From 67a851a5d1678e45d61f6ec919af61f1742bfc18 Mon Sep 17 00:00:00 2001 From: Luca Frosini Date: Wed, 30 Mar 2022 14:29:40 +0200 Subject: [PATCH] Added OIDC Client credential [#23089] --- CHANGELOG.md | 1 + .../authorization/utils/clientid/ClienIDManager.java | 12 ++++++++++++ 2 files changed, 13 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3590948..58a355c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm - Refactored code to be integrated in Smartgears [#22871] - Fixed getRoles for JWTSecret [#22754] +- Added OIDC Client credential [#23089] ## [v1.0.0] diff --git a/src/main/java/org/gcube/common/authorization/utils/clientid/ClienIDManager.java b/src/main/java/org/gcube/common/authorization/utils/clientid/ClienIDManager.java index c74c50d..2042fda 100644 --- a/src/main/java/org/gcube/common/authorization/utils/clientid/ClienIDManager.java +++ b/src/main/java/org/gcube/common/authorization/utils/clientid/ClienIDManager.java @@ -2,6 +2,7 @@ package org.gcube.common.authorization.utils.clientid; import org.gcube.common.authorization.utils.secret.JWTSecret; import org.gcube.common.authorization.utils.secret.Secret; +import org.gcube.common.keycloak.KeycloakClientException; import org.gcube.common.keycloak.KeycloakClientFactory; import org.gcube.common.keycloak.model.TokenResponse; @@ -40,6 +41,17 @@ public class ClienIDManager implements RenewalProvider { return jwtSecret; } + public Secret getOIDCSecret() throws KeycloakClientException { + TokenResponse tokenResponse = KeycloakClientFactory.newInstance().queryOIDCToken(clientID, clientSecret); + + JWTSecret jwtSecret = new JWTSecret(tokenResponse.getAccessToken()); + jwtSecret.setRenewalProvider(this); + + jwtSecret.setTokenResponse(tokenResponse); + + return jwtSecret; + } + @Override public Secret renew() throws Exception { return getSecret();