[jira] [Commented] (NUTCH-2294) Authorization Support for REST API

[ASF GitHub Bot (JIRA)]

    [ 
https://issues.apache.org/jira/browse/NUTCH-2294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15428808#comment-15428808
 ] 

ASF GitHub Bot commented on NUTCH-2294:
---------------------------------------

Github user lewismc commented on a diff in the pull request:

    https://github.com/apache/nutch/pull/142#discussion_r75551083
  
    --- Diff: src/java/org/apache/nutch/api/security/SecurityUtil.java ---
    @@ -0,0 +1,101 @@
    
+/*******************************************************************************
    + * Licensed to the Apache Software Foundation (ASF) under one or more
    + * contributor license agreements.  See the NOTICE file distributed with
    + * this work for additional information regarding copyright ownership.
    + * The ASF licenses this file to You under the Apache License, Version 2.0
    + * (the "License"); you may not use this file except in compliance with
    + * the License.  You may obtain a copy of the License at
    + *
    + *     http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software
    + * distributed under the License is distributed on an "AS IS" BASIS,
    + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    + * See the License for the specific language governing permissions and
    + * limitations under the License.
    + 
******************************************************************************/
    +package org.apache.nutch.api.security;
    +
    +import org.apache.nutch.api.ConfManager;
    +import org.apache.nutch.api.NutchServer;
    +import org.apache.nutch.api.resources.ConfigResource;
    +import org.restlet.ext.jaxrs.JaxRsApplication;
    +import org.restlet.security.MapVerifier;
    +import org.restlet.security.MemoryRealm;
    +import org.restlet.security.Role;
    +import org.restlet.security.User;
    +import org.slf4j.Logger;
    +import org.slf4j.LoggerFactory;
    +
    +import javax.ws.rs.WebApplicationException;
    +import javax.ws.rs.core.Response;
    +import javax.ws.rs.core.SecurityContext;
    +import java.util.ArrayList;
    +import java.util.List;
    +
    +/**
    + * Utility class for Security Operations
    + *
    + */
    +public final class SecurityUtil {
    +
    +  private static final Logger LOG = 
LoggerFactory.getLogger(NutchServer.class);
    +
    +  /**
    +   * Private constructor to prevent instantiation
    +   */
    +  private SecurityUtil() {
    +  }
    +
    +  public static List<Role> getRoles(JaxRsApplication application) {
    +    List<org.restlet.security.Role> roles = new ArrayList<>();
    +    for (AuthorizationRoleEnum authorizationRole : 
AuthorizationRoleEnum.values()) {
    +      roles.add(new org.restlet.security.Role(application, 
authorizationRole.toString()));
    +    }
    +    return roles;
    +  }
    +
    +  /**
    +   * Constructs realm
    +   *
    +   * @param application {@link org.restlet.ext.jaxrs.JaxRsApplication 
}application
    +   * @param configManager {@link org.apache.nutch.api.ConfManager} type 
config manager
    +   * @return realm
    +   */
    +  public static MemoryRealm constructRealm(JaxRsApplication application, 
ConfManager configManager){
    +    MemoryRealm realm = new MemoryRealm();
    +    MapVerifier mapVerifier = new MapVerifier();
    +    String[] users = 
configManager.get(ConfigResource.DEFAULT).getTrimmedStrings("restapi.auth.users",
 "admin|admin|admin");
    +    if (users.length <= 1) {
    +      throw new IllegalStateException("Check users definition of 
restapi.auth.users at nutch-site.xml ");
    +    }
    +    for (String userconf : users) {
    +      String[] userDetail = userconf.split("\\|");
    +      if(userDetail.length != 3) {
    +        LOG.error("Check user definition of restapi.auth.users at 
nutch-site.xml");
    +        throw new IllegalStateException("Check user definition of 
restapi.auth.users at nutch-site.xml ");
    +      }
    +      User user = new User(userDetail[0], userDetail[1]);
    +      mapVerifier.getLocalSecrets().put(user.getIdentifier(), 
user.getSecret());
    +      realm.getUsers().add(user);
    +      realm.map(user, Role.get(application, userDetail[2]));
    +      LOG.info("User added: " + userDetail[0]);
    --- End diff --
    
    Parameterized logging please


> Authorization Support for REST API
> ----------------------------------
>
>                 Key: NUTCH-2294
>                 URL: https://issues.apache.org/jira/browse/NUTCH-2294
>             Project: Nutch
>          Issue Type: Sub-task
>          Components: REST_api, web gui
>            Reporter: Furkan KAMACI
>            Assignee: Furkan KAMACI
>             Fix For: 2.4
>
>
> Add authorization for Nutch REST API.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)