OIDC UMA util class to set infrastructure manager token in the thread local object

2020-06-18 12:11:44 +02:00 · 2020-06-18 12:11:44 +02:00 · 57b495af18
parent 530637d2de
commit 57b495af18
1 changed files with 70 additions and 0 deletions
--- a/src/main/java/org/gcube/portal/oidc/lr62/OIDCUmaUtil.java
+++ b/src/main/java/org/gcube/portal/oidc/lr62/OIDCUmaUtil.java
@ -0,0 +1,70 @@
+package org.gcube.portal.oidc.lr62;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URL;
+import java.net.URLEncoder;
+
+import org.gcube.common.authorization.library.provider.UmaJWTProvider;
+import org.gcube.oidc.rest.JWTToken;
+import org.gcube.oidc.rest.OpenIdConnectConfiguration;
+import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class OIDCUmaUtil {
+
+    private static final Logger log = LoggerFactory.getLogger(OIDCUmaUtil.class);
+
+    public static void provideConfiguredPortalClientUMATokenInThreadLocal(String infraContext) {
+        OpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
+        String clientId = configuration.getPortalClientId();
+        String clientSecret = configuration.getPortalClientSecret();
+
+        provideClientUMATokenInThreadLocal(clientId, clientSecret, configuration.getTokenURL(), infraContext);
+    }
+
+    public static void provideClientUMATokenInThreadLocal(String clientId, String clientSecret, URL tokenURL,
+            String infraContext) {
+
+        try {
+            if (log.isDebugEnabled()) {
+                log.debug("Getting client token from server");
+            }
+            JWTToken clientToken = OpenIdConnectRESTHelper.queryClientToken(clientId, clientSecret, tokenURL);
+            provideClientUMATokenInThreadLocal(clientToken.getAsBearer(), tokenURL, infraContext);
+        } catch (Exception e) {
+            log.error("Cannot retrieve client OIDC token", e);
+            return;
+        }
+    }
+
+    public static void provideClientUMATokenInThreadLocal(String clientAuthorizationBearer, URL tokenURL,
+            String infraContext) {
+
+        String encodedContext;
+        try {
+            encodedContext = URLEncoder.encode(infraContext, "UTF-8");
+        } catch (UnsupportedEncodingException e) {
+            log.error("Cannot URL encode context", e);
+            return;
+        }
+        if (log.isDebugEnabled()) {
+            log.debug("URL encoded context is: " + encodedContext);
+        }
+        try {
+            if (log.isDebugEnabled()) {
+                log.debug("Getting UMA token from server");
+            }
+            JWTToken umaToken = OpenIdConnectRESTHelper.queryUMAToken(tokenURL, clientAuthorizationBearer,
+                    encodedContext, null);
+
+            if (log.isDebugEnabled()) {
+                log.debug("Setting token in the UMA JWT provider");
+            }
+            UmaJWTProvider.instance.set(JWTTokenUtil.getRawContent(umaToken));
+        } catch (Exception e) {
+            log.error("Cannot retrieve client UMA token", e);
+            return;
+        }
+    }
+}