Mercurial > hg > orthanc-authorization

annotate Plugin/Plugin.cpp @ 69:af44dce56328

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
new 'auth/user-profile' Rest API route
author Alain Mazy <am@osimis.io>
date Mon, 20 Feb 2023 11:56:14 +0100
parents 1a13c4fbc9a1
children 30fb3ce960d9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
1 /**
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
2 * Advanced authorization plugin for Orthanc
68
1a13c4fbc9a1 copyrights
Alain Mazy <am@osimis.io>
parents: 66
diff changeset
3 * Copyright (C) 2017-2023 Osimis S.A., Belgium
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
4 *
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
5 * This program is free software: you can redistribute it and/or
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
6 * modify it under the terms of the GNU Affero General Public License
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
7 * as published by the Free Software Foundation, either version 3 of
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
8 * the License, or (at your option) any later version.
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
9 *
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
10 * This program is distributed in the hope that it will be useful, but
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
13 * Affero General Public License for more details.
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
14 *
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
15 * You should have received a copy of the GNU Affero General Public License
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
17 **/
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
18
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
19 #include "AssociativeArray.h"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
20 #include "DefaultAuthorizationParser.h"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
21 #include "CachedAuthorizationService.h"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
22 #include "AuthorizationWebService.h"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
23 #include "MemoryCache.h"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
24
34
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
25 #include "../Resources/Orthanc/Plugins/OrthancPluginCppWrapper.h"
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
26
36
8ada1b669194 replacing deprecated std::auto_ptr by std::unique_ptr
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 35
diff changeset
27 #include <Compatibility.h> // For std::unique_ptr<>
32
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 31
diff changeset
28 #include <Logging.h>
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 31
diff changeset
29 #include <Toolbox.h>
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
30
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
31
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
32 // Configuration of the authorization plugin
36
8ada1b669194 replacing deprecated std::auto_ptr by std::unique_ptr
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 35
diff changeset
33 static std::unique_ptr<OrthancPlugins::IAuthorizationParser> authorizationParser_;
8ada1b669194 replacing deprecated std::auto_ptr by std::unique_ptr
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 35
diff changeset
34 static std::unique_ptr<OrthancPlugins::IAuthorizationService> authorizationService_;
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
35 static std::set<std::string> uncheckedResources_;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
36 static std::list<std::string> uncheckedFolders_;
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
37 static std::set<OrthancPlugins::Token> tokens_;
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
38 static std::set<OrthancPlugins::AccessLevel> uncheckedLevels_;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
39
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
40
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
41 static int32_t FilterHttpRequests(OrthancPluginHttpMethod method,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
42 const char *uri,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
43 const char *ip,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
44 uint32_t headersCount,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
45 const char *const *headersKeys,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
46 const char *const *headersValues,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
47 uint32_t getArgumentsCount,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
48 const char *const *getArgumentsKeys,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
49 const char *const *getArgumentsValues)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
50 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
51 try
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
52 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
53 if (method == OrthancPluginHttpMethod_Get)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
54 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
55 // Allow GET accesses to static resources
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
56 if (uncheckedResources_.find(uri) != uncheckedResources_.end())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
57 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
58 return 1;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
59 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
60
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
61 for (std::list<std::string>::const_iterator
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
62 it = uncheckedFolders_.begin(); it != uncheckedFolders_.end(); ++it)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
63 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
64 if (Orthanc::Toolbox::StartsWith(uri, *it))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
65 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
66 return 1;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
67 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
68 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
69 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
70
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
71 if (authorizationParser_.get() != NULL &&
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
72 authorizationService_.get() != NULL)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
73 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
74 // Parse the resources that are accessed through this URI
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
75 OrthancPlugins::IAuthorizationParser::AccessedResources accesses;
57
55539d564f4f added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents: 56
diff changeset
76 OrthancPlugins::AssociativeArray getArguments(getArgumentsCount, getArgumentsKeys, getArgumentsValues, true);
56
c02f0646297d added support for /dicom-web/studies?0020000D=1.2.3&...
Alain Mazy <am@osimis.io>
parents: 54
diff changeset
77
57
55539d564f4f added support for /dicom-web/series? & /dicom-web/instances?
Alain Mazy <am@osimis.io>
parents: 56
diff changeset
78 if (!authorizationParser_->Parse(accesses, uri, getArguments.GetMap()))
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
79 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
80 return 0; // Unable to parse this URI
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
81 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
82
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
83 // Loop over all the accessed resources to ensure access is
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
84 // granted to each of them
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
85 for (OrthancPlugins::IAuthorizationParser::AccessedResources::const_iterator
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
86 access = accesses.begin(); access != accesses.end(); ++access)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
87 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
88 // Ignored the access levels that are unchecked
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
89 // (cf. "UncheckedLevels" option)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
90 if (uncheckedLevels_.find(access->GetLevel()) == uncheckedLevels_.end())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
91 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
92 LOG(INFO) << "Testing whether access to "
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
93 << OrthancPlugins::EnumerationToString(access->GetLevel())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
94 << " \"" << access->GetOrthancId() << "\" is allowed";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
95
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
96 bool granted = false;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
97 unsigned int validity; // ignored
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
98
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
99 if (tokens_.empty())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
100 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
101 granted = authorizationService_->IsGranted(validity, method, *access);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
102 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
103 else
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
104 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
105 OrthancPlugins::AssociativeArray headers
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
106 (headersCount, headersKeys, headersValues, false);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
107
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
108 // Loop over all the authorization tokens stored in the HTTP
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
109 // headers, until finding one that is granted
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
110 for (std::set<OrthancPlugins::Token>::const_iterator
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
111 token = tokens_.begin(); token != tokens_.end(); ++token)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
112 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
113 std::string value;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
114
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
115 bool hasValue = false;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
116 switch (token->GetType())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
117 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
118 case OrthancPlugins::TokenType_HttpHeader:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
119 hasValue = headers.GetValue(value, token->GetKey());
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
120 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
121
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
122 case OrthancPlugins::TokenType_GetArgument:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
123 hasValue = getArguments.GetValue(value, token->GetKey());
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
124 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
125
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
126 default:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
127 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
128 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
129
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
130 if (hasValue &&
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
131 authorizationService_->IsGranted(validity, method, *access, *token, value))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
132 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
133 granted = true;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
134 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
135 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
136 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
137 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
138
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
139 if (!granted)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
140 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
141 return 0;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
142 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
143 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
144 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
145
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
146 // Access is granted to all the resources
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
147 return 1;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
148 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
149
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
150 // By default, forbid access to all the resources
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
151 return 0;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
152 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
153 catch (std::runtime_error& e)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
154 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
155 LOG(ERROR) << e.what();
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
156 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
157 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
158 catch (Orthanc::OrthancException& e)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
159 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
160 LOG(ERROR) << e.What();
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
161 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
162 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
163 catch (...)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
164 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
165 LOG(ERROR) << "Unhandled internal exception";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
166 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
167 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
168 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
169
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
170
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
171 #if !ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
172 static int32_t FilterHttpRequestsFallback(OrthancPluginHttpMethod method,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
173 const char *uri,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
174 const char *ip,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
175 uint32_t headersCount,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
176 const char *const *headersKeys,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
177 const char *const *headersValues)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
178 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
179 // Fallback wrapper function for Orthanc <= 1.2.0, where the GET
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
180 // arguments were not available in the HTTP filters
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
181 return FilterHttpRequests(method, uri, ip,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
182 headersCount, headersKeys, headersValues,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
183 0, NULL, NULL);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
184 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
185 #endif
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
186
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
187
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
188 static OrthancPluginErrorCode OnChangeCallback(OrthancPluginChangeType changeType,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
189 OrthancPluginResourceType resourceType,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
190 const char* resourceId)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
191 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
192 try
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
193 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
194 if (authorizationParser_.get() == NULL)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
195 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
196 throw Orthanc::OrthancException(Orthanc::ErrorCode_InternalError);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
197 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
198
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
199 if (changeType == OrthancPluginChangeType_Deleted)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
200 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
201 switch (resourceType)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
202 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
203 case OrthancPluginResourceType_Patient:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
204 authorizationParser_->Invalidate(Orthanc::ResourceType_Patient, resourceId);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
205 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
206
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
207 case OrthancPluginResourceType_Study:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
208 authorizationParser_->Invalidate(Orthanc::ResourceType_Study, resourceId);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
209 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
210
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
211 case OrthancPluginResourceType_Series:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
212 authorizationParser_->Invalidate(Orthanc::ResourceType_Series, resourceId);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
213 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
214
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
215 case OrthancPluginResourceType_Instance:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
216 authorizationParser_->Invalidate(Orthanc::ResourceType_Instance, resourceId);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
217 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
218
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
219 default:
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
220 break;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
221 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
222 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
223
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
224 return OrthancPluginErrorCode_Success;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
225 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
226 catch (std::runtime_error& e)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
227 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
228 LOG(ERROR) << e.what();
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
229 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
230 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
231 catch (Orthanc::OrthancException& e)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
232 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
233 LOG(ERROR) << e.What();
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
234 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
235 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
236 catch (...)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
237 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
238 LOG(ERROR) << "Unhandled internal exception";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
239 return OrthancPluginErrorCode_Success; // Ignore error
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
240 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
241 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
242
69
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
243 void GetUserProfile(OrthancPluginRestOutput* output,
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
244 const char* /*url*/,
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
245 const OrthancPluginHttpRequest* request)
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
246 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
247 OrthancPluginContext* context = OrthancPlugins::GetGlobalContext();
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
248
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
249 if (request->method != OrthancPluginHttpMethod_Get)
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
250 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
251 OrthancPluginSendMethodNotAllowed(context, output, "GET");
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
252 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
253 else
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
254 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
255 OrthancPlugins::AssociativeArray headers
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
256 (request->headersCount, request->headersKeys, request->headersValues, false);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
257
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
258 OrthancPlugins::AssociativeArray getArguments
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
259 (request->getCount, request->getKeys, request->getValues, true);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
260
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
261
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
262 // Loop over all the authorization tokens stored in the HTTP
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
263 // headers, until finding one that is granted
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
264 for (std::set<OrthancPlugins::Token>::const_iterator
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
265 token = tokens_.begin(); token != tokens_.end(); ++token)
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
266 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
267 Json::Value profile;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
268
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
269 std::string value;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
270
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
271 bool hasValue = false;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
272 switch (token->GetType())
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
273 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
274 case OrthancPlugins::TokenType_HttpHeader:
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
275 hasValue = headers.GetValue(value, token->GetKey());
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
276 break;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
277
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
278 case OrthancPlugins::TokenType_GetArgument:
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
279 hasValue = getArguments.GetValue(value, token->GetKey());
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
280 break;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
281
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
282 default:
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
283 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
284 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
285
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
286 if (hasValue)
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
287 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
288 authorizationService_->GetUserProfile(profile, *token, value);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
289
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
290 OrthancPlugins::AnswerJson(profile, output);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
291 break;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
292 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
293 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
294
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
295 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
296 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
297
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
298
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
299 extern "C"
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
300 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
301 ORTHANC_PLUGINS_API int32_t OrthancPluginInitialize(OrthancPluginContext* context)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
302 {
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
303 OrthancPlugins::SetGlobalContext(context);
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
304 OrthancPluginLogWarning(context, "Initializing the authorization plugin");
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
305
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
306 /* Check the version of the Orthanc core */
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
307 if (OrthancPluginCheckVersion(context) == 0)
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
308 {
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
309 OrthancPlugins::ReportMinimalOrthancVersion(ORTHANC_PLUGINS_MINIMAL_MAJOR_NUMBER,
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
310 ORTHANC_PLUGINS_MINIMAL_MINOR_NUMBER,
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
311 ORTHANC_PLUGINS_MINIMAL_REVISION_NUMBER);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
312 return -1;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
313 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
314
41
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 36
diff changeset
315 #if ORTHANC_FRAMEWORK_VERSION_IS_ABOVE(1, 7, 2)
32
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 31
diff changeset
316 Orthanc::Logging::InitializePluginContext(context);
33
b9c536bf598b improved Orthanc::Logging::Initialize()
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
317 #else
b9c536bf598b improved Orthanc::Logging::Initialize()
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
318 Orthanc::Logging::Initialize(context);
b9c536bf598b improved Orthanc::Logging::Initialize()
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
319 #endif
b9c536bf598b improved Orthanc::Logging::Initialize()
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 32
diff changeset
320
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
321 OrthancPluginSetDescription(context, "Advanced authorization plugin for Orthanc.");
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
322
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
323 try
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
324 {
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
325 OrthancPlugins::OrthancConfiguration general;
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
326
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
327 static const char* SECTION = "Authorization";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
328 if (general.IsSection(SECTION))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
329 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
330 OrthancPlugins::OrthancConfiguration configuration;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
331 general.GetSection(configuration, "Authorization");
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
332
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
333 // TODO - The size of the caches is set to 10,000 items. Maybe add a configuration option?
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
334 OrthancPlugins::MemoryCache::Factory factory(10000);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
335
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
336 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
337 std::string root;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
338
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
339 if (configuration.IsSection("DicomWeb"))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
340 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
341 OrthancPlugins::OrthancConfiguration dicomWeb;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
342 dicomWeb.GetSection(configuration, "DicomWeb");
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
343 root = dicomWeb.GetStringValue("Root", "");
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
344 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
345
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
346 if (root.empty())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
347 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
348 root = "/dicom-web/";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
349 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
350
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
351 authorizationParser_.reset
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
352 (new OrthancPlugins::DefaultAuthorizationParser(factory, root));
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
353 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
354
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
355 std::list<std::string> tmp;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
356
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
357 configuration.LookupListOfStrings(tmp, "TokenHttpHeaders", true);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
358 for (std::list<std::string>::const_iterator
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
359 it = tmp.begin(); it != tmp.end(); ++it)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
360 {
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
361 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, *it));
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
362 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
363
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
364 configuration.LookupListOfStrings(tmp, "TokenGetArguments", true);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
365
8
4362026afddf orthanc 1.2.1 renamed as 1.3.0
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 1
diff changeset
366 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 3, 0)
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
367 for (std::list<std::string>::const_iterator
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
368 it = tmp.begin(); it != tmp.end(); ++it)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
369 {
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
370 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, *it));
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
371 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
372 #else
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
373 if (!tmp.empty())
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
374 {
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
375 throw Orthanc::OrthancException(
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
376 Orthanc::ErrorCode_Plugin,
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
377 "The option \"TokenGetArguments\" of the authorization plugin "
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
378 "is only valid if compiled against Orthanc >= 1.3.0"
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
379 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
380 #endif
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
381
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
382 configuration.LookupSetOfStrings(uncheckedResources_, "UncheckedResources", false);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
383 configuration.LookupListOfStrings(uncheckedFolders_, "UncheckedFolders", false);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
384
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
385 std::string url;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
386
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
387 static const char* WEB_SERVICE = "WebService";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
388 if (!configuration.LookupStringValue(url, WEB_SERVICE))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
389 {
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
390 throw Orthanc::OrthancException(
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
391 Orthanc::ErrorCode_BadFileFormat,
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
392 "Missing mandatory option \"" + std::string(WEB_SERVICE) +
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
393 "\" for the authorization plugin");
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
394 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
395
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
396 std::set<std::string> standardConfigurations;
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
397 if (configuration.LookupSetOfStrings(standardConfigurations, "StandardConfigurations", false))
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
398 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
399 if (standardConfigurations.find("osimis-web-viewer") != standardConfigurations.end())
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
400 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
401 uncheckedFolders_.push_back("/osimis-viewer/app/");
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
402 uncheckedFolders_.push_back("/osimis-viewer/languages/");
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
403 uncheckedResources_.insert("/osimis-viewer/config.js");
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
404
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
405 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token"));
62
222f0652025f fix get argument values that were transformed to lowercase
Alain Mazy <am@osimis.io>
parents: 58
diff changeset
406 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_GetArgument, "token")); // for download links
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
407 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
408
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
409 if (standardConfigurations.find("stone-webviewer") != standardConfigurations.end())
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
410 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
411 uncheckedFolders_.push_back("/stone-webviewer/");
65
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
412 uncheckedResources_.insert("/system"); // for Stone to check that Orthanc is the server providing the data
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
413 uncheckedResources_.insert("/tools/lookup"); // for Downloads (we consider that having access to tools/lookup can not give information about other patients/studies since it only return IDs, no patient data)
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
414
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
415 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization"));
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
416 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
417
65
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
418 if (standardConfigurations.find("orthanc-explorer-2") != standardConfigurations.end())
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
419 {
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
420 uncheckedFolders_.push_back("/ui/app/");
66
b7fd466764cc fix path for oe2 keycloak
Alain Mazy <am@osimis.io>
parents: 65
diff changeset
421 uncheckedResources_.insert("/ui/api/pre-login-configuration"); // for the UI to know, i.e. if Keycloak is enabled or not
69
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
422 uncheckedResources_.insert("/auth/user-profile");
65
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
423
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
424 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); // for basic-auth
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
425 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); // for keycloak
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
426 }
a89e1fcf56b1 new oe2 standard configuration
Alain Mazy <am@osimis.io>
parents: 62
diff changeset
427
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
428 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
429
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
430 std::string checkedLevelString;
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
431 if (configuration.LookupStringValue(checkedLevelString, "CheckedLevel"))
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
432 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
433 OrthancPlugins::AccessLevel checkedLevel = OrthancPlugins::StringToAccessLevel(checkedLevelString);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
434 if (checkedLevel == OrthancPlugins::AccessLevel_Instance)
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
435 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
436 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
437 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
438 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
439 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
440 else if (checkedLevel == OrthancPlugins::AccessLevel_Series)
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
441 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
442 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
443 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
444 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
445 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
446 else if (checkedLevel == OrthancPlugins::AccessLevel_Study)
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
447 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
448 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Patient);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
449 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
450 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
451 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
452 else if (checkedLevel == OrthancPlugins::AccessLevel_Patient)
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
453 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
454 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Study);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
455 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Series);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
456 uncheckedLevels_.insert(OrthancPlugins::AccessLevel_Instance);
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
457 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
458 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
459
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
460 if (configuration.LookupListOfStrings(tmp, "UncheckedLevels", false))
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
461 {
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
462 if (uncheckedLevels_.size() == 0)
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
463 {
58
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
464 for (std::list<std::string>::const_iterator
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
465 it = tmp.begin(); it != tmp.end(); ++it)
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
466 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
467 uncheckedLevels_.insert(OrthancPlugins::StringToAccessLevel(*it));
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
468 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
469 }
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
470 else
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
471 {
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
472 LOG(ERROR) << "Authorization plugin: you may only provide one of 'CheckedLevel' or 'UncheckedLevels' configurations";
ad279c70c22d added a new configuration 'StandardConfigurations'
Alain Mazy <am@osimis.io>
parents: 57
diff changeset
473 return -1;
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
474 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
475 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
476
54
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
477 std::unique_ptr<OrthancPlugins::AuthorizationWebService> webService(new OrthancPlugins::AuthorizationWebService(url));
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
478
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
479 std::string webServiceIdentifier;
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
480 if (configuration.LookupStringValue(webServiceIdentifier, "WebServiceIdentifier"))
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
481 {
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
482 webService->SetIdentifier(webServiceIdentifier);
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
483 }
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
484
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
485 std::string webServiceUsername;
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
486 std::string webServicePassword;
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
487 if (configuration.LookupStringValue(webServiceUsername, "WebServiceUsername") && configuration.LookupStringValue(webServicePassword, "WebServicePassword"))
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
488 {
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
489 webService->SetCredentials(webServiceUsername, webServicePassword);
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
490 }
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
491
69
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
492 std::string webServiceUserProfileUrl;
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
493 if (configuration.LookupStringValue(webServiceUserProfileUrl, "WebServiceUserProfileUrl"))
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
494 {
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
495 webService->SetUserProfileUrl(webServiceUserProfileUrl);
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
496 }
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
497
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
498 authorizationService_.reset
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
499 (new OrthancPlugins::CachedAuthorizationService
54
317b31e99501 Added 3 new configurations: WebServiceUsername, WebServicePassword, WebServiceIdentifier. WebServiceIdentifier is now included in the payload as the 'identifier' field
Alain Mazy <am@osimis.io>
parents: 51
diff changeset
500 (webService.release(), factory));
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
501
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
502 OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback);
69
af44dce56328 new 'auth/user-profile' Rest API route
Alain Mazy <am@osimis.io>
parents: 68
diff changeset
503 OrthancPlugins::RegisterRestCallback<GetUserProfile>("/auth/user-profile", true);
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
504
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
505 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1)
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
506 OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests);
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
507 #else
29
bc0431cb6b8f fix for compatibility with simplified OrthancPluginCppWrapper
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 22
diff changeset
508 OrthancPluginRegisterIncomingHttpRequestFilter(context, FilterHttpRequestsFallback);
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
509 #endif
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
510 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
511 else
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
512 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
513 LOG(WARNING) << "No section \"" << SECTION << "\" in the configuration file, "
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
514 << "the authorization plugin is disabled";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
515 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
516 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
517 catch (Orthanc::OrthancException& e)
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
518 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
519 LOG(ERROR) << e.What();
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
520 return -1;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
521 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
522
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
523 return 0;
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
524 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
525
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
526
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
527 ORTHANC_PLUGINS_API void OrthancPluginFinalize()
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
528 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
529 authorizationParser_.reset(NULL);
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
530 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
531
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
532
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
533 ORTHANC_PLUGINS_API const char* OrthancPluginGetName()
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
534 {
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
535 return "authorization";
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
536 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
537
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
538
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
539 ORTHANC_PLUGINS_API const char* OrthancPluginGetVersion()
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
540 {
22
c44013681a51 now using the Orthanc framework
Sebastien Jodogne <s.jodogne@gmail.com>
parents: 8
diff changeset
541 return ORTHANC_PLUGIN_VERSION;
1
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
542 }
d5d3cb00556a initial release
Sebastien Jodogne <s.jodogne@gmail.com>
parents:
diff changeset
543 }