You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by an...@apache.org on 2017/05/02 16:49:36 UTC
[21/23] airavata git commit: pull request review implemented,
adding reset pass and find user api's
pull request review implemented, adding reset pass and find user api's
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/686d8e30
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/686d8e30
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/686d8e30
Branch: refs/heads/develop
Commit: 686d8e30a76ad06b96ab9232933a6579126398ad
Parents: 63a797b
Author: Anuj Bhandar <bh...@gmail.com>
Authored: Mon May 1 20:35:56 2017 -0400
Committer: Anuj Bhandar <bh...@gmail.com>
Committed: Mon May 1 20:35:56 2017 -0400
----------------------------------------------------------------------
.../iam-admin-services-core/pom.xml | 7 +-
.../core/impl/TenantManagementKeycloakImpl.java | 88 +-
.../interfaces/TenantManagementInterface.java | 25 +-
.../services/core/tests/SetupNewGateway.java | 48 +-
.../handlers/IamAdminServicesHandler.java | 35 +-
.../admin/services/cpi/IamAdminServices.java | 2984 ++++++++++++++++++
.../iam-admin-services-cpi.thrift | 18 +
7 files changed, 3186 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/pom.xml
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/pom.xml b/airavata-services/profile-service/iam-admin-services-core/pom.xml
index dcf637e..51bde16 100644
--- a/airavata-services/profile-service/iam-admin-services-core/pom.xml
+++ b/airavata-services/profile-service/iam-admin-services-core/pom.xml
@@ -25,7 +25,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.5.3</version>
+ <version>4.5.2</version>
</dependency>
<!-- https://mvnrepository.com/artifact/javax.ws.rs/javax.ws.rs-api -->
<dependency>
@@ -54,11 +54,6 @@
</dependency>
<dependency>
<groupId>org.apache.airavata</groupId>
- <artifactId>airavata-credential-store</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.airavata</groupId>
<artifactId>profile-service-stubs</artifactId>
<version>${project.version}</version>
</dependency>
http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
index 717cdcb..5c07980 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java
@@ -35,6 +35,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.List;
public class TenantManagementKeycloakImpl implements TenantManagementInterface {
@@ -65,12 +66,12 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
client.realms().create(realmWithRoles);
return gatewayDetails;
} catch (ApplicationSettingsException ex) {
- logger.error("Error getting values from property file, reason: " + ex.getCause(), ex);
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting Iam server Url from property file, reason: " + ex.getMessage());
throw exception;
} catch (Exception ex){
- logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getCause(), ex);
+ logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error creating Realm in Keycloak Server, reason: " + ex.getMessage());
throw exception;
@@ -91,6 +92,10 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
gatewayUserRole.setName("gateway-user");
gatewayUserRole.setDescription("default role for PGA users");
defaultRoles.add(gatewayUserRole);
+ RoleRepresentation pendingUserRole = new RoleRepresentation();
+ pendingUserRole.setName("user-pending");
+ pendingUserRole.setDescription("role for newly registered PGA users");
+ defaultRoles.add(pendingUserRole);
RolesRepresentation rolesRepresentation = new RolesRepresentation();
rolesRepresentation.setRealm(defaultRoles);
realmDetails.setRoles(rolesRepresentation);
@@ -139,12 +144,12 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
return false;
}
}catch (ApplicationSettingsException ex) {
- logger.error("Error getting values from property file, reason: " + ex.getCause(), ex);
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
}catch (Exception ex){
- logger.error("Error creating Realm Admin Account in keycloak server, reason: " + ex.getCause(), ex);
+ logger.error("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage());
throw exception;
@@ -186,7 +191,7 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
return null;
}
}catch (ApplicationSettingsException ex) {
- logger.error("Error getting values from property file, reason: " + ex.getCause(), ex);
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
@@ -224,7 +229,7 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
return false;
}
}catch (ApplicationSettingsException ex) {
- logger.error("Error getting values from property file, reason: " + ex.getCause(), ex);
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
@@ -244,11 +249,80 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface {
userResource.update(profile);
return true;
} catch (ApplicationSettingsException ex) {
- logger.error("Error getting values from property file, reason: " + ex.getCause(), ex);
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
IamAdminServicesException exception = new IamAdminServicesException();
exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
throw exception;
}
}
+ public boolean resetUserPassword(PasswordCredential realmAdminCreds, UserProfile userProfile, String newPassword) throws IamAdminServicesException{
+ try{
+ Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), userProfile.getGatewayId(), realmAdminCreds);
+ List<UserRepresentation> retrieveUserList = client.realm(userProfile.getGatewayId()).users().search(userProfile.getUserId(),
+ userProfile.getUserName(),
+ null,
+ userProfile.getEmails().get(0),
+ 0, 1);
+ if(!retrieveUserList.isEmpty())
+ {
+ UserResource retrievedUser = client.realm(userProfile.getGatewayId()).users().get(retrieveUserList.get(0).getId());
+ CredentialRepresentation credential = new CredentialRepresentation();
+ credential.setType(CredentialRepresentation.PASSWORD);
+ credential.setValue(newPassword);
+ credential.setTemporary(false);
+ retrievedUser.resetPassword(credential);
+ return true;
+ }else{
+ logger.error("requested User not found");
+ return false;
+ }
+ } catch (ApplicationSettingsException ex) {
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+ throw exception;
+ } catch (Exception ex){
+ logger.error("Error resetting user password in keycloak server, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error resetting user password in keycloak server, reason: " + ex.getMessage());
+ throw exception;
+ }
+ }
+
+ public List<UserProfile> findUser(PasswordCredential realmAdminCreds, String gatewayID, String email, String userName) throws IamAdminServicesException{
+ try{
+ Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), gatewayID, realmAdminCreds);
+ List<UserRepresentation> retrieveUserList = client.realm(gatewayID).users().search(userName,
+ null,
+ null,
+ email,
+ 0, 1);
+ if(!retrieveUserList.isEmpty())
+ {
+ List<UserProfile> userList = new ArrayList<>();
+ for(UserRepresentation user : retrieveUserList){
+ UserProfile profile = new UserProfile();
+ profile.setUserId(user.getUsername());
+ profile.setUserName(user.getFirstName());
+ profile.setEmails(Arrays.asList(new String[]{user.getEmail()}));
+ userList.add(profile);
+ }
+ return userList;
+ }else{
+ logger.error("requested User not found");
+ return null;
+ }
+ } catch (ApplicationSettingsException ex) {
+ logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
+ throw exception;
+ } catch (Exception ex){
+ logger.error("Error finding user in keycloak server, reason: " + ex.getMessage(), ex);
+ IamAdminServicesException exception = new IamAdminServicesException();
+ exception.setMessage("Error finding user in keycloak server, reason: " + ex.getMessage());
+ throw exception;
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
index c2d5d3c..95cad58 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java
@@ -26,6 +26,8 @@ import org.apache.airavata.model.user.UserProfile;
import org.apache.airavata.model.workspace.Gateway;
import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
+import java.util.List;
+
public interface TenantManagementInterface {
/**
@@ -56,7 +58,7 @@ public interface TenantManagementInterface {
Gateway configureClient(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException;
/**
- * Method to configure application client in Identity Server
+ * Method to create user in Identity Server
*
* @param realmAdminCreds identity server realm admin credentials
* @param userProfile gateway details from workspace catalog
@@ -74,4 +76,25 @@ public interface TenantManagementInterface {
*/
boolean enableUserAccount(PasswordCredential realmAdminAccount, UserProfile userDetails) throws IamAdminServicesException;
+ /**
+ * Method to reset user password in Identity Server
+ *
+ * @param realmAdminCreds identity server realm admin credentials
+ * @param userProfile set only available data in userProfile, ex: gatewayID (required), userId(optional) and email(required)
+ * @param newPassword
+ * @return Gateway object.
+ */
+ boolean resetUserPassword(PasswordCredential realmAdminCreds, UserProfile userProfile, String newPassword) throws IamAdminServicesException;
+
+ /**
+ * Method to find user in Identity Server
+ *
+ * @param realmAdminCreds identity server realm admin credentials
+ * @param gatewayID required
+ * @param email required
+ * @param userName can be null
+ * @return Gateway object.
+ */
+ List<UserProfile> findUser(PasswordCredential realmAdminCreds, String gatewayID, String email, String userName) throws IamAdminServicesException;
+
}
http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
index 024dc94..91479bf 100644
--- a/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
+++ b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java
@@ -17,6 +17,7 @@ public class SetupNewGateway {
private final static Logger logger = LoggerFactory.getLogger(SetupNewGateway.class);
public static void main(String[] args) {
+ findUser();
}
public static void setUpGateway(){
@@ -30,8 +31,8 @@ public class SetupNewGateway {
PasswordCredential superAdminCreds = new PasswordCredential();
superAdminCreds.setGatewayId(testGateway.getGatewayId());
superAdminCreds.setDescription("test credentials for IS admin creation");
- superAdminCreds.setLoginUserName("SomeAdmin");
- superAdminCreds.setPassword("SomePassord");
+ superAdminCreds.setLoginUserName("airavataAdmin");
+ superAdminCreds.setPassword("Airavata@123");
superAdminCreds.setPortalUserName("superAdmin");
TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl();
try {
@@ -69,4 +70,47 @@ public class SetupNewGateway {
e.printStackTrace();
}
}
+
+ public static void resetPassword(){
+ UserProfile user = new UserProfile();
+ user.setUserId("testuser");
+ List<String> emails = new ArrayList<>();
+ emails.add("some.man@outlook.com");
+ user.setGatewayId("maven.test.gateway");
+ user.setEmails(emails);
+ TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl();
+ try {
+ PasswordCredential tenantAdminCreds = new PasswordCredential();
+ tenantAdminCreds.setGatewayId(user.getGatewayId());
+ tenantAdminCreds.setDescription("test credentials for tenant admin creation");
+ tenantAdminCreds.setLoginUserName("mavenTest");
+ tenantAdminCreds.setPassword("Test@1234");
+ tenantAdminCreds.setPortalUserName("TenantAdmin");
+ client.resetUserPassword(tenantAdminCreds,user,"test@123");
+ } catch (IamAdminServicesException e) {
+ e.printStackTrace();
+ }
+ }
+
+ public static void findUser(){
+ UserProfile user = new UserProfile();
+
+ List<String> emails = new ArrayList<>();
+ emails.add("some.man@outlook.com");
+ user.setGatewayId("maven.test.gateway");
+ user.setEmails(emails);
+ TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl();
+ try {
+ PasswordCredential tenantAdminCreds = new PasswordCredential();
+ tenantAdminCreds.setGatewayId(user.getGatewayId());
+ tenantAdminCreds.setDescription("test credentials for tenant admin creation");
+ tenantAdminCreds.setLoginUserName("mavenTest");
+ tenantAdminCreds.setPassword("Test@1234");
+ tenantAdminCreds.setPortalUserName("TenantAdmin");
+ List<UserProfile> list = client.findUser(tenantAdminCreds,"maven.test.gateway","some.man@outlook.com",null);
+ System.out.println(list.get(0).getUserId());
+ } catch (IamAdminServicesException e) {
+ e.printStackTrace();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
----------------------------------------------------------------------
diff --git a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
index 8ac2364..b918968 100644
--- a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
+++ b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java
@@ -35,6 +35,8 @@ import org.apache.thrift.TException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.util.List;
+
public class IamAdminServicesHandler implements IamAdminServices.Iface {
private final static Logger logger = LoggerFactory.getLogger(IamAdminServicesHandler.class);
@@ -64,7 +66,7 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface {
Gateway gatewayWithIdAndSecret = keycloakclient.configureClient(isSuperAdminCredentials,gateway);
return gatewayWithIdAndSecret;
} catch (IamAdminServicesException ex){
- logger.error("Gateway Setup Failed, reason: " + ex.getCause(), ex);
+ logger.error("Gateway Setup Failed, reason: " + ex.getMessage(), ex);
throw ex;
}
}
@@ -80,7 +82,7 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface {
else
return false;
} catch (IamAdminServicesException ex){
- logger.error("Error while registering user into Identity Server, reason: " + ex.getCause(), ex);
+ logger.error("Error while registering user into Identity Server, reason: " + ex.getMessage(), ex);
throw ex;
}
}
@@ -95,7 +97,34 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface {
else
return false;
} catch (IamAdminServicesException ex){
- logger.error("Error while enabling user account, reason: " + ex.getCause(), ex);
+ logger.error("Error while enabling user account, reason: " + ex.getMessage(), ex);
+ throw ex;
+ }
+ }
+
+ @Override
+ @SecurityCheck
+ public boolean resetUserPassword(AuthzToken authzToken, UserProfile userDetails, PasswordCredential isRealmAdminCredentials, String newPassword) throws IamAdminServicesException, AuthorizationException, TException {
+ TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
+ try{
+ if(keycloakclient.resetUserPassword(isRealmAdminCredentials,userDetails,newPassword))
+ return true;
+ else
+ return false;
+ } catch (IamAdminServicesException ex){
+ logger.error("Error while resetting user password in Identity Server, reason: " + ex.getMessage(), ex);
+ throw ex;
+ }
+ }
+
+ @Override
+ @SecurityCheck
+ public List<UserProfile> findUsers(AuthzToken authzToken, String gatewayID, String email, String userId, PasswordCredential isRealmAdminCredentials) throws IamAdminServicesException, AuthorizationException, TException {
+ TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
+ try{
+ return keycloakclient.findUser(isRealmAdminCredentials,gatewayID,email,userId);
+ } catch (IamAdminServicesException ex){
+ logger.error("Error while retrieving users from Identity Server, reason: " + ex.getMessage(), ex);
throw ex;
}
}