implemented idm-common library
This commit is contained in:
parent
6ccc1cd9ba
commit
a478ab08c4
29
pom.xml
29
pom.xml
|
@ -1,3 +1,4 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
|
@ -55,16 +56,8 @@
|
|||
</dependencyManagement>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!--
|
||||
Keycloak use a older version of jackson (2.12.3).
|
||||
some jackson libraries are imported only by keyclock,
|
||||
not by smartgears so it mixed different versions.
|
||||
We explicity import its jackson dependency to ovverride the version
|
||||
-->
|
||||
|
||||
<dependency>
|
||||
<groupId>org.gcube.idm.client</groupId>
|
||||
<groupId>org.gcube.idm</groupId>
|
||||
<artifactId>idm-common-library</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
</dependency>
|
||||
|
@ -188,7 +181,16 @@ solution: bind version, or exclude them in usermanagement-core
|
|||
<artifactId>jersey-container-servlet</artifactId>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>org.glassfish.jersey.media</groupId>
|
||||
<artifactId>jersey-media-json-jackson</artifactId>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.glassfish.jersey.core</groupId>
|
||||
<artifactId>jersey-client</artifactId>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<!--
|
||||
https://mvnrepository.com/artifact/org.glassfish.jersey.inject/jersey-cdi2-se -->
|
||||
<dependency>
|
||||
|
@ -250,6 +252,13 @@ solution: bind version, or exclude them in usermanagement-core
|
|||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
<version>2.6</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<!-- needed by com.liferay.portal -->
|
||||
<dependency>
|
||||
<groupId>com.googlecode.json-simple</groupId>
|
||||
|
|
|
@ -1,177 +0,0 @@
|
|||
package org.gcube.service.idm.is;
|
||||
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.clientFor;
|
||||
import static org.gcube.resources.discovery.icclient.ICFactory.queryFor;
|
||||
|
||||
import java.rmi.ServerException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
import org.gcube.common.security.AuthorizedTasks;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||
import org.gcube.smartgears.ContextProvider;
|
||||
import org.gcube.smartgears.context.application.ApplicationContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import jakarta.ws.rs.NotFoundException;
|
||||
|
||||
/**
|
||||
* Utility class to query EndPoints and search for AccessPoints from IS
|
||||
*
|
||||
* @author Alfredo Oliviero (ISTI - CNR)
|
||||
*/
|
||||
|
||||
public class InfrastrctureServiceClient {
|
||||
private static final Logger logger = LoggerFactory.getLogger(InfrastrctureServiceClient.class);
|
||||
|
||||
/**
|
||||
* obatins from IS the list of ServiceEndpoint matching the parameters
|
||||
*
|
||||
* @param resource_name
|
||||
* @param category
|
||||
* @param accessPointName
|
||||
* @param is_root_service
|
||||
*
|
||||
* @return the list of EndPoints matching the parameters
|
||||
* @throws Exception
|
||||
*/
|
||||
|
||||
public static List<ServiceEndpoint> getEndopintsFromIS(String resource_name, String category,
|
||||
boolean root_service) {
|
||||
SimpleQuery query = queryFor(ServiceEndpoint.class);
|
||||
|
||||
if (resource_name != null) {
|
||||
query.addCondition("$resource/Profile/Name/text() eq '" + resource_name + "'");
|
||||
}
|
||||
if (category != null) {
|
||||
query.addCondition("$resource/Profile/Category/text() eq '" + category + "'");
|
||||
}
|
||||
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
|
||||
|
||||
ApplicationContext ctx = ContextProvider.get();
|
||||
|
||||
String infra_context = "/" + ctx.container().configuration().infrastructure();
|
||||
Secret secret = ctx.container().authorizationProvider().getSecretForContext(infra_context);
|
||||
|
||||
List<ServiceEndpoint> endpoints = null;
|
||||
|
||||
try {
|
||||
if (root_service) {
|
||||
|
||||
endpoints = AuthorizedTasks.executeSafely(() -> {
|
||||
// esegui la query
|
||||
List<ServiceEndpoint> toReturn = client.submit(query);
|
||||
return toReturn;
|
||||
}, secret);
|
||||
} else {
|
||||
endpoints = client.submit(query);
|
||||
}
|
||||
} catch (Throwable e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return endpoints;
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* obatains the list of AccessPoints matching the parameters
|
||||
*
|
||||
* @param resource_name
|
||||
* @param category
|
||||
* @param endPointName
|
||||
* @param is_root_service
|
||||
* @return the list of AccessPoints
|
||||
* @throws Exception
|
||||
*/
|
||||
public static List<ServiceEndpoint.AccessPoint> getAccessPointsFromIS(String resource_name, String category,
|
||||
String endPointName, boolean is_root_service) {
|
||||
|
||||
List<ServiceEndpoint> resources = getEndopintsFromIS(resource_name, category, is_root_service);
|
||||
|
||||
if (resources.size() == 0) {
|
||||
logger.error("There is no Runtime Resource having name " + resource_name + " and Category "
|
||||
+ category + " in this scope.");
|
||||
return null;
|
||||
}
|
||||
|
||||
List<ServiceEndpoint.AccessPoint> response = new ArrayList<ServiceEndpoint.AccessPoint>();
|
||||
resources.forEach(res -> {
|
||||
Stream<ServiceEndpoint.AccessPoint> access_points_res = res.profile().accessPoints().stream();
|
||||
|
||||
if (endPointName == null) {
|
||||
access_points_res = access_points_res.filter(ap -> ap.name().equals(endPointName));
|
||||
}
|
||||
|
||||
access_points_res.forEach(a -> response.add(a));
|
||||
});
|
||||
return response;
|
||||
}
|
||||
|
||||
/**
|
||||
* obatains the list of AccessPoints matching the parameters, and returns the
|
||||
* first one
|
||||
*
|
||||
* @param resource_name
|
||||
* @param category
|
||||
* @param entryPointName
|
||||
* @return an AccessPoints matching the parameters
|
||||
* @throws Exception
|
||||
*/
|
||||
public static ServiceEndpoint.AccessPoint getFirstAccessPointFromIS(String resource_name, String category,
|
||||
String entryPointName, boolean root_service) {
|
||||
|
||||
List<ServiceEndpoint.AccessPoint> access_points = getAccessPointsFromIS(resource_name, category, entryPointName,
|
||||
root_service);
|
||||
|
||||
if (access_points.size() == 0) {
|
||||
logger.error("Unable to retrieve service endpoint " + entryPointName);
|
||||
return null;
|
||||
}
|
||||
|
||||
return access_points.get(0);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Reads the service configuration from the IS
|
||||
*
|
||||
* @param resourceName
|
||||
* @param category
|
||||
* @param accessPointName
|
||||
* @param is_root_service
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
public static IsServerConfig serviceConfigFromIS(String resourceName, String category, String endPointName,
|
||||
boolean is_root_service)
|
||||
throws NotFoundException, ServerException {
|
||||
|
||||
logger.info("Starting creating service credentials");
|
||||
ServiceEndpoint.AccessPoint accessPoint = InfrastrctureServiceClient.getFirstAccessPointFromIS(resourceName,
|
||||
category, endPointName, is_root_service);
|
||||
|
||||
if (accessPoint == null) {
|
||||
String error_log = "Unable to retrieve service endpoint " + endPointName;
|
||||
|
||||
logger.error(error_log);
|
||||
throw new NotFoundException(error_log);
|
||||
}
|
||||
|
||||
try {
|
||||
IsServerConfig config = new IsServerConfig(accessPoint);
|
||||
return config;
|
||||
|
||||
} catch (Exception e) {
|
||||
logger.error("cannot create server config from {}", accessPoint);
|
||||
|
||||
e.printStackTrace();
|
||||
throw new ServerException(e.getMessage());
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,89 +0,0 @@
|
|||
package org.gcube.service.idm.is;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.common.encryption.encrypter.StringEncrypter;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||
import org.gcube.common.resources.gcore.ServiceEndpoint.Property;
|
||||
import org.keycloak.OAuth2Constants;
|
||||
|
||||
public class IsServerConfig {
|
||||
private String serverUrl;
|
||||
private String name;
|
||||
private String clientId;
|
||||
|
||||
private Map<String, String> properties = new HashMap<String, String>();
|
||||
|
||||
private String clientSecret;
|
||||
|
||||
private String grantType = OAuth2Constants.CLIENT_CREDENTIALS;
|
||||
|
||||
public Map<String, String> getProperties() {
|
||||
return this.properties;
|
||||
}
|
||||
|
||||
public String getServerUrl() {
|
||||
return serverUrl;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public String getClientId() {
|
||||
return clientId;
|
||||
}
|
||||
|
||||
public String getClientSecret() {
|
||||
return clientSecret;
|
||||
}
|
||||
|
||||
public String getGrantType() {
|
||||
return grantType;
|
||||
}
|
||||
|
||||
public boolean hasProperty(String key) {
|
||||
return this.properties.containsKey(key);
|
||||
}
|
||||
|
||||
public String getProperty(String key) {
|
||||
return this.properties.get(key);
|
||||
}
|
||||
|
||||
public IsServerConfig(String serverUrl, String name, String clientId, String clientSecret) {
|
||||
this.serverUrl = serverUrl;
|
||||
this.name = name;
|
||||
this.clientId = clientId;
|
||||
this.clientSecret = clientSecret;
|
||||
}
|
||||
|
||||
public IsServerConfig(String serverUrl, String name, String clientId, String clientSecret,
|
||||
Map<String, String> properties) {
|
||||
this(serverUrl, name, clientId, clientSecret);
|
||||
this.properties = properties;
|
||||
}
|
||||
|
||||
public IsServerConfig(ServiceEndpoint.AccessPoint accessPoint) throws Exception {
|
||||
this.serverUrl = accessPoint.address();
|
||||
this.name = accessPoint.name();
|
||||
this.clientId = accessPoint.username();
|
||||
this.clientSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password());
|
||||
|
||||
this.properties = new HashMap<String, String>();
|
||||
for (Property p : accessPoint.properties()) {
|
||||
String value = p.value();
|
||||
if (p.isEncrypted()) {
|
||||
value = StringEncrypter.getEncrypter().decrypt(value);
|
||||
}
|
||||
this.properties.put(p.name(), value);
|
||||
}
|
||||
}
|
||||
|
||||
public IsServerConfig(String serverUrl, String name, String clientId, String clientSecret,
|
||||
Map<String, String> properties,
|
||||
String grantType) {
|
||||
this(serverUrl, name, clientId, clientSecret, properties);
|
||||
this.grantType = grantType;
|
||||
}
|
||||
}
|
|
@ -4,8 +4,8 @@ import java.rmi.ServerException;
|
|||
import java.util.List;
|
||||
|
||||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.service.idm.is.InfrastrctureServiceClient;
|
||||
import org.gcube.service.idm.is.IsServerConfig;
|
||||
import org.gcube.idm.common.is.InfrastrctureServiceClient;
|
||||
import org.gcube.idm.common.is.IsServerConfig;
|
||||
import org.keycloak.admin.client.Keycloak;
|
||||
import org.keycloak.admin.client.KeycloakBuilder;
|
||||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
|
@ -27,6 +27,12 @@ public class KkClientFactory {
|
|||
// the singleton obj
|
||||
|
||||
private static KkClientFactory singleton = new KkClientFactory();
|
||||
|
||||
public static KkClientFactory getSingleton() {
|
||||
if (singleton == null)
|
||||
singleton = new KkClientFactory();
|
||||
return singleton;
|
||||
}
|
||||
|
||||
/**
|
||||
* keycloak configuration obtained from IS in the private constructor
|
||||
|
@ -35,11 +41,12 @@ public class KkClientFactory {
|
|||
*/
|
||||
private IsServerConfig config;
|
||||
|
||||
public static KkClientFactory getSingleton() {
|
||||
if (singleton == null)
|
||||
singleton = new KkClientFactory();
|
||||
return singleton;
|
||||
}
|
||||
// allows to configure the factory
|
||||
// e.g. from external configuration file
|
||||
public void setConfig(IsServerConfig configuration) {
|
||||
config = configuration;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Private constructor
|
||||
|
@ -53,9 +60,7 @@ public class KkClientFactory {
|
|||
}
|
||||
logger.info("KeycloakAPICredentials object built {} - {}", config.getServerUrl(), config.getName());
|
||||
|
||||
} catch (
|
||||
|
||||
Exception e) {
|
||||
} catch (Exception e) {
|
||||
logger.error("error obtaining IAM configuration from IS {} ", e);
|
||||
}
|
||||
}
|
||||
|
@ -140,9 +145,9 @@ public class KkClientFactory {
|
|||
return realm.clients().get(id);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* select the ClientResource by name, or current client if clientId parameter is null;
|
||||
* select the ClientResource by name, or current client if clientId parameter is
|
||||
* null;
|
||||
*
|
||||
* @param clientId
|
||||
* @return
|
||||
|
|
|
@ -2,8 +2,8 @@ package org.gcube.service.idm.liferay;
|
|||
|
||||
import java.rmi.ServerException;
|
||||
|
||||
import org.gcube.service.idm.is.InfrastrctureServiceClient;
|
||||
import org.gcube.service.idm.is.IsServerConfig;
|
||||
import org.gcube.idm.common.is.InfrastrctureServiceClient;
|
||||
import org.gcube.idm.common.is.IsServerConfig;
|
||||
import org.gcube.vomanagement.usermanagement.impl.ws.LiferayWSUserManager;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package org.gcube.service.idm.mappers;
|
||||
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
|
||||
import jakarta.ws.rs.ForbiddenException;
|
||||
import jakarta.ws.rs.WebApplicationException;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
package org.gcube.service.idm.mappers;
|
||||
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
|
||||
import jakarta.ws.rs.WebApplicationException;
|
||||
import jakarta.ws.rs.core.MediaType;
|
||||
|
|
|
@ -0,0 +1,298 @@
|
|||
package org.gcube.service.idm.models;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.idm.common.IdmUserInterface;
|
||||
|
||||
|
||||
public class IdmUser implements IdmUserInterface {
|
||||
|
||||
protected String self; // link
|
||||
protected String id;
|
||||
// protected String origin;
|
||||
protected Long createdTimestamp;
|
||||
protected String username;
|
||||
protected Boolean enabled;
|
||||
// protected Boolean totp;
|
||||
protected Boolean emailVerified;
|
||||
protected String firstName;
|
||||
protected String lastName;
|
||||
protected String email;
|
||||
protected String federationLink;
|
||||
protected String serviceAccountClientId; // For rep, it points to clientId (not DB ID)
|
||||
|
||||
// @JsonDeserialize(using = StringListMapDeserializer.class)
|
||||
protected Map<String, List<String>> attributes;
|
||||
// protected List<CredentialRepresentation> credentials;
|
||||
// protected Set<String> disableableCredentialTypes;
|
||||
protected List<String> requiredActions;
|
||||
// protected List<FederatedIdentityRepresentation> federatedIdentities;
|
||||
protected List<String> realmRoles;
|
||||
protected Map<String, List<String>> clientRoles;
|
||||
// protected List<UserConsentRepresentation> clientConsents;
|
||||
protected Integer notBefore;
|
||||
|
||||
// @Deprecated
|
||||
// protected Map<String, List<String>> applicationRoles;
|
||||
// @Deprecated
|
||||
// protected List<SocialLinkRepresentation> socialLinks;
|
||||
|
||||
protected List<String> groups;
|
||||
private Map<String, Boolean> access;
|
||||
|
||||
public String getSelf() {
|
||||
return self;
|
||||
}
|
||||
|
||||
public void setSelf(String self) {
|
||||
this.self = self;
|
||||
}
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public Long getCreatedTimestamp() {
|
||||
return createdTimestamp;
|
||||
}
|
||||
|
||||
public void setCreatedTimestamp(Long createdTimestamp) {
|
||||
this.createdTimestamp = createdTimestamp;
|
||||
}
|
||||
|
||||
public String getFirstName() {
|
||||
return firstName;
|
||||
}
|
||||
|
||||
public void setFirstName(String firstName) {
|
||||
this.firstName = firstName;
|
||||
}
|
||||
|
||||
public String getLastName() {
|
||||
return lastName;
|
||||
}
|
||||
|
||||
public void setLastName(String lastName) {
|
||||
this.lastName = lastName;
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
public Boolean isEnabled() {
|
||||
return enabled;
|
||||
}
|
||||
|
||||
public void setEnabled(Boolean enabled) {
|
||||
this.enabled = enabled;
|
||||
}
|
||||
|
||||
// @Deprecated
|
||||
// public Boolean isTotp() {
|
||||
// return totp;
|
||||
// }
|
||||
|
||||
// @Deprecated
|
||||
// public void setTotp(Boolean totp) {
|
||||
// this.totp = totp;
|
||||
// }
|
||||
|
||||
public Boolean isEmailVerified() {
|
||||
return emailVerified;
|
||||
}
|
||||
|
||||
public void setEmailVerified(Boolean emailVerified) {
|
||||
this.emailVerified = emailVerified;
|
||||
}
|
||||
|
||||
public Map<String, List<String>> getAttributes() {
|
||||
return attributes;
|
||||
}
|
||||
|
||||
public void setAttributes(Map<String, List<String>> attributes) {
|
||||
this.attributes = attributes;
|
||||
}
|
||||
|
||||
// public UserRepresentation singleAttribute(String name, String value) {
|
||||
// if (this.attributes == null)
|
||||
// this.attributes = new HashMap<>();
|
||||
// attributes.put(name, (value == null ? new ArrayList<String>() : Arrays.asList(value)));
|
||||
// return this;
|
||||
// }
|
||||
|
||||
// public String firstAttribute(String key) {
|
||||
// return this.attributes == null ? null
|
||||
// : this.attributes.get(key) == null ? null
|
||||
// : this.attributes.get(key).isEmpty() ? null : this.attributes.get(key).get(0);
|
||||
// }
|
||||
|
||||
// public List<CredentialRepresentation> getCredentials() {
|
||||
// return credentials;
|
||||
// }
|
||||
|
||||
// public void setCredentials(List<CredentialRepresentation> credentials) {
|
||||
// this.credentials = credentials;
|
||||
// }
|
||||
|
||||
public List<String> getRequiredActions() {
|
||||
return requiredActions;
|
||||
}
|
||||
|
||||
public void setRequiredActions(List<String> requiredActions) {
|
||||
this.requiredActions = requiredActions;
|
||||
}
|
||||
|
||||
// public List<FederatedIdentityRepresentation> getFederatedIdentities() {
|
||||
// return federatedIdentities;
|
||||
// }
|
||||
|
||||
// public void setFederatedIdentities(List<FederatedIdentityRepresentation>
|
||||
// federatedIdentities) {
|
||||
// this.federatedIdentities = federatedIdentities;
|
||||
// }
|
||||
|
||||
// public List<SocialLinkRepresentation> getSocialLinks() {
|
||||
// return socialLinks;
|
||||
// }
|
||||
|
||||
// public void setSocialLinks(List<SocialLinkRepresentation> socialLinks) {
|
||||
// this.socialLinks = socialLinks;
|
||||
// }
|
||||
|
||||
public List<String> getRealmRoles() {
|
||||
return realmRoles;
|
||||
}
|
||||
|
||||
public void setRealmRoles(List<String> realmRoles) {
|
||||
this.realmRoles = realmRoles;
|
||||
}
|
||||
|
||||
public Map<String, List<String>> getClientRoles() {
|
||||
return clientRoles;
|
||||
}
|
||||
|
||||
public void setClientRoles(Map<String, List<String>> clientRoles) {
|
||||
this.clientRoles = clientRoles;
|
||||
}
|
||||
|
||||
// public List<UserConsentRepresentation> getClientConsents() {
|
||||
// return clientConsents;
|
||||
// }
|
||||
|
||||
// public void setClientConsents(List<UserConsentRepresentation> clientConsents)
|
||||
// {
|
||||
// this.clientConsents = clientConsents;
|
||||
// }
|
||||
|
||||
public Integer getNotBefore() {
|
||||
return notBefore;
|
||||
}
|
||||
|
||||
public void setNotBefore(Integer notBefore) {
|
||||
this.notBefore = notBefore;
|
||||
}
|
||||
|
||||
// @Deprecated
|
||||
// public Map<String, List<String>> getApplicationRoles() {
|
||||
// return applicationRoles;
|
||||
// }
|
||||
|
||||
public String getFederationLink() {
|
||||
return federationLink;
|
||||
}
|
||||
|
||||
public void setFederationLink(String federationLink) {
|
||||
this.federationLink = federationLink;
|
||||
}
|
||||
|
||||
public String getServiceAccountClientId() {
|
||||
return serviceAccountClientId;
|
||||
}
|
||||
|
||||
public void setServiceAccountClientId(String serviceAccountClientId) {
|
||||
this.serviceAccountClientId = serviceAccountClientId;
|
||||
}
|
||||
|
||||
public List<String> getGroups() {
|
||||
return groups;
|
||||
}
|
||||
|
||||
public void setGroups(List<String> groups) {
|
||||
this.groups = groups;
|
||||
}
|
||||
|
||||
// /**
|
||||
// * Returns id of UserStorageProvider that loaded this user
|
||||
// *
|
||||
// * @return NULL if user stored locally
|
||||
// */
|
||||
// public String getOrigin() {
|
||||
// return origin;
|
||||
// }
|
||||
|
||||
// public void setOrigin(String origin) {
|
||||
// this.origin = origin;
|
||||
// }
|
||||
|
||||
// public Set<String> getDisableableCredentialTypes() {
|
||||
// return disableableCredentialTypes;
|
||||
// }
|
||||
|
||||
// public void setDisableableCredentialTypes(Set<String> disableableCredentialTypes) {
|
||||
// this.disableableCredentialTypes = disableableCredentialTypes;
|
||||
// }
|
||||
|
||||
public Map<String, Boolean> getAccess() {
|
||||
return access;
|
||||
}
|
||||
|
||||
public void setAccess(Map<String, Boolean> access) {
|
||||
this.access = access;
|
||||
}
|
||||
|
||||
public Map<String, List<String>> toAttributes() {
|
||||
Map<String, List<String>> attrs = new HashMap<>();
|
||||
|
||||
if (getAttributes() != null)
|
||||
attrs.putAll(getAttributes());
|
||||
|
||||
if (getUsername() != null)
|
||||
attrs.put("username", Collections.singletonList(getUsername()));
|
||||
else
|
||||
attrs.remove("username");
|
||||
|
||||
if (getEmail() != null)
|
||||
attrs.put("email", Collections.singletonList(getEmail()));
|
||||
else
|
||||
attrs.remove("email");
|
||||
|
||||
if (getLastName() != null)
|
||||
attrs.put("lastName", Collections.singletonList(getLastName()));
|
||||
|
||||
if (getFirstName() != null)
|
||||
attrs.put("firstName", Collections.singletonList(getFirstName()));
|
||||
|
||||
return attrs;
|
||||
}
|
||||
|
||||
}
|
|
@ -6,8 +6,6 @@ import java.util.List;
|
|||
import java.util.Set;
|
||||
|
||||
import org.gcube.service.idm.IdMManager;
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanMap;
|
||||
import org.gcube.service.idm.controller.AdminKeycloakController;
|
||||
import org.gcube.service.idm.controller.AuthController;
|
||||
import org.gcube.service.idm.controller.KCClientsController;
|
||||
|
@ -16,7 +14,9 @@ import org.gcube.service.idm.controller.KCRolesController;
|
|||
import org.gcube.service.idm.controller.KCUserController;
|
||||
import org.gcube.service.idm.keycloack.KkClientFactory;
|
||||
import org.gcube.service.idm.serializers.IdmObjectSerializator;
|
||||
import org.gcube.service.rest.ErrorMessages;
|
||||
import org.gcube.service.utils.ErrorMessages;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
import org.gcube.service.utils.beans.ResponseBeanMap;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.GroupResource;
|
||||
|
|
|
@ -3,11 +3,11 @@ package org.gcube.service.idm.rest;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.idm.controller.AuthController;
|
||||
import org.gcube.service.idm.controller.JWTController;
|
||||
import org.gcube.service.idm.serializers.IdmObjectSerializator;
|
||||
import org.gcube.service.rest.ErrorMessages;
|
||||
import org.gcube.service.utils.ErrorMessages;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
|
|
|
@ -4,13 +4,13 @@ import java.util.List;
|
|||
import java.util.Set;
|
||||
|
||||
import org.gcube.service.idm.IdMManager;
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanMap;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanPaginated;
|
||||
import org.gcube.service.idm.controller.KCRolesController;
|
||||
import org.gcube.service.idm.controller.KCUserController;
|
||||
import org.gcube.service.idm.keycloack.KkClientFactory;
|
||||
import org.gcube.service.idm.serializers.IdmObjectSerializator;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
import org.gcube.service.utils.beans.ResponseBeanMap;
|
||||
import org.gcube.service.utils.beans.ResponseBeanPaginated;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.keycloak.admin.client.resource.ClientResource;
|
||||
import org.keycloak.admin.client.resource.RoleResource;
|
||||
|
|
|
@ -4,9 +4,9 @@ import org.gcube.common.security.Owner;
|
|||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.service.idm.IdMManager;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanMap;
|
||||
import org.gcube.service.idm.controller.LiferayProfileClient;
|
||||
import org.gcube.service.rest.ErrorMessages;
|
||||
import org.gcube.service.utils.ErrorMessages;
|
||||
import org.gcube.service.utils.beans.ResponseBeanMap;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
|
|
@ -9,13 +9,13 @@ import org.gcube.common.security.Owner;
|
|||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.service.idm.IdMManager;
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.idm.controller.AuthController;
|
||||
import org.gcube.service.idm.controller.KCUserController;
|
||||
import org.gcube.service.idm.controller.LiferayProfileClient;
|
||||
import org.gcube.service.idm.keycloack.KkClientFactory;
|
||||
import org.gcube.service.idm.serializers.IdmObjectSerializator;
|
||||
import org.gcube.service.rest.ErrorMessages;
|
||||
import org.gcube.service.utils.ErrorMessages;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
|
|
|
@ -4,20 +4,22 @@ import java.util.HashMap;
|
|||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import jakarta.ws.rs.ServiceUnavailableException;
|
||||
|
||||
import org.gcube.common.security.Owner;
|
||||
import org.gcube.common.security.providers.SecretManagerProvider;
|
||||
import org.gcube.common.security.secrets.Secret;
|
||||
import org.gcube.service.idm.IdMManager;
|
||||
import org.gcube.service.idm.common.beans.ResponseBean;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanMap;
|
||||
import org.gcube.service.idm.common.beans.ResponseBeanPaginated;
|
||||
import org.gcube.service.idm.controller.AuthController;
|
||||
import org.gcube.service.idm.controller.JWTController;
|
||||
import org.gcube.service.idm.controller.KCUserController;
|
||||
import org.gcube.service.idm.controller.LiferayProfileClient;
|
||||
import org.gcube.service.idm.keycloack.KkClientFactory;
|
||||
import org.gcube.service.idm.serializers.IdmObjectSerializator;
|
||||
import org.gcube.service.rest.ErrorMessages;
|
||||
import org.gcube.service.utils.ErrorMessages;
|
||||
import org.gcube.service.utils.beans.ResponseBean;
|
||||
import org.gcube.service.utils.beans.ResponseBeanMap;
|
||||
import org.gcube.service.utils.beans.ResponseBeanPaginated;
|
||||
import org.gcube.smartgears.annotations.ManagedBy;
|
||||
import org.gcube.vomanagement.usermanagement.model.GCubeUser;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
|
@ -65,14 +67,14 @@ import jakarta.ws.rs.core.Response;
|
|||
|
||||
@ManagedBy(IdMManager.class)
|
||||
@RequestHeaders({
|
||||
@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
|
||||
@RequestHeader(name = "Content-Type", description = "application/json")
|
||||
@RequestHeader(name = "Authorization", description = "Bearer token, see https://dev.d4science.org/how-to-access-resources"),
|
||||
@RequestHeader(name = "Content-Type", description = "application/json")
|
||||
})
|
||||
@Path("users")
|
||||
public class UserAPI {
|
||||
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(UserAPI.class);
|
||||
|
||||
/**
|
||||
/**
|
||||
* Returns infos about the authenticated user
|
||||
*
|
||||
* <ul>
|
||||
|
@ -208,10 +210,16 @@ public class UserAPI {
|
|||
UserRepresentation user = KCUserController.getUserByUsername(username);
|
||||
result.put("user", user);
|
||||
|
||||
if (getProfile) {
|
||||
GCubeUser profile = LiferayProfileClient.getUserProfileByUsername(username);
|
||||
result.put("profile", profile);
|
||||
// throw new ForbiddenException(ErrorMessages.NOT_USER_TOKEN_CONTEXT_USED);
|
||||
try {
|
||||
if (getProfile) {
|
||||
GCubeUser profile = LiferayProfileClient.getUserProfileByUsername(username);
|
||||
result.put("profile", profile);
|
||||
// throw new ForbiddenException(ErrorMessages.NOT_USER_TOKEN_CONTEXT_USED);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
// throw new ServiceUnavailableException("Liferay portal: " + e.getMessage());
|
||||
result.put("profile", null);
|
||||
}
|
||||
|
||||
if (isInspect) {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
package org.gcube.service.rest;
|
||||
package org.gcube.service.utils;
|
||||
|
||||
public class ErrorMessages {
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package org.gcube.service.idm.common.beans;
|
||||
package org.gcube.service.utils.beans;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package org.gcube.service.idm.common.beans;
|
||||
package org.gcube.service.utils.beans;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
|
@ -1,4 +1,4 @@
|
|||
package org.gcube.service.idm.common.beans;
|
||||
package org.gcube.service.utils.beans;
|
||||
|
||||
/**
|
||||
* Response bean
|
Loading…
Reference in New Issue