try {
|
| 44 | 30 |
if(hasCookie(request)) {
|
| 45 | 31 |
ResponseEntity<UserInfo> response = restTemplate.exchange(url, HttpMethod.GET, createHeaders(request), UserInfo.class); |
| 46 |
return response.getBody();
|
|
| 32 |
return response.getBody(); |
|
| 47 | 33 |
} |
| 48 | 34 |
return null; |
| 49 | 35 |
} catch (RestClientException e) {
|
| 50 |
log.error(url + ":" + e.getMessage()); |
|
| 36 |
log.error(url + ": " + e.getMessage());
|
|
| 51 | 37 |
return null; |
| 52 | 38 |
} |
| 53 | 39 |
} |
| ... | ... | |
| 55 | 41 |
private boolean hasCookie(HttpServletRequest request) {
|
| 56 | 42 |
Cookie[] cookies = request.getCookies(); |
| 57 | 43 |
if(cookies != null) {
|
| 58 |
if (securityConfig.isDeprecated()) {
|
|
| 59 |
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(TOKEN)); |
|
| 60 |
} else {
|
|
| 61 |
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(SESSION)); |
|
| 62 |
} |
|
| 44 |
return Arrays.stream(cookies).anyMatch(cookie -> cookie.getName().equalsIgnoreCase(this.securityConfig.getSession())); |
|
| 63 | 45 |
} |
| 64 | 46 |
return false; |
| 65 | 47 |
} |
| modules/uoa-authorization-library/trunk/src/main/resources/authorization.properties | ||
|---|---|---|
| 1 | 1 |
#dev |
| 2 | 2 |
authorization.security.userInfoUrl = http://mpagasas.di.uoa.gr:8080/login-service/userInfo |
| 3 |
authorization.security.session=openAIRESession |
|
| 3 | 4 |
authorization.globalVars.buildDate=@timestampAuthorizationLibrary@ |
| 4 | 5 |
authorization.globalVars.version=@project.version@ |
Also available in: Unified diff
Add property for session id