added Credential Secret
This commit is contained in:
parent
cf6981a284
commit
3582aaa4f5
|
@ -0,0 +1,38 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" output="target/classes" path="src/main/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
<attribute name="test" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
<attribute name="test" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="output" path="target/classes"/>
|
||||
</classpath>
|
|
@ -0,0 +1 @@
|
|||
/target/
|
|
@ -0,0 +1,23 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<projectDescription>
|
||||
<name>gcube-secrets</name>
|
||||
<comment></comment>
|
||||
<projects>
|
||||
</projects>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.m2e.core.maven2Builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.m2e.core.maven2Nature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
|
@ -0,0 +1,6 @@
|
|||
eclipse.preferences.version=1
|
||||
encoding//src/main/java=UTF-8
|
||||
encoding//src/main/resources=UTF-8
|
||||
encoding//src/test/java=UTF-8
|
||||
encoding//src/test/resources=UTF-8
|
||||
encoding/<project>=UTF-8
|
|
@ -0,0 +1,8 @@
|
|||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
|
||||
org.eclipse.jdt.core.compiler.compliance=1.8
|
||||
org.eclipse.jdt.core.compiler.problem.enablePreviewFeatures=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.reportPreviewFeatures=ignore
|
||||
org.eclipse.jdt.core.compiler.release=disabled
|
||||
org.eclipse.jdt.core.compiler.source=1.8
|
|
@ -0,0 +1,4 @@
|
|||
activeProfiles=
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
version=1
|
8
pom.xml
8
pom.xml
|
@ -34,10 +34,18 @@
|
|||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>keycloak-client</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>keycloak-client-legacy-is</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>common-security</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>authorization-client</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
@ -5,20 +5,23 @@ import java.util.HashMap;
|
|||
import java.util.Map;
|
||||
|
||||
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import org.gcube.common.keycloak.model.AccessToken;
|
||||
import org.gcube.common.security.Owner;
|
||||
|
||||
public class AccessTokenSecret extends Secret {
|
||||
|
||||
|
||||
private String encodedAccessToken;
|
||||
|
||||
protected Owner owner;
|
||||
protected String context;
|
||||
private Owner owner;
|
||||
private String context;
|
||||
|
||||
private AccessToken accessToken;
|
||||
|
||||
private boolean initialised = false;
|
||||
|
||||
public AccessTokenSecret(String encodedAccessToken) {
|
||||
this.encodedAccessToken = encodedAccessToken;
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -36,7 +39,7 @@ public class AccessTokenSecret extends Secret {
|
|||
@Override
|
||||
public Map<String, String> getHTTPAuthorizationHeaders() {
|
||||
Map<String, String> authorizationHeaders = new HashMap<>();
|
||||
authorizationHeaders.put("Authorization", "Bearer " + this.encodedAccessToken.getBytes());
|
||||
authorizationHeaders.put("Authorization", "Bearer " + this.encodedAccessToken);
|
||||
return authorizationHeaders;
|
||||
|
||||
}
|
||||
|
@ -44,10 +47,12 @@ public class AccessTokenSecret extends Secret {
|
|||
protected String getEncodedAccessToken() {
|
||||
return encodedAccessToken;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public boolean isExpired() {
|
||||
return false;
|
||||
init();
|
||||
return accessToken.isExpired();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -69,7 +74,10 @@ public class AccessTokenSecret extends Secret {
|
|||
owner.setClientName(obj.getClientName());
|
||||
owner.setContactOrganisation(obj.getContactOrganisation());
|
||||
owner.setClientName(obj.getClientName());
|
||||
context = obj.getContext();
|
||||
context = obj.getContext();
|
||||
|
||||
this.accessToken = objectMapper.readValue(decodedAccessPart, AccessToken.class);
|
||||
|
||||
initialised = true;
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException(e);
|
||||
|
|
|
@ -0,0 +1,71 @@
|
|||
package org.gcube.common.security.secrets;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.common.keycloak.KeycloakClientLegacyIS;
|
||||
import org.gcube.common.keycloak.KeycloakClientLegacyISFactory;
|
||||
import org.gcube.common.keycloak.model.TokenResponse;
|
||||
import org.gcube.common.security.Owner;
|
||||
|
||||
public class CredentialSecret extends Secret {
|
||||
|
||||
protected boolean initialised = false;
|
||||
|
||||
private String username;
|
||||
private String password;
|
||||
private String context;
|
||||
private AccessTokenSecret accessTokenSecret;
|
||||
|
||||
|
||||
public CredentialSecret(String username, String password, String context) {
|
||||
this.username = username;
|
||||
this.password = password;
|
||||
this.context = context;
|
||||
init();
|
||||
}
|
||||
|
||||
private void init() {
|
||||
refreshAccessToken();
|
||||
}
|
||||
|
||||
private void refreshAccessToken() {
|
||||
try {
|
||||
KeycloakClientLegacyIS client = KeycloakClientLegacyISFactory.newInstance();
|
||||
TokenResponse response = client.queryUMAToken(username, password, context, null);
|
||||
this.accessTokenSecret = new AccessTokenSecret(response.getAccessToken());
|
||||
} catch (Exception e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Owner getOwner() {
|
||||
return this.accessTokenSecret.getOwner();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getContext() {
|
||||
if (this.accessTokenSecret.isExpired())
|
||||
refreshAccessToken();
|
||||
return this.accessTokenSecret.getContext();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Map<String, String> getHTTPAuthorizationHeaders() {
|
||||
if (this.accessTokenSecret.isExpired())
|
||||
refreshAccessToken();
|
||||
return this.accessTokenSecret.getHTTPAuthorizationHeaders();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isExpired() {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public boolean isRefreshable() {
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue