Mercurial > hg > orthanc-authorization

diff Plugin/Plugin.cpp @ 69:af44dce56328

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
new 'auth/user-profile' Rest API route
author Alain Mazy <am@osimis.io>
date Mon, 20 Feb 2023 11:56:14 +0100
parents 1a13c4fbc9a1
children 30fb3ce960d9
line wrap: on
line diff
--- a/Plugin/Plugin.cpp	Fri Feb 17 15:05:02 2023 +0100
+++ b/Plugin/Plugin.cpp	Mon Feb 20 11:56:14 2023 +0100
@@ -240,6 +240,61 @@
   }
 }
 
+void GetUserProfile(OrthancPluginRestOutput* output,
+                    const char* /*url*/,
+                    const OrthancPluginHttpRequest* request)
+{
+  OrthancPluginContext* context = OrthancPlugins::GetGlobalContext();
+
+  if (request->method != OrthancPluginHttpMethod_Get)
+  {
+    OrthancPluginSendMethodNotAllowed(context, output, "GET");
+  }
+  else
+  {
+    OrthancPlugins::AssociativeArray headers
+      (request->headersCount, request->headersKeys, request->headersValues, false);
+
+    OrthancPlugins::AssociativeArray getArguments
+      (request->getCount, request->getKeys, request->getValues, true);
+
+
+    // Loop over all the authorization tokens stored in the HTTP
+    // headers, until finding one that is granted
+    for (std::set<OrthancPlugins::Token>::const_iterator
+            token = tokens_.begin(); token != tokens_.end(); ++token)
+    {
+      Json::Value profile;
+
+      std::string value;
+
+      bool hasValue = false;
+      switch (token->GetType())
+      {
+        case OrthancPlugins::TokenType_HttpHeader:
+          hasValue = headers.GetValue(value, token->GetKey());
+          break;
+
+        case OrthancPlugins::TokenType_GetArgument:
+          hasValue = getArguments.GetValue(value, token->GetKey());
+          break;
+
+        default:
+          throw Orthanc::OrthancException(Orthanc::ErrorCode_ParameterOutOfRange);
+      }
+      
+      if (hasValue)
+      {
+        authorizationService_->GetUserProfile(profile, *token, value);
+        
+        OrthancPlugins::AnswerJson(profile, output);
+        break;
+      }
+    }
+
+  }
+}
+
 
 extern "C"
 {
@@ -364,6 +419,7 @@
           {
             uncheckedFolders_.push_back("/ui/app/");
             uncheckedResources_.insert("/ui/api/pre-login-configuration");        // for the UI to know, i.e. if Keycloak is enabled or not
+            uncheckedResources_.insert("/auth/user-profile");
 
             tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "Authorization"));  // for basic-auth
             tokens_.insert(OrthancPlugins::Token(OrthancPlugins::TokenType_HttpHeader, "token"));          // for keycloak
@@ -433,11 +489,18 @@
           webService->SetCredentials(webServiceUsername, webServicePassword);
         }
 
+        std::string webServiceUserProfileUrl;
+        if (configuration.LookupStringValue(webServiceUserProfileUrl, "WebServiceUserProfileUrl"))
+        {
+          webService->SetUserProfileUrl(webServiceUserProfileUrl);
+        }
+
         authorizationService_.reset
           (new OrthancPlugins::CachedAuthorizationService
            (webService.release(), factory));
 
         OrthancPluginRegisterOnChangeCallback(context, OnChangeCallback);
+        OrthancPlugins::RegisterRestCallback<GetUserProfile>("/auth/user-profile", true);
         
 #if ORTHANC_PLUGINS_VERSION_IS_ABOVE(1, 2, 1)
         OrthancPluginRegisterIncomingHttpRequestFilter2(context, FilterHttpRequests);