code formatting
This commit is contained in:
parent
c4786572ab
commit
9508b7329c
|
@ -11,6 +11,8 @@ This service allows any client to publish on the gCube Catalogue.
|
|||
|
||||
[Identity Manager Service](https://wiki.gcube-system.org/gcube/SmartGears)
|
||||
|
||||
configuration: inserte
|
||||
|
||||
## Change log
|
||||
|
||||
See [CHANGELOG.md](CHANGELOG.md).
|
||||
|
@ -18,7 +20,6 @@ See [CHANGELOG.md](CHANGELOG.md).
|
|||
## Authors
|
||||
|
||||
* **Alfredo Oliviero** [ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||
* **Luca Frosini** ([ORCID](https://orcid.org/0000-0003-3183-2291)) - [ISTI-CNR Infrascience Group](http://nemis.isti.cnr.it/groups/infrascience)
|
||||
|
||||
## How to Cite this Software
|
||||
|
||||
|
|
28
pom.xml
28
pom.xml
|
@ -92,23 +92,23 @@
|
|||
</dependency>
|
||||
|
||||
<!-- https://mvnrepository.com/artifact/com.auth0/java-jwt -->
|
||||
<dependency>
|
||||
<groupId>com.auth0</groupId>
|
||||
<artifactId>java-jwt</artifactId>
|
||||
<version>4.4.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.auth0</groupId>
|
||||
<artifactId>java-jwt</artifactId>
|
||||
<version>4.4.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.datatype</groupId>
|
||||
<artifactId>jackson-datatype-jsr310</artifactId>
|
||||
<version>${jackson.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.datatype</groupId>
|
||||
<artifactId>jackson-datatype-jsr310</artifactId>
|
||||
<version>${jackson.version}</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!--
|
||||
usermanagement-core depends on older httpcommon and gives this error on keycloak client:
|
||||
java.lang.NoClassDefFoundError: org/apache/http/ssl/TrustStrategy
|
||||
https://stackoverflow.com/questions/44750124/classnotfoundexception-on-org-apache-http-ssl-truststrategy
|
||||
https://stackoverflow.com/questions/44750124/classnotfoundexception-on-org-apache-http-ssl-truststrategy
|
||||
|
||||
solution: bind version, or exclude them in usermanagement-core
|
||||
|
||||
|
@ -238,10 +238,10 @@ solution: bind version, or exclude them in usermanagement-core
|
|||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<!--
|
||||
<!--
|
||||
usermanagement-core depends on older httpcommon and gives this error on keycloak client:
|
||||
java.lang.NoClassDefFoundError: org/apache/http/ssl/TrustStrategy
|
||||
https://stackoverflow.com/questions/44750124/classnotfoundexception-on-org-apache-http-ssl-truststrategy
|
||||
https://stackoverflow.com/questions/44750124/classnotfoundexception-on-org-apache-http-ssl-truststrategy
|
||||
-->
|
||||
<dependency>
|
||||
<groupId>org.gcube.dvos</groupId>
|
||||
|
@ -253,7 +253,7 @@ https://stackoverflow.com/questions/44750124/classnotfoundexception-on-org-apach
|
|||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
</exclusion>
|
||||
|
||||
|
||||
<exclusion>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpcore</artifactId>
|
||||
|
|
|
@ -6,20 +6,19 @@ public class ErrorMessages {
|
|||
protected static final String CANNOT_RETRIEVE_SERVICE_ENDPOINT_INFORMATION = "Unable to retrieve such service endpoint information";
|
||||
|
||||
private static final String NO_RUNTIME_RESOURCE_TEMPLATE_NAME_CATEGORY = "There is no Runtime Resource having name %s and Category %s in this scope";
|
||||
|
||||
|
||||
public static final String MISSING_TOKEN = "Missing token.";
|
||||
public static final String MISSING_PARAMETERS = "Missing request parameters.";
|
||||
public static final String INVALID_TOKEN = "Invalid token.";
|
||||
public static final String TOKEN_GENERATION_APP_FAILED = "Token generation failed.";
|
||||
public static final String NOT_APP_TOKEN = "Invalid token: not belonging to an application.";
|
||||
public static final String NOT_APP_TOKEN = "Invalid token: not belonging to an application.";
|
||||
public static final String NOT_APP_ID = "Invalid application id: it doesn't belong to an application.";
|
||||
public static final String NO_APP_PROFILE_FOUND = "There is no application profile for this app id/scope.";
|
||||
public static final String BAD_REQUEST = "Please check the parameter you passed, it seems a bad request";
|
||||
public static final String ERROR_IN_API_RESULT = "The error is reported into the 'message' field of the returned object";
|
||||
public static final String POST_OUTSIDE_VRE = "A post cannot be written into a context that is not a VRE";
|
||||
public static final String DEPRECATED_METHOD = "This method is deprecated, must use version 2";
|
||||
|
||||
|
||||
protected static final String no_runtime_category(String runtime, String category) {
|
||||
return String.format(NO_RUNTIME_RESOURCE_TEMPLATE_NAME_CATEGORY, runtime, category);
|
||||
}
|
||||
|
|
|
@ -8,17 +8,17 @@ public class KeycloackApiClient {
|
|||
public String clientIdContext;
|
||||
public String context;
|
||||
|
||||
public static String getClientIdContext(String context){
|
||||
return context.replace("/", "%2F");
|
||||
}
|
||||
public static String getClientIdContext(String context) {
|
||||
return context.replace("/", "%2F");
|
||||
}
|
||||
|
||||
public KeycloackApiClient(Keycloak kclient, String realmName, String context) {
|
||||
this.clientIdContext = getClientIdContext(context);
|
||||
this.context = context;
|
||||
this.kclient = kclient;
|
||||
this.realmName = realmName;
|
||||
//ClientsResource clients = kclient.realm(realmName).clients().get*
|
||||
//clients.get(context);
|
||||
|
||||
// ClientsResource clients = kclient.realm(realmName).clients().get*
|
||||
// clients.get(context);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,7 +18,6 @@ import org.slf4j.Logger;
|
|||
import org.slf4j.LoggerFactory;
|
||||
import org.gcube.common.authorization.utils.secret.Secret;
|
||||
|
||||
|
||||
/***
|
||||
* from gcat implementation
|
||||
*
|
||||
|
@ -61,7 +60,7 @@ public class KeycloackClientGcatFactory {
|
|||
} catch (Exception e) {
|
||||
throw new InternalServerErrorException(
|
||||
"Unable to retrieve Application Token for context "
|
||||
/*+ SecretManagerProvider.instance.get().getContext() */,
|
||||
/* + SecretManagerProvider.instance.get().getContext() */,
|
||||
e);
|
||||
}
|
||||
}
|
||||
|
@ -76,7 +75,7 @@ public class KeycloackClientGcatFactory {
|
|||
}
|
||||
|
||||
public URL getServerURL() {
|
||||
try {
|
||||
try {
|
||||
return this.getRealmBaseURL();
|
||||
} catch (KeycloakClientException e) {
|
||||
// That should be almost impossible
|
||||
|
@ -85,19 +84,19 @@ public class KeycloackClientGcatFactory {
|
|||
}
|
||||
}
|
||||
|
||||
public String getClientid() {
|
||||
return clientId;
|
||||
}
|
||||
public String getClientid() {
|
||||
return clientId;
|
||||
}
|
||||
|
||||
// TODO: serve? implementare
|
||||
public String getPassword() {
|
||||
return null;
|
||||
}
|
||||
public String getPassword() {
|
||||
return null;
|
||||
}
|
||||
|
||||
// TODO: VERIFICARE
|
||||
public String getRealm() {
|
||||
return this.context;
|
||||
}
|
||||
return this.context;
|
||||
}
|
||||
|
||||
public KeycloackClientGcatFactory(String context) {
|
||||
this.context = context;
|
||||
|
@ -108,17 +107,18 @@ public class KeycloackClientGcatFactory {
|
|||
this.gcubeKeycloakClient = new DefaultKeycloakClient();
|
||||
}
|
||||
|
||||
private static TokenResponse getJWTAccessToken() throws Exception {
|
||||
String context = SecretManagerProvider.get().getContext();
|
||||
Entry<String,String> entry = getClientIdAndClientSecret(context);
|
||||
TokenResponse tr = KeycloakClientFactory.newInstance().queryUMAToken(context, entry.getKey(), entry.getValue(), context, null);
|
||||
return tr;
|
||||
}
|
||||
|
||||
public static Secret getCatalogueSecret() throws Exception {
|
||||
TokenResponse tr = getJWTAccessToken();
|
||||
Secret secret = new JWTSecret(tr.getAccessToken());
|
||||
return secret;
|
||||
}
|
||||
private static TokenResponse getJWTAccessToken() throws Exception {
|
||||
String context = SecretManagerProvider.get().getContext();
|
||||
Entry<String, String> entry = getClientIdAndClientSecret(context);
|
||||
TokenResponse tr = KeycloakClientFactory.newInstance().queryUMAToken(context, entry.getKey(), entry.getValue(),
|
||||
context, null);
|
||||
return tr;
|
||||
}
|
||||
|
||||
public static Secret getCatalogueSecret() throws Exception {
|
||||
TokenResponse tr = getJWTAccessToken();
|
||||
Secret secret = new JWTSecret(tr.getAccessToken());
|
||||
return secret;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -22,9 +22,6 @@ import org.keycloak.admin.client.KeycloakBuilder;
|
|||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import jakarta.ws.rs.DefaultValue;
|
||||
import jakarta.ws.rs.QueryParam;
|
||||
|
||||
public class KeycloakClientFactory {
|
||||
private static final Logger logger = LoggerFactory.getLogger(KeycloakClientFactory.class);
|
||||
|
||||
|
@ -141,16 +138,16 @@ public class KeycloakClientFactory {
|
|||
public KeycloackApiClient createtKeycloakInstance(String context) {
|
||||
|
||||
return defaultKeycloackInstance(context);
|
||||
|
||||
|
||||
// // String clientIdContext = KeycloackUtils.getClientIdContext(context);
|
||||
// String realm = this.getRealm();
|
||||
// Keycloak keycloak = KeycloakBuilder.builder()
|
||||
// .serverUrl(this.getServerURL())
|
||||
// .realm(realm)
|
||||
// .grantType(OAuth2Constants.CLIENT_CREDENTIALS)
|
||||
// .clientId(this.getClientid()) //
|
||||
// .clientSecret(this.getPassword()).build();
|
||||
// return
|
||||
// .serverUrl(this.getServerURL())
|
||||
// .realm(realm)
|
||||
// .grantType(OAuth2Constants.CLIENT_CREDENTIALS)
|
||||
// .clientId(this.getClientid()) //
|
||||
// .clientSecret(this.getPassword()).build();
|
||||
// return
|
||||
}
|
||||
|
||||
public KeycloackApiClient defaultKeycloackInstance(String context) {
|
||||
|
|
|
@ -30,7 +30,6 @@ import jakarta.ws.rs.Produces;
|
|||
import jakarta.ws.rs.QueryParam;
|
||||
import jakarta.ws.rs.core.Response;
|
||||
|
||||
|
||||
@ManagedBy(IdMManager.class)
|
||||
@Path("")
|
||||
public class KeycloakTestService {
|
||||
|
@ -51,8 +50,7 @@ public class KeycloakTestService {
|
|||
@QueryParam("realm") @DefaultValue("d4science") String realm,
|
||||
@QueryParam("role-name") @DefaultValue("Member") String roleName,
|
||||
@QueryParam("client_id") @DefaultValue("id.d4science.org") String clientId,
|
||||
@QueryParam("client_secret") @DefaultValue(CLIENT_SECRET) String client_secret
|
||||
) {
|
||||
@QueryParam("client_secret") @DefaultValue(CLIENT_SECRET) String client_secret) {
|
||||
|
||||
String client_contenxt = "/gcube";
|
||||
|
||||
|
@ -139,4 +137,3 @@ public class KeycloakTestService {
|
|||
return users_repr;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -25,13 +25,15 @@ import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
|
|||
public class ContextSerializator {
|
||||
private static ObjectMapper serializer = null;
|
||||
|
||||
protected static TypeReference<HashMap<String,Object>> typeRefHashmap = new TypeReference<HashMap<String,Object>>() {};
|
||||
protected static TypeReference<HashMap<String, Object>> typeRefHashmap = new TypeReference<HashMap<String, Object>>() {
|
||||
};
|
||||
|
||||
public static String decodeBase64String(String encodedString){
|
||||
public static String decodeBase64String(String encodedString) {
|
||||
return new String(Base64.getUrlDecoder().decode(encodedString), StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
public static HashMap<String, Object> jsonStringToHasmap(String jsonString) throws JsonMappingException, JsonProcessingException {
|
||||
public static HashMap<String, Object> jsonStringToHasmap(String jsonString)
|
||||
throws JsonMappingException, JsonProcessingException {
|
||||
return getSerializer().readValue(jsonString, typeRefHashmap);
|
||||
}
|
||||
|
||||
|
@ -46,7 +48,7 @@ public class ContextSerializator {
|
|||
module.addSerializer(SimpleCredentials.class, new SimpleCredentialsSerializer());
|
||||
|
||||
// DecodedJWT serialization
|
||||
om.registerModule(new JavaTimeModule());
|
||||
om.registerModule(new JavaTimeModule());
|
||||
serializer = om;
|
||||
}
|
||||
return serializer;
|
||||
|
|
|
@ -4,29 +4,31 @@ import org.gcube.common.authorization.library.ClientType;
|
|||
import org.gcube.common.authorization.library.utils.Caller;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
|
||||
/**
|
||||
* Tokens utils methods
|
||||
*/
|
||||
public class TokensUtils {
|
||||
|
||||
|
||||
// a user context token (not qualified) has as qualifier the word "TOKEN"
|
||||
private static final String DEFAULT_QUALIFIER_USER_TOKEN = "TOKEN";
|
||||
// Logger
|
||||
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(TokensUtils.class);
|
||||
|
||||
/**
|
||||
* Check if it is a service token
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isServiceToken(Caller caller){
|
||||
public static boolean isServiceToken(Caller caller) {
|
||||
return caller.getClient().getType().equals(ClientType.SERVICE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if it is an application token
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isApplicationToken(Caller caller){
|
||||
public static boolean isApplicationToken(Caller caller) {
|
||||
String username = caller.getClient().getId();
|
||||
if (username.startsWith("service-account-")) {
|
||||
return true;
|
||||
|
@ -37,9 +39,10 @@ public class TokensUtils {
|
|||
|
||||
/**
|
||||
* Check if it is a container token
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isContainerToken(Caller caller){
|
||||
public static boolean isContainerToken(Caller caller) {
|
||||
|
||||
return caller.getClient().getType().equals(ClientType.CONTAINER);
|
||||
|
||||
|
@ -47,10 +50,12 @@ public class TokensUtils {
|
|||
|
||||
/**
|
||||
* Check if it is a user token
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isUserToken(Caller caller) {
|
||||
logger.debug("\n ****** \n isUserToken: caller.getClient().getType().equals(ClientType.USER) => " + caller.getClient().getType().equals(ClientType.USER));
|
||||
logger.debug("\n ****** \n isUserToken: caller.getClient().getType().equals(ClientType.USER) => "
|
||||
+ caller.getClient().getType().equals(ClientType.USER));
|
||||
String username = caller.getClient().getId();
|
||||
if (username.startsWith("service-account-")) {
|
||||
return false;
|
||||
|
@ -61,19 +66,22 @@ public class TokensUtils {
|
|||
|
||||
/**
|
||||
* Check if it is a user token (not qualified)
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isUserTokenDefault(Caller caller){
|
||||
public static boolean isUserTokenDefault(Caller caller) {
|
||||
return isUserToken(caller);
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if it is a user token (qualified)
|
||||
*
|
||||
* @return a boolean value
|
||||
*/
|
||||
public static boolean isUserTokenQualified(Caller caller){
|
||||
public static boolean isUserTokenQualified(Caller caller) {
|
||||
|
||||
return caller.getClient().getType().equals(ClientType.USER) && !caller.getTokenQualifier().equals(DEFAULT_QUALIFIER_USER_TOKEN);
|
||||
return caller.getClient().getType().equals(ClientType.USER)
|
||||
&& !caller.getTokenQualifier().equals(DEFAULT_QUALIFIER_USER_TOKEN);
|
||||
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue