Project

General

Profile

« Previous | Next » 

Revision 9520

Added by ben leinfelder almost 9 years ago

allow Metacat API calls to be made by clients providing their identity with a DataONE auth token. https://github.nceas.ucsb.edu/KNB/arctic-data/issues/43

View differences:

src/edu/ucsb/nceas/metacat/util/RequestUtil.java
26 26 

  		




  27
  27
  
    
package edu.ucsb.nceas.metacat.util;


  		




  28
  28
  
    

  		




  
  29
  
    
import java.io.BufferedReader;


  		




  
  30
  
    
import java.io.IOException;


  		




  29
  31
  
    
import java.io.InputStream;


  		




  30
  32
  
    
import java.io.InputStreamReader;


  		




  31
  
  
    
import java.io.IOException;


  		




  32
  
  
    
import java.io.BufferedReader;


  		




  33
  33
  
    
import java.io.PrintWriter;


  		




  34
  34
  
    
import java.net.MalformedURLException;


  		




  35
  35
  
    
import java.net.URL;


  		




  ......




  40
  40
  
    
import java.util.Hashtable;


  		




  41
  41
  
    
import java.util.Iterator;


  		




  42
  42
  
    
import java.util.List;


  		




  43
  
  
    
import java.util.Set;


  		




  44
  43
  
    
import java.util.Vector;


  		




  45
  44
  
    

  		




  46
  45
  
    
import javax.servlet.ServletContext;


  		




  ......




  58
  57
  
    
import org.apache.http.client.HttpClient;


  		




  59
  58
  
    
import org.apache.http.client.entity.UrlEncodedFormEntity;


  		




  60
  59
  
    
import org.apache.http.client.methods.HttpPost;


  		




  61
  
  
    
import org.apache.http.impl.client.DefaultHttpClient;


  		




  62
  60
  
    
import org.apache.http.message.BasicNameValuePair;


  		




  63
  61
  
    
import org.apache.http.params.CoreProtocolPNames;


  		




  64
  62
  
    
import org.apache.log4j.Logger;


  		




  
  63
  
    
import org.dataone.portal.PortalCertificateManager;


  		




  
  64
  
    
import org.dataone.service.types.v1.Session;


  		




  
  65
  
    
import org.dataone.service.types.v1.Subject;


  		




  
  66
  
    
import org.dataone.service.types.v1.SubjectInfo;


  		




  65
  67
  
    

  		




  66
  68
  
    
import edu.ucsb.nceas.metacat.properties.PropertyService;


  		




  67
  69
  
    
import edu.ucsb.nceas.metacat.service.SessionService;


  		




  ......




  289
  291
  
    
	public static SessionData getSessionData(HttpServletRequest request) {


  		




  290
  292
  
    
		SessionData sessionData = null;


  		




  291
  293
  
    
		String sessionId = null;


  		




  
  294
  
    
		


  		




  
  295
  
    
		// check for auth token first


  		




  
  296
  
    
		sessionData = getSessionDataFromToken(request);


  		




  
  297
  
    
		if (sessionData != null) {


  		




  
  298
  
    
			return sessionData;


  		




  
  299
  
    
		}


  		




  292
  300
  
    

  		




  293
  301
  
    
		Hashtable<String, String[]> params = getParameters(request);


  		




  294
  302
  
    

  		




  ......




  329
  337
  
    
		


  		




  330
  338
  
    
		return sessionData;


  		




  331
  339
  
    
	}


  		




  
  340
  
    
	


  		




  
  341
  
    
	/**


  		




  
  342
  
    
	 * Get SessionData from the DataONE auth token


  		




  
  343
  
    
	 * @param request


  		




  
  344
  
    
	 * @return


  		




  
  345
  
    
	 */


  		




  
  346
  
    
	public static SessionData getSessionDataFromToken(HttpServletRequest request) {


  		




  
  347
  
    
		SessionData sessionData = null;


  		




  
  348
  
    
		


  		




  
  349
  
    
    	Session session = PortalCertificateManager.getInstance().getSession(request);


  		




  
  350
  
    
    	if (session != null) {


  		




  
  351
  
    
    		SubjectInfo subjectInfo = session.getSubjectInfo();


  		




  
  352
  
    
			String userName = session.getSubject().getValue();


  		




  
  353
  
    
			String id = request.getSession().getId();


  		




  
  354
  
    
			String password = null;


  		




  
  355
  
    
    		String[] groupNames = null;


  		




  
  356
  
    
			String name = null;


  		




  
  357
  
    
			if (subjectInfo != null && subjectInfo.getPersonList() != null && subjectInfo.getPersonList().size() > 0) {


  		




  
  358
  
    
				name = subjectInfo.getPerson(0).getFamilyName();


  		




  
  359
  
    
				if (subjectInfo.getPerson(0).getGivenNameList() != null && subjectInfo.getPerson(0).getGivenNameList().size() > 0) {


  		




  
  360
  
    
					name = subjectInfo.getPerson(0).getGivenName(0) + " " + name;


  		




  
  361
  
    
				}


  		




  
  362
  
    
				List<String> groups = new ArrayList<String>();


  		




  
  363
  
    
				if (subjectInfo.getPerson(0).getIsMemberOfList() != null) {


  		




  
  364
  
    
					for (Subject group: subjectInfo.getPerson(0).getIsMemberOfList()) {


  		




  
  365
  
    
						groups.add(group.getValue());


  		




  
  366
  
    
					}


  		




  
  367
  
    
					groupNames = groups.toArray(new String[0]);


  		




  
  368
  
    
				}


  		




  
  369
  
    
			}


  		




  
  370
  
    
			


  		




  
  371
  
    
			// construct the session


  		




  
  372
  
    
			sessionData = new SessionData(id , userName, groupNames, password, name);


  		




  
  373
  
    
			


  		




  
  374
  
    
			//TODO: register this session for later or do this each time?


  		




  
  375
  
    
			//SessionService.getInstance().registerSession(sessionData);


  		




  
  376
  
    
			


  		




  
  377
  
    
    		


  		




  
  378
  
    
    	}


  		




  
  379
  
    
		


  		




  
  380
  
    
		return sessionData;


  		




  
  381
  
    
	}


  		




  332
  382
  
    

  		




  333
  383
  
    
	/**


  		




  334
  384
  
    
	 * Get a cookie from a request by the cookie name


  		












Also available in:  Unified diff