added Credential Secret

This commit is contained in:
Lucio Lelii 2022-06-15 17:56:39 +02:00
parent cf6981a284
commit 3582aaa4f5
9 changed files with 174 additions and 7 deletions

38
.classpath Normal file
View File

@ -0,0 +1,38 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
<attribute name="test" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="test" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
/target/

23
.project Normal file
View File

@ -0,0 +1,23 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>gcube-secrets</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
</natures>
</projectDescription>

View File

@ -0,0 +1,6 @@
eclipse.preferences.version=1
encoding//src/main/java=UTF-8
encoding//src/main/resources=UTF-8
encoding//src/test/java=UTF-8
encoding//src/test/resources=UTF-8
encoding/<project>=UTF-8

View File

@ -0,0 +1,8 @@
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
org.eclipse.jdt.core.compiler.compliance=1.8
org.eclipse.jdt.core.compiler.problem.enablePreviewFeatures=disabled
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
org.eclipse.jdt.core.compiler.problem.reportPreviewFeatures=ignore
org.eclipse.jdt.core.compiler.release=disabled
org.eclipse.jdt.core.compiler.source=1.8

View File

@ -0,0 +1,4 @@
activeProfiles=
eclipse.preferences.version=1
resolveWorkspaceProjects=true
version=1

View File

@ -34,10 +34,18 @@
<groupId>org.gcube.common</groupId>
<artifactId>keycloak-client</artifactId>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>keycloak-client-legacy-is</artifactId>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>common-security</artifactId>
</dependency>
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>authorization-client</artifactId>
</dependency>
</dependencies>
</project>

View File

@ -5,20 +5,23 @@ import java.util.HashMap;
import java.util.Map;
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
import org.gcube.common.keycloak.model.AccessToken;
import org.gcube.common.security.Owner;
public class AccessTokenSecret extends Secret {
private String encodedAccessToken;
protected Owner owner;
protected String context;
private Owner owner;
private String context;
private AccessToken accessToken;
private boolean initialised = false;
public AccessTokenSecret(String encodedAccessToken) {
this.encodedAccessToken = encodedAccessToken;
}
@Override
@ -36,7 +39,7 @@ public class AccessTokenSecret extends Secret {
@Override
public Map<String, String> getHTTPAuthorizationHeaders() {
Map<String, String> authorizationHeaders = new HashMap<>();
authorizationHeaders.put("Authorization", "Bearer " + this.encodedAccessToken.getBytes());
authorizationHeaders.put("Authorization", "Bearer " + this.encodedAccessToken);
return authorizationHeaders;
}
@ -45,9 +48,11 @@ public class AccessTokenSecret extends Secret {
return encodedAccessToken;
}
@Override
public boolean isExpired() {
return false;
init();
return accessToken.isExpired();
}
@Override
@ -70,6 +75,9 @@ public class AccessTokenSecret extends Secret {
owner.setContactOrganisation(obj.getContactOrganisation());
owner.setClientName(obj.getClientName());
context = obj.getContext();
this.accessToken = objectMapper.readValue(decodedAccessPart, AccessToken.class);
initialised = true;
} catch (Exception e) {
throw new RuntimeException(e);

View File

@ -0,0 +1,71 @@
package org.gcube.common.security.secrets;
import java.util.Map;
import org.gcube.common.keycloak.KeycloakClientLegacyIS;
import org.gcube.common.keycloak.KeycloakClientLegacyISFactory;
import org.gcube.common.keycloak.model.TokenResponse;
import org.gcube.common.security.Owner;
public class CredentialSecret extends Secret {
protected boolean initialised = false;
private String username;
private String password;
private String context;
private AccessTokenSecret accessTokenSecret;
public CredentialSecret(String username, String password, String context) {
this.username = username;
this.password = password;
this.context = context;
init();
}
private void init() {
refreshAccessToken();
}
private void refreshAccessToken() {
try {
KeycloakClientLegacyIS client = KeycloakClientLegacyISFactory.newInstance();
TokenResponse response = client.queryUMAToken(username, password, context, null);
this.accessTokenSecret = new AccessTokenSecret(response.getAccessToken());
} catch (Exception e) {
throw new RuntimeException(e);
}
}
@Override
public Owner getOwner() {
return this.accessTokenSecret.getOwner();
}
@Override
public String getContext() {
if (this.accessTokenSecret.isExpired())
refreshAccessToken();
return this.accessTokenSecret.getContext();
}
@Override
public Map<String, String> getHTTPAuthorizationHeaders() {
if (this.accessTokenSecret.isExpired())
refreshAccessToken();
return this.accessTokenSecret.getHTTPAuthorizationHeaders();
}
@Override
public boolean isExpired() {
return false;
}
@Override
public boolean isRefreshable() {
return false;
}
}