From 5785c5a71256775f074355c7e13fff1fa8fa3ffe Mon Sep 17 00:00:00 2001 From: Alfredo Oliviero Date: Fri, 19 Apr 2024 18:02:05 +0200 Subject: [PATCH] moved implementation --- .../idm/controller/KCClientsController.java | 66 +++++++++++++++---- .../idm/controller/KCRolesController.java | 2 +- .../idm/keycloack/KkClientFactory.java | 24 +++++++ .../gcube/service/idm/rest/ClientsAPI.java | 27 +------- .../org/gcube/service/idm/rest/RolesAPI.java | 2 +- 5 files changed, 82 insertions(+), 39 deletions(-) diff --git a/src/main/java/org/gcube/service/idm/controller/KCClientsController.java b/src/main/java/org/gcube/service/idm/controller/KCClientsController.java index adac8c5..f123f65 100644 --- a/src/main/java/org/gcube/service/idm/controller/KCClientsController.java +++ b/src/main/java/org/gcube/service/idm/controller/KCClientsController.java @@ -8,9 +8,12 @@ import java.util.stream.Collectors; import org.gcube.service.idm.keycloack.KkClientFactory; import org.keycloak.admin.client.resource.ClientResource; +import org.keycloak.admin.client.resource.GroupResource; +import org.keycloak.admin.client.resource.RealmResource; import org.keycloak.admin.client.resource.RoleResource; import org.keycloak.admin.client.resource.RolesResource; import org.keycloak.representations.idm.ClientRepresentation; +import org.keycloak.representations.idm.GroupRepresentation; import org.keycloak.representations.idm.RoleRepresentation; import org.keycloak.representations.idm.UserRepresentation; import org.slf4j.LoggerFactory; @@ -36,12 +39,10 @@ public class KCClientsController { return client.getId(); } - if (format.equals(REPR.client_id)) { return client.getClientId(); } - if (format.equals(REPR.compact)) { HashMap result = new HashMap(); result.put("id", client.getId()); @@ -58,7 +59,7 @@ public class KCClientsController { return clients.stream().map(x -> formatRepr(x, format)).filter(Objects::nonNull).collect(Collectors.toList()); } - public static List getRoles() { + public static List getRolesCurrent() { logger.info("Searching users for context"); ClientResource client = KkClientFactory.getSingleton().getKKClient(); RolesResource roles_resource = client.roles(); @@ -67,10 +68,15 @@ public class KCClientsController { return roles; } - public static RoleRepresentation getRoleByName(String name) { + public static RoleRepresentation getRoleByNameCurrent(String name) { + return getRoleByName(null, name); + } + + public static RoleRepresentation getRoleByName(String clientId, String name) { + logger.info("Searching users for context"); - ClientResource client = KkClientFactory.getSingleton().getKKClient(); - RolesResource roles_resource = client.roles(); + ClientResource clientResource = KkClientFactory.getSingleton().getKKClientById(clientId); + RolesResource roles_resource = clientResource.roles(); RoleResource role = roles_resource.get(name); if (role == null) { throw new NotFoundException("cannot retrieve role " + name); @@ -79,20 +85,58 @@ public class KCClientsController { return role.toRepresentation(); } - public static List getContextUsersByRole(String role_name) { - return getContextUsersByRole(role_name, null, null); + public static List getContextUsersByRoleCurrent(String role_name) { + return getContextUsersByRoleCurrent(role_name, null, null); } - public static List getContextUsersByRole(String role_name, Integer firstResult, + public static List getContextUsersByRoleCurrent(String role_name, Integer firstResult, Integer maxResults) { + return getContextUsersByRole(null, role_name, firstResult, maxResults); + } - ClientResource client = KkClientFactory.getSingleton().getKKClient(); - RolesResource roles_resource = client.roles(); + public static List getContextUsersByRole(String clientId, String role_name, + Integer firstResult, + Integer maxResults) { + ClientResource clientResource = KkClientFactory.getSingleton().getKKClientById(clientId); + RolesResource roles_resource = clientResource.roles(); RoleResource r = roles_resource.get(role_name); List users = r.getUserMembers(firstResult, maxResults); return users; } + /** + * returns the list of users of the client + * users list is a subset of members list, it's obtained from the group named as + * the context + * + * @param clientId null for current context + */ + + public static List getMemberGroupUsersCurrent() { + return getMemberGroupUsers(null, null, null); + } + + /** + * returns the list of users of the client + * users list is a subset of members list, it's obtained from the group named as + * the context + * + * @param clientId null for current context + * @param firstResult + * @param maxResults + */ + public static List getMemberGroupUsers(String clientId, Integer firstResult, + Integer maxResults) { + RealmResource realmResource = KkClientFactory.getSingleton().getKKRealm(); + ClientResource clientResource = KkClientFactory.getSingleton().getKKClientById(clientId); + ClientRepresentation client = clientResource.toRepresentation(); + + GroupRepresentation g_repr = realmResource.getGroupByPath(client.getName()); + GroupResource group = realmResource.groups().group(g_repr.getId()); + + List user_members = group.members(firstResult, maxResults); + return user_members; + } } diff --git a/src/main/java/org/gcube/service/idm/controller/KCRolesController.java b/src/main/java/org/gcube/service/idm/controller/KCRolesController.java index 7c08173..bd10bf3 100644 --- a/src/main/java/org/gcube/service/idm/controller/KCRolesController.java +++ b/src/main/java/org/gcube/service/idm/controller/KCRolesController.java @@ -61,7 +61,7 @@ public class KCRolesController { return roles; } - public static RoleRepresentation getRoleByName(String name) { + public static RoleRepresentation getRoleByNameCurrent(String name) { logger.info("Searching users for context"); ClientResource client = KkClientFactory.getSingleton().getKKClient(); RolesResource roles_resource = client.roles(); diff --git a/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java index f385868..06d2c04 100644 --- a/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java +++ b/src/main/java/org/gcube/service/idm/keycloack/KkClientFactory.java @@ -140,6 +140,30 @@ public class KkClientFactory { return realm.clients().get(id); } + + /** + * select the ClientResource by name, or current client if clientId parameter is null; + * + * @param clientId + * @return + */ + public ClientResource getKKClientById(String clientId) { + + if (clientId == null) + return KkClientFactory.getSingleton().getKKClient(); + + RealmResource realmResource = getKKRealm(); + + List clients = realmResource.clients().findByClientId(clientId); + + if (clients.size() == 0) { + throw new NotFoundException(); + } + String id = clients.get(0).getId(); + + return realmResource.clients().get(id); + } + // TODO: REMOVE // static IsServerConfig getTestConfig() { // String serverUrl = "https://accounts.dev.d4science.org/auth"; diff --git a/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java b/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java index bc5cc67..f30a054 100644 --- a/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/ClientsAPI.java @@ -159,32 +159,7 @@ public class ClientsAPI { @QueryParam("client_id") String clientId) { ResponseBean responseBean = new ResponseBean(); - RealmResource realmResource = KkClientFactory.getSingleton().getKKRealm(); - ClientResource clientResource = null; - ClientRepresentation client = null; - - // select the client by name, or current client if client_name parameter is - // null; - if (clientId == null) { - clientResource = KkClientFactory.getSingleton().getKKClient(); - client = clientResource.toRepresentation(); - } else { - - List clients = realmResource.clients().findByClientId(clientId); - - if (clients.size() == 0) { - throw new NotFoundException(); - } - String id = clients.get(0).getId(); - - clientResource = realmResource.clients().get(id); - client = clientResource.toRepresentation(); - } - - GroupRepresentation g_repr = realmResource.getGroupByPath(client.getName()); - GroupResource group = realmResource.groups().group(g_repr.getId()); - - List user_members = group.members(firstResult, maxResults); + Object result = KCUserController.formatList(user_members, format_users); responseBean.setResult(result); diff --git a/src/main/java/org/gcube/service/idm/rest/RolesAPI.java b/src/main/java/org/gcube/service/idm/rest/RolesAPI.java index 4bb9e6d..098ba9b 100644 --- a/src/main/java/org/gcube/service/idm/rest/RolesAPI.java +++ b/src/main/java/org/gcube/service/idm/rest/RolesAPI.java @@ -97,7 +97,7 @@ public class RolesAPI { ResponseBean responseBean = new ResponseBean(); try { - RoleRepresentation role = KCRolesController.getRoleByName(role_name); + RoleRepresentation role = KCRolesController.getRoleByNameCurrent(role_name); responseBean.setResult(role); responseBean.setSuccess(true);