49 lines
2.3 KiB
Java
49 lines
2.3 KiB
Java
package org.gcube.common.keycloak;
|
|
|
|
import org.gcube.common.keycloak.model.AccessToken;
|
|
import org.gcube.common.keycloak.model.RefreshToken;
|
|
import org.gcube.common.keycloak.model.TokenResponse;
|
|
import org.slf4j.Logger;
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
public class KeycloakClientHelper {
|
|
|
|
protected static Logger logger = LoggerFactory.getLogger(KeycloakClientHelper.class);
|
|
|
|
/**
|
|
* The public GW used to obtain the token, is not declared final since it can be changed if necessary at runtime
|
|
*/
|
|
private static String GATEWAY_CLIENT_ID = "d4science-internal-gateway";
|
|
|
|
/**
|
|
* Sets the new default GW <code>clientId</code> used for all the queries to the Keycloak server.
|
|
* Note: The operation will logged as WARN to be visible.
|
|
* @param gatewayClientId the new GW <code>clientId</code>
|
|
*/
|
|
public static void setDefaultGWClientID(String gatewayClientId) {
|
|
logger.warn("The default GW clientId will be changed to: {}", gatewayClientId);
|
|
GATEWAY_CLIENT_ID = gatewayClientId;
|
|
}
|
|
|
|
/**
|
|
* Gets a new {@link TokenResponse}, containing the {@link AccessToken} and the {@link RefreshToken} from the Keycloak server in the environment of the context represented by the <code>context</code> parameter.
|
|
* The <code>context</code> parameter is also used as audience for the token.
|
|
*
|
|
* @param context the context ot be used for discovery and for audience
|
|
* @param username the user's username
|
|
* @param password the user's password
|
|
* @return the token response from the Keycloak server
|
|
* @throws KeycloakClientException if an error occurs during the process
|
|
*/
|
|
public static TokenResponse getTokenForUser(String context, String username, String password) throws KeycloakClientException {
|
|
logger.debug("Getting new token for user '{}' in context '{}'", username, context);
|
|
logger.trace("Getting OIDC token for user '{}' using configured default GW clientId '{}'", username, GATEWAY_CLIENT_ID);
|
|
TokenResponse oidcTR = KeycloakClientFactory.newInstance().queryOIDCTokenOfUser(context, GATEWAY_CLIENT_ID,
|
|
"", username, password);
|
|
|
|
logger.trace("Getting UMA token in the '{}' context", context);
|
|
return KeycloakClientFactory.newInstance().queryUMAToken(context, oidcTR, context, null);
|
|
}
|
|
|
|
}
|