diff --git a/README.md b/README.md
index 0c19291b139d4942bb89846d3f86a46eaa867e65..62cb4b10e1cc95e1b269d12749cbf0de6a3f7a68 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,16 @@ To use Kestrel you need to add the following NuGet packages:
* ```Microsoft.AspNetCore.Mvc```
* ```Microsoft.AspNetCore```
+## Consul keys
+
+The following Consul keys are required:
+
+* "coscine/global/waterbutler_url"
+* "coscine/global/rds_access_key"
+* "coscine/global/rds_secret_key"
+* "coscine/global/gitlabtoken"
+* Look at cs/action Consul keys
+
## Https usage
Generate a developer certificate: ```dotnet dev-certs https```
diff --git a/docs/home.md b/docs/home.md
index 0c19291b139d4942bb89846d3f86a46eaa867e65..62cb4b10e1cc95e1b269d12749cbf0de6a3f7a68 100644
--- a/docs/home.md
+++ b/docs/home.md
@@ -10,6 +10,16 @@ To use Kestrel you need to add the following NuGet packages:
* ```Microsoft.AspNetCore.Mvc```
* ```Microsoft.AspNetCore```
+## Consul keys
+
+The following Consul keys are required:
+
+* "coscine/global/waterbutler_url"
+* "coscine/global/rds_access_key"
+* "coscine/global/rds_secret_key"
+* "coscine/global/gitlabtoken"
+* Look at cs/action Consul keys
+
## Https usage
Generate a developer certificate: ```dotnet dev-certs https```
diff --git a/src/Project/Controllers/DataSourceController.cs b/src/Project/Controllers/DataSourceController.cs
index 5c617c8235f6bcfb540298d7ab8819dc1e0a0ed8..26b4944897321702e4d4a9b3b84981f53eca5e82 100644
--- a/src/Project/Controllers/DataSourceController.cs
+++ b/src/Project/Controllers/DataSourceController.cs
@@ -20,7 +20,7 @@ namespace Coscine.Api.Project.Controllers
{
private readonly IConfiguration _configuration;
private readonly JWTHandler _jwtHandler;
- private static readonly HttpClient _client = new HttpClient();
+ private static readonly HttpClient Client = new HttpClient();
private readonly Authenticator _authenticator;
private readonly ResourceModel _resourceModel;
@@ -59,14 +59,11 @@ namespace Coscine.Api.Project.Controllers
return NotFound($"Could not find resource with id: {resourceId}");
}
- // Temporary
-#if (!DEBUG)
var user = _authenticator.GetUserFromToken();
if (!_resourceModel.OwnsResource(user, resource))
{
return Forbid($"The user does not own the resource {resourceId}");
}
-#endif
if (resource.Type == null)
{
@@ -82,7 +79,7 @@ namespace Coscine.Api.Project.Controllers
}
else if (resource.Type.DisplayName.ToLower() == "gitlab")
{
- authHeader = BuildGitlabAuthHeader();
+ authHeader = BuildGitlabAuthHeader(resource.ExternalId, resource.Url);
}
if (authHeader != null)
@@ -94,7 +91,7 @@ namespace Coscine.Api.Project.Controllers
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authHeader);
// Thread safe according to msdn and HttpCompletionOption sets it to get only headers first.
- var response = await _client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
+ var response = await Client.SendAsync(request, HttpCompletionOption.ResponseHeadersRead);
if (response.IsSuccessStatusCode)
{
if (response.Content.Headers.Contains("Content-Disposition"))
@@ -117,7 +114,7 @@ namespace Coscine.Api.Project.Controllers
else
if (response.StatusCode == System.Net.HttpStatusCode.Forbidden)
{
- return Forbid($"Not allowed to access the datasource.");
+ return Forbid("Not allowed to access the datasource.");
}
else
{
@@ -131,40 +128,61 @@ namespace Coscine.Api.Project.Controllers
}
}
+ private string BuildWaterbutlerPayload(Dictionary<string, object> auth, Dictionary<string, object> credentials, Dictionary<string, object> settings)
+ {
+ var data = new Dictionary<string, object>
+ {
+ { "auth", auth },
+ { "credentials", credentials },
+ { "settings", settings },
+ { "callback_url", "rwth-aachen.de" }
+ };
+
+ var payload = new JwtPayload
+ {
+ { "data", data }
+ };
+
+ return _jwtHandler.GenerateJwtToken(payload);
+ }
+
private string BuildRdsAuthHeader(string bucketname)
{
var auth = new Dictionary<string, object>();
var credentials = new Dictionary<string, object>
- {
- { "access_key", _configuration.GetString("coscine/global/rds_access_key") },
- { "secret_key", _configuration.GetString("coscine/global/rds_secret_key") }
- };
+ {
+ { "access_key", _configuration.GetString("coscine/global/rds_access_key") },
+ { "secret_key", _configuration.GetString("coscine/global/rds_secret_key") }
+ };
var settings = new Dictionary<string, object>
- {
- { "bucket", bucketname }
- };
-
- var data = new Dictionary<string, object>
- {
- { "auth", auth },
- { "credentials", credentials },
- { "settings", settings },
- { "callback_url", "rwth-aachen.de" }
- };
-
- var payload = new JwtPayload
- {
- { "data", data }
- };
+ {
+ { "bucket", bucketname }
+ };
- return _jwtHandler.GenerateJwtToken(payload);
+ return BuildWaterbutlerPayload(auth, credentials, settings);
}
- private string BuildGitlabAuthHeader()
+ private string BuildGitlabAuthHeader(string externalId, string url)
{
- return null;
+
+ var auth = new Dictionary<string, object>();
+
+ var credentials = new Dictionary<string, object>
+ {
+ { "token", _configuration.GetString("coscine/global/gitlabtoken") }
+ };
+
+ var settings = new Dictionary<string, object>
+ {
+ {"owner", "Tester"},
+ {"repo", url},
+ { "repo_id", externalId},
+ { "host", "https://git.rwth-aachen.de"}
+ };
+
+ return BuildWaterbutlerPayload(auth, credentials, settings);
}
}
}