From 361aad417bf22c147152274fefa375bd4b26b210 Mon Sep 17 00:00:00 2001
From: Luca Frosini <luca.frosini@isti.cnr.it>
Date: Fri, 15 Jul 2022 15:46:35 +0200
Subject: [PATCH] Added explicitly URL of IAM using the defined schema

---
 .classpath                                    | 38 -------------------
 .gitignore                                    |  1 +
 pom.xml                                       |  4 --
 .../security/secrets/CredentialSecret.java    | 24 ++++++++++--
 4 files changed, 21 insertions(+), 46 deletions(-)
 delete mode 100644 .classpath

diff --git a/.classpath b/.classpath
deleted file mode 100644
index 002ad57..0000000
--- a/.classpath
+++ /dev/null
@@ -1,38 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-			<attribute name="test" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-			<attribute name="test" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
diff --git a/.gitignore b/.gitignore
index b83d222..0f44a0f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
 /target/
+/.classpath
diff --git a/pom.xml b/pom.xml
index ec5bc72..faf9718 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,10 +34,6 @@
 			<groupId>org.gcube.common</groupId>
 			<artifactId>keycloak-client</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.gcube.common</groupId>
-			<artifactId>keycloak-client-legacy-is</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.gcube.common</groupId>
 			<artifactId>common-security</artifactId>
diff --git a/src/main/java/org/gcube/common/security/secrets/CredentialSecret.java b/src/main/java/org/gcube/common/security/secrets/CredentialSecret.java
index 09702f8..0fb545a 100644
--- a/src/main/java/org/gcube/common/security/secrets/CredentialSecret.java
+++ b/src/main/java/org/gcube/common/security/secrets/CredentialSecret.java
@@ -1,14 +1,29 @@
 package org.gcube.common.security.secrets;
 
+import java.net.URL;
 import java.util.Map;
 
-import org.gcube.common.keycloak.KeycloakClientLegacyIS;
-import org.gcube.common.keycloak.KeycloakClientLegacyISFactory;
+import org.gcube.common.keycloak.KeycloakClient;
+import org.gcube.common.keycloak.KeycloakClientFactory;
 import org.gcube.common.keycloak.model.TokenResponse;
 import org.gcube.common.security.Owner;
 
 public class CredentialSecret extends Secret {
 
+	private static final String PROD_ROOT_SCOPE = "/d4science.research-infrastructures.eu";
+	
+	public static final String BASE_URL = "https://url.d4science.org";
+	public static final String SERVICE_PATH = "/auth/realms/d4science/protocol/openid-connect/token";
+	
+	public static String getServiceURL(String context) {
+		if(context.startsWith(PROD_ROOT_SCOPE)) {
+			return BASE_URL;
+		}
+		String root = context.split("/")[1];
+		return BASE_URL.replace("url", "url." + root.replaceAll("\\.", "-"));
+	}
+	
+	
 	protected boolean initialised = false;
 
 	private String username;
@@ -30,8 +45,9 @@ public class CredentialSecret extends Secret {
 
 	private void refreshAccessToken() {
 		try {
-			KeycloakClientLegacyIS client = KeycloakClientLegacyISFactory.newInstance();
-			TokenResponse response = client.queryUMAToken(username, password, context, null);
+			KeycloakClient client = KeycloakClientFactory.newInstance();
+			URL url = new URL(getServiceURL(context)+ SERVICE_PATH);
+			TokenResponse response = client.queryUMAToken(url, username, password, context, null);
 			this.accessTokenSecret = new AccessTokenSecret(response.getAccessToken());
 		} catch (Exception e) {
 			throw new RuntimeException(e);