1
|
1 /**
|
|
2 * Advanced authorization plugin for Orthanc
|
|
3 * Copyright (C) 2017 Osimis, Belgium
|
|
4 *
|
|
5 * This program is free software: you can redistribute it and/or
|
|
6 * modify it under the terms of the GNU Affero General Public License
|
|
7 * as published by the Free Software Foundation, either version 3 of
|
|
8 * the License, or (at your option) any later version.
|
|
9 *
|
|
10 * This program is distributed in the hope that it will be useful, but
|
|
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
13 * Affero General Public License for more details.
|
|
14 *
|
|
15 * You should have received a copy of the GNU Affero General Public License
|
|
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
17 **/
|
|
18
|
|
19 #include "AuthorizationWebService.h"
|
|
20
|
|
21 #include "../Resources/Orthanc/Core/Logging.h"
|
|
22 #include "../Resources/Orthanc/Plugins/Samples/Common/OrthancPluginCppWrapper.h"
|
|
23
|
|
24 namespace OrthancPlugins
|
|
25 {
|
|
26 bool AuthorizationWebService::IsGrantedInternal(unsigned int& validity,
|
|
27 OrthancPluginHttpMethod method,
|
|
28 const AccessedResource& access,
|
|
29 const Token* token,
|
|
30 const std::string& tokenValue)
|
|
31 {
|
|
32 Json::Value body = Json::objectValue;
|
|
33
|
|
34 switch (method)
|
|
35 {
|
|
36 case OrthancPluginHttpMethod_Get:
|
|
37 body["method"] ="get";
|
|
38 break;
|
|
39
|
|
40 case OrthancPluginHttpMethod_Post:
|
|
41 body["method"] ="post";
|
|
42 break;
|
|
43
|
|
44 case OrthancPluginHttpMethod_Put:
|
|
45 body["method"] ="put";
|
|
46 break;
|
|
47
|
|
48 case OrthancPluginHttpMethod_Delete:
|
|
49 body["method"] ="delete";
|
|
50 break;
|
|
51
|
|
52 default:
|
|
53 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange);
|
|
54 }
|
|
55
|
|
56 body["level"] = EnumerationToString(access.GetLevel());
|
|
57
|
|
58 if (access.GetLevel() == AccessLevel_System)
|
|
59 {
|
|
60 body["uri"] = access.GetOrthancId();
|
|
61 }
|
|
62 else
|
|
63 {
|
|
64 body["orthanc-id"] = access.GetOrthancId();
|
|
65 body["dicom-uid"] = access.GetDicomUid();
|
|
66 }
|
|
67
|
|
68 if (token != NULL)
|
|
69 {
|
|
70 body["token-key"] = token->GetKey();
|
|
71 body["token-value"] = tokenValue;
|
|
72 }
|
|
73
|
|
74 MemoryBuffer answerBody(context_);
|
|
75 MemoryBuffer answerHeaders(context_);
|
|
76 uint16_t httpStatus = 0;
|
|
77
|
|
78 uint32_t headersCount = 0;
|
|
79 const char* headersKeys[1];
|
|
80 const char* headersValues[1];
|
|
81
|
|
82 if (token != NULL &&
|
|
83 token->GetType() == TokenType_HttpHeader)
|
|
84 {
|
|
85 // If the token source is a HTTP header, forward it also as a
|
|
86 // HTTP header
|
|
87 headersCount = 1;
|
|
88 headersKeys[0] = token->GetKey().c_str();
|
|
89 headersValues[0] = tokenValue.c_str();
|
|
90 }
|
|
91
|
|
92 std::string flatBody = body.toStyledString();
|
|
93
|
|
94 if (OrthancPluginHttpClient(context_, *answerBody, *answerHeaders,
|
|
95 &httpStatus, OrthancPluginHttpMethod_Post,
|
|
96 url_.c_str(), headersCount, headersKeys, headersValues,
|
|
97 flatBody.c_str(), flatBody.size(),
|
|
98 username_.empty() ? NULL : username_.c_str(),
|
|
99 password_.empty() ? NULL : password_.c_str(),
|
|
100 10 /* timeout */, NULL, NULL, NULL, 0)
|
|
101 != OrthancPluginErrorCode_Success)
|
|
102 {
|
|
103 throw Orthanc::OrthancException(Orthanc::ErrorCode_NetworkProtocol);
|
|
104 }
|
|
105
|
|
106 Json::Value answer;
|
|
107 answerBody.ToJson(answer);
|
|
108
|
|
109 static const char* GRANTED = "granted";
|
|
110 static const char* VALIDITY = "validity";
|
|
111
|
|
112 if (answer.type() != Json::objectValue ||
|
|
113 !answer.isMember(GRANTED) ||
|
|
114 answer[GRANTED].type() != Json::booleanValue ||
|
|
115 (answer.isMember(VALIDITY) &&
|
|
116 answer[VALIDITY].type() != Json::intValue))
|
|
117 {
|
|
118 LOG(ERROR) << "Syntax error in the result of the Web service";
|
|
119 throw Orthanc::OrthancException(Orthanc::ErrorCode_NetworkProtocol);
|
|
120 }
|
|
121
|
|
122 validity = 0;
|
|
123 if (answer.isMember(VALIDITY))
|
|
124 {
|
|
125 int tmp = answer[VALIDITY].asInt();
|
|
126 if (tmp < 0)
|
|
127 {
|
|
128 LOG(ERROR) << "A validity duration cannot be negative";
|
|
129 throw Orthanc::OrthancException(Orthanc::ErrorCode_NetworkProtocol);
|
|
130 }
|
|
131
|
|
132 validity = static_cast<unsigned int>(tmp);
|
|
133 }
|
|
134
|
|
135 return answer[GRANTED].asBool();
|
|
136 }
|
|
137
|
|
138
|
|
139 AuthorizationWebService::AuthorizationWebService(OrthancPluginContext* context,
|
|
140 const std::string& url) :
|
|
141 context_(context),
|
|
142 url_(url)
|
|
143 {
|
|
144 if (context_ == NULL)
|
|
145 {
|
|
146 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange);
|
|
147 }
|
|
148 }
|
|
149
|
|
150
|
|
151 void AuthorizationWebService::SetCredentials(const std::string& username,
|
|
152 const std::string& password)
|
|
153 {
|
|
154 username_ = username;
|
|
155 password_ = password;
|
|
156 }
|
|
157 }
|