Repository: stratos Updated Branches: refs/heads/master fa139b0d4 -> 5e5d78f19
this fix the issue of allowing to access metadata service without token Project: http://git-wip-us.apache.org/repos/asf/stratos/repo Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/5e5d78f1 Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/5e5d78f1 Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/5e5d78f1 Branch: refs/heads/master Commit: 5e5d78f1934cd02e77b3018bb9a57d25df567429 Parents: c223eab Author: Udara Liyanage <[email protected]> Authored: Thu May 14 19:59:40 2015 +0530 Committer: Udara Liyanage <[email protected]> Committed: Thu May 14 20:01:48 2015 +0530 ---------------------------------------------------------------------- .../AbstractAuthenticationAuthorizationHandler.java | 15 ++++++--------- .../metadata/service/handlers/OAuthHandler.java | 9 ++++++--- .../metadata/service/registry/CarbonRegistry.java | 4 ---- .../metadata/service/services/MetaDataAdmin.java | 2 +- 4 files changed, 13 insertions(+), 17 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/stratos/blob/5e5d78f1/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/AbstractAuthenticationAuthorizationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/AbstractAuthenticationAuthorizationHandler.java b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/AbstractAuthenticationAuthorizationHandler.java index 4be5efe..a6abcd9 100644 --- a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/AbstractAuthenticationAuthorizationHandler.java +++ b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/AbstractAuthenticationAuthorizationHandler.java @@ -18,6 +18,7 @@ */ package org.apache.stratos.metadata.service.handlers; +import org.apache.commons.lang.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.cxf.jaxrs.ext.RequestHandler; @@ -36,17 +37,13 @@ public abstract class AbstractAuthenticationAuthorizationHandler implements Requ @Override public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) { HttpHeaders headers = new HttpHeadersImpl(message); - List<String> authHeader = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); - if (log.isDebugEnabled()) { - log.debug("Executing " + this.getClass()); - } - if (!AuthenticationContext.isAthenticated() && authHeader != null && - authHeader.size() > 0 && canHandle(authHeader.get(0).trim().split(" ")[0])) { + + if (!StringUtils.isEmpty(headers.getRequestHeaders().getFirst(HttpHeaders.AUTHORIZATION))) { return handle(message, classResourceInfo); + }else{ + // Currently there is only one handler + return Response.status(Response.Status.FORBIDDEN).build(); } - // give the control to the next handler - return null; - } protected abstract boolean canHandle(String authHeaderPrefix); http://git-wip-us.apache.org/repos/asf/stratos/blob/5e5d78f1/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java index 431fd2e..c53a157 100644 --- a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java +++ b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/handlers/OAuthHandler.java @@ -76,15 +76,18 @@ public class OAuthHandler extends AbstractAuthenticationAuthorizationHandler { if (header.startsWith(BEARER)) { String accessToken = header.substring(7).trim(); boolean valid; - String appId = extractAppIdFromIdToken(accessToken); + String appId_in_token = extractAppIdFromIdToken(accessToken); String requestUrl = (String) message.get(Message.REQUEST_URI); String basePath = (String) message.get(Message.BASE_PATH); String requestedAppId = extractApplicationIdFromUrl(requestUrl, basePath); - if (org.apache.commons.lang3.StringUtils.isEmpty(appId) || org.apache.commons.lang3.StringUtils.isEmpty(requestedAppId)) { + if (org.apache.commons.lang3.StringUtils.isEmpty(appId_in_token) || org.apache.commons.lang3.StringUtils.isEmpty(requestedAppId)) { valid = false; } else { - valid = appId.equals(requestedAppId); + valid = appId_in_token.equals(requestedAppId); + if(!valid){ + log.error("The token presented is only valid for " + appId_in_token + " , but it tries to access metadata for " + requestedAppId); + } } if (!valid) { http://git-wip-us.apache.org/repos/asf/stratos/blob/5e5d78f1/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/registry/CarbonRegistry.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/registry/CarbonRegistry.java b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/registry/CarbonRegistry.java index 03f7d40..a84ea79 100644 --- a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/registry/CarbonRegistry.java +++ b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/registry/CarbonRegistry.java @@ -139,10 +139,6 @@ public class CarbonRegistry implements DataStore { log.debug("Registry resource is create at path for application: " + nodeResource.getPath()); } } - - for(String value : property.getValues()){ - nodeResource.addProperty(property.getKey(), value); - } boolean updated = false; for(String value : property.getValues()){ http://git-wip-us.apache.org/repos/asf/stratos/blob/5e5d78f1/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/services/MetaDataAdmin.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/services/MetaDataAdmin.java b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/services/MetaDataAdmin.java index 4813679..2a4360c 100644 --- a/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/services/MetaDataAdmin.java +++ b/components/org.apache.stratos.metadata.service/src/main/java/org/apache/stratos/metadata/service/services/MetaDataAdmin.java @@ -226,7 +226,7 @@ public class MetaDataAdmin { } @DELETE - @Path("application/{application_id}") + @Path("application/{application_id}/properties") @Produces("application/json") @Consumes("application/json") @AuthorizationAction("/permission/protected/manage/monitor/tenants")
