From 23bb023686889974c89597e45eace2513e4d9e51 Mon Sep 17 00:00:00 2001 From: milanperera Date: Thu, 3 Sep 2015 12:07:55 +0530 Subject: [PATCH] Partial Commit for Permission Authorizer module --- .../pom.xml | 4 ++ .../authenticator/framework/Constants.java | 22 +++++++ .../WebappAuthenticatorFrameworkValve.java | 6 +- .../authorizer/PermissionAuthorizerUtil.java | 59 +++++++++++++++++++ ...AuthenticatorFrameworkBundleActivator.java | 11 ++++ .../src/main/resources/p2.inf | 3 +- 6 files changed, 102 insertions(+), 3 deletions(-) create mode 100644 components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml index ebf27bf99ff..21b0e5e96f9 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/pom.xml @@ -103,6 +103,10 @@ org.wso2.carbon org.wso2.carbon.core.services + + org.wso2.carbon + org.wso2.carbon.registry.api + diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java index a046c5280b1..dc467e1c245 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/Constants.java @@ -21,6 +21,7 @@ public final class Constants { public static final String AUTHORIZATION_HEADER_PREFIX_BEARER = "Bearer"; public static final String NO_MATCHING_AUTH_SCHEME = "noMatchedAuthScheme"; + public static final String PERMISSION_PATH = "/_system/governance/permission/admin/device-mgt/"; public static final class HTTPHeaders { private HTTPHeaders() { @@ -40,4 +41,25 @@ public final class Constants { public static final String CONTENT_TYPE_APPLICATION_XML = "application/xml"; } + public static final class HttpVerb { + private HttpVerb() { + throw new AssertionError(); + } + + public static final String GET = "GET"; + public static final String POST = "POST"; + public static final String DELETE = "DELETE"; + public static final String PUT = "PUT"; + } + + public static final class PermissionMethod { + private PermissionMethod() { + throw new AssertionError(); + } + + public static final String READ = "read"; + public static final String WRITE = "write"; + public static final String DELETE = "delete"; + public static final String ACTION = "action"; + } } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index d27116b8fea..a26ffa5a559 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -26,6 +26,9 @@ import org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve; import org.wso2.carbon.tomcat.ext.valves.CompositeValve; import javax.servlet.http.HttpServletResponse; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { @@ -34,8 +37,7 @@ public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { - String authScheme = - request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME); + String authScheme = request.getAuthType(); if (authScheme == null || "".equals(authScheme)) { this.getNext().invoke(request, response, compositeValve); return; diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java new file mode 100644 index 00000000000..416f96db498 --- /dev/null +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authorizer/PermissionAuthorizerUtil.java @@ -0,0 +1,59 @@ +/* + * Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. + * + * WSO2 Inc. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.carbon.webapp.authenticator.framework.authorizer; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.wso2.carbon.context.CarbonContext; +import org.wso2.carbon.context.RegistryType; +import org.wso2.carbon.registry.api.Collection; +import org.wso2.carbon.registry.api.Registry; +import org.wso2.carbon.registry.api.RegistryException; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission; + +public class PermissionAuthorizerUtil { + + private static Registry registry = CarbonContext.getThreadLocalCarbonContext(). + getRegistry(RegistryType.SYSTEM_GOVERNANCE); + + private static final String PROPERTY_NAME = "name"; + private static final String PATH_PERMISSION = "/permission"; + private static final Log log = LogFactory.getLog(PermissionAuthorizerUtil.class); + + public static void addPermission(Permission permission) { + + if (registry == null) { + throw new IllegalArgumentException("Registry instance retrieved is null"); + } + + if (permission == null) { + throw new IllegalArgumentException("Permission argument is null"); + } + try { + Collection collection = registry.newCollection(); + collection.setProperty(PROPERTY_NAME, permission.getName()); + registry.put(PATH_PERMISSION + permission.getPath(), collection); + + } catch (RegistryException e) { + String errorMsg = "Error occured while adding permission '" + permission.getName() + + "' to registry. "; + log.error(errorMsg + e.getMessage()); + } + } +} diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java index cb3ab4ac837..47bee21e7b5 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/internal/WebappAuthenticatorFrameworkBundleActivator.java @@ -28,6 +28,10 @@ import org.wso2.carbon.webapp.authenticator.framework.DataHolder; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticator; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorFrameworkValve; import org.wso2.carbon.webapp.authenticator.framework.WebappAuthenticatorRepository; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerUtil; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.PermissionAuthorizerValve; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.Permission; +import org.wso2.carbon.webapp.authenticator.framework.authorizer.config.PermissionAuthorizerConfig; import org.wso2.carbon.webapp.authenticator.framework.config.AuthenticatorConfig; import org.wso2.carbon.webapp.authenticator.framework.config.WebappAuthenticatorConfig; @@ -54,8 +58,15 @@ public class WebappAuthenticatorFrameworkBundleActivator implements BundleActiva } DataHolder.setWebappAuthenticatorRepository(repository); + // Adding permissions to registry +// PermissionAuthorizerConfig.init(); +// for (Permission permission : PermissionAuthorizerConfig.getInstance().getPermissions()) { +// PermissionAuthorizerUtil.addPermission(permission); +// } + List valves = new ArrayList(); valves.add(new WebappAuthenticatorFrameworkValve()); + valves.add(new PermissionAuthorizerValve()); TomcatValveContainer.addValves(valves); if (log.isDebugEnabled()) { diff --git a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf index 91ac161b4ee..49291ae9be7 100644 --- a/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf +++ b/features/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework.server.feature/src/main/resources/p2.inf @@ -1,2 +1,3 @@ instructions.configure = \ -org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\ \ No newline at end of file +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/webapp-authenticator-config.xml,target:${installFolder}/../../conf/etc/webapp-authenticator-config.xml,overwrite:true);\ +org.eclipse.equinox.p2.touchpoint.natives.copy(source:${installFolder}/../features/org.wso2.carbon.webapp.authenticator.framework.server_${feature.version}/conf/permissions-config.xml,target:${installFolder}/../../conf/etc/permissions-config.xml,overwrite:true);\ \ No newline at end of file