removed context logic from common
This commit is contained in:
parent
f67d8ff4af
commit
7bcb6c7313
|
@ -2,6 +2,10 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
|
|||
|
||||
# Changelog for Identity Manager Service
|
||||
|
||||
## [v0.0.2-SNAPSHOT]
|
||||
|
||||
- Alfa version
|
||||
|
||||
|
||||
## [v0.0.1-SNAPSHOT]
|
||||
|
||||
|
|
37
pom.xml
37
pom.xml
|
@ -6,7 +6,7 @@
|
|||
|
||||
<groupId>org.gcube.idm</groupId>
|
||||
<artifactId>idm-common-library</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<version>0.0.2-SNAPSHOT</version>
|
||||
<name>Identity Manager (IDM) Common Library</name>
|
||||
<description>Identity Manager (IDM) Common Library</description>
|
||||
|
||||
|
@ -30,7 +30,7 @@
|
|||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.gcube.distribution</groupId>
|
||||
<artifactId>gcube-smartgears-bom</artifactId>
|
||||
<artifactId>gcube-bom</artifactId>
|
||||
<version>3.0.1-SNAPSHOT</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
|
@ -50,20 +50,14 @@
|
|||
<version>3.1.5</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-smartgears</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>authorization-client</artifactId>
|
||||
<artifactId>common-security</artifactId>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-smartgears-app</artifactId>
|
||||
<artifactId>common-encryption</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Required for Enunciate plugin -->
|
||||
|
@ -83,6 +77,14 @@
|
|||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-scope</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.resources.discovery</groupId>
|
||||
<artifactId>ic-client</artifactId>
|
||||
|
@ -97,27 +99,16 @@
|
|||
<groupId>jakarta.xml.bind</groupId>
|
||||
<artifactId>jakarta.xml.bind-api</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<!-- <dependency>
|
||||
<groupId>org.glassfish.jaxb</groupId>
|
||||
<artifactId>jaxb-runtime</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.core</groupId>
|
||||
<artifactId>common-scope</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
</dependency> -->
|
||||
|
||||
<!-- END Required for Enunciate plugin -->
|
||||
|
||||
|
||||
<!-- Test Dependencies -->
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.common.security</groupId>
|
||||
<artifactId>gcube-secrets</artifactId>
|
||||
<scope>test</scope>
|
||||
<version>1.0.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
|
|
|
@ -13,10 +13,6 @@ import org.gcube.common.security.AuthorizedTasks;
|
|||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||
import org.gcube.smartgears.ContextProvider;
|
||||
import org.gcube.smartgears.configuration.container.ContainerConfiguration;
|
||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||
import org.gcube.smartgears.context.container.ContainerContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
@ -51,14 +47,7 @@ public class InfrastrctureServiceClient {
|
|||
// return getEndopintsFromIS(resource_name, category, root_service, secret);
|
||||
// }
|
||||
|
||||
public static Secret getSecretForInfrastructure() {
|
||||
ApplicationContext ctx = ContextProvider.get();
|
||||
ContainerContext container = ctx.container();
|
||||
ContainerConfiguration configuration = container.configuration();
|
||||
String infra_context = configuration.infrastructure();
|
||||
Secret secret = ctx.container().authorizationProvider().getSecretForContext(infra_context);
|
||||
return secret;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* obatins from IS the list of ServiceEndpoint matching the parameters
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
package org.gcube.service.idm.models;
|
||||
package org.gcube.idm.common.models;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
public class VerifyObject {
|
||||
public class IdmVerifyObject {
|
||||
protected String jwt_token;
|
||||
protected String token;
|
||||
protected Map<String, Object> decoded;
|
||||
|
|
|
@ -1,197 +0,0 @@
|
|||
package org.gcube.idm.common;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.util.Properties;
|
||||
|
||||
// import org.gcube.common.authorization.utils.manager.SecretManager;
|
||||
// import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
|
||||
// import org.gcube.common.authorization.utils.secret.JWTSecret;
|
||||
// import org.gcube.common.authorization.utils.secret.Secret;
|
||||
// import org.gcube.common.authorization.utils.secret.SecretUtility;
|
||||
import org.gcube.common.keycloak.KeycloakClientFactory;
|
||||
import org.gcube.common.keycloak.KeycloakClientHelper;
|
||||
import org.gcube.common.keycloak.model.TokenResponse;
|
||||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.AccessTokenSecret;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.junit.AfterClass;
|
||||
import org.junit.BeforeClass;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
/**
|
||||
* @author Luca Frosini (ISTI - CNR)
|
||||
*
|
||||
*/
|
||||
public abstract class ContextTest {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(ContextTest.class);
|
||||
|
||||
protected static final String CONFIG_INI_FILENAME = "config.ini";
|
||||
|
||||
public static final String DEFAULT_TEST_SCOPE;
|
||||
public static Secret current_secret;
|
||||
|
||||
// public static final String GCUBE;
|
||||
// public static final String DEVNEXT;
|
||||
// public static final String NEXTNEXT;
|
||||
// public static final String DEVSEC;
|
||||
// public static final String DEVVRE;
|
||||
|
||||
// public static final String ROOT;
|
||||
// public static final String VO;
|
||||
public static final String VRE;
|
||||
|
||||
// private static final String ROOT_PRE;
|
||||
// private static final String VO_PREPROD;
|
||||
// protected static final String VRE_GRSF_PRE;
|
||||
|
||||
// private static final String ROOT_PROD;
|
||||
|
||||
protected static final Properties properties;
|
||||
|
||||
public static final String TYPE_PROPERTY_KEY = "type";
|
||||
public static final String USERNAME_PROPERTY_KEY = "username";
|
||||
public static final String PASSWORD_PROPERTY_KEY = "password";
|
||||
public static final String CLIENT_ID_PROPERTY_KEY = "clientId";
|
||||
|
||||
static {
|
||||
|
||||
try {
|
||||
|
||||
// GCUBE = "/gcube";
|
||||
// DEVNEXT = GCUBE + "/devNext";
|
||||
// NEXTNEXT = DEVNEXT + "/NextNext";
|
||||
// DEVSEC = GCUBE + "/devsec";
|
||||
// DEVVRE = DEVSEC + "/devVRE";
|
||||
|
||||
// ROOT = GCUBE;
|
||||
// VO = DEVSEC;
|
||||
// VRE = DEVVRE;
|
||||
|
||||
// ROOT_PRE = "/pred4s";
|
||||
// VO_PREPROD = ROOT_PRE + "/preprod";
|
||||
// VRE_GRSF_PRE = VO_PREPROD + "/GRSF_Pre";
|
||||
|
||||
// ROOT_PROD = "/d4science.research-infrastructures.eu";
|
||||
|
||||
properties = readProperties(CONFIG_INI_FILENAME);
|
||||
VRE = properties.getProperty("context");
|
||||
DEFAULT_TEST_SCOPE = VRE;
|
||||
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public static Properties readProperties(String filename) throws IOException {
|
||||
|
||||
Properties p = new Properties();
|
||||
InputStream input = ContextTest.class.getClassLoader().getResourceAsStream(CONFIG_INI_FILENAME);
|
||||
// load the properties file
|
||||
p.load(input);
|
||||
return p;
|
||||
|
||||
}
|
||||
|
||||
private enum Type {
|
||||
USER, CLIENT_ID
|
||||
};
|
||||
|
||||
public static void set(Secret secret) throws Exception {
|
||||
SecretManagerProvider.reset();
|
||||
SecretManagerProvider.set(secret);
|
||||
current_secret = secret;
|
||||
}
|
||||
|
||||
public static void setContextByName(String fullContextName) throws Exception {
|
||||
logger.debug("Going to set credentials for context {}", fullContextName);
|
||||
Secret secret = getSecretByContextName(fullContextName);
|
||||
set(secret);
|
||||
}
|
||||
|
||||
private static TokenResponse getJWTAccessToken(String context) throws Exception {
|
||||
Type type = Type.valueOf(properties.get(TYPE_PROPERTY_KEY).toString());
|
||||
|
||||
TokenResponse tr = null;
|
||||
|
||||
int index = context.indexOf('/', 1);
|
||||
String root = context.substring(0, index == -1 ? context.length() : index);
|
||||
|
||||
switch (type) {
|
||||
case CLIENT_ID:
|
||||
String clientId = properties.getProperty(CLIENT_ID_PROPERTY_KEY);
|
||||
String clientSecret = properties.getProperty(root);
|
||||
|
||||
tr = KeycloakClientFactory.newInstance().queryUMAToken(context, clientId, clientSecret, context, null);
|
||||
break;
|
||||
|
||||
case USER:
|
||||
default:
|
||||
String username = properties.getProperty(USERNAME_PROPERTY_KEY);
|
||||
String password = properties.getProperty(PASSWORD_PROPERTY_KEY);
|
||||
|
||||
switch (root) {
|
||||
case "/gcube":
|
||||
default:
|
||||
clientId = "next.d4science.org";
|
||||
break;
|
||||
|
||||
case "/pred4s":
|
||||
clientId = "pre.d4science.org";
|
||||
break;
|
||||
|
||||
case "/d4science.research-infrastructures.eu":
|
||||
clientId = "services.d4science.org";
|
||||
break;
|
||||
}
|
||||
clientSecret = null;
|
||||
|
||||
tr = KeycloakClientHelper.getTokenForUser(context, username, password);
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
return tr;
|
||||
|
||||
}
|
||||
|
||||
public static Secret getSecretByContextName(String context) throws Exception {
|
||||
TokenResponse tr = getJWTAccessToken(context);
|
||||
Secret secret = new AccessTokenSecret(tr.getAccessToken(), context);
|
||||
return secret;
|
||||
}
|
||||
|
||||
public static void setContext(String token) throws Exception {
|
||||
Secret secret = getSecret(token);
|
||||
set(secret);
|
||||
}
|
||||
|
||||
private static Secret getSecret(String token) throws Exception {
|
||||
// TODO: verificare classe (AccessTokenSecret anziche JWTToken) e context(VRE)
|
||||
Secret secret = new AccessTokenSecret(token, VRE);
|
||||
return secret;
|
||||
}
|
||||
|
||||
public static String getUser() {
|
||||
String user = "UNKNOWN";
|
||||
try {
|
||||
user = SecretManagerProvider.get().getOwner().getId();
|
||||
} catch (Exception e) {
|
||||
logger.error("Unable to retrieve user. {} will be used", user);
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
@BeforeClass
|
||||
public static void beforeClass() throws Exception {
|
||||
setContextByName(DEFAULT_TEST_SCOPE);
|
||||
}
|
||||
|
||||
@AfterClass
|
||||
public static void afterClass() throws Exception {
|
||||
SecretManagerProvider.reset();
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue