This is an automated email from the ASF dual-hosted git repository. smarru pushed a commit to branch develop in repository https://gitbox.apache.org/repos/asf/airavata-custos.git
commit a01e225324d32802c0ef2e851d0d49df06f15855 Author: Aarushi <[email protected]> AuthorDate: Tue Jul 9 00:24:30 2019 -0400 corrected the authentication client --- .../cpi/CustosAuthenticationService.java | 384 ++++++++++----------- .../handler/CustosAuthenticationHandler.java | 6 +- .../service/AuthenticationServiceClient.java | 4 +- .../org/apache/custos/commons/utils/Constants.java | 2 + .../custos/commons/utils/ServerSettings.java | 8 +- .../manager/KeyCloakSecurityManager.java | 7 +- .../src/main/resources/custos-server.properties | 14 + pom.xml | 2 + 8 files changed, 221 insertions(+), 206 deletions(-) diff --git a/custos-authentication/src/main/java/org/apache/custos/authentication/cpi/CustosAuthenticationService.java b/custos-authentication/src/main/java/org/apache/custos/authentication/cpi/CustosAuthenticationService.java index 551cead..396506a 100644 --- a/custos-authentication/src/main/java/org/apache/custos/authentication/cpi/CustosAuthenticationService.java +++ b/custos-authentication/src/main/java/org/apache/custos/authentication/cpi/CustosAuthenticationService.java @@ -457,7 +457,7 @@ public class CustosAuthenticationService { public org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.UserInfo> getResultHandler(final org.apache.thrift.server.AbstractNonblockingServer.AsyncFrameBuffer fb, final int seqid) { final org.apache.thrift.AsyncProcessFunction fcall = this; - return new org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.UserInfo>() { + return new org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.UserInfo>() { public void onComplete(org.apache.custos.commons.model.security.UserInfo o) { getUserInfoFromAuthzToken_result result = new getUserInfoFromAuthzToken_result(); result.success = o; @@ -522,7 +522,7 @@ public class CustosAuthenticationService { public org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.AuthzToken> getResultHandler(final org.apache.thrift.server.AbstractNonblockingServer.AsyncFrameBuffer fb, final int seqid) { final org.apache.thrift.AsyncProcessFunction fcall = this; - return new org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.AuthzToken>() { + return new org.apache.thrift.async.AsyncMethodCallback<org.apache.custos.commons.model.security.AuthzToken>() { public void onComplete(org.apache.custos.commons.model.security.AuthzToken o) { getUserManagementServiceAccountAuthzToken_result result = new getUserManagementServiceAccountAuthzToken_result(); result.success = o; @@ -652,8 +652,8 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); + tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(isUserAuthenticated_args.class, metaDataMap); } @@ -662,7 +662,7 @@ public class CustosAuthenticationService { } public isUserAuthenticated_args( - org.apache.custos.commons.model.security.AuthzToken authzToken) + org.apache.custos.commons.model.security.AuthzToken authzToken) { this(); this.authzToken = authzToken; @@ -713,13 +713,13 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case AUTHZ_TOKEN: - if (value == null) { - unsetAuthzToken(); - } else { - setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); - } - break; + case AUTHZ_TOKEN: + if (value == null) { + unsetAuthzToken(); + } else { + setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); + } + break; } } @@ -727,8 +727,8 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case AUTHZ_TOKEN: - return getAuthzToken(); + case AUTHZ_TOKEN: + return getAuthzToken(); } throw new IllegalStateException(); @@ -741,8 +741,8 @@ public class CustosAuthenticationService { } switch (field) { - case AUTHZ_TOKEN: - return isSetAuthzToken(); + case AUTHZ_TOKEN: + return isSetAuthzToken(); } throw new IllegalStateException(); } @@ -876,7 +876,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -885,7 +885,7 @@ public class CustosAuthenticationService { struct.authzToken = new org.apache.custos.commons.model.security.AuthzToken(); struct.authzToken.read(iprot); struct.setAuthzTokenIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -1024,10 +1024,10 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL))); - tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); + tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL))); + tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(isUserAuthenticated_result.class, metaDataMap); } @@ -1036,8 +1036,8 @@ public class CustosAuthenticationService { } public isUserAuthenticated_result( - boolean success, - org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) + boolean success, + org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) { this(); this.success = success; @@ -1117,21 +1117,21 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case SUCCESS: - if (value == null) { - unsetSuccess(); - } else { - setSuccess((Boolean)value); - } - break; + case SUCCESS: + if (value == null) { + unsetSuccess(); + } else { + setSuccess((Boolean)value); + } + break; - case AE: - if (value == null) { - unsetAe(); - } else { - setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); - } - break; + case AE: + if (value == null) { + unsetAe(); + } else { + setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); + } + break; } } @@ -1139,11 +1139,11 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case SUCCESS: - return isSuccess(); + case SUCCESS: + return isSuccess(); - case AE: - return getAe(); + case AE: + return getAe(); } throw new IllegalStateException(); @@ -1156,10 +1156,10 @@ public class CustosAuthenticationService { } switch (field) { - case SUCCESS: - return isSetSuccess(); - case AE: - return isSetAe(); + case SUCCESS: + return isSetSuccess(); + case AE: + return isSetAe(); } throw new IllegalStateException(); } @@ -1255,7 +1255,7 @@ public class CustosAuthenticationService { public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { scheme(oprot).write(oprot, this); - } + } @Override public String toString() { @@ -1314,7 +1314,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -1322,7 +1322,7 @@ public class CustosAuthenticationService { if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) { struct.success = iprot.readBool(); struct.setSuccessIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -1331,7 +1331,7 @@ public class CustosAuthenticationService { struct.ae = new org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException(); struct.ae.read(iprot); struct.setAeIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -1488,8 +1488,8 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); + tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(getUserInfoFromAuthzToken_args.class, metaDataMap); } @@ -1498,7 +1498,7 @@ public class CustosAuthenticationService { } public getUserInfoFromAuthzToken_args( - org.apache.custos.commons.model.security.AuthzToken authzToken) + org.apache.custos.commons.model.security.AuthzToken authzToken) { this(); this.authzToken = authzToken; @@ -1549,13 +1549,13 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case AUTHZ_TOKEN: - if (value == null) { - unsetAuthzToken(); - } else { - setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); - } - break; + case AUTHZ_TOKEN: + if (value == null) { + unsetAuthzToken(); + } else { + setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); + } + break; } } @@ -1563,8 +1563,8 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case AUTHZ_TOKEN: - return getAuthzToken(); + case AUTHZ_TOKEN: + return getAuthzToken(); } throw new IllegalStateException(); @@ -1577,8 +1577,8 @@ public class CustosAuthenticationService { } switch (field) { - case AUTHZ_TOKEN: - return isSetAuthzToken(); + case AUTHZ_TOKEN: + return isSetAuthzToken(); } throw new IllegalStateException(); } @@ -1712,7 +1712,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -1721,7 +1721,7 @@ public class CustosAuthenticationService { struct.authzToken = new org.apache.custos.commons.model.security.AuthzToken(); struct.authzToken.read(iprot); struct.setAuthzTokenIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -1858,10 +1858,10 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.UserInfo.class))); - tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); + tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.UserInfo.class))); + tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(getUserInfoFromAuthzToken_result.class, metaDataMap); } @@ -1870,8 +1870,8 @@ public class CustosAuthenticationService { } public getUserInfoFromAuthzToken_result( - org.apache.custos.commons.model.security.UserInfo success, - org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) + org.apache.custos.commons.model.security.UserInfo success, + org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) { this(); this.success = success; @@ -1952,21 +1952,21 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case SUCCESS: - if (value == null) { - unsetSuccess(); - } else { - setSuccess((org.apache.custos.commons.model.security.UserInfo)value); - } - break; + case SUCCESS: + if (value == null) { + unsetSuccess(); + } else { + setSuccess((org.apache.custos.commons.model.security.UserInfo)value); + } + break; - case AE: - if (value == null) { - unsetAe(); - } else { - setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); - } - break; + case AE: + if (value == null) { + unsetAe(); + } else { + setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); + } + break; } } @@ -1974,11 +1974,11 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case SUCCESS: - return getSuccess(); + case SUCCESS: + return getSuccess(); - case AE: - return getAe(); + case AE: + return getAe(); } throw new IllegalStateException(); @@ -1991,10 +1991,10 @@ public class CustosAuthenticationService { } switch (field) { - case SUCCESS: - return isSetSuccess(); - case AE: - return isSetAe(); + case SUCCESS: + return isSetSuccess(); + case AE: + return isSetAe(); } throw new IllegalStateException(); } @@ -2092,7 +2092,7 @@ public class CustosAuthenticationService { public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { scheme(oprot).write(oprot, this); - } + } @Override public String toString() { @@ -2156,7 +2156,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -2165,7 +2165,7 @@ public class CustosAuthenticationService { struct.success = new org.apache.custos.commons.model.security.UserInfo(); struct.success.read(iprot); struct.setSuccessIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -2174,7 +2174,7 @@ public class CustosAuthenticationService { struct.ae = new org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException(); struct.ae.read(iprot); struct.setAeIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -2347,14 +2347,14 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); - tmpMap.put(_Fields.GATEWAY_ID, new org.apache.thrift.meta_data.FieldMetaData("gatewayId", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); - tmpMap.put(_Fields.CLIENT_ID, new org.apache.thrift.meta_data.FieldMetaData("clientId", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); - tmpMap.put(_Fields.CLIENT_SECRET, new org.apache.thrift.meta_data.FieldMetaData("clientSecret", org.apache.thrift.TFieldRequirementType.REQUIRED, - new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.AUTHZ_TOKEN, new org.apache.thrift.meta_data.FieldMetaData("authzToken", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); + tmpMap.put(_Fields.GATEWAY_ID, new org.apache.thrift.meta_data.FieldMetaData("gatewayId", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.CLIENT_ID, new org.apache.thrift.meta_data.FieldMetaData("clientId", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.CLIENT_SECRET, new org.apache.thrift.meta_data.FieldMetaData("clientSecret", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(getUserManagementServiceAccountAuthzToken_args.class, metaDataMap); } @@ -2363,10 +2363,10 @@ public class CustosAuthenticationService { } public getUserManagementServiceAccountAuthzToken_args( - org.apache.custos.commons.model.security.AuthzToken authzToken, - String gatewayId, - String clientId, - String clientSecret) + org.apache.custos.commons.model.security.AuthzToken authzToken, + String gatewayId, + String clientId, + String clientSecret) { this(); this.authzToken = authzToken; @@ -2507,37 +2507,37 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case AUTHZ_TOKEN: - if (value == null) { - unsetAuthzToken(); - } else { - setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); - } - break; + case AUTHZ_TOKEN: + if (value == null) { + unsetAuthzToken(); + } else { + setAuthzToken((org.apache.custos.commons.model.security.AuthzToken)value); + } + break; - case GATEWAY_ID: - if (value == null) { - unsetGatewayId(); - } else { - setGatewayId((String)value); - } - break; + case GATEWAY_ID: + if (value == null) { + unsetGatewayId(); + } else { + setGatewayId((String)value); + } + break; - case CLIENT_ID: - if (value == null) { - unsetClientId(); - } else { - setClientId((String)value); - } - break; + case CLIENT_ID: + if (value == null) { + unsetClientId(); + } else { + setClientId((String)value); + } + break; - case CLIENT_SECRET: - if (value == null) { - unsetClientSecret(); - } else { - setClientSecret((String)value); - } - break; + case CLIENT_SECRET: + if (value == null) { + unsetClientSecret(); + } else { + setClientSecret((String)value); + } + break; } } @@ -2545,17 +2545,17 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case AUTHZ_TOKEN: - return getAuthzToken(); + case AUTHZ_TOKEN: + return getAuthzToken(); - case GATEWAY_ID: - return getGatewayId(); + case GATEWAY_ID: + return getGatewayId(); - case CLIENT_ID: - return getClientId(); + case CLIENT_ID: + return getClientId(); - case CLIENT_SECRET: - return getClientSecret(); + case CLIENT_SECRET: + return getClientSecret(); } throw new IllegalStateException(); @@ -2568,14 +2568,14 @@ public class CustosAuthenticationService { } switch (field) { - case AUTHZ_TOKEN: - return isSetAuthzToken(); - case GATEWAY_ID: - return isSetGatewayId(); - case CLIENT_ID: - return isSetClientId(); - case CLIENT_SECRET: - return isSetClientSecret(); + case AUTHZ_TOKEN: + return isSetAuthzToken(); + case GATEWAY_ID: + return isSetGatewayId(); + case CLIENT_ID: + return isSetClientId(); + case CLIENT_SECRET: + return isSetClientSecret(); } throw new IllegalStateException(); } @@ -2811,7 +2811,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -2820,7 +2820,7 @@ public class CustosAuthenticationService { struct.authzToken = new org.apache.custos.commons.model.security.AuthzToken(); struct.authzToken.read(iprot); struct.setAuthzTokenIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -2828,7 +2828,7 @@ public class CustosAuthenticationService { if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { struct.gatewayId = iprot.readString(); struct.setGatewayIdIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -2836,7 +2836,7 @@ public class CustosAuthenticationService { if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { struct.clientId = iprot.readString(); struct.setClientIdIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -2844,7 +2844,7 @@ public class CustosAuthenticationService { if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { struct.clientSecret = iprot.readString(); struct.setClientSecretIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -3005,10 +3005,10 @@ public class CustosAuthenticationService { public static final java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; static { java.util.Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new java.util.EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); - tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); - tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, - new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); + tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.commons.model.security.AuthzToken.class))); + tmpMap.put(_Fields.AE, new org.apache.thrift.meta_data.FieldMetaData("ae", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException.class))); metaDataMap = java.util.Collections.unmodifiableMap(tmpMap); org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(getUserManagementServiceAccountAuthzToken_result.class, metaDataMap); } @@ -3017,8 +3017,8 @@ public class CustosAuthenticationService { } public getUserManagementServiceAccountAuthzToken_result( - org.apache.custos.commons.model.security.AuthzToken success, - org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) + org.apache.custos.commons.model.security.AuthzToken success, + org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException ae) { this(); this.success = success; @@ -3099,21 +3099,21 @@ public class CustosAuthenticationService { public void setFieldValue(_Fields field, @org.apache.thrift.annotation.Nullable Object value) { switch (field) { - case SUCCESS: - if (value == null) { - unsetSuccess(); - } else { - setSuccess((org.apache.custos.commons.model.security.AuthzToken)value); - } - break; + case SUCCESS: + if (value == null) { + unsetSuccess(); + } else { + setSuccess((org.apache.custos.commons.model.security.AuthzToken)value); + } + break; - case AE: - if (value == null) { - unsetAe(); - } else { - setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); - } - break; + case AE: + if (value == null) { + unsetAe(); + } else { + setAe((org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException)value); + } + break; } } @@ -3121,11 +3121,11 @@ public class CustosAuthenticationService { @org.apache.thrift.annotation.Nullable public Object getFieldValue(_Fields field) { switch (field) { - case SUCCESS: - return getSuccess(); + case SUCCESS: + return getSuccess(); - case AE: - return getAe(); + case AE: + return getAe(); } throw new IllegalStateException(); @@ -3138,10 +3138,10 @@ public class CustosAuthenticationService { } switch (field) { - case SUCCESS: - return isSetSuccess(); - case AE: - return isSetAe(); + case SUCCESS: + return isSetSuccess(); + case AE: + return isSetAe(); } throw new IllegalStateException(); } @@ -3239,7 +3239,7 @@ public class CustosAuthenticationService { public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { scheme(oprot).write(oprot, this); - } + } @Override public String toString() { @@ -3303,7 +3303,7 @@ public class CustosAuthenticationService { while (true) { schemeField = iprot.readFieldBegin(); - if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { break; } switch (schemeField.id) { @@ -3312,7 +3312,7 @@ public class CustosAuthenticationService { struct.success = new org.apache.custos.commons.model.security.AuthzToken(); struct.success.read(iprot); struct.setSuccessIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -3321,7 +3321,7 @@ public class CustosAuthenticationService { struct.ae = new org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException(); struct.ae.read(iprot); struct.setAeIsSet(true); - } else { + } else { org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); } break; @@ -3405,4 +3405,4 @@ public class CustosAuthenticationService { } } -} \ No newline at end of file +} diff --git a/custos-authentication/src/main/java/org/apache/custos/authentication/handler/CustosAuthenticationHandler.java b/custos-authentication/src/main/java/org/apache/custos/authentication/handler/CustosAuthenticationHandler.java index 1c078e0..0a2f43c 100644 --- a/custos-authentication/src/main/java/org/apache/custos/authentication/handler/CustosAuthenticationHandler.java +++ b/custos-authentication/src/main/java/org/apache/custos/authentication/handler/CustosAuthenticationHandler.java @@ -35,8 +35,7 @@ public class CustosAuthenticationHandler implements CustosAuthenticationService. public UserInfo getUserInfoFromAuthzToken(AuthzToken authzToken) throws CustosAuthenticationServiceException { try{ CustosSecurityManager securityManager = SecurityManagerFactory.getSecurityManager(); - UserInfo userInfo = securityManager.getUserInfoFromAuthzToken(authzToken); - return userInfo; + return securityManager.getUserInfoFromAuthzToken(authzToken); }catch (CustosSecurityException e){ logger.error(e.getMessage(), e); throw new CustosAuthenticationServiceException("Could not retrieve user info"); @@ -46,8 +45,7 @@ public class CustosAuthenticationHandler implements CustosAuthenticationService. public AuthzToken getUserManagementServiceAccountAuthzToken(AuthzToken authzToken, String gatewayId, String clientId, String clientSecret) throws CustosAuthenticationServiceException { try{ CustosSecurityManager securityManager = SecurityManagerFactory.getSecurityManager(); - AuthzToken managementServiceAccountAuthzToken = securityManager.getUserManagementServiceAccountAuthzToken(authzToken, gatewayId, clientId, clientSecret); - return managementServiceAccountAuthzToken; + return securityManager.getUserManagementServiceAccountAuthzToken(authzToken, gatewayId, clientId, clientSecret); }catch (CustosSecurityException e){ logger.error(e.getMessage(), e); throw new CustosAuthenticationServiceException("Could get user management account authz token"); diff --git a/custos-client/src/main/java/org/apache/custos/client/authentication/service/AuthenticationServiceClient.java b/custos-client/src/main/java/org/apache/custos/client/authentication/service/AuthenticationServiceClient.java index 054a5c1..4fc0444 100644 --- a/custos-client/src/main/java/org/apache/custos/client/authentication/service/AuthenticationServiceClient.java +++ b/custos-client/src/main/java/org/apache/custos/client/authentication/service/AuthenticationServiceClient.java @@ -3,7 +3,6 @@ package org.apache.custos.client.authentication.service; import org.apache.custos.authentication.cpi.CustosAuthenticationService; import org.apache.custos.authentication.cpi.exception.CustosAuthenticationServiceException; import org.apache.thrift.protocol.TBinaryProtocol; -import org.apache.thrift.protocol.TMultiplexedProtocol; import org.apache.thrift.protocol.TProtocol; import org.apache.thrift.transport.TSocket; import org.apache.thrift.transport.TTransport; @@ -16,8 +15,7 @@ public class AuthenticationServiceClient { TTransport transport = new TSocket(serverHost, serverPort); transport.open(); TProtocol protocol = new TBinaryProtocol(transport); - TMultiplexedProtocol multiplexedProtocol = new TMultiplexedProtocol(protocol, "CustosAuthenticationService"); - return new CustosAuthenticationService.Client(multiplexedProtocol); + return new CustosAuthenticationService.Client(protocol); } catch (TTransportException e) { throw new CustosAuthenticationServiceException(e.getMessage()); } diff --git a/custos-commons/src/main/java/org/apache/custos/commons/utils/Constants.java b/custos-commons/src/main/java/org/apache/custos/commons/utils/Constants.java index 306c6be..7bb6c8e 100644 --- a/custos-commons/src/main/java/org/apache/custos/commons/utils/Constants.java +++ b/custos-commons/src/main/java/org/apache/custos/commons/utils/Constants.java @@ -27,6 +27,8 @@ public final class Constants { public static final String AUTHZ_CACHE_MANAGER_CLASS = "authz.cache.manager.class"; public static final String SECURITY_MANAGER_CLASS = "security.manager.class"; public static final String AUTHZ_CACHE_ENABLED = "authz.cache.enabled"; + public static final String KEYSTORE_PATH = "keystore.path"; + public static final String KEYSTORE_PASSWORD = "keystore.password"; //Names of the attributes that could be passed in the AuthzToken's claims map. public static final String USER_NAME = "userName"; diff --git a/custos-commons/src/main/java/org/apache/custos/commons/utils/ServerSettings.java b/custos-commons/src/main/java/org/apache/custos/commons/utils/ServerSettings.java index 78570f7..642f37e 100644 --- a/custos-commons/src/main/java/org/apache/custos/commons/utils/ServerSettings.java +++ b/custos-commons/src/main/java/org/apache/custos/commons/utils/ServerSettings.java @@ -31,6 +31,7 @@ public class ServerSettings extends ApplicationSettings { public static final String IAM_SERVER_SUPER_ADMIN_USERNAME = "iam.server.super.admin.username"; public static final String IAM_SERVER_SUPER_ADMIN_PASSWORD = "iam.server.super.admin.password"; + public static int getCacheSize() throws ApplicationSettingsException { return Integer.valueOf(getSetting(Constants.IN_MEMORY_CACHE_SIZE)); } @@ -53,6 +54,11 @@ public class ServerSettings extends ApplicationSettings { public static String getAuthenticationServerHost() throws ApplicationSettingsException { return getSetting(ServerSettings.AUTHENTICATION_SERVICE_SERVER_HOST); } + public static String getKeyStorePath() throws ApplicationSettingsException { + return getSetting(Constants.KEYSTORE_PATH); + } - + public static String getKeyStorePassword() throws ApplicationSettingsException { + return getSetting(Constants.KEYSTORE_PASSWORD); + } } diff --git a/custos-connectors/src/main/java/org.apache.custos.security/manager/KeyCloakSecurityManager.java b/custos-connectors/src/main/java/org.apache.custos.security/manager/KeyCloakSecurityManager.java index 0b4d16e..ad058f3 100644 --- a/custos-connectors/src/main/java/org.apache.custos.security/manager/KeyCloakSecurityManager.java +++ b/custos-connectors/src/main/java/org.apache.custos.security/manager/KeyCloakSecurityManager.java @@ -26,11 +26,7 @@ import org.apache.custos.commons.model.security.AuthzToken; import org.apache.custos.commons.model.security.UserInfo; import org.apache.custos.commons.utils.Constants; import org.apache.custos.commons.utils.ServerSettings; -import org.apache.custos.commons.utils.ThriftUtils; -import org.apache.custos.profile.client.ProfileServiceClientFactory; -import org.apache.custos.profile.model.workspace.Gateway; import org.apache.custos.profile.tenant.cpi.TenantProfileService; -import org.apache.custos.profile.tenant.cpi.exception.TenantProfileServiceException; import org.apache.custos.security.authzcache.*; import org.apache.custos.security.utils.TrustStoreManager; import org.apache.http.Consts; @@ -43,7 +39,6 @@ import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.message.BasicNameValuePair; import org.apache.http.util.EntityUtils; -import org.apache.thrift.TException; import org.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -62,7 +57,7 @@ public class KeyCloakSecurityManager implements CustosSecurityManager { private final static Logger logger = LoggerFactory.getLogger(KeyCloakSecurityManager.class); private TenantProfileService.Client tenantProfileClient = null; public KeyCloakSecurityManager() throws CustosSecurityException { - initializeSecurityInfra(); + //initializeSecurityInfra(); } /** diff --git a/ide-integration/src/main/resources/custos-server.properties b/ide-integration/src/main/resources/custos-server.properties index 8686ed0..3741eab 100644 --- a/ide-integration/src/main/resources/custos-server.properties +++ b/ide-integration/src/main/resources/custos-server.properties @@ -29,4 +29,18 @@ ########################################################################### custos.authentication.server.port = 9091 custos.authentication.server.host = localhost +security.manager.class=org.apache.custos.security.manager.KeyCloakSecurityManager +########################################################################### +# Iam Admin services Configuration +########################################################################### +iam.server.url=https://localhost:8443/auth +iam.server.super.admin.username=admin +iam.server.super.admin.password=admin + +#### keystore configuration #### +keystore.path=keystores/airavata.jks +keystore.password=airavata +#### trust store configuration #### +trust.store=keystores/client_truststore.jks +trust.store.password=airavata diff --git a/pom.xml b/pom.xml index ac024f0..736fad9 100644 --- a/pom.xml +++ b/pom.xml @@ -23,6 +23,7 @@ <module>custos-authentication</module> </modules> <properties> + <java.version>1.8</java.version> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> <org.slf4j.version>1.7.25</org.slf4j.version> @@ -62,4 +63,5 @@ <version>${log4j.version}</version> </dependency> </dependencies> + </project> \ No newline at end of file
