Updated interactions with SI
This commit is contained in:
parent
94a0908fa7
commit
8fb3eb9a9d
14
pom.xml
14
pom.xml
|
@ -147,27 +147,33 @@
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resources.discovery</groupId>
|
<groupId>org.gcube.resources.discovery</groupId>
|
||||||
<artifactId>ic-client</artifactId>
|
<artifactId>ic-client</artifactId>
|
||||||
|
<version>1.0.4</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.core</groupId>
|
<groupId>org.gcube.core</groupId>
|
||||||
<artifactId>common-scope-maps</artifactId>
|
<artifactId>common-scope-maps</artifactId>
|
||||||
|
<version>1.1.0</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<!--
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resourcemanagement</groupId>
|
<groupId>org.gcube.resourcemanagement</groupId>
|
||||||
<artifactId>resourcemanager-client</artifactId>
|
<artifactId>resourcemanager-client</artifactId>
|
||||||
<version>[1.0.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
<version>[1.0.0, 2.0.0-SNAPSHOT)</version>
|
||||||
<scope>compile</scope>
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency> -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resources</groupId>
|
<groupId>org.gcube.resources</groupId>
|
||||||
<artifactId>registry-publisher</artifactId>
|
<artifactId>registry-publisher</artifactId>
|
||||||
|
<version>1.3.1</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<!--
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resourcemanagement</groupId>
|
<groupId>org.gcube.resourcemanagement</groupId>
|
||||||
<artifactId>ghn-manager-client</artifactId>
|
<artifactId>ghn-manager-client</artifactId>
|
||||||
<version>[1.1.0-SNAPSHOT, 2.0.0-SNAPSHOT)</version>
|
<version>[1.1.0, 2.0.0-SNAPSHOT)</version>
|
||||||
<scope>compile</scope>
|
<scope>compile</scope>
|
||||||
</dependency>
|
</dependency> -->
|
||||||
<!--
|
<!--
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.gcube.resources</groupId>
|
<groupId>org.gcube.resources</groupId>
|
||||||
|
|
|
@ -16,9 +16,6 @@ public class DefinitionItem implements Serializable {
|
||||||
private String username;
|
private String username;
|
||||||
private String secret;
|
private String secret;
|
||||||
|
|
||||||
public DefinitionItem() {
|
|
||||||
super();
|
|
||||||
}
|
|
||||||
|
|
||||||
public DefinitionItem(String clientId, String description, String username, String secret) {
|
public DefinitionItem(String clientId, String description, String username, String secret) {
|
||||||
super();
|
super();
|
||||||
|
|
|
@ -0,0 +1,39 @@
|
||||||
|
package org.gcube.portlets.admin.systemservicedefinition.is;
|
||||||
|
|
||||||
|
import java.io.Serializable;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author Giancarlo Panichi
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public class IAMService implements Serializable {
|
||||||
|
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
private String address;
|
||||||
|
|
||||||
|
public IAMService(String address) {
|
||||||
|
super();
|
||||||
|
this.address = address;
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getAddress() {
|
||||||
|
return address;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAddress(String address) {
|
||||||
|
this.address = address;
|
||||||
|
}
|
||||||
|
|
||||||
|
public static long getSerialversionuid() {
|
||||||
|
return serialVersionUID;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String toString() {
|
||||||
|
return "IAMService [address=" + address + "]";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -1,31 +1,72 @@
|
||||||
package org.gcube.portlets.admin.systemservicedefinition.is;
|
package org.gcube.portlets.admin.systemservicedefinition.is;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
|
|
||||||
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
|
|
||||||
import org.gcube.common.encryption.encrypter.StringEncrypter;
|
import org.gcube.common.encryption.encrypter.StringEncrypter;
|
||||||
import org.gcube.common.resources.gcore.ScopeGroup;
|
|
||||||
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
import org.gcube.common.resources.gcore.ServiceEndpoint;
|
||||||
import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
|
import org.gcube.common.resources.gcore.ServiceEndpoint.AccessPoint;
|
||||||
import org.gcube.common.resources.gcore.ServiceEndpoint.Profile;
|
|
||||||
import org.gcube.common.scope.api.ScopeProvider;
|
import org.gcube.common.scope.api.ScopeProvider;
|
||||||
import org.gcube.informationsystem.publisher.RegistryPublisher;
|
import org.gcube.informationsystem.publisher.RegistryPublisher;
|
||||||
import org.gcube.informationsystem.publisher.RegistryPublisherFactory;
|
import org.gcube.informationsystem.publisher.RegistryPublisherFactory;
|
||||||
import org.gcube.informationsystem.publisher.ScopedPublisher;
|
|
||||||
import org.gcube.portlets.admin.systemservicedefinition.definition.DefinitionItem;
|
import org.gcube.portlets.admin.systemservicedefinition.definition.DefinitionItem;
|
||||||
|
import org.gcube.portlets.admin.systemservicedefinition.shared.Constants;
|
||||||
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
import org.gcube.resources.discovery.client.api.DiscoveryClient;
|
||||||
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
|
||||||
import org.gcube.resources.discovery.icclient.ICFactory;
|
import org.gcube.resources.discovery.icclient.ICFactory;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @author Giancarlo Panichi
|
||||||
|
*
|
||||||
|
*/
|
||||||
public class InformationSystemUtils {
|
public class InformationSystemUtils {
|
||||||
|
|
||||||
private static Logger logger = LoggerFactory.getLogger(InformationSystemUtils.class);
|
private static Logger logger = LoggerFactory.getLogger(InformationSystemUtils.class);
|
||||||
|
|
||||||
|
|
||||||
|
public static IAMService retrieveIAMService(String scope, String token) throws Exception {
|
||||||
|
|
||||||
|
try {
|
||||||
|
logger.debug("Retrieve IAM Service on IS");
|
||||||
|
|
||||||
|
if (scope == null || scope.isEmpty())
|
||||||
|
throw new Exception("Invalid scope: " + scope);
|
||||||
|
|
||||||
|
if (token == null || token.isEmpty())
|
||||||
|
throw new Exception("Invalid token: " + scope);
|
||||||
|
|
||||||
|
ScopeProvider.instance.set(scope);
|
||||||
|
// AccessTokenProvider.instance.set(token);
|
||||||
|
// SecurityTokenProvider.instance.set(token);
|
||||||
|
|
||||||
|
SimpleQuery query = ICFactory.queryFor(ServiceEndpoint.class);
|
||||||
|
query.addCondition("$resource/Profile/Category/text() eq '" + Constants.IAM_SERVICE_CATEGORY + "'")
|
||||||
|
.addCondition("$resource/Profile/Name/text() eq '" + Constants.IAM_SERVICE_NAME + "'");
|
||||||
|
|
||||||
|
DiscoveryClient<ServiceEndpoint> client = ICFactory.clientFor(ServiceEndpoint.class);
|
||||||
|
|
||||||
|
List<ServiceEndpoint> resources = client.submit(query);
|
||||||
|
|
||||||
|
IAMService iamService=null;
|
||||||
|
|
||||||
|
if(resources!=null&&!resources.isEmpty()) {
|
||||||
|
ServiceEndpoint iams=resources.get(0);
|
||||||
|
iamService=new IAMService(iams.profile().runtime().hostedOn());
|
||||||
|
}
|
||||||
|
|
||||||
|
logger.debug("IAM Services retrieved: {}",iamService);
|
||||||
|
return iamService;
|
||||||
|
|
||||||
|
} catch (Throwable e) {
|
||||||
|
logger.error("Error in discovery IAM Service Endpoint in scope: " + scope);
|
||||||
|
logger.error(e.getLocalizedMessage(), e);
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
public static ArrayList<DefinitionItem> retrieveSSD(String category, String scope, String token) throws Exception {
|
public static ArrayList<DefinitionItem> retrieveSSD(String category, String scope, String token) throws Exception {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
@ -52,16 +93,16 @@ public class InformationSystemUtils {
|
||||||
ArrayList<DefinitionItem> ssdList = new ArrayList<DefinitionItem>();
|
ArrayList<DefinitionItem> ssdList = new ArrayList<DefinitionItem>();
|
||||||
|
|
||||||
for (ServiceEndpoint se : resources) {
|
for (ServiceEndpoint se : resources) {
|
||||||
DefinitionItem definitionItem = new DefinitionItem();
|
String username = null;
|
||||||
definitionItem.setClientId(se.profile().name());
|
String password = null;
|
||||||
definitionItem.setDescription(se.profile().description());
|
|
||||||
for (AccessPoint accessPoint : se.profile().accessPoints()) {
|
for (AccessPoint accessPoint : se.profile().accessPoints()) {
|
||||||
definitionItem.setUsername(accessPoint.username());
|
username = accessPoint.username();
|
||||||
String decryptedSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password());
|
String decryptedSecret = StringEncrypter.getEncrypter().decrypt(accessPoint.password());
|
||||||
|
password = decryptedSecret;
|
||||||
definitionItem.setSecret(decryptedSecret);
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
DefinitionItem definitionItem = new DefinitionItem(se.profile().name(), se.profile().description(),
|
||||||
|
username, password);
|
||||||
ssdList.add(definitionItem);
|
ssdList.add(definitionItem);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -89,44 +130,52 @@ public class InformationSystemUtils {
|
||||||
if (token == null || token.isEmpty())
|
if (token == null || token.isEmpty())
|
||||||
throw new Exception("Invalid token: " + token);
|
throw new Exception("Invalid token: " + token);
|
||||||
|
|
||||||
|
|
||||||
|
IAMService iamService=retrieveIAMService(scope, token);
|
||||||
|
|
||||||
ServiceEndpoint toPublish = new ServiceEndpoint();
|
ServiceEndpoint toPublish = new ServiceEndpoint();
|
||||||
|
logger.debug("Resource Type: {}",toPublish.type());
|
||||||
/*List<String> scopes = new ArrayList<String>();
|
/*
|
||||||
scopes.add(scope);
|
* List<String> scopes = new ArrayList<String>(); scopes.add(scope);
|
||||||
Collection<String> col = toPublish.scopes().asCollection();
|
* Collection<String> col = toPublish.scopes().asCollection();
|
||||||
col.addAll(scopes);*/
|
* col.addAll(scopes);
|
||||||
|
*/
|
||||||
|
|
||||||
toPublish.newProfile();
|
toPublish.newProfile();
|
||||||
toPublish.profile().description(definitionItem.getDescription());
|
|
||||||
toPublish.profile().name(definitionItem.getClientId());
|
toPublish.profile().name(definitionItem.getClientId());
|
||||||
|
toPublish.profile().description(definitionItem.getDescription());
|
||||||
toPublish.profile().category(category);
|
toPublish.profile().category(category);
|
||||||
//toPublish.profile().version("1.0.0");
|
toPublish.profile().version("1.0.0");
|
||||||
|
|
||||||
AccessPoint accessPoint = new AccessPoint();
|
toPublish.profile().newRuntime();
|
||||||
//String encryptedPassword = StringEncrypter.getEncrypter().encrypt(definitionItem.getSecret());
|
toPublish.profile().runtime().ghnId("");
|
||||||
accessPoint.credentials(definitionItem.getSecret(), definitionItem.getUsername());
|
toPublish.profile().runtime().status("READY");
|
||||||
accessPoint.description("Keycloak client credentials");
|
toPublish.profile().runtime().hostedOn("d4science.org");
|
||||||
accessPoint.address("accounts.dev.d4science.org");
|
|
||||||
accessPoint.name(definitionItem.getClientId());
|
toPublish.profile().newPlatform();
|
||||||
toPublish.profile().accessPoints().add(accessPoint);
|
toPublish.profile().platform().name("d4science");
|
||||||
|
|
||||||
toPublish.profile().newPlatform().name("d4science");
|
|
||||||
toPublish.profile().platform().version((short) 0);
|
toPublish.profile().platform().version((short) 0);
|
||||||
toPublish.profile().platform().minorVersion((short) 0);
|
toPublish.profile().platform().minorVersion((short) 0);
|
||||||
toPublish.profile().platform().revisionVersion((short) 0);
|
toPublish.profile().platform().revisionVersion((short) 0);
|
||||||
toPublish.profile().platform().buildVersion((short) 0);
|
toPublish.profile().platform().buildVersion((short) 0);
|
||||||
|
|
||||||
|
|
||||||
|
AccessPoint accessPoint = new AccessPoint();
|
||||||
|
|
||||||
|
// String encryptedPassword =
|
||||||
toPublish.profile().newRuntime().hostedOn("d4science.org");
|
// StringEncrypter.getEncrypter().encrypt(definitionItem.getSecret());
|
||||||
toPublish.profile().runtime().status("READY");
|
accessPoint.name(definitionItem.getClientId());
|
||||||
|
accessPoint.description("Keycloak client credentials");
|
||||||
|
accessPoint.address(iamService.getAddress());
|
||||||
|
accessPoint.credentials(definitionItem.getSecret(), definitionItem.getUsername());
|
||||||
|
toPublish.profile().accessPoints().add(accessPoint);
|
||||||
|
|
||||||
logger.debug("Request publish: {}", toPublish);
|
logger.debug("Request publish: {}", toPublish);
|
||||||
try {
|
try {
|
||||||
ScopeProvider.instance.set(scope);
|
|
||||||
// AccessTokenProvider.instance.set(token);
|
// AccessTokenProvider.instance.set(token);
|
||||||
// SecurityTokenProvider.instance.set(token);
|
//SecurityTokenProvider.instance.set(token);
|
||||||
|
ScopeProvider.instance.set(scope);
|
||||||
|
|
||||||
RegistryPublisher publisher = RegistryPublisherFactory.create();
|
RegistryPublisher publisher = RegistryPublisherFactory.create();
|
||||||
|
|
||||||
|
@ -143,3 +192,5 @@ public class InformationSystemUtils {
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -11,6 +11,7 @@ public class Constants {
|
||||||
public static final String DEFAULT_USER = "giancarlo.panichi";
|
public static final String DEFAULT_USER = "giancarlo.panichi";
|
||||||
public static final String DEFAULT_SCOPE = "/gcube";
|
public static final String DEFAULT_SCOPE = "/gcube";
|
||||||
public static final String DEFAULT_TOKEN = "";
|
public static final String DEFAULT_TOKEN = "";
|
||||||
|
|
||||||
public static final String DEFAULT_ROLE = "OrganizationMember";
|
public static final String DEFAULT_ROLE = "OrganizationMember";
|
||||||
|
|
||||||
// Session
|
// Session
|
||||||
|
@ -23,5 +24,9 @@ public class Constants {
|
||||||
// SSD Services Endpoint
|
// SSD Services Endpoint
|
||||||
public static final String SYSTEM_SERVICE_CATEGORY = "SystemService";
|
public static final String SYSTEM_SERVICE_CATEGORY = "SystemService";
|
||||||
|
|
||||||
|
// IAM Services Endpoint
|
||||||
|
public static final String IAM_SERVICE_NAME = "IAM";
|
||||||
|
public static final String IAM_SERVICE_CATEGORY = "Auth";
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue