Mercurial > hg > orthanc-authorization
comparison Plugin/Plugin.cpp @ 69:af44dce56328
new 'auth/user-profile' Rest API route
| author | Alain Mazy <am@osimis.io> |
|---|---|
| date | Mon, 20 Feb 2023 11:56:14 +0100 |
| parents | 1a13c4fbc9a1 |
| children | 30fb3ce960d9 |
comparison
equal
deleted
inserted
replaced
| 68:1a13c4fbc9a1 | 69:af44dce56328 |
|---|---|
| 238 LOG(ERROR) << "Unhandled internal exception"; | 238 LOG(ERROR) << "Unhandled internal exception"; |
| 239 return OrthancPluginErrorCode_Success; // Ignore error | 239 return OrthancPluginErrorCode_Success; // Ignore error |
| 240 } | 240 } |
| 241 } | 241 } |
| 242 | 242 |
| 243 void GetUserProfile(OrthancPluginRestOutput* output, | |
| 244 const char* /*url*/, | |
| 245 const OrthancPluginHttpRequest* request) | |
| 246 { | |
| 247 OrthancPluginContext* context = OrthancPlugins::GetGlobalContext(); | |
| 248 | |
| 249 if (request->method != OrthancPluginHttpMethod_Get) | |
| 250 { | |
| 251 OrthancPluginSendMethodNotAllowed(context, output, "GET"); | |
| 252 } | |
| 253 else | |
| 254 { | |
| 255 OrthancPlugins::AssociativeArray headers | |
| 256 (request->headersCount, request->headersKeys, request->headersValues, false); | |
| 257 | |
| 258 OrthancPlugins::AssociativeArray getArguments | |
| 259 (request->getCount, request->getKeys, request->getValues, true); | |
| 260 | |
| 261 | |
| 262 // Loop over all the authorization tokens stored in the HTTP | |
| 263 // headers, until finding one that is granted | |
| 264 for (std::set<OrthancPlugins::Token>::const_iterator | |
| 265 token = tokens_.begin(); token != tokens_.end(); ++token) | |
| 266 { | |
| 267 Json::Value profile; | |
| 268 | |
| 269 std::string value; | |
| 270 | |
| 271 bool hasValue = false; | |
| 272 switch (token->GetType()) | |
| 273 { | |
| 274 case OrthancPlugins::TokenType_HttpHeader: | |
| 275 hasValue = headers.GetValue(value, token->GetKey()); | |
| 276 break; | |
| 277 | |
| 278 case OrthancPlugins::TokenType_GetArgument: | |
| 279 hasValue = getArguments.GetValue(value, token->GetKey()); | |
| 280 break; | |
| 281 | |
| 282 default: | |
| 283 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange); | |
| 284 } | |
| 285 | |
| 286 if (hasValue) | |
| 287 { | |
| 288 authorizationService_->GetUserProfile(profile, *token, value); | |
| 289 | |
| 290 OrthancPlugins::AnswerJson(profile, output); | |
| 291 break; | |
| 292 } | |
| 293 } | |
| 294 | |
| 295 } | |
| 296 } | |
| 297 | |
| 243 | 298 |
| 244 extern "C" | 299 extern "C" |
| 245 { | 300 { |
| 246 ORTHANC_PLUGINS_API int32_t OrthancPluginInitialize(OrthancPluginContext* context) | 301 ORTHANC_PLUGINS_API int32_t OrthancPluginInitialize(OrthancPluginContext* context) |
| 247 { | 302 { |
| 362 | 417 |
| 363 if (standardConfigurations.find("orthanc-explorer-2") != standardConfigurations.end()) | 418 if (standardConfigurations.find("orthanc-explorer-2") != standardConfigurations.end()) |
| 364 { | 419 { |
| 365 uncheckedFolders_.push_back("/ui/app/"); | 420 uncheckedFolders_.push_back("/ui/app/"); |
| 366 uncheckedResources_.insert("/ui/api/pre-login-configuration"); // for the UI to know, i.e. if Keycloak is enabled or not | 421 uncheckedResources_.insert("/ui/api/pre-login-configuration"); // for the UI to know, i.e. if Keycloak is enabled or not |
| 422 uncheckedResources_.insert("/auth/user-profile"); | |
| 367 | 423 |
| 368 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); // for basic-auth | 424 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); // for basic-auth |
| 369 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); // for keycloak | 425 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); // for keycloak |
| 370 } | 426 } |
| 371 | 427 |
| 431 if (configuration.LookupStringValue(webServiceUsername, "WebServiceUsername") && configuration.LookupStringValue(webServicePassword, "WebServicePassword")) | 487 if (configuration.LookupStringValue(webServiceUsername, "WebServiceUsername") && configuration.LookupStringValue(webServicePassword, "WebServicePassword")) |
| 432 { | 488 { |
| 433 webService->SetCredentials(webServiceUsername, webServicePassword); | 489 webService->SetCredentials(webServiceUsername, webServicePassword); |
| 434 } | 490 } |
| 435 | 491 |
| 492 std::string webServiceUserProfileUrl; | |
| 493 if (configuration.LookupStringValue(webServiceUserProfileUrl, "WebServiceUserProfileUrl")) | |
| 494 { | |
| 495 webService->SetUserProfileUrl(webServiceUserProfileUrl); | |
| 496 } | |
| 497 | |
| 436 authorizationService_.reset | 498 authorizationService_.reset |
| 437 (new OrthancPlugins::CachedAuthorizationService | 499 (new OrthancPlugins::CachedAuthorizationService |
| 438 (webService.release(), factory)); | 500 (webService.release(), factory)); |
| 439 | 501 |
| 440 OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback); | 502 OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback); |
| 503 OrthancPlugins::RegisterRestCallback<GetUserProfile>("/auth/user-profile", true); | |
| 441 | 504 |
| 442 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1) | 505 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1) |
| 443 OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests); | 506 OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests); |
| 444 #else | 507 #else |
| 445 OrthancPluginRegisterIncomingHttpRequestFilter(context, FilterHttpRequestsFallback); | 508 OrthancPluginRegisterIncomingHttpRequestFilter(context, FilterHttpRequestsFallback); |