Skip to content
Snippets Groups Projects
Commit daa6b93a authored by Manuel Spuhler's avatar Manuel Spuhler
Browse files

JWT Token rework

parent cfe2339b
No related branches found
No related tags found
No related merge requests found
......@@ -92,5 +92,4 @@ services:
algorithmsUrl: {{ default .Env.EXAREME_URL "http://localhost:9090" }}/mining/algorithms.json
workflows:
workflowUrl: {{ default .Env.WORKFLOW_URL "http://localhost:9090" }}
workflowAuthorization: {{ default .Env.WORKFLOW_AUTHORIZATION "undefined" }}
JWTSecret: {{ default .Env.JWT_SECRET "secret" }}
jwtSecret: {{ default .Env.JWT_SECRET "secret" }}
......@@ -24,6 +24,7 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import scala.concurrent.ExecutionContext;
import scala.concurrent.Future;
import eu.hbp.mip.utils.JWTUtil;
import java.io.IOException;
import java.util.*;
......@@ -50,8 +51,8 @@ public class ExperimentApi {
@Value("#{'${services.workflows.workflowUrl}'}")
private String workflowUrl;
@Value("#{'${services.workflows.workflowAuthorization}'}")
private String workflowAuthorization;
@Value("#{'${services.workflows.jwtSecret}'}")
private String jwtSecret;
@Autowired
private UserInfo userInfo;
......@@ -62,8 +63,6 @@ public class ExperimentApi {
@Autowired
private ExperimentRepository experimentRepository;
@ApiOperation(value = "Create an experiment on Exareme", response = Experiment.class)
@RequestMapping(value = "/exareme", method = RequestMethod.POST)
public ResponseEntity<String> runExaremeExperiment(@RequestBody ExperimentQuery expQuery) {
......@@ -124,21 +123,18 @@ public class ExperimentApi {
}
String query = gson.toJson(queryMap);
LOGGER.info("****************************** query");
LOGGER.info(query);
String url = workflowUrl + "/runWorkflow/" + algoCode;
// Results are stored in the experiment object
try {
StringBuilder results = new StringBuilder();
int code = HTTPUtil.sendAuthorizedHTTP(url, query, results, "POST", workflowAuthorization);
User user = userInfo.getUser();
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
int code = HTTPUtil.sendAuthorizedHTTP(url, query, results, "POST", "Bearer " + token);
experiment.setResult("[" + results.toString() + "]");
LOGGER.info("****************************** results");
LOGGER.info(results.toString());
experiment.setHasError(code >= 400);
experiment.setHasServerError(code >= 500);
} catch (IOException e) {
LOGGER.trace("Invalid UUID", e);
LOGGER.warn("Workflow failed to run properly !");
experiment.setHasError(true);
experiment.setHasServerError(true);
experiment.setResult(e.getMessage());
......@@ -182,8 +178,10 @@ public class ExperimentApi {
String url = workflowUrl + "/getWorkflowStatus/" + historyId;
try {
User user = userInfo.getUser();
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
StringBuilder response = new StringBuilder();
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", workflowAuthorization);
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", "Bearer " + token);
JsonElement element = new JsonParser().parse(response.toString());
return ResponseEntity.ok(gson.toJson(element));
......@@ -202,7 +200,9 @@ public class ExperimentApi {
String url = workflowUrl + "/getWorkflowResults/" + historyId;
try {
StringBuilder response = new StringBuilder();
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", workflowAuthorization);
User user = userInfo.getUser();
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", "Bearer " + token);
JsonElement element = new JsonParser().parse(response.toString());
return ResponseEntity.ok(gson.toJson(element));
......@@ -221,7 +221,9 @@ public class ExperimentApi {
String url = workflowUrl + "/getWorkflowResultsBody/" + historyId + "/contents/" + resultId;
try {
StringBuilder response = new StringBuilder();
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", workflowAuthorization);
User user = userInfo.getUser();
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
HTTPUtil.sendAuthorizedHTTP(url, "", response, "GET", "Bearer " + token);
JsonElement element = new JsonParser().parse(response.toString());
return ResponseEntity.ok(gson.toJson(element));
......
......@@ -5,8 +5,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.ResponseEntity;
import org.springframework.http.HttpStatus;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.JWT;
import eu.hbp.mip.model.User;
import eu.hbp.mip.model.UserInfo;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -14,6 +12,7 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.*;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import eu.hbp.mip.utils.JWTUtil;
@RestController
@RequestMapping(value = "/jwt", produces = { TEXT_PLAIN_VALUE })
......@@ -25,8 +24,8 @@ public class JWTApi {
@Autowired
private UserInfo userInfo;
@Value("#{'${services.workflows.JWTSecret}'}")
private String JWTSecret;
@Value("#{'${services.workflows.jwtSecret}'}")
private String jwtSecret;
@ApiOperation(value = "Create a JSON Web Token", response = String.class)
@RequestMapping(method = RequestMethod.POST)
......@@ -35,12 +34,7 @@ public class JWTApi {
LOGGER.info("Create a JSON Web Token");
User user = userInfo.getUser();
Algorithm algorithm = Algorithm.HMAC512(JWTSecret);
String token = JWT.create().withIssuer("mip.humanbrainproject.eu").withSubject(user.getEmail()).sign(algorithm);
LOGGER.info(algorithm.toString());
LOGGER.info(token);
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
return ResponseEntity.status(HttpStatus.CREATED).body(token);
}
......
package eu.hbp.mip.controllers;
import com.google.gson.*;
import ch.chuv.lren.woken.messages.query.MethodsQuery$;
import ch.chuv.lren.woken.messages.query.MethodsResponse;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.slf4j.Logger;
......@@ -11,12 +8,14 @@ import org.slf4j.LoggerFactory;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import eu.hbp.mip.model.User;
import eu.hbp.mip.model.UserInfo;
import eu.hbp.mip.utils.HTTPUtil;
import org.springframework.beans.factory.annotation.Value;
import java.io.IOException;
import eu.hbp.mip.utils.JWTUtil;
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
import org.springframework.beans.factory.annotation.Autowired;
@RestController
@RequestMapping(value = "/methods", produces = { APPLICATION_JSON_VALUE })
......@@ -33,8 +32,11 @@ public class MethodsApi {
@Value("#{'${services.workflows.workflowUrl}'}")
private String workflowUrl;
@Value("#{'${services.workflows.workflowAuthorization}'}")
private String workflowAuthorization;
@Value("#{'${services.workflows.jwtSecret}'}")
private String jwtSecret;
@Autowired
private UserInfo userInfo;
@ApiOperation(value = "List Exareme algorithms and validations", response = String.class)
@Cacheable(value = "exareme", unless = "#result.getStatusCode().value()!=200")
......@@ -60,12 +62,11 @@ public class MethodsApi {
LOGGER.info("List Galaxy workflows");
try {
User user = userInfo.getUser();
String token = JWTUtil.getJWT(jwtSecret, user.getEmail());
StringBuilder response = new StringBuilder();
HTTPUtil.sendAuthorizedHTTP(workflowUrl + "/getAllWorkflowWithDetails", "", response, "GET", workflowAuthorization);
LOGGER.info("************************************************* workflows");
LOGGER.info(workflowUrl + "/getAllWorkflowWithDetails");
LOGGER.info(workflowAuthorization);
LOGGER.info(response.toString());
HTTPUtil.sendAuthorizedHTTP(workflowUrl + "/getAllWorkflowWithDetails", "", response, "GET", "Bearer " + token);
JsonElement element = new JsonParser().parse(response.toString());
return ResponseEntity.ok(gson.toJson(element));
......
package eu.hbp.mip.utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.JWT;
public class JWTUtil {
private static final Logger LOGGER = LoggerFactory.getLogger(JWT.class);
public static String getJWT(String secret, String subject) {
LOGGER.info("getJWT");
Algorithm algorithm = Algorithm.HMAC512(secret);
String token = JWT.create().withIssuer("mip.humanbrainproject.eu").withSubject(subject).sign(algorithm);
return token;
}
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment