Updated admin filter and uses it for the closing index reader API.
Change-Id: I7f7ad4dbb97ae3cfd282fba4a952471878867dcb
diff --git a/full/Changes b/full/Changes
index 653149b..c367b10 100644
--- a/full/Changes
+++ b/full/Changes
@@ -9,6 +9,9 @@
- Updated admin filter by using admin token and role checks.
2022-03-18
- Added an OAuth2 admin API to delete expired/revoked access and refresh tokens.
+2022-03-28
+ - Updated admin filter (admintoken as a form param) and uses
+ it for the closing index reader API.
# version 0.65.1
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
index 336f1a8..f51ab78 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2AdminController.java
@@ -37,7 +37,7 @@
@POST
@Path("/token/clean")
- public Response cleanExpiredInvalidToken (String token,
+ public Response cleanExpiredInvalidToken (
@Context SecurityContext securityContext) {
TokenContext context =
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
deleted file mode 100644
index 229e303..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ /dev/null
@@ -1,72 +0,0 @@
-package de.ids_mannheim.korap.web.filter;
-
-import javax.servlet.ServletContext;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.SecurityContext;
-import javax.ws.rs.ext.Provider;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import com.sun.jersey.spi.container.ContainerRequest;
-import com.sun.jersey.spi.container.ContainerRequestFilter;
-import com.sun.jersey.spi.container.ContainerResponseFilter;
-
-import de.ids_mannheim.korap.dao.AdminDao;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.security.context.TokenContext;
-import de.ids_mannheim.korap.web.KustvaktResponseHandler;
-
-/**
- * @author hanl, margaretha
- *
- * @see {@link AuthenticationFilter}
- */
-@Component
-@Provider
-public class AdminFilter extends AuthenticationFilter {
-
- private @Context ServletContext servletContext;
- @Autowired
- private AdminDao adminDao;
- @Autowired
- private KustvaktResponseHandler kustvaktResponseHandler;
-
- @Override
- public ContainerRequest filter (ContainerRequest request) {
- ContainerRequest superRequest = super.filter(request);
-
- String adminToken = superRequest.getEntity(String.class);
-
- SecurityContext securityContext = superRequest.getSecurityContext();
- TokenContext tokenContext =
- (TokenContext) securityContext.getUserPrincipal();
- String username = tokenContext.getUsername();
-
- if (adminToken != null && !adminToken.isEmpty()) {
- // startswith token=
- adminToken = adminToken.substring(6);
- if (adminToken.equals(servletContext.getInitParameter("adminToken"))) {
- return superRequest;
- }
- }
-
- if (adminDao.isAdmin(username)) {
- return superRequest;
- }
- throw kustvaktResponseHandler.throwit(new KustvaktException(
- StatusCodes.AUTHORIZATION_FAILED,
- "Unauthorized operation for user: " + username, username));
- }
-
- @Override
- public ContainerRequestFilter getRequestFilter () {
- return this;
- }
-
- @Override
- public ContainerResponseFilter getResponseFilter () {
- return null;
- }
-}