136 lines
4.6 KiB
Java
136 lines
4.6 KiB
Java
package org.gcube.common.iam;
|
|
|
|
import java.util.HashSet;
|
|
import java.util.Set;
|
|
|
|
import org.gcube.common.keycloak.KeycloakClientException;
|
|
import org.gcube.common.keycloak.model.AccessToken;
|
|
import org.gcube.common.keycloak.model.ModelUtils;
|
|
import org.gcube.common.keycloak.model.RefreshToken;
|
|
import org.gcube.common.keycloak.model.TokenResponse;
|
|
|
|
public class AbstractIAMResponse implements IAMResponse {
|
|
|
|
private D4ScienceIAMClient iamClient;
|
|
private TokenResponse tokenResponse;
|
|
|
|
public AbstractIAMResponse(D4ScienceIAMClient iamClient, TokenResponse tokenResponse) {
|
|
setIamClient(iamClient);
|
|
setTokenResponse(tokenResponse);
|
|
}
|
|
|
|
public void setIamClient(D4ScienceIAMClient iamClient) {
|
|
this.iamClient = iamClient;
|
|
}
|
|
|
|
public D4ScienceIAMClient getIamClient() {
|
|
return iamClient;
|
|
}
|
|
|
|
public void setTokenResponse(TokenResponse tokenResponse) {
|
|
this.tokenResponse = tokenResponse;
|
|
}
|
|
|
|
protected TokenResponse getTokenResponse() {
|
|
return tokenResponse;
|
|
}
|
|
|
|
@Override
|
|
public AccessToken getAccessToken() throws D4ScienceIAMClientException {
|
|
try {
|
|
return ModelUtils.getAccessTokenFrom(getTokenResponse());
|
|
} catch (Exception e) {
|
|
throw new D4ScienceIAMClientException(e);
|
|
}
|
|
}
|
|
|
|
public String getAccessTokenString() {
|
|
return getTokenResponse().getAccessToken();
|
|
}
|
|
|
|
@Override
|
|
public boolean isExpired() throws D4ScienceIAMClientException {
|
|
try {
|
|
return ModelUtils.getAccessTokenFrom(getTokenResponse()).isExpired();
|
|
} catch (Exception e) {
|
|
throw new D4ScienceIAMClientException(e);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public boolean canBeRefreshed() throws D4ScienceIAMClientException {
|
|
try {
|
|
RefreshToken refreshToken = ModelUtils.getRefreshTokenFrom(getTokenResponse());
|
|
return refreshToken != null && !refreshToken.isExpired();
|
|
} catch (Exception e) {
|
|
throw new D4ScienceIAMClientException(e);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public void refresh() throws D4ScienceIAMClientException {
|
|
try {
|
|
this.tokenResponse = getIamClient().getKeycloakClient().refreshToken(getIamClient().getTokenEndpointURL(),
|
|
getTokenResponse());
|
|
|
|
} catch (KeycloakClientException e) {
|
|
throw new D4ScienceIAMClientException(e);
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public Set<String> getRealmRoles() throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
return accessToken.getRealmAccess() != null ? accessToken.getRealmAccess().getRoles() : new HashSet<>();
|
|
}
|
|
|
|
@Override
|
|
public Set<String> getRoles() throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
Set<String> roles = getRealmRoles();
|
|
accessToken.getResourceAccess().forEach((r, a) -> roles.addAll(a.getRoles()));
|
|
return roles;
|
|
}
|
|
|
|
@Override
|
|
public Set<String> getResourceRoles(String resource) throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
return accessToken.getResourceAccess() != null ? (accessToken.getResourceAccess().get(resource) != null
|
|
? accessToken.getResourceAccess().get(resource).getRoles()
|
|
: new HashSet<>()) : new HashSet<>();
|
|
}
|
|
|
|
@Override
|
|
public Set<String> getAudienceResourceRoles() throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
return accessToken.getResourceAccess() != null
|
|
? (accessToken.getResourceAccess().get(accessToken.getAudience()[0]) != null
|
|
? accessToken.getResourceAccess().get(accessToken.getAudience()[0]).getRoles()
|
|
: new HashSet<>())
|
|
: new HashSet<>();
|
|
}
|
|
|
|
@Override
|
|
public String getName() throws D4ScienceIAMClientException {
|
|
return getAccessToken().getName();
|
|
}
|
|
|
|
@Override
|
|
public String getContactPerson() throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
return (String) (accessToken.getOtherClaims() != null
|
|
? accessToken.getOtherClaims()
|
|
.get(D4ScienceCustomClaims.CLIENT_CONTACT_PERSON)
|
|
: null);
|
|
}
|
|
|
|
@Override
|
|
public String getContactOrganization() throws D4ScienceIAMClientException {
|
|
AccessToken accessToken = getAccessToken();
|
|
return (String) (accessToken.getOtherClaims() != null
|
|
? accessToken.getOtherClaims()
|
|
.get(D4ScienceCustomClaims.CLIENT_CONTACT_ORGANISATION)
|
|
: null);
|
|
}
|
|
|
|
} |