-
Notifications
You must be signed in to change notification settings - Fork 1
/
MPOAuthHelper.java
128 lines (109 loc) · 4.78 KB
/
MPOAuthHelper.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/*
*
* *
* * * Copyright 2018 King's College London
* * *
* * * Licensed under the Apache License, Version 2.0 (the "License");
* * * you may not use this file except in compliance with the License.
* * * You may obtain a copy of the License at
* * *
* * * http://www.apache.org/licenses/LICENSE-2.0
* * *
* * * Unless required by applicable law or agreed to in writing, software
* * * distributed under the License is distributed on an "AS IS" BASIS,
* * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* * * See the License for the specific language governing permissions and
* * * limitations under the License.
* * *
* *
*
*/
package org.radarbase.appserver.auth.common;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;
@SuppressWarnings("PMD.DataflowAnomalyAnalysis")
public class MPOAuthHelper implements OAuthHelper {
private static final ObjectMapper mapper = new ObjectMapper();
private static final String ACCESS_TOKEN;
private static final String MP_URL = "http://localhost:8081/managementportal/";
private static final String MP_CLIENT = "ManagementPortalapp";
private static final String REST_CLIENT = "pRMT";
private static final String USER = "sub-1";
private static final String ADMIN_USER = "admin";
private static final String ADMIN_PASSWORD = "admin";
private static final String MpPairUri =
UriComponentsBuilder.fromHttpUrl(MP_URL)
.path("api")
.path("/")
.path("oauth-clients")
.path("/")
.path("pair")
.queryParam("clientId", REST_CLIENT)
.queryParam("login", USER)
.toUriString();
private static final String MpTokenUri =
UriComponentsBuilder.fromHttpUrl(MP_URL).path("oauth").path("/").path("token").toUriString();
static {
// Get valid token from Management Portal
final RestTemplate restTemplate = new RestTemplate();
restTemplate.getMessageConverters().add(new MappingJackson2HttpMessageConverter());
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("username", ADMIN_USER);
map.add("password", ADMIN_PASSWORD);
map.add("grant_type", "password");
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.setBasicAuth(MP_CLIENT, "");
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, httpHeaders);
ResponseEntity<String> response =
restTemplate.exchange(MpTokenUri, HttpMethod.POST, request, String.class);
String adminAccessToken = getProperty(response, "access_token");
httpHeaders = new HttpHeaders();
httpHeaders.setBearerAuth(adminAccessToken);
request = new HttpEntity<>(null, httpHeaders);
response = restTemplate.exchange(MpPairUri, HttpMethod.GET, request, String.class);
String tokenUrl = getProperty(response, "tokenUrl");
response = restTemplate.exchange(tokenUrl, HttpMethod.GET, request, String.class);
String refreshToken = getProperty(response, "refreshToken");
httpHeaders = new HttpHeaders();
httpHeaders.setBasicAuth(REST_CLIENT, "");
httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
map = new LinkedMultiValueMap<>();
map.add("refresh_token", refreshToken);
map.add("grant_type", "refresh_token");
request = new HttpEntity<>(map, httpHeaders);
response = restTemplate.exchange(MpTokenUri, HttpMethod.POST, request, String.class);
ACCESS_TOKEN = getProperty(response, "access_token");
}
private static String getProperty(ResponseEntity<String> response, String property) {
if (response.getStatusCode().isError()) {
throw new IllegalStateException("The request was not successful: " + response.toString());
}
JsonNode root;
try {
root = mapper.readTree(response.getBody());
} catch (IOException exc) {
throw new IllegalStateException(
"The property " + property + " could not be retrieved from response " + response);
}
JsonNode propertyNode = root.get(property);
if (propertyNode != null) {
return propertyNode.asText();
} else {
throw new IllegalStateException("Property not found in the response");
}
}
public String getAccessToken() {
return ACCESS_TOKEN;
}
}