pull request review implemented, adding reset pass and find user api's
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/686d8e30 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/686d8e30 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/686d8e30 Branch: refs/heads/develop Commit: 686d8e30a76ad06b96ab9232933a6579126398ad Parents: 63a797b Author: Anuj Bhandar <[email protected]> Authored: Mon May 1 20:35:56 2017 -0400 Committer: Anuj Bhandar <[email protected]> Committed: Mon May 1 20:35:56 2017 -0400 ---------------------------------------------------------------------- .../iam-admin-services-core/pom.xml | 7 +- .../core/impl/TenantManagementKeycloakImpl.java | 88 +- .../interfaces/TenantManagementInterface.java | 25 +- .../services/core/tests/SetupNewGateway.java | 48 +- .../handlers/IamAdminServicesHandler.java | 35 +- .../admin/services/cpi/IamAdminServices.java | 2984 ++++++++++++++++++ .../iam-admin-services-cpi.thrift | 18 + 7 files changed, 3186 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/pom.xml ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/iam-admin-services-core/pom.xml b/airavata-services/profile-service/iam-admin-services-core/pom.xml index dcf637e..51bde16 100644 --- a/airavata-services/profile-service/iam-admin-services-core/pom.xml +++ b/airavata-services/profile-service/iam-admin-services-core/pom.xml @@ -25,7 +25,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.5.3</version> + <version>4.5.2</version> </dependency> <!-- https://mvnrepository.com/artifact/javax.ws.rs/javax.ws.rs-api --> <dependency> @@ -54,11 +54,6 @@ </dependency> <dependency> <groupId>org.apache.airavata</groupId> - <artifactId>airavata-credential-store</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.airavata</groupId> <artifactId>profile-service-stubs</artifactId> <version>${project.version}</version> </dependency> http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java index 717cdcb..5c07980 100644 --- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java +++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/impl/TenantManagementKeycloakImpl.java @@ -35,6 +35,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import javax.ws.rs.core.Response; import java.util.ArrayList; +import java.util.Arrays; import java.util.List; public class TenantManagementKeycloakImpl implements TenantManagementInterface { @@ -65,12 +66,12 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { client.realms().create(realmWithRoles); return gatewayDetails; } catch (ApplicationSettingsException ex) { - logger.error("Error getting values from property file, reason: " + ex.getCause(), ex); + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error getting Iam server Url from property file, reason: " + ex.getMessage()); throw exception; } catch (Exception ex){ - logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getCause(), ex); + logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error creating Realm in Keycloak Server, reason: " + ex.getMessage()); throw exception; @@ -91,6 +92,10 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { gatewayUserRole.setName("gateway-user"); gatewayUserRole.setDescription("default role for PGA users"); defaultRoles.add(gatewayUserRole); + RoleRepresentation pendingUserRole = new RoleRepresentation(); + pendingUserRole.setName("user-pending"); + pendingUserRole.setDescription("role for newly registered PGA users"); + defaultRoles.add(pendingUserRole); RolesRepresentation rolesRepresentation = new RolesRepresentation(); rolesRepresentation.setRealm(defaultRoles); realmDetails.setRoles(rolesRepresentation); @@ -139,12 +144,12 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { return false; } }catch (ApplicationSettingsException ex) { - logger.error("Error getting values from property file, reason: " + ex.getCause(), ex); + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); throw exception; }catch (Exception ex){ - logger.error("Error creating Realm Admin Account in keycloak server, reason: " + ex.getCause(), ex); + logger.error("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error creating Realm Admin Account in keycloak server, reason: " + ex.getMessage()); throw exception; @@ -186,7 +191,7 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { return null; } }catch (ApplicationSettingsException ex) { - logger.error("Error getting values from property file, reason: " + ex.getCause(), ex); + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); throw exception; @@ -224,7 +229,7 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { return false; } }catch (ApplicationSettingsException ex) { - logger.error("Error getting values from property file, reason: " + ex.getCause(), ex); + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); throw exception; @@ -244,11 +249,80 @@ public class TenantManagementKeycloakImpl implements TenantManagementInterface { userResource.update(profile); return true; } catch (ApplicationSettingsException ex) { - logger.error("Error getting values from property file, reason: " + ex.getCause(), ex); + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); IamAdminServicesException exception = new IamAdminServicesException(); exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); throw exception; } } + public boolean resetUserPassword(PasswordCredential realmAdminCreds, UserProfile userProfile, String newPassword) throws IamAdminServicesException{ + try{ + Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), userProfile.getGatewayId(), realmAdminCreds); + List<UserRepresentation> retrieveUserList = client.realm(userProfile.getGatewayId()).users().search(userProfile.getUserId(), + userProfile.getUserName(), + null, + userProfile.getEmails().get(0), + 0, 1); + if(!retrieveUserList.isEmpty()) + { + UserResource retrievedUser = client.realm(userProfile.getGatewayId()).users().get(retrieveUserList.get(0).getId()); + CredentialRepresentation credential = new CredentialRepresentation(); + credential.setType(CredentialRepresentation.PASSWORD); + credential.setValue(newPassword); + credential.setTemporary(false); + retrievedUser.resetPassword(credential); + return true; + }else{ + logger.error("requested User not found"); + return false; + } + } catch (ApplicationSettingsException ex) { + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); + IamAdminServicesException exception = new IamAdminServicesException(); + exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); + throw exception; + } catch (Exception ex){ + logger.error("Error resetting user password in keycloak server, reason: " + ex.getMessage(), ex); + IamAdminServicesException exception = new IamAdminServicesException(); + exception.setMessage("Error resetting user password in keycloak server, reason: " + ex.getMessage()); + throw exception; + } + } + + public List<UserProfile> findUser(PasswordCredential realmAdminCreds, String gatewayID, String email, String userName) throws IamAdminServicesException{ + try{ + Keycloak client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), gatewayID, realmAdminCreds); + List<UserRepresentation> retrieveUserList = client.realm(gatewayID).users().search(userName, + null, + null, + email, + 0, 1); + if(!retrieveUserList.isEmpty()) + { + List<UserProfile> userList = new ArrayList<>(); + for(UserRepresentation user : retrieveUserList){ + UserProfile profile = new UserProfile(); + profile.setUserId(user.getUsername()); + profile.setUserName(user.getFirstName()); + profile.setEmails(Arrays.asList(new String[]{user.getEmail()})); + userList.add(profile); + } + return userList; + }else{ + logger.error("requested User not found"); + return null; + } + } catch (ApplicationSettingsException ex) { + logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex); + IamAdminServicesException exception = new IamAdminServicesException(); + exception.setMessage("Error getting values from property file, reason " + ex.getMessage()); + throw exception; + } catch (Exception ex){ + logger.error("Error finding user in keycloak server, reason: " + ex.getMessage(), ex); + IamAdminServicesException exception = new IamAdminServicesException(); + exception.setMessage("Error finding user in keycloak server, reason: " + ex.getMessage()); + throw exception; + } + } } http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java index c2d5d3c..95cad58 100644 --- a/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java +++ b/airavata-services/profile-service/iam-admin-services-core/src/main/java/org/apache/airavata/service/profile/iam/admin/services/core/interfaces/TenantManagementInterface.java @@ -26,6 +26,8 @@ import org.apache.airavata.model.user.UserProfile; import org.apache.airavata.model.workspace.Gateway; import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException; +import java.util.List; + public interface TenantManagementInterface { /** @@ -56,7 +58,7 @@ public interface TenantManagementInterface { Gateway configureClient(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException; /** - * Method to configure application client in Identity Server + * Method to create user in Identity Server * * @param realmAdminCreds identity server realm admin credentials * @param userProfile gateway details from workspace catalog @@ -74,4 +76,25 @@ public interface TenantManagementInterface { */ boolean enableUserAccount(PasswordCredential realmAdminAccount, UserProfile userDetails) throws IamAdminServicesException; + /** + * Method to reset user password in Identity Server + * + * @param realmAdminCreds identity server realm admin credentials + * @param userProfile set only available data in userProfile, ex: gatewayID (required), userId(optional) and email(required) + * @param newPassword + * @return Gateway object. + */ + boolean resetUserPassword(PasswordCredential realmAdminCreds, UserProfile userProfile, String newPassword) throws IamAdminServicesException; + + /** + * Method to find user in Identity Server + * + * @param realmAdminCreds identity server realm admin credentials + * @param gatewayID required + * @param email required + * @param userName can be null + * @return Gateway object. + */ + List<UserProfile> findUser(PasswordCredential realmAdminCreds, String gatewayID, String email, String userName) throws IamAdminServicesException; + } http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java index 024dc94..91479bf 100644 --- a/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java +++ b/airavata-services/profile-service/iam-admin-services-core/src/test/java/org/apache/airavata/service/profile/iam/admin/services/core/tests/SetupNewGateway.java @@ -17,6 +17,7 @@ public class SetupNewGateway { private final static Logger logger = LoggerFactory.getLogger(SetupNewGateway.class); public static void main(String[] args) { + findUser(); } public static void setUpGateway(){ @@ -30,8 +31,8 @@ public class SetupNewGateway { PasswordCredential superAdminCreds = new PasswordCredential(); superAdminCreds.setGatewayId(testGateway.getGatewayId()); superAdminCreds.setDescription("test credentials for IS admin creation"); - superAdminCreds.setLoginUserName("SomeAdmin"); - superAdminCreds.setPassword("SomePassord"); + superAdminCreds.setLoginUserName("airavataAdmin"); + superAdminCreds.setPassword("Airavata@123"); superAdminCreds.setPortalUserName("superAdmin"); TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl(); try { @@ -69,4 +70,47 @@ public class SetupNewGateway { e.printStackTrace(); } } + + public static void resetPassword(){ + UserProfile user = new UserProfile(); + user.setUserId("testuser"); + List<String> emails = new ArrayList<>(); + emails.add("[email protected]"); + user.setGatewayId("maven.test.gateway"); + user.setEmails(emails); + TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl(); + try { + PasswordCredential tenantAdminCreds = new PasswordCredential(); + tenantAdminCreds.setGatewayId(user.getGatewayId()); + tenantAdminCreds.setDescription("test credentials for tenant admin creation"); + tenantAdminCreds.setLoginUserName("mavenTest"); + tenantAdminCreds.setPassword("Test@1234"); + tenantAdminCreds.setPortalUserName("TenantAdmin"); + client.resetUserPassword(tenantAdminCreds,user,"test@123"); + } catch (IamAdminServicesException e) { + e.printStackTrace(); + } + } + + public static void findUser(){ + UserProfile user = new UserProfile(); + + List<String> emails = new ArrayList<>(); + emails.add("[email protected]"); + user.setGatewayId("maven.test.gateway"); + user.setEmails(emails); + TenantManagementKeycloakImpl client = new TenantManagementKeycloakImpl(); + try { + PasswordCredential tenantAdminCreds = new PasswordCredential(); + tenantAdminCreds.setGatewayId(user.getGatewayId()); + tenantAdminCreds.setDescription("test credentials for tenant admin creation"); + tenantAdminCreds.setLoginUserName("mavenTest"); + tenantAdminCreds.setPassword("Test@1234"); + tenantAdminCreds.setPortalUserName("TenantAdmin"); + List<UserProfile> list = client.findUser(tenantAdminCreds,"maven.test.gateway","[email protected]",null); + System.out.println(list.get(0).getUserId()); + } catch (IamAdminServicesException e) { + e.printStackTrace(); + } + } } http://git-wip-us.apache.org/repos/asf/airavata/blob/686d8e30/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java index 8ac2364..b918968 100644 --- a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java +++ b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java @@ -35,6 +35,8 @@ import org.apache.thrift.TException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.util.List; + public class IamAdminServicesHandler implements IamAdminServices.Iface { private final static Logger logger = LoggerFactory.getLogger(IamAdminServicesHandler.class); @@ -64,7 +66,7 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface { Gateway gatewayWithIdAndSecret = keycloakclient.configureClient(isSuperAdminCredentials,gateway); return gatewayWithIdAndSecret; } catch (IamAdminServicesException ex){ - logger.error("Gateway Setup Failed, reason: " + ex.getCause(), ex); + logger.error("Gateway Setup Failed, reason: " + ex.getMessage(), ex); throw ex; } } @@ -80,7 +82,7 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface { else return false; } catch (IamAdminServicesException ex){ - logger.error("Error while registering user into Identity Server, reason: " + ex.getCause(), ex); + logger.error("Error while registering user into Identity Server, reason: " + ex.getMessage(), ex); throw ex; } } @@ -95,7 +97,34 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface { else return false; } catch (IamAdminServicesException ex){ - logger.error("Error while enabling user account, reason: " + ex.getCause(), ex); + logger.error("Error while enabling user account, reason: " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + @SecurityCheck + public boolean resetUserPassword(AuthzToken authzToken, UserProfile userDetails, PasswordCredential isRealmAdminCredentials, String newPassword) throws IamAdminServicesException, AuthorizationException, TException { + TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl(); + try{ + if(keycloakclient.resetUserPassword(isRealmAdminCredentials,userDetails,newPassword)) + return true; + else + return false; + } catch (IamAdminServicesException ex){ + logger.error("Error while resetting user password in Identity Server, reason: " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + @SecurityCheck + public List<UserProfile> findUsers(AuthzToken authzToken, String gatewayID, String email, String userId, PasswordCredential isRealmAdminCredentials) throws IamAdminServicesException, AuthorizationException, TException { + TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl(); + try{ + return keycloakclient.findUser(isRealmAdminCredentials,gatewayID,email,userId); + } catch (IamAdminServicesException ex){ + logger.error("Error while retrieving users from Identity Server, reason: " + ex.getMessage(), ex); throw ex; } }
