You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by bh...@apache.org on 2019/07/30 09:18:52 UTC
[incubator-dlab] branch dlab_refactored created (now d57dab3)
This is an automated email from the ASF dual-hosted git repository.
bhliva pushed a change to branch dlab_refactored
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git.
at d57dab3 DLAB-000 added keycloak support
This branch includes the following new commits:
new dfba3db DLAB-728 replaced security service with keycloak integration
new d57dab3 DLAB-000 added keycloak support
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org
[incubator-dlab] 01/02: DLAB-728 replaced security service with
keycloak integration
Posted by bh...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
bhliva pushed a commit to branch dlab_refactored
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
commit dfba3db01422c157110eb2795c13c5d8e4cbc787
Author: bhliva <bo...@epam.com>
AuthorDate: Thu May 30 16:51:34 2019 +0300
DLAB-728 replaced security service with keycloak integration
---
pom.xml | 4 -
.../java/com/epam/dlab/auth/SecurityFactory.java | 54 -----
.../epam/dlab/auth/SecurityRestAuthenticator.java | 54 -----
services/security-aws/pom.xml | 58 ------
.../com/epam/dlab/auth/aws/dao/AwsUserDAO.java | 35 ----
.../com/epam/dlab/auth/aws/dao/AwsUserDAOImpl.java | 79 -------
.../aws/service/AwsCredentialRefreshService.java | 68 ------
.../aws/service/AwsUserVerificationService.java | 82 --------
services/security-azure/pom.xml | 78 -------
.../dlab/auth/azure/AuthorizationCodeSupplier.java | 44 ----
.../dlab/auth/azure/AuthorizationSupplier.java | 36 ----
.../auth/azure/AzureAuthenticationResource.java | 194 -----------------
.../dlab/auth/azure/AzureLocalAuthResponse.java | 42 ----
.../epam/dlab/auth/azure/AzureLoginUrlBuilder.java | 75 -------
.../dlab/auth/azure/AzureSecurityResource.java | 116 -----------
.../com/epam/dlab/auth/azure/RoleAssignment.java | 37 ----
.../dlab/auth/azure/RoleAssignmentProperties.java | 43 ----
.../dlab/auth/azure/RoleAssignmentResponse.java | 35 ----
.../dlab/auth/azure/UsernamePasswordSupplier.java | 43 ----
.../service/AzureAuthorizationCodeService.java | 46 ----
.../service/AzureAuthorizationCodeServiceImpl.java | 231 ---------------------
services/security-gcp/pom.xml | 66 ------
.../gcp/resources/GcpOauth2SecurityResource.java | 56 -----
.../auth/gcp/service/GcpAuthenticationService.java | 110 ----------
services/security-service/pom.xml | 183 ----------------
services/security-service/security.yml | 150 -------------
.../epam/dlab/auth/SecurityServiceApplication.java | 65 ------
.../dlab/auth/SecurityServiceConfiguration.java | 146 -------------
.../epam/dlab/auth/core/DlabLdapConnection.java | 42 ----
.../dlab/auth/core/DlabLdapConnectionFactory.java | 49 -----
.../epam/dlab/auth/core/ReturnableConnection.java | 67 ------
.../com/epam/dlab/auth/core/SimpleConnection.java | 47 -----
.../java/com/epam/dlab/auth/dao/LdapUserDAO.java | 30 ---
.../com/epam/dlab/auth/dao/LdapUserDAOImpl.java | 165 ---------------
.../main/java/com/epam/dlab/auth/dao/Request.java | 35 ----
.../epam/dlab/auth/dao/UserInfoDAODumbImpl.java | 54 -----
.../epam/dlab/auth/dao/UserInfoDAOMongoImpl.java | 132 ------------
.../auth/modules/AwsSecurityServiceModule.java | 92 --------
.../auth/modules/AzureSecurityServiceModule.java | 78 -------
.../auth/modules/GcpSecurityServiceModule.java | 94 ---------
.../com/epam/dlab/auth/modules/ModuleFactory.java | 43 ----
.../dlab/auth/modules/SecurityServiceModule.java | 66 ------
.../SynchronousLdapAuthenticationResource.java | 80 -------
.../dlab/auth/service/AuthenticationService.java | 34 ---
.../service/impl/LdapAuthenticationService.java | 89 --------
.../security-service/src/main/resources/banner.txt | 6 -
.../impl/LdapAuthenticationServiceTest.java | 139 -------------
services/self-service/pom.xml | 6 +
.../DropwizardBearerTokenFilterImpl.java | 20 ++
.../dlab/backendapi/SelfServiceApplication.java | 50 +++++
.../SelfServiceApplicationConfiguration.java | 14 ++
.../auth/SelfServiceSecurityAuthenticator.java | 55 -----
.../backendapi/modules/AwsSelfServiceModule.java | 7 +-
.../backendapi/modules/AzureSelfServiceModule.java | 18 --
.../epam/dlab/backendapi/modules/DevModule.java | 4 +-
.../backendapi/modules/GcpSelfServiceModule.java | 9 +-
.../backendapi/resources/SecurityResource.java | 4 +-
.../servlet/guacamole/GuacamoleSecurityFilter.java | 18 +-
.../backendapi/resources/SecurityResourceTest.java | 2 +-
59 files changed, 104 insertions(+), 3675 deletions(-)
diff --git a/pom.xml b/pom.xml
index 378593f..1925e09 100644
--- a/pom.xml
+++ b/pom.xml
@@ -52,10 +52,6 @@
<module>services/self-service</module>
<module>services/billing-azure</module>
<module>services/billing-gcp</module>
- <module>services/security-azure</module>
- <module>services/security-gcp</module>
- <module>services/security-aws</module>
- <module>services/security-service</module>
<module>services/dlab-model</module>
<module>services/dlab-utils</module>
<module>services/dlab-webapp-common</module>
diff --git a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityFactory.java b/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityFactory.java
deleted file mode 100644
index 67fe166..0000000
--- a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityFactory.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth;
-
-import com.google.inject.Injector;
-import io.dropwizard.auth.AuthDynamicFeature;
-import io.dropwizard.auth.AuthValueFactoryProvider;
-import io.dropwizard.auth.Authorizer;
-import io.dropwizard.auth.oauth.OAuthCredentialAuthFilter;
-import io.dropwizard.setup.Environment;
-import org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
-
-public class SecurityFactory {
- private static final String PREFIX = "Bearer";
-
- public void configure(Injector injector, Environment environment) {
-
- configure(injector, environment, SecurityRestAuthenticator.class,
- injector.getInstance(SecurityAuthorizer.class));
- }
-
- public <T extends SecurityRestAuthenticator> void configure(Injector injector, Environment environment,
- Class<T> authenticator,
- Authorizer<UserInfo> authorizer) {
-
- environment.jersey().register(new AuthDynamicFeature(
- new OAuthCredentialAuthFilter.Builder<UserInfo>()
- .setAuthenticator(injector.getInstance(authenticator))
- .setAuthorizer(authorizer)
- .setPrefix(PREFIX)
- .setUnauthorizedHandler(injector.getInstance(SecurityUnauthorizedHandler.class))
- .buildAuthFilter()));
-
- environment.jersey().register(RolesAllowedDynamicFeature.class);
- environment.jersey().register(new AuthValueFactoryProvider.Binder<>(UserInfo.class));
- }
-}
diff --git a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityRestAuthenticator.java b/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityRestAuthenticator.java
deleted file mode 100644
index 9ff1339..0000000
--- a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SecurityRestAuthenticator.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth;
-
-import com.epam.dlab.auth.contract.SecurityAPI;
-import com.epam.dlab.constants.ServiceConsts;
-import com.epam.dlab.rest.client.RESTService;
-import com.google.inject.Inject;
-import com.google.inject.name.Named;
-import io.dropwizard.auth.AuthenticationException;
-import io.dropwizard.auth.Authenticator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.slf4j.MDC;
-
-import java.util.Optional;
-
-public class SecurityRestAuthenticator implements Authenticator<String, UserInfo> {
- private static final Logger LOGGER = LoggerFactory.getLogger(SecurityRestAuthenticator.class);
-
- @Inject
- @Named(ServiceConsts.SECURITY_SERVICE_NAME)
- private RESTService securityService;
-
- @Inject
- private SystemUserInfoService systemUserInfoService;
-
- @Override
- public Optional<UserInfo> authenticate(String credentials) throws AuthenticationException {
- LOGGER.debug("authenticate token {}", credentials);
-
- final Optional<UserInfo> userInfo = Optional.ofNullable(systemUserInfoService.getUser(credentials).orElseGet(
- () -> securityService.post(SecurityAPI.GET_USER_INFO, credentials, UserInfo.class)));
- userInfo.ifPresent(ui -> MDC.put("user", ui.getName()));
- return userInfo;
- }
-}
diff --git a/services/security-aws/pom.xml b/services/security-aws/pom.xml
deleted file mode 100644
index 105d798..0000000
--- a/services/security-aws/pom.xml
+++ /dev/null
@@ -1,58 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ~ Licensed to the Apache Software Foundation (ASF) under one
- ~ or more contributor license agreements. See the NOTICE file
- ~ distributed with this work for additional information
- ~ regarding copyright ownership. The ASF licenses this file
- ~ to you under the Apache License, Version 2.0 (the
- ~ "License"); you may not use this file except in compliance
- ~ with the License. You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing,
- ~ software distributed under the License is distributed on an
- ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- ~ KIND, either express or implied. See the License for the
- ~ specific language governing permissions and limitations
- ~ under the License.
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>dlab</artifactId>
- <groupId>com.epam.dlab</groupId>
- <version>1.0</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>security-aws</artifactId>
-
-
- <properties>
- <aws-java-sdk-iam.version>1.11.48</aws-java-sdk-iam.version>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>common</artifactId>
- </dependency>
- <dependency>
- <groupId>com.amazonaws</groupId>
- <artifactId>aws-java-sdk-iam</artifactId>
- <version>${aws-java-sdk-iam.version}</version>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-webapp-common</artifactId>
- <version>${project.parent.version}</version>
- <scope>provided</scope>
- </dependency>
- </dependencies>
-
-
-</project>
\ No newline at end of file
diff --git a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAO.java b/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAO.java
deleted file mode 100644
index 639513e..0000000
--- a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAO.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.aws.dao;
-
-import com.amazonaws.auth.AWSCredentials;
-import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata;
-import com.amazonaws.services.identitymanagement.model.User;
-
-import java.util.List;
-
-public interface AwsUserDAO {
-
- User getAwsUser(String username);
-
- void updateCredentials(AWSCredentials credentials);
-
- List<AccessKeyMetadata> getAwsAccessKeys(String username);
-}
diff --git a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAOImpl.java b/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAOImpl.java
deleted file mode 100644
index 4398ccc..0000000
--- a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/dao/AwsUserDAOImpl.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.aws.dao;
-
-import com.amazonaws.auth.AWSCredentials;
-import com.amazonaws.services.identitymanagement.AmazonIdentityManagement;
-import com.amazonaws.services.identitymanagement.AmazonIdentityManagementClient;
-import com.amazonaws.services.identitymanagement.model.*;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import lombok.extern.slf4j.Slf4j;
-
-import java.util.List;
-
-@Singleton
-@Slf4j
-public class AwsUserDAOImpl implements AwsUserDAO {
-
- private volatile AmazonIdentityManagement aim;
-
- @Inject
- public AwsUserDAOImpl(AWSCredentials credentials) {
- this.aim = new AmazonIdentityManagementClient(credentials);
- }
-
- @Override
- public User getAwsUser(String username) {
- User u = fetchAwsUser(username);
- log.debug("Fetched AWS user {}", u);
- return u;
- }
-
- @Override
- public void updateCredentials(AWSCredentials credentials) {
- this.aim = new AmazonIdentityManagementClient(credentials);
- }
-
- @Override
- public List<AccessKeyMetadata> getAwsAccessKeys(String username) {
- List<AccessKeyMetadata> data = null;
- try {
- ListAccessKeysRequest request = new ListAccessKeysRequest().withUserName(username);
- ListAccessKeysResult result = aim.listAccessKeys(request);
- data = result.getAccessKeyMetadata();
- } catch (Exception e) {
- log.error("AccessKeyMetadata for {} request failed: {}", username, e.getMessage());
- }
- return data;
- }
-
- private User fetchAwsUser(String username) {
- User user = null;
- try {
- GetUserRequest r = new GetUserRequest().withUserName(username);
- GetUserResult ur = aim.getUser(r);
- user = ur.getUser();
- } catch (NoSuchEntityException e) {
- log.error("User {} not found: {}", username, e.getMessage());
- }
- return user;
- }
-}
diff --git a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsCredentialRefreshService.java b/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsCredentialRefreshService.java
deleted file mode 100644
index 54bc300..0000000
--- a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsCredentialRefreshService.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.aws.service;
-
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.epam.dlab.auth.aws.dao.AwsUserDAO;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import io.dropwizard.lifecycle.Managed;
-import lombok.extern.slf4j.Slf4j;
-
-import java.util.concurrent.Executors;
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
-
-@Singleton
-@Slf4j
-public class AwsCredentialRefreshService implements Managed {
-
- private final ScheduledExecutorService executor = Executors.newSingleThreadScheduledExecutor();
- private final AwsUserDAO awsUserDAO;
- private final AWSCredentialsProvider credentialsProvider;
-
- @Inject
- public AwsCredentialRefreshService(AwsUserDAO awsUserDAO, AWSCredentialsProvider credentialsProvider) {
- this.awsUserDAO = awsUserDAO;
- this.credentialsProvider = credentialsProvider;
- }
-
- @Override
- public void start() {
- executor.scheduleAtFixedRate(() -> refresh(credentialsProvider), 5, 5,
- TimeUnit.MINUTES);
- }
-
- @Override
- public void stop() {
- executor.shutdown();
- }
-
- private void refresh(AWSCredentialsProvider credentialsProvider) {
- try {
- credentialsProvider.refresh();
- this.awsUserDAO.updateCredentials(credentialsProvider.getCredentials());
- log.debug("provider credentials refreshed");
- } catch (Exception e) {
- log.error("AWS provider error", e);
- throw e;
- }
- }
-}
diff --git a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsUserVerificationService.java b/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsUserVerificationService.java
deleted file mode 100644
index 27294ef..0000000
--- a/services/security-aws/src/main/java/com/epam/dlab/auth/aws/service/AwsUserVerificationService.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.aws.service;
-
-import com.amazonaws.services.identitymanagement.model.AccessKeyMetadata;
-import com.amazonaws.services.identitymanagement.model.User;
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.aws.dao.AwsUserDAO;
-import com.epam.dlab.exceptions.DlabException;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-
-import java.util.List;
-
-@Singleton
-public class AwsUserVerificationService implements UserVerificationService {
-
- private final AwsUserDAO awsUserDAO;
-
- @Inject
- public AwsUserVerificationService(AwsUserDAO awsUserDAO) {
- this.awsUserDAO = awsUserDAO;
- }
-
- @Override
- public void verify(UserInfo userInfo) {
- verifyAwsUser(userInfo);
- verifyAwsKeys(userInfo);
- }
-
-
- private User verifyAwsUser(UserInfo userInfo) {
- try {
- User awsUser = awsUserDAO.getAwsUser(userInfo.getName());
- if (awsUser != null) {
- userInfo.setAwsUser(true);
- return awsUser;
- } else {
- throw new DlabException("Please contact AWS administrator to create corresponding IAM User");
- }
- } catch (RuntimeException e) {
- throw new DlabException("Please contact AWS administrator to create corresponding IAM User", e);
- }
- }
-
- private List<AccessKeyMetadata> verifyAwsKeys(UserInfo userInfo) {
-
- userInfo.getKeys().clear();
-
- try {
- List<AccessKeyMetadata> keys = awsUserDAO.getAwsAccessKeys(userInfo.getName());
- if (keys == null || keys.isEmpty()
- || keys.stream().noneMatch(k -> "Active".equalsIgnoreCase(k.getStatus()))) {
-
- throw new DlabException("Cannot get aws access key for user " + userInfo.getName());
- }
- keys.forEach(e -> userInfo.addKey(e.getAccessKeyId(), e.getStatus()));
-
- return keys;
- } catch (RuntimeException e) {
- throw new DlabException("Please contact AWS administrator to activate your Access Key", e);
- }
- }
-}
diff --git a/services/security-azure/pom.xml b/services/security-azure/pom.xml
deleted file mode 100644
index d484b67..0000000
--- a/services/security-azure/pom.xml
+++ /dev/null
@@ -1,78 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ~ Licensed to the Apache Software Foundation (ASF) under one
- ~ or more contributor license agreements. See the NOTICE file
- ~ distributed with this work for additional information
- ~ regarding copyright ownership. The ASF licenses this file
- ~ to you under the Apache License, Version 2.0 (the
- ~ "License"); you may not use this file except in compliance
- ~ with the License. You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing,
- ~ software distributed under the License is distributed on an
- ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- ~ KIND, either express or implied. See the License for the
- ~ specific language governing permissions and limitations
- ~ under the License.
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>dlab</artifactId>
- <groupId>com.epam.dlab</groupId>
- <version>1.0</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>security-azure</artifactId>
-
- <dependencies>
-
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>common</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
-
- <dependency>
- <groupId>com.microsoft.azure</groupId>
- <artifactId>adal4j</artifactId>
- <version>1.3.0</version>
- </dependency>
-
- <dependency>
- <groupId>com.microsoft.azure</groupId>
- <artifactId>azure-client-authentication</artifactId>
- <version>1.2.0</version>
- </dependency>
-
- <dependency>
- <groupId>io.dropwizard</groupId>
- <artifactId>dropwizard-auth</artifactId>
- <version>${io.dropwizard.version}</version>
- </dependency>
- <dependency>
- <groupId>com.google.inject</groupId>
- <artifactId>guice</artifactId>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-webapp-common</artifactId>
- <version>${project.parent.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-model</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
-
- </dependencies>
-
-
-</project>
\ No newline at end of file
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationCodeSupplier.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationCodeSupplier.java
deleted file mode 100644
index 4d4650c..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationCodeSupplier.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.dto.azure.auth.AuthorizationCodeFlowResponse;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-
-import java.net.URI;
-import java.util.concurrent.Future;
-
-class AuthorizationCodeSupplier extends AuthorizationSupplier {
- private final AuthorizationCodeFlowResponse response;
-
- AuthorizationCodeSupplier(AzureLoginConfiguration azureLoginConfiguration,
- AuthorizationCodeFlowResponse response) {
- super(azureLoginConfiguration);
- this.response = response;
- }
-
- public Future<AuthenticationResult> get(AuthenticationContext context, String resource) {
- return context
- .acquireTokenByAuthorizationCode(response.getCode(), resource, azureLoginConfiguration.getClientId(),
- URI.create(azureLoginConfiguration.getRedirectUrl()), null);
- }
-}
\ No newline at end of file
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationSupplier.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationSupplier.java
deleted file mode 100644
index fef50a9..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AuthorizationSupplier.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-
-import java.util.concurrent.Future;
-
-public abstract class AuthorizationSupplier {
- final AzureLoginConfiguration azureLoginConfiguration;
-
- AuthorizationSupplier(AzureLoginConfiguration azureLoginConfiguration) {
- this.azureLoginConfiguration = azureLoginConfiguration;
- }
-
- public abstract Future<AuthenticationResult> get(AuthenticationContext context, String resource);
-}
\ No newline at end of file
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureAuthenticationResource.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureAuthenticationResource.java
deleted file mode 100644
index fca3ed0..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureAuthenticationResource.java
+++ /dev/null
@@ -1,194 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.azure.service.AzureAuthorizationCodeService;
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.auth.contract.SecurityAPI;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-import com.epam.dlab.auth.rest.AbstractAuthenticationService;
-import com.epam.dlab.dto.azure.auth.AuthorizationCodeFlowResponse;
-import com.epam.dlab.rest.dto.ErrorDTO;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.inject.Inject;
-import com.microsoft.aad.adal4j.AuthenticationException;
-import io.dropwizard.Configuration;
-import org.apache.commons.lang3.StringUtils;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import java.io.IOException;
-import java.net.URI;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Optional;
-
-/**
- * Used to authenticate users against Azure Active Directory
- *
- * @param <C> holds application configuration info
- */
-@Path("/")
-@Consumes(MediaType.APPLICATION_JSON)
-@Produces(MediaType.APPLICATION_JSON)
-public class AzureAuthenticationResource<C extends Configuration> extends AbstractAuthenticationService<C> {
-
- private final UserInfoDAO userInfoDao;
- private final AzureLoginConfiguration azureLoginConfiguration;
- private final ObjectMapper objectMapper = new ObjectMapper();
- private final AzureAuthorizationCodeService authorizationCodeService;
-
- @Inject
- public AzureAuthenticationResource(C config, UserInfoDAO userInfoDao,
- AzureLoginConfiguration azureLoginConfiguration, AzureAuthorizationCodeService
- authorizationCodeService) {
- super(config);
- this.userInfoDao = userInfoDao;
- this.azureLoginConfiguration = azureLoginConfiguration;
- this.authorizationCodeService = authorizationCodeService;
- }
-
- /**
- * Authenticates user by given <code>credential</code>
- *
- * @param credential contains username and password
- * @param request http request
- * @return authentication result in {@link Response}
- */
- @Path(SecurityAPI.LOGIN)
- @POST
- public Response login(UserCredentialDTO credential, @Context HttpServletRequest request) {
-
- log.info("Basic authentication {}", credential);
-
- try {
- return Response.ok(authorizationCodeService.authenticateAndLogin(new UsernamePasswordSupplier
- (azureLoginConfiguration, credential))).build();
- } catch (AuthenticationException e) {
- log.error("Basic authentication failed", e);
- return handleUserCredentialsLogin(e);
- }
- }
-
- /**
- * Returns user info that is mapped with <code>accessToken</code>
- *
- * @param accessToken input access token
- * @param request http request
- * @return user info
- */
- @Override
- @Path(SecurityAPI.GET_USER_INFO)
- @POST
- public UserInfo getUserInfo(String accessToken, @Context HttpServletRequest request) {
- String remoteIp = request.getRemoteAddr();
-
- final Optional<UserInfo> ui = userInfoDao.getUserInfoByAccessToken(accessToken);
-
- if (ui.isPresent()) {
- userInfoDao.updateUserInfoTTL(accessToken, ui.get().withToken(accessToken));
- log.debug("restored UserInfo from DB {}", ui);
- }
-
- log.debug("Authorized {} {} {}", accessToken, ui, remoteIp);
- return ui.get().withToken(accessToken);
- }
-
- /**
- * Logs out user by input <code>accessToken</code>
- *
- * @param accessToken input access yoken
- * @return result of the operation
- */
- @Override
- @Path(SecurityAPI.LOGOUT)
- @POST
- public Response logout(String accessToken) {
- userInfoDao.deleteUserInfo(accessToken);
- log.info("Logged out user {}", accessToken);
- return Response.ok().build();
- }
-
- /**
- * Using OAuth2 authorization code grant approach authenticates user by given authorization code in
- * <code>response</code>
- *
- * @param response contains username and passwrd
- * @return authentication result in {@link Response}
- */
- @Path(SecurityAPI.LOGIN_OAUTH)
- @POST
- public Response authenticateOAuth(AuthorizationCodeFlowResponse response) {
-
- log.info("Try to login using authorization code {}", response);
-
- try {
- return Response.ok(authorizationCodeService.authenticateAndLogin(new AuthorizationCodeSupplier
- (azureLoginConfiguration, response))).build();
- } catch (AuthenticationException e) {
- log.error("OAuth authentication failed", e);
- final Response.Status unauthorized = Response.Status.UNAUTHORIZED;
- return Response.status(unauthorized)
- .entity(new ErrorDTO(unauthorized.getStatusCode(), "Username or password is invalid")).build();
- }
- }
-
- private Response handleUserCredentialsLogin(AuthenticationException e) {
- String message = e.getMessage();
-
- log.info("Try to handle exception with message {}", message);
-
- String invalidGrantError = "invalid_grant";
- String errorCode = "AADSTS65001";
- String errorDescriptionKey = "error_description";
-
- if (StringUtils.isNotEmpty(message)) {
- try {
- Map<String, String> errors = objectMapper
- .readValue(message,
- new TypeReference<HashMap<String, String>>() {
- });
- if (errors != null
- && invalidGrantError.equalsIgnoreCase(errors.get("error"))
- && StringUtils.isNotEmpty(errors.get(errorDescriptionKey))
- && errors.get(errorDescriptionKey).startsWith(errorCode)) {
-
- return Response.status(Response.Status.FORBIDDEN)
- .header("Location", URI.create(azureLoginConfiguration.getRedirectUrl()
- + "api" + SecurityAPI.INIT_LOGIN_OAUTH_AZURE)).build();
- }
- } catch (IOException ioException) {
- log.warn("Cannot handle authentication exception", ioException);
- }
- }
- final Response.Status unauthorized = Response.Status.UNAUTHORIZED;
- return Response.status(unauthorized)
- .entity(new ErrorDTO(unauthorized.getStatusCode(), "Username or password is invalid")).build();
- }
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLocalAuthResponse.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLocalAuthResponse.java
deleted file mode 100644
index 2616d57..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLocalAuthResponse.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import lombok.NoArgsConstructor;
-
-@Data
-@AllArgsConstructor
-@NoArgsConstructor
-@JsonIgnoreProperties(ignoreUnknown = true)
-@JsonInclude(JsonInclude.Include.NON_EMPTY)
-public class AzureLocalAuthResponse {
- @JsonProperty("access_token")
- private String authenticationToken;
- @JsonProperty("username")
- private String userName;
- @JsonProperty("error_message")
- private String errorMessage;
-
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLoginUrlBuilder.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLoginUrlBuilder.java
deleted file mode 100644
index 52f701b..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureLoginUrlBuilder.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.google.inject.Singleton;
-import lombok.extern.slf4j.Slf4j;
-
-import javax.xml.bind.DataBindingException;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-
-/**
- * Builds login url for authentication through Azure Active Directory using OAuth2 protocol
- */
-@Slf4j
-@Singleton
-public class AzureLoginUrlBuilder {
- private AzureLoginConfiguration azureLoginConfiguration;
-
- public AzureLoginUrlBuilder(AzureLoginConfiguration azureLoginConfiguration) {
- this.azureLoginConfiguration = azureLoginConfiguration;
- }
-
- String buildLoginUrl() {
- return azureLoginConfiguration.getLoginPage();
- }
-
- String buildLoginUrl(String state) {
- return buildLoginUrl(state, azureLoginConfiguration.getPrompt());
- }
-
- String buildSilentLoginUrl(String state) {
- log.info("Silent login is {}", azureLoginConfiguration.isSilent());
-
- if (azureLoginConfiguration.isSilent()) {
- return buildLoginUrl(state, "none");
- } else {
- return buildLoginUrl(state);
- }
- }
-
- private String buildLoginUrl(String state, String prompt) {
- try {
- return String.format("%s/%s/oauth2/authorize?client_id=%s&redirect_uri=%s&response_type=code&response_mode=%s&prompt=%s&state=%s",
- azureLoginConfiguration.getAuthority(),
- azureLoginConfiguration.getTenant(),
- azureLoginConfiguration.getClientId(),
- URLEncoder.encode(azureLoginConfiguration.getRedirectUrl(), "UTF-8"),
- azureLoginConfiguration.getResponseMode(),
- prompt,
- state);
- } catch (UnsupportedEncodingException e) {
- log.error("Cannot create login url", e);
- throw new DataBindingException("Cannot handle authorization info", e);
- }
- }
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureSecurityResource.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureSecurityResource.java
deleted file mode 100644
index 335da2d..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/AzureSecurityResource.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.azure.service.AzureAuthorizationCodeService;
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.dto.azure.auth.AuthorizationCodeFlowResponse;
-import com.epam.dlab.exceptions.DlabAuthenticationException;
-import com.epam.dlab.rest.dto.ErrorDTO;
-import com.google.common.cache.Cache;
-import com.google.common.cache.CacheBuilder;
-import com.google.inject.Inject;
-import lombok.extern.slf4j.Slf4j;
-
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-import java.net.URI;
-import java.util.UUID;
-import java.util.concurrent.TimeUnit;
-
-@Path("/user/azure")
-@Consumes(MediaType.APPLICATION_JSON)
-@Produces(MediaType.APPLICATION_JSON)
-@Slf4j
-public class AzureSecurityResource {
-
- private static final Object DUMMY = new Object();
- private final Cache<String, Object> cache = CacheBuilder.newBuilder().expireAfterWrite(4, TimeUnit.HOURS)
- .maximumSize(10000).build();
-
- @Inject
- private AzureAuthorizationCodeService authorizationCodeService;
-
- @Inject
- private AzureLoginUrlBuilder azureLoginUrlBuilder;
-
- @Inject
- private AzureLoginConfiguration azureLoginConfiguration;
-
- @GET
- @Path("/init")
- public Response login() {
-
- log.debug("Init oauth silent login flow");
- String uuid = UUID.randomUUID().toString();
- log.info("Register oauth state {}", uuid);
- cache.put(uuid, DUMMY);
-
- return Response.ok(azureLoginUrlBuilder.buildSilentLoginUrl(uuid)).build();
- }
-
- @POST
- @Path("/oauth")
- public Response login(AuthorizationCodeFlowResponse authorizationCodeFlowResponse) {
- log.info("Authenticate client {}", authorizationCodeFlowResponse);
- if (authorizationCodeFlowResponse.isSuccessful()) {
- log.debug("Successfully received auth code {}", authorizationCodeFlowResponse);
- if (cache.getIfPresent(authorizationCodeFlowResponse.getState()) != null) {
- return getAccessTokenResponse(authorizationCodeFlowResponse);
- } else {
- log.warn("Malformed authorization code is retrieved for state {}", authorizationCodeFlowResponse);
- }
- } else {
- log.info("Check if silent authentication {}", authorizationCodeFlowResponse);
- if (cache.getIfPresent(authorizationCodeFlowResponse.getState()) != null
- && ("login_required".equals(authorizationCodeFlowResponse.getError())
- || "interaction_required".equals(authorizationCodeFlowResponse.getError()))) {
-
- log.debug("Silent authentication detected {}", authorizationCodeFlowResponse);
- return Response.status(Response.Status.FORBIDDEN).header("Location", URI.create(
- azureLoginUrlBuilder.buildLoginUrl(authorizationCodeFlowResponse.getState()))).build();
- }
- }
-
- log.info("Try to log in one more time");
- cache.invalidate(authorizationCodeFlowResponse.getState());
- return Response.status(Response.Status.FORBIDDEN).header("Location", URI.create(
- azureLoginUrlBuilder.buildLoginUrl())).build();
- }
-
- private Response getAccessTokenResponse(AuthorizationCodeFlowResponse authorizationCodeFlowResponse) {
- log.debug("Retrieving token from {}", authorizationCodeFlowResponse);
- try {
- final AzureLocalAuthResponse response = authorizationCodeService
- .authenticateAndLogin(new AuthorizationCodeSupplier(azureLoginConfiguration,
- authorizationCodeFlowResponse));
- log.debug("Token retrieve response {}", response);
- return Response.ok(response).build();
- } catch (DlabAuthenticationException e) {
- log.error(e.getMessage());
- final Response.Status unauthorized = Response.Status.UNAUTHORIZED;
- return Response.status(unauthorized)
- .entity(new ErrorDTO(unauthorized.getStatusCode(), e.getMessage()))
- .build();
- }
- }
-}
-
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignment.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignment.java
deleted file mode 100644
index a11aff9..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignment.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import lombok.Data;
-
-@Data
-@JsonIgnoreProperties(ignoreUnknown = true)
-public class RoleAssignment {
- @JsonProperty
- private RoleAssignmentProperties properties;
- @JsonProperty
- private String id;
- @JsonProperty
- private String type;
- @JsonProperty
- private String name;
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentProperties.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentProperties.java
deleted file mode 100644
index b6e6331..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentProperties.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import lombok.Data;
-
-@Data
-@JsonIgnoreProperties(ignoreUnknown = true)
-public class RoleAssignmentProperties {
- @JsonProperty
- private String roleDefinitionId;
- @JsonProperty
- private String principalId;
- @JsonProperty
- private String scope;
- @JsonProperty
- private String createdOn;
- @JsonProperty
- private String updatedOn;
- @JsonProperty
- private String createdBy;
- @JsonProperty
- private String updatedBy;
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentResponse.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentResponse.java
deleted file mode 100644
index bf05172..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/RoleAssignmentResponse.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import lombok.Data;
-
-import java.util.List;
-
-@Data
-@JsonIgnoreProperties(ignoreUnknown = true)
-public class RoleAssignmentResponse {
- @JsonProperty
- private List<RoleAssignment> value;
- @JsonProperty
- private String nextLink;
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/UsernamePasswordSupplier.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/UsernamePasswordSupplier.java
deleted file mode 100644
index b80d4c0..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/UsernamePasswordSupplier.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure;
-
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-
-import java.util.concurrent.Future;
-
-class UsernamePasswordSupplier extends AuthorizationSupplier {
- private final UserCredentialDTO credentialDTO;
-
- UsernamePasswordSupplier(AzureLoginConfiguration azureLoginConfiguration,
- UserCredentialDTO credentialDTO) {
- super(azureLoginConfiguration);
- this.credentialDTO = credentialDTO;
- }
-
- public Future<AuthenticationResult> get(AuthenticationContext context, String resource) {
- return context
- .acquireToken(resource, azureLoginConfiguration.getClientId(), credentialDTO.getUsername(),
- credentialDTO.getPassword(), null);
- }
-}
\ No newline at end of file
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeService.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeService.java
deleted file mode 100644
index f8f2c32..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeService.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.azure.service;
-
-import com.epam.dlab.auth.azure.AuthorizationSupplier;
-import com.epam.dlab.auth.azure.AzureLocalAuthResponse;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-
-import javax.ws.rs.core.Response;
-
-public interface AzureAuthorizationCodeService {
-
- /**
- * Authenticates user that provided by <code>authorizationSupplier</code>
- *
- * @param authorizationSupplier contains user info that is used for authentication
- * @return response {@link Response} with proper status {@link Response.Status} that means result of
- * the user authentication.
- */
- AzureLocalAuthResponse authenticateAndLogin(AuthorizationSupplier authorizationSupplier);
-
- /**
- * Verifies if user has permissions to configured scope in configuration file
- *
- * @param authenticationResult result retrieved after authentication against Azure platform
- * @return <code>true</code> if user is allowed, <code>false</code> otherwise
- */
- boolean validatePermissions(AuthenticationResult authenticationResult);
-}
diff --git a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeServiceImpl.java b/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeServiceImpl.java
deleted file mode 100644
index 0c3a0b5..0000000
--- a/services/security-azure/src/main/java/com/epam/dlab/auth/azure/service/AzureAuthorizationCodeServiceImpl.java
+++ /dev/null
@@ -1,231 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package com.epam.dlab.auth.azure.service;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.azure.AuthorizationSupplier;
-import com.epam.dlab.auth.azure.AzureLocalAuthResponse;
-import com.epam.dlab.auth.azure.RoleAssignment;
-import com.epam.dlab.auth.azure.RoleAssignmentResponse;
-import com.epam.dlab.exceptions.DlabAuthenticationException;
-import com.epam.dlab.exceptions.DlabException;
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.inject.Inject;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-import com.microsoft.azure.AzureEnvironment;
-import com.microsoft.azure.credentials.ApplicationTokenCredentials;
-import lombok.extern.slf4j.Slf4j;
-
-import javax.ws.rs.ClientErrorException;
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.core.MediaType;
-import java.io.File;
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.stream.Collectors;
-
-import static com.epam.dlab.auth.rest.AbstractAuthenticationService.getRandomToken;
-
-@Slf4j
-public class AzureAuthorizationCodeServiceImpl implements AzureAuthorizationCodeService {
- @Inject
- private UserInfoDAO userInfoDao;
-
- private final String authority;
- private String clientId;
- private String tenantId;
- private String clientSecret;
- private final String permissionScope;
- private final boolean validatePermissionScope;
-
- public AzureAuthorizationCodeServiceImpl(String authority, String permissionScope, String managementApiAuthFile,
- boolean validatePermissionScope) throws IOException {
- this.authority = authority;
- this.permissionScope = permissionScope;
- this.validatePermissionScope = validatePermissionScope;
-
- if (validatePermissionScope) {
- Map<String, String> authenticationParameters = new ObjectMapper()
- .readValue(new File(managementApiAuthFile),
- new TypeReference<HashMap<String, String>>() {
- });
-
- this.clientId = authenticationParameters.get("clientId");
- this.tenantId = authenticationParameters.get("tenantId");
- this.clientSecret = authenticationParameters.get("clientSecret");
-
- if (clientId == null || tenantId == null || clientSecret == null) {
- throw new DlabException("Authentication information not configured to use Management API");
- }
- }
- }
-
- @Override
- public AzureLocalAuthResponse authenticateAndLogin(AuthorizationSupplier authorizationSupplier) {
- AuthenticationResult authenticationResult = authenticate(authorizationSupplier,
- AzureEnvironment.AZURE.dataLakeEndpointResourceId());
-
- if (validatePermissions(authenticationResult)) {
-
- UserInfo userInfo = prepareUserInfo(authenticationResult);
- userInfoDao.saveUserInfo(userInfo);
-
- return new AzureLocalAuthResponse(userInfo.getAccessToken(),
- userInfo.getName(), null);
- }
- throw new DlabAuthenticationException("You do not have proper permissions to use DLab. Please contact your " +
- "administrator");
- }
-
- @Override
- public boolean validatePermissions(AuthenticationResult authenticationResult) {
- if (!validatePermissionScope) {
- log.info("Verification of user permissions is disabled");
- return true;
- }
-
- Client client = null;
- RoleAssignmentResponse roleAssignmentResponse;
- try {
- client = ClientBuilder.newClient();
-
- roleAssignmentResponse = client
- .target(AzureEnvironment.AZURE.resourceManagerEndpoint()
- + permissionScope + "roleAssignments")
- .queryParam("api-version", "2015-07-01")
- .queryParam("$filter", String.format("assignedTo('%s')",
- authenticationResult.getUserInfo().getUniqueId()))
- .request(MediaType.APPLICATION_JSON_TYPE)
- .header("Authorization", String.format("Bearer %s", getManagementApiToken()))
- .get(RoleAssignmentResponse.class);
-
- } catch (ClientErrorException e) {
- log.error("Cannot validate permissions due to {}", (e.getResponse() != null && e.getResponse().hasEntity())
- ? e.getResponse().readEntity(String.class) : "");
- log.error("Error during permission validation", e);
- throw e;
- } catch (RuntimeException e) {
- log.error("Cannot validate permissions due to", e);
- throw e;
- } finally {
- if (client != null) {
- client.close();
- }
- }
-
- return checkRoles(roleAssignmentResponse, authenticationResult);
- }
-
- private String getManagementApiToken() {
- try {
-
- log.info("Requesting authentication token ... ");
-
- ApplicationTokenCredentials applicationTokenCredentials = new ApplicationTokenCredentials(
- clientId, tenantId, clientSecret,
- AzureEnvironment.AZURE);
-
- return applicationTokenCredentials.getToken(AzureEnvironment.AZURE.resourceManagerEndpoint());
- } catch (IOException e) {
- log.error("Cannot retrieve authentication token due to", e);
- throw new DlabException("Cannot retrieve authentication token", e);
- }
- }
-
-
- private AuthenticationResult authenticate(AuthorizationSupplier authorizationSupplier, String resource) {
- AuthenticationResult result;
- ExecutorService executorService = Executors.newFixedThreadPool(1);
-
- try {
-
- AuthenticationContext context = new AuthenticationContext(authority, true, executorService);
- Future<AuthenticationResult> future = authorizationSupplier.get(context, resource);
-
- result = future.get();
-
- } catch (MalformedURLException | InterruptedException e) {
- log.error("Authentication to {} is failed", resource, e);
- throw new DlabException(String.format("Cannot get token to %s", resource), e);
-
- } catch (ExecutionException e) {
- if (e.getCause() instanceof RuntimeException) {
- throw (RuntimeException) e.getCause();
- }
-
- throw new DlabException(String.format("Cannot get token to %s", resource), e);
-
- } finally {
- executorService.shutdown();
- }
-
- if (result == null) {
- throw new DlabException("Authentication result was null");
- }
-
- return result;
- }
-
- private UserInfo prepareUserInfo(AuthenticationResult authenticationResult) {
- com.microsoft.aad.adal4j.UserInfo ui = authenticationResult.getUserInfo();
- log.info("Extracted user info display id {}, {} {}", ui.getDisplayableId(), ui.getGivenName(),
- ui.getFamilyName());
-
- if (ui.getDisplayableId() != null && !ui.getDisplayableId().isEmpty()) {
- UserInfo userInfo = new UserInfo(ui.getDisplayableId(), getRandomToken());
- userInfo.setFirstName(ui.getGivenName());
- userInfo.setLastName(ui.getFamilyName());
- userInfo.getKeys().put("refresh_token", authenticationResult.getRefreshToken());
- userInfo.getKeys().put("created_date_of_refresh_token", Long.toString(System.currentTimeMillis()));
- return userInfo;
- }
-
- throw new DlabException("Cannot verify user identity");
- }
-
- private boolean checkRoles(RoleAssignmentResponse response, AuthenticationResult authenticationResult) {
-
- List<RoleAssignment> roles = (response != null) ? response.getValue() : null;
- if (roles != null && !roles.isEmpty()) {
- log.info("User {} has {} roles in configured scope for security",
- authenticationResult.getUserInfo().getDisplayableId(), roles.size());
-
- log.debug("User's({}) roles are {}", authenticationResult.getUserInfo().getDisplayableId(),
- roles.stream().map(RoleAssignment::getName).collect(Collectors.toList()));
- return true;
-
- } else {
- log.info("User {} does not have any roles in configured scope for security",
- authenticationResult.getUserInfo().getDisplayableId());
-
- throw new DlabException("User does not have any roles in pre-configured security scope for DLab");
- }
- }
-}
diff --git a/services/security-gcp/pom.xml b/services/security-gcp/pom.xml
deleted file mode 100644
index d6d0d6a..0000000
--- a/services/security-gcp/pom.xml
+++ /dev/null
@@ -1,66 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ~ Licensed to the Apache Software Foundation (ASF) under one
- ~ or more contributor license agreements. See the NOTICE file
- ~ distributed with this work for additional information
- ~ regarding copyright ownership. The ASF licenses this file
- ~ to you under the Apache License, Version 2.0 (the
- ~ "License"); you may not use this file except in compliance
- ~ with the License. You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing,
- ~ software distributed under the License is distributed on an
- ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- ~ KIND, either express or implied. See the License for the
- ~ specific language governing permissions and limitations
- ~ under the License.
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>dlab</artifactId>
- <groupId>com.epam.dlab</groupId>
- <version>1.0</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>security-gcp</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>common</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
-
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-model</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
-
- <dependency>
- <groupId>com.google.api-client</groupId>
- <artifactId>google-api-client-java6</artifactId>
- <version>1.23.0</version>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-webapp-common</artifactId>
- <version>${project.parent.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>com.google.apis</groupId>
- <artifactId>google-api-services-plus</artifactId>
- <version>v1-rev540-1.23.0</version>
- </dependency>
- </dependencies>
-
-
-</project>
\ No newline at end of file
diff --git a/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/resources/GcpOauth2SecurityResource.java b/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/resources/GcpOauth2SecurityResource.java
deleted file mode 100644
index 5758a3f..0000000
--- a/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/resources/GcpOauth2SecurityResource.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.gcp.resources;
-
-
-import com.epam.dlab.auth.contract.SecurityAPI;
-import com.epam.dlab.auth.oauth2.Oauth2AuthenticationService;
-import com.epam.dlab.dto.gcp.auth.GcpOauth2AuthorizationCodeResponse;
-import com.epam.dlab.exceptions.DlabAuthenticationException;
-import com.google.inject.Inject;
-
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.core.Response;
-
-import static java.util.Objects.nonNull;
-
-@Path("/")
-public class GcpOauth2SecurityResource {
-
- @Inject
- private Oauth2AuthenticationService authenticationService;
-
- @GET
- @Path(SecurityAPI.INIT_LOGIN_OAUTH_GCP)
- public Response redirectedUrl() {
- return Response.ok(authenticationService.getRedirectedUrl()).build();
- }
-
- @POST
- @Path(SecurityAPI.LOGIN_OAUTH)
- public Response oauthLogin(GcpOauth2AuthorizationCodeResponse codeResponse) {
- if (nonNull(codeResponse.getErrorMessage())) {
- throw new DlabAuthenticationException(codeResponse.getErrorMessage());
- }
- return Response.ok(authenticationService.authorize(codeResponse.getCode(), codeResponse.getState())).build();
- }
-}
diff --git a/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/service/GcpAuthenticationService.java b/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/service/GcpAuthenticationService.java
deleted file mode 100644
index 3f70ce9..0000000
--- a/services/security-gcp/src/main/java/com/epam/dlab/auth/gcp/service/GcpAuthenticationService.java
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.gcp.service;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.conf.GcpLoginConfiguration;
-import com.epam.dlab.auth.oauth2.Oauth2AuthenticationService;
-import com.epam.dlab.exceptions.DlabAuthenticationException;
-import com.epam.dlab.exceptions.DlabException;
-import com.google.api.client.auth.oauth2.AuthorizationCodeFlow;
-import com.google.api.client.auth.oauth2.TokenResponse;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.json.jackson2.JacksonFactory;
-import com.google.api.services.plus.Plus;
-import com.google.api.services.plus.model.Person;
-import com.google.common.cache.Cache;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import lombok.extern.slf4j.Slf4j;
-
-import java.io.IOException;
-import java.util.Objects;
-import java.util.UUID;
-
-@Singleton
-@Slf4j
-public class GcpAuthenticationService implements Oauth2AuthenticationService {
-
- private static final Object DUMMY = new Object();
- @Inject
- private AuthorizationCodeFlow codeFlow;
- @Inject
- private GcpLoginConfiguration configuration;
- @Inject
- private Cache<String, Object> cache;
- @Inject
- private UserInfoDAO userInfoDAO;
- @Inject
- private HttpTransport httpTransport;
- @Inject
- private JacksonFactory jacksonFactory;
-
- @Override
- public String getRedirectedUrl() {
- String uuid = UUID.randomUUID().toString();
- log.trace("Registered oauth state {}", uuid);
- cache.put(uuid, DUMMY);
- return codeFlow.newAuthorizationUrl()
- .setState(uuid)
- .setRedirectUri(configuration.getRedirectedUri()).build();
- }
-
- @Override
- public String authorize(String code, String state) {
- if (Objects.nonNull(cache.getIfPresent(state))) {
- final UserInfo userInfo = getUserInfo(code);
- userInfoDAO.saveUserInfo(userInfo);
- log.trace("Removing oauth state {}", state);
- cache.invalidate(state);
- log.debug("Successfully login user {} using oauth2", userInfo.getName());
- return userInfo.getAccessToken();
- }
- log.error("There is no state {} present in cache", state);
- throw new DlabAuthenticationException("You do not have proper permissions to use DLab. Please contact your " +
- "administrator");
- }
-
- private UserInfo getUserInfo(String code) {
- try {
- final TokenResponse tokenResponse = codeFlow.newTokenRequest(code)
- .setRedirectUri(configuration.getRedirectedUri())
- .execute();
- Plus plus = new Plus.
- Builder(httpTransport, jacksonFactory, codeFlow.createAndStoreCredential(tokenResponse, null))
- .setApplicationName(configuration.getApplicationName())
- .build();
- return toUserInfo(plus.people().get("me").execute());
- } catch (IOException e) {
- log.error("Exception occurred during google oauth2 authentication: {}", e.getMessage());
- throw new DlabException("Exception occurred during google oauth2 authentication: " + e.getMessage());
- }
- }
-
- private UserInfo toUserInfo(Person googleUser) {
- log.trace("Creating user from google user: {}", googleUser.getDisplayName());
- final UserInfo userInfo = new UserInfo(googleUser.getDisplayName(), UUID.randomUUID().toString());
- final Person.Name name = googleUser.getName();
- userInfo.setFirstName(name.getGivenName());
- userInfo.setLastName(name.getFamilyName());
- return userInfo;
- }
-}
diff --git a/services/security-service/pom.xml b/services/security-service/pom.xml
deleted file mode 100644
index 264b60c..0000000
--- a/services/security-service/pom.xml
+++ /dev/null
@@ -1,183 +0,0 @@
-<!--
- ~ Licensed to the Apache Software Foundation (ASF) under one
- ~ or more contributor license agreements. See the NOTICE file
- ~ distributed with this work for additional information
- ~ regarding copyright ownership. The ASF licenses this file
- ~ to you under the Apache License, Version 2.0 (the
- ~ "License"); you may not use this file except in compliance
- ~ with the License. You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing,
- ~ software distributed under the License is distributed on an
- ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- ~ KIND, either express or implied. See the License for the
- ~ specific language governing permissions and limitations
- ~ under the License.
- -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab</artifactId>
- <version>1.0</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <profiles>
- <profile>
- <id>aws</id>
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-aws</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
- </profile>
- <profile>
- <id>azure</id>
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-azure</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
- </profile>
- <profile>
- <id>gcp</id>
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-gcp</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
- </profile>
- </profiles>
-
- <artifactId>security-service</artifactId>
-
- <properties>
- <org.apache.directory.api.version>1.0.0-RC1</org.apache.directory.api.version>
- <jython-standalone.version>2.7.0</jython-standalone.version>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>common</artifactId>
- </dependency>
- <dependency>
- <groupId>de.thomaskrille</groupId>
- <artifactId>dropwizard-template-config</artifactId>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-webapp-common</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-aws</artifactId>
- <version>${project.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-azure</artifactId>
- <version>${project.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>security-gcp</artifactId>
- <version>${project.version}</version>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-all</artifactId>
- <version>${org.apache.directory.api.version}</version>
- </dependency>
- <dependency>
- <groupId>org.python</groupId>
- <artifactId>jython-standalone</artifactId>
- <version>${jython-standalone.version}</version>
- </dependency>
- <dependency>
- <groupId>org.mongodb</groupId>
- <artifactId>mongo-java-driver</artifactId>
- <version>${org.mongodb.version}</version>
- </dependency>
- <dependency>
- <groupId>com.aegisql</groupId>
- <artifactId>conveyor</artifactId>
- <version>${com.aegisql.conveyor.version}</version>
- </dependency>
- <dependency>
- <groupId>com.epam.dlab</groupId>
- <artifactId>dlab-utils</artifactId>
- <version>${project.parent.version}</version>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-core</artifactId>
- <version>${org.mockito.version}</version>
- <scope>test</scope>
- </dependency>
- </dependencies>
-
- <build>
- <plugins>
- <plugin>
- <artifactId>maven-shade-plugin</artifactId>
- <version>${maven-shade-plugin.version}</version>
- <executions>
- <execution>
- <phase>package</phase>
- <goals>
- <goal>shade</goal>
- </goals>
- <configuration>
- <filters>
- <filter>
- <artifact>com.microsoft*:*</artifact>
- <excludes>
- <exclude>META-INF/*.SF</exclude>
- <exclude>META-INF/*.DSA</exclude>
- <exclude>META-INF/*.RSA</exclude>
- </excludes>
- </filter>
- </filters>
- <createDependencyReducedPom>false</createDependencyReducedPom>
- <transformers>
- <transformer
- implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
- <transformer
- implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
- <mainClass>com.epam.dlab.auth.SecurityServiceApplication</mainClass>
- <manifestEntries>
- <Created-By><EPAM> Systems</Created-By>
- <Name>com/epam/dlab</Name>
- <Implementation-Title>DLab Security Service</Implementation-Title>
- <Implementation-Version>${dlab.version}</Implementation-Version>
- <Implementation-Vendor><EPAM> Systems</Implementation-Vendor>
- <Build-Time>${maven.build.timestamp}</Build-Time>
- <Build-OS>${os.name}</Build-OS>
- <GIT-Branch>${scmBranch}</GIT-Branch>
- <GIT-Commit>${buildNumber}</GIT-Commit>
- </manifestEntries>
- </transformer>
- </transformers>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
-</project>
\ No newline at end of file
diff --git a/services/security-service/security.yml b/services/security-service/security.yml
deleted file mode 100644
index 54dcb4d..0000000
--- a/services/security-service/security.yml
+++ /dev/null
@@ -1,150 +0,0 @@
-# *****************************************************************************
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-# ******************************************************************************
-
-<#include "ssn.yml">
-
-ldapUseConnectionPool: false
-ldapConnectionConfig:
-# ldapHost: localhost
- ldapHost: LDAP_HOST
-# ldapPort: 3890
- ldapPort: 389
- name: LDAP_USER,LDAP_DN
- credentials: LDAP_PASS
-useLdapBindTemplate: true
-ldapBindTemplate: uid=%s,LDAP_OU,LDAP_DN
-ldapBindAttribute: uid
-ldapSearchAttribute: uid
-ldapGroupAttribute: memberUid
-ldapGroupNameAttribute: cn
-ldapGroupUserAttribute: uid
-ldapSearchRequest:
- expirationTimeMsec: 600000
- scope: SUBTREE
- attributes:
- - cn
- - mail
- - uid
- - gidNumber
- timeLimit: 0
- base: LDAP_DN
- filter: "(&(objectClass=inetOrgPerson)(uid=$LDAP_SEARCH_ATTRIBUTE))"
-ldapGroupSearchRequest:
- expirationTimeMsec: 600000
- scope: SUBTREE
- attributes:
- - cn
- - memberUid
- timeLimit: 0
- base: LDAP_DN
- filter: "(&(objectClass=posixGroup))"
-server:
- requestLog:
- appenders:
- - type: file
- currentLogFilename: ${LOG_ROOT_DIR}/ssn/request-security.log
- archive: true
- archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/request-security-%d{yyyy-MM-dd}.log.gz
- archivedFileCount: 10
- applicationConnectors:
- - type: https
- port: 8090
- certAlias: dlab
- validateCerts: true
- keyStorePath: ${KEY_STORE_PATH}
- keyStorePassword: ${KEY_STORE_PASSWORD}
- trustStorePath: ${TRUST_STORE_PATH}
- trustStorePassword: ${TRUST_STORE_PASSWORD}
- adminConnectors:
- - type: https
- port: 8091
- certAlias: dlab
- validateCerts: true
- keyStorePath: ${KEY_STORE_PATH}
- keyStorePassword: ${KEY_STORE_PASSWORD}
- trustStorePath: ${TRUST_STORE_PATH}
- trustStorePassword: ${TRUST_STORE_PASSWORD}
-
-userInfoPersistenceEnabled: true
-
-<#if CLOUD_TYPE == "aws">
-awsUserIdentificationEnabled: true
-loginAuthenticationTimeout: 10
-<#elseif CLOUD_TYPE == "azure">
-loginAuthenticationTimeout: 20
-
-# Azure login configuration
-azureLoginConfiguration:
- # defines of LDAP server is used as authentication point, if false Azure OAuth authentication should be configured
- useLdap: <LOGIN_USE_LDAP>
- # Tenant id in Azure
- tenant: <LOGIN_TENANT_ID>
- # Authority url
- authority: https://login.microsoftonline.com/
- # Id of the application that logs in users
- clientId: <LOGIN_APPLICATION_ID>
- # Redirect url for OAuth2 Authorization code flow
- redirectUrl: https://<LOGIN_APPLICATION_REDIRECT_URL>/
- # defines if DLab checks user permission to the configured permissionScope(true|false).
- # If user does not have permissions(no Role assigned in permissionScope) he/she will not be logged in DLab
- validatePermissionScope: <VALIDATE_PERMISSION_SCOPE>
- # Scope for validation user permissions if validatePermissionScope: true
- permissionScope: <PERMISSION_SCOPE>
- # Authentication file that used for validation user permissions(query Microsoft API)
- managementApiAuthFile: <MANAGEMENT_API_AUTH_FILE>
- # defines how authorization code is sent to DLab
- responseMode: query
- # Type of consent that requires interaction with user(consent,login are allowed)
- prompt: consent
- # Defines if try to log in user silently without user interaction (with "none" prompt). if false start with configured prompt
- silent: true
- # login page of DLab
- loginPage: https://<LOGIN_PAGE>/
-
-<#elseif CLOUD_TYPE == "gcp">
-
-# GCP oauth2 login configuration
-gcpLoginConfiguration:
- oauth2authenticationEnabled: false
- clientId: <GCP_CLIENT_ID>
- clientSecret: <GCP_CLIENT_SECRET>
- redirectedUri: https://<GCP_REDIRECTED_URL>
- userStateCacheExpirationTime: 1
- userStateCacheSize: 1000
- applicationName: DLAB-webapp
-</#if>
-
-
-logging:
- level: INFO
- loggers:
- io.dropwizard: INFO
- com.epam: DEBUG
- com.aegisql: INFO
- appenders:
-#<#if DEV_MODE == "true">
- - type: console
-#</#if>
- - type: file
- currentLogFilename: ${LOG_ROOT_DIR}/ssn/security.log
- archive: true
- archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/security-%d{yyyy-MM-dd}.log.gz
- archivedFileCount: 10
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceApplication.java b/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceApplication.java
deleted file mode 100644
index b7ef304..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceApplication.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth;
-
-import com.epam.dlab.auth.modules.ModuleFactory;
-import com.epam.dlab.auth.modules.SecurityServiceModule;
-import com.epam.dlab.cloud.CloudModule;
-import com.epam.dlab.rest.mappers.AuthenticationExceptionMapper;
-import com.epam.dlab.util.ServiceUtils;
-import com.google.inject.Guice;
-import com.google.inject.Injector;
-import de.thomaskrille.dropwizard_template_config.TemplateConfigBundle;
-import de.thomaskrille.dropwizard_template_config.TemplateConfigBundleConfiguration;
-import io.dropwizard.Application;
-import io.dropwizard.setup.Bootstrap;
-import io.dropwizard.setup.Environment;
-import lombok.extern.slf4j.Slf4j;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@Slf4j
-public class SecurityServiceApplication extends Application<SecurityServiceConfiguration> {
-
- private static final Logger LOG = LoggerFactory.getLogger(SecurityServiceApplication.class);
-
- public static void main(String[] args) throws Exception {
- if (ServiceUtils.printAppVersion(SecurityServiceApplication.class, args)) {
- return;
- }
- LOG.debug("Starting Security Service Application with params: {}", String.join(",", args));
- new SecurityServiceApplication().run(args);
- }
-
- @Override
- public void initialize(Bootstrap<SecurityServiceConfiguration> bootstrap) {
- bootstrap.addBundle(new TemplateConfigBundle(
- new TemplateConfigBundleConfiguration().fileIncludePath(ServiceUtils.getConfPath())
- ));
- }
-
- @Override
- public void run(SecurityServiceConfiguration conf, Environment env) {
- CloudModule cloudModule = ModuleFactory.getCloudProviderModule(conf);
- Injector injector = Guice.createInjector(new SecurityServiceModule(conf, env), cloudModule);
- env.jersey().register(new AuthenticationExceptionMapper());
- cloudModule.init(env, injector);
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceConfiguration.java b/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceConfiguration.java
deleted file mode 100644
index ac682ec..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/SecurityServiceConfiguration.java
+++ /dev/null
@@ -1,146 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-
-package com.epam.dlab.auth;
-
-import com.epam.dlab.ServiceConfiguration;
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.auth.conf.GcpLoginConfiguration;
-import com.epam.dlab.auth.dao.Request;
-import com.fasterxml.jackson.annotation.JsonProperty;
-import org.apache.directory.ldap.client.api.LdapConnectionConfig;
-
-import javax.validation.constraints.Min;
-import java.util.HashMap;
-import java.util.Map;
-
-public class SecurityServiceConfiguration extends ServiceConfiguration {
- @JsonProperty
- private boolean userInfoPersistenceEnabled = false;
- @JsonProperty
- private boolean awsUserIdentificationEnabled = false;
- @JsonProperty
- private boolean ldapUseConnectionPool = false;
- @JsonProperty
- @Min(5)
- private int loginAuthenticationTimeout = 10;
- @JsonProperty
- private String ldapBindTemplate;
- @JsonProperty
- private String ldapBindAttribute;
- @JsonProperty
- private String ldapSearchAttribute;
- @JsonProperty
- private boolean useLdapBindTemplate;
- @JsonProperty
- private Map<String, String> ldapConnectionConfig = new HashMap<>();
- @JsonProperty
- private AzureLoginConfiguration azureLoginConfiguration;
- @JsonProperty
- private GcpLoginConfiguration gcpLoginConfiguration;
-
- private LdapConnectionConfig ldapConfiguration;
-
- private String ldapGroupAttribute;
- private String ldapGroupNameAttribute;
- private String ldapGroupUserAttribute;
-
- @JsonProperty
- private Request ldapSearchRequest;
-
- @JsonProperty
- private Request ldapGroupSearchRequest;
-
- public SecurityServiceConfiguration() {
- super();
- }
-
- public String getLdapGroupUserAttribute() {
- return ldapGroupUserAttribute;
- }
-
- public String getLdapGroupAttribute() {
- return ldapGroupAttribute;
- }
-
- public String getLdapGroupNameAttribute() {
- return ldapGroupNameAttribute;
- }
-
- public Request getLdapGroupSearchRequest() {
- return ldapGroupSearchRequest;
- }
-
- public boolean isUserInfoPersistenceEnabled() {
- return userInfoPersistenceEnabled;
- }
-
- public LdapConnectionConfig getLdapConnectionConfig() {
- if (ldapConfiguration == null) {
- ldapConfiguration = new LdapConnectionConfig();
- ldapConfiguration.setLdapHost(ldapConnectionConfig.get("ldapHost"));
- ldapConfiguration.setLdapPort(Integer.parseInt(ldapConnectionConfig.get("ldapPort")));
- ldapConfiguration.setName(ldapConnectionConfig.get("name"));
- ldapConfiguration.setCredentials(ldapConnectionConfig.get("credentials"));
- }
- return ldapConfiguration;
-
- }
-
- public String getLdapBindTemplate() {
- return ldapBindTemplate;
- }
-
- public String getLdapBindAttribute() {
- return ldapBindAttribute;
- }
-
- public String getLdapSearchAttribute() {
- return ldapSearchAttribute;
- }
-
- public boolean isAwsUserIdentificationEnabled() {
- return awsUserIdentificationEnabled;
- }
-
- public int getLoginAuthenticationTimeout() {
- return loginAuthenticationTimeout;
- }
-
- public boolean isLdapUseConnectionPool() {
- return ldapUseConnectionPool;
- }
-
- public AzureLoginConfiguration getAzureLoginConfiguration() {
- return azureLoginConfiguration;
- }
-
- public boolean isUseLdapBindTemplate() {
- return useLdapBindTemplate;
- }
-
- public GcpLoginConfiguration getGcpLoginConfiguration() {
- return gcpLoginConfiguration;
- }
-
- public Request getLdapSearchRequest() {
- return ldapSearchRequest;
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnection.java b/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnection.java
deleted file mode 100644
index 8b65939..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnection.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.core;
-
-import com.epam.dlab.exceptions.DlabException;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.directory.ldap.client.api.LdapConnection;
-
-import java.io.Closeable;
-
-@Slf4j
-public abstract class DlabLdapConnection implements Closeable {
-
- abstract LdapConnection getConnection() throws Exception;
-
- public LdapConnection getBoundConnection() throws Exception {
- final LdapConnection connection = getConnection();
- if (!connection.connect()) {
- log.error("Cannot establish a connection to LDAP server");
- throw new DlabException("Login user failed. LDAP server is not available");
- }
- connection.bind();
- return connection;
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnectionFactory.java b/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnectionFactory.java
deleted file mode 100644
index 6b9cd3f..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/core/DlabLdapConnectionFactory.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.core;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import org.apache.directory.ldap.client.api.LdapConnectionConfig;
-import org.apache.directory.ldap.client.api.LdapConnectionPool;
-import org.apache.directory.ldap.client.api.LdapNetworkConnection;
-import org.apache.directory.ldap.client.api.ValidatingPoolableLdapConnectionFactory;
-
-@Singleton
-public class DlabLdapConnectionFactory {
-
-
- private final LdapConnectionConfig connConfig;
- private final LdapConnectionPool connectionPool;
- private final boolean usePool;
-
- @Inject
- public DlabLdapConnectionFactory(SecurityServiceConfiguration configuration) {
- this.connConfig = configuration.getLdapConnectionConfig();
- this.connectionPool = new LdapConnectionPool(new ValidatingPoolableLdapConnectionFactory(connConfig));
- this.usePool = configuration.isLdapUseConnectionPool();
- }
-
- public DlabLdapConnection newConnection() {
- return usePool ? new ReturnableConnection(connectionPool) :
- new SimpleConnection(new LdapNetworkConnection(connConfig));
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/core/ReturnableConnection.java b/services/security-service/src/main/java/com/epam/dlab/auth/core/ReturnableConnection.java
deleted file mode 100644
index 2a4aaca..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/core/ReturnableConnection.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.core;
-
-import org.apache.directory.api.ldap.model.exception.LdapException;
-import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.directory.ldap.client.api.LdapConnectionPool;
-
-import java.io.IOException;
-import java.util.Objects;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReentrantLock;
-
-public class ReturnableConnection extends DlabLdapConnection {
-
- private final LdapConnectionPool pool;
- private LdapConnection con;
- private final Lock lock = new ReentrantLock();
-
- public ReturnableConnection(LdapConnectionPool pool) {
- Objects.requireNonNull(pool);
- this.pool = pool;
- }
-
- @Override
- public LdapConnection getConnection() throws Exception {
- try {
- lock.lock(); //just protect from inproper use
- if (con == null) {
- con = pool.borrowObject();
- } else {
- throw new IllegalStateException("Cannot reuse connection. Create new ReturnableConnection");
- }
- } finally {
- lock.unlock();
- }
- return con;
- }
-
- @Override
- public void close() throws IOException {
- try {
- pool.releaseConnection(con);
- } catch (LdapException e) {
- throw new IOException("LDAP Release Connection error", e);
- }
-
- }
-
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/core/SimpleConnection.java b/services/security-service/src/main/java/com/epam/dlab/auth/core/SimpleConnection.java
deleted file mode 100644
index 7afc5d7..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/core/SimpleConnection.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.core;
-
-import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.directory.ldap.client.api.LdapNetworkConnection;
-
-import java.io.IOException;
-
-public class SimpleConnection extends DlabLdapConnection {
-
- private final LdapNetworkConnection connection;
-
- public SimpleConnection(LdapNetworkConnection connection) {
- this.connection = connection;
- }
-
- @Override
- public LdapConnection getConnection() {
- return this.connection;
- }
-
- @Override
- public void close() throws IOException {
- if (connection != null) {
- connection.close();
- }
-
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAO.java b/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAO.java
deleted file mode 100644
index fec9433..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAO.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.dao;
-
-import com.epam.dlab.auth.UserInfo;
-
-import java.util.Set;
-
-public interface LdapUserDAO {
- UserInfo getUserInfo(String username, String password);
-
- Set<String> getUserGroups(UserInfo userInfo);
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAOImpl.java b/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAOImpl.java
deleted file mode 100644
index 3304dc5..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/dao/LdapUserDAOImpl.java
+++ /dev/null
@@ -1,165 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.dao;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.core.DlabLdapConnection;
-import com.epam.dlab.auth.core.DlabLdapConnectionFactory;
-import com.epam.dlab.exceptions.DlabException;
-import com.google.inject.Inject;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.directory.api.ldap.model.cursor.SearchCursor;
-import org.apache.directory.api.ldap.model.entry.Attribute;
-import org.apache.directory.api.ldap.model.entry.Entry;
-import org.apache.directory.api.ldap.model.exception.LdapException;
-import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
-import org.apache.directory.api.ldap.model.message.SearchResultEntry;
-import org.apache.directory.api.ldap.model.message.SearchScope;
-import org.apache.directory.api.ldap.model.name.Dn;
-import org.apache.directory.ldap.client.api.LdapConnection;
-
-import java.math.BigDecimal;
-import java.util.List;
-import java.util.Optional;
-import java.util.Set;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-import java.util.stream.StreamSupport;
-
-@Slf4j
-public class LdapUserDAOImpl implements LdapUserDAO {
- private static final String LDAP_SEARCH_ATTRIBUTE = "$LDAP_SEARCH_ATTRIBUTE";
- private static final String COMMON_NAME_ATTRIBUTE = "cn";
- private final DlabLdapConnectionFactory connectionFactory;
- private final SecurityServiceConfiguration configuration;
-
- @Inject
- public LdapUserDAOImpl(DlabLdapConnectionFactory connectionFactory, SecurityServiceConfiguration configuration) {
- this.connectionFactory = connectionFactory;
- this.configuration = configuration;
- }
-
- @Override
- public UserInfo getUserInfo(String username, String password) {
-
- try (DlabLdapConnection connection = connectionFactory.newConnection()) {
- return getUserInfo(username, password, connection.getBoundConnection());
- } catch (Exception e) {
- log.error("Can not get user info for user {} due to: {}", username, e.getMessage());
- throw new DlabException("Can not get user info due to: " + e.getMessage(), e);
- }
- }
-
- @Override
- public Set<String> getUserGroups(UserInfo userInfo) {
- final String groupUserAttribute = userInfo.getKeys().get(configuration.getLdapGroupUserAttribute());
- try (DlabLdapConnection connection = connectionFactory.newConnection()) {
- final LdapConnection ldapConnection = connection.getBoundConnection();
- try (SearchCursor result = ldapConnection.search(getGroupSearchRequest())) {
- return StreamSupport.stream(result.spliterator(), false)
- .filter(r -> r instanceof SearchResultEntry)
- .map(r -> ((SearchResultEntry) r).getEntry())
- .flatMap(e -> groupStream(groupUserAttribute, e)).collect(Collectors.toSet());
- }
- } catch (Exception e) {
- log.error("Can not get user groups for user {} due to: {}", userInfo.getName(), e.getMessage());
- throw new DlabException("Can not get user groups due to: " + e.getMessage());
- }
- }
-
- private Stream<? extends String> groupStream(String groupUserAttribute, Entry e) {
- final Attribute groupAttribute = e.get(configuration.getLdapGroupAttribute());
- return StreamSupport.stream(groupAttribute.spliterator(), false)
- .anyMatch(v -> v.toString().equals(groupUserAttribute)) ?
- Stream.of(e.get(configuration.getLdapGroupNameAttribute()).get().toString()) :
- Stream.empty();
- }
-
- private UserInfo getUserInfo(String username, String password, LdapConnection ldapConnection) throws Exception {
- try (SearchCursor result = ldapConnection.search(getUserSearchRequest(username))) {
- return StreamSupport.stream(result.spliterator(), false)
- .filter(r -> r instanceof SearchResultEntry)
- .map(r -> ((SearchResultEntry) r).getEntry())
- .map(e -> toUserInfo(e, username))
- .peek(u -> bind(ldapConnection, u, password))
- .findAny()
- .orElseThrow(() -> new DlabException("User " + username + " not found"));
- }
- }
-
- private void bind(LdapConnection ldapConnection, UserInfo u, String password) {
- if (configuration.isUseLdapBindTemplate()) {
- final String bindTemplate = configuration.getLdapBindTemplate();
- final String ldapBindAttrName = configuration.getLdapBindAttribute();
- final String bindAttrValue = Optional.ofNullable(u.getKeys().get(ldapBindAttrName))
- .orElseThrow(() -> new DlabException("Bind attribute " + ldapBindAttrName + " is not found"));
- log.info("Biding with template: {} and attribute {} with value: {}", bindTemplate, ldapBindAttrName,
- bindAttrValue);
- try {
- ldapConnection.bind(String.format(bindTemplate, bindAttrValue), password);
- ldapConnection.unBind();
- } catch (LdapException e) {
- log.error("Can not bind user due to: {}", e.getMessage());
- throw new DlabException("Can not bind user due to: " + e.getMessage(), e);
- }
- }
- }
-
- private UserInfo toUserInfo(Entry e, String username) {
- final Dn dn = e.getDn();
- log.debug("Entry dn: {}", dn);
- final UserInfo userInfo = new UserInfo(username, null);
- e.getAttributes()
- .forEach(a -> userInfo.addKey(a.getId(), a.get().toString()));
- final String cn = userInfo.getKeys().get(COMMON_NAME_ATTRIBUTE);
- final String[] splittedCommonName = cn.split(" ");
- if (splittedCommonName.length == 2) {
- userInfo.setFirstName(splittedCommonName[0]);
- userInfo.setLastName(splittedCommonName[1]);
- }
-
- return userInfo;
- }
-
- private SearchRequestImpl getUserSearchRequest(String username) throws LdapException {
- final SearchRequestImpl searchRequest = new SearchRequestImpl();
- final Request searchRequestParams = configuration.getLdapSearchRequest();
- searchRequest.setBase(new Dn(searchRequestParams.getBase()));
- searchRequest.setFilter(searchRequestParams.getFilter().replace(LDAP_SEARCH_ATTRIBUTE, username));
- searchRequest.setScope(SearchScope.valueOf(searchRequestParams.getScope()));
- searchRequest.setTimeLimit(searchRequestParams.getTimeLimit());
- final List<String> attributes = searchRequestParams.getAttributes();
- searchRequest.addAttributes(attributes.toArray(new String[BigDecimal.ZERO.intValue()]));
- return searchRequest;
- }
-
- private SearchRequestImpl getGroupSearchRequest() throws LdapException {
- final SearchRequestImpl searchRequest = new SearchRequestImpl();
- final Request searchRequestParams = configuration.getLdapGroupSearchRequest();
- searchRequest.setBase(new Dn(searchRequestParams.getBase()));
- searchRequest.setFilter(searchRequestParams.getFilter());
- searchRequest.setScope(SearchScope.valueOf(searchRequestParams.getScope()));
- searchRequest.setTimeLimit(searchRequestParams.getTimeLimit());
- final List<String> attributes = searchRequestParams.getAttributes();
- searchRequest.addAttributes(attributes.toArray(new String[BigDecimal.ZERO.intValue()]));
- return searchRequest;
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/dao/Request.java b/services/security-service/src/main/java/com/epam/dlab/auth/dao/Request.java
deleted file mode 100644
index 33475f9..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/dao/Request.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.dao;
-
-import lombok.Data;
-
-import java.util.List;
-
-@Data
-public class Request {
- private String name;
- private String scope;
- private List<String> attributes;
- private int timeLimit;
- private String base;
- private String filter = "";
- private long expirationTimeMsec = 600000;
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAODumbImpl.java b/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAODumbImpl.java
deleted file mode 100644
index 565d4d7..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAODumbImpl.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.dao;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Optional;
-
-public class UserInfoDAODumbImpl implements UserInfoDAO {
-
- private static final Logger LOG = LoggerFactory.getLogger(UserInfoDAODumbImpl.class);
-
- @Override
- public Optional<UserInfo> getUserInfoByAccessToken(String accessToken) {
- LOG.debug("UserInfo persistence find unavailable: {}",accessToken);
- return Optional.empty();
- }
-
- @Override
- public void updateUserInfoTTL(String accessToken, UserInfo ui) {
- LOG.debug("UserInfo persistence update unavailable: {} {}",accessToken,ui);
- }
-
- @Override
- public void deleteUserInfo(String accessToken) {
- LOG.debug("UserInfo persistence delete unavailable: {}",accessToken);
- }
-
- @Override
- public void saveUserInfo(UserInfo ui) {
- LOG.debug("UserInfo persistence save unavailable: {}",ui);
- }
-
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAOMongoImpl.java b/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAOMongoImpl.java
deleted file mode 100644
index 647e46e..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/dao/UserInfoDAOMongoImpl.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.dao;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.mongo.MongoService;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import com.mongodb.BasicDBList;
-import com.mongodb.BasicDBObject;
-import com.mongodb.client.FindIterable;
-import com.mongodb.client.MongoCollection;
-import lombok.extern.slf4j.Slf4j;
-
-import java.util.Date;
-import java.util.Optional;
-
-@Singleton
-@Slf4j
-public class UserInfoDAOMongoImpl implements UserInfoDAO {
- private static final String EXPIRE_AT_COLUMN = "expireAt";
- private static final String SECURITY_COLLECTION = "security";
- private final MongoService ms;
- private final long inactiveUserTimeoutMsec;
-
- @Inject
- public UserInfoDAOMongoImpl(MongoService ms, SecurityServiceConfiguration securityServiceConfiguration) {
- this.ms = ms;
- this.inactiveUserTimeoutMsec = securityServiceConfiguration.getInactiveUserTimeoutMillSec();
- }
-
- @Override
- public Optional<UserInfo> getUserInfoByAccessToken(String accessToken) {
- BasicDBObject uiSearchDoc = new BasicDBObject();
- uiSearchDoc.put("_id", accessToken);
- MongoCollection<BasicDBObject> mc = ms.getCollection(SECURITY_COLLECTION, BasicDBObject.class);
- FindIterable<BasicDBObject> res = mc.find(uiSearchDoc);
- BasicDBObject uiDoc = res.first();
- return Optional.ofNullable(uiDoc)
- .filter(doc -> !isExpired(accessToken, doc.getDate(EXPIRE_AT_COLUMN)))
- .map(doc -> toUserInfo(accessToken, doc));
- }
-
- @Override
- public void updateUserInfoTTL(String accessToken, UserInfo ui) {
-
- BasicDBObject uiDoc = new BasicDBObject();
- uiDoc.put("_id", accessToken);
- uiDoc.put(EXPIRE_AT_COLUMN, new Date(System.currentTimeMillis()));
- MongoCollection<BasicDBObject> security = ms.getCollection(SECURITY_COLLECTION, BasicDBObject.class);
- security.updateOne(new BasicDBObject("_id", accessToken), new BasicDBObject("$set", uiDoc));
- log.debug("Updated persistent {}", accessToken);
-
- }
-
- @Override
- public void deleteUserInfo(String accessToken) {
- BasicDBObject uiDoc = new BasicDBObject();
- uiDoc.put("_id", accessToken);
- MongoCollection<BasicDBObject> security = ms.getCollection(SECURITY_COLLECTION, BasicDBObject.class);
- security.deleteOne(uiDoc);
- log.debug("Deleted persistent {}", accessToken);
- }
-
- @Override
- public void saveUserInfo(UserInfo ui) {
- BasicDBObject uiDoc = new BasicDBObject();
- uiDoc.put("_id", ui.getAccessToken());
- uiDoc.put("name", ui.getName());
- uiDoc.put("firstName", ui.getFirstName());
- uiDoc.put("lastName", ui.getLastName());
- uiDoc.put("roles", ui.getRoles());
- uiDoc.put("remoteIp", ui.getRemoteIp());
- uiDoc.put("awsUser", ui.isAwsUser());
- uiDoc.put(EXPIRE_AT_COLUMN, new Date(System.currentTimeMillis()));
- uiDoc.put("awsKeys", ui.getKeys());
- MongoCollection<BasicDBObject> security = ms.getCollection(SECURITY_COLLECTION, BasicDBObject.class);
- security.insertOne(uiDoc);
- log.debug("Saved persistent {}", ui);
-
- }
-
- private UserInfo toUserInfo(String accessToken, BasicDBObject uiDoc) {
- String name = uiDoc.get("name").toString();
- String firstName = uiDoc.getString("firstName", "");
- String lastName = uiDoc.getString("lastName", "");
- String remoteIp = uiDoc.getString("remoteIp", "");
- BasicDBList roles = (BasicDBList) uiDoc.get("roles");
- boolean awsUser = uiDoc.getBoolean("awsUser", false);
- UserInfo ui = new UserInfo(name, accessToken);
- ui.setFirstName(firstName);
- ui.setLastName(lastName);
- ui.setRemoteIp(remoteIp);
- ui.setAwsUser(awsUser);
- Object awsKeys = uiDoc.get("awsKeys");
- if (awsKeys != null) {
- ((BasicDBObject) awsKeys).forEach((key, val) -> ui.addKey(key, val.toString()));
- }
- roles.forEach(o -> ui.addRole("" + o));
- return ui;
- }
-
- private boolean isExpired(String accessToken, Date lastAccess) {
- if (inactiveUserTimeoutMsec < Math.abs(new Date().getTime() - lastAccess.getTime())) {
- log.warn("UI for {} expired but were not evicted from DB. Contact MongoDB admin to create expireable " +
- "index on 'expireAt' key.", accessToken);
- this.deleteUserInfo(accessToken);
- return true;
- }
- return false;
- }
-
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/modules/AwsSecurityServiceModule.java b/services/security-service/src/main/java/com/epam/dlab/auth/modules/AwsSecurityServiceModule.java
deleted file mode 100644
index 2c1bfcd..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/modules/AwsSecurityServiceModule.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.modules;
-
-import com.amazonaws.auth.AWSCredentials;
-import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.aws.dao.AwsUserDAO;
-import com.epam.dlab.auth.aws.dao.AwsUserDAOImpl;
-import com.epam.dlab.auth.aws.service.AwsCredentialRefreshService;
-import com.epam.dlab.auth.aws.service.AwsUserVerificationService;
-import com.epam.dlab.auth.resources.SynchronousLdapAuthenticationResource;
-import com.epam.dlab.cloud.CloudModule;
-import com.google.inject.Injector;
-import com.google.inject.Provides;
-import com.google.inject.Singleton;
-import io.dropwizard.setup.Environment;
-
-public class AwsSecurityServiceModule extends CloudModule {
- private final SecurityServiceConfiguration conf;
-
- AwsSecurityServiceModule(SecurityServiceConfiguration conf) {
- this.conf = conf;
- }
-
- @Override
- protected void configure() {
- if (conf.isAwsUserIdentificationEnabled()) {
- bind(AwsUserDAO.class).to(AwsUserDAOImpl.class);
- bind(UserVerificationService.class).to(AwsUserVerificationService.class);
- } else {
- bind(UserVerificationService.class).toInstance(SecurityServiceModule.defaultUserVerificationService());
- }
- }
-
- @Override
- public void init(Environment environment, Injector injector) {
- environment.jersey().register(injector.getInstance(SynchronousLdapAuthenticationResource.class));
- if (conf.isAwsUserIdentificationEnabled()) {
- environment.lifecycle().manage(injector.getInstance(AwsCredentialRefreshService.class));
- }
- }
-
- @Provides
- @Singleton
- private AWSCredentials awsCredentials(DefaultAWSCredentialsProviderChain providerChain) {
- if (conf.isDevMode()) {
- return devAwsCredentials();
- } else {
- return providerChain.getCredentials();
- }
- }
-
- private AWSCredentials devAwsCredentials() {
- return new AWSCredentials() {
- @Override
- public String getAWSAccessKeyId() {
- return "access_key";
- }
-
- @Override
- public String getAWSSecretKey() {
- return "secret_key";
- }
- };
- }
-
- @Provides
- @Singleton
- public AWSCredentialsProvider defaultAWSCredentialsProviderChain() {
- return new DefaultAWSCredentialsProviderChain();
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/modules/AzureSecurityServiceModule.java b/services/security-service/src/main/java/com/epam/dlab/auth/modules/AzureSecurityServiceModule.java
deleted file mode 100644
index ef29a75..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/modules/AzureSecurityServiceModule.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.modules;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.azure.AzureAuthenticationResource;
-import com.epam.dlab.auth.azure.AzureLoginUrlBuilder;
-import com.epam.dlab.auth.azure.AzureSecurityResource;
-import com.epam.dlab.auth.azure.service.AzureAuthorizationCodeService;
-import com.epam.dlab.auth.azure.service.AzureAuthorizationCodeServiceImpl;
-import com.epam.dlab.auth.conf.AzureLoginConfiguration;
-import com.epam.dlab.auth.resources.SynchronousLdapAuthenticationResource;
-import com.epam.dlab.cloud.CloudModule;
-import com.google.inject.Injector;
-import io.dropwizard.setup.Environment;
-
-import java.io.IOException;
-
-public class AzureSecurityServiceModule extends CloudModule {
- private final SecurityServiceConfiguration conf;
-
- AzureSecurityServiceModule(SecurityServiceConfiguration configuration) {
- this.conf = configuration;
- }
-
- @Override
- protected void configure() {
- bind(UserVerificationService.class).toInstance(SecurityServiceModule.defaultUserVerificationService());
- final AzureLoginConfiguration azureLoginConfiguration = conf.getAzureLoginConfiguration();
- bind(AzureLoginConfiguration.class).toInstance(azureLoginConfiguration);
- if (!azureLoginConfiguration.isUseLdap()) {
- bind(AzureLoginUrlBuilder.class).toInstance(new AzureLoginUrlBuilder(azureLoginConfiguration));
- try {
- final AzureAuthorizationCodeServiceImpl authorizationCodeService = new
- AzureAuthorizationCodeServiceImpl(azureLoginConfiguration.getAuthority() +
- azureLoginConfiguration.getTenant() + "/", azureLoginConfiguration
- .getPermissionScope(), azureLoginConfiguration.getManagementApiAuthFile(),
- azureLoginConfiguration.isValidatePermissionScope());
- bind(AzureAuthorizationCodeService.class).toInstance(authorizationCodeService);
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
- }
-
- @Override
- public void init(Environment environment, Injector injector) {
-
- if (conf.getAzureLoginConfiguration().isUseLdap()) {
- environment.jersey().register(injector.getInstance(SynchronousLdapAuthenticationResource.class));
- } else {
- final AzureAuthenticationResource azureAuthenticationResource = new AzureAuthenticationResource(conf,
- injector.getInstance(UserInfoDAO.class), conf.getAzureLoginConfiguration(),
- injector.getInstance(AzureAuthorizationCodeService.class));
- environment.jersey().register(azureAuthenticationResource);
- environment.jersey().register(injector.getInstance(AzureSecurityResource.class));
- }
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/modules/GcpSecurityServiceModule.java b/services/security-service/src/main/java/com/epam/dlab/auth/modules/GcpSecurityServiceModule.java
deleted file mode 100644
index abddab2..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/modules/GcpSecurityServiceModule.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.modules;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.conf.GcpLoginConfiguration;
-import com.epam.dlab.auth.gcp.resources.GcpOauth2SecurityResource;
-import com.epam.dlab.auth.gcp.service.GcpAuthenticationService;
-import com.epam.dlab.auth.oauth2.Oauth2AuthenticationService;
-import com.epam.dlab.auth.resources.SynchronousLdapAuthenticationResource;
-import com.epam.dlab.cloud.CloudModule;
-import com.google.api.client.auth.oauth2.AuthorizationCodeFlow;
-import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.http.javanet.NetHttpTransport;
-import com.google.api.client.json.jackson2.JacksonFactory;
-import com.google.common.cache.Cache;
-import com.google.common.cache.CacheBuilder;
-import com.google.inject.Injector;
-import com.google.inject.Provides;
-import com.google.inject.Singleton;
-import io.dropwizard.setup.Environment;
-
-import java.util.Arrays;
-import java.util.List;
-import java.util.concurrent.TimeUnit;
-
-public class GcpSecurityServiceModule extends CloudModule {
- private static final List<String> SCOPES = Arrays.asList("https://www.googleapis.com/auth/plus.login", "email",
- "profile", "https://www.googleapis.com/auth/plus.me");
- private final GcpLoginConfiguration conf;
-
- GcpSecurityServiceModule(SecurityServiceConfiguration conf) {
- this.conf = conf.getGcpLoginConfiguration();
- }
-
- @Override
- protected void configure() {
- if (conf.isOauth2authenticationEnabled()) {
- bind(Oauth2AuthenticationService.class).to(GcpAuthenticationService.class);
- }
- bind(GcpLoginConfiguration.class).toInstance(conf);
- bind(UserVerificationService.class).toInstance(SecurityServiceModule.defaultUserVerificationService());
- }
-
- @Override
- public void init(Environment environment, Injector injector) {
- environment.jersey().register(injector.getInstance(SynchronousLdapAuthenticationResource.class));
- if (conf.isOauth2authenticationEnabled()) {
- environment.jersey().register(injector.getInstance(GcpOauth2SecurityResource.class));
- }
- }
-
- @Provides
- @Singleton
- private Cache<String, Object> userStateCache() {
- return CacheBuilder.newBuilder().expireAfterWrite(conf.getUserStateCacheExpirationTime(), TimeUnit.HOURS)
- .maximumSize(conf.getUserStateCacheSize()).build();
- }
-
-
- @Provides
- @Singleton
- private HttpTransport httpTransport() {
- return new NetHttpTransport();
- }
-
- @Provides
- @Singleton
- private AuthorizationCodeFlow authorizationCodeFlow(HttpTransport httpTransport, JacksonFactory jacksonFactory) {
- return new GoogleAuthorizationCodeFlow.Builder(
- httpTransport, jacksonFactory, conf.getClientId(), conf.getClientSecret(), SCOPES)
- .build();
- }
-
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/modules/ModuleFactory.java b/services/security-service/src/main/java/com/epam/dlab/auth/modules/ModuleFactory.java
deleted file mode 100644
index 3d14901..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/modules/ModuleFactory.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.modules;
-
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.cloud.CloudModule;
-
-public class ModuleFactory {
-
- private ModuleFactory() {
- }
-
- public static CloudModule getCloudProviderModule(SecurityServiceConfiguration configuration) {
- switch (configuration.getCloudProvider()) {
- case AWS:
- return new AwsSecurityServiceModule(configuration);
- case AZURE:
- return new AzureSecurityServiceModule(configuration);
- case GCP:
- return new GcpSecurityServiceModule(configuration);
- default:
- throw new UnsupportedOperationException(
- String.format("Unsupported cloud provider %s", configuration.getCloudProvider()));
- }
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/modules/SecurityServiceModule.java b/services/security-service/src/main/java/com/epam/dlab/auth/modules/SecurityServiceModule.java
deleted file mode 100644
index 67a6b81..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/modules/SecurityServiceModule.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.modules;
-
-import com.epam.dlab.ModuleBase;
-import com.epam.dlab.auth.SecurityServiceConfiguration;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.dao.LdapUserDAO;
-import com.epam.dlab.auth.dao.LdapUserDAOImpl;
-import com.epam.dlab.auth.dao.UserInfoDAODumbImpl;
-import com.epam.dlab.auth.dao.UserInfoDAOMongoImpl;
-import com.epam.dlab.auth.service.AuthenticationService;
-import com.epam.dlab.auth.service.impl.LdapAuthenticationService;
-import com.epam.dlab.mongo.MongoService;
-import com.google.inject.Provides;
-import com.google.inject.Singleton;
-import io.dropwizard.setup.Environment;
-import lombok.extern.slf4j.Slf4j;
-
-@Slf4j
-public class SecurityServiceModule extends ModuleBase<SecurityServiceConfiguration> {
-
- public SecurityServiceModule(SecurityServiceConfiguration configuration, Environment environment) {
- super(configuration, environment);
- }
-
- @Override
- protected void configure() {
- bind(SecurityServiceConfiguration.class).toInstance(configuration);
- bind(LdapUserDAO.class).to(LdapUserDAOImpl.class);
- bind(AuthenticationService.class).to(LdapAuthenticationService.class);
- if (configuration.isUserInfoPersistenceEnabled()) {
- bind(UserInfoDAO.class).to(UserInfoDAOMongoImpl.class);
- } else {
- bind(UserInfoDAO.class).to(UserInfoDAODumbImpl.class);
- }
- }
-
- @Provides
- @Singleton
- private MongoService mongoService() {
- return configuration.getMongoFactory().build(environment);
- }
-
- public static UserVerificationService defaultUserVerificationService() {
- return userInfo -> log.debug("No additional user verification configured");
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/resources/SynchronousLdapAuthenticationResource.java b/services/security-service/src/main/java/com/epam/dlab/auth/resources/SynchronousLdapAuthenticationResource.java
deleted file mode 100644
index c926c72..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/resources/SynchronousLdapAuthenticationResource.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.resources;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-import com.epam.dlab.auth.service.AuthenticationService;
-import com.epam.dlab.rest.dto.ErrorDTO;
-import com.google.inject.Inject;
-import lombok.extern.slf4j.Slf4j;
-
-import javax.ws.rs.Consumes;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
-/**
- * Used for authentication against LDAP server
- */
-@Path("/")
-@Consumes(MediaType.APPLICATION_JSON)
-@Produces(MediaType.APPLICATION_JSON)
-@Slf4j
-public class SynchronousLdapAuthenticationResource {
- private static final String INVALID_CREDENTIALS = "Username or password is invalid";
- private final AuthenticationService authenticationService;
-
- @Inject
- public SynchronousLdapAuthenticationResource(AuthenticationService authenticationService) {
- this.authenticationService = authenticationService;
- }
-
- @POST
- @Path("/login")
- public Response login(UserCredentialDTO cred) {
- log.debug("validating username:{} password:****** token:{}", cred.getUsername(), cred.getAccessToken());
- return authenticationService.login(cred)
- .map(userInfo -> Response.ok(userInfo.getAccessToken()).build())
- .orElse(unauthorizedResponse());
- }
-
- @POST
- @Path("/getuserinfo")
- public UserInfo getUserInfo(String accessToken) {
- return authenticationService.getUserInfo(accessToken).orElse(null);
- }
-
- @POST
- @Path("/logout")
- public Response logout(String accessToken) {
- authenticationService.logout(accessToken);
- return Response.ok().build();
- }
-
- private Response unauthorizedResponse() {
- return Response.status(Response.Status.UNAUTHORIZED)
- .entity(new ErrorDTO(Response.Status.UNAUTHORIZED.getStatusCode(), INVALID_CREDENTIALS))
- .type(MediaType.APPLICATION_JSON)
- .build();
- }
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/service/AuthenticationService.java b/services/security-service/src/main/java/com/epam/dlab/auth/service/AuthenticationService.java
deleted file mode 100644
index a97f804..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/service/AuthenticationService.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.service;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-
-import java.util.Optional;
-
-public interface AuthenticationService {
-
- Optional<UserInfo> getUserInfo(String token);
-
- Optional<UserInfo> login(UserCredentialDTO credentialDTO);
-
- void logout(String token);
-}
diff --git a/services/security-service/src/main/java/com/epam/dlab/auth/service/impl/LdapAuthenticationService.java b/services/security-service/src/main/java/com/epam/dlab/auth/service/impl/LdapAuthenticationService.java
deleted file mode 100644
index b324cad..0000000
--- a/services/security-service/src/main/java/com/epam/dlab/auth/service/impl/LdapAuthenticationService.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.service.impl;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.dao.LdapUserDAO;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-import com.epam.dlab.auth.service.AuthenticationService;
-import com.epam.dlab.exceptions.DlabAuthenticationException;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.Optional;
-
-import static com.epam.dlab.auth.rest.AbstractAuthenticationService.getRandomToken;
-
-@Singleton
-@Slf4j
-public class LdapAuthenticationService implements AuthenticationService {
- private final UserInfoDAO userInfoDAO;
- private final LdapUserDAO ldapUserDAO;
- private final UserVerificationService verificationService;
-
- @Inject
- public LdapAuthenticationService(UserInfoDAO userInfoDAO, LdapUserDAO ldapUserDAO,
- UserVerificationService verificationService) {
- this.userInfoDAO = userInfoDAO;
- this.ldapUserDAO = ldapUserDAO;
- this.verificationService = verificationService;
- }
-
- @Override
- public Optional<UserInfo> getUserInfo(String token) {
- return userInfoDAO.getUserInfoByAccessToken(token)
- .map(userInfo -> touchedUser(token, userInfo));
- }
-
- @Override
- public Optional<UserInfo> login(UserCredentialDTO credentialDTO) {
- try {
- final String token = credentialDTO.getAccessToken();
- return StringUtils.isNoneBlank(token) ? getUserInfo(token) : getLdapUserInfo(credentialDTO);
- } catch (Exception e) {
- log.error("Error occurred during login for user {}: {}", credentialDTO.getUsername(), e.getMessage());
- throw new DlabAuthenticationException("Username or password is invalid");
- }
- }
-
- @Override
- public void logout(String token) {
- userInfoDAO.deleteUserInfo(token);
- }
-
- private Optional<UserInfo> getLdapUserInfo(UserCredentialDTO credentialDTO) {
- final UserInfo user = ldapUserDAO.getUserInfo(credentialDTO.getUsername(), credentialDTO.getPassword());
- user.addRoles(ldapUserDAO.getUserGroups(user));
- verificationService.verify(user);
- final String token = getRandomToken();
- final UserInfo userWithToken = user.withToken(token);
- userInfoDAO.saveUserInfo(userWithToken);
- return Optional.of(userWithToken);
- }
-
- private UserInfo touchedUser(String token, UserInfo userInfo) {
- userInfoDAO.updateUserInfoTTL(token, userInfo);
- return userInfo.withToken(token);
- }
-}
diff --git a/services/security-service/src/main/resources/banner.txt b/services/security-service/src/main/resources/banner.txt
deleted file mode 100644
index 0b30daf..0000000
--- a/services/security-service/src/main/resources/banner.txt
+++ /dev/null
@@ -1,6 +0,0 @@
- _________ .__ __ _________ .__
- / _____/ ____ ____ __ _________|__|/ |_ ___.__. / _____/ ______________ _|__| ____ ____
- \_____ \_/ __ \_/ ___\| | \_ __ \ \ __< | | \_____ \_/ __ \_ __ \ \/ / |/ ___\/ __ \
- / \ ___/\ \___| | /| | \/ || | \___ | / \ ___/| | \/\ /| \ \__\ ___/
-/_______ /\___ >\___ >____/ |__| |__||__| / ____| /_______ /\___ >__| \_/ |__|\___ >___ >
- \/ \/ \/ \/ \/ \/ \/ \/
\ No newline at end of file
diff --git a/services/security-service/src/test/java/com/epam/dlab/auth/service/impl/LdapAuthenticationServiceTest.java b/services/security-service/src/test/java/com/epam/dlab/auth/service/impl/LdapAuthenticationServiceTest.java
deleted file mode 100644
index 4fb56c3..0000000
--- a/services/security-service/src/test/java/com/epam/dlab/auth/service/impl/LdapAuthenticationServiceTest.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth.service.impl;
-
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.auth.UserInfoDAO;
-import com.epam.dlab.auth.UserVerificationService;
-import com.epam.dlab.auth.dao.LdapUserDAO;
-import com.epam.dlab.auth.dto.UserCredentialDTO;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.InjectMocks;
-import org.mockito.Mock;
-import org.mockito.runners.MockitoJUnitRunner;
-
-import java.util.Optional;
-
-import static org.junit.Assert.*;
-import static org.mockito.Matchers.anyString;
-import static org.mockito.Matchers.eq;
-import static org.mockito.Matchers.refEq;
-import static org.mockito.Mockito.*;
-
-@RunWith(MockitoJUnitRunner.class)
-public class LdapAuthenticationServiceTest {
-
- private static final String TOKEN = "token123";
- private static final String USER = "user";
- private static final String PASSWORD = "password";
- @Mock
- private LdapUserDAO ldapUserDAO;
- @Mock
- private UserInfoDAO userInfoDAO;
- @Mock
- private UserVerificationService verificationService;
- @InjectMocks
- private LdapAuthenticationService ldapAuthenticationService;
-
- @Test
- public void getUserInfo() {
-
- when(userInfoDAO.getUserInfoByAccessToken(anyString())).thenReturn(Optional.of(userInfo()));
- final Optional<UserInfo> userInfo = ldapAuthenticationService.getUserInfo(TOKEN);
-
- assertTrue(userInfo.isPresent());
- assertEquals(USER.toLowerCase(), userInfo.get().getName());
- assertEquals(TOKEN, userInfo.get().getAccessToken());
-
- verify(userInfoDAO).getUserInfoByAccessToken(TOKEN);
- verify(userInfoDAO).updateUserInfoTTL(eq(TOKEN), refEq(userInfo()));
- verifyNoMoreInteractions(userInfoDAO);
- }
-
- @Test
- public void getUserInfoWhenUserNotFound() {
-
- when(userInfoDAO.getUserInfoByAccessToken(anyString())).thenReturn(Optional.empty());
- final Optional<UserInfo> userInfo = ldapAuthenticationService.getUserInfo(TOKEN);
-
- assertFalse(userInfo.isPresent());
-
- verify(userInfoDAO).getUserInfoByAccessToken(TOKEN);
- verifyNoMoreInteractions(userInfoDAO);
- }
-
- @Test
- public void loginWithoutAccessToken() {
-
- when(ldapUserDAO.getUserInfo(anyString(), anyString())).thenReturn(userInfo());
- final Optional<UserInfo> userInfo = ldapAuthenticationService.login(getCredentialDTO());
-
- assertTrue(userInfo.isPresent());
- assertEquals(USER, userInfo.get().getName());
- assertNotNull(userInfo.get().getAccessToken());
-
- verify(verificationService).verify(refEq(userInfo()));
- verify(ldapUserDAO).getUserInfo(USER, PASSWORD);
- verify(ldapUserDAO).getUserGroups(refEq(userInfo()));
- verify(userInfoDAO).saveUserInfo(refEq(userInfo().withToken(TOKEN), "accessToken"));
- verifyNoMoreInteractions(ldapUserDAO, userInfoDAO);
- }
-
- @Test
- public void loginWithAccessToken() {
-
- when(userInfoDAO.getUserInfoByAccessToken(anyString())).thenReturn(Optional.of(userInfo()));
- final UserCredentialDTO credentialDTO = getCredentialDTO();
- credentialDTO.setAccessToken(TOKEN);
- final Optional<UserInfo> userInfo = ldapAuthenticationService.login(credentialDTO);
-
- assertTrue(userInfo.isPresent());
- assertEquals(USER, userInfo.get().getName());
- assertNotNull(userInfo.get().getAccessToken());
-
- verify(userInfoDAO).getUserInfoByAccessToken(TOKEN);
- verify(userInfoDAO).updateUserInfoTTL(eq(TOKEN), refEq(userInfo()));
- verifyNoMoreInteractions(userInfoDAO);
- verifyZeroInteractions(ldapUserDAO, verificationService);
- }
-
- @Test
- public void logout() {
-
- ldapAuthenticationService.logout(TOKEN);
-
- verify(userInfoDAO).deleteUserInfo(TOKEN);
- verifyNoMoreInteractions(userInfoDAO);
- verifyZeroInteractions(ldapUserDAO);
- }
-
- private UserInfo userInfo() {
- return new UserInfo(USER, null);
- }
-
- private UserCredentialDTO getCredentialDTO() {
- final UserCredentialDTO dto = new UserCredentialDTO();
- dto.setUsername(USER);
- dto.setPassword(PASSWORD);
- return dto;
- }
-
-}
\ No newline at end of file
diff --git a/services/self-service/pom.xml b/services/self-service/pom.xml
index 5521958..961db9b 100644
--- a/services/self-service/pom.xml
+++ b/services/self-service/pom.xml
@@ -45,6 +45,12 @@
<dependencies>
<dependency>
+ <groupId>de.ahus1.keycloak.dropwizard</groupId>
+ <artifactId>keycloak-dropwizard</artifactId>
+ <version>1.1.1</version>
+ </dependency>
+
+ <dependency>
<groupId>com.novemberain</groupId>
<artifactId>quartz-mongodb</artifactId>
<version>2.1.0</version>
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java
new file mode 100644
index 0000000..9be4251
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java
@@ -0,0 +1,20 @@
+package com.epam.dlab.backendapi;
+
+import org.keycloak.adapters.AdapterDeploymentContext;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.NodesRegistrationManagement;
+import org.keycloak.jaxrs.JaxrsBearerTokenFilterImpl;
+
+import javax.annotation.Priority;
+import javax.ws.rs.Priorities;
+import javax.ws.rs.container.PreMatching;
+
+@PreMatching
+@Priority(Priorities.AUTHENTICATION)
+public class DropwizardBearerTokenFilterImpl extends JaxrsBearerTokenFilterImpl {
+
+ public DropwizardBearerTokenFilterImpl(KeycloakDeployment keycloakDeployment) {
+ deploymentContext = new AdapterDeploymentContext(keycloakDeployment);
+ nodesRegistrationManagement = new NodesRegistrationManagement();
+ }
+}
\ No newline at end of file
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
index 979464f..9fbcd75 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
@@ -19,6 +19,7 @@
package com.epam.dlab.backendapi;
+import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.IndexCreator;
import com.epam.dlab.backendapi.domain.EnvStatusListener;
import com.epam.dlab.backendapi.domain.ExploratoryLibCache;
@@ -42,10 +43,15 @@ import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Key;
import com.google.inject.name.Names;
+import de.ahus1.keycloak.dropwizard.AbstractKeycloakAuthenticator;
+import de.ahus1.keycloak.dropwizard.KeycloakBundle;
+import de.ahus1.keycloak.dropwizard.KeycloakConfiguration;
import de.thomaskrille.dropwizard_template_config.TemplateConfigBundle;
import de.thomaskrille.dropwizard_template_config.TemplateConfigBundleConfiguration;
import io.dropwizard.Application;
import io.dropwizard.assets.AssetsBundle;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.Authorizer;
import io.dropwizard.forms.MultiPartBundle;
import io.dropwizard.jersey.setup.JerseyEnvironment;
import io.dropwizard.jetty.BiDiGzipHandler;
@@ -57,8 +63,12 @@ import lombok.extern.slf4j.Slf4j;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.HandlerWrapper;
+import org.keycloak.KeycloakSecurityContext;
+import org.keycloak.representations.AccessToken;
import javax.servlet.DispatcherType;
+import javax.servlet.http.HttpServletRequest;
+import java.security.Principal;
import java.util.EnumSet;
/**
@@ -98,6 +108,45 @@ public class SelfServiceApplication extends Application<SelfServiceApplicationCo
return configuration.getSwaggerConfiguration();
}
});
+
+ bootstrap.addBundle(new KeycloakBundle<SelfServiceApplicationConfiguration>() {
+ @Override
+ protected KeycloakConfiguration getKeycloakConfiguration(SelfServiceApplicationConfiguration configuration) {
+ return configuration.getKeycloakConfiguration();
+ }
+
+ @Override
+ protected Class<? extends Principal> getUserClass() {
+ return UserInfo.class;
+ }
+
+ @Override
+ protected Authorizer createAuthorizer() {
+ return (Authorizer<UserInfo>) (principal, role) -> principal.getRoles().contains(role);
+ }
+
+ @Override
+ protected Authenticator createAuthenticator(KeycloakConfiguration configuration) {
+ class KeycloakAuthenticator extends AbstractKeycloakAuthenticator<UserInfo> {
+
+ private KeycloakAuthenticator(KeycloakConfiguration keycloakConfiguration) {
+ super(keycloakConfiguration);
+ }
+
+ @Override
+ protected UserInfo prepareAuthentication(KeycloakSecurityContext keycloakSecurityContext,
+ HttpServletRequest httpServletRequest,
+ KeycloakConfiguration keycloakConfiguration) {
+ final AccessToken token = keycloakSecurityContext.getToken();
+ final UserInfo userInfo = new UserInfo(token.getPreferredUsername(),
+ keycloakSecurityContext.getIdTokenString());
+ userInfo.addRoles(token.getResourceAccess(keycloakConfiguration.getResource()).getRoles());
+ return userInfo;
+ }
+ }
+ return new KeycloakAuthenticator(configuration);
+ }
+ });
}
@Override
@@ -133,6 +182,7 @@ public class SelfServiceApplication extends Application<SelfServiceApplicationCo
JerseyEnvironment jersey = environment.jersey();
+
jersey.register(new RuntimeExceptionMapper());
jersey.register(new JsonProcessingExceptionMapper());
jersey.register(new ResourceConflictExceptionMapper());
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
index 6499b67..c21c3eb 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
@@ -28,16 +28,20 @@ import com.epam.dlab.validation.AwsValidation;
import com.epam.dlab.validation.AzureValidation;
import com.epam.dlab.validation.GcpValidation;
import com.fasterxml.jackson.annotation.JsonProperty;
+import de.ahus1.keycloak.dropwizard.KeycloakConfiguration;
import io.dropwizard.client.JerseyClientConfiguration;
import io.dropwizard.util.Duration;
import io.federecio.dropwizard.swagger.SwaggerBundleConfiguration;
import org.hibernate.validator.constraints.NotEmpty;
import org.hibernate.validator.group.GroupSequenceProvider;
+import org.keycloak.representations.adapters.config.AdapterConfig;
import javax.validation.Valid;
import javax.validation.constraints.Max;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotNull;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
import java.util.Map;
/**
@@ -125,6 +129,8 @@ public class SelfServiceApplicationConfiguration extends ServiceConfiguration {
@NotNull
private Map<String, String> guacamole;
+ private KeycloakConfiguration keycloakConfiguration = new KeycloakConfiguration();
+
public Map<String, String> getGuacamole() {
return guacamole;
}
@@ -257,4 +263,12 @@ public class SelfServiceApplicationConfiguration extends ServiceConfiguration {
public RESTServiceFactory getMavenApiFactory() {
return mavenApiFactory;
}
+
+ public KeycloakConfiguration getKeycloakConfiguration() {
+ return keycloakConfiguration;
+ }
+
+ public static void main(String[] args) throws NoSuchAlgorithmException {
+ KeyFactory kf = KeyFactory.getInstance("ECDSA");
+ }
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/auth/SelfServiceSecurityAuthenticator.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/auth/SelfServiceSecurityAuthenticator.java
deleted file mode 100644
index 9399399..0000000
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/auth/SelfServiceSecurityAuthenticator.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.backendapi.auth;
-
-import com.epam.dlab.auth.SecurityRestAuthenticator;
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.backendapi.domain.EnvStatusListener;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import io.dropwizard.auth.AuthenticationException;
-import lombok.extern.slf4j.Slf4j;
-
-import java.util.Optional;
-
-@Slf4j
-@Singleton
-public class SelfServiceSecurityAuthenticator extends SecurityRestAuthenticator {
- private final EnvStatusListener envStatusListener;
-
- @Inject
- public SelfServiceSecurityAuthenticator(EnvStatusListener envStatusListener) {
- this.envStatusListener = envStatusListener;
- }
-
- @Override
- public Optional<UserInfo> authenticate(String credentials) throws AuthenticationException {
- Optional<UserInfo> userInfo = super.authenticate(credentials);
- userInfo.ifPresent(ui -> {
- // Touch session
- UserInfo touched = envStatusListener.getSession(ui.getName());
- if (touched == null) {
- log.warn("Session does not exist for for env status listener {} {}",
- ui.getName(), ui.getAccessToken());
- }
- });
- return userInfo;
- }
-}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AwsSelfServiceModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AwsSelfServiceModule.java
index d80e9fb..ea43416 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AwsSelfServiceModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AwsSelfServiceModule.java
@@ -19,11 +19,9 @@
package com.epam.dlab.backendapi.modules;
-import com.epam.dlab.auth.SecurityFactory;
import com.epam.dlab.backendapi.SelfServiceApplication;
import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration;
import com.epam.dlab.backendapi.annotation.BudgetLimited;
-import com.epam.dlab.backendapi.auth.SelfServiceSecurityAuthenticator;
import com.epam.dlab.backendapi.dao.BillingDAO;
import com.epam.dlab.backendapi.dao.KeyDAO;
import com.epam.dlab.backendapi.dao.aws.AwsBillingDAO;
@@ -45,7 +43,6 @@ import com.fiestacabin.dropwizard.quartz.SchedulerConfiguration;
import com.google.inject.Injector;
import com.google.inject.Provides;
import com.google.inject.Singleton;
-import io.dropwizard.auth.Authorizer;
import io.dropwizard.setup.Environment;
import org.quartz.Scheduler;
import org.quartz.SchedulerException;
@@ -81,8 +78,8 @@ public class AwsSelfServiceModule extends CloudModule {
environment.jersey().register(injector.getInstance(ComputationalResourceAws.class));
environment.jersey().register(injector.getInstance(BillingResourceAws.class));
- injector.getInstance(SecurityFactory.class).configure(injector, environment,
- SelfServiceSecurityAuthenticator.class, injector.getInstance(Authorizer.class));
+ /*injector.getInstance(SecurityFactory.class).configure(injector, environment,
+ SelfServiceSecurityAuthenticator.class, injector.getInstance(Authorizer.class));*/
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AzureSelfServiceModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AzureSelfServiceModule.java
index c59c3d2..a091e2c 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AzureSelfServiceModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/AzureSelfServiceModule.java
@@ -19,19 +19,14 @@
package com.epam.dlab.backendapi.modules;
-import com.epam.dlab.auth.SecurityFactory;
-import com.epam.dlab.auth.rest.UserSessionDurationAuthorizer;
import com.epam.dlab.backendapi.SelfServiceApplication;
import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration;
import com.epam.dlab.backendapi.annotation.BudgetLimited;
-import com.epam.dlab.backendapi.auth.SelfServiceSecurityAuthenticator;
import com.epam.dlab.backendapi.dao.BillingDAO;
import com.epam.dlab.backendapi.dao.KeyDAO;
import com.epam.dlab.backendapi.dao.azure.AzureBillingDAO;
import com.epam.dlab.backendapi.dao.azure.AzureKeyDao;
import com.epam.dlab.backendapi.interceptor.BudgetLimitInterceptor;
-import com.epam.dlab.backendapi.resources.SecurityResource;
-import com.epam.dlab.backendapi.resources.azure.AzureOauthResource;
import com.epam.dlab.backendapi.resources.azure.BillingResourceAzure;
import com.epam.dlab.backendapi.resources.azure.ComputationalResourceAzure;
import com.epam.dlab.backendapi.resources.callback.azure.EdgeCallbackAzure;
@@ -48,7 +43,6 @@ import com.fiestacabin.dropwizard.quartz.SchedulerConfiguration;
import com.google.inject.Injector;
import com.google.inject.Provides;
import com.google.inject.Singleton;
-import io.dropwizard.auth.Authorizer;
import io.dropwizard.setup.Environment;
import lombok.extern.slf4j.Slf4j;
import org.quartz.Scheduler;
@@ -93,18 +87,6 @@ public class AzureSelfServiceModule extends CloudModule {
environment.jersey().register(injector.getInstance(ComputationalResourceAzure.class));
environment.jersey().register(injector.getInstance(BillingResourceAzure.class));
- if (!useLdap) {
- environment.jersey().register(injector.getInstance(AzureOauthResource.class));
- injector.getInstance(SecurityFactory.class).configure(injector, environment,
- SelfServiceSecurityAuthenticator.class,
- new UserSessionDurationAuthorizer(ui ->
- injector.getInstance(SecurityResource.class).userLogout(ui),
- maxSessionDurabilityMilliseconds));
- }
-
- injector.getInstance(SecurityFactory.class).configure(injector, environment,
- SelfServiceSecurityAuthenticator.class, injector.getInstance(Authorizer.class));
-
}
@Provides
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
index bd4a5ab..c8db053 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
@@ -66,8 +66,8 @@ public class DevModule extends ModuleBase<SelfServiceApplicationConfiguration> i
protected void configure() {
bind(SelfServiceApplicationConfiguration.class).toInstance(configuration);
bind(MongoService.class).toInstance(configuration.getMongoFactory().build(environment));
- bind(RESTService.class).annotatedWith(Names.named(ServiceConsts.SECURITY_SERVICE_NAME))
- .toInstance(createAuthenticationService());
+ /*bind(RESTService.class).annotatedWith(Names.named(ServiceConsts.SECURITY_SERVICE_NAME))
+ .toInstance(createAuthenticationService());*/
bind(RESTService.class).annotatedWith(Names.named(ServiceConsts.PROVISIONING_SERVICE_NAME))
.toInstance(configuration.getProvisioningFactory()
.build(environment, ServiceConsts.PROVISIONING_SERVICE_NAME));
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/GcpSelfServiceModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/GcpSelfServiceModule.java
index 70dae00..49b7c3d 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/GcpSelfServiceModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/GcpSelfServiceModule.java
@@ -19,10 +19,8 @@
package com.epam.dlab.backendapi.modules;
-import com.epam.dlab.auth.SecurityFactory;
import com.epam.dlab.backendapi.SelfServiceApplication;
import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration;
-import com.epam.dlab.backendapi.auth.SelfServiceSecurityAuthenticator;
import com.epam.dlab.backendapi.dao.BillingDAO;
import com.epam.dlab.backendapi.dao.KeyDAO;
import com.epam.dlab.backendapi.dao.gcp.GcpBillingDao;
@@ -41,7 +39,6 @@ import com.fiestacabin.dropwizard.quartz.SchedulerConfiguration;
import com.google.inject.Injector;
import com.google.inject.Provides;
import com.google.inject.Singleton;
-import io.dropwizard.auth.Authorizer;
import io.dropwizard.setup.Environment;
import org.quartz.Scheduler;
import org.quartz.SchedulerException;
@@ -57,14 +54,12 @@ public class GcpSelfServiceModule extends CloudModule {
@SuppressWarnings("unchecked")
public void init(Environment environment, Injector injector) {
- environment.jersey().register(injector.getInstance(EdgeCallbackGcp.class));
+ /*environment.jersey().register(injector.getInstance(EdgeCallbackGcp.class));
environment.jersey().register(injector.getInstance(KeyUploaderCallbackGcp.class));
environment.jersey().register(injector.getInstance(ComputationalResourceGcp.class));
if (injector.getInstance(SelfServiceApplicationConfiguration.class).isGcpOuauth2AuthenticationEnabled()) {
environment.jersey().register(injector.getInstance(GcpOauthResource.class));
- }
- injector.getInstance(SecurityFactory.class).configure(injector, environment,
- SelfServiceSecurityAuthenticator.class, injector.getInstance(Authorizer.class));
+ }*/
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/SecurityResource.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/SecurityResource.java
index d996558..1396fbd 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/SecurityResource.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/SecurityResource.java
@@ -65,10 +65,10 @@ public class SecurityResource implements SecurityAPI {
private SelfServiceApplicationConfiguration configuration;
@Inject
- public SecurityResource(SecurityDAO dao, @Named(ServiceConsts.SECURITY_SERVICE_NAME) RESTService securityService,
+ public SecurityResource(SecurityDAO dao,
EnvStatusListener envStatusListener, SelfServiceApplicationConfiguration configuration) {
this.dao = dao;
- this.securityService = securityService;
+ this.securityService = null;
this.envStatusListener = envStatusListener;
this.configuration = configuration;
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/servlet/guacamole/GuacamoleSecurityFilter.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/servlet/guacamole/GuacamoleSecurityFilter.java
index 4545ed7..e5b0cc2 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/servlet/guacamole/GuacamoleSecurityFilter.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/servlet/guacamole/GuacamoleSecurityFilter.java
@@ -1,27 +1,18 @@
package com.epam.dlab.backendapi.servlet.guacamole;
-import com.epam.dlab.auth.UserInfo;
-import com.epam.dlab.backendapi.auth.SelfServiceSecurityAuthenticator;
import com.google.inject.Inject;
-import io.dropwizard.auth.AuthenticationException;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.core.HttpHeaders;
import java.io.IOException;
-import java.util.Optional;
@Slf4j
public class GuacamoleSecurityFilter implements Filter {
private static final String AUTH_HEADER_PREFIX = "Bearer ";
- private final SelfServiceSecurityAuthenticator authenticator;
@Inject
- public GuacamoleSecurityFilter(SelfServiceSecurityAuthenticator authenticator) {
- this.authenticator = authenticator;
+ public GuacamoleSecurityFilter() {
+
}
@Override
@@ -31,7 +22,7 @@ public class GuacamoleSecurityFilter implements Filter {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest) servletRequest;
+ /*HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
final String authorization = request.getHeader(HttpHeaders.AUTHORIZATION);
try {
@@ -45,7 +36,8 @@ public class GuacamoleSecurityFilter implements Filter {
}
} catch (AuthenticationException e) {
log.error("Authentication error occurred: {}", e.getMessage());
- }
+ }*/
+ filterChain.doFilter(servletRequest, servletResponse);
}
diff --git a/services/self-service/src/test/java/com/epam/dlab/backendapi/resources/SecurityResourceTest.java b/services/self-service/src/test/java/com/epam/dlab/backendapi/resources/SecurityResourceTest.java
index 967c05e..2663bcf 100644
--- a/services/self-service/src/test/java/com/epam/dlab/backendapi/resources/SecurityResourceTest.java
+++ b/services/self-service/src/test/java/com/epam/dlab/backendapi/resources/SecurityResourceTest.java
@@ -54,7 +54,7 @@ public class SecurityResourceTest extends TestBase {
@Rule
public final ResourceTestRule resources = getResourceTestRuleInstance(
- new SecurityResource(securityDAO, securityService, envStatusListener, configuration));
+ new SecurityResource(securityDAO, envStatusListener, configuration));
@Before
public void setup() throws AuthenticationException {
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org
[incubator-dlab] 02/02: DLAB-000 added keycloak support
Posted by bh...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
bhliva pushed a commit to branch dlab_refactored
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
commit d57dab3be317dca0b0ba75ff6b230671dbadef75
Author: bhliva <bo...@epam.com>
AuthorDate: Tue Jul 2 14:16:54 2019 +0300
DLAB-000 added keycloak support
---
.../com/epam/dlab/auth/SystemUserInfoService.java | 50 -------
.../epam/dlab/auth/SystemUserInfoServiceImpl.java | 74 -----------
services/provisioning-service/pom.xml | 10 +-
services/provisioning-service/provisioning.yml | 15 ++-
.../DropwizardBearerTokenFilterImpl.java | 20 +++
.../backendapi/ProvisioningServiceApplication.java | 49 ++++++-
...rovisioningServiceApplicationConfiguration.java | 7 +
.../response/handlers/BackupCallbackHandler.java | 7 +-
.../handlers/CheckInactivityCallbackHandler.java | 11 +-
.../handlers/ComputationalCallbackHandler.java | 6 +-
.../response/handlers/ComputationalConfigure.java | 5 +-
.../ComputationalConfigureCallbackHandler.java | 6 +-
.../response/handlers/EdgeCallbackHandler.java | 4 +-
.../handlers/ExploratoryCallbackHandler.java | 6 +-
.../ExploratoryGitCredsCallbackHandler.java | 8 +-
.../handlers/ImageCreateCallbackHandler.java | 7 +-
.../handlers/LibInstallCallbackHandler.java | 6 +-
.../response/handlers/LibListCallbackHandler.java | 10 +-
.../response/handlers/ResourceCallbackHandler.java | 12 +-
.../handlers/ResourcesStatusCallbackHandler.java | 6 +-
.../handlers/ReuploadKeyCallbackHandler.java | 7 +-
.../dlab/backendapi/modules/ProductionModule.java | 5 +-
.../backendapi/modules/ProvisioningDevModule.java | 17 +--
.../dlab/backendapi/resources/BackupResource.java | 5 +-
.../resources/GitExploratoryResource.java | 8 +-
.../dlab/backendapi/resources/ImageResource.java | 8 +-
.../dlab/backendapi/resources/LibraryResource.java | 12 +-
.../resources/aws/ComputationalResourceAws.java | 6 +-
.../backendapi/resources/aws/EdgeResourceAws.java | 6 +-
.../resources/azure/EdgeResourceAzure.java | 6 +-
.../backendapi/resources/base/EdgeService.java | 3 -
.../resources/base/ExploratoryService.java | 70 +++++-----
.../resources/base/InfrastructureService.java | 6 +-
.../resources/gcp/ComputationalResourceGcp.java | 6 +-
.../backendapi/resources/gcp/EdgeResourceGcp.java | 2 +-
.../service/impl/CheckInactivityServiceImpl.java | 4 +-
.../backendapi/service/impl/DockerService.java | 23 ++--
.../dlab/backendapi/service/impl/KeyService.java | 7 +-
.../service/impl/SparkClusterService.java | 9 +-
.../core/commands/CommandExecutorMockTest.java | 4 +-
.../dao/FileSystemCallbackHandlerDaoTest.java | 9 +-
services/self-service/self-service.yml | 27 +++-
.../dlab/backendapi/SelfServiceApplication.java | 8 +-
.../SelfServiceApplicationConfiguration.java | 3 +-
.../com/epam/dlab/backendapi/dao/SecurityDAO.java | 19 ++-
.../ProvisioningServiceHealthCheck.java | 53 --------
.../epam/dlab/backendapi/modules/DevModule.java | 28 ++--
.../dlab/backendapi/modules/ProductionModule.java | 3 -
.../backendapi/resources/ExploratoryResource.java | 2 +-
.../backendapi/resources/KeycloakResource.java | 29 +++++
.../resources/callback/BackupCallback.java | 4 +-
.../callback/CheckInactivityCallback.java | 10 +-
.../resources/callback/ComputationalCallback.java | 9 +-
.../callback/EnvironmentStatusCallback.java | 2 +-
.../resources/callback/ExploratoryCallback.java | 9 +-
.../resources/callback/GitCredsCallback.java | 2 +-
.../resources/callback/ImageCallback.java | 2 +-
.../resources/callback/LibraryCallback.java | 92 ++++++-------
.../resources/callback/ReuploadKeyCallback.java | 2 +-
.../callback/aws/KeyUploaderCallbackAws.java | 38 +++---
.../callback/azure/EdgeCallbackAzure.java | 32 +++--
.../callback/azure/KeyUploaderCallbackAzure.java | 2 +-
.../resources/callback/base/EdgeCallback.java | 6 +-
.../resources/callback/gcp/EdgeCallbackGcp.java | 4 +-
.../callback/gcp/KeyUploaderCallbackGcp.java | 4 +-
.../schedulers/CheckInactivityScheduledJob.java | 4 -
.../dlab/backendapi/service/AccessKeyService.java | 16 +++
.../dlab/backendapi/service/KeycloakService.java | 8 ++
.../backendapi/service/KeycloakServiceImpl.java | 57 ++++++++
.../backendapi/service/SchedulerJobService.java | 1 -
.../dlab/backendapi/service/SecurityService.java | 8 ++
.../backendapi/service/SecurityServiceImpl.java | 51 ++++++++
.../service/impl/EnvironmentServiceImpl.java | 20 ++-
.../service/impl/InactivityServiceImpl.java | 8 +-
.../service/impl/SchedulerJobServiceImpl.java | 16 +--
.../service/impl/EnvironmentServiceImplTest.java | 68 +++++-----
.../service/impl/SchedulerJobServiceImplTest.java | 144 ++++++++++-----------
77 files changed, 648 insertions(+), 685 deletions(-)
diff --git a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoService.java b/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoService.java
deleted file mode 100644
index 8b53b20..0000000
--- a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoService.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth;
-
-import java.util.Optional;
-
-/**
- * Interface is used to manage system users
- * The purpose of this interface is to create user to allow
- * to make call from self services to provisioning services e.g.
- * when have no client full client credential information. E.g. need to make
- * call from cron job
- */
-public interface SystemUserInfoService {
-
- /**
- * Return system user if it was registered in system
- * and remove current user from persistent storage if
- * it exist
- *
- * @param token access token
- * @return user info
- */
- Optional<UserInfo> getUser(String token);
-
- /**
- * Creates new system user with specified name
- *
- * @param name user name
- * @return user info
- */
- UserInfo create(String name);
-}
diff --git a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoServiceImpl.java b/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoServiceImpl.java
deleted file mode 100644
index 1f3fc50..0000000
--- a/services/dlab-webapp-common/src/main/java/com/epam/dlab/auth/SystemUserInfoServiceImpl.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.auth;
-
-import com.epam.dlab.mongo.MongoService;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import com.mongodb.client.MongoCollection;
-import lombok.extern.slf4j.Slf4j;
-import org.bson.Document;
-
-import java.util.Optional;
-import java.util.UUID;
-
-import static com.mongodb.client.model.Filters.eq;
-
-
-@Slf4j
-@Singleton
-public class SystemUserInfoServiceImpl implements SystemUserInfoService {
-
- private static final String USER_NAME_FIELD = "name";
- private static final String SYSTEM_USERS_COLLECTION = "systemUsers";
- private static final String ID_FIELD = "_id";
- @Inject
- private MongoService mongoService;
-
- @Override
- public Optional<UserInfo> getUser(String token) {
- final Document document = systemUserCollection().findOneAndDelete(eq(ID_FIELD,
- token));
- return document != null ? Optional.of(toUserInfo(document)) : Optional.empty();
-
- }
-
- @Override
- public UserInfo create(String name) {
- log.debug("Creating new system user with name {}", name);
- final String token = UUID.randomUUID().toString();
- systemUserCollection().insertOne(toSystemUserDocument(token, name));
- return new UserInfo(name, token);
- }
-
-
- private UserInfo toUserInfo(Document document) {
- return new UserInfo(document.getString(USER_NAME_FIELD), document.getString(ID_FIELD));
- }
-
- private Document toSystemUserDocument(String token, String name) {
- return new Document(ID_FIELD, token).append
- (USER_NAME_FIELD, name);
- }
-
- private MongoCollection<Document> systemUserCollection() {
- return mongoService.getCollection(SYSTEM_USERS_COLLECTION);
- }
-}
diff --git a/services/provisioning-service/pom.xml b/services/provisioning-service/pom.xml
index d853d12..50342fe 100644
--- a/services/provisioning-service/pom.xml
+++ b/services/provisioning-service/pom.xml
@@ -35,6 +35,11 @@
<artifactId>common</artifactId>
</dependency>
<dependency>
+ <groupId>de.ahus1.keycloak.dropwizard</groupId>
+ <artifactId>keycloak-dropwizard</artifactId>
+ <version>1.1.1</version>
+ </dependency>
+ <dependency>
<groupId>de.thomaskrille</groupId>
<artifactId>dropwizard-template-config</artifactId>
</dependency>
@@ -44,11 +49,6 @@
<version>${project.parent.version}</version>
</dependency>
<dependency>
- <groupId>org.mongodb</groupId>
- <artifactId>mongo-java-driver</artifactId>
- <version>${org.mongodb.version}</version>
- </dependency>
- <dependency>
<groupId>com.epam.dlab</groupId>
<artifactId>dlab-utils</artifactId>
<version>${project.parent.version}</version>
diff --git a/services/provisioning-service/provisioning.yml b/services/provisioning-service/provisioning.yml
index 7e56267..c9a30ba 100644
--- a/services/provisioning-service/provisioning.yml
+++ b/services/provisioning-service/provisioning.yml
@@ -56,7 +56,7 @@ server:
- type: https
port: 8084
certAlias: dlab
- validateCerts: true
+ validateCerts: false
keyStorePath: ${KEY_STORE_PATH}
keyStorePassword: ${KEY_STORE_PASSWORD}
trustStorePath: ${TRUST_STORE_PATH}
@@ -66,7 +66,7 @@ server:
- type: https
port: 8085
certAlias: dlab
- validateCerts: true
+ validateCerts: false
keyStorePath: ${KEY_STORE_PATH}
keyStorePassword: ${KEY_STORE_PASSWORD}
trustStorePath: ${TRUST_STORE_PATH}
@@ -86,3 +86,14 @@ logging:
archive: true
archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/provisioning-%d{yyyy-MM-dd}.log.gz
archivedFileCount: 10
+
+keycloakConfiguration:
+ realm: DLAB_bhliva
+ bearer-only: true
+ auth-server-url: http://52.11.45.11:8080/auth
+ ssl-required: none
+ register-node-at-startup: true
+ register-node-period: 600
+ resource: sss
+ credentials:
+ secret: 37338cc5-77f9-47f9-9d95-5cb716b91118
\ No newline at end of file
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java
new file mode 100644
index 0000000..9be4251
--- /dev/null
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/DropwizardBearerTokenFilterImpl.java
@@ -0,0 +1,20 @@
+package com.epam.dlab.backendapi;
+
+import org.keycloak.adapters.AdapterDeploymentContext;
+import org.keycloak.adapters.KeycloakDeployment;
+import org.keycloak.adapters.NodesRegistrationManagement;
+import org.keycloak.jaxrs.JaxrsBearerTokenFilterImpl;
+
+import javax.annotation.Priority;
+import javax.ws.rs.Priorities;
+import javax.ws.rs.container.PreMatching;
+
+@PreMatching
+@Priority(Priorities.AUTHENTICATION)
+public class DropwizardBearerTokenFilterImpl extends JaxrsBearerTokenFilterImpl {
+
+ public DropwizardBearerTokenFilterImpl(KeycloakDeployment keycloakDeployment) {
+ deploymentContext = new AdapterDeploymentContext(keycloakDeployment);
+ nodesRegistrationManagement = new NodesRegistrationManagement();
+ }
+}
\ No newline at end of file
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplication.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplication.java
index 4f063c6..a600aae 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplication.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplication.java
@@ -20,8 +20,7 @@
package com.epam.dlab.backendapi;
-import com.epam.dlab.auth.SecurityFactory;
-import com.epam.dlab.auth.SystemUserInfoService;
+import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.DirectoriesCreator;
import com.epam.dlab.backendapi.core.DockerWarmuper;
import com.epam.dlab.backendapi.core.response.handlers.ComputationalConfigure;
@@ -40,12 +39,21 @@ import com.fasterxml.jackson.databind.InjectableValues;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.inject.Guice;
import com.google.inject.Injector;
+import de.ahus1.keycloak.dropwizard.AbstractKeycloakAuthenticator;
+import de.ahus1.keycloak.dropwizard.KeycloakBundle;
+import de.ahus1.keycloak.dropwizard.KeycloakConfiguration;
import de.thomaskrille.dropwizard_template_config.TemplateConfigBundle;
import de.thomaskrille.dropwizard_template_config.TemplateConfigBundleConfiguration;
import io.dropwizard.Application;
+import io.dropwizard.auth.Authenticator;
+import io.dropwizard.auth.Authorizer;
import io.dropwizard.jersey.setup.JerseyEnvironment;
import io.dropwizard.setup.Bootstrap;
import io.dropwizard.setup.Environment;
+import org.keycloak.KeycloakSecurityContext;
+
+import javax.servlet.http.HttpServletRequest;
+import java.security.Principal;
public class ProvisioningServiceApplication extends Application<ProvisioningServiceApplicationConfiguration> {
@@ -61,6 +69,41 @@ public class ProvisioningServiceApplication extends Application<ProvisioningServ
bootstrap.addBundle(new TemplateConfigBundle(
new TemplateConfigBundleConfiguration().fileIncludePath(ServiceUtils.getConfPath())
));
+ bootstrap.addBundle(new KeycloakBundle<ProvisioningServiceApplicationConfiguration>() {
+ @Override
+ protected KeycloakConfiguration getKeycloakConfiguration(ProvisioningServiceApplicationConfiguration configuration) {
+ return configuration.getKeycloakConfiguration();
+ }
+
+ @Override
+ protected Class<? extends Principal> getUserClass() {
+ return UserInfo.class;
+ }
+
+ @Override
+ protected Authorizer createAuthorizer() {
+ return (Authorizer<UserInfo>) (principal, role) -> principal.getRoles().contains(role);
+ }
+
+ @Override
+ protected Authenticator createAuthenticator(KeycloakConfiguration configuration) {
+ class KeycloakAuthenticator extends AbstractKeycloakAuthenticator<UserInfo> {
+
+ private KeycloakAuthenticator(KeycloakConfiguration keycloakConfiguration) {
+ super(keycloakConfiguration);
+ }
+
+ @Override
+ protected UserInfo prepareAuthentication(KeycloakSecurityContext keycloakSecurityContext,
+ HttpServletRequest httpServletRequest,
+ KeycloakConfiguration keycloakConfiguration) {
+ return new UserInfo(keycloakSecurityContext.getToken().getPreferredUsername(),
+ keycloakSecurityContext.getIdTokenString());
+ }
+ }
+ return new KeycloakAuthenticator(configuration);
+ }
+ });
}
@Override
@@ -73,13 +116,11 @@ public class ProvisioningServiceApplication extends Application<ProvisioningServ
Injector injector = Guice.createInjector(ModuleFactory.getModule(configuration, environment), cloudModule);
cloudModule.init(environment, injector);
- injector.getInstance(SecurityFactory.class).configure(injector, environment);
final ObjectMapper mapper = injector.getInstance(ObjectMapper.class);
final InjectableValues.Std injectableValues = new InjectableValues.Std();
injectableValues.addValue(RESTService.class, injector.getInstance(RESTService.class));
injectableValues.addValue(ComputationalConfigure.class, injector.getInstance(ComputationalConfigure.class));
- injectableValues.addValue(SystemUserInfoService.class, injector.getInstance(SystemUserInfoService.class));
mapper.setInjectableValues(injectableValues);
environment.lifecycle().manage(injector.getInstance(DirectoriesCreator.class));
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplicationConfiguration.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplicationConfiguration.java
index 6a39c58..adf5198 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplicationConfiguration.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/ProvisioningServiceApplicationConfiguration.java
@@ -24,6 +24,7 @@ import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.validation.ProvisioningServiceCloudConfigurationSequenceProvider;
import com.epam.dlab.validation.AwsValidation;
import com.fasterxml.jackson.annotation.JsonProperty;
+import de.ahus1.keycloak.dropwizard.KeycloakConfiguration;
import io.dropwizard.util.Duration;
import org.hibernate.validator.constraints.NotEmpty;
import org.hibernate.validator.group.GroupSequenceProvider;
@@ -93,6 +94,8 @@ public class ProvisioningServiceApplicationConfiguration extends ServiceConfigur
@JsonProperty
private boolean handlersPersistenceEnabled;
+ private KeycloakConfiguration keycloakConfiguration = new KeycloakConfiguration();
+
public boolean isHandlersPersistenceEnabled() {
return handlersPersistenceEnabled;
}
@@ -179,4 +182,8 @@ public class ProvisioningServiceApplicationConfiguration extends ServiceConfigur
public String getHandlerDirectory() {
return handlerDirectory;
}
+
+ public KeycloakConfiguration getKeycloakConfiguration() {
+ return keycloakConfiguration;
+ }
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/BackupCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/BackupCallbackHandler.java
index 9338431..193d4d7 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/BackupCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/BackupCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
import com.epam.dlab.dto.backup.EnvBackupDTO;
import com.epam.dlab.dto.backup.EnvBackupStatus;
@@ -48,7 +47,6 @@ public class BackupCallbackHandler implements FileHandlerCallback {
@JsonProperty
private final EnvBackupDTO dto;
private final RESTService selfService;
- private final SystemUserInfoService systemUserInfoService;
@JsonProperty
private final String callbackUrl;
@JsonProperty
@@ -56,12 +54,10 @@ public class BackupCallbackHandler implements FileHandlerCallback {
@JsonCreator
public BackupCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService,
@JsonProperty("callbackUrl") String callbackUrl, @JsonProperty("user") String user,
@JsonProperty("dto") EnvBackupDTO dto) {
this.selfService = selfService;
- this.systemUserInfoService = systemUserInfoService;
this.uuid = dto.getId();
this.callbackUrl = callbackUrl;
this.user = user;
@@ -100,8 +96,7 @@ public class BackupCallbackHandler implements FileHandlerCallback {
private void selfServicePost(EnvBackupStatusDTO statusDTO) {
log.debug("Send post request to self service {} for UUID {}, object is {}", uuid, statusDTO);
try {
- selfService.post(callbackUrl, systemUserInfoService.create(user).getAccessToken(), statusDTO,
- Response.class);
+ selfService.post(callbackUrl, statusDTO, Response.class);
} catch (Exception e) {
log.error("Send request or response error for UUID {}: {}", uuid, e.getLocalizedMessage(), e);
throw new DlabException("Send request or response error for UUID " + uuid + ": " + e.getLocalizedMessage()
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/CheckInactivityCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/CheckInactivityCallbackHandler.java
index 2a2e9e7..6269c9f 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/CheckInactivityCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/CheckInactivityCallbackHandler.java
@@ -18,7 +18,6 @@
*/
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.computational.CheckInactivityStatusDTO;
@@ -56,11 +55,9 @@ public class CheckInactivityCallbackHandler implements FileHandlerCallback {
private final String exploratoryName;
@JsonProperty
private final String computationalName;
- private SystemUserInfoService systemUserInfoService;
@JsonCreator
public CheckInactivityCallbackHandler(@JacksonInject RESTService selfService,
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JsonProperty("callbackUrl") String callbackUrl,
@JsonProperty("user") String user, String uuid, String exploratoryName,
String computationalName) {
@@ -70,12 +67,11 @@ public class CheckInactivityCallbackHandler implements FileHandlerCallback {
this.user = user;
this.exploratoryName = exploratoryName;
this.computationalName = computationalName;
- this.systemUserInfoService = systemUserInfoService;
}
- public CheckInactivityCallbackHandler(RESTService selfService, SystemUserInfoService systemUserInfoService,
+ public CheckInactivityCallbackHandler(RESTService selfService,
String callbackUrl, String user, String uuid, String exploratoryName) {
- this(selfService, systemUserInfoService, callbackUrl, user, uuid, exploratoryName, null);
+ this(selfService, callbackUrl, user, uuid, exploratoryName, null);
}
@Override
@@ -133,8 +129,7 @@ public class CheckInactivityCallbackHandler implements FileHandlerCallback {
private void selfServicePost(CheckInactivityStatusDTO statusDTO) {
log.debug("Send post request to self service for UUID {}, object is {}", uuid, statusDTO);
try {
- selfService.post(callbackUrl, systemUserInfoService.create(user).getAccessToken(), statusDTO,
- Response.class);
+ selfService.post(callbackUrl, statusDTO, Response.class);
} catch (Exception e) {
log.error("Send request or response error for UUID {}: {}", uuid, e.getLocalizedMessage(), e);
throw new DlabException("Send request or response error for UUID " + uuid + ": "
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalCallbackHandler.java
index c270e1a..8ccf260 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.ResourceURL;
import com.epam.dlab.dto.UserInstanceStatus;
@@ -54,14 +53,13 @@ public class ComputationalCallbackHandler extends ResourceCallbackHandler<Comput
private ComputationalConfigure computationalConfigure;
@JsonCreator
- public ComputationalCallbackHandler(@JacksonInject SystemUserInfoService systemUserInfoService,
- @JacksonInject ComputationalConfigure computationalConfigure,
+ public ComputationalCallbackHandler(@JacksonInject ComputationalConfigure computationalConfigure,
@JacksonInject RESTService selfService,
@JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid,
@JsonProperty("dto") ComputationalBase<?> dto) {
- super(systemUserInfoService, selfService, dto.getCloudSettings().getIamUser(), uuid, action);
+ super(selfService, dto.getCloudSettings().getIamUser(), uuid, action);
this.computationalConfigure = computationalConfigure;
this.dto = dto;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigure.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigure.java
index 1838080..adba483 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigure.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigure.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -50,8 +49,6 @@ public class ComputationalConfigure implements DockerCommands {
private CommandBuilder commandBuilder;
@Inject
private RESTService selfService;
- @Inject
- private SystemUserInfoService systemUserInfoService;
public String configure(String uuid, ComputationalBase<?> dto) {
switch (configuration.getCloudProvider()) {
@@ -110,7 +107,7 @@ public class ComputationalConfigure implements DockerCommands {
private FileHandlerCallback getFileHandlerCallback(DockerAction action, String originalUuid, ComputationalBase<?>
dto) {
- return new ComputationalConfigureCallbackHandler(systemUserInfoService, selfService, action, originalUuid, dto);
+ return new ComputationalConfigureCallbackHandler(selfService, action, originalUuid, dto);
}
private String nameContainer(String user, DockerAction action, String exploratoryName, String name) {
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigureCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigureCallbackHandler.java
index ba54317..c53c86e 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigureCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ComputationalConfigureCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.base.computational.ComputationalBase;
import com.epam.dlab.dto.computational.ComputationalStatusDTO;
@@ -39,12 +38,11 @@ public class ComputationalConfigureCallbackHandler extends ResourceCallbackHandl
private final ComputationalBase<?> dto;
@JsonCreator
- public ComputationalConfigureCallbackHandler(@JacksonInject SystemUserInfoService systemUserInfoService,
- @JacksonInject RESTService selfService,
+ public ComputationalConfigureCallbackHandler(@JacksonInject RESTService selfService,
@JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid,
@JsonProperty("dto") ComputationalBase<?> dto) {
- super(systemUserInfoService, selfService, dto.getCloudSettings().getIamUser(), uuid, action);
+ super(selfService, dto.getCloudSettings().getIamUser(), uuid, action);
this.dto = dto;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/EdgeCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/EdgeCallbackHandler.java
index 50dddea..d869e58 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/EdgeCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/EdgeCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.base.edge.EdgeInfo;
@@ -41,14 +40,13 @@ public class EdgeCallbackHandler<E extends EdgeInfo, T extends UploadFileResult<
@JsonCreator
public EdgeCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService, @JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid, @JsonProperty("user") String user,
@JsonProperty("callbackURI") String callbackURI,
@JsonProperty("responseType") Class<E> responseType,
@JsonProperty("resultType") Class<T> enclosingType) {
- super(systemUserInfoService, selfService, user, uuid, action, enclosingType);
+ super(selfService, user, uuid, action, enclosingType);
this.callbackURI = callbackURI;
this.responseType = responseType;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryCallbackHandler.java
index 9359ece..62746e8 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.ResourceURL;
import com.epam.dlab.dto.UserInstanceStatus;
@@ -53,12 +52,11 @@ public class ExploratoryCallbackHandler extends ResourceCallbackHandler<Explorat
private final String exploratoryName;
@JsonCreator
- public ExploratoryCallbackHandler(@JacksonInject SystemUserInfoService systemUserInfoService,
- @JacksonInject RESTService selfService,
+ public ExploratoryCallbackHandler(@JacksonInject RESTService selfService,
@JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid, @JsonProperty("user") String user,
@JsonProperty("exploratoryName") String exploratoryName) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ super(selfService, user, uuid, action);
this.exploratoryName = exploratoryName;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryGitCredsCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryGitCredsCallbackHandler.java
index 4d07fbd..b6857e5 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryGitCredsCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ExploratoryGitCredsCallbackHandler.java
@@ -19,9 +19,8 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
-import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.backendapi.core.commands.DockerAction;
+import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.exploratory.ExploratoryStatusDTO;
import com.epam.dlab.rest.client.RESTService;
import com.epam.dlab.rest.contracts.ApiCallbacks;
@@ -38,13 +37,12 @@ public class ExploratoryGitCredsCallbackHandler extends ResourceCallbackHandler<
private final String exploratoryName;
@JsonCreator
- public ExploratoryGitCredsCallbackHandler(@JacksonInject SystemUserInfoService systemUserInfoService,
- @JacksonInject RESTService selfService,
+ public ExploratoryGitCredsCallbackHandler(@JacksonInject RESTService selfService,
@JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid,
@JsonProperty("user") String user,
@JsonProperty("exploratoryName") String exploratoryName) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ super(selfService, user, uuid, action);
this.exploratoryName = exploratoryName;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ImageCreateCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ImageCreateCallbackHandler.java
index cf905e1..8f185a6 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ImageCreateCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ImageCreateCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.exploratory.ExploratoryImageDTO;
@@ -43,23 +42,21 @@ public class ImageCreateCallbackHandler extends ResourceCallbackHandler<ImageCre
private final String exploratoryName;
public ImageCreateCallbackHandler(
- SystemUserInfoService systemUserInfoService,
RESTService selfService, String uuid, DockerAction action,
ExploratoryImageDTO image) {
- super(systemUserInfoService, selfService, image.getCloudSettings().getIamUser(), uuid, action);
+ super(selfService, image.getCloudSettings().getIamUser(), uuid, action);
this.imageName = image.getImageName();
this.exploratoryName = image.getExploratoryName();
}
@JsonCreator
private ImageCreateCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService, @JsonProperty("uuid") String uuid,
@JsonProperty("action") DockerAction action,
@JsonProperty("user") String user,
@JsonProperty("imageName") String imageName,
@JsonProperty("exploratoryName") String exploratoryName) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ super(selfService, user, uuid, action);
this.imageName = imageName;
this.exploratoryName = exploratoryName;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibInstallCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibInstallCallbackHandler.java
index 54406ba..a31fea3 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibInstallCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibInstallCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.exploratory.LibInstallDTO;
@@ -72,12 +71,11 @@ public class LibInstallCallbackHandler extends ResourceCallbackHandler<LibInstal
*/
@JsonCreator
public LibInstallCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService,
@JsonProperty("action") DockerAction action,
@JsonProperty("uuid") String uuid, @JsonProperty("user") String user,
@JsonProperty("dto") LibraryInstallDTO dto) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ super(selfService, user, uuid, action);
this.dto = dto;
}
@@ -100,7 +98,7 @@ public class LibInstallCallbackHandler extends ResourceCallbackHandler<LibInstal
try {
final List<LibInstallDTO> libs = mapper.readValue(nodeLibs.toString(),
new TypeReference<List<LibInstallDTO>>() {
- });
+ });
status.withLibs(libs);
} catch (IOException e) {
log.warn("Can't parse field {} for UUID {} in JSON", LIBS_ABSOLUTE_PATH, getUUID(), e);
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibListCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibListCallbackHandler.java
index fa38158..ca0268c 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibListCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/LibListCallbackHandler.java
@@ -19,9 +19,8 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
-import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.backendapi.core.commands.DockerAction;
+import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.exploratory.LibListStatusDTO;
import com.epam.dlab.exceptions.DlabException;
import com.epam.dlab.rest.client.RESTService;
@@ -63,11 +62,10 @@ public class LibListCallbackHandler extends ResourceCallbackHandler<LibListStatu
*/
@JsonCreator
public LibListCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService, @JsonProperty("action") DockerAction action,
- @JsonProperty("uuid") String uuid, @JsonProperty("user") String user,
- @JsonProperty("imageName") String imageName) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ @JsonProperty("uuid") String uuid, @JsonProperty("user") String user,
+ @JsonProperty("imageName") String imageName) {
+ super(selfService, user, uuid, action);
this.imageName = imageName;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourceCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourceCallbackHandler.java
index d207b35..6bc1466 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourceCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourceCallbackHandler.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.StatusBaseDTO;
@@ -51,8 +50,6 @@ public abstract class ResourceCallbackHandler<T extends StatusBaseDTO<?>> implem
@JsonIgnore
private final RESTService selfService;
- @JsonIgnore
- private final SystemUserInfoService systemUserInfoService;
@JsonProperty
private final String user;
@JsonProperty
@@ -63,9 +60,8 @@ public abstract class ResourceCallbackHandler<T extends StatusBaseDTO<?>> implem
private final Class<T> resultType;
@SuppressWarnings("unchecked")
- public ResourceCallbackHandler(SystemUserInfoService systemUserInfoService, RESTService selfService, String user,
+ public ResourceCallbackHandler(RESTService selfService, String user,
String uuid, DockerAction action) {
- this.systemUserInfoService = systemUserInfoService;
this.selfService = selfService;
this.user = user;
this.uuid = uuid;
@@ -74,11 +70,10 @@ public abstract class ResourceCallbackHandler<T extends StatusBaseDTO<?>> implem
(Class<T>) ((ParameterizedType) this.getClass().getGenericSuperclass()).getActualTypeArguments()[0];
}
- public ResourceCallbackHandler(SystemUserInfoService systemUserInfoService, RESTService selfService, String user,
+ public ResourceCallbackHandler(RESTService selfService, String user,
String uuid,
DockerAction action,
Class<T> resultType) {
- this.systemUserInfoService = systemUserInfoService;
this.selfService = selfService;
this.user = user;
this.uuid = uuid;
@@ -109,8 +104,7 @@ public abstract class ResourceCallbackHandler<T extends StatusBaseDTO<?>> implem
debugMessage("Send post request to self service {} for UUID {}, object is {}",
getCallbackURI(), uuid, object);
try {
- selfService.post(getCallbackURI(), systemUserInfoService.create(user).getAccessToken(), object,
- resultType);
+ selfService.post(getCallbackURI(), object, resultType);
} catch (Exception e) {
log.error("Send request or response error for UUID {}: {}", uuid, e.getLocalizedMessage(), e);
throw new DlabException("Send request or responce error for UUID " + uuid + ": " + e.getLocalizedMessage()
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourcesStatusCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourcesStatusCallbackHandler.java
index 5f04882..d2a9d31 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourcesStatusCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ResourcesStatusCallbackHandler.java
@@ -20,7 +20,6 @@
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.status.EnvResourceList;
import com.epam.dlab.dto.status.EnvStatusDTO;
@@ -44,10 +43,9 @@ public class ResourcesStatusCallbackHandler extends ResourceCallbackHandler<EnvS
@JsonCreator
public ResourcesStatusCallbackHandler(
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JacksonInject RESTService selfService, @JsonProperty("action") DockerAction
- action, @JsonProperty("uuid") String uuid, @JsonProperty("user") String user) {
- super(systemUserInfoService, selfService, user, uuid, action);
+ action, @JsonProperty("uuid") String uuid, @JsonProperty("user") String user) {
+ super(selfService, user, uuid, action);
}
@Override
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ReuploadKeyCallbackHandler.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ReuploadKeyCallbackHandler.java
index 7ae47c5..16c9814 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ReuploadKeyCallbackHandler.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/core/response/handlers/ReuploadKeyCallbackHandler.java
@@ -18,7 +18,6 @@
*/
package com.epam.dlab.backendapi.core.response.handlers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
import com.epam.dlab.dto.reuploadkey.ReuploadKeyCallbackDTO;
import com.epam.dlab.dto.reuploadkey.ReuploadKeyStatus;
@@ -46,7 +45,6 @@ public class ReuploadKeyCallbackHandler implements FileHandlerCallback {
@JsonProperty
private final ReuploadKeyCallbackDTO dto;
private final RESTService selfService;
- private final SystemUserInfoService systemUserInfoService;
@JsonProperty
private final String callbackUrl;
@JsonProperty
@@ -54,12 +52,10 @@ public class ReuploadKeyCallbackHandler implements FileHandlerCallback {
@JsonCreator
public ReuploadKeyCallbackHandler(@JacksonInject RESTService selfService,
- @JacksonInject SystemUserInfoService systemUserInfoService,
@JsonProperty("callbackUrl") String callbackUrl,
@JsonProperty("user") String user,
@JsonProperty("dto") ReuploadKeyCallbackDTO dto) {
this.selfService = selfService;
- this.systemUserInfoService = systemUserInfoService;
this.uuid = dto.getId();
this.callbackUrl = callbackUrl;
this.user = user;
@@ -97,8 +93,7 @@ public class ReuploadKeyCallbackHandler implements FileHandlerCallback {
private void selfServicePost(ReuploadKeyStatusDTO statusDTO) {
log.debug("Send post request to self service for UUID {}, object is {}", uuid, statusDTO);
try {
- selfService.post(callbackUrl, systemUserInfoService.create(user).getAccessToken(), statusDTO,
- Response.class);
+ selfService.post(callbackUrl, statusDTO, Response.class);
} catch (Exception e) {
log.error("Send request or response error for UUID {}: {}", uuid, e.getLocalizedMessage(), e);
throw new DlabException("Send request or response error for UUID " + uuid + ": "
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
index 3ba4d42..e7dc88a 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
@@ -20,8 +20,6 @@
package com.epam.dlab.backendapi.modules;
import com.epam.dlab.ModuleBase;
-import com.epam.dlab.auth.SystemUserInfoService;
-import com.epam.dlab.auth.SystemUserInfoServiceImpl;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.DockerWarmuper;
import com.epam.dlab.backendapi.core.MetadataHolder;
@@ -29,8 +27,8 @@ import com.epam.dlab.backendapi.core.commands.CommandExecutor;
import com.epam.dlab.backendapi.core.commands.ICommandExecutor;
import com.epam.dlab.backendapi.core.response.handlers.dao.CallbackHandlerDao;
import com.epam.dlab.backendapi.core.response.handlers.dao.FileSystemCallbackHandlerDao;
-import com.epam.dlab.backendapi.service.RestoreCallbackHandlerService;
import com.epam.dlab.backendapi.service.CheckInactivityService;
+import com.epam.dlab.backendapi.service.RestoreCallbackHandlerService;
import com.epam.dlab.backendapi.service.impl.CheckInactivityServiceImpl;
import com.epam.dlab.backendapi.service.impl.RestoreCallbackHandlerServiceImpl;
import com.epam.dlab.constants.ServiceConsts;
@@ -69,7 +67,6 @@ public class ProductionModule extends ModuleBase<ProvisioningServiceApplicationC
.SELF_SERVICE_NAME));
bind(MetadataHolder.class).to(DockerWarmuper.class);
bind(ICommandExecutor.class).to(CommandExecutor.class).asEagerSingleton();
- bind(SystemUserInfoService.class).to(SystemUserInfoServiceImpl.class);
bind(MongoService.class).toInstance(configuration.getMongoFactory().build(environment));
bind(ObjectMapper.class).toInstance(new ObjectMapper().configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, true));
bind(CallbackHandlerDao.class).to(FileSystemCallbackHandlerDao.class);
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProvisioningDevModule.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProvisioningDevModule.java
index 3ec1035..04f03f6 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProvisioningDevModule.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/modules/ProvisioningDevModule.java
@@ -20,7 +20,6 @@
package com.epam.dlab.backendapi.modules;
import com.epam.dlab.ModuleBase;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.auth.contract.SecurityAPI;
import com.epam.dlab.auth.dto.UserCredentialDTO;
@@ -31,12 +30,11 @@ import com.epam.dlab.backendapi.core.commands.CommandExecutorMock;
import com.epam.dlab.backendapi.core.commands.ICommandExecutor;
import com.epam.dlab.backendapi.core.response.handlers.dao.CallbackHandlerDao;
import com.epam.dlab.backendapi.core.response.handlers.dao.FileSystemCallbackHandlerDao;
-import com.epam.dlab.backendapi.service.RestoreCallbackHandlerService;
import com.epam.dlab.backendapi.service.CheckInactivityService;
+import com.epam.dlab.backendapi.service.RestoreCallbackHandlerService;
import com.epam.dlab.backendapi.service.impl.CheckInactivityServiceImpl;
import com.epam.dlab.backendapi.service.impl.RestoreCallbackHandlerServiceImpl;
import com.epam.dlab.constants.ServiceConsts;
-import com.epam.dlab.mongo.MongoService;
import com.epam.dlab.rest.client.RESTService;
import com.epam.dlab.rest.contracts.DockerAPI;
import com.fasterxml.jackson.core.JsonParser;
@@ -45,7 +43,6 @@ import com.google.inject.name.Names;
import io.dropwizard.setup.Environment;
import javax.ws.rs.core.Response;
-import java.util.Optional;
/**
* Mock class for an application configuration of Provisioning Service for tests.
@@ -75,18 +72,6 @@ public class ProvisioningDevModule extends ModuleBase<ProvisioningServiceApplica
.SELF_SERVICE_NAME));
bind(MetadataHolder.class).to(DockerWarmuper.class);
bind(ICommandExecutor.class).toInstance(new CommandExecutorMock(configuration.getCloudProvider()));
- bind(SystemUserInfoService.class).toInstance(new SystemUserInfoService() {
- @Override
- public Optional<UserInfo> getUser(String token) {
- return Optional.of(getUserInfo());
- }
-
- @Override
- public UserInfo create(String name) {
- return getUserInfo();
- }
- });
- bind(MongoService.class).toInstance(configuration.getMongoFactory().build(environment));
bind(ObjectMapper.class).toInstance(new ObjectMapper().configure(JsonParser.Feature.AUTO_CLOSE_SOURCE, true));
bind(CallbackHandlerDao.class).to(FileSystemCallbackHandlerDao.class);
bind(RestoreCallbackHandlerService.class).to(RestoreCallbackHandlerServiceImpl.class);
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/BackupResource.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/BackupResource.java
index dfe33a4..1263b20 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/BackupResource.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/BackupResource.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.commands.ICommandExecutor;
@@ -55,14 +54,12 @@ public class BackupResource {
protected ICommandExecutor commandExecutor;
@Inject
protected RESTService selfService;
- @Inject
- private SystemUserInfoService systemUserInfoService;
@POST
public Response createBackup(@Auth UserInfo ui, EnvBackupDTO dto) {
folderListenerExecutor.start(configuration.getBackupDirectory(), configuration.getProcessTimeout(),
- new BackupCallbackHandler(systemUserInfoService, selfService, ApiCallbacks.BACKUP_URI, ui.getName(), dto));
+ new BackupCallbackHandler(selfService, ApiCallbacks.BACKUP_URI, ui.getName(), dto));
String command = new PythonBackupCommand(configuration.getBackupScriptPath())
.withConfig(dto.getConfigFiles())
.withJars(dto.getJars())
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/GitExploratoryResource.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/GitExploratoryResource.java
index 6b80776..80a3d5b 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/GitExploratoryResource.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/GitExploratoryResource.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -31,7 +30,6 @@ import com.epam.dlab.backendapi.service.impl.DockerService;
import com.epam.dlab.dto.exploratory.ExploratoryBaseDTO;
import com.epam.dlab.dto.exploratory.ExploratoryGitCredsUpdateDTO;
import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.inject.Inject;
import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
@@ -47,9 +45,6 @@ import javax.ws.rs.core.MediaType;
@Slf4j
public class GitExploratoryResource extends DockerService implements DockerCommands {
- @Inject
- private SystemUserInfoService systemUserInfoService;
-
@Path("/git_creds")
@POST
public String gitCredsUpdate(@Auth UserInfo ui, ExploratoryGitCredsUpdateDTO dto) throws JsonProcessingException {
@@ -80,8 +75,7 @@ public class GitExploratoryResource extends DockerService implements DockerComma
}
private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ExploratoryBaseDTO<?> dto) {
- return new ExploratoryGitCredsCallbackHandler(systemUserInfoService, selfService, action, uuid,
- dto.getCloudSettings().getIamUser(), dto.getExploratoryName());
+ return new ExploratoryGitCredsCallbackHandler(selfService, action, uuid, dto.getCloudSettings().getIamUser(), dto.getExploratoryName());
}
private String nameContainer(String user, DockerAction action, String name) {
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/ImageResource.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/ImageResource.java
index 9e71466..b57f5b2 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/ImageResource.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/ImageResource.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.commands.DockerAction;
@@ -30,7 +29,6 @@ import com.epam.dlab.backendapi.service.impl.DockerService;
import com.epam.dlab.dto.exploratory.ExploratoryImageDTO;
import com.epam.dlab.rest.contracts.ExploratoryAPI;
import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.inject.Inject;
import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
@@ -47,16 +45,12 @@ import javax.ws.rs.core.Response;
@Slf4j
public class ImageResource extends DockerService implements DockerCommands {
- @Inject
- private SystemUserInfoService systemUserInfoService;
-
@POST
public Response createImage(@Auth UserInfo ui, ExploratoryImageDTO image) throws JsonProcessingException {
final String uuid = DockerCommands.generateUUID();
folderListenerExecutor.start(configuration.getImagesDirectory(), configuration.getResourceStatusPollTimeout(),
- new ImageCreateCallbackHandler(systemUserInfoService, selfService, uuid,
- DockerAction.CREATE_IMAGE, image));
+ new ImageCreateCallbackHandler(selfService, uuid, DockerAction.CREATE_IMAGE, image));
String command = commandBuilder.buildCommand(getDockerCommand(DockerAction.CREATE_IMAGE, uuid, image), image);
commandExecutor.executeAsync(ui.getName(), uuid, command);
log.debug("Docker command: " + command);
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/LibraryResource.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/LibraryResource.java
index 23a0faa..0e07d69 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/LibraryResource.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/LibraryResource.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -37,7 +36,6 @@ import com.epam.dlab.dto.exploratory.LibraryInstallDTO;
import com.epam.dlab.rest.contracts.ComputationalAPI;
import com.epam.dlab.rest.contracts.ExploratoryAPI;
import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.inject.Inject;
import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
@@ -53,8 +51,6 @@ import javax.ws.rs.core.MediaType;
@Slf4j
public class LibraryResource extends DockerService implements DockerCommands {
- @Inject
- private SystemUserInfoService systemUserInfoService;
@POST
@Path(ExploratoryAPI.EXPLORATORY + "/lib_list")
@@ -156,11 +152,11 @@ public class LibraryResource extends DockerService implements DockerCommands {
ExploratoryBaseDTO<?> dto) {
switch (action) {
case LIB_INSTALL:
- return new LibInstallCallbackHandler(systemUserInfoService, selfService, action, uuid,
+ return new LibInstallCallbackHandler(selfService, action, uuid,
dto.getCloudSettings().getIamUser(),
(LibraryInstallDTO) dto);
case LIB_LIST:
- return new LibListCallbackHandler(systemUserInfoService, selfService, DockerAction.LIB_LIST, uuid,
+ return new LibListCallbackHandler(selfService, DockerAction.LIB_LIST, uuid,
dto.getCloudSettings().getIamUser(), dto.getNotebookImage());
default:
throw new IllegalArgumentException("Unknown action " + action);
@@ -171,10 +167,10 @@ public class LibraryResource extends DockerService implements DockerCommands {
ExploratoryBaseDTO<?> dto) {
switch (action) {
case LIB_LIST:
- return new LibListCallbackHandler(systemUserInfoService, selfService, action, uuid,
+ return new LibListCallbackHandler(selfService, action, uuid,
dto.getCloudSettings().getIamUser(), ((LibListComputationalDTO) dto).getLibCacheKey());
case LIB_INSTALL:
- return new LibInstallCallbackHandler(systemUserInfoService, selfService, action, uuid,
+ return new LibInstallCallbackHandler(selfService, action, uuid,
dto.getCloudSettings().getIamUser(), ((LibraryInstallDTO) dto));
default:
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/ComputationalResourceAws.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/ComputationalResourceAws.java
index a5848e1..8e8730c 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/ComputationalResourceAws.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/ComputationalResourceAws.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources.aws;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -65,8 +64,6 @@ public class ComputationalResourceAws extends DockerService implements DockerCom
private ComputationalConfigure computationalConfigure;
@Inject
private SparkClusterService sparkClusterService;
- @Inject
- private SystemUserInfoService systemUserInfoService;
@POST
@Path(ComputationalAPI.COMPUTATIONAL_CREATE_CLOUD_SPECIFIC)
@@ -187,8 +184,7 @@ public class ComputationalResourceAws extends DockerService implements DockerCom
}
private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ComputationalBase<?> dto) {
- return new ComputationalCallbackHandler(systemUserInfoService, computationalConfigure, selfService, action,
- uuid, dto);
+ return new ComputationalCallbackHandler(computationalConfigure, selfService, action, uuid, dto);
}
private String nameContainer(String user, DockerAction action, String exploratoryName, String name) {
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/EdgeResourceAws.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/EdgeResourceAws.java
index a44fbe8..22c26e9 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/EdgeResourceAws.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/aws/EdgeResourceAws.java
@@ -41,9 +41,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.io.IOException;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.EDGE;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.KEY_LOADER;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.STATUS_URI;
+import static com.epam.dlab.rest.contracts.ApiCallbacks.*;
/**
* Provides API to manage Edge node on AWS
@@ -88,7 +86,7 @@ public class EdgeResourceAws extends EdgeService {
@SuppressWarnings("unchecked")
protected FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, String user, String
callbackURI) {
- return new EdgeCallbackHandler(systemUserInfoService, selfService, action, uuid, user, callbackURI,
+ return new EdgeCallbackHandler(selfService, action, uuid, user, callbackURI,
EdgeInfoAws.class,
UploadFileResult.class);
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/azure/EdgeResourceAzure.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/azure/EdgeResourceAzure.java
index c400d1b..4ebad5c 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/azure/EdgeResourceAzure.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/azure/EdgeResourceAzure.java
@@ -41,9 +41,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import java.io.IOException;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.EDGE;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.KEY_LOADER;
-import static com.epam.dlab.rest.contracts.ApiCallbacks.STATUS_URI;
+import static com.epam.dlab.rest.contracts.ApiCallbacks.*;
/**
* Provides API to manage Edge node on Azure
@@ -88,7 +86,7 @@ public class EdgeResourceAzure extends EdgeService {
@SuppressWarnings("unchecked")
protected FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, String user, String
callbackURI) {
- return new EdgeCallbackHandler(systemUserInfoService, selfService, action, uuid, user, callbackURI,
+ return new EdgeCallbackHandler(selfService, action, uuid, user, callbackURI,
EdgeInfoAzure.class,
UploadFileResult.class);
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/EdgeService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/EdgeService.java
index 2510dd7..a5ed3dc 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/EdgeService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/EdgeService.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources.base;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -41,8 +40,6 @@ public abstract class EdgeService implements DockerCommands {
@Inject
protected RESTService selfService;
@Inject
- protected SystemUserInfoService systemUserInfoService;
- @Inject
private ProvisioningServiceApplicationConfiguration configuration;
@Inject
private FolderListenerExecutor folderListenerExecutor;
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/ExploratoryService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/ExploratoryService.java
index 74d7900..c25f484 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/ExploratoryService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/ExploratoryService.java
@@ -19,57 +19,53 @@
package com.epam.dlab.backendapi.resources.base;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
-import com.epam.dlab.backendapi.core.commands.*;
+import com.epam.dlab.backendapi.core.commands.DockerAction;
+import com.epam.dlab.backendapi.core.commands.DockerCommands;
+import com.epam.dlab.backendapi.core.commands.RunDockerCommand;
import com.epam.dlab.backendapi.core.response.handlers.ExploratoryCallbackHandler;
import com.epam.dlab.backendapi.service.impl.DockerService;
-import com.epam.dlab.backendapi.core.commands.DockerAction;
import com.epam.dlab.dto.exploratory.ExploratoryBaseDTO;
import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.inject.Inject;
import lombok.extern.slf4j.Slf4j;
@Slf4j
public class ExploratoryService extends DockerService implements DockerCommands {
- @Inject
- private SystemUserInfoService systemUserInfoService;
- public String action(String username, ExploratoryBaseDTO<?> dto, DockerAction action) throws JsonProcessingException {
- log.debug("{} exploratory environment", action);
- String uuid = DockerCommands.generateUUID();
- folderListenerExecutor.start(configuration.getImagesDirectory(),
- configuration.getResourceStatusPollTimeout(),
- getFileHandlerCallback(action, uuid, dto));
+ public String action(String username, ExploratoryBaseDTO<?> dto, DockerAction action) throws JsonProcessingException {
+ log.debug("{} exploratory environment", action);
+ String uuid = DockerCommands.generateUUID();
+ folderListenerExecutor.start(configuration.getImagesDirectory(),
+ configuration.getResourceStatusPollTimeout(),
+ getFileHandlerCallback(action, uuid, dto));
- RunDockerCommand runDockerCommand = new RunDockerCommand()
- .withInteractive()
- .withName(nameContainer(dto.getEdgeUserName(), action, dto.getExploratoryName()))
- .withVolumeForRootKeys(configuration.getKeyDirectory())
- .withVolumeForResponse(configuration.getImagesDirectory())
- .withVolumeForLog(configuration.getDockerLogDirectory(), getResourceType())
- .withResource(getResourceType())
- .withRequestId(uuid)
- .withConfKeyName(configuration.getAdminKey())
- .withImage(dto.getNotebookImage())
- .withAction(action);
+ RunDockerCommand runDockerCommand = new RunDockerCommand()
+ .withInteractive()
+ .withName(nameContainer(dto.getEdgeUserName(), action, dto.getExploratoryName()))
+ .withVolumeForRootKeys(configuration.getKeyDirectory())
+ .withVolumeForResponse(configuration.getImagesDirectory())
+ .withVolumeForLog(configuration.getDockerLogDirectory(), getResourceType())
+ .withResource(getResourceType())
+ .withRequestId(uuid)
+ .withConfKeyName(configuration.getAdminKey())
+ .withImage(dto.getNotebookImage())
+ .withAction(action);
- commandExecutor.executeAsync(username, uuid, commandBuilder.buildCommand(runDockerCommand, dto));
- return uuid;
- }
+ commandExecutor.executeAsync(username, uuid, commandBuilder.buildCommand(runDockerCommand, dto));
+ return uuid;
+ }
- public String getResourceType() {
- return Directories.NOTEBOOK_LOG_DIRECTORY;
- }
+ public String getResourceType() {
+ return Directories.NOTEBOOK_LOG_DIRECTORY;
+ }
- private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ExploratoryBaseDTO<?> dto) {
- return new ExploratoryCallbackHandler(systemUserInfoService, selfService, action, uuid,
- dto.getCloudSettings().getIamUser(),
- dto.getExploratoryName());
- }
+ private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ExploratoryBaseDTO<?> dto) {
+ return new ExploratoryCallbackHandler(selfService, action, uuid, dto.getCloudSettings().getIamUser(),
+ dto.getExploratoryName());
+ }
- private String nameContainer(String user, DockerAction action, String name) {
- return nameContainer(user, action.toString(), "exploratory", name);
- }
+ private String nameContainer(String user, DockerAction action, String name) {
+ return nameContainer(user, action.toString(), "exploratory", name);
+ }
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/InfrastructureService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/InfrastructureService.java
index 48af93b..9406afd 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/InfrastructureService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/InfrastructureService.java
@@ -19,7 +19,7 @@
package com.epam.dlab.backendapi.resources.base;
-import com.epam.dlab.auth.SystemUserInfoService;
+
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -54,8 +54,6 @@ public abstract class InfrastructureService implements DockerCommands {
private ICommandExecutor commandExecutor;
@Inject
private CommandBuilder commandBuilder;
- @Inject
- private SystemUserInfoService systemUserInfoService;
private static final String CONTAINER_NAME_REGEX_FORMAT = "%s_[^_\\W]+_%s(|_%s)_\\d+";
@@ -141,7 +139,7 @@ public abstract class InfrastructureService implements DockerCommands {
}
protected FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, String user) {
- return new ResourcesStatusCallbackHandler(systemUserInfoService, selfService, action, uuid, user);
+ return new ResourcesStatusCallbackHandler(selfService, action, uuid, user);
}
private String nameContainer(String user, DockerAction action, String name) {
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/ComputationalResourceGcp.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/ComputationalResourceGcp.java
index cf02061..0db357b 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/ComputationalResourceGcp.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/ComputationalResourceGcp.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.resources.gcp;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -65,8 +64,6 @@ public class ComputationalResourceGcp extends DockerService implements DockerCom
private ComputationalConfigure computationalConfigure;
@Inject
private SparkClusterService sparkClusterService;
- @Inject
- private SystemUserInfoService systemUserInfoService;
@POST
@Path(ComputationalAPI.COMPUTATIONAL_CREATE_CLOUD_SPECIFIC)
@@ -186,8 +183,7 @@ public class ComputationalResourceGcp extends DockerService implements DockerCom
}
private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ComputationalBase<?> dto) {
- return new ComputationalCallbackHandler(systemUserInfoService, computationalConfigure, selfService, action,
- uuid, dto);
+ return new ComputationalCallbackHandler(computationalConfigure, selfService, action, uuid, dto);
}
private String nameContainer(String user, DockerAction action, String exploratoryName, String name) {
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/EdgeResourceGcp.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/EdgeResourceGcp.java
index 5f4c2f2..525e3e7 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/EdgeResourceGcp.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/gcp/EdgeResourceGcp.java
@@ -88,7 +88,7 @@ public class EdgeResourceGcp extends EdgeService {
@Override
protected FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, String user, String
callbackURI) {
- return new EdgeCallbackHandler(systemUserInfoService, selfService, action, uuid, user, callbackURI,
+ return new EdgeCallbackHandler(selfService, action, uuid, user, callbackURI,
EdgeInfoGcp.class,
UploadFileResult.class);
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/CheckInactivityServiceImpl.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/CheckInactivityServiceImpl.java
index 9677005..7f7eafe 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/CheckInactivityServiceImpl.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/CheckInactivityServiceImpl.java
@@ -82,7 +82,7 @@ public class CheckInactivityServiceImpl extends DockerService implements CheckIn
private void startComputationalCallbackListener(String userName, ComputationalCheckInactivityDTO dto,
String uuid) {
final CheckInactivityCallbackHandler handler = new CheckInactivityCallbackHandler(
- selfService, sysUserService, ApiCallbacks.CHECK_INACTIVITY_COMPUTATIONAL_URI, userName, uuid,
+ selfService, ApiCallbacks.CHECK_INACTIVITY_COMPUTATIONAL_URI, userName, uuid,
dto.getExploratoryName(), dto.getComputationalName());
folderListenerExecutor.start(configuration.getKeyLoaderDirectory(),
configuration.getKeyLoaderPollTimeout(), handler);
@@ -90,7 +90,7 @@ public class CheckInactivityServiceImpl extends DockerService implements CheckIn
private void startExploratoryCallbackListener(String userName, ExploratoryCheckInactivityAction dto, String uuid) {
final CheckInactivityCallbackHandler handler = new CheckInactivityCallbackHandler(
- selfService, sysUserService, ApiCallbacks.CHECK_INACTIVITY_EXPLORATORY_URI, userName, uuid,
+ selfService, ApiCallbacks.CHECK_INACTIVITY_EXPLORATORY_URI, userName, uuid,
dto.getExploratoryName());
folderListenerExecutor.start(configuration.getKeyLoaderDirectory(),
configuration.getKeyLoaderPollTimeout(), handler);
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/DockerService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/DockerService.java
index 8e984de..5e5a20a 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/DockerService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/DockerService.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.commands.CommandBuilder;
import com.epam.dlab.backendapi.core.commands.ICommandExecutor;
@@ -29,17 +28,15 @@ import com.google.inject.Inject;
public abstract class DockerService {
- @Inject
- protected ProvisioningServiceApplicationConfiguration configuration;
- @Inject
- protected FolderListenerExecutor folderListenerExecutor;
- @Inject
- protected ICommandExecutor commandExecutor;
- @Inject
- protected CommandBuilder commandBuilder;
- @Inject
- protected RESTService selfService;
- @Inject
- protected SystemUserInfoService sysUserService;
+ @Inject
+ protected ProvisioningServiceApplicationConfiguration configuration;
+ @Inject
+ protected FolderListenerExecutor folderListenerExecutor;
+ @Inject
+ protected ICommandExecutor commandExecutor;
+ @Inject
+ protected CommandBuilder commandBuilder;
+ @Inject
+ protected RESTService selfService;
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java
index 6394564..bbedc68 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.commands.DockerAction;
@@ -47,12 +46,10 @@ public class KeyService extends DockerService implements DockerCommands {
private static final String REUPLOAD_KEY_ACTION = "reupload_key";
- private final SystemUserInfoService systemUserInfoService;
private final ProvisioningServiceApplicationConfiguration conf;
@Inject
- public KeyService(SystemUserInfoService systemUserInfoService, ProvisioningServiceApplicationConfiguration conf) {
- this.systemUserInfoService = systemUserInfoService;
+ public KeyService(ProvisioningServiceApplicationConfiguration conf) {
this.conf = conf;
}
@@ -99,7 +96,7 @@ public class KeyService extends DockerService implements DockerCommands {
private void startCallbackListener(String userName, ReuploadKeyCallbackDTO dto) {
folderListenerExecutor.start(configuration.getKeyLoaderDirectory(),
configuration.getKeyLoaderPollTimeout(),
- new ReuploadKeyCallbackHandler(selfService, systemUserInfoService, ApiCallbacks.REUPLOAD_KEY_URI,
+ new ReuploadKeyCallbackHandler(selfService, ApiCallbacks.REUPLOAD_KEY_URI,
userName, dto));
}
diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/SparkClusterService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/SparkClusterService.java
index 643a1a9..a773b70 100644
--- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/SparkClusterService.java
+++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/SparkClusterService.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.core.Directories;
import com.epam.dlab.backendapi.core.FileHandlerCallback;
@@ -48,8 +47,6 @@ public class SparkClusterService extends DockerService implements DockerCommands
@Inject
private ComputationalConfigure computationalConfigure;
- @Inject
- private SystemUserInfoService systemUserInfoService;
public String create(UserInfo ui, ComputationalBase<?> dto) {
return action(ui, dto, CREATE);
@@ -76,7 +73,8 @@ public class SparkClusterService extends DockerService implements DockerCommands
return uuid;
}
- private void runReconfigureSparkDockerCommand(UserInfo ui, ComputationalClusterConfigDTO clusterConfigDTO, String uuid) {
+ private void runReconfigureSparkDockerCommand(UserInfo ui, ComputationalClusterConfigDTO clusterConfigDTO,
+ String uuid) {
try {
final RunDockerCommand dockerCommand = new RunDockerCommand()
.withInteractive()
@@ -127,8 +125,7 @@ public class SparkClusterService extends DockerService implements DockerCommands
}
private FileHandlerCallback getFileHandlerCallback(DockerAction action, String uuid, ComputationalBase<?> dto) {
- return new ComputationalCallbackHandler(systemUserInfoService, computationalConfigure, selfService, action,
- uuid, dto);
+ return new ComputationalCallbackHandler(computationalConfigure, selfService, action, uuid, dto);
}
private String nameContainer(String user, DockerAction action, String exploratoryName, String name) {
diff --git a/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/commands/CommandExecutorMockTest.java b/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/commands/CommandExecutorMockTest.java
index 08e68c5..bf92609 100644
--- a/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/commands/CommandExecutorMockTest.java
+++ b/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/commands/CommandExecutorMockTest.java
@@ -69,7 +69,7 @@ public class CommandExecutorMockTest {
exec.getResultSync();
RESTServiceMock selfService = new RESTServiceMock();
- ExploratoryCallbackHandler handler = new ExploratoryCallbackHandler(null, selfService, action,
+ ExploratoryCallbackHandler handler = new ExploratoryCallbackHandler(selfService, action,
getRequestId(exec), getEdgeUserName(exec), getExploratoryName(exec));
handler.handle(exec.getResponseFileName(), Files.readAllBytes(Paths.get(exec.getResponseFileName())));
@@ -97,7 +97,7 @@ public class CommandExecutorMockTest {
new LibListCallbackHandler(selfService, action,
getRequestId(exec), getEdgeUserName(exec), getExploratoryName(exec));
*/
- ResourceCallbackHandler<?> handler = new LibListCallbackHandler(null, selfService, action, getRequestId(exec),
+ ResourceCallbackHandler<?> handler = new LibListCallbackHandler(selfService, action, getRequestId(exec),
getEdgeUserName(exec), getExploratoryName(exec));
handler.handle(exec.getResponseFileName(), Files.readAllBytes(Paths.get(exec.getResponseFileName())));
diff --git a/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/response/handlers/dao/FileSystemCallbackHandlerDaoTest.java b/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/response/handlers/dao/FileSystemCallbackHandlerDaoTest.java
index 2623097..0dc3663 100644
--- a/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/response/handlers/dao/FileSystemCallbackHandlerDaoTest.java
+++ b/services/provisioning-service/src/test/java/com/epam/dlab/backendapi/core/response/handlers/dao/FileSystemCallbackHandlerDaoTest.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.core.response.handlers.dao;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration;
import com.epam.dlab.backendapi.core.DockerWarmuper;
import com.epam.dlab.backendapi.core.commands.DockerAction;
@@ -56,8 +55,6 @@ public class FileSystemCallbackHandlerDaoTest {
private ProvisioningServiceApplicationConfiguration configuration;
@Mock
private CallbackHandlerDao dao;
- @Mock
- private SystemUserInfoService systemUserInfoService;
@InjectMocks
private FileSystemCallbackHandlerDao fileSystemCallbackHandlerDao;
@@ -78,7 +75,7 @@ public class FileSystemCallbackHandlerDaoTest {
when(configuration.getHandlerDirectory()).thenReturn(handlersFolders);
when(mapper.writeValueAsBytes(any())).thenReturn("{'test': 'test'}".getBytes());
final PersistentFileHandler persistentFileHandler =
- new PersistentFileHandler(new LibListCallbackHandler(systemUserInfoService, null,
+ new PersistentFileHandler(new LibListCallbackHandler(null,
DockerAction.LIB_LIST, "uuid", "test", "das"), 1L, "/opt/test");
fileSystemCallbackHandlerDao.upsert(persistentFileHandler);
@@ -97,10 +94,10 @@ public class FileSystemCallbackHandlerDaoTest {
final PersistentFileHandler persistentFileHandler1 = new PersistentFileHandler(new DockerWarmuper()
.new DockerFileHandlerCallback("sameUUID"), 1L, "/opt/test");
final PersistentFileHandler persistentFileHandler2 =
- new PersistentFileHandler(new LibListCallbackHandler(systemUserInfoService, null,
+ new PersistentFileHandler(new LibListCallbackHandler(null,
DockerAction.LIB_LIST, "sameUUID", "test", "das1"), 1L, "/opt/test");
final PersistentFileHandler persistentFileHandler3 =
- new PersistentFileHandler(new LibListCallbackHandler(systemUserInfoService, null,
+ new PersistentFileHandler(new LibListCallbackHandler(null,
DockerAction.LIB_LIST, "anotherUUID", "test", "das2"), 1L, "/opt/test");
diff --git a/services/self-service/self-service.yml b/services/self-service/self-service.yml
index 855950d..5e7290d 100644
--- a/services/self-service/self-service.yml
+++ b/services/self-service/self-service.yml
@@ -67,6 +67,8 @@ maxSessionDurabilityMilliseconds: 288000000
</#if>
server:
+ gzip:
+ enabled: true
requestLog:
appenders:
- type: file
@@ -81,7 +83,7 @@ server:
- type: https
port: 8443
certAlias: dlab
- validateCerts: true
+ validateCerts: false
keyStorePath: ${KEY_STORE_PATH}
keyStorePassword: ${KEY_STORE_PASSWORD}
trustStorePath: ${TRUST_STORE_PATH}
@@ -92,7 +94,7 @@ server:
- type: https
port: 8444
certAlias: dlab
- validateCerts: true
+ validateCerts: false
keyStorePath: ${KEY_STORE_PATH}
keyStorePassword: ${KEY_STORE_PASSWORD}
trustStorePath: ${TRUST_STORE_PATH}
@@ -103,7 +105,8 @@ mongoMigrationEnabled: false
logging:
level: INFO
loggers:
- com.epam: TRACE
+ com.epam: INFO
+ org.apache.guacamole: DEBUG
com.novemberain: ERROR
appenders:
<#if DEV_MODE == "true">
@@ -167,4 +170,22 @@ guacamole:
port: 22
username: dlab-user
+keycloakConfiguration:
+ realm: DLAB_bhliva
+ bearer-only: true
+ auth-server-url: http://52.11.45.11:8080/auth
+ ssl-required: none
+ register-node-at-startup: true
+ register-node-period: 600
+ resource: sss
+ credentials:
+ secret: 37338cc5-77f9-47f9-9d95-5cb716b91118
+
+jerseyClient:
+ minThreads: 1
+ maxThreads: 128
+ workQueueSize: 8
+ gzipEnabled: true
+ gzipEnabledForRequests: false
+ chunkedEncodingEnabled: true
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
index 9fbcd75..dc4b800 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplication.java
@@ -24,7 +24,6 @@ import com.epam.dlab.backendapi.dao.IndexCreator;
import com.epam.dlab.backendapi.domain.EnvStatusListener;
import com.epam.dlab.backendapi.domain.ExploratoryLibCache;
import com.epam.dlab.backendapi.healthcheck.MongoHealthCheck;
-import com.epam.dlab.backendapi.healthcheck.ProvisioningServiceHealthCheck;
import com.epam.dlab.backendapi.listeners.RestoreHandlerStartupListener;
import com.epam.dlab.backendapi.modules.ModuleFactory;
import com.epam.dlab.backendapi.resources.*;
@@ -139,8 +138,8 @@ public class SelfServiceApplication extends Application<SelfServiceApplicationCo
KeycloakConfiguration keycloakConfiguration) {
final AccessToken token = keycloakSecurityContext.getToken();
final UserInfo userInfo = new UserInfo(token.getPreferredUsername(),
- keycloakSecurityContext.getIdTokenString());
- userInfo.addRoles(token.getResourceAccess(keycloakConfiguration.getResource()).getRoles());
+ keycloakSecurityContext.getTokenString());
+ userInfo.addRoles(token.getResourceAccess(keycloakConfiguration.getResource()).getRoles());
return userInfo;
}
}
@@ -170,8 +169,6 @@ public class SelfServiceApplication extends Application<SelfServiceApplicationCo
environment.lifecycle().manage(injector.getInstance(ExploratoryLibCache.class));
environment.lifecycle().manage(injector.getInstance(ManagedScheduler.class));
environment.healthChecks().register(ServiceConsts.MONGO_NAME, injector.getInstance(MongoHealthCheck.class));
- environment.healthChecks().register(
- ServiceConsts.PROVISIONING_SERVICE_NAME, injector.getInstance(ProvisioningServiceHealthCheck.class));
final String guacamoleServletName = "GuacamoleServlet";
environment.servlets().addServlet(guacamoleServletName, injector.getInstance(GuacamoleServlet.class))
@@ -223,6 +220,7 @@ public class SelfServiceApplication extends Application<SelfServiceApplicationCo
jersey.register(injector.getInstance(UserGroupResource.class));
jersey.register(injector.getInstance(UserRoleResource.class));
jersey.register(injector.getInstance(ApplicationSettingResource.class));
+ jersey.register(injector.getInstance(KeycloakResource.class));
}
private void disableGzipHandlerForGuacamoleServlet(Server server) {
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
index c21c3eb..7a53b8a 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/SelfServiceApplicationConfiguration.java
@@ -34,7 +34,6 @@ import io.dropwizard.util.Duration;
import io.federecio.dropwizard.swagger.SwaggerBundleConfiguration;
import org.hibernate.validator.constraints.NotEmpty;
import org.hibernate.validator.group.GroupSequenceProvider;
-import org.keycloak.representations.adapters.config.AdapterConfig;
import javax.validation.Valid;
import javax.validation.constraints.Max;
@@ -118,6 +117,7 @@ public class SelfServiceApplicationConfiguration extends ServiceConfiguration {
@Valid
@NotNull
+ @JsonProperty("jerseyClient")
private JerseyClientConfiguration jerseyClient = new JerseyClientConfiguration();
@Valid
@@ -143,7 +143,6 @@ public class SelfServiceApplicationConfiguration extends ServiceConfiguration {
return Integer.valueOf(guacamole.get("serverPort"));
}
- @JsonProperty("jerseyClient")
public JerseyClientConfiguration getJerseyClientConfiguration() {
return jerseyClient;
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/dao/SecurityDAO.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/dao/SecurityDAO.java
index bf46480..7fb59a4 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/dao/SecurityDAO.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/dao/SecurityDAO.java
@@ -24,16 +24,18 @@ import com.epam.dlab.exceptions.DlabException;
import com.epam.dlab.util.UsernameUtils;
import com.google.inject.Singleton;
import com.mongodb.client.FindIterable;
+import com.mongodb.client.model.Projections;
import org.bson.Document;
+import org.keycloak.representations.AccessTokenResponse;
import java.util.*;
import java.util.stream.Collectors;
import static com.epam.dlab.backendapi.dao.MongoCollections.LOGIN_ATTEMPTS;
import static com.epam.dlab.backendapi.dao.MongoCollections.ROLES;
+import static com.mongodb.client.model.Filters.eq;
import static com.mongodb.client.model.Filters.ne;
-import static com.mongodb.client.model.Projections.exclude;
-import static com.mongodb.client.model.Projections.fields;
+import static com.mongodb.client.model.Projections.*;
/**
* DAO write the attempt of user login into DLab.
@@ -68,6 +70,19 @@ public class SecurityDAO extends BaseDAO {
}
+ public void saveUser(String userName, AccessTokenResponse accessTokenResponse) {
+ updateOne("security", eq(ID, userName),
+ new Document(SET,
+ new Document().append(ID, userName).append("created", new Date()).append("tokenResponse",
+ convertToBson(accessTokenResponse))),
+ true);
+ }
+
+ public Optional<AccessTokenResponse> getTokenResponse(String user) {
+ return findOne("security", eq(ID, user), Projections.fields(include("tokenResponse")))
+ .map(d -> convertFromDocument((Document) d.get("tokenResponse"), AccessTokenResponse.class));
+ }
+
@SuppressWarnings("unchecked")
private Set<String> toUsers(Document d) {
final Object users = d.get("users");
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/healthcheck/ProvisioningServiceHealthCheck.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/healthcheck/ProvisioningServiceHealthCheck.java
deleted file mode 100644
index 0e16892..0000000
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/healthcheck/ProvisioningServiceHealthCheck.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package com.epam.dlab.backendapi.healthcheck;
-
-import com.codahale.metrics.health.HealthCheck;
-import com.epam.dlab.auth.SystemUserInfoService;
-import com.epam.dlab.constants.ServiceConsts;
-import com.epam.dlab.rest.client.RESTService;
-import com.google.inject.Inject;
-import com.google.inject.name.Named;
-
-import javax.ws.rs.core.Response;
-
-public class ProvisioningServiceHealthCheck extends HealthCheck {
-
- public static final String USER = "healthChecker";
- public static final String INFRASTRUCTURE_URL = "/infrastructure";
- @Inject
- @Named(ServiceConsts.PROVISIONING_SERVICE_NAME)
- private RESTService provisioningService;
-
- @Inject
- private SystemUserInfoService systemUserInfoService;
-
- @Override
- protected Result check() {
- final String accessToken = systemUserInfoService.create(USER).getAccessToken();
- final Response response = provisioningService.get(INFRASTRUCTURE_URL, accessToken, Response.class);
- return isSuccess(response) ? Result.healthy() : Result.unhealthy(response.getStatusInfo()
- .getReasonPhrase());
- }
-
- private boolean isSuccess(Response response) {
- return response.getStatus() == 200;
- }
-}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
index c8db053..adff398 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/DevModule.java
@@ -20,7 +20,6 @@
package com.epam.dlab.backendapi.modules;
import com.epam.dlab.ModuleBase;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.auth.contract.SecurityAPI;
import com.epam.dlab.auth.dto.UserCredentialDTO;
@@ -36,11 +35,13 @@ import com.epam.dlab.rest.contracts.DockerAPI;
import com.epam.dlab.rest.dto.ErrorDTO;
import com.google.inject.name.Names;
import io.dropwizard.auth.Authorizer;
+import io.dropwizard.client.JerseyClientBuilder;
import io.dropwizard.setup.Environment;
+import org.glassfish.jersey.logging.LoggingFeature;
+import javax.ws.rs.client.Client;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import java.util.Optional;
/**
* Mock class for an application configuration of SelfService for developer mode.
@@ -64,30 +65,25 @@ public class DevModule extends ModuleBase<SelfServiceApplicationConfiguration> i
@Override
protected void configure() {
+ final Client httpClient =
+ new JerseyClientBuilder(environment)
+ .using(configuration.getJerseyClientConfiguration())
+ .build("httpClient")
+ .register(new LoggingFeature());
+ bind(SecurityService.class).to(SecurityServiceImpl.class);
+ bind(KeycloakService.class).to(KeycloakServiceImpl.class);
+ bind(Client.class).toInstance(httpClient);
bind(SelfServiceApplicationConfiguration.class).toInstance(configuration);
bind(MongoService.class).toInstance(configuration.getMongoFactory().build(environment));
- /*bind(RESTService.class).annotatedWith(Names.named(ServiceConsts.SECURITY_SERVICE_NAME))
- .toInstance(createAuthenticationService());*/
bind(RESTService.class).annotatedWith(Names.named(ServiceConsts.PROVISIONING_SERVICE_NAME))
.toInstance(configuration.getProvisioningFactory()
.build(environment, ServiceConsts.PROVISIONING_SERVICE_NAME));
+ bind(InactivityService.class).to(InactivityServiceImpl.class);
bind(ImageExploratoryService.class).to(ImageExploratoryServiceImpl.class);
bind(ImageExploratoryDao.class).to(ImageExploratoryDaoImpl.class);
bind(BackupService.class).to(BackupServiceImpl.class);
bind(BackupDao.class).to(BackupDaoImpl.class);
bind(ExploratoryService.class).to(ExploratoryServiceImpl.class);
- bind(InactivityService.class).to(InactivityServiceImpl.class);
- bind(SystemUserInfoService.class).toInstance(new SystemUserInfoService() {
- @Override
- public Optional<UserInfo> getUser(String token) {
- return Optional.of(getUserInfo());
- }
-
- @Override
- public UserInfo create(String name) {
- return getUserInfo();
- }
- });
bind(Authorizer.class).to(SelfServiceSecurityAuthorizer.class);
bind(AccessKeyService.class).to(AccessKeyServiceImpl.class);
bind(GitCredentialService.class).to(GitCredentialServiceImpl.class);
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
index 7db5b26..4009785 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/modules/ProductionModule.java
@@ -20,8 +20,6 @@
package com.epam.dlab.backendapi.modules;
import com.epam.dlab.ModuleBase;
-import com.epam.dlab.auth.SystemUserInfoService;
-import com.epam.dlab.auth.SystemUserInfoServiceImpl;
import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration;
import com.epam.dlab.backendapi.auth.SelfServiceSecurityAuthorizer;
import com.epam.dlab.backendapi.dao.*;
@@ -64,7 +62,6 @@ public class ProductionModule extends ModuleBase<SelfServiceApplicationConfigura
bind(BackupService.class).to(BackupServiceImpl.class);
bind(BackupDao.class).to(BackupDaoImpl.class);
bind(ExploratoryService.class).to(ExploratoryServiceImpl.class);
- bind(SystemUserInfoService.class).to(SystemUserInfoServiceImpl.class);
bind(Authorizer.class).to(SelfServiceSecurityAuthorizer.class);
bind(AccessKeyService.class).to(AccessKeyServiceImpl.class);
bind(GitCredentialService.class).to(GitCredentialServiceImpl.class);
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/ExploratoryResource.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/ExploratoryResource.java
index 897255d..bf6b5ae 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/ExploratoryResource.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/ExploratoryResource.java
@@ -70,7 +70,7 @@ public class ExploratoryResource implements ExploratoryAPI {
* {@link Response.Status#FOUND} request for provisioning service has been duplicated.
*/
@PUT
- @RolesAllowed(UserSessionDurationAuthorizer.SHORT_USER_SESSION_DURATION)
+ //@RolesAllowed(UserSessionDurationAuthorizer.SHORT_USER_SESSION_DURATION)
@ApiOperation("Creates notebook")
@ApiResponses({@ApiResponse(code = 302, message = "Notebook with current parameters already exists"),
@ApiResponse(code = 200, message = "Notebook created successfully")})
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/KeycloakResource.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/KeycloakResource.java
new file mode 100644
index 0000000..10708b1
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/KeycloakResource.java
@@ -0,0 +1,29 @@
+package com.epam.dlab.backendapi.resources;
+
+import com.epam.dlab.backendapi.service.SecurityService;
+import com.google.inject.Inject;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+@Path("/test")
+public class KeycloakResource {
+
+
+ private final SecurityService securityService;
+
+ @Inject
+ public KeycloakResource(SecurityService securityService) {
+ this.securityService = securityService;
+ }
+
+ @GET
+ @Produces(MediaType.APPLICATION_JSON)
+ public Response getUser(@QueryParam("code") String code) {
+ return Response.ok(securityService.getUserInfo(code)).build();
+ }
+}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/BackupCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/BackupCallback.java
index c11b6bb..102f8bf 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/BackupCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/BackupCallback.java
@@ -19,12 +19,10 @@
package com.epam.dlab.backendapi.resources.callback;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.BackupService;
import com.epam.dlab.dto.backup.EnvBackupStatusDTO;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -51,7 +49,7 @@ public class BackupCallback {
@POST
@Path("/status")
- public Response status(@Auth UserInfo ui, EnvBackupStatusDTO dto) {
+ public Response status(EnvBackupStatusDTO dto) {
requestId.remove(dto.getRequestId());
log.debug("Updating status of backup status to {}", dto);
backupService.updateStatus(dto.getEnvBackupDTO(), dto.getUser(),
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/CheckInactivityCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/CheckInactivityCallback.java
index f7a9bd9..111bcfa 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/CheckInactivityCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/CheckInactivityCallback.java
@@ -23,7 +23,6 @@ import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.InactivityService;
import com.epam.dlab.dto.computational.CheckInactivityStatusDTO;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -48,18 +47,19 @@ public class CheckInactivityCallback {
@POST
@Path("exploratory")
- public Response updateExploratoryLastActivity(@Auth UserInfo userInfo, CheckInactivityStatusDTO dto) {
+ public Response updateExploratoryLastActivity(CheckInactivityStatusDTO dto) {
requestId.checkAndRemove(dto.getRequestId());
- inactivityService.updateLastActivityForExploratory(userInfo, dto.getExploratoryName(),
+ inactivityService.updateLastActivityForExploratory(new UserInfo(dto.getUser(), null), dto.getExploratoryName(),
toLocalDateTime(dto.getLastActivityUnixTime()));
return Response.ok().build();
}
@POST
@Path("computational")
- public Response updateComputationalLastActivity(@Auth UserInfo userInfo, CheckInactivityStatusDTO dto) {
+ public Response updateComputationalLastActivity(CheckInactivityStatusDTO dto) {
requestId.checkAndRemove(dto.getRequestId());
- inactivityService.updateLastActivityForComputational(userInfo, dto.getExploratoryName(),
+ inactivityService.updateLastActivityForComputational(new UserInfo(dto.getUser(), null),
+ dto.getExploratoryName(),
dto.getComputationalName(), toLocalDateTime(dto.getLastActivityUnixTime()));
return Response.ok().build();
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ComputationalCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ComputationalCallback.java
index 1f2294a..b2da20c 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ComputationalCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ComputationalCallback.java
@@ -19,12 +19,12 @@
package com.epam.dlab.backendapi.resources.callback;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.ComputationalDAO;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.ComputationalService;
import com.epam.dlab.backendapi.service.ReuploadKeyService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.computational.ComputationalStatusDTO;
import com.epam.dlab.dto.computational.UserComputationalResource;
@@ -32,7 +32,6 @@ import com.epam.dlab.exceptions.DlabException;
import com.epam.dlab.model.ResourceData;
import com.epam.dlab.rest.contracts.ApiCallbacks;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -56,7 +55,7 @@ public class ComputationalCallback {
@Inject
private RequestId requestId;
@Inject
- private SystemUserInfoService systemUserService;
+ private SecurityService securityService;
@Inject
private ReuploadKeyService reuploadKeyService;
@Inject
@@ -70,7 +69,7 @@ public class ComputationalCallback {
*/
@POST
@Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo ui, ComputationalStatusDTO dto) {
+ public Response status(ComputationalStatusDTO dto) {
log.debug("Updating status for computational resource {} for user {}: {}",
dto.getComputationalName(), dto.getUser(), dto);
String uuid = dto.getRequestId();
@@ -97,7 +96,7 @@ public class ComputationalCallback {
} else if (UserInstanceStatus.of(dto.getStatus()) == RUNNING && compResource.isReuploadKeyRequired()) {
ResourceData resourceData = ResourceData.computationalResource(compResource.getComputationalId(),
dto.getExploratoryName(), dto.getComputationalName());
- UserInfo userInfo = systemUserService.create(dto.getUser());
+ UserInfo userInfo = securityService.getUserInfoOffline(dto.getUser());
reuploadKeyService.reuploadKeyAction(userInfo, resourceData);
}
return Response.ok().build();
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/EnvironmentStatusCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/EnvironmentStatusCallback.java
index a70e48a..618fb04 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/EnvironmentStatusCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/EnvironmentStatusCallback.java
@@ -56,7 +56,7 @@ public class EnvironmentStatusCallback {
*/
@POST
@Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo userInfo, EnvStatusDTO dto) {
+ public Response status(EnvStatusDTO dto) {
log.trace("Updating the status of resources for user {}: {}", dto.getUser(), dto);
requestId.checkAndRemove(dto.getRequestId());
try {
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ExploratoryCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ExploratoryCallback.java
index eeab58c..62f6435 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ExploratoryCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ExploratoryCallback.java
@@ -19,13 +19,13 @@
package com.epam.dlab.backendapi.resources.callback;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.ComputationalDAO;
import com.epam.dlab.backendapi.dao.ExploratoryDAO;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.ExploratoryService;
import com.epam.dlab.backendapi.service.ReuploadKeyService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.UserInstanceDTO;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.exploratory.ExploratoryStatusDTO;
@@ -33,7 +33,6 @@ import com.epam.dlab.exceptions.DlabException;
import com.epam.dlab.model.ResourceData;
import com.epam.dlab.rest.contracts.ApiCallbacks;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -62,7 +61,7 @@ public class ExploratoryCallback {
@Inject
private RequestId requestId;
@Inject
- private SystemUserInfoService systemUserService;
+ private SecurityService securityService;
@Inject
private ReuploadKeyService reuploadKeyService;
@Inject
@@ -76,7 +75,7 @@ public class ExploratoryCallback {
*/
@POST
@Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo ui, ExploratoryStatusDTO dto) {
+ public Response status(ExploratoryStatusDTO dto) {
log.debug("Updating status for exploratory environment {} for user {} to {}",
dto.getExploratoryName(), dto.getUser(), dto.getStatus());
requestId.checkAndRemove(dto.getRequestId());
@@ -107,7 +106,7 @@ public class ExploratoryCallback {
if (UserInstanceStatus.of(dto.getStatus()) == RUNNING && instance.isReuploadKeyRequired()) {
ResourceData resourceData =
ResourceData.exploratoryResource(dto.getExploratoryId(), dto.getExploratoryName());
- UserInfo userInfo = systemUserService.create(dto.getUser());
+ UserInfo userInfo = securityService.getUserInfoOffline(dto.getUser());
reuploadKeyService.reuploadKeyAction(userInfo, resourceData);
}
return Response.ok().build();
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/GitCredsCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/GitCredsCallback.java
index 5ad4e6f..5570232 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/GitCredsCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/GitCredsCallback.java
@@ -52,7 +52,7 @@ public class GitCredsCallback {
*/
@POST
@Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo userInfo, ExploratoryStatusDTO dto) {
+ public Response status(ExploratoryStatusDTO dto) {
if (UserInstanceStatus.CREATED != UserInstanceStatus.of(dto.getStatus())) {
//TODO Handle error status?
log.error("Git creds has not been updated for exploratory environment {} for user {}, status is {}",
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ImageCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ImageCallback.java
index 4339f40..a3357f6 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ImageCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ImageCallback.java
@@ -52,7 +52,7 @@ public class ImageCallback {
@POST
@Path("/image_status")
- public Response imageCreateStatus(@Auth UserInfo userInfo, ImageCreateStatusDTO dto) {
+ public Response imageCreateStatus(ImageCreateStatusDTO dto) {
log.debug("Updating status of image {} for user {} to {}", dto.getName(), dto.getUser(), dto);
requestId.remove(dto.getRequestId());
imageExploratoryService.finishImageCreate(getImage(dto), dto.getExploratoryName(), dto.getImageCreateDTO()
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/LibraryCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/LibraryCallback.java
index 506def7..be8c2f1 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/LibraryCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/LibraryCallback.java
@@ -44,58 +44,58 @@ import javax.ws.rs.core.Response;
@Slf4j
public class LibraryCallback {
- @Inject
- private ExploratoryLibDAO libraryDAO;
+ @Inject
+ private ExploratoryLibDAO libraryDAO;
@Inject
private RequestId requestId;
- /**
- * Changes the status of installed libraries for exploratory environment.
- *
- * @param dto description of status.
- * @return 200 OK - if request success.
- */
- @POST
- @Path("/lib_status")
- public Response libInstallStatus(@Auth UserInfo userInfo, LibInstallStatusDTO dto) {
- log.debug("Updating status of libraries for exploratory environment {} for user {} to {}",
- dto.getExploratoryName(), dto.getUser(), dto);
+ /**
+ * Changes the status of installed libraries for exploratory environment.
+ *
+ * @param dto description of status.
+ * @return 200 OK - if request success.
+ */
+ @POST
+ @Path("/lib_status")
+ public Response libInstallStatus(LibInstallStatusDTO dto) {
+ log.debug("Updating status of libraries for exploratory environment {} for user {} to {}",
+ dto.getExploratoryName(), dto.getUser(), dto);
requestId.checkAndRemove(dto.getRequestId());
- try {
- libraryDAO.updateLibraryFields(dto);
- } catch (DlabException e) {
- log.error("Cannot update status of libraries for exploratory environment {} for user {} to {}",
- dto.getExploratoryName(), dto.getUser(), dto, e);
- throw new DlabException("Cannot update status of libaries for exploratory environment " + dto.getExploratoryName() +
- " for user " + dto.getUser() + ": " + e.getLocalizedMessage(), e);
- }
+ try {
+ libraryDAO.updateLibraryFields(dto);
+ } catch (DlabException e) {
+ log.error("Cannot update status of libraries for exploratory environment {} for user {} to {}",
+ dto.getExploratoryName(), dto.getUser(), dto, e);
+ throw new DlabException("Cannot update status of libaries for exploratory environment " + dto.getExploratoryName() +
+ " for user " + dto.getUser() + ": " + e.getLocalizedMessage(), e);
+ }
- return Response.ok().build();
- }
+ return Response.ok().build();
+ }
- /**
- * Updates the list of libraries.
- *
- * @param dto DTO the list of libraries.
- * @return Always return code 200 (OK).
- */
- @POST
- @Path("/update_lib_list")
- public Response updateLibList(@Auth UserInfo userInfo, LibListStatusDTO dto) {
- log.debug("Updating the list of libraries for image {}", dto.getImageName());
+ /**
+ * Updates the list of libraries.
+ *
+ * @param dto DTO the list of libraries.
+ * @return Always return code 200 (OK).
+ */
+ @POST
+ @Path("/update_lib_list")
+ public Response updateLibList(LibListStatusDTO dto) {
+ log.debug("Updating the list of libraries for image {}", dto.getImageName());
requestId.checkAndRemove(dto.getRequestId());
- try {
- if (UserInstanceStatus.FAILED == UserInstanceStatus.of(dto.getStatus())) {
- log.warn("Request for the list of libraries fails: {}", dto.getErrorMessage());
- ExploratoryLibCache.getCache().removeLibList(dto.getImageName());
- } else {
- ExploratoryLibCache.getCache().updateLibList(dto.getImageName(), dto.getLibs());
- }
- } catch (Exception e) {
- log.warn("Cannot update the list of libs: {}", e.getLocalizedMessage(), e);
- }
- // Always necessary send OK for status request
- return Response.ok().build();
- }
+ try {
+ if (UserInstanceStatus.FAILED == UserInstanceStatus.of(dto.getStatus())) {
+ log.warn("Request for the list of libraries fails: {}", dto.getErrorMessage());
+ ExploratoryLibCache.getCache().removeLibList(dto.getImageName());
+ } else {
+ ExploratoryLibCache.getCache().updateLibList(dto.getImageName(), dto.getLibs());
+ }
+ } catch (Exception e) {
+ log.warn("Cannot update the list of libs: {}", e.getLocalizedMessage(), e);
+ }
+ // Always necessary send OK for status request
+ return Response.ok().build();
+ }
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ReuploadKeyCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ReuploadKeyCallback.java
index e1e5625..837498a 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ReuploadKeyCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/ReuploadKeyCallback.java
@@ -50,7 +50,7 @@ public class ReuploadKeyCallback {
@POST
@Path("/callback")
- public Response reuploadKeyResponse(@Auth UserInfo userInfo, ReuploadKeyStatusDTO dto) {
+ public Response reuploadKeyResponse(ReuploadKeyStatusDTO dto) {
requestId.remove(dto.getRequestId());
reuploadKeyService.updateResourceData(dto);
return Response.ok(uriInfo.getRequestUri()).build();
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/aws/KeyUploaderCallbackAws.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/aws/KeyUploaderCallbackAws.java
index fb9a33b..b3561ed 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/aws/KeyUploaderCallbackAws.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/aws/KeyUploaderCallbackAws.java
@@ -19,13 +19,11 @@
package com.epam.dlab.backendapi.resources.callback.aws;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.resources.callback.base.KeyUploaderCallback;
import com.epam.dlab.dto.aws.edge.EdgeInfoAws;
import com.epam.dlab.dto.base.keyload.UploadFileResult;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -40,29 +38,29 @@ import javax.ws.rs.core.Response;
@Produces(MediaType.APPLICATION_JSON)
@Slf4j
public class KeyUploaderCallbackAws {
- @Inject
- private KeyUploaderCallback keyUploaderCallback;
+ @Inject
+ private KeyUploaderCallback keyUploaderCallback;
@Inject
private RequestId requestId;
- public KeyUploaderCallbackAws() {
- log.info("{} is initialized", getClass().getSimpleName());
- }
+ public KeyUploaderCallbackAws() {
+ log.info("{} is initialized", getClass().getSimpleName());
+ }
- /**
- * Stores the result of the upload the user key.
- *
- * @param dto result of the upload the user key.
- * @return 200 OK
- */
- @POST
- @Path("/callback")
- public Response loadKeyResponse(@Auth UserInfo ui, UploadFileResult<EdgeInfoAws> dto) {
- log.debug("Upload the key result and EDGE node info for user {}: {}", dto.getUser(), dto);
+ /**
+ * Stores the result of the upload the user key.
+ *
+ * @param dto result of the upload the user key.
+ * @return 200 OK
+ */
+ @POST
+ @Path("/callback")
+ public Response loadKeyResponse(UploadFileResult<EdgeInfoAws> dto) {
+ log.debug("Upload the key result and EDGE node info for user {}: {}", dto.getUser(), dto);
requestId.checkAndRemove(dto.getRequestId());
- keyUploaderCallback.handleCallback(dto.getStatus(), dto.getUser(), dto.getEdgeInfo());
+ keyUploaderCallback.handleCallback(dto.getStatus(), dto.getUser(), dto.getEdgeInfo());
- return Response.ok().build();
+ return Response.ok().build();
- }
+ }
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/EdgeCallbackAzure.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/EdgeCallbackAzure.java
index 278675c..0fe97b3 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/EdgeCallbackAzure.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/EdgeCallbackAzure.java
@@ -19,14 +19,12 @@
package com.epam.dlab.backendapi.resources.callback.azure;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.resources.callback.base.EdgeCallback;
import com.epam.dlab.dto.azure.edge.EdgeInfoAzure;
import com.epam.dlab.dto.base.keyload.UploadFileResult;
import com.epam.dlab.rest.contracts.ApiCallbacks;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -45,21 +43,21 @@ public class EdgeCallbackAzure extends EdgeCallback {
@Inject
private RequestId requestId;
- public EdgeCallbackAzure() {
- log.info("{} is initialized", getClass().getSimpleName());
- }
+ public EdgeCallbackAzure() {
+ log.info("{} is initialized", getClass().getSimpleName());
+ }
- /**
- * Stores the result of the upload the user key.
- *
- * @param dto result of the upload the user key.
- * @return 200 OK
- */
- @POST
- @Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo ui, UploadFileResult<EdgeInfoAzure> dto) {
+ /**
+ * Stores the result of the upload the user key.
+ *
+ * @param dto result of the upload the user key.
+ * @return 200 OK
+ */
+ @POST
+ @Path(ApiCallbacks.STATUS_URI)
+ public Response status(UploadFileResult<EdgeInfoAzure> dto) {
requestId.checkAndRemove(dto.getRequestId());
- handleEdgeCallback(dto.getUser(), dto.getStatus());
- return Response.ok().build();
- }
+ handleEdgeCallback(dto.getUser(), dto.getStatus());
+ return Response.ok().build();
+ }
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/KeyUploaderCallbackAzure.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/KeyUploaderCallbackAzure.java
index 0a905d4..b383ce0 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/KeyUploaderCallbackAzure.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/azure/KeyUploaderCallbackAzure.java
@@ -59,7 +59,7 @@ public class KeyUploaderCallbackAzure {
*/
@POST
@Path("/callback")
- public Response loadKeyResponse(@Auth UserInfo ui, UploadFileResult<EdgeInfoAzure> dto) {
+ public Response loadKeyResponse(UploadFileResult<EdgeInfoAzure> dto) {
log.debug("Upload the key result and EDGE node info for user {}: {}", dto.getUser(), dto);
requestId.checkAndRemove(dto.getRequestId());
keyUploaderCallback.handleCallback(dto.getStatus(), dto.getUser(), dto.getEdgeInfo());
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/base/EdgeCallback.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/base/EdgeCallback.java
index 5c96be7..48ca592 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/base/EdgeCallback.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/base/EdgeCallback.java
@@ -19,11 +19,11 @@
package com.epam.dlab.backendapi.resources.callback.base;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.KeyDAO;
import com.epam.dlab.backendapi.service.ExploratoryService;
import com.epam.dlab.backendapi.service.ReuploadKeyService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.base.edge.EdgeInfo;
import com.epam.dlab.exceptions.DlabException;
@@ -40,7 +40,7 @@ public class EdgeCallback {
@Inject
private ExploratoryService exploratoryService;
@Inject
- private SystemUserInfoService systemUserService;
+ private SecurityService securityService;
@Inject
private ReuploadKeyService reuploadKeyService;
@@ -69,7 +69,7 @@ public class EdgeCallback {
}
if (UserInstanceStatus.of(status) == RUNNING && edgeInfo.isReuploadKeyRequired()) {
ResourceData resourceData = ResourceData.edgeResource(edgeInfo.getInstanceId());
- UserInfo userInfo = systemUserService.create(user);
+ UserInfo userInfo = securityService.getUserInfoOffline(user);
reuploadKeyService.reuploadKeyAction(userInfo, resourceData);
}
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/EdgeCallbackGcp.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/EdgeCallbackGcp.java
index c7d0fef..57c521f 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/EdgeCallbackGcp.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/EdgeCallbackGcp.java
@@ -19,14 +19,12 @@
package com.epam.dlab.backendapi.resources.callback.gcp;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.resources.callback.base.EdgeCallback;
import com.epam.dlab.dto.base.keyload.UploadFileResult;
import com.epam.dlab.dto.gcp.edge.EdgeInfoGcp;
import com.epam.dlab.rest.contracts.ApiCallbacks;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -57,7 +55,7 @@ public class EdgeCallbackGcp extends EdgeCallback {
*/
@POST
@Path(ApiCallbacks.STATUS_URI)
- public Response status(@Auth UserInfo ui, UploadFileResult<EdgeInfoGcp> dto) {
+ public Response status(UploadFileResult<EdgeInfoGcp> dto) {
requestId.checkAndRemove(dto.getRequestId());
handleEdgeCallback(dto.getUser(), dto.getStatus());
return Response.ok().build();
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/KeyUploaderCallbackGcp.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/KeyUploaderCallbackGcp.java
index 64a8fd5..3a2ce34 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/KeyUploaderCallbackGcp.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/callback/gcp/KeyUploaderCallbackGcp.java
@@ -19,13 +19,11 @@
package com.epam.dlab.backendapi.resources.callback.gcp;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.resources.callback.base.KeyUploaderCallback;
import com.epam.dlab.dto.base.keyload.UploadFileResult;
import com.epam.dlab.dto.gcp.edge.EdgeInfoGcp;
import com.google.inject.Inject;
-import io.dropwizard.auth.Auth;
import lombok.extern.slf4j.Slf4j;
import javax.ws.rs.Consumes;
@@ -59,7 +57,7 @@ public class KeyUploaderCallbackGcp {
*/
@POST
@Path("/callback")
- public Response loadKeyResponse(@Auth UserInfo ui, UploadFileResult<EdgeInfoGcp> dto) {
+ public Response loadKeyResponse(UploadFileResult<EdgeInfoGcp> dto) {
log.debug("Upload the key result and EDGE node info for user {}: {}", dto.getUser(), dto);
requestId.checkAndRemove(dto.getRequestId());
keyUploaderCallback.handleCallback(dto.getStatus(), dto.getUser(), dto.getEdgeInfo());
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/schedulers/CheckInactivityScheduledJob.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/schedulers/CheckInactivityScheduledJob.java
index 08bbaed..482576a 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/schedulers/CheckInactivityScheduledJob.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/schedulers/CheckInactivityScheduledJob.java
@@ -18,7 +18,6 @@
*/
package com.epam.dlab.backendapi.schedulers;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.backendapi.schedulers.internal.Scheduled;
import com.epam.dlab.backendapi.service.InactivityService;
import com.google.inject.Inject;
@@ -39,9 +38,6 @@ public class CheckInactivityScheduledJob implements Job {
@Inject
private InactivityService inactivityService;
- @Inject
- private SystemUserInfoService systemUserInfoService;
-
@Override
public void execute(JobExecutionContext context) {
log.trace("Starting check inactivity job");
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/AccessKeyService.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/AccessKeyService.java
index dfb516e..4aabcf0 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/AccessKeyService.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/AccessKeyService.java
@@ -21,6 +21,11 @@ package com.epam.dlab.backendapi.service;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.dto.keyload.KeyLoadStatus;
+import org.keycloak.common.util.Base64Url;
+import org.keycloak.representations.IDToken;
+import org.keycloak.util.JsonSerialization;
+
+import java.io.IOException;
public interface AccessKeyService {
@@ -32,4 +37,15 @@ public interface AccessKeyService {
String generateKey(UserInfo userInfo, boolean createEdge);
+ public static void main(String[] args) throws IOException {
+
+ final String token = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJNUC15QVpENFdJRzloanp3R0RqQjdCeW9aNGpaV05QTjJ3X25uS1BkTnQ4In0.eyJqdGkiOiJiY2ExNGIwNC00MmQ3LTRhMzUtOTlmMC05MzhiOTkzNGYyZmQiLCJleHAiOjE1NjI4MzU1OTQsIm5iZiI6MCwiaWF0IjoxNTYyODM1Mjk0LCJpc3MiOiJodHRwOi8vNTIuMTEuNDUuMTE6ODA4MC9hdXRoL3JlYWxtcy9ETEFCX2JobGl2YSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiJjOWViNTQ2MS04NWZjLTQ5ZTItYmZhNy05ODk1NGU0MTIyMGQiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJzc3MiLCJhdXRoX3RpbWUiOjE1NjI4MzUyNjEsInNlc3Npb25fc3Rh [...]
+ String[] parts = token.split("\\.");
+ if (parts.length < 2 || parts.length > 3) throw new IllegalArgumentException("Parsing error");
+
+ byte[] bytes = Base64Url.decode(parts[1]);
+ final IDToken idToken = JsonSerialization.readValue(bytes, IDToken.class);
+ System.out.println(idToken.getPreferredUsername());
+ }
+
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakService.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakService.java
new file mode 100644
index 0000000..50044b9
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakService.java
@@ -0,0 +1,8 @@
+package com.epam.dlab.backendapi.service;
+
+import org.keycloak.representations.AccessTokenResponse;
+
+public interface KeycloakService {
+ AccessTokenResponse getToken(String code);
+ AccessTokenResponse refreshToken(String refreshToken);
+}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakServiceImpl.java
new file mode 100644
index 0000000..30ece2d
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/KeycloakServiceImpl.java
@@ -0,0 +1,57 @@
+package com.epam.dlab.backendapi.service;
+
+import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration;
+import com.epam.dlab.exceptions.DlabException;
+import com.google.inject.Inject;
+import org.keycloak.representations.AccessTokenResponse;
+
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.Entity;
+import javax.ws.rs.core.Form;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+public class KeycloakServiceImpl implements KeycloakService {
+
+ private static final String URI = "http://52.11.45.11:8080/auth/realms/DLAB_bhliva/protocol/openid-connect/token";
+ private final Client httpClient;
+ private final SelfServiceApplicationConfiguration conf;
+
+ @Inject
+ public KeycloakServiceImpl(Client httpClient, SelfServiceApplicationConfiguration conf) {
+ this.httpClient = httpClient;
+ this.conf = conf;
+ }
+
+ @Override
+ public AccessTokenResponse getToken(String code) {
+ return requestToken(accessTokenRequestForm(code));
+ }
+
+ @Override
+ public AccessTokenResponse refreshToken(String refreshToken) {
+ return requestToken(refreshTokenRequestForm(refreshToken));
+ }
+
+ private AccessTokenResponse requestToken(Form requestForm) {
+ final Response response = httpClient.target(URI).request()
+ .header(HttpHeaders.AUTHORIZATION, "Basic c3NzOjM3MzM4Y2M1LTc3ZjktNDdmOS05ZDk1LTVjYjcxNmI5MTExOA==")
+ .post(Entity.form(requestForm));
+ if (response.getStatusInfo().getFamily() != Response.Status.Family.SUCCESSFUL) {
+ throw new DlabException("can not get token");
+ }
+ return response.readEntity(AccessTokenResponse.class);
+ }
+
+ private Form accessTokenRequestForm(String code) {
+ return new Form()
+ .param("grant_type", "authorization_code")
+ .param("code", code);
+ }
+
+ private Form refreshTokenRequestForm(String refreshToken) {
+ return new Form()
+ .param("grant_type", "refresh_token")
+ .param("refresh_token", refreshToken);
+ }
+}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SchedulerJobService.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SchedulerJobService.java
index 2e25611..1059db0 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SchedulerJobService.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SchedulerJobService.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service;
-import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.dto.SchedulerJobDTO;
import com.epam.dlab.model.scheduler.SchedulerJobData;
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityService.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityService.java
new file mode 100644
index 0000000..2438e24
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityService.java
@@ -0,0 +1,8 @@
+package com.epam.dlab.backendapi.service;
+
+import com.epam.dlab.auth.UserInfo;
+
+public interface SecurityService {
+ UserInfo getUserInfo(String code);
+ UserInfo getUserInfoOffline(String username);
+}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityServiceImpl.java
new file mode 100644
index 0000000..f2930cd
--- /dev/null
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/SecurityServiceImpl.java
@@ -0,0 +1,51 @@
+package com.epam.dlab.backendapi.service;
+
+import com.epam.dlab.auth.UserInfo;
+import com.epam.dlab.backendapi.dao.SecurityDAO;
+import com.epam.dlab.exceptions.DlabException;
+import com.google.inject.Inject;
+import org.keycloak.common.util.Base64Url;
+import org.keycloak.representations.AccessTokenResponse;
+import org.keycloak.representations.IDToken;
+import org.keycloak.util.JsonSerialization;
+
+public class SecurityServiceImpl implements SecurityService {
+ private final KeycloakService keycloakService;
+ private final SecurityDAO securityDAO;
+
+ @Inject
+ public SecurityServiceImpl(KeycloakService keycloakService, SecurityDAO securityDAO) {
+ this.keycloakService = keycloakService;
+ this.securityDAO = securityDAO;
+ }
+
+ @Override
+ public UserInfo getUserInfo(String code) {
+ final AccessTokenResponse token = keycloakService.getToken(code);
+ final String username = parseToken(token.getToken()).getPreferredUsername();
+ securityDAO.saveUser(username, token);
+ return new UserInfo(username, token.getToken());
+ }
+
+ @Override
+ public UserInfo getUserInfoOffline(String username) {
+ return securityDAO.getTokenResponse(username)
+ .map(AccessTokenResponse::getRefreshToken)
+ .map(keycloakService::refreshToken)
+ .map(accessTokenResponse -> new UserInfo(parseToken(accessTokenResponse.getToken()).getPreferredUsername(), accessTokenResponse.getToken()))
+ .orElseThrow(() -> new DlabException("Can not find token for user " + username));
+ }
+
+ private IDToken parseToken(String encoded) {
+ try {
+ String[] parts = encoded.split("\\.");
+ if (parts.length < 2 || parts.length > 3) {
+ throw new IllegalArgumentException("Parsing error");
+ }
+ byte[] bytes = Base64Url.decode(parts[1]);
+ return JsonSerialization.readValue(bytes, IDToken.class);
+ } catch (Exception e) {
+ throw new DlabException("Can not parse token due to: " + e.getMessage());
+ }
+ }
+}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImpl.java
index ade44fb..efcb2c7 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImpl.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImpl.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.EnvDAO;
import com.epam.dlab.backendapi.dao.ExploratoryDAO;
@@ -27,10 +26,7 @@ import com.epam.dlab.backendapi.dao.KeyDAO;
import com.epam.dlab.backendapi.dao.UserSettingsDAO;
import com.epam.dlab.backendapi.resources.dto.UserDTO;
import com.epam.dlab.backendapi.resources.dto.UserResourceInfo;
-import com.epam.dlab.backendapi.service.ComputationalService;
-import com.epam.dlab.backendapi.service.EdgeService;
-import com.epam.dlab.backendapi.service.EnvironmentService;
-import com.epam.dlab.backendapi.service.ExploratoryService;
+import com.epam.dlab.backendapi.service.*;
import com.epam.dlab.dto.UserInstanceDTO;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.base.edge.EdgeInfo;
@@ -65,7 +61,7 @@ public class EnvironmentServiceImpl implements EnvironmentService {
@Inject
private ComputationalService computationalService;
@Inject
- private SystemUserInfoService systemUserInfoService;
+ private SecurityService securityService;
@Inject
private KeyDAO keyDAO;
@Inject
@@ -121,7 +117,7 @@ public class EnvironmentServiceImpl implements EnvironmentService {
@Override
public void stopEdge(String user) {
if (UserInstanceStatus.RUNNING.toString().equals(keyDAO.getEdgeStatus(user))) {
- edgeService.stop(systemUserInfoService.create(user));
+ edgeService.stop(securityService.getUserInfoOffline(user));
}
}
@@ -180,31 +176,31 @@ public class EnvironmentServiceImpl implements EnvironmentService {
}
private void stopNotebook(UserInstanceDTO instance) {
- final UserInfo userInfo = systemUserInfoService.create(instance.getUser());
+ final UserInfo userInfo = securityService.getUserInfoOffline(instance.getUser());
exploratoryService.stop(userInfo, instance.getExploratoryName());
}
private void stopDataengine(String user, String exploratoryName, String computationalName) {
- final UserInfo userInfo = systemUserInfoService.create(user);
+ final UserInfo userInfo = securityService.getUserInfoOffline(user);
computationalService.stopSparkCluster(userInfo, exploratoryName, computationalName);
}
private boolean terminateEdge(String user) {
final boolean nodeExists = keyDAO.edgeNodeExist(user);
if (nodeExists) {
- edgeService.terminate(systemUserInfoService.create(user));
+ edgeService.terminate(securityService.getUserInfoOffline(user));
exploratoryService.updateExploratoryStatuses(user, UserInstanceStatus.TERMINATING);
}
return nodeExists;
}
private void terminateNotebook(UserInstanceDTO instance) {
- final UserInfo userInfo = systemUserInfoService.create(instance.getUser());
+ final UserInfo userInfo = securityService.getUserInfoOffline(instance.getUser());
exploratoryService.terminate(userInfo, instance.getExploratoryName());
}
private void terminateCluster(String user, String exploratoryName, String computationalName) {
- final UserInfo userInfo = systemUserInfoService.create(user);
+ final UserInfo userInfo = securityService.getUserInfoOffline(user);
computationalService.terminateComputational(userInfo, exploratoryName, computationalName);
}
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/InactivityServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/InactivityServiceImpl.java
index 8184683..866808d 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/InactivityServiceImpl.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/InactivityServiceImpl.java
@@ -18,7 +18,6 @@
*/
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.ComputationalDAO;
import com.epam.dlab.backendapi.dao.EnvDAO;
@@ -27,6 +26,7 @@ import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.ComputationalService;
import com.epam.dlab.backendapi.service.ExploratoryService;
import com.epam.dlab.backendapi.service.InactivityService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.backendapi.util.RequestBuilder;
import com.epam.dlab.constants.ServiceConsts;
import com.epam.dlab.dto.UserInstanceDTO;
@@ -62,7 +62,7 @@ public class InactivityServiceImpl implements InactivityService {
@Inject
private ExploratoryService exploratoryService;
@Inject
- private SystemUserInfoService systemUserInfoService;
+ private SecurityService securityService;
@Override
public void updateRunningResourcesLastActivity() {
@@ -84,12 +84,12 @@ public class InactivityServiceImpl implements InactivityService {
private void updateLastActivity(UserInstanceDTO ui) {
if (UserInstanceStatus.RUNNING.toString().equals(ui.getStatus())) {
- updateExploratoryLastActivity(systemUserInfoService.create(ui.getUser()), ui);
+ updateExploratoryLastActivity(securityService.getUserInfoOffline(ui.getUser()), ui);
}
ui.getResources()
.stream()
.filter(comp -> UserInstanceStatus.RUNNING.toString().equals(comp.getStatus()))
- .forEach(cr -> updateComputationalLastActivity(systemUserInfoService.create(ui.getUser()), ui, cr));
+ .forEach(cr -> updateComputationalLastActivity(securityService.getUserInfoOffline(ui.getUser()), ui, cr));
}
private void updateComputationalLastActivity(UserInfo userInfo, UserInstanceDTO ui, UserComputationalResource cr) {
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImpl.java
index c906712..b9cabb1 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImpl.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImpl.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.ComputationalDAO;
import com.epam.dlab.backendapi.dao.EnvDAO;
@@ -29,6 +28,7 @@ import com.epam.dlab.backendapi.domain.RequestId;
import com.epam.dlab.backendapi.service.ComputationalService;
import com.epam.dlab.backendapi.service.ExploratoryService;
import com.epam.dlab.backendapi.service.SchedulerJobService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.SchedulerJobDTO;
import com.epam.dlab.dto.UserInstanceDTO;
import com.epam.dlab.dto.UserInstanceStatus;
@@ -85,7 +85,7 @@ public class SchedulerJobServiceImpl implements SchedulerJobService {
private ComputationalService computationalService;
@Inject
- private SystemUserInfoService systemUserService;
+ private SecurityService securityService;
@Inject
private EnvDAO envDAO;
@@ -206,14 +206,14 @@ public class SchedulerJobServiceImpl implements SchedulerJobService {
final String compName = job.getComputationalName();
final String user = job.getUser();
log.debug("Stopping exploratory {} computational {} for user {} by scheduler", expName, compName, user);
- computationalService.stopSparkCluster(systemUserService.create(user), expName, compName);
+ computationalService.stopSparkCluster(securityService.getUserInfoOffline(user), expName, compName);
}
private void terminateComputational(SchedulerJobData job) {
final String user = job.getUser();
final String expName = job.getExploratoryName();
final String compName = job.getComputationalName();
- final UserInfo userInfo = systemUserService.create(user);
+ final UserInfo userInfo = securityService.getUserInfoOffline(user);
log.debug("Terminating exploratory {} computational {} for user {} by scheduler", expName, compName, user);
computationalService.terminateComputational(userInfo, expName, compName);
}
@@ -222,7 +222,7 @@ public class SchedulerJobServiceImpl implements SchedulerJobService {
final String expName = job.getExploratoryName();
final String user = job.getUser();
log.debug("Stopping exploratory {} for user {} by scheduler", expName, user);
- exploratoryService.stop(systemUserService.create(user), expName);
+ exploratoryService.stop(securityService.getUserInfoOffline(user), expName);
}
private List<SchedulerJobData> getExploratorySchedulersForTerminating(OffsetDateTime now) {
@@ -243,7 +243,7 @@ public class SchedulerJobServiceImpl implements SchedulerJobService {
final String user = schedulerJobData.getUser();
final String exploratoryName = schedulerJobData.getExploratoryName();
log.debug("Starting exploratory {} for user {} by scheduler", exploratoryName, user);
- exploratoryService.start(systemUserService.create(user), exploratoryName);
+ exploratoryService.start(securityService.getUserInfoOffline(user), exploratoryName);
if (schedulerJobData.getJobDTO().isSyncStartRequired()) {
log.trace("Starting computational for exploratory {} for user {} by scheduler", exploratoryName, user);
final DataEngineType sparkCluster = DataEngineType.SPARK_STANDALONE;
@@ -261,12 +261,12 @@ public class SchedulerJobServiceImpl implements SchedulerJobService {
final String user = job.getUser();
final String expName = job.getExploratoryName();
log.debug("Terminating exploratory {} for user {} by scheduler", expName, user);
- exploratoryService.terminate(systemUserService.create(user), expName);
+ exploratoryService.terminate(securityService.getUserInfoOffline(user), expName);
}
private void startSpark(String user, String expName, String compName) {
log.debug("Starting exploratory {} computational {} for user {} by scheduler", expName, compName, user);
- computationalService.startSparkCluster(systemUserService.create(user), expName, compName);
+ computationalService.startSparkCluster(securityService.getUserInfoOffline(user), expName, compName);
}
private boolean shouldClusterBeStarted(DataEngineType sparkCluster, UserComputationalResource compResource) {
diff --git a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImplTest.java b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImplTest.java
index 1dce004..aa1755c 100644
--- a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImplTest.java
+++ b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/EnvironmentServiceImplTest.java
@@ -19,7 +19,6 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.EnvDAO;
import com.epam.dlab.backendapi.dao.ExploratoryDAO;
@@ -30,6 +29,7 @@ import com.epam.dlab.backendapi.resources.dto.UserResourceInfo;
import com.epam.dlab.backendapi.service.ComputationalService;
import com.epam.dlab.backendapi.service.EdgeService;
import com.epam.dlab.backendapi.service.ExploratoryService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.UserInstanceDTO;
import com.epam.dlab.dto.UserInstanceStatus;
import com.epam.dlab.dto.base.edge.EdgeInfo;
@@ -66,7 +66,7 @@ public class EnvironmentServiceImplTest {
@Mock
private ExploratoryDAO exploratoryDAO;
@Mock
- private SystemUserInfoService systemUserInfoService;
+ private SecurityService securityService;
@Mock
private ExploratoryService exploratoryService;
@Mock
@@ -174,7 +174,7 @@ public class EnvironmentServiceImplTest {
doReturn(Collections.singleton(USER)).when(envDAO).fetchAllUsers();
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchRunningExploratoryFields(anyString())).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.stop(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.getEdgeStatus(anyString())).thenReturn(RUNNING_STATE);
when(edgeService.stop(any(UserInfo.class))).thenReturn(UUID);
@@ -183,7 +183,7 @@ public class EnvironmentServiceImplTest {
verify(envDAO).fetchAllUsers();
verify(exploratoryDAO).fetchRunningExploratoryFields(USER);
- verify(systemUserInfoService, times(3)).create(USER);
+ verify(securityService, times(3)).getUserInfoOffline(USER);
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO, times(2)).getEdgeStatus(USER);
@@ -220,7 +220,7 @@ public class EnvironmentServiceImplTest {
doReturn(Collections.singleton(USER)).when(envDAO).fetchAllUsers();
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchRunningExploratoryFields(anyString())).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.stop(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.getEdgeStatus(anyString())).thenReturn(STOPPED_STATE);
when(edgeService.stop(any(UserInfo.class))).thenReturn(UUID);
@@ -229,7 +229,7 @@ public class EnvironmentServiceImplTest {
verify(envDAO).fetchAllUsers();
verify(exploratoryDAO).fetchRunningExploratoryFields(USER);
- verify(systemUserInfoService, times(2)).create(USER);
+ verify(securityService, times(2)).getUserInfoOffline(USER);
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO, times(2)).getEdgeStatus(USER);
@@ -244,7 +244,7 @@ public class EnvironmentServiceImplTest {
public void stopEnvironment() {
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchRunningExploratoryFields(anyString())).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.stop(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.getEdgeStatus(anyString())).thenReturn(RUNNING_STATE);
when(edgeService.stop(any(UserInfo.class))).thenReturn(UUID);
@@ -252,7 +252,7 @@ public class EnvironmentServiceImplTest {
environmentService.stopEnvironment(USER);
verify(exploratoryDAO).fetchRunningExploratoryFields(USER);
- verify(systemUserInfoService, times(3)).create(USER);
+ verify(securityService, times(3)).getUserInfoOffline(USER);
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO, times(2)).getEdgeStatus(USER);
@@ -286,7 +286,7 @@ public class EnvironmentServiceImplTest {
public void stopEnvironmentWithoutEdge() {
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchRunningExploratoryFields(anyString())).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.stop(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.getEdgeStatus(anyString())).thenReturn(STOPPED_STATE);
when(edgeService.stop(any(UserInfo.class))).thenReturn(UUID);
@@ -294,7 +294,7 @@ public class EnvironmentServiceImplTest {
environmentService.stopEnvironment(USER);
verify(exploratoryDAO).fetchRunningExploratoryFields(USER);
- verify(systemUserInfoService, times(2)).create(USER);
+ verify(securityService, times(2)).getUserInfoOffline(USER);
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO, times(2)).getEdgeStatus(USER);
@@ -309,15 +309,15 @@ public class EnvironmentServiceImplTest {
public void stopEdge() {
final UserInfo userInfo = getUserInfo();
when(keyDAO.getEdgeStatus(anyString())).thenReturn(RUNNING_STATE);
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(edgeService.stop(any(UserInfo.class))).thenReturn(UUID);
environmentService.stopEdge(USER);
verify(keyDAO).getEdgeStatus(USER);
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(edgeService).stop(refEq(userInfo));
- verifyNoMoreInteractions(keyDAO, systemUserInfoService, edgeService);
+ verifyNoMoreInteractions(keyDAO, securityService, edgeService);
}
@Test
@@ -327,34 +327,34 @@ public class EnvironmentServiceImplTest {
environmentService.stopEdge(USER);
verify(keyDAO).getEdgeStatus(USER);
- verifyZeroInteractions(systemUserInfoService, edgeService);
+ verifyZeroInteractions(securityService, edgeService);
verifyNoMoreInteractions(keyDAO);
}
@Test
public void stopExploratory() {
final UserInfo userInfo = getUserInfo();
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.stop(any(UserInfo.class), anyString())).thenReturn(UUID);
environmentService.stopExploratory(USER, EXPLORATORY_NAME_1);
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(exploratoryService).stop(refEq(userInfo), eq(EXPLORATORY_NAME_1));
- verifyNoMoreInteractions(systemUserInfoService, exploratoryService);
+ verifyNoMoreInteractions(securityService, exploratoryService);
}
@Test
public void stopComputational() {
final UserInfo userInfo = getUserInfo();
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
doNothing().when(computationalService).stopSparkCluster(any(UserInfo.class), anyString(), anyString());
environmentService.stopComputational(USER, EXPLORATORY_NAME_1, "compName");
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(computationalService).stopSparkCluster(refEq(userInfo), eq(EXPLORATORY_NAME_1), eq("compName"));
- verifyNoMoreInteractions(systemUserInfoService, computationalService);
+ verifyNoMoreInteractions(securityService, computationalService);
}
@Test
@@ -364,7 +364,7 @@ public class EnvironmentServiceImplTest {
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchUserExploratoriesWhereStatusIn(anyString(), any(List.class), anyVararg()))
.thenReturn(Collections.emptyList());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.terminate(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.edgeNodeExist(anyString())).thenReturn(true);
when(edgeService.terminate(any(UserInfo.class))).thenReturn(UUID);
@@ -373,7 +373,7 @@ public class EnvironmentServiceImplTest {
verify(envDAO).fetchAllUsers();
verify(exploratoryDAO).fetchUserExploratoriesWhereStatusIn(anyString(), any(List.class), anyVararg());
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(keyDAO).edgeNodeExist(USER);
verify(edgeService).terminate(refEq(userInfo));
verify(exploratoryService).updateExploratoryStatuses(USER, UserInstanceStatus.TERMINATING);
@@ -393,7 +393,7 @@ public class EnvironmentServiceImplTest {
eq(UserInstanceStatus.CREATING), eq(UserInstanceStatus.STARTING))).thenReturn(Collections.emptyList());
when(exploratoryDAO.fetchUserExploratoriesWhereStatusNotIn(anyString(), eq(UserInstanceStatus.TERMINATED),
eq(UserInstanceStatus.FAILED), eq(UserInstanceStatus.TERMINATING))).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.terminate(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.edgeNodeExist(anyString())).thenReturn(false);
when(edgeService.terminate(any(UserInfo.class))).thenReturn(UUID);
@@ -403,7 +403,7 @@ public class EnvironmentServiceImplTest {
verify(envDAO).fetchAllUsers();
verify(exploratoryDAO).fetchUserExploratoriesWhereStatusNotIn(USER, UserInstanceStatus.TERMINATED,
UserInstanceStatus.FAILED, UserInstanceStatus.TERMINATING);
- verify(systemUserInfoService, times(2)).create(USER);
+ verify(securityService, times(2)).getUserInfoOffline(USER);
verify(exploratoryService).terminate(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).terminate(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO).edgeNodeExist(USER);
@@ -441,7 +441,7 @@ public class EnvironmentServiceImplTest {
final UserInfo userInfo = getUserInfo();
when(exploratoryDAO.fetchUserExploratoriesWhereStatusIn(anyString(), any(List.class), anyVararg()))
.thenReturn(Collections.emptyList());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.terminate(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.edgeNodeExist(anyString())).thenReturn(true);
when(edgeService.terminate(any(UserInfo.class))).thenReturn(UUID);
@@ -449,7 +449,7 @@ public class EnvironmentServiceImplTest {
environmentService.terminateEnvironment(USER);
verify(exploratoryDAO).fetchUserExploratoriesWhereStatusIn(anyString(), any(List.class), anyVararg());
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(keyDAO).edgeNodeExist(USER);
verify(edgeService).terminate(refEq(userInfo));
verify(exploratoryService).updateExploratoryStatuses(USER, UserInstanceStatus.TERMINATING);
@@ -468,7 +468,7 @@ public class EnvironmentServiceImplTest {
eq(UserInstanceStatus.CREATING), eq(UserInstanceStatus.STARTING))).thenReturn(Collections.emptyList());
when(exploratoryDAO.fetchUserExploratoriesWhereStatusNotIn(anyString(), eq(UserInstanceStatus.TERMINATED),
eq(UserInstanceStatus.FAILED), eq(UserInstanceStatus.TERMINATING))).thenReturn(getUserInstances());
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.terminate(any(UserInfo.class), anyString())).thenReturn(UUID);
when(keyDAO.edgeNodeExist(anyString())).thenReturn(false);
when(edgeService.terminate(any(UserInfo.class))).thenReturn(UUID);
@@ -477,7 +477,7 @@ public class EnvironmentServiceImplTest {
verify(exploratoryDAO).fetchUserExploratoriesWhereStatusNotIn(USER, UserInstanceStatus.TERMINATED,
UserInstanceStatus.FAILED, UserInstanceStatus.TERMINATING);
- verify(systemUserInfoService, times(2)).create(USER);
+ verify(securityService, times(2)).getUserInfoOffline(USER);
verify(exploratoryService).terminate(refEq(userInfo), eq(EXPLORATORY_NAME_1));
verify(exploratoryService).terminate(refEq(userInfo), eq(EXPLORATORY_NAME_2));
verify(keyDAO).edgeNodeExist(USER);
@@ -510,29 +510,29 @@ public class EnvironmentServiceImplTest {
@Test
public void terminateExploratory() {
final UserInfo userInfo = getUserInfo();
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
when(exploratoryService.terminate(any(UserInfo.class), anyString())).thenReturn(UUID);
environmentService.terminateExploratory(USER, EXPLORATORY_NAME_1);
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(exploratoryService).terminate(refEq(userInfo), eq(EXPLORATORY_NAME_1));
- verifyNoMoreInteractions(systemUserInfoService, exploratoryService);
+ verifyNoMoreInteractions(securityService, exploratoryService);
}
@Test
public void terminateComputational() {
final UserInfo userInfo = getUserInfo();
- when(systemUserInfoService.create(anyString())).thenReturn(userInfo);
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(userInfo);
doNothing().when(computationalService)
.terminateComputational(any(UserInfo.class), anyString(), anyString());
environmentService.terminateComputational(USER, EXPLORATORY_NAME_1, "compName");
- verify(systemUserInfoService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(computationalService)
.terminateComputational(refEq(userInfo), eq(EXPLORATORY_NAME_1), eq("compName"));
- verifyNoMoreInteractions(systemUserInfoService, computationalService);
+ verifyNoMoreInteractions(securityService, computationalService);
}
private UserInfo getUserInfo() {
diff --git a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImplTest.java b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImplTest.java
index 4ca2ca0..79e2603 100644
--- a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImplTest.java
+++ b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/SchedulerJobServiceImplTest.java
@@ -19,13 +19,13 @@
package com.epam.dlab.backendapi.service.impl;
-import com.epam.dlab.auth.SystemUserInfoService;
import com.epam.dlab.auth.UserInfo;
import com.epam.dlab.backendapi.dao.ComputationalDAO;
import com.epam.dlab.backendapi.dao.ExploratoryDAO;
import com.epam.dlab.backendapi.dao.SchedulerJobDAO;
import com.epam.dlab.backendapi.service.ComputationalService;
import com.epam.dlab.backendapi.service.ExploratoryService;
+import com.epam.dlab.backendapi.service.SecurityService;
import com.epam.dlab.dto.SchedulerJobDTO;
import com.epam.dlab.dto.UserInstanceDTO;
import com.epam.dlab.dto.UserInstanceStatus;
@@ -70,7 +70,7 @@ public class SchedulerJobServiceImplTest {
@Mock
private ComputationalDAO computationalDAO;
@Mock
- private SystemUserInfoService systemUserService;
+ private SecurityService securityService;
@Mock
private ExploratoryService exploratoryService;
@Mock
@@ -391,16 +391,16 @@ public class SchedulerJobServiceImplTest {
LocalDateTime.of(LocalDate.now(),
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES))));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startComputationalByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, STOPPED);
verify(computationalService).startSparkCluster(refEq(getUserInfo()), eq(EXPLORATORY_NAME),
eq(COMPUTATIONAL_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -413,7 +413,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO).getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE,
STOPPED);
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, computationalService);
+ verifyZeroInteractions(securityService, computationalService);
}
@Test
@@ -428,13 +428,13 @@ public class SchedulerJobServiceImplTest {
terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -450,13 +450,13 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -473,13 +473,13 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@@ -491,16 +491,16 @@ public class SchedulerJobServiceImplTest {
LocalDateTime.of(LocalDate.now(),
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES))));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopComputationalByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, RUNNING);
verify(computationalService).stopSparkCluster(refEq(getUserInfo()), eq(EXPLORATORY_NAME),
eq(COMPUTATIONAL_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -513,7 +513,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, RUNNING);
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, computationalService);
+ verifyZeroInteractions(securityService, computationalService);
}
@Test
@@ -528,13 +528,13 @@ public class SchedulerJobServiceImplTest {
terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -550,13 +550,13 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -571,13 +571,13 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, DataEngineType.SPARK_STANDALONE, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@@ -589,15 +589,15 @@ public class SchedulerJobServiceImplTest {
LocalDateTime.of(LocalDate.now(),
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES))));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopExploratoryByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(eq(RUNNING),
any(Date.class));
verify(exploratoryService).stop(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService);
}
@Test
@@ -610,7 +610,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO).getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(eq(RUNNING),
any(Date.class));
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, exploratoryService);
+ verifyZeroInteractions(securityService, exploratoryService);
}
@Test
@@ -623,13 +623,13 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(any(UserInstanceStatus.class), any(Date.class))).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(eq(RUNNING),
any(Date.class));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService);
}
@Test
@@ -645,13 +645,13 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(any(UserInstanceStatus.class), any(Date.class)))
.thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(eq(RUNNING),
any(Date.class));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService);
}
@Test
@@ -665,13 +665,13 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(any(UserInstanceStatus.class), any(Date.class))).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.stopExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(eq(RUNNING),
any(Date.class));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService);
}
@@ -685,14 +685,14 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
)));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startExploratoryByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
verify(exploratoryService).start(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService);
verifyZeroInteractions(computationalService, computationalDAO);
}
@@ -706,20 +706,20 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), true, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
)));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
when(computationalDAO.findComputationalResourcesWithStatus(anyString(), anyString(),
any(UserInstanceStatus.class))).thenReturn(singletonList(getComputationalResource(
DataEngineType.SPARK_STANDALONE, true)));
schedulerJobService.startExploratoryByScheduler();
- verify(systemUserService, times(2)).create(USER);
+ verify(securityService, times(2)).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
verify(exploratoryService).start(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
verify(computationalDAO).findComputationalResourcesWithStatus(USER, EXPLORATORY_NAME, STOPPED);
verify(computationalService).startSparkCluster(refEq(getUserInfo()), eq(EXPLORATORY_NAME),
eq(COMPUTATIONAL_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService, computationalService,
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService, computationalService,
computationalDAO);
}
@@ -733,18 +733,18 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), true, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
)));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
when(computationalDAO.findComputationalResourcesWithStatus(anyString(), anyString(),
any(UserInstanceStatus.class))).thenReturn(singletonList(getComputationalResource(
DataEngineType.CLOUD_SERVICE, true)));
schedulerJobService.startExploratoryByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
verify(exploratoryService).start(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
verify(computationalDAO).findComputationalResourcesWithStatus(USER, EXPLORATORY_NAME, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService, computationalDAO);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService, computationalDAO);
verifyZeroInteractions(computationalService);
}
@@ -758,18 +758,18 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), true, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
)));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
when(computationalDAO.findComputationalResourcesWithStatus(anyString(), anyString(),
any(UserInstanceStatus.class))).thenReturn(singletonList(getComputationalResource(
DataEngineType.SPARK_STANDALONE, false)));
schedulerJobService.startExploratoryByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
verify(exploratoryService).start(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
verify(computationalDAO).findComputationalResourcesWithStatus(USER, EXPLORATORY_NAME, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService, computationalDAO);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService, computationalDAO);
verifyZeroInteractions(computationalService);
}
@@ -781,7 +781,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, exploratoryService, computationalService, computationalDAO);
+ verifyZeroInteractions(securityService, exploratoryService, computationalService, computationalDAO);
}
@Test
@@ -794,12 +794,12 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerDataWithStatus(any(UserInstanceStatus.class))).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
- verifyZeroInteractions(systemUserService, exploratoryService, computationalService, computationalDAO);
+ verifyZeroInteractions(securityService, exploratoryService, computationalService, computationalDAO);
}
@Test
@@ -813,12 +813,12 @@ public class SchedulerJobServiceImplTest {
final SchedulerJobData schedulerJobData = getSchedulerJobData(beginDate, finishDate, startDays, stopDays,
terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getExploratorySchedulerDataWithStatus(any(UserInstanceStatus.class))).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
- verifyZeroInteractions(systemUserService, exploratoryService, computationalService, computationalDAO);
+ verifyZeroInteractions(securityService, exploratoryService, computationalService, computationalDAO);
}
@Test
@@ -831,12 +831,12 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)), false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getExploratorySchedulerDataWithStatus(any(UserInstanceStatus.class))).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.startExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithStatus(STOPPED);
- verifyZeroInteractions(systemUserService, exploratoryService, computationalService, computationalDAO);
+ verifyZeroInteractions(securityService, exploratoryService, computationalService, computationalDAO);
}
@@ -852,16 +852,16 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateComputationalByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, STOPPED, RUNNING);
verify(computationalService).terminateComputational(refEq(getUserInfo()), eq(EXPLORATORY_NAME),
eq(COMPUTATIONAL_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -873,7 +873,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO).getComputationalSchedulerDataWithOneOfStatus(RUNNING, STOPPED, RUNNING);
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, computationalService);
+ verifyZeroInteractions(securityService, computationalService);
}
@Test
@@ -886,12 +886,12 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateComputationalByScheduler();
verify(schedulerJobDAO).getComputationalSchedulerDataWithOneOfStatus(RUNNING, STOPPED, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -906,12 +906,12 @@ public class SchedulerJobServiceImplTest {
terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateComputationalByScheduler();
verify(schedulerJobDAO).getComputationalSchedulerDataWithOneOfStatus(RUNNING, STOPPED, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -926,13 +926,13 @@ public class SchedulerJobServiceImplTest {
);
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateComputationalByScheduler();
verify(schedulerJobDAO)
.getComputationalSchedulerDataWithOneOfStatus(RUNNING, STOPPED, RUNNING);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService);
}
@Test
@@ -946,14 +946,14 @@ public class SchedulerJobServiceImplTest {
, terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerDataWithOneOfStatus(anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateExploratoryByScheduler();
- verify(systemUserService).create(USER);
+ verify(securityService).getUserInfoOffline(USER);
verify(schedulerJobDAO).getExploratorySchedulerDataWithOneOfStatus(RUNNING, STOPPED);
verify(exploratoryService).terminate(refEq(getUserInfo()), eq(EXPLORATORY_NAME));
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService, exploratoryService);
}
@Test
@@ -965,7 +965,7 @@ public class SchedulerJobServiceImplTest {
verify(schedulerJobDAO).getExploratorySchedulerDataWithOneOfStatus(RUNNING, STOPPED);
verifyNoMoreInteractions(schedulerJobDAO);
- verifyZeroInteractions(systemUserService, exploratoryService, computationalService);
+ verifyZeroInteractions(securityService, exploratoryService, computationalService);
}
@Test
@@ -977,12 +977,12 @@ public class SchedulerJobServiceImplTest {
LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerDataWithOneOfStatus(anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithOneOfStatus(RUNNING, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService, computationalService);
}
@Test
@@ -997,12 +997,12 @@ public class SchedulerJobServiceImplTest {
beginDate, finishDate, startDays, stopDays, terminateDateTime, false, USER,
LocalTime.now().truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getExploratorySchedulerDataWithOneOfStatus(anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithOneOfStatus(RUNNING, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, exploratoryService, computationalService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, exploratoryService, computationalService);
}
@Test
@@ -1016,12 +1016,12 @@ public class SchedulerJobServiceImplTest {
terminateDateTime, false, USER, LocalTime.now().truncatedTo(ChronoUnit.MINUTES)
);
when(schedulerJobDAO.getExploratorySchedulerDataWithOneOfStatus(anyVararg())).thenReturn(singletonList(schedulerJobData));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
schedulerJobService.terminateExploratoryByScheduler();
verify(schedulerJobDAO).getExploratorySchedulerDataWithOneOfStatus(RUNNING, STOPPED);
- verifyNoMoreInteractions(systemUserService, schedulerJobDAO, computationalService, exploratoryService);
+ verifyNoMoreInteractions(securityService, schedulerJobDAO, computationalService, exploratoryService);
}
@Test
@@ -1042,7 +1042,7 @@ public class SchedulerJobServiceImplTest {
false, "user123", offsetTime.truncatedTo(ChronoUnit.MINUTES));
when(schedulerJobDAO.getExploratorySchedulerWithStatusAndClusterLastActivityLessThan(any(UserInstanceStatus.class), any(Date.class))).thenReturn(Arrays.asList(schedulerJobData, secondScheduler));
- when(systemUserService.create(anyString())).thenReturn(getUserInfo());
+ when(securityService.getUserInfoOffline(anyString())).thenReturn(getUserInfo());
when(schedulerJobDAO.getComputationalSchedulerDataWithOneOfStatus(any(UserInstanceStatus.class),
any(DataEngineType.class), anyVararg())).thenReturn(singletonList(schedulerJobData));
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org