Skip to content

Commit

Permalink
MCR-3157 Adapted MCRAccessKeyFilter for REST
Browse files Browse the repository at this point in the history
  • Loading branch information
golsch committed Nov 19, 2024
1 parent b48756e commit 6077461
Showing 1 changed file with 9 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@
import org.mycore.common.MCRException;
import org.mycore.common.MCRSessionMgr;
import org.mycore.datamodel.metadata.MCRObjectID;
import org.mycore.mcr.acl.accesskey.MCRAccessKeyUtils;
import org.mycore.mcr.acl.accesskey.config.MCRAccessKeyConfig;
import org.mycore.mcr.acl.accesskey.service.MCRAccessKeyServiceFactory;
import org.mycore.restapi.v2.MCRRestAuthorizationFilter;

import jakarta.annotation.Priority;
Expand All @@ -33,6 +34,9 @@
import jakarta.ws.rs.core.MultivaluedMap;
import jakarta.ws.rs.ext.Provider;

/**
* Sets access key to session by request header.
*/
@Provider
@Priority(Priorities.AUTHENTICATION + 1)
public class MCRAccessKeyFilter implements ContainerRequestFilter {
Expand All @@ -42,7 +46,7 @@ public class MCRAccessKeyFilter implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext requestContext) {
LOGGER.debug("Access key filter started.");
if (!MCRAccessKeyUtils.isAccessKeyForSessionAllowed()) {
if (MCRAccessKeyConfig.getAllowedSessionPermissionTypes().isEmpty()) {
LOGGER.debug("Access keys are not allowed for session. Skipping filter...");
return;
}
Expand All @@ -52,14 +56,15 @@ public void filter(ContainerRequestContext requestContext) {
}
final String secret = requestContext.getHeaderString("X-Access-Key");
if (secret != null) {
LOGGER.debug("Found X-Access-Key with value {}.", secret);
LOGGER.debug("Found X-Access-Key with secret {}.", secret);
final MultivaluedMap<String, String> pathParameters = requestContext.getUriInfo().getPathParameters();
final String objectIdString = pathParameters.getFirst(MCRRestAuthorizationFilter.PARAM_MCRID);
if (objectIdString != null) {
try {
final MCRObjectID objectId = MCRObjectID.getInstance(objectIdString);
if (objectId != null) {
MCRAccessKeyUtils.addAccessKeySecretToCurrentSession(objectId, secret);
MCRAccessKeyServiceFactory.getAccessKeySessionService()
.activateAccessKey(objectId.toString(), secret);
}
} catch (MCRException e) {
LOGGER.debug("The access key could not be added to the current session: ", e);
Expand Down

0 comments on commit 6077461

Please sign in to comment.