Examples with Activity - org.dcache.auth.attributes.Activity

Example 1 with Activity

use of org.dcache.auth.attributes.Activity in project dcache by dCache.

the class ScopeBasedAuthzProfile method buildRestriction.

private Restriction buildRestriction(List<AuthorisationSupplier> scopes) {
    Map<FsPath, MultiTargetedRestriction.Authorisation> authorisations = new HashMap<>();
    scopes.stream().map(s -> s.authorisation(prefix)).filter(Optional::isPresent).map(Optional::get).forEach(a -> {
        FsPath path = a.getPath();
        MultiTargetedRestriction.Authorisation existing = authorisations.get(path);
        if (existing != null) {
            Collection<Activity> combined = EnumSet.copyOf(existing.getActivity());
            combined.addAll(a.getActivity());
            a = new MultiTargetedRestriction.Authorisation(combined, path);
        }
        authorisations.put(path, a);
    });
    return new MultiTargetedRestriction(authorisations.values());
}

Also used : ExemptFromNamespaceChecks(org.dcache.auth.ExemptFromNamespaceChecks) MultiTargetedRestriction(org.dcache.auth.attributes.MultiTargetedRestriction) FsPath(diskCacheV111.util.FsPath) Preconditions.checkAuthentication(org.dcache.gplazma.util.Preconditions.checkAuthentication) Restriction(org.dcache.auth.attributes.Restriction) Collection(java.util.Collection) Set(java.util.Set) HashMap(java.util.HashMap) Streams(com.google.common.collect.Streams) Collectors(java.util.stream.Collectors) AuthenticationException(org.dcache.gplazma.AuthenticationException) ProfileResult(org.dcache.gplazma.oidc.ProfileResult) List(java.util.List) Principal(java.security.Principal) Map(java.util.Map) Objects.requireNonNull(java.util.Objects.requireNonNull) Activity(org.dcache.auth.attributes.Activity) Optional(java.util.Optional) JsonNode(com.fasterxml.jackson.databind.JsonNode) Collections(java.util.Collections) IdentityProvider(org.dcache.gplazma.oidc.IdentityProvider) EnumSet(java.util.EnumSet) Optional(java.util.Optional) HashMap(java.util.HashMap) MultiTargetedRestriction(org.dcache.auth.attributes.MultiTargetedRestriction) Activity(org.dcache.auth.attributes.Activity) FsPath(diskCacheV111.util.FsPath)

Example 2 with Activity

use of org.dcache.auth.attributes.Activity in project dcache by dCache.

the class SciTokenPlugin method buildRestriction.

private Restriction buildRestriction(FsPath prefix, List<AuthorisationSupplier> scopes) {
    Map<FsPath, Authorisation> authorisations = new HashMap<>();
    scopes.stream().map(s -> s.authorisation(prefix)).filter(Optional::isPresent).map(Optional::get).forEach(a -> {
        FsPath path = a.getPath();
        Authorisation existing = authorisations.get(path);
        if (existing != null) {
            Collection<Activity> combined = EnumSet.copyOf(existing.getActivity());
            combined.addAll(a.getActivity());
            a = new Authorisation(combined, path);
        }
        authorisations.put(path, a);
    });
    return new MultiTargetedRestriction(authorisations.values());
}

Also used : ExemptFromNamespaceChecks(org.dcache.auth.ExemptFromNamespaceChecks) MultiTargetedRestriction(org.dcache.auth.attributes.MultiTargetedRestriction) FsPath(diskCacheV111.util.FsPath) Restriction(org.dcache.auth.attributes.Restriction) Subjects(org.dcache.auth.Subjects) JwtSubPrincipal(org.dcache.auth.JwtSubPrincipal) LoggerFactory(org.slf4j.LoggerFactory) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) OpenIdGroupPrincipal(org.dcache.auth.OpenIdGroupPrincipal) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) GPlazmaAuthenticationPlugin(org.dcache.gplazma.plugins.GPlazmaAuthenticationPlugin) HttpClient(org.apache.http.client.HttpClient) Objects.requireNonNull(java.util.Objects.requireNonNull) Map(java.util.Map) Authorisation(org.dcache.auth.attributes.MultiTargetedRestriction.Authorisation) Splitter(com.google.common.base.Splitter) EnumSet(java.util.EnumSet) OidcSubjectPrincipal(org.dcache.auth.OidcSubjectPrincipal) BearerTokenCredential(org.dcache.auth.BearerTokenCredential) ImmutableSet(com.google.common.collect.ImmutableSet) Properties(java.util.Properties) Logger(org.slf4j.Logger) Preconditions.checkAuthentication(org.dcache.gplazma.util.Preconditions.checkAuthentication) Collection(java.util.Collection) JsonWebToken(org.dcache.gplazma.util.JsonWebToken) Set(java.util.Set) IOException(java.io.IOException) JwtJtiPrincipal(org.dcache.auth.JwtJtiPrincipal) Instant(java.time.Instant) Collectors(java.util.stream.Collectors) AuthenticationException(org.dcache.gplazma.AuthenticationException) List(java.util.List) Principal(java.security.Principal) Args(org.dcache.util.Args) Activity(org.dcache.auth.attributes.Activity) Optional(java.util.Optional) Collections(java.util.Collections) HttpClients(org.apache.http.impl.client.HttpClients) Optional(java.util.Optional) HashMap(java.util.HashMap) MultiTargetedRestriction(org.dcache.auth.attributes.MultiTargetedRestriction) Authorisation(org.dcache.auth.attributes.MultiTargetedRestriction.Authorisation) Activity(org.dcache.auth.attributes.Activity) FsPath(diskCacheV111.util.FsPath)

Aggregations

FsPath (diskCacheV111.util.FsPath)2 Principal (java.security.Principal)2 Collection (java.util.Collection)2 Collections (java.util.Collections)2 EnumSet (java.util.EnumSet)2 HashMap (java.util.HashMap)2 List (java.util.List)2 Map (java.util.Map)2 Objects.requireNonNull (java.util.Objects.requireNonNull)2 Optional (java.util.Optional)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 ExemptFromNamespaceChecks (org.dcache.auth.ExemptFromNamespaceChecks)2 Activity (org.dcache.auth.attributes.Activity)2 MultiTargetedRestriction (org.dcache.auth.attributes.MultiTargetedRestriction)2 Restriction (org.dcache.auth.attributes.Restriction)2 AuthenticationException (org.dcache.gplazma.AuthenticationException)2 Preconditions.checkAuthentication (org.dcache.gplazma.util.Preconditions.checkAuthentication)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)1