Skip to content

Commit

Permalink
drl did changes in for auditing
Browse files Browse the repository at this point in the history
  • Loading branch information
ankitmashu committed Sep 13, 2023
1 parent 0cc3d3f commit d057923
Show file tree
Hide file tree
Showing 5 changed files with 96 additions and 38 deletions.
8 changes: 8 additions & 0 deletions src/main/java/iudx/rs/proxy/apiserver/ApiServerVerticle.java
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import static iudx.rs.proxy.apiserver.response.ResponseUtil.generateResponse;
import static iudx.rs.proxy.apiserver.util.ApiServerConstants.*;
import static iudx.rs.proxy.apiserver.util.ApiServerConstants.HEADER_PUBLIC_KEY;
import static iudx.rs.proxy.authenticator.Constants.*;
import static iudx.rs.proxy.common.Constants.DATABROKER_SERVICE_ADDRESS;

import static iudx.rs.proxy.apiserver.util.Util.errorResponse;
Expand Down Expand Up @@ -612,6 +613,13 @@ private void updateAuditTable(RoutingContext context) {
long time = zst.toInstant().toEpochMilli();
String isoTime = zst.truncatedTo(ChronoUnit.SECONDS).toString();
String resourceid= authInfo.getString(ID);
String role = authInfo.getString(ROLE);
String drl = authInfo.getString(DRL);
if (role.equalsIgnoreCase("delegate") && drl != null) {
request.put(DELEGATOR_ID, authInfo.getString(DID));
} else {
request.put(DELEGATOR_ID, authInfo.getString(USER_ID));
}
JsonObject jsonObject = CatalogueService.getCatalogueItemJson(resourceid);
String providerID = jsonObject.getString("provider");
request.put(EPOCH_TIME,time);
Expand Down
39 changes: 21 additions & 18 deletions src/main/java/iudx/rs/proxy/apiserver/handlers/AuthHandler.java
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package iudx.rs.proxy.apiserver.handlers;

import static iudx.rs.proxy.apiserver.util.ApiServerConstants.*;
import static iudx.rs.proxy.authenticator.Constants.*;
import static iudx.rs.proxy.common.Constants.AUTH_SERVICE_ADDRESS;
import static iudx.rs.proxy.common.ResponseUrn.INVALID_TOKEN_URN;
import static iudx.rs.proxy.common.ResponseUrn.RESOURCE_NOT_FOUND_URN;
Expand All @@ -25,13 +26,13 @@ public class AuthHandler implements Handler<RoutingContext> {
private static final Logger LOGGER = LogManager.getLogger(AuthHandler.class);

static AuthenticationService authenticator;
static Api api;
private final String AUTH_INFO = "authInfo";
private HttpServerRequest request;
static Api api;

public static AuthHandler create(Vertx vertx,Api apiEndpoints) {
public static AuthHandler create(Vertx vertx, Api apiEndpoints) {
authenticator = AuthenticationService.createProxy(vertx, AUTH_SERVICE_ADDRESS);
api=apiEndpoints;
api = apiEndpoints;
return new AuthHandler();
}

Expand All @@ -40,21 +41,20 @@ public void handle(RoutingContext context) {
request = context.request();

RequestBody requestBody = context.body();
JsonObject requestJson=null;
if(request!=null) {
if(requestBody.asJsonObject()!=null) {
requestJson=requestBody.asJsonObject().copy();
JsonObject requestJson = null;
if (request != null) {
if (requestBody.asJsonObject() != null) {
requestJson = requestBody.asJsonObject().copy();
}
}
if(requestJson==null) {
requestJson=new JsonObject();
if (requestJson == null) {
requestJson = new JsonObject();
}

String token = request.headers().get(HEADER_TOKEN);
final String path = getNormalizedPath(request.path());
final String method = context.request().method().toString();


if (token == null) token = "public";

JsonObject authInfo =
Expand All @@ -79,6 +79,9 @@ public void handle(RoutingContext context) {
authInfo.put(IID, authHandler.result().getValue(IID));
authInfo.put(USER_ID, authHandler.result().getValue(USER_ID));
authInfo.put("apd", authHandler.result().getValue("apd"));
authInfo.put(ROLE, authHandler.result().getValue(ROLE));
authInfo.put(DID, authHandler.result().getValue(DID));
authInfo.put(DRL, authHandler.result().getValue(DRL));
context.data().put(AUTH_INFO, authInfo);
} else {
processAuthFailure(context, authHandler.cause().getMessage());
Expand Down Expand Up @@ -123,11 +126,11 @@ private String getId(RoutingContext context) {
String paramId = getId4rmRequest();
String bodyId = getId4rmBody(context);
String id;
if (paramId != null && !paramId.isBlank()) {
id = paramId;
} else {
id = bodyId;
}
if (paramId != null && !paramId.isBlank()) {
id = paramId;
} else {
id = bodyId;
}
return id;
}

Expand Down Expand Up @@ -170,13 +173,13 @@ private String getNormalizedPath(String url) {
path = api.getProviderAuditEndpoint();
} else if (url.matches(api.getPostEntitiesEndpoint())) {
path = api.getPostEntitiesEndpoint();
}else if(url.matches(api.getPostTemporalEndpoint())){
} else if (url.matches(api.getPostTemporalEndpoint())) {
path = api.getPostTemporalEndpoint();
}
return path;
}

private String getpathRegex(String path) {
return path+"(.*)";
return path + "(.*)";
}
}
9 changes: 7 additions & 2 deletions src/main/java/iudx/rs/proxy/authenticator/Constants.java
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,18 @@

public class Constants {

public static final List<String> OPEN_ENDPOINTS = List.of("/temporal/entities","/entities","/consumer/audit","/entityOperations/query");
public static final List<String> OPEN_ENDPOINTS =
List.of("/temporal/entities", "/entities", "/consumer/audit", "/entityOperations/query");
public static final long CACHE_TIMEOUT_AMOUNT = 30;
public static final String CAT_SEARCH_PATH = "/search";
public static final String AUTH_CERTIFICATE_PATH = "/cert";
public static final String CAT_ITEM_PATH = "/item";
public static final String JSON_USERID = "userid";
public static final String JSON_IID = "iid";
public static final String JSON_EXPIRY = "expiry";
public static final String JSON_APD="apd";
public static final String JSON_APD = "apd";
public static final String ROLE = "role";
public static final String DRL = "drl";
public static final String DID = "did";
public static final String DELEGATOR_ID = "delegatorId";
}
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
package iudx.rs.proxy.authenticator;

import static iudx.rs.proxy.authenticator.Constants.*;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import io.vertx.core.AsyncResult;
Expand Down Expand Up @@ -30,25 +32,21 @@
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import org.apache.http.HttpStatus;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import static iudx.rs.proxy.authenticator.Constants.*;

public class JwtAuthenticationServiceImpl implements AuthenticationService {

private static final Logger LOGGER = LogManager.getLogger(JwtAuthenticationServiceImpl.class);

static WebClient catWebClient;
final JWTAuth jwtAuth;
final String host;
final int port;
final String path;
final String audience;
final CacheService cache;
static WebClient catWebClient;
final Api apis;
final String catBasePath;
// resourceGroupCache will contain ACL info about all resource group in a resource server
Expand Down Expand Up @@ -106,6 +104,9 @@ public AuthenticationService tokenIntrospect(JsonObject request, JsonObject auth
jsonResponse.put(JSON_EXPIRY, (LocalDateTime.ofInstant(
Instant.ofEpochSecond(Long.parseLong(result.jwtData.getExp().toString())),
ZoneId.systemDefault())).toString());
jsonResponse.put(ROLE, result.jwtData.getRole());
jsonResponse.put(DRL, result.jwtData.getDrl());
jsonResponse.put(DID, result.jwtData.getDid());
return Future.succeededFuture(jsonResponse);
} else {
return validateAccess(result.jwtData, result.isOpen, authenticationInfo);
Expand Down Expand Up @@ -216,6 +217,9 @@ public Future<JsonObject> validateAccess(JwtData jwtData, boolean openResource,
jsonResponse.put(JSON_IID, jwtId);
jsonResponse.put(JSON_USERID, jwtData.getSub());
jsonResponse.put(JSON_APD,jwtData.getApd());
jsonResponse.put(ROLE, jwtData.getRole());
jsonResponse.put(DRL, jwtData.getDrl());
jsonResponse.put(DID, jwtData.getDid());
return Future.succeededFuture(jsonResponse);
}

Expand All @@ -236,6 +240,9 @@ public Future<JsonObject> validateAccess(JwtData jwtData, boolean openResource,
jsonResponse.put(JSON_EXPIRY, (LocalDateTime.ofInstant(
Instant.ofEpochSecond(Long.parseLong(jwtData.getExp().toString())),
ZoneId.systemDefault())).toString());
jsonResponse.put(ROLE, jwtData.getRole());
jsonResponse.put(DRL, jwtData.getDrl());
jsonResponse.put(DID, jwtData.getDid());
promise.complete(jsonResponse);
} else {
LOGGER.error("failed - no access provided to endpoint");
Expand Down
61 changes: 48 additions & 13 deletions src/main/java/iudx/rs/proxy/authenticator/model/JwtData.java
Original file line number Diff line number Diff line change
Expand Up @@ -16,19 +16,37 @@ public final class JwtData {
private String role;
private JsonObject cons;
private JsonObject apd;
private String drl;
private String did;

public JwtData() {
super();
}

public JwtData(JsonObject json) {
JwtDataConverter.fromJson(json, this);
}

public JsonObject toJson() {
JsonObject json = new JsonObject();
JwtDataConverter.toJson(this, json);
return json;
}

public JwtData() {
super();
public String getDrl() {
return drl;
}

public JwtData(JsonObject json) {
JwtDataConverter.fromJson(json, this);
public void setDrl(String drl) {
this.drl = drl;
}

public String getDid() {
return did;
}

public void setDid(String did) {
this.did = did;
}

public String getAccess_token() {
Expand Down Expand Up @@ -102,7 +120,7 @@ public Integer getIat() {
public void setIat(Integer iat) {
this.iat = iat;
}

public JsonObject getApd() {
return apd;
}
Expand All @@ -113,13 +131,30 @@ public void setApd(JsonObject apd) {

@Override
public String toString() {
return "JwtData [access_token=" + access_token + ", sub=" + sub + ", iss=" + iss + ", aud="
+ aud + ", exp=" + exp + ", iat=" + iat + ", iid=" + iid + ", role=" + role + ", cons="
+ cons + ", apd=" + apd + "]";
return "JwtData [access_token="
+ access_token
+ ", sub="
+ sub
+ ", iss="
+ iss
+ ", aud="
+ aud
+ ", exp="
+ exp
+ ", iat="
+ iat
+ ", iid="
+ iid
+ ", role="
+ role
+ ", cons="
+ cons
+ ", apd="
+ apd
+ ", drl="
+ drl
+ ", did="
+ did
+ "]";
}





}

0 comments on commit d057923

Please sign in to comment.