diff --git a/src/main/java/org/gcube/service/idm/controller/AdminKeycloakController.java b/src/main/java/org/gcube/service/idm/controller/AdminKeycloakController.java index b3408f6..08c453f 100644 --- a/src/main/java/org/gcube/service/idm/controller/AdminKeycloakController.java +++ b/src/main/java/org/gcube/service/idm/controller/AdminKeycloakController.java @@ -1,5 +1,6 @@ package org.gcube.service.idm.controller; +import java.rmi.ServerException; import java.util.ArrayList; import java.util.Arrays; import java.util.List; @@ -19,6 +20,7 @@ import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.slf4j.LoggerFactory; +import jakarta.ws.rs.NotFoundException; import jakarta.ws.rs.WebApplicationException; public class AdminKeycloakController { @@ -28,7 +30,8 @@ public class AdminKeycloakController { // level) // https://gist.github.com/thomasdarimont/c4e739c5a319cf78a4cff3b87173a84b public static UserRepresentation createUser(String username, String email, String password, String firstName, - String lastName, Map> attributes, List roles) throws WebApplicationException { + String lastName, Map> attributes, List roles) + throws WebApplicationException, ServerException { UserRepresentation newUser = new UserRepresentation(); newUser.setEnabled(true); newUser.setUsername(username); diff --git a/src/main/java/org/gcube/service/idm/controller/KCClientsController.java b/src/main/java/org/gcube/service/idm/controller/KCClientsController.java index f123f65..8f4ee7d 100644 --- a/src/main/java/org/gcube/service/idm/controller/KCClientsController.java +++ b/src/main/java/org/gcube/service/idm/controller/KCClientsController.java @@ -1,5 +1,6 @@ package org.gcube.service.idm.controller; +import java.rmi.ServerException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -112,6 +113,8 @@ public class KCClientsController { * the context * * @param clientId null for current context + * @throws ServerException + * @throws NotFoundException */ public static List getMemberGroupUsersCurrent() { @@ -126,6 +129,8 @@ public class KCClientsController { * @param clientId null for current context * @param firstResult * @param maxResults + * @throws ServerException + * @throws NotFoundException */ public static List getMemberGroupUsers(String clientId, Integer firstResult, Integer maxResults) { diff --git a/src/main/java/org/gcube/service/idm/controller/KCRolesController.java b/src/main/java/org/gcube/service/idm/controller/KCRolesController.java index bd10bf3..68960b4 100644 --- a/src/main/java/org/gcube/service/idm/controller/KCRolesController.java +++ b/src/main/java/org/gcube/service/idm/controller/KCRolesController.java @@ -1,5 +1,6 @@ package org.gcube.service.idm.controller; +import java.rmi.ServerException; import java.util.List; import java.util.Objects; import java.util.stream.Collectors; diff --git a/src/main/java/org/gcube/service/idm/controller/KCUserController.java b/src/main/java/org/gcube/service/idm/controller/KCUserController.java index 018cc6c..3080596 100644 --- a/src/main/java/org/gcube/service/idm/controller/KCUserController.java +++ b/src/main/java/org/gcube/service/idm/controller/KCUserController.java @@ -1,5 +1,6 @@ package org.gcube.service.idm.controller; +import java.rmi.ServerException; import java.util.Collection; import java.util.HashMap; import java.util.List; diff --git a/src/main/java/org/gcube/service/idm/controller/LiferayProfileClient.java b/src/main/java/org/gcube/service/idm/controller/LiferayProfileClient.java index 050fed9..76f3826 100644 --- a/src/main/java/org/gcube/service/idm/controller/LiferayProfileClient.java +++ b/src/main/java/org/gcube/service/idm/controller/LiferayProfileClient.java @@ -27,7 +27,7 @@ public class LiferayProfileClient { } return user; - } catch (NotFoundException | ServerException | UserManagementSystemException e) { + } catch (UserManagementSystemException e) { e.printStackTrace(); throw new ServiceUnavailableException(errormsg); } catch (UserRetrievalFault e) { diff --git a/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java index 7d30b0b..6dec79a 100644 --- a/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java +++ b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java @@ -4,6 +4,7 @@ import java.rmi.ServerException; import java.util.List; import org.gcube.common.security.providers.SecretManagerProvider; +import org.gcube.common.security.secrets.Secret; import org.gcube.idm.common.is.InfrastrctureServiceClient; import org.gcube.idm.common.is.IsServerConfig; import org.keycloak.admin.client.Keycloak; @@ -14,6 +15,7 @@ import org.keycloak.representations.idm.ClientRepresentation; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import jakarta.ws.rs.InternalServerErrorException; import jakarta.ws.rs.NotFoundException; public class KkClientFactory { @@ -25,9 +27,11 @@ public class KkClientFactory { private final static boolean IS_ROOT_SERVICE = true; // the singleton obj + private IsServerConfig config; + private Secret secret; private static KkClientFactory singleton = new KkClientFactory(); - + public static KkClientFactory getSingleton() { if (singleton == null) singleton = new KkClientFactory(); @@ -39,65 +43,43 @@ public class KkClientFactory { * using the singleton pattern, it's retrieved from IS only for the first * access, then kept in the singleton object */ - private IsServerConfig config; + + public Secret getSecret() { + return secret; + } + + public void setSecret(Secret secret) { + this.secret = secret; + this.config = fetchIsConfig(this.secret); + } // allows to configure the factory // e.g. from external configuration file - public void setConfig(IsServerConfig configuration) { - config = configuration; - } + public void setConfig(IsServerConfig configuration) { + config = configuration; + } + public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException { - /** - * Private constructor - * obtains the config from IS - */ - private KkClientFactory() { - logger.info("Building KeycloakAPICredentials object"); try { - if (this.config == null) { - this.config = fetchIsConfig(); - } - logger.info("KeycloakAPICredentials object built {} - {}", config.getServerUrl(), config.getName()); + if (this.secret == null) + this.secret = InfrastrctureServiceClient.getSecretForInfrastructure(); + IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, + END_POINT_NAME, IS_ROOT_SERVICE, secret); + logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName()); + + return cfg; } catch (Exception e) { - logger.error("error obtaining IAM configuration from IS {} ", e); + e.printStackTrace(); + throw new InternalServerErrorException(e); } } - // public IsServerConfig configFromINI() throws NotFoundException, - // ServerException{ - - // ApplicationContext appContext = ContextProvider.get(); - // SimpleCredentials credentials = - // (SimpleCredentials)appContext.authorizationProvider().getCredentials(); - - // IsServerConfig cfg = fetchIsConfig(); - // IsServerConfig newConfig = new IsServerConfig( - // cfg.getServerUrl(), - // cfg.getName(), - // credentials.getClientID(), // cfg.getClientId(), - // credentials.getSecret(), // cfg.getClientSecrxet(), - // cfg.getProperties() - // ); - - // return newConfig;s - - // } - - public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException { - - IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, - END_POINT_NAME, IS_ROOT_SERVICE); - return cfg; - - } - - public static String encodeClientIdContext(String context) { - return context.replace("/", "%2F"); - } - public KeycloackApiClient createtKeycloakInstance(String context) { + if (this.config == null) { + this.config = fetchIsConfig(this.secret); + } return createtKeycloakInstance(this.config, context); } @@ -151,6 +133,8 @@ public class KkClientFactory { * * @param clientId * @return + * @throws ServerException + * @throws NotFoundException */ public ClientResource getKKClientById(String clientId) { @@ -179,4 +163,7 @@ public class KkClientFactory { // return new IsServerConfig(serverUrl, realm, clientId, clientSecret); // } + public static String encodeClientIdContext(String context) { + return context.replace("/", "%2F"); + } } diff --git a/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java b/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java index ebca133..f39388f 100644 --- a/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java +++ b/src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java @@ -1,14 +1,13 @@ package org.gcube.service.idm.liferay; -import java.rmi.ServerException; - +import org.gcube.common.security.secrets.Secret; import org.gcube.idm.common.is.InfrastrctureServiceClient; import org.gcube.idm.common.is.IsServerConfig; import org.gcube.vomanagement.usermanagement.impl.ws.LiferayWSUserManager; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.InternalServerErrorException; public class LiferayClientFactory { private static final Logger logger = LoggerFactory.getLogger(LoggerFactory.class); @@ -22,49 +21,7 @@ public class LiferayClientFactory { LiferayWSUserManager client = null; private IsServerConfig config; - - public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config) - throws NotFoundException, ServerException { - - String host = config.getServerUrl(); - String schema = config.getProperty("schema"); - String user = config.getProperty("username"); - String password = config.getProperty("password"); - Integer port = Integer.valueOf(config.getProperty("port")); - - LiferayWSUserManager client = null; - - try { - client = new LiferayWSUserManager(user, password, host, schema, port); - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - throw new ServerException("cannot create Liferay client"); - } - - if (client == null) { - throw new ServerException("cannot create Liferay client"); - } - - logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName()); - - return client; - } - - public IsServerConfig getConfig() throws NotFoundException, ServerException { - if (this.config == null) { - this.config = fetchIsConfig(); - } - return this.config; - } - - public LiferayWSUserManager getClient() throws NotFoundException, ServerException { - if (this.client == null) { - IsServerConfig configuration = this.getConfig(); - this.client = createtLiferayClientInstance(configuration); - } - return this.client; - } + private Secret secret; private static LiferayClientFactory singleton = new LiferayClientFactory(); @@ -74,12 +31,75 @@ public class LiferayClientFactory { return singleton; } - public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException { - IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, - END_POINT_NAME, - IS_ROOT_SERVICE); + public Secret getSecret() { + return secret; + } - return cfg; + public void setSecret(Secret secret) { + this.secret = secret; + this.config = fetchIsConfig(this.secret); + } + + public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException { + try { + if (this.secret == null) + this.secret = InfrastrctureServiceClient.getSecretForInfrastructure(); + + IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY, + END_POINT_NAME, IS_ROOT_SERVICE, secret); + logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName()); + + return cfg; + } catch (Exception e) { + e.printStackTrace(); + throw new InternalServerErrorException(e); + } + } + + public LiferayWSUserManager createtLiferayClientInstance() { + if (this.config == null) { + this.config = fetchIsConfig(this.secret); + } + return createtLiferayClientInstance(this.config); + } + + public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config) { + String host = config.getServerUrl(); + String schema = config.getProperty("schema"); + String user = config.getProperty("username"); + String password = config.getProperty("password"); + Integer port = Integer.valueOf(config.getProperty("port")); + + LiferayWSUserManager client = null; + try { + client = new LiferayWSUserManager(user, password, host, schema, port); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + throw new InternalServerErrorException("cannot create Liferay client"); + } + + if (client == null) { + throw new InternalServerErrorException("cannot create Liferay client"); + } + + logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName()); + + return client; + } + + // public IsServerConfig getConfig() { + // if (this.config == null) { + // this.config = fetchIsConfig(); + // } + // return this.config; + // } + + public LiferayWSUserManager getClient() { + if (this.client == null) { + this.client = createtLiferayClientInstance(); + } + return this.client; } } diff --git a/src/main/java/org/gcube/service/idm/models/IdmUser.java b/src/main/java/org/gcube/service/idm/models/IdmUser.java index ba83a2d..3395766 100644 --- a/src/main/java/org/gcube/service/idm/models/IdmUser.java +++ b/src/main/java/org/gcube/service/idm/models/IdmUser.java @@ -5,10 +5,9 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import org.gcube.idm.common.IdmUserInterface; +import org.gcube.idm.common.models.IdmProfileInterface; - -public class IdmUser implements IdmUserInterface { +public class IdmUser implements IdmProfileInterface { protected String self; // link protected String id; @@ -109,12 +108,12 @@ public class IdmUser implements IdmUserInterface { // @Deprecated // public Boolean isTotp() { - // return totp; + // return totp; // } // @Deprecated // public void setTotp(Boolean totp) { - // this.totp = totp; + // this.totp = totp; // } public Boolean isEmailVerified() { @@ -134,16 +133,18 @@ public class IdmUser implements IdmUserInterface { } // public UserRepresentation singleAttribute(String name, String value) { - // if (this.attributes == null) - // this.attributes = new HashMap<>(); - // attributes.put(name, (value == null ? new ArrayList() : Arrays.asList(value))); - // return this; + // if (this.attributes == null) + // this.attributes = new HashMap<>(); + // attributes.put(name, (value == null ? new ArrayList() : + // Arrays.asList(value))); + // return this; // } // public String firstAttribute(String key) { - // return this.attributes == null ? null - // : this.attributes.get(key) == null ? null - // : this.attributes.get(key).isEmpty() ? null : this.attributes.get(key).get(0); + // return this.attributes == null ? null + // : this.attributes.get(key) == null ? null + // : this.attributes.get(key).isEmpty() ? null : + // this.attributes.get(key).get(0); // } // public List getCredentials() { @@ -214,7 +215,7 @@ public class IdmUser implements IdmUserInterface { // @Deprecated // public Map> getApplicationRoles() { - // return applicationRoles; + // return applicationRoles; // } public String getFederationLink() { @@ -242,24 +243,25 @@ public class IdmUser implements IdmUserInterface { } // /** - // * Returns id of UserStorageProvider that loaded this user - // * - // * @return NULL if user stored locally - // */ + // * Returns id of UserStorageProvider that loaded this user + // * + // * @return NULL if user stored locally + // */ // public String getOrigin() { - // return origin; + // return origin; // } // public void setOrigin(String origin) { - // this.origin = origin; + // this.origin = origin; // } // public Set getDisableableCredentialTypes() { - // return disableableCredentialTypes; + // return disableableCredentialTypes; // } - // public void setDisableableCredentialTypes(Set disableableCredentialTypes) { - // this.disableableCredentialTypes = disableableCredentialTypes; + // public void setDisableableCredentialTypes(Set + // disableableCredentialTypes) { + // this.disableableCredentialTypes = disableableCredentialTypes; // } public Map getAccess() { diff --git a/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java b/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java index f8737f0..69bea68 100644 --- a/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java @@ -235,8 +235,6 @@ public class ClientsAPI { AuthController.checkIsRealmAdmin(ErrorMessages.RESERVED_PARAMETER + "client_id"); } - - // String role_name = "Member"; boolean show_groups = !format_group.equals(KCGroupsController.REPR.none); diff --git a/src/main/java/org/gcube/service/idm/rest/JwtAPI.java b/src/main/java/org/gcube/service/idm/rest/JwtAPI.java index 50bb2c5..4b67bf3 100644 --- a/src/main/java/org/gcube/service/idm/rest/JwtAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/JwtAPI.java @@ -27,8 +27,8 @@ import jakarta.ws.rs.core.Response; import jakarta.ws.rs.core.Response.Status; @RequestHeaders({ - @RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"), - @RequestHeader(name = "Content-Type", description = "application/json") + @RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"), + @RequestHeader(name = "Content-Type", description = "application/json") }) @Path("jwt") public class JwtAPI { diff --git a/src/main/java/org/gcube/service/idm/rest/SocialUsersAPI.java b/src/main/java/org/gcube/service/idm/rest/SocialUsersAPI.java index 75c68a2..bca490e 100644 --- a/src/main/java/org/gcube/service/idm/rest/SocialUsersAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/SocialUsersAPI.java @@ -200,7 +200,6 @@ public class SocialUsersAPI { @QueryParam("max") @DefaultValue("100") int max, @QueryParam("firstResult") @DefaultValue("0") int firstResult, @QueryParam("maxResults") @DefaultValue("100") int maxResults) { - if (firstResult > 0) { first = firstResult; diff --git a/src/main/java/org/gcube/service/idm/rest/UserAPI.java b/src/main/java/org/gcube/service/idm/rest/UserAPI.java index 1ea821e..b0958e1 100644 --- a/src/main/java/org/gcube/service/idm/rest/UserAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/UserAPI.java @@ -4,8 +4,6 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import jakarta.ws.rs.ServiceUnavailableException; - import org.gcube.common.security.Owner; import org.gcube.common.security.providers.SecretManagerProvider; import org.gcube.common.security.secrets.Secret; diff --git a/src/main/java/org/gcube/service/utils/ErrorMessages.java b/src/main/java/org/gcube/service/utils/ErrorMessages.java index 7f3d141..a39abdd 100644 --- a/src/main/java/org/gcube/service/utils/ErrorMessages.java +++ b/src/main/java/org/gcube/service/utils/ErrorMessages.java @@ -11,11 +11,6 @@ public class ErrorMessages { public static final String RESERVED_PARAMETER = "The parameter can be used only by realm administrators: "; - - - - - // // protected static final String CANNOT_RETRIEVE_SERVICE_ENDPOINT_INFORMATION = // "Unable to retrieve such service endpoint information"; diff --git a/todo.md b/todo.md index 5e47351..e096f90 100644 --- a/todo.md +++ b/todo.md @@ -1,9 +1,13 @@ +# OPENSTACK + +* [ ] deploy su openstack +* [ ] aggiungere accounting + # CONFIGURAZIONE * [ ] leggere parametri da file di container.ini * [ ] rivedere gestione errori -* - + # MASSI * API REST social @@ -24,5 +28,3 @@ * [ ] implementare client (rif. gcat-client) * [ ] verificare controllo diritti -* [ ] aggiungere accounting -* [ ] mettere su openstack