Mercurial > hg > orthanc-authorization
comparison Plugin/Plugin.cpp @ 69:af44dce56328
new 'auth/user-profile' Rest API route
author | Alain Mazy <am@osimis.io> |
---|---|
date | Mon, 20 Feb 2023 11:56:14 +0100 |
parents | 1a13c4fbc9a1 |
children | 30fb3ce960d9 |
comparison
equal
deleted
inserted
replaced
68:1a13c4fbc9a1 | 69:af44dce56328 |
---|---|
238 LOG(ERROR) << "Unhandled internal exception"; | 238 LOG(ERROR) << "Unhandled internal exception"; |
239 return OrthancPluginErrorCode_Success; // Ignore error | 239 return OrthancPluginErrorCode_Success; // Ignore error |
240 } | 240 } |
241 } | 241 } |
242 | 242 |
243 void GetUserProfile(OrthancPluginRestOutput* output, | |
244 const char* /*url*/, | |
245 const OrthancPluginHttpRequest* request) | |
246 { | |
247 OrthancPluginContext* context = OrthancPlugins::GetGlobalContext(); | |
248 | |
249 if (request->method != OrthancPluginHttpMethod_Get) | |
250 { | |
251 OrthancPluginSendMethodNotAllowed(context, output, "GET"); | |
252 } | |
253 else | |
254 { | |
255 OrthancPlugins::AssociativeArray headers | |
256 (request->headersCount, request->headersKeys, request->headersValues, false); | |
257 | |
258 OrthancPlugins::AssociativeArray getArguments | |
259 (request->getCount, request->getKeys, request->getValues, true); | |
260 | |
261 | |
262 // Loop over all the authorization tokens stored in the HTTP | |
263 // headers, until finding one that is granted | |
264 for (std::set<OrthancPlugins::Token>::const_iterator | |
265 token = tokens_.begin(); token != tokens_.end(); ++token) | |
266 { | |
267 Json::Value profile; | |
268 | |
269 std::string value; | |
270 | |
271 bool hasValue = false; | |
272 switch (token->GetType()) | |
273 { | |
274 case OrthancPlugins::TokenType_HttpHeader: | |
275 hasValue = headers.GetValue(value, token->GetKey()); | |
276 break; | |
277 | |
278 case OrthancPlugins::TokenType_GetArgument: | |
279 hasValue = getArguments.GetValue(value, token->GetKey()); | |
280 break; | |
281 | |
282 default: | |
283 throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange); | |
284 } | |
285 | |
286 if (hasValue) | |
287 { | |
288 authorizationService_->GetUserProfile(profile, *token, value); | |
289 | |
290 OrthancPlugins::AnswerJson(profile, output); | |
291 break; | |
292 } | |
293 } | |
294 | |
295 } | |
296 } | |
297 | |
243 | 298 |
244 extern "C" | 299 extern "C" |
245 { | 300 { |
246 ORTHANC_PLUGINS_API int32_t OrthancPluginInitialize(OrthancPluginContext* context) | 301 ORTHANC_PLUGINS_API int32_t OrthancPluginInitialize(OrthancPluginContext* context) |
247 { | 302 { |
362 | 417 |
363 if (standardConfigurations.find("orthanc-explorer-2") != standardConfigurations.end()) | 418 if (standardConfigurations.find("orthanc-explorer-2") != standardConfigurations.end()) |
364 { | 419 { |
365 uncheckedFolders_.push_back("/ui/app/"); | 420 uncheckedFolders_.push_back("/ui/app/"); |
366 uncheckedResources_.insert("/ui/api/pre-login-configuration"); // for the UI to know, i.e. if Keycloak is enabled or not | 421 uncheckedResources_.insert("/ui/api/pre-login-configuration"); // for the UI to know, i.e. if Keycloak is enabled or not |
422 uncheckedResources_.insert("/auth/user-profile"); | |
367 | 423 |
368 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); // for basic-auth | 424 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization")); // for basic-auth |
369 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); // for keycloak | 425 tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token")); // for keycloak |
370 } | 426 } |
371 | 427 |
431 if (configuration.LookupStringValue(webServiceUsername, "WebServiceUsername") && configuration.LookupStringValue(webServicePassword, "WebServicePassword")) | 487 if (configuration.LookupStringValue(webServiceUsername, "WebServiceUsername") && configuration.LookupStringValue(webServicePassword, "WebServicePassword")) |
432 { | 488 { |
433 webService->SetCredentials(webServiceUsername, webServicePassword); | 489 webService->SetCredentials(webServiceUsername, webServicePassword); |
434 } | 490 } |
435 | 491 |
492 std::string webServiceUserProfileUrl; | |
493 if (configuration.LookupStringValue(webServiceUserProfileUrl, "WebServiceUserProfileUrl")) | |
494 { | |
495 webService->SetUserProfileUrl(webServiceUserProfileUrl); | |
496 } | |
497 | |
436 authorizationService_.reset | 498 authorizationService_.reset |
437 (new OrthancPlugins::CachedAuthorizationService | 499 (new OrthancPlugins::CachedAuthorizationService |
438 (webService.release(), factory)); | 500 (webService.release(), factory)); |
439 | 501 |
440 OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback); | 502 OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback); |
503 OrthancPlugins::RegisterRestCallback<GetUserProfile>("/auth/user-profile", true); | |
441 | 504 |
442 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1) | 505 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1) |
443 OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests); | 506 OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests); |
444 #else | 507 #else |
445 OrthancPluginRegisterIncomingHttpRequestFilter(context, FilterHttpRequestsFallback); | 508 OrthancPluginRegisterIncomingHttpRequestFilter(context, FilterHttpRequestsFallback); |