You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2017/06/16 20:36:42 UTC

[39/50] [abbrv] airavata-php-gateway git commit: AIRAVATA-2342 Setting cafile_path for all Keycloak API calls

AIRAVATA-2342 Setting cafile_path for all Keycloak API calls


Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/12bcfca3
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/12bcfca3
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/12bcfca3

Branch: refs/heads/develop
Commit: 12bcfca3e7c820188dc2c12a709b874c39995730
Parents: 9f754b2
Author: Marcus Christie <ma...@iu.edu>
Authored: Wed May 24 17:32:34 2017 -0400
Committer: Marcus Christie <ma...@iu.edu>
Committed: Wed May 24 17:32:34 2017 -0400

----------------------------------------------------------------------
 app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php | 6 ++++--
 app/libraries/Keycloak/Keycloak.php                    | 8 ++++----
 app/libraries/Keycloak/KeycloakUtil.php                | 3 ++-
 3 files changed, 10 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/12bcfca3/app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php b/app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php
index 9f9740f..93e7f7d 100644
--- a/app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php
+++ b/app/libraries/Keycloak/API/BaseKeycloakAPIEndpoint.php
@@ -12,16 +12,18 @@ class BaseKeycloakAPIEndpoint {
     protected $admin_username;
     protected $admin_password;
     protected $verify_peer;
+    protected $cafile_path;
 
-    function __construct($base_endpoint_url, $admin_username, $admin_password, $verify_peer) {
+    function __construct($base_endpoint_url, $admin_username, $admin_password, $verify_peer, $cafile_path) {
         $this->base_endpoint_url = $base_endpoint_url;
         $this->admin_username = $admin_username;
         $this->admin_password = $admin_password;
         $this->verify_peer = $verify_peer;
+        $this->cafile_path = $cafile_path;
     }
 
     protected function getAPIAccessToken($realm) {
 
-        return KeycloakUtil::getAPIAccessToken($this->base_endpoint_url, $realm, $this->admin_username, $this->admin_password, $this->verify_peer);
+        return KeycloakUtil::getAPIAccessToken($this->base_endpoint_url, $realm, $this->admin_username, $this->admin_password, $this->verify_peer, $this->cafile_path);
     }
 }

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/12bcfca3/app/libraries/Keycloak/Keycloak.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/Keycloak.php b/app/libraries/Keycloak/Keycloak.php
index 6a7ecad..7f0d511 100644
--- a/app/libraries/Keycloak/Keycloak.php
+++ b/app/libraries/Keycloak/Keycloak.php
@@ -49,9 +49,9 @@ class Keycloak {
         $this->admin_password = $admin_password;
         $this->gateway_id = $gateway_id;
 
-        $this->role_mapper = new RoleMapper($base_endpoint_url, $admin_username, $admin_password, $verify_peer);
-        $this->roles = new Roles($base_endpoint_url, $admin_username, $admin_password, $verify_peer);
-        $this->users = new Users($base_endpoint_url, $admin_username, $admin_password, $verify_peer);
+        $this->role_mapper = new RoleMapper($base_endpoint_url, $admin_username, $admin_password, $verify_peer, $this->cafile_path);
+        $this->roles = new Roles($base_endpoint_url, $admin_username, $admin_password, $verify_peer, $this->cafile_path);
+        $this->users = new Users($base_endpoint_url, $admin_username, $admin_password, $verify_peer, $this->cafile_path);
     }
 
     /**
@@ -401,7 +401,7 @@ class Keycloak {
 
     public function getAdminAuthzToken() {
 
-        $access_token = KeycloakUtil::getAPIAccessToken($this->base_endpoint_url, $this->realm, $this->admin_username, $this->admin_password, $this->verify_peer);
+        $access_token = KeycloakUtil::getAPIAccessToken($this->base_endpoint_url, $this->realm, $this->admin_username, $this->admin_password, $this->verify_peer, $this->cafile_path);
         $authzToken = new \Airavata\Model\Security\AuthzToken();
         $authzToken->accessToken = $access_token;
         $authzToken->claimsMap['gatewayID'] = $this->gateway_id;

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/12bcfca3/app/libraries/Keycloak/KeycloakUtil.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/KeycloakUtil.php b/app/libraries/Keycloak/KeycloakUtil.php
index ce5e779..6628052 100644
--- a/app/libraries/Keycloak/KeycloakUtil.php
+++ b/app/libraries/Keycloak/KeycloakUtil.php
@@ -6,7 +6,7 @@ use Log;
 
 class KeycloakUtil {
 
-    public static function getAPIAccessToken($base_endpoint_url, $realm, $admin_username, $admin_password, $verify_peer) {
+    public static function getAPIAccessToken($base_endpoint_url, $realm, $admin_username, $admin_password, $verify_peer, $cafile_path) {
 
         // http://www.keycloak.org/docs/2.5/server_development/topics/admin-rest-api.html
         // curl -d client_id=admin-cli -d username=username \
@@ -16,6 +16,7 @@ class KeycloakUtil {
         curl_setopt($r, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($r, CURLOPT_ENCODING, 1);
         curl_setopt($r, CURLOPT_SSL_VERIFYPEER, $verify_peer);
+        curl_setopt($r, CURLOPT_CAINFO, $cafile_path);
 
         // Assemble POST parameters for the request.
         $post_fields = "client_id=admin-cli&username=" . urlencode($admin_username) . "&password=" . urlencode($admin_password) . "&grant_type=password";