This is an automated email from the ASF dual-hosted git repository.
dimuthuupe pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata.git
The following commit(s) were added to refs/heads/master by this push:
new 69e1f79 Removing user-profile-migration module as it is no longer
being used
69e1f79 is described below
commit 69e1f794bfe094b4fdef7c3487fadb78acb15468
Author: Dimuthu Wannipurage <[email protected]>
AuthorDate: Tue Apr 30 14:26:51 2019 -0400
Removing user-profile-migration module as it is no longer being used
---
pom.xml | 10 -
tools/pom.xml | 1 -
tools/user-profile-migration/.gitignore | 1 -
tools/user-profile-migration/pom.xml | 145 --------
.../airavata/KeycloakIdentityServerClient.java | 191 ----------
.../java/org/apache/airavata/MigrationManager.java | 393 ---------------------
.../java/org/apache/airavata/UserProfileDAO.java | 136 -------
.../apache/airavata/Wso2ISLoginCredentialsDAO.java | 78 ----
.../apache/airavata/Wso2IdentityServerClient.java | 161 ---------
.../user-profile-migration.properties.template | 55 ---
10 files changed, 1171 deletions(-)
diff --git a/pom.xml b/pom.xml
index 20a60a6..0401b7a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -561,16 +561,6 @@
<name>OAuth Repository</name>
<url>https://oauth.googlecode.com/svn/code/maven</url>
</repository>
- <repository>
- <id>wso2-nexus</id>
- <name>WSO2 internal Repository</name>
- <url>https://maven.wso2.org/nexus/content/groups/wso2-public/</url>
- <releases>
- <enabled>true</enabled>
- <updatePolicy>daily</updatePolicy>
- <checksumPolicy>ignore</checksumPolicy>
- </releases>
- </repository>
</repositories>
<profiles>
diff --git a/tools/pom.xml b/tools/pom.xml
index 8eac6bf..e3e46e9 100644
--- a/tools/pom.xml
+++ b/tools/pom.xml
@@ -43,7 +43,6 @@
</activation>
<modules>
<module>load-client</module>
- <module>user-profile-migration</module>
</modules>
</profile>
</profiles>
diff --git a/tools/user-profile-migration/.gitignore
b/tools/user-profile-migration/.gitignore
deleted file mode 100644
index 102b6fc..0000000
--- a/tools/user-profile-migration/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-*.properties
\ No newline at end of file
diff --git a/tools/user-profile-migration/pom.xml
b/tools/user-profile-migration/pom.xml
deleted file mode 100755
index 50beea3..0000000
--- a/tools/user-profile-migration/pom.xml
+++ /dev/null
@@ -1,145 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-
-
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd";>
- <parent>
- <artifactId>airavata</artifactId>
- <groupId>org.apache.airavata</groupId>
- <version>0.18-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
-
- <artifactId>user-profile-migration</artifactId>
-
- <repositories>
- <repository>
- <id>wso2-maven2-repository</id>
- <url>https://dist.wso2.org/maven2</url>
- </repository>
- <repository>
- <id>apache-maven2-repo</id>
- <name>Apache Maven2 Repository</name>
- <url>https://repo1.maven.org/maven2/</url>
- </repository>
- </repositories>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.axis2.wso2</groupId>
- <artifactId>axis2</artifactId>
- <version>1.6.1.wso2v1</version>
- </dependency>
- <dependency>
- <groupId>org.wso2.securevault</groupId>
- <artifactId>org.wso2.securevault</artifactId>
- <version>1.0.0</version>
- </dependency>
- <dependency>
- <groupId>commons-httpclient</groupId>
- <artifactId>commons-httpclient</artifactId>
- <version>3.1</version>
- </dependency>
- <!--
https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>4.3.6</version>
- </dependency>
-
- <dependency>
- <groupId>org.wso2.carbon</groupId>
- <artifactId>org.wso2.carbon.um.ws.api.stub</artifactId>
- <version>4.0.2</version>
- </dependency>
- <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->
- <dependency>
- <groupId>mysql</groupId>
- <artifactId>mysql-connector-java</artifactId>
- <version>5.1.6</version>
- </dependency>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>profile-service-stubs</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata-api-stubs</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata-commons</artifactId>
- <version>0.18-SNAPSHOT</version>
- </dependency>
- <dependency>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata-data-models</artifactId>
- <version>${project.version}</version>
- </dependency>
- <!-- https://mvnrepository.com/artifact/javax.ws.rs/javax.ws.rs-api -->
- <dependency>
- <groupId>javax.ws.rs</groupId>
- <artifactId>javax.ws.rs-api</artifactId>
- <version>2.0.1</version>
- </dependency>
- <!--
https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-client -->
- <dependency>
- <groupId>org.jboss.resteasy</groupId>
- <artifactId>resteasy-client</artifactId>
- <version>3.1.2.Final</version>
- </dependency>
- <!--
https://mvnrepository.com/artifact/org.jboss.resteasy/resteasy-jackson2-provider
-->
- <dependency>
- <groupId>org.jboss.resteasy</groupId>
- <artifactId>resteasy-jackson2-provider</artifactId>
- <version>3.1.2.Final</version>
- </dependency>
- <!--
https://mvnrepository.com/artifact/org.keycloak/keycloak-admin-client -->
- <dependency>
- <groupId>org.keycloak</groupId>
- <artifactId>keycloak-admin-client</artifactId>
- <version>3.0.0.Final</version>
- </dependency>
- </dependencies>
-
-
- <build>
- <sourceDirectory>src/main/java</sourceDirectory>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <inherited>true</inherited>
- <version>2.0</version>
- <configuration>
- <source>1.8</source>
- <target>1.8</target>
- </configuration>
- </plugin>
- </plugins>
- </build>
-
-
-</project>
diff --git
a/tools/user-profile-migration/src/main/java/org/apache/airavata/KeycloakIdentityServerClient.java
b/tools/user-profile-migration/src/main/java/org/apache/airavata/KeycloakIdentityServerClient.java
deleted file mode 100644
index 9d68905..0000000
---
a/tools/user-profile-migration/src/main/java/org/apache/airavata/KeycloakIdentityServerClient.java
+++ /dev/null
@@ -1,191 +0,0 @@
-/**
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.airavata;
-
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-import org.jboss.resteasy.client.jaxrs.ResteasyClient;
-import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
-import org.keycloak.admin.client.Keycloak;
-import org.keycloak.admin.client.KeycloakBuilder;
-import org.keycloak.admin.client.resource.UserResource;
-import org.keycloak.representations.idm.CredentialRepresentation;
-import org.keycloak.representations.idm.RoleRepresentation;
-import org.keycloak.representations.idm.UserRepresentation;
-
-import javax.ws.rs.core.Response;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.security.KeyStore;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-
-public class KeycloakIdentityServerClient {
-
- private Keycloak client;
-
- public KeycloakIdentityServerClient(String adminUrl, String adminUserName,
String adminUserPassword, String trustStorePath, String trustStorePassword) {
- KeyStore trustKeyStore = loadKeyStore(trustStorePath,
trustStorePassword);
- this.client = getClient(
- adminUrl,
- "master", // the realm to log in to
- adminUserName, adminUserPassword, // the user
- "admin-cli", // admin-cli is the client ID used for keycloak
admin operations.
- trustKeyStore);
- }
- private Keycloak getClient(String adminUrl, String realm, String
adminUserName, String adminUserPassword, String clientId, KeyStore
trustKeyStore) {
-
- ResteasyClient resteasyClient = new ResteasyClientBuilder()
- .connectionPoolSize(10)
- .trustStore(trustKeyStore)
- .build();
- return KeycloakBuilder.builder()
- .serverUrl(adminUrl)
- .realm(realm)
- .username(adminUserName)
- .password(adminUserPassword)
- .clientId(clientId)
- .resteasyClient(resteasyClient)
- .build();
- }
-
- private KeyStore loadKeyStore(String trustStorePath, String
trustStorePassword) {
-
- FileInputStream fis = null;
- try {
- fis = new java.io.FileInputStream(trustStorePath);
- KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
- ks.load(fis, trustStorePassword.toCharArray());
- return ks;
- } catch (Exception e) {
- throw new RuntimeException("Failed to load trust store KeyStore
instance", e);
- } finally {
- if (fis != null) {
- try {
- fis.close();
- } catch (IOException e) {
- throw new RuntimeException("Failed to close trust store
FileInputStream", e);
- }
- }
- }
- }
-
- void migrateUserStore(List<UserProfileDAO> userProfiles, String
targetRealm, String tempPassword, Map<String,String> roleConversionMap){
-
- Map<String, RoleRepresentation> allRealmRoles =
getRealmRoleNameMap(targetRealm);
-
- for(UserProfileDAO userProfile : userProfiles){
- UserRepresentation user = new UserRepresentation();
- user.setUsername(userProfile.getUserName());
- user.setFirstName(userProfile.getFirstName());
- user.setLastName(userProfile.getLastName());
- user.setEmail(userProfile.getEmail());
- user.setEmailVerified(true);
- user.setEnabled(true);
- List<String> requiredActionList = new ArrayList<>();
- requiredActionList.add("UPDATE_PASSWORD");
- user.setRequiredActions(requiredActionList);
- Response httpResponse =
this.client.realm(targetRealm).users().create(user);
- System.out.println(httpResponse.getStatus());
- if(httpResponse.getStatus() == 201){ //HTTP code for record
creation: HTTP 201
- List<UserRepresentation> retrieveCreatedUserList =
this.client.realm(targetRealm).users().search(user.getUsername(),
- user.getFirstName(),
- user.getLastName(),
- user.getEmail(),
- 0,1);
- UserResource retirievedUser =
this.client.realm(targetRealm).users().get(retrieveCreatedUserList.get(0).getId());
-
- // Add user to realm roles
- List<RoleRepresentation> userRealmRoles =
userProfile.getRoles().stream()
- .filter(r -> roleConversionMap.containsKey(r))
- // Convert from IS role name to Keycloak role name
- .map(r -> roleConversionMap.get(r))
- // Convert from Keycloak role name to
RoleRepresentation
- .map(r -> allRealmRoles.get(r))
- .collect(Collectors.toList());
- retirievedUser.roles().realmLevel().add(userRealmRoles);
-
- CredentialRepresentation credential = new
CredentialRepresentation();
- credential.setType(CredentialRepresentation.PASSWORD);
- credential.setValue(tempPassword);
- credential.setTemporary(true);
- retirievedUser.resetPassword(credential);
- System.out.println("User profile for user " +
userProfile.getUserName() + " successfully migrated");
- } else {
- String response = httpResponse.readEntity(String.class);
- System.err.println("Failed to add user [" +
userProfile.getUserName() + "] to Keycloak");
- System.err.println("Response: " + response);
- }
- if (httpResponse != null) {
- httpResponse.close();
- }
- }
- }
-
- public void setUserPassword(String realmId, String username, String
newPassword) {
- List<UserRepresentation> retrieveUserList =
client.realm(realmId).users().search(username,
- null,
- null,
- null,
- 0, 1);
- if (!retrieveUserList.isEmpty()) {
- UserResource retrievedUser =
client.realm(realmId).users().get(retrieveUserList.get(0).getId());
- CredentialRepresentation credential = new
CredentialRepresentation();
- credential.setType(CredentialRepresentation.PASSWORD);
- credential.setValue(newPassword);
- credential.setTemporary(false);
- retrievedUser.resetPassword(credential);
- // Remove the UPDATE_PASSWORD required action
- UserRepresentation userRepresentation =
retrievedUser.toRepresentation();
- userRepresentation.getRequiredActions().remove("UPDATE_PASSWORD");
- retrievedUser.update(userRepresentation);
- } else {
- throw new RuntimeException("Requested user not found");
- }
- }
-
- private Map<String,RoleRepresentation> getRealmRoleNameMap(String
targetRealm) {
- return this.client.realm(targetRealm).roles().list()
- .stream()
- .collect(Collectors.toMap(r -> r.getName(), r -> r));
- }
-
-}
\ No newline at end of file
diff --git
a/tools/user-profile-migration/src/main/java/org/apache/airavata/MigrationManager.java
b/tools/user-profile-migration/src/main/java/org/apache/airavata/MigrationManager.java
deleted file mode 100644
index 378da0a..0000000
---
a/tools/user-profile-migration/src/main/java/org/apache/airavata/MigrationManager.java
+++ /dev/null
@@ -1,393 +0,0 @@
-/**
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.airavata;
-
-import org.apache.airavata.api.Airavata;
-import org.apache.airavata.api.client.AiravataClientFactory;
-import org.apache.airavata.common.exception.ApplicationSettingsException;
-import org.apache.airavata.common.utils.Constants;
-import
org.apache.airavata.credential.store.client.CredentialStoreClientFactory;
-import org.apache.airavata.credential.store.cpi.CredentialStoreService;
-import
org.apache.airavata.model.appcatalog.gatewayprofile.GatewayResourceProfile;
-import org.apache.airavata.model.credential.store.PasswordCredential;
-import org.apache.airavata.model.error.AiravataClientException;
-import org.apache.airavata.model.security.AuthzToken;
-import org.apache.airavata.model.user.Status;
-import org.apache.airavata.model.user.UserProfile;
-import org.apache.airavata.model.workspace.Gateway;
-import org.apache.airavata.model.workspace.GatewayApprovalStatus;
-import org.apache.airavata.service.profile.client.ProfileServiceClientFactory;
-import
org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices;
-import
org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException;
-import org.apache.airavata.service.profile.tenant.cpi.TenantProfileService;
-import
org.apache.airavata.service.profile.tenant.cpi.exception.TenantProfileServiceException;
-import org.apache.airavata.service.profile.user.cpi.UserProfileService;
-import org.apache.thrift.TException;
-import org.wso2.carbon.um.ws.api.stub.ClaimValue;
-import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceStub;
-import
org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceUserStoreExceptionException;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.rmi.RemoteException;
-import java.util.*;
-import java.util.stream.Collectors;
-
-public class MigrationManager {
-
- private ArrayList<Wso2ISLoginCredentialsDAO> adminCredentials = new
ArrayList<Wso2ISLoginCredentialsDAO>();
- private static AuthzToken authzToken = new AuthzToken("empty_token");
-
- // Default values
- private String profileServiceServerHost = "localhost";
- private int profileServiceServerPort = 8962;
- private String airavataServiceServerHost = "localhost";
- private int airavataServiceServerPort = 8930;
- private boolean airavataServiceSecure = false;
- private Map<String,String> roleConversionMap =
createDefaultRoleConversionMap();
- private String gatewayId = "gateway-id";
- private String wso2ISAdminUsername = "username";
- private String wso2ISAdminPassword = "password";
- private String keycloakServiceURL = "https://iam.scigap.org/auth";;
- private String keycloakAdminUsername = "username";
- private String keycloakAdminPassword = "password";
- private String keycloakTrustStorePath =
"../../modules/configuration/server/src/main/resources/client_truststore.jks";
- private String keycloakTrustStorePassword = "password";
- private String keycloakTemporaryUserPassword = "tempPassword";
- // For some gateways in the legacy gateways table, the following
information is missing and needs to be provided
- private String gatewayURL = "http://localhost";;
- private String gatewayAdminUsername = "admin";
- private String gatewayAdminFirstName = "Admin";
- private String gatewayAdminLastName = "User";
- private String gatewayAdminEmailAddress = "[email protected]";
-
- // Names of properties in user-profile-migration.properties.template
- private final static String GATEWAY_ID = "gateway-id";
- private final static String GATEWAY_URL = "gateway.url";
- private final static String GATEWAY_ADMIN_USERNAME =
"gateway.admin.username";
- private final static String GATEWAY_ADMIN_FIRST_NAME =
"gateway.admin.first.name";
- private final static String GATEWAY_ADMIN_LAST_NAME =
"gateway.admin.last.name";
- private final static String GATEWAY_ADMIN_EMAIL_ADDRESS =
"gateway.admin.email.address";
- private final static String WSO2IS_ADMIN_USERNAME =
"wso2is.admin.username";
- private final static String WSO2IS_ADMIN_PASSWORD =
"wso2is.admin.password";
- private final static String WSO2IS_ADMIN_ROLENAME =
"wso2is.admin.rolename";
- private final static String WSO2IS_ADMIN_READ_ONLY_ROLENAME =
"wso2is.admin-read-only.rolename";
- private final static String WSO2IS_GATEWAY_USER_ROLENAME =
"wso2is.gateway-user.rolename";
- private final static String WSO2IS_USER_PENDING_ROLENAME =
"wso2is.user-pending.rolename";
- private final static String WSO2IS_GATEWAY_PROVIDER_ROLENAME =
"wso2is.gateway-provider.rolename";
- private final static String AIRAVATA_SERVICE_HOST =
"airavata.service.host";
- private final static String AIRAVATA_SERVICE_PORT =
"airavata.service.port";
- private final static String AIRAVATA_SERVICE_SECURE =
"airavata.service.secure";
- private final static String PROFILE_SERVICE_HOST = "profile.service.host";
- private final static String PROFILE_SERVICE_PORT = "profile.service.port";
- private final static String KEYCLOAK_ADMIN_USERNAME =
"keycloak.admin.username";
- private final static String KEYCLOAK_ADMIN_PASSWORD =
"keycloak.admin.password";
- private final static String KEYCLOAK_SERVICE_URL = "keycloak.service-url";
- private final static String KEYCLOAK_TRUSTSTORE_PATH =
"keycloak.truststore.path";
- private final static String KEYCLOAK_TRUSTSTORE_PASSWORD =
"keycloak.truststore.password";
- private final static String KEYCLOAK_USER_TEMP_PASSWORD =
"keycloak.user.temp.password";
-
-
- private Map<String,String> createDefaultRoleConversionMap() {
- Map<String,String> roleConversionMap = new HashMap<>();
- roleConversionMap.put("admin", "admin");
- roleConversionMap.put("admin-read-only", "admin-read-only");
- roleConversionMap.put("gateway-user", "gateway-user");
- roleConversionMap.put("user-pending", "user-pending");
- roleConversionMap.put("gateway-provider", "gateway-provider");
- return roleConversionMap;
- }
- /*Add the credentials for all the tenants from which the profile should be
migrated to Airavata DB*/
-
- public void setISLoginCredentials(){
- adminCredentials.add(new Wso2ISLoginCredentialsDAO(this.gatewayId,
this.wso2ISAdminUsername, this.wso2ISAdminPassword));
- // new credential records here...
- }
-
- /* Method used to fetch all the user profiles from the registered tenants
*/
-
- public List<UserProfileDAO> getUserProfilesFromWso2IS(){
- ArrayList<UserProfileDAO> userProfileList = new
ArrayList<UserProfileDAO>();
- for(Wso2ISLoginCredentialsDAO creds:adminCredentials){
- RemoteUserStoreManagerServiceStub isClient =
Wso2IdentityServerClient.getAdminServiceClient(creds.getLoginUserName(),creds.getLoginPassword(),"RemoteUserStoreManagerService");
- String[] userList;
- System.out.println("Fetching User Profiles for " +
creds.getGateway() + " tenant ...");
- try {
- userList =
isClient.getUserList("http://wso2.org/claims/givenname";, "*", "default");
-
System.out.println("FirstName\tLastName\tEmail\t\t\tuserName\tCountry\tOrganization\tphone\tRoles");
- String[] claims = {"http://wso2.org/claims/givenname";,
- "http://wso2.org/claims/lastname";,
- "http://wso2.org/claims/emailaddress";,
- "http://wso2.org/claims/country";,
- "http://wso2.org/claims/organization";,
- "http://wso2.org/claims/mobile";,
- "http://wso2.org/claims/telephone";,
- "http://wso2.org/claims/streetaddress";,
- "http://wso2.org/claims/role";,
- "http://wso2.org/claims/identity/accountLocked"};
- for (String user : userList) {
- UserProfileDAO userProfile = new UserProfileDAO();
- ClaimValue[] retrievedClaimValues =
isClient.getUserClaimValuesForClaims(user, claims, null);
- List<String> phones = new ArrayList<String>();
- for(ClaimValue claim:retrievedClaimValues){
- if(claim.getClaimURI().equals(claims[0])){
- userProfile.setFirstName(claim.getValue());
- }else if(claim.getClaimURI().equals(claims[1])){
- userProfile.setLastName(claim.getValue());
- }else if(claim.getClaimURI().equals(claims[2])){
- userProfile.setEmail(claim.getValue());
- }else if(claim.getClaimURI().equals(claims[3])){
- userProfile.setCountry(claim.getValue());
- }else if(claim.getClaimURI().equals(claims[4])){
- userProfile.setOrganization(claim.getValue());
- }else if(claim.getClaimURI().equals(claims[5]) ||
claim.getClaimURI().equals(claims[6])){
- phones.add(claim.getValue());
- } else if(claim.getClaimURI().equals(claims[7])){
- userProfile.setAddress(claim.getValue());
- } else if(claim.getClaimURI().equals(claims[8])){
-
userProfile.setRoles(convertCommaSeparatedRolesToList(claim.getValue()));
- } else if(claim.getClaimURI().equals(claims[9])){
-
userProfile.setAccountLocked(claim.getValue().equals("true"));
- }
- }
- // Lowercase all usernames as required by Keycloak and
User Profile service
- userProfile.setUserName(user.toLowerCase());
- userProfile.setGatewayID(creds.getGateway());
- userProfile.setPhones(phones);
- if (!userProfile.isAccountLocked()) {
- System.out.println(userProfile.getFirstName() + "\t" +
userProfile.getLastName() + "\t" + userProfile.getUserName() + "\t" +
userProfile.getEmail() + "\t" + userProfile.getCountry() + "\t" +
userProfile.getOrganization() + "\t" + userProfile.getAddress() + "\t" +
userProfile.getRoles());
- userProfileList.add(userProfile);
- } else {
- System.out.println("Skipping locked account for user "
+ user + "!");
- }
- }
- } catch (RemoteException e) {
- System.out.println(e.getMessage());
- System.out.println(e.getCause());
- e.printStackTrace();
- } catch (RemoteUserStoreManagerServiceUserStoreExceptionException
e) {
- System.out.println(e.getMessage());
- System.out.println(e.getCause());
- e.printStackTrace();
- }
- }
- System.out.println("User profiles from all the tenant are retrieved
...");
- return userProfileList;
- }
-
- private List<String> convertCommaSeparatedRolesToList(String roles) {
-
- return Arrays.stream(roles.split(","))
- .filter(s -> !"Internal/everyone".equals(s))
- .filter(s -> !"Internal/identity".equals(s))
- .collect(Collectors.toList());
- }
-
- private TenantProfileService.Client getTenantProfileServiceClient() throws
TenantProfileServiceException {
-
- return
ProfileServiceClientFactory.createTenantProfileServiceClient(profileServiceServerHost,
profileServiceServerPort);
- }
-
- private Airavata.Client getAiravataClient() throws AiravataClientException
{
- return
AiravataClientFactory.createAiravataClient(airavataServiceServerHost,
airavataServiceServerPort);
- }
-
- private Airavata.Client getAiravataSecureClient() throws
AiravataClientException {
- return
AiravataClientFactory.createAiravataSecureClient(airavataServiceServerHost,
airavataServiceServerPort, keycloakTrustStorePath, keycloakTrustStorePassword,
10000);
- }
-
- private IamAdminServices.Client getIamAdminServicesClient() throws
IamAdminServicesException {
- return
ProfileServiceClientFactory.createIamAdminServiceClient(profileServiceServerHost,
profileServiceServerPort);
- }
-
- private PasswordCredential getPasswordCredential() {
- PasswordCredential passwordCredential = new PasswordCredential();
- passwordCredential.setGatewayId("dummy");
- passwordCredential.setPortalUserName("dummy");
- passwordCredential.setLoginUserName(keycloakAdminUsername);
- passwordCredential.setPassword(keycloakAdminPassword);
- return passwordCredential;
- }
-
- private boolean migrateGatewayProfileToAiravata() throws TException {
-
- TenantProfileService.Client tenantProfileServiceClient =
getTenantProfileServiceClient();
- Airavata.Client airavataClient = airavataServiceSecure ?
getAiravataSecureClient() : getAiravataClient();
- IamAdminServices.Client iamAdminServicesClient =
getIamAdminServicesClient();
-
- // Get Gateway from Airavata API
- Gateway gateway = airavataClient.getGateway(authzToken, gatewayId);
-
- if
(!GatewayApprovalStatus.APPROVED.equals(gateway.getGatewayApprovalStatus())) {
- throw new RuntimeException("Gateway " + gatewayId + " is not
APPROVED! Status is " + gateway.getGatewayApprovalStatus());
- }
- // Add Gateway through TenantProfileService
- if (!tenantProfileServiceClient.isGatewayExist(authzToken, gatewayId))
{
-
- System.out.println("Gateway [" + gatewayId + "] doesn't exist,
adding in Profile Service...");
- String airavataInternalGatewayId =
tenantProfileServiceClient.addGateway(authzToken, gateway);
- gateway.setAiravataInternalGatewayId(airavataInternalGatewayId);
- } else {
-
- System.out.println("Gateway [" + gatewayId + "] already exists in
Profile Service");
- gateway = tenantProfileServiceClient.getGateway(authzToken,
gatewayId);
- }
-
- // Gateway URL is required by IAM Admin Services
- if (gateway.getGatewayURL() == null) {
- gateway.setGatewayURL(this.gatewayURL);
- }
- // Following are also required by IAM Admin Services in order to
create an admin user for the realm
- if (gateway.getIdentityServerUserName() == null) {
- gateway.setIdentityServerUserName(this.gatewayAdminUsername);
- }
- if (gateway.getGatewayAdminFirstName() == null) {
- gateway.setGatewayAdminFirstName(this.gatewayAdminFirstName);
- }
- if (gateway.getGatewayAdminLastName() == null) {
- gateway.setGatewayAdminLastName(this.gatewayAdminLastName);
- }
- if (gateway.getGatewayAdminEmail() == null) {
- gateway.setGatewayAdminEmail(this.gatewayAdminEmailAddress);
- }
-
- // Add Keycloak Tenant for Gateway
- System.out.println("Creating Keycloak Tenant for gateway ...");
- Gateway gatewayWithIdAndSecret =
iamAdminServicesClient.setUpGateway(authzToken, gateway);
-
- // Update Gateway profile with the client id and secret
- System.out.println("Updating gateway with OAuth client id and secret
...");
- tenantProfileServiceClient.updateGateway(authzToken,
gatewayWithIdAndSecret);
-
- KeycloakIdentityServerClient keycloakIdentityServerClient =
getKeycloakIdentityServerClient();
- // Set the admin user's password to the same as it was for wso2IS
- keycloakIdentityServerClient.setUserPassword(gatewayId,
this.gatewayAdminUsername, this.wso2ISAdminPassword);
-
- // Create password credential for admin username and password
- String passwordToken =
airavataClient.registerPwdCredential(authzToken, gatewayId,
this.gatewayAdminUsername, this.gatewayAdminUsername, this.wso2ISAdminPassword,
"Keycloak admin password for realm " + gatewayId);
-
- // Update gateway resource profile with tenant id (gatewayId) and
admin user password token
- GatewayResourceProfile gatewayResourceProfile =
airavataClient.getGatewayResourceProfile(authzToken, gatewayId);
- gatewayResourceProfile.setIdentityServerTenant(gatewayId);
- gatewayResourceProfile.setIdentityServerPwdCredToken(passwordToken);
- airavataClient.updateGatewayResourceProfile(authzToken, gatewayId,
gatewayResourceProfile);
- return true;
- }
-
- /* Method used to migrate User profiles to Airavata DB by making a call to
User profile thrift Service */
- private boolean migrateUserProfilesToAiravata(List<UserProfileDAO>
ISProfileList) throws TException, ApplicationSettingsException {
- System.out.println("Initiating migration to Airavata internal DB ...");
- UserProfileService.Client client =
ProfileServiceClientFactory.createUserProfileServiceClient(profileServiceServerHost,
profileServiceServerPort);
- UserProfile airavataUserProfile = new UserProfile();
- // Here are the data associations...
- for(UserProfileDAO ISProfile : ISProfileList){
-
airavataUserProfile.setAiravataInternalUserId(ISProfile.getUserName() + "@" +
ISProfile.getGatewayID());
- airavataUserProfile.setFirstName(ISProfile.getFirstName());
- airavataUserProfile.setLastName(ISProfile.getLastName());
- airavataUserProfile.setUserId(ISProfile.getUserName());
- airavataUserProfile.setGatewayId(ISProfile.getGatewayID());
- List<String> emails = new ArrayList<String>();
- emails.add(ISProfile.getEmail());
- airavataUserProfile.setEmails(emails);
-
airavataUserProfile.setHomeOrganization(ISProfile.getOrganization());
- airavataUserProfile.setPhones(ISProfile.getPhones());
- airavataUserProfile.setCountry(ISProfile.getCountry());
- airavataUserProfile.setCreationTime(new Date().getTime());
- airavataUserProfile.setLastAccessTime(new Date().getTime());
- airavataUserProfile.setValidUntil(-1);
- airavataUserProfile.setState(Status.ACTIVE);
- //TODO: fix authtzToken, for now we are using empty token, but
need to properly populate claims map
- AuthzToken authzToken = new AuthzToken("dummy_token");
- Map<String,String> claimsMap = new HashMap<>();
- claimsMap.put(Constants.USER_NAME, ISProfile.getUserName());
- claimsMap.put(Constants.GATEWAY_ID, ISProfile.getGatewayID());
- authzToken.setClaimsMap(claimsMap);
- client.addUserProfile(authzToken, airavataUserProfile);
- }
- return false;
- }
-
- private void migrateUserProfilesToKeycloak(List<UserProfileDAO>
Wso2ISProfileList){
- KeycloakIdentityServerClient client =
getKeycloakIdentityServerClient();
- client.migrateUserStore(Wso2ISProfileList, this.gatewayId,
this.keycloakTemporaryUserPassword, this.roleConversionMap);
- }
-
- private KeycloakIdentityServerClient getKeycloakIdentityServerClient() {
- return new KeycloakIdentityServerClient(this.keycloakServiceURL,
- this.keycloakAdminUsername,
- this.keycloakAdminPassword,
- this.keycloakTrustStorePath,
- this.keycloakTrustStorePassword);
- }
-
- private void loadConfigFile(String filename) {
- Properties properties = new Properties();
- try {
- properties.load(new FileInputStream(filename));
- // Load values from properties if they exist, otherwise will just
use default values
- this.gatewayId = properties.getProperty(GATEWAY_ID,
this.gatewayId);
- this.gatewayURL = properties.getProperty(GATEWAY_URL,
this.gatewayURL);
- this.gatewayAdminUsername =
properties.getProperty(GATEWAY_ADMIN_USERNAME, this.gatewayAdminUsername);
- this.gatewayAdminFirstName =
properties.getProperty(GATEWAY_ADMIN_FIRST_NAME, this.gatewayAdminFirstName);
- this.gatewayAdminLastName =
properties.getProperty(GATEWAY_ADMIN_LAST_NAME, this.gatewayAdminLastName);
- this.gatewayAdminEmailAddress =
properties.getProperty(GATEWAY_ADMIN_EMAIL_ADDRESS,
this.gatewayAdminEmailAddress);
- this.wso2ISAdminUsername =
properties.getProperty(WSO2IS_ADMIN_USERNAME, this.wso2ISAdminUsername);
- this.wso2ISAdminPassword =
properties.getProperty(WSO2IS_ADMIN_PASSWORD, this.wso2ISAdminPassword);
- this.airavataServiceServerHost =
properties.getProperty(AIRAVATA_SERVICE_HOST, this.airavataServiceServerHost);
- this.airavataServiceServerPort =
Integer.valueOf(properties.getProperty(AIRAVATA_SERVICE_PORT,
Integer.toString(this.airavataServiceServerPort)));
- this.airavataServiceSecure =
Boolean.valueOf(properties.getProperty(AIRAVATA_SERVICE_SECURE, "false"));
- this.profileServiceServerHost =
properties.getProperty(PROFILE_SERVICE_HOST, this.profileServiceServerHost);
- this.profileServiceServerPort =
Integer.valueOf(properties.getProperty(PROFILE_SERVICE_PORT,
Integer.toString(this.profileServiceServerPort)));
- this.keycloakServiceURL =
properties.getProperty(KEYCLOAK_SERVICE_URL, this.keycloakServiceURL);
- this.keycloakAdminUsername =
properties.getProperty(KEYCLOAK_ADMIN_USERNAME, this.keycloakAdminUsername);
- this.keycloakAdminPassword =
properties.getProperty(KEYCLOAK_ADMIN_PASSWORD, this.keycloakAdminPassword);
- this.keycloakTrustStorePath =
properties.getProperty(KEYCLOAK_TRUSTSTORE_PATH, this.keycloakTrustStorePath);
- this.keycloakTrustStorePassword =
properties.getProperty(KEYCLOAK_TRUSTSTORE_PASSWORD,
this.keycloakTrustStorePassword);
- this.keycloakTemporaryUserPassword =
properties.getProperty(KEYCLOAK_USER_TEMP_PASSWORD,
this.keycloakTemporaryUserPassword);
- // Custom role names
-
this.roleConversionMap.put(properties.getProperty(WSO2IS_ADMIN_ROLENAME,
"admin"), "admin");
-
this.roleConversionMap.put(properties.getProperty(WSO2IS_ADMIN_READ_ONLY_ROLENAME,
"admin-read-only"), "admin-read-only");
-
this.roleConversionMap.put(properties.getProperty(WSO2IS_GATEWAY_USER_ROLENAME,
"gateway-user"), "gateway-user");
-
this.roleConversionMap.put(properties.getProperty(WSO2IS_USER_PENDING_ROLENAME,
"user-pending"), "user-pending");
-
this.roleConversionMap.put(properties.getProperty(WSO2IS_GATEWAY_PROVIDER_ROLENAME,
"gateway-provider"), "gateway-provider");
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- public static void main(String[] args) {
- MigrationManager migrationManager = new MigrationManager();
- if (args.length > 0) {
- String configFilename = args[0];
- migrationManager.loadConfigFile(configFilename);
- }
- migrationManager.setISLoginCredentials();
- List<UserProfileDAO> userProfileList =
migrationManager.getUserProfilesFromWso2IS();
- try {
- migrationManager.migrateGatewayProfileToAiravata();
- // Must migrate profiles to Keycloak first because Profile Service
will attempt to keep user profiles
- // in since with Keycloak user profiles
- migrationManager.migrateUserProfilesToKeycloak(userProfileList);
- migrationManager.migrateUserProfilesToAiravata(userProfileList);
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- }
-}
\ No newline at end of file
diff --git
a/tools/user-profile-migration/src/main/java/org/apache/airavata/UserProfileDAO.java
b/tools/user-profile-migration/src/main/java/org/apache/airavata/UserProfileDAO.java
deleted file mode 100644
index 97e4d87..0000000
---
a/tools/user-profile-migration/src/main/java/org/apache/airavata/UserProfileDAO.java
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.airavata;
-
-import java.util.List;
-
-public class UserProfileDAO {
- private String firstName;
- private String lastName;
- private String middleInitials;
- private String userName;
- private String email;
- private String country;
- private String organization;
- private List<String> Phones;
- private String gatewayID;
- private String address;
- private List<String> roles;
- private boolean accountLocked;
-
- public String getAddress() {
- return address;
- }
-
- public void setAddress(String address) {
- this.address = address;
- }
-
-
- public List<String> getPhones() {
- return Phones;
- }
-
- public void setPhones(List<String> phones) {
- Phones = phones;
- }
-
- public String getGatewayID() {
- return gatewayID;
- }
-
- public void setGatewayID(String gatewayID) {
- this.gatewayID = gatewayID;
- }
-
- public String getCountry() {
- return country;
- }
-
- public void setCountry(String country) {
- this.country = country;
- }
-
- public String getOrganization() {
- return organization;
- }
-
- public void setOrganization(String organization) {
- this.organization = organization;
- }
-
-
-
- public String getFirstName() {
- return firstName;
- }
-
- public void setFirstName(String firstName) {
- this.firstName = firstName;
- }
-
- public String getLastName() {
- return lastName;
- }
-
- public void setLastName(String lastName) {
- this.lastName = lastName;
- }
-
- public String getMiddleInitials() {
- return middleInitials;
- }
-
- public void setMiddleInitials(String middleInitials) {
- this.middleInitials = middleInitials;
- }
-
- public String getUserName() {
- return userName;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public String getEmail() {
- return email;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public List<String> getRoles() {
- return roles;
- }
-
- public void setRoles(List<String> roles) {
- this.roles = roles;
- }
-
- public boolean isAccountLocked() {
- return accountLocked;
- }
-
- public void setAccountLocked(boolean accountLocked) {
- this.accountLocked = accountLocked;
- }
-}
diff --git
a/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2ISLoginCredentialsDAO.java
b/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2ISLoginCredentialsDAO.java
deleted file mode 100644
index 3834fcb..0000000
---
a/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2ISLoginCredentialsDAO.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-package org.apache.airavata;
-
-public class Wso2ISLoginCredentialsDAO {
- public String getGateway() {
- return Gateway;
- }
-
- public void setGateway(String gateway) {
- Gateway = gateway;
- }
-
- public String getLoginUserName() {
- return loginUserName;
- }
-
- public void setLoginUserName(String loginUserName) {
- this.loginUserName = loginUserName;
- }
-
- public String getLoginPassword() {
- return loginPassword;
- }
-
- public void setLoginPassword(String loginPassword) {
- this.loginPassword = loginPassword;
- }
-
- private String Gateway;
- private String loginUserName;
- private String loginPassword;
-
- public Wso2ISLoginCredentialsDAO(String gateway, String loginUserName,
String loginPassword) {
- Gateway = gateway;
- this.loginUserName = loginUserName;
- this.loginPassword = loginPassword;
- }
-}
diff --git
a/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2IdentityServerClient.java
b/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2IdentityServerClient.java
deleted file mode 100644
index 138b816..0000000
---
a/tools/user-profile-migration/src/main/java/org/apache/airavata/Wso2IdentityServerClient.java
+++ /dev/null
@@ -1,161 +0,0 @@
-/**
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.airavata;
-
-import org.apache.axis2.client.Options;
-import org.apache.axis2.client.ServiceClient;
-import org.apache.axis2.context.ConfigurationContext;
-import org.apache.axis2.context.ConfigurationContextFactory;
-import org.apache.axis2.transport.http.HTTPConstants;
-import org.apache.axis2.transport.http.HttpTransportProperties;
-import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceStub;
-
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
-import java.io.File;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-
-
-public class Wso2IdentityServerClient {
- /**
- * Server url of the WSO2 Carbon Server
- */
- private static String SEVER_URL = "https://idp.scigap.org:9443/services/";;
-
-
- public static RemoteUserStoreManagerServiceStub
getAdminServiceClient(String adminUserName, String adminPassword, String
adminService){
-
- /**
- * trust store path. this must contains server's certificate or
Server's CA chain
- */
-
- /* The below code snippet is intentionally commented for the build to
pass,
- * because the private key and certificate file are not committed to
GitHub,
- * which are needed to run the client */
-
-// String trustStore = System.getProperty("user.dir") + File.separator +
-// "modules" + File.separator + "user-profile-migration" +
File.separator +
-// "src" + File.separator + "main" + File.separator +
-// "resources" + File.separator + "wso2carbon.jks";
-// System.out.println("file path : " + trustStore);
-
- /**
- * Call to https://localhost:9443/services/ uses HTTPS protocol.
- * Therefore we to validate the server certificate or CA chain. The
server certificate is looked up in the
- * trust store.
- * Following code sets what trust-store to look for and its JKs
password.
- */
-
-// System.setProperty("javax.net.ssl.trustStore", trustStore );
-
-// System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
-
- // idp.scigap.org:9443 certificate has expired, so the following
disables checking the certificate
- TrustManager[] trustAllCerts = new TrustManager[]{
- new X509TrustManager() {
- public java.security.cert.X509Certificate[]
getAcceptedIssuers() {return null;}
- public void
checkClientTrusted(java.security.cert.X509Certificate[] certs, String
authType){}
- public void
checkServerTrusted(java.security.cert.X509Certificate[] certs, String
authType){}
- }
- };
-
- try {
- SSLContext sc = SSLContext.getInstance("SSL");
- sc.init(null, trustAllCerts, new java.security.SecureRandom());
- SSLContext.setDefault(sc);
- } catch (KeyManagementException e) {
- throw new RuntimeException(e);
- } catch (NoSuchAlgorithmException e) {
- throw new RuntimeException(e);
- }
- /**
- * Axis2 configuration context
- */
- ConfigurationContext configContext;
- RemoteUserStoreManagerServiceStub adminStub;
-
- try {
-
- /**
- * Create a configuration context. A configuration context
contains information for
- * axis2 environment. This is needed to create an axis2 service
client
- */
- configContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(null,
null);
-
- /**
- * end point url with service name
- */
-// String serviceEndPoint = SEVER_URL +
"RemoteUserStoreManagerService";
- String serviceEndPoint = SEVER_URL + adminService;
-
- /**
- * create stub and service client
- */
- adminStub = new RemoteUserStoreManagerServiceStub(configContext,
serviceEndPoint);
- ServiceClient client = adminStub._getServiceClient();
- Options option = client.getOptions();
-
- /**
- * Setting a authenticated cookie that is received from Carbon
server.
- * If you have authenticated with Carbon server earlier, you can
use that cookie, if
- * it has not been expired
- */
- option.setProperty(HTTPConstants.COOKIE_STRING, null);
-
- /**
- * Setting basic auth headers for authentication for carbon server
- */
- HttpTransportProperties.Authenticator auth = new
HttpTransportProperties.Authenticator();
- auth.setUsername(adminUserName);
- auth.setPassword(adminPassword);
- auth.setPreemptiveAuthentication(true);
- option.setProperty(HTTPConstants.AUTHENTICATE, auth);
- option.setManageSession(true);
- return adminStub;
- } catch (Exception e) {
- e.printStackTrace();
- }
- return null;
- }
-}
\ No newline at end of file
diff --git
a/tools/user-profile-migration/user-profile-migration.properties.template
b/tools/user-profile-migration/user-profile-migration.properties.template
deleted file mode 100644
index f1981c0..0000000
--- a/tools/user-profile-migration/user-profile-migration.properties.template
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-# Common settings
-# NOTE: the gateway-id will also be used for the realm id in Keycloak
-gateway-id = gateway-id
-gateway.url = http://localhost
-gateway.admin.username = admin
-gateway.admin.first.name = Admin
-gateway.admin.last.name = User
-gateway.admin.email.address = [email protected]
-
-# WSO2 Identity Server settings
-wso2is.admin.username = username
-wso2is.admin.password = password
-wso2is.admin.rolename = admin
-wso2is.admin-read-only.rolename = admin-read-only
-wso2is.gateway-user.rolename = gateway-user
-wso2is.user-pending.rolename = user-pending
-wso2is.gateway-provider.rolename = gateway-provider
-
-# Airavata Service settings
-airavata.service.host = localhost
-airavata.service.port = 8930
-airavata.service.secure = false
-
-# Profile Service settings
-profile.service.host = localhost
-profile.service.port = 8962
-
-# Keycloak settings
-# username and password for master realm admin user
-keycloak.admin.username = username
-keycloak.admin.password = password
-keycloak.service-url = https://iam.scigap.org/auth
-keycloak.truststore.path =
../../modules/configuration/server/src/main/resources/client_truststore.jks
-keycloak.truststore.password = password
-keycloak.user.temp.password = tempPassword
