moved to common library

src/main/java/org/gcube/service/idm/controller/AdminKeycloakController.java

@@ -1,5 +1,6 @@
 package org.gcube.service.idm.controller;
 
+import java.rmi.ServerException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
@@ -19,6 +20,7 @@ import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.slf4j.LoggerFactory;
 
+import jakarta.ws.rs.NotFoundException;
 import jakarta.ws.rs.WebApplicationException;
 
 public class AdminKeycloakController {
@@ -28,7 +30,8 @@ public class AdminKeycloakController {
     // level)
     // https://gist.github.com/thomasdarimont/c4e739c5a319cf78a4cff3b87173a84b
     public static UserRepresentation createUser(String username, String email, String password, String firstName,
-            String lastName, Map<String, List<String>> attributes, List<String> roles) throws WebApplicationException {
+            String lastName, Map<String, List<String>> attributes, List<String> roles)
+            throws WebApplicationException, ServerException {
         UserRepresentation newUser = new UserRepresentation();
         newUser.setEnabled(true);
         newUser.setUsername(username);

src/main/java/org/gcube/service/idm/controller/KCClientsController.java

@@ -1,5 +1,6 @@
 package org.gcube.service.idm.controller;
 
+import java.rmi.ServerException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -112,6 +113,8 @@ public class KCClientsController {
 	 * the context
 	 * 
 	 * @param clientId null for current context
+	 * @throws ServerException
+	 * @throws NotFoundException
 	 */
 
 	public static List<UserRepresentation> getMemberGroupUsersCurrent() {
@@ -126,6 +129,8 @@ public class KCClientsController {
 	 * @param clientId    null for current context
 	 * @param firstResult
 	 * @param maxResults
+	 * @throws ServerException
+	 * @throws NotFoundException
 	 */
 	public static List<UserRepresentation> getMemberGroupUsers(String clientId, Integer firstResult,
 			Integer maxResults) {

src/main/java/org/gcube/service/idm/controller/KCRolesController.java

@@ -1,5 +1,6 @@
 package org.gcube.service.idm.controller;
 
+import java.rmi.ServerException;
 import java.util.List;
 import java.util.Objects;
 import java.util.stream.Collectors;

src/main/java/org/gcube/service/idm/controller/KCUserController.java

@@ -1,5 +1,6 @@
 package org.gcube.service.idm.controller;
 
+import java.rmi.ServerException;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.List;

src/main/java/org/gcube/service/idm/controller/LiferayProfileClient.java

@@ -27,7 +27,7 @@ public class LiferayProfileClient {
             }
             return user;
 
-        } catch (NotFoundException | ServerException | UserManagementSystemException e) {
+        } catch (UserManagementSystemException e) {
             e.printStackTrace();
             throw new ServiceUnavailableException(errormsg);
         } catch (UserRetrievalFault e) {

src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java

@@ -4,6 +4,7 @@ import java.rmi.ServerException;
 import java.util.List;
 
 import org.gcube.common.security.providers.SecretManagerProvider;
+import org.gcube.common.security.secrets.Secret;
 import org.gcube.idm.common.is.InfrastrctureServiceClient;
 import org.gcube.idm.common.is.IsServerConfig;
 import org.keycloak.admin.client.Keycloak;
@@ -14,6 +15,7 @@ import org.keycloak.representations.idm.ClientRepresentation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import jakarta.ws.rs.InternalServerErrorException;
 import jakarta.ws.rs.NotFoundException;
 
 public class KkClientFactory {
@@ -25,6 +27,8 @@ public class KkClientFactory {
 	private final static boolean IS_ROOT_SERVICE = true;
 
 	// the singleton obj
+	private IsServerConfig config;
+	private Secret secret;
 
 	private static KkClientFactory singleton = new KkClientFactory();
 
@@ -39,65 +43,43 @@ public class KkClientFactory {
 	 * using the singleton pattern, it's retrieved from IS only for the first
 	 * access, then kept in the singleton object
 	 */
-	private IsServerConfig config;
+
+	public Secret getSecret() {
+		return secret;
+	}
+
+	public void setSecret(Secret secret) {
+		this.secret = secret;
+		this.config = fetchIsConfig(this.secret);
+	}
 
 	// allows to configure the factory
 	// e.g. from external configuration file
-    public void setConfig(IsServerConfig configuration) {
-        config = configuration;
-    }
+	public void setConfig(IsServerConfig configuration) {
+		config = configuration;
+	}
 
+	public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException {
 
-	/**
-	 * Private constructor
-	 * obtains the config from IS
-	 */
-	private KkClientFactory() {
-		logger.info("Building KeycloakAPICredentials object");
 		try {
-			if (this.config == null) {
-				this.config = fetchIsConfig();
-			}
-			logger.info("KeycloakAPICredentials object built {} - {}", config.getServerUrl(), config.getName());
+			if (this.secret == null)
+				this.secret = InfrastrctureServiceClient.getSecretForInfrastructure();
 
+			IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
+					END_POINT_NAME, IS_ROOT_SERVICE, secret);
+			logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName());
+
+			return cfg;
 		} catch (Exception e) {
-			logger.error("error obtaining IAM configuration from IS {} ", e);
+			e.printStackTrace();
+			throw new InternalServerErrorException(e);
 		}
 	}
 
-	// public IsServerConfig configFromINI() throws NotFoundException,
-	// ServerException{
-
-	// ApplicationContext appContext = ContextProvider.get();
-	// SimpleCredentials credentials =
-	// (SimpleCredentials)appContext.authorizationProvider().getCredentials();
-
-	// IsServerConfig cfg = fetchIsConfig();
-	// IsServerConfig newConfig = new IsServerConfig(
-	// cfg.getServerUrl(),
-	// cfg.getName(),
-	// credentials.getClientID(), // cfg.getClientId(),
-	// credentials.getSecret(), // cfg.getClientSecrxet(),
-	// cfg.getProperties()
-	// );
-
-	// return newConfig;s
-
-	// }
-
-	public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException {
-
-		IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
-				END_POINT_NAME, IS_ROOT_SERVICE);
-		return cfg;
-
-	}
-
-	public static String encodeClientIdContext(String context) {
-		return context.replace("/", "%2F");
-	}
-
 	public KeycloackApiClient createtKeycloakInstance(String context) {
+		if (this.config == null) {
+			this.config = fetchIsConfig(this.secret);
+		}
 		return createtKeycloakInstance(this.config, context);
 	}
 
@@ -151,6 +133,8 @@ public class KkClientFactory {
 	 * 
 	 * @param clientId
 	 * @return
+	 * @throws ServerException
+	 * @throws NotFoundException
 	 */
 	public ClientResource getKKClientById(String clientId) {
 
@@ -179,4 +163,7 @@ public class KkClientFactory {
 	// return new IsServerConfig(serverUrl, realm, clientId, clientSecret);
 	// }
 
+	public static String encodeClientIdContext(String context) {
+		return context.replace("/", "%2F");
+	}
 }

src/main/java/org/gcube/service/idm/liferay/LiferayClientFactory.java

@@ -1,14 +1,13 @@
 package org.gcube.service.idm.liferay;
 
-import java.rmi.ServerException;
-
+import org.gcube.common.security.secrets.Secret;
 import org.gcube.idm.common.is.InfrastrctureServiceClient;
 import org.gcube.idm.common.is.IsServerConfig;
 import org.gcube.vomanagement.usermanagement.impl.ws.LiferayWSUserManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.InternalServerErrorException;
 
 public class LiferayClientFactory {
 	private static final Logger logger = LoggerFactory.getLogger(LoggerFactory.class);
@@ -22,49 +21,7 @@ public class LiferayClientFactory {
 	LiferayWSUserManager client = null;
 
 	private IsServerConfig config;
-
-	public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config)
-			throws NotFoundException, ServerException {
-
-		String host = config.getServerUrl();
-		String schema = config.getProperty("schema");
-		String user = config.getProperty("username");
-		String password = config.getProperty("password");
-		Integer port = Integer.valueOf(config.getProperty("port"));
-
-		LiferayWSUserManager client = null;
-
-		try {
-			client = new LiferayWSUserManager(user, password, host, schema, port);
-		} catch (Exception e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-			throw new ServerException("cannot create Liferay client");
-		}
-
-		if (client == null) {
-			throw new ServerException("cannot create Liferay client");
-		}
-
-		logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName());
-
-		return client;
-	}
-
-	public IsServerConfig getConfig() throws NotFoundException, ServerException {
-		if (this.config == null) {
-			this.config = fetchIsConfig();
-		}
-		return this.config;
-	}
-
-	public LiferayWSUserManager getClient() throws NotFoundException, ServerException {
-		if (this.client == null) {
-			IsServerConfig configuration = this.getConfig();
-			this.client = createtLiferayClientInstance(configuration);
-		}
-		return this.client;
-	}
+	private Secret secret;
 
 	private static LiferayClientFactory singleton = new LiferayClientFactory();
 
@@ -74,12 +31,75 @@ public class LiferayClientFactory {
 		return singleton;
 	}
 
-	public IsServerConfig fetchIsConfig() throws NotFoundException, ServerException {
-		IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
-				END_POINT_NAME,
-				IS_ROOT_SERVICE);
+	public Secret getSecret() {
+		return secret;
+	}
 
-		return cfg;
+	public void setSecret(Secret secret) {
+		this.secret = secret;
+		this.config = fetchIsConfig(this.secret);
+	}
+
+	public IsServerConfig fetchIsConfig(Secret secret) throws InternalServerErrorException {
+		try {
+			if (this.secret == null)
+				this.secret = InfrastrctureServiceClient.getSecretForInfrastructure();
+
+			IsServerConfig cfg = InfrastrctureServiceClient.serviceConfigFromIS(RUNTIME_RESOURCE_NAME, CATEGORY,
+					END_POINT_NAME, IS_ROOT_SERVICE, secret);
+			logger.info("KeycloakAPICredentials object built {} - {}", cfg.getServerUrl(), cfg.getName());
+
+			return cfg;
+		} catch (Exception e) {
+			e.printStackTrace();
+			throw new InternalServerErrorException(e);
+		}
+	}
+
+	public LiferayWSUserManager createtLiferayClientInstance() {
+		if (this.config == null) {
+			this.config = fetchIsConfig(this.secret);
+		}
+		return createtLiferayClientInstance(this.config);
+	}
+
+	public static LiferayWSUserManager createtLiferayClientInstance(IsServerConfig config) {
+		String host = config.getServerUrl();
+		String schema = config.getProperty("schema");
+		String user = config.getProperty("username");
+		String password = config.getProperty("password");
+		Integer port = Integer.valueOf(config.getProperty("port"));
+
+		LiferayWSUserManager client = null;
+		try {
+			client = new LiferayWSUserManager(user, password, host, schema, port);
+		} catch (Exception e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+			throw new InternalServerErrorException("cannot create Liferay client");
+		}
+
+		if (client == null) {
+			throw new InternalServerErrorException("cannot create Liferay client");
+		}
+
+		logger.info("Liferay object built {} - {}", config.getServerUrl(), config.getName());
+
+		return client;
+	}
+
+	// public IsServerConfig getConfig() {
+	// if (this.config == null) {
+	// this.config = fetchIsConfig();
+	// }
+	// return this.config;
+	// }
+
+	public LiferayWSUserManager getClient() {
+		if (this.client == null) {
+			this.client = createtLiferayClientInstance();
+		}
+		return this.client;
 	}
 
 }

src/main/java/org/gcube/service/idm/models/IdmUser.java

@@ -5,10 +5,9 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import org.gcube.idm.common.IdmUserInterface;
+import org.gcube.idm.common.models.IdmProfileInterface;
 
-
-public class IdmUser implements IdmUserInterface {
+public class IdmUser implements IdmProfileInterface {
 
     protected String self; // link
     protected String id;
@@ -109,12 +108,12 @@ public class IdmUser implements IdmUserInterface {
 
     // @Deprecated
     // public Boolean isTotp() {
-    //     return totp;
+    // return totp;
     // }
 
     // @Deprecated
     // public void setTotp(Boolean totp) {
-    //     this.totp = totp;
+    // this.totp = totp;
     // }
 
     public Boolean isEmailVerified() {
@@ -134,16 +133,18 @@ public class IdmUser implements IdmUserInterface {
     }
 
     // public UserRepresentation singleAttribute(String name, String value) {
-    //     if (this.attributes == null)
-    //         this.attributes = new HashMap<>();
-    //     attributes.put(name, (value == null ? new ArrayList<String>() : Arrays.asList(value)));
-    //     return this;
+    // if (this.attributes == null)
+    // this.attributes = new HashMap<>();
+    // attributes.put(name, (value == null ? new ArrayList<String>() :
+    // Arrays.asList(value)));
+    // return this;
     // }
 
     // public String firstAttribute(String key) {
-    //     return this.attributes == null ? null
-    //             : this.attributes.get(key) == null ? null
-    //                     : this.attributes.get(key).isEmpty() ? null : this.attributes.get(key).get(0);
+    // return this.attributes == null ? null
+    // : this.attributes.get(key) == null ? null
+    // : this.attributes.get(key).isEmpty() ? null :
+    // this.attributes.get(key).get(0);
     // }
 
     // public List<CredentialRepresentation> getCredentials() {
@@ -214,7 +215,7 @@ public class IdmUser implements IdmUserInterface {
 
     // @Deprecated
     // public Map<String, List<String>> getApplicationRoles() {
-    //     return applicationRoles;
+    // return applicationRoles;
     // }
 
     public String getFederationLink() {
@@ -242,24 +243,25 @@ public class IdmUser implements IdmUserInterface {
     }
 
     // /**
-    //  * Returns id of UserStorageProvider that loaded this user
-    //  *
-    //  * @return NULL if user stored locally
-    //  */
+    // * Returns id of UserStorageProvider that loaded this user
+    // *
+    // * @return NULL if user stored locally
+    // */
     // public String getOrigin() {
-    //     return origin;
+    // return origin;
     // }
 
     // public void setOrigin(String origin) {
-    //     this.origin = origin;
+    // this.origin = origin;
     // }
 
     // public Set<String> getDisableableCredentialTypes() {
-    //     return disableableCredentialTypes;
+    // return disableableCredentialTypes;
     // }
 
-    // public void setDisableableCredentialTypes(Set<String> disableableCredentialTypes) {
-    //     this.disableableCredentialTypes = disableableCredentialTypes;
+    // public void setDisableableCredentialTypes(Set<String>
+    // disableableCredentialTypes) {
+    // this.disableableCredentialTypes = disableableCredentialTypes;
     // }
 
     public Map<String, Boolean> getAccess() {

src/main/java/org/gcube/service/idm/rest/ClientsAPI.java

@@ -235,8 +235,6 @@ public class ClientsAPI {
             AuthController.checkIsRealmAdmin(ErrorMessages.RESERVED_PARAMETER + "client_id");
         }
 
-        
-
         // String role_name = "Member";
 
         boolean show_groups = !format_group.equals(KCGroupsController.REPR.none);

src/main/java/org/gcube/service/idm/rest/JwtAPI.java

@@ -27,8 +27,8 @@ import jakarta.ws.rs.core.Response;
 import jakarta.ws.rs.core.Response.Status;
 
 @RequestHeaders({
-    @RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
-    @RequestHeader(name = "Content-Type", description = "application/json")
+        @RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
+        @RequestHeader(name = "Content-Type", description = "application/json")
 })
 @Path("jwt")
 public class JwtAPI {

src/main/java/org/gcube/service/idm/rest/SocialUsersAPI.java

@@ -201,7 +201,6 @@ public class SocialUsersAPI {
             @QueryParam("firstResult") @DefaultValue("0") int firstResult,
             @QueryParam("maxResults") @DefaultValue("100") int maxResults) {
 
-
         if (firstResult > 0) {
             first = firstResult;
         }

src/main/java/org/gcube/service/idm/rest/UserAPI.java

@@ -4,8 +4,6 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import jakarta.ws.rs.ServiceUnavailableException;
-
 import org.gcube.common.security.Owner;
 import org.gcube.common.security.providers.SecretManagerProvider;
 import org.gcube.common.security.secrets.Secret;

src/main/java/org/gcube/service/utils/ErrorMessages.java

@@ -11,11 +11,6 @@ public class ErrorMessages {
 
 	public static final String RESERVED_PARAMETER = "The parameter can be used only by realm administrators: ";
 
-
-
-	
-
-
 	//
 	// protected static final String CANNOT_RETRIEVE_SERVICE_ENDPOINT_INFORMATION =
 	// "Unable to retrieve such service endpoint information";

todo.md

@@ -1,8 +1,12 @@
+# OPENSTACK
+
+* [ ] deploy su openstack
+* [ ] aggiungere accounting
+
 # CONFIGURAZIONE
 
 * [ ] leggere parametri da file di container.ini
 * [ ] rivedere gestione errori
-* 
   
 # MASSI
 
@@ -24,5 +28,3 @@
 * [ ] implementare client (rif. gcat-client)
 * [ ] verificare controllo diritti
 
-* [ ] aggiungere accounting
-* [ ] mettere su openstack