gCubeSystem
/
idm-service
15
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

minimized code to resolve resteasy conflict

This commit is contained in:
Alfredo Oliviero 2024-02-16 12:20:40 +01:00
parent 165cec80b2
commit 753828ff25
5 changed files with 176 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/org/gcube/idm/IdentityManagerResourceInitializer.java
View File

@ -3,7 +3,6 @@ package org.gcube.idm;
import javax.ws.rs.ApplicationPath;
import org.gcube.idm.rest.TestRest;
import org.gcube.idm.rest.UsersRest;
import org.gcube.smartgears.annotations.ManagedBy;
import org.glassfish.jersey.server.ResourceConfig;
@ -15,7 +14,7 @@ import org.glassfish.jersey.server.ResourceConfig;
// SMARTGEARS
// legge i parametri del service da application.yaml
// @ApplicationPath("/")
@ApplicationPath("/")
@ManagedBy(IdentityManagerdInitializator.class)
public class IdentityManagerResourceInitializer extends ResourceConfig {

10
src/main/java/org/gcube/idm/rest/TestRest.java
View File

@ -10,11 +10,11 @@ import com.webcohesion.enunciate.metadata.rs.ResourceGroup;
import com.webcohesion.enunciate.metadata.rs.ResourceLabel;
@Path("/test")
@ResourceGroup("Comments APIs")
@ResourceLabel("Comments APIs")
// @RequestHeaders ({
// @RequestHeader( name = "Authorization", description = "Bearer token, see <a href=\"https://dev.d4science.org/how-to-access-resources\">https://dev.d4science.org/how-to-access-resources</a>")
// })
@ResourceGroup("test")
@ResourceLabel("test")
@RequestHeaders({
@RequestHeader( name = "Authorization", description = "Bearer token, see <a href=\"https://dev.d4science.org/how-to-access-resources\">https://dev.d4science.org/how-to-access-resources</a>")
})
public class TestRest {
@GET

31
src/main/java/org/gcube/idm/rest/UsersRest.java
View File

@ -1,36 +1,8 @@
package org.gcube.idm.rest;
import java.util.ArrayList;
import java.util.List;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.gcube.common.authorization.library.policies.Users;
import org.gcube.common.security.Owner;
import org.gcube.common.security.providers.SecretManagerProvider;
import org.gcube.keycloak.KeycloakAPIFactory;
import org.gcube.keycloak.KeycloakApiClient;
import org.gcube.rest.ResponseBean;
import org.gcube.smartgears.ContextProvider;
import org.gcube.smartgears.context.application.ApplicationContext;
import org.gcube.smartgears.security.SimpleCredentials;
import org.gcube.smartgears.security.defaults.DefaultAuthorizationProvider;
import org.gcube.smartgears.utils.InnerMethodName;
import org.jboss.resteasy.spi.NotImplementedYetException;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
import org.slf4j.LoggerFactory;
import com.webcohesion.enunciate.metadata.rs.RequestHeader;
import com.webcohesion.enunciate.metadata.rs.RequestHeaders;
import com.webcohesion.enunciate.metadata.rs.ResourceGroup;
import com.webcohesion.enunciate.metadata.rs.ResourceLabel;
// @Path("2/users")
// @ResourceGroup("Users APIs")
// @ResourceLabel("Greetings APIs")
@ -40,6 +12,7 @@ import com.webcohesion.enunciate.metadata.rs.ResourceLabel;
public class UsersRest {
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Users.class);
/*
// @GET
// @Path("/get-usernames-by-role")
// @Produces({ "application/json;charset=UTF-8", "application/vnd.api+json" })
@ -70,7 +43,7 @@ public class UsersRest {
return Response.status(status).entity(responseBean).build();
}
/*
private static List<UserRepresentation> searchByRole(KeycloackApiClient keycloackApiClient, String roleName) {
logger.info("Searching by role: {}", roleName);

96
src/main/java/org/gcube/keycloak/KeycloakApiClient.java
View File

@ -1,24 +1,108 @@
package org.gcube.keycloak;
import java.util.List;
import org.gcube.common.authorization.library.policies.Users;
import org.keycloak.OAuth2Constants;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.ClientsResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.slf4j.LoggerFactory;
public class KeycloakApiClient {
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(Users.class);
public Keycloak kclient;
public String realmName;
public String clientIdContext;
public String encodeContext;
public String context;
public static String getClientIdContext(String context){
return context.replace("/", "%2F");
}
private String clientId;
public static String getClientIdContext(String context) {
return context.replace("/", "%2F");
}
public RealmResource getRealmKClient() {
return this.kclient.realm(this.realmName);
}
public static ClientRepresentation getClientReprByName(Keycloak keycloak, String realmName, String clientName) {
ClientsResource clients = keycloak.realm(realmName).clients();
return getClientReprByName(clients, clientName);
}
public static ClientRepresentation getClientReprByName(ClientsResource realmClient, String clientName) {
String clientIdContext = getClientIdContext(clientName);
// List<ClientRepresentation> clients_repr = realmClient.clients().findByClientId(clientIdContext);
// ClientRepresentation client = null;
// String id = "";
// // prende l'utlima della lista
// for (ClientRepresentation client_repr : clients_repr) {
// logger.info("found client =" + client_repr.getClientId());
// logger.info("found client id=" + client_repr.getId());
// id = client_repr.getId();
// return client_repr;
// }
// Object clientApi = clients_repr.get(id);
return null;
}
public KeycloakApiClient(Keycloak kclient, String realmName, String context) {
this.clientIdContext = getClientIdContext(context);
this.encodeContext = getClientIdContext(context);
this.context = context;
this.kclient = kclient;
this.realmName = realmName;
//ClientsResource clients = kclient.realm(realmName).clients().get*
//clients.get(context);
}
public static KeycloakApiClient getTestClient() {
String testServerUrl = "https://accounts.dev.d4science.org/"; // + "/auth" ???
String testRealmName = "d4science";
String testClientId = "id.d4science.org";
String testClientSecret = "09c26f24-3c65-4039-9fa0-e5cc4f4032cd";
String testContext = "/gcube/devsec/devVRE";
Keycloak keycloak = KeycloakBuilder.builder()
.serverUrl(testServerUrl)
.realm(testRealmName)
.grantType(OAuth2Constants.CLIENT_CREDENTIALS)
.clientId(testClientId) //
.clientSecret(testClientSecret).build();
RealmResource realmclient = keycloak.realm(testRealmName);
ClientsResource clients = realmclient.clients();
List<ClientRepresentation> ccc = keycloak.realm(testRealmName).clients().findByClientId( getClientIdContext(testContext));
String id = "";
for (ClientRepresentation client : ccc) {
logger.info("found client ="+client.getClientId());
logger.info("found client id="+client.getId());
id =client.getId();
}
ClientResource c = keycloak.realm(testRealmName).clients().get(id);
return new KeycloakApiClient(keycloak, testRealmName, testContext);
}
}

78
src/main/java/org/gcube/keycloak/KeycloakUserController.java Normal file
View File

@ -0,0 +1,78 @@
package org.gcube.keycloak;
import java.util.List;
import org.keycloak.admin.client.resource.ClientResource;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.UserRepresentation;
/**
*
/2/users/get-profile // profilo utente corrente
/2/users/get-all-usernames
/2/users/get-all-fullnames-and-usernames
/2/users/get-usernames-by-role
/2/users/user-exists // https://howtodoinjava.com/devops/search-keycloak-users/
// attenzione al risultato. vedere in seguito
/2/users/get-oauth-profile
// eventualemente in seguito. da approfondire
/2/users/get-custom-attribute
/2/users/get-usernames-by-global-role
/2/people/profile
*
*/
public class KeycloakUserController {
//
// get-usernames-by-role
public List<UserRepresentation> getUsersByRole(ClientResource clientApi, String roleName) {
return getUsersByRole(clientApi, roleName, 0, null);
}
public List<UserRepresentation> getUsersByRole(ClientResource clientApi, String roleName, Integer firstResult, Integer maxResults) {
List<UserRepresentation> users = clientApi.roles().get(roleName).getUserMembers(firstResult, maxResults);
return users;
}
// users/get-all-usernames
// users/get-all-fullnames-and-usernames
// users/user-exists
public UserRepresentation getUserByUsername(RealmResource realmApi, String username) throws Exception {
List<UserRepresentation> users = realmApi.users().search(username);
if (users.size() == 0){
return null;
}
if (users.size() > 1){
throw new Exception("multiple users found for username " + username);
}
return users.get(0);
}
// questi saranno implementati dalle API
// from realm
// public boolean checkUserExistsRealm(RealmResource realmApi, String username) {
// List<UserRepresentation> users = realmApi.users().search(username);
// return users.size() > 0;
// }
// public String getEmailByUsername(RealmResource realmApi, String username) throws Exception {
// UserRepresentation user = getUserByUsername(realmApi, username);
// return user.getEmail();
// }
// public String getFullnamelByUsername(RealmResource realmApi, String username) throws Exception {
// UserRepresentation user = getUserByUsername(realmApi, username);
// return user.getFirstName() + user.getLastName();
// }
}