moved to common library
This commit is contained in:
parent
881a26c5e7
commit
4ea0762f7f
|
@ -1,5 +1,6 @@
|
|||
package org.gcube.service.idm.controller;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
@ -19,6 +20,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
|
|||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.WebApplicationException;
|
||||
|
||||
public class AdminKeycloakController {
|
||||
|
@ -28,7 +30,8 @@ public class AdminKeycloakController {
|
|||
// level)
|
||||
// https://gist.github.com/thomasdarimont/c4e739c5a319cf78a4cff3b87173a84b
|
||||
public static UserRepresentation createUser(String username, String email, String password, String firstName,
|
||||
String lastName, Map<String, List<String>> attributes, List<String> roles) throws WebApplicationException {
|
||||
String lastName, Map<String, List<String>> attributes, List<String> roles)
|
||||
throws WebApplicationException, ServerException {
|
||||
UserRepresentation newUser = new UserRepresentation();
|
||||
newUser.setEnabled(true);
|
||||
newUser.setUsername(username);
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package org.gcube.service.idm.controller;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
@ -112,6 +113,8 @@ public class KCClientsController {
|
|||
* the context
|
||||
*
|
||||
* @param clientId null for current context
|
||||
* @throws ServerException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
|
||||
public static List<UserRepresentation> getMemberGroupUsersCurrent() {
|
||||
|
@ -126,6 +129,8 @@ public class KCClientsController {
|
|||
* @param clientId null for current context
|
||||
* @param firstResult
|
||||
* @param maxResults
|
||||
* @throws ServerException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public static List<UserRepresentation> getMemberGroupUsers(String clientId, Integer firstResult,
|
||||
Integer maxResults) {
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package org.gcube.service.idm.controller;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
package org.gcube.service.idm.controller;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
import java.util.Collection;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
|
|
|
@ -27,7 +27,7 @@ public class LiferayProfileClient {
|
|||
}
|
||||
return user;
|
||||
|
||||
} catch (NotFoundException | ServerException | UserManagementSystemException e) {
|
||||
} catch (UserManagementSystemException e) {
|
||||
e.printStackTrace();
|
||||
throw new ServiceUnavailableException(errormsg);
|
||||
} catch (UserRetrievalFault e) {
|
||||
|
|
|
@ -4,6 +4,7 @@ import java.rmi.ServerException;
|
|||
import java.util.List;
|
||||
|
||||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.idm.common.is.InfrastrctureServiceClient;
|
||||
import org.gcube.idm.common.is.IsServerConfig;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
|
@ -14,6 +15,7 @@ import org.keycloak.representations.idm.ClientRepresentation;
|
|||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import jakarta.ws.rs.InternalServerErrorException;
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
|
||||
public class KkClientFactory {
|
||||
|
@ -25,9 +27,11 @@ public class KkClientFactory {
|
|||
private final static boolean IS_ROOT_SERVICE = true;
|
||||
|
||||
// the singleton obj
|
||||
private IsServerConfig config;
|
||||
private Secret secret;
|
||||
|
||||
private static KkClientFactory singleton = new KkClientFactory();
|
||||
|
||||
|
||||
public static KkClientFactory getSingleton() {
|
||||
if (singleton == null)
|
||||
singleton = new KkClientFactory();
|
||||
|
@ -39,65 +43,43 @@ public class KkClientFactory {
|
|||
* using the singleton pattern, it's retrieved from IS only for the first
|
||||
* access, then kept in the singleton object
|
||||
*/
|
||||
private IsServerConfig config;
|
||||
|
||||
public Secret getSecret() {
|
||||
return secret;
|
||||
}
|
||||
|
||||
public void setSecret(Secret secret) {
|
||||
this.secret = secret;
|
||||
this.config = fetchIsConfig(this.secret);
|
||||
}
|
||||
|
||||
// allows to configure the factory
|
||||
// e.g. from external configuration file
|
||||
public void setConfig(IsServerConfig configuration) {
|
||||
config = configuration;
|
||||
}
|
||||
public void setConfig(IsServerConfig configuration) {
|
||||
config = configuration;
|
||||
}
|
||||
|
||||
public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException {
|
||||
|
||||
/**
|
||||
* Private constructor
|
||||
* obtains the config from IS
|
||||
*/
|
||||
private KkClientFactory() {
|
||||
logger.info("Building KeycloakAPICredentials object");
|
||||
try {
|
||||
if (this.config == null) {
|
||||
this.config = fetchIsConfig();
|
||||
}
|
||||
logger.info("KeycloakAPICredentials object built {} - {}", config.getServerUrl(), config.getName());
|
||||
if (this.secret == null)
|
||||
this.secret = InfrastrctureServiceClient.getSecretForInfrastructure();
|
||||
|
||||
IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
|
||||
END_POINT_NAME, IS_ROOT_SERVICE, secret);
|
||||
logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName());
|
||||
|
||||
return cfg;
|
||||
} catch (Exception e) {
|
||||
logger.error("error obtaining IAM configuration from IS {} ", e);
|
||||
e.printStackTrace();
|
||||
throw new InternalServerErrorException(e);
|
||||
}
|
||||
}
|
||||
|
||||
// public IsServerConfig configFromINI() throws NotFoundException,
|
||||
// ServerException{
|
||||
|
||||
// ApplicationContext appContext = ContextProvider.get();
|
||||
// SimpleCredentials credentials =
|
||||
// (SimpleCredentials)appContext.authorizationProvider().getCredentials();
|
||||
|
||||
// IsServerConfig cfg = fetchIsConfig();
|
||||
// IsServerConfig newConfig = new IsServerConfig(
|
||||
// cfg.getServerUrl(),
|
||||
// cfg.getName(),
|
||||
// credentials.getClientID(), // cfg.getClientId(),
|
||||
// credentials.getSecret(), // cfg.getClientSecrxet(),
|
||||
// cfg.getProperties()
|
||||
// );
|
||||
|
||||
// return newConfig;s
|
||||
|
||||
// }
|
||||
|
||||
public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException {
|
||||
|
||||
IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
|
||||
END_POINT_NAME, IS_ROOT_SERVICE);
|
||||
return cfg;
|
||||
|
||||
}
|
||||
|
||||
public static String encodeClientIdContext(String context) {
|
||||
return context.replace("/", "%2F");
|
||||
}
|
||||
|
||||
public KeycloackApiClient createtKeycloakInstance(String context) {
|
||||
if (this.config == null) {
|
||||
this.config = fetchIsConfig(this.secret);
|
||||
}
|
||||
return createtKeycloakInstance(this.config, context);
|
||||
}
|
||||
|
||||
|
@ -151,6 +133,8 @@ public class KkClientFactory {
|
|||
*
|
||||
* @param clientId
|
||||
* @return
|
||||
* @throws ServerException
|
||||
* @throws NotFoundException
|
||||
*/
|
||||
public ClientResource getKKClientById(String clientId) {
|
||||
|
||||
|
@ -179,4 +163,7 @@ public class KkClientFactory {
|
|||
// return new IsServerConfig(serverUrl, realm, clientId, clientSecret);
|
||||
// }
|
||||
|
||||
public static String encodeClientIdContext(String context) {
|
||||
return context.replace("/", "%2F");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,14 +1,13 @@
|
|||
package org.gcube.service.idm.liferay;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.idm.common.is.InfrastrctureServiceClient;
|
||||
import org.gcube.idm.common.is.IsServerConfig;
|
||||
import org.gcube.vomanagement.usermanagement.impl.ws.LiferayWSUserManager;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
import jakarta.ws.rs.InternalServerErrorException;
|
||||
|
||||
public class LiferayClientFactory {
|
||||
private static final Logger logger = LoggerFactory.getLogger(LoggerFactory.class);
|
||||
|
@ -22,49 +21,7 @@ public class LiferayClientFactory {
|
|||
LiferayWSUserManager client = null;
|
||||
|
||||
private IsServerConfig config;
|
||||
|
||||
public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config)
|
||||
throws NotFoundException, ServerException {
|
||||
|
||||
String host = config.getServerUrl();
|
||||
String schema = config.getProperty("schema");
|
||||
String user = config.getProperty("username");
|
||||
String password = config.getProperty("password");
|
||||
Integer port = Integer.valueOf(config.getProperty("port"));
|
||||
|
||||
LiferayWSUserManager client = null;
|
||||
|
||||
try {
|
||||
client = new LiferayWSUserManager(user, password, host, schema, port);
|
||||
} catch (Exception e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
throw new ServerException("cannot create Liferay client");
|
||||
}
|
||||
|
||||
if (client == null) {
|
||||
throw new ServerException("cannot create Liferay client");
|
||||
}
|
||||
|
||||
logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName());
|
||||
|
||||
return client;
|
||||
}
|
||||
|
||||
public IsServerConfig getConfig() throws NotFoundException, ServerException {
|
||||
if (this.config == null) {
|
||||
this.config = fetchIsConfig();
|
||||
}
|
||||
return this.config;
|
||||
}
|
||||
|
||||
public LiferayWSUserManager getClient() throws NotFoundException, ServerException {
|
||||
if (this.client == null) {
|
||||
IsServerConfig configuration = this.getConfig();
|
||||
this.client = createtLiferayClientInstance(configuration);
|
||||
}
|
||||
return this.client;
|
||||
}
|
||||
private Secret secret;
|
||||
|
||||
private static LiferayClientFactory singleton = new LiferayClientFactory();
|
||||
|
||||
|
@ -74,12 +31,75 @@ public class LiferayClientFactory {
|
|||
return singleton;
|
||||
}
|
||||
|
||||
public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException {
|
||||
IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
|
||||
END_POINT_NAME,
|
||||
IS_ROOT_SERVICE);
|
||||
public Secret getSecret() {
|
||||
return secret;
|
||||
}
|
||||
|
||||
return cfg;
|
||||
public void setSecret(Secret secret) {
|
||||
this.secret = secret;
|
||||
this.config = fetchIsConfig(this.secret);
|
||||
}
|
||||
|
||||
public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException {
|
||||
try {
|
||||
if (this.secret == null)
|
||||
this.secret = InfrastrctureServiceClient.getSecretForInfrastructure();
|
||||
|
||||
IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
|
||||
END_POINT_NAME, IS_ROOT_SERVICE, secret);
|
||||
logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName());
|
||||
|
||||
return cfg;
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
throw new InternalServerErrorException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public LiferayWSUserManager createtLiferayClientInstance() {
|
||||
if (this.config == null) {
|
||||
this.config = fetchIsConfig(this.secret);
|
||||
}
|
||||
return createtLiferayClientInstance(this.config);
|
||||
}
|
||||
|
||||
public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config) {
|
||||
String host = config.getServerUrl();
|
||||
String schema = config.getProperty("schema");
|
||||
String user = config.getProperty("username");
|
||||
String password = config.getProperty("password");
|
||||
Integer port = Integer.valueOf(config.getProperty("port"));
|
||||
|
||||
LiferayWSUserManager client = null;
|
||||
try {
|
||||
client = new LiferayWSUserManager(user, password, host, schema, port);
|
||||
} catch (Exception e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
throw new InternalServerErrorException("cannot create Liferay client");
|
||||
}
|
||||
|
||||
if (client == null) {
|
||||
throw new InternalServerErrorException("cannot create Liferay client");
|
||||
}
|
||||
|
||||
logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName());
|
||||
|
||||
return client;
|
||||
}
|
||||
|
||||
// public IsServerConfig getConfig() {
|
||||
// if (this.config == null) {
|
||||
// this.config = fetchIsConfig();
|
||||
// }
|
||||
// return this.config;
|
||||
// }
|
||||
|
||||
public LiferayWSUserManager getClient() {
|
||||
if (this.client == null) {
|
||||
this.client = createtLiferayClientInstance();
|
||||
}
|
||||
return this.client;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -5,10 +5,9 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.idm.common.IdmUserInterface;
|
||||
import org.gcube.idm.common.models.IdmProfileInterface;
|
||||
|
||||
|
||||
public class IdmUser implements IdmUserInterface {
|
||||
public class IdmUser implements IdmProfileInterface {
|
||||
|
||||
protected String self; // link
|
||||
protected String id;
|
||||
|
@ -109,12 +108,12 @@ public class IdmUser implements IdmUserInterface {
|
|||
|
||||
// @Deprecated
|
||||
// public Boolean isTotp() {
|
||||
// return totp;
|
||||
// return totp;
|
||||
// }
|
||||
|
||||
// @Deprecated
|
||||
// public void setTotp(Boolean totp) {
|
||||
// this.totp = totp;
|
||||
// this.totp = totp;
|
||||
// }
|
||||
|
||||
public Boolean isEmailVerified() {
|
||||
|
@ -134,16 +133,18 @@ public class IdmUser implements IdmUserInterface {
|
|||
}
|
||||
|
||||
// public UserRepresentation singleAttribute(String name, String value) {
|
||||
// if (this.attributes == null)
|
||||
// this.attributes = new HashMap<>();
|
||||
// attributes.put(name, (value == null ? new ArrayList<String>() : Arrays.asList(value)));
|
||||
// return this;
|
||||
// if (this.attributes == null)
|
||||
// this.attributes = new HashMap<>();
|
||||
// attributes.put(name, (value == null ? new ArrayList<String>() :
|
||||
// Arrays.asList(value)));
|
||||
// return this;
|
||||
// }
|
||||
|
||||
// public String firstAttribute(String key) {
|
||||
// return this.attributes == null ? null
|
||||
// : this.attributes.get(key) == null ? null
|
||||
// : this.attributes.get(key).isEmpty() ? null : this.attributes.get(key).get(0);
|
||||
// return this.attributes == null ? null
|
||||
// : this.attributes.get(key) == null ? null
|
||||
// : this.attributes.get(key).isEmpty() ? null :
|
||||
// this.attributes.get(key).get(0);
|
||||
// }
|
||||
|
||||
// public List<CredentialRepresentation> getCredentials() {
|
||||
|
@ -214,7 +215,7 @@ public class IdmUser implements IdmUserInterface {
|
|||
|
||||
// @Deprecated
|
||||
// public Map<String, List<String>> getApplicationRoles() {
|
||||
// return applicationRoles;
|
||||
// return applicationRoles;
|
||||
// }
|
||||
|
||||
public String getFederationLink() {
|
||||
|
@ -242,24 +243,25 @@ public class IdmUser implements IdmUserInterface {
|
|||
}
|
||||
|
||||
// /**
|
||||
// * Returns id of UserStorageProvider that loaded this user
|
||||
// *
|
||||
// * @return NULL if user stored locally
|
||||
// */
|
||||
// * Returns id of UserStorageProvider that loaded this user
|
||||
// *
|
||||
// * @return NULL if user stored locally
|
||||
// */
|
||||
// public String getOrigin() {
|
||||
// return origin;
|
||||
// return origin;
|
||||
// }
|
||||
|
||||
// public void setOrigin(String origin) {
|
||||
// this.origin = origin;
|
||||
// this.origin = origin;
|
||||
// }
|
||||
|
||||
// public Set<String> getDisableableCredentialTypes() {
|
||||
// return disableableCredentialTypes;
|
||||
// return disableableCredentialTypes;
|
||||
// }
|
||||
|
||||
// public void setDisableableCredentialTypes(Set<String> disableableCredentialTypes) {
|
||||
// this.disableableCredentialTypes = disableableCredentialTypes;
|
||||
// public void setDisableableCredentialTypes(Set<String>
|
||||
// disableableCredentialTypes) {
|
||||
// this.disableableCredentialTypes = disableableCredentialTypes;
|
||||
// }
|
||||
|
||||
public Map<String, Boolean> getAccess() {
|
||||
|
|
|
@ -235,8 +235,6 @@ public class ClientsAPI {
|
|||
AuthController.checkIsRealmAdmin(ErrorMessages.RESERVED_PARAMETER + "client_id");
|
||||
}
|
||||
|
||||
|
||||
|
||||
// String role_name = "Member";
|
||||
|
||||
boolean show_groups = !format_group.equals(KCGroupsController.REPR.none);
|
||||
|
|
|
@ -27,8 +27,8 @@ import jakarta.ws.rs.core.Response;
|
|||
import jakarta.ws.rs.core.Response.Status;
|
||||
|
||||
@RequestHeaders({
|
||||
@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
|
||||
@RequestHeader(name = "Content-Type", description = "application/json")
|
||||
@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
|
||||
@RequestHeader(name = "Content-Type", description = "application/json")
|
||||
})
|
||||
@Path("jwt")
|
||||
public class JwtAPI {
|
||||
|
|
|
@ -200,7 +200,6 @@ public class SocialUsersAPI {
|
|||
@QueryParam("max") @DefaultValue("100") int max,
|
||||
@QueryParam("firstResult") @DefaultValue("0") int firstResult,
|
||||
@QueryParam("maxResults") @DefaultValue("100") int maxResults) {
|
||||
|
||||
|
||||
if (firstResult > 0) {
|
||||
first = firstResult;
|
||||
|
|
|
@ -4,8 +4,6 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import jakarta.ws.rs.ServiceUnavailableException;
|
||||
|
||||
import org.gcube.common.security.Owner;
|
||||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
|
|
|
@ -11,11 +11,6 @@ public class ErrorMessages {
|
|||
|
||||
public static final String RESERVED_PARAMETER = "The parameter can be used only by realm administrators: ";
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
//
|
||||
// protected static final String CANNOT_RETRIEVE_SERVICE_ENDPOINT_INFORMATION =
|
||||
// "Unable to retrieve such service endpoint information";
|
||||
|
|
10
todo.md
10
todo.md
|
@ -1,9 +1,13 @@
|
|||
# OPENSTACK
|
||||
|
||||
* [ ] deploy su openstack
|
||||
* [ ] aggiungere accounting
|
||||
|
||||
# CONFIGURAZIONE
|
||||
|
||||
* [ ] leggere parametri da file di container.ini
|
||||
* [ ] rivedere gestione errori
|
||||
*
|
||||
|
||||
|
||||
# MASSI
|
||||
|
||||
* API REST social
|
||||
|
@ -24,5 +28,3 @@
|
|||
* [ ] implementare client (rif. gcat-client)
|
||||
* [ ] verificare controllo diritti
|
||||
|
||||
* [ ] aggiungere accounting
|
||||
* [ ] mettere su openstack
|
||||
|
|
Loading…
Reference in New Issue