Example 1 with ServicePrincipalInner
use of com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalInner in project cloudbreak by hortonworks.
the class PrincipalCreator method createServicePrincipal.
@Retryable(value = InteractiveLoginException.class, maxAttempts = 15, backoff = @Backoff(delay = 1000))
public ServicePrincipalInner createServicePrincipal(String accessToken, String appId, String tenantId) throws InteractiveLoginException {
Response response = createServicePrincipalWithGraph(accessToken, appId, tenantId);
if (response.getStatusInfo().getFamily() == Family.SUCCESSFUL) {
String principal = response.readEntity(String.class);
try {
ObjectMapper objectMapper = new ObjectMapper();
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
ServicePrincipalInner sp = objectMapper.readValue(principal, ServicePrincipalInner.class);
String objectId = sp.objectId();
LOGGER.info("Service principal created with objectId: " + objectId);
return sp;
} catch (IOException e) {
throw new IllegalStateException(e);
}
} else {
String errorResponse = response.readEntity(String.class);
LOGGER.error("create service principal failed: " + errorResponse);
try {
String errorMessage = new ObjectMapper().readTree(errorResponse).get("odata.error").get("message").get("value").asText();
throw new InteractiveLoginException("Service principal creation error: " + errorMessage);
} catch (IOException e) {
throw new IllegalStateException(e);
}
}
}
Also used :
Response(javax.ws.rs.core.Response)
ServicePrincipalInner(com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalInner)
IOException(java.io.IOException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Retryable(org.springframework.retry.annotation.Retryable)
Example 2 with ServicePrincipalInner
use of com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalInner in project cloudbreak by hortonworks.
the class AzureInteractiveLoginStatusCheckerTask method doCall.
@Override
protected Boolean doCall() {
Response response = createPollingRequest();
if (response.getStatusInfo().getFamily() == Family.SUCCESSFUL) {
String tokenResponseString = response.readEntity(String.class);
try {
String refreshToken = new ObjectMapper().readTree(tokenResponseString).get("refresh_token").asText();
LOGGER.info("Access token received");
ExtendedCloudCredential extendedCloudCredential = armInteractiveLoginStatusCheckerContext.getExtendedCloudCredential();
AzureCredentialView armCredentialView = new AzureCredentialView(extendedCloudCredential);
try {
String graphApiAccessToken = createResourceToken(refreshToken, armCredentialView.getTenantId(), GRAPH_WINDOWS);
String managementApiToken = createResourceToken(refreshToken, armCredentialView.getTenantId(), MANAGEMENT_CORE_WINDOWS);
subscriptionChecker.checkSubscription(armCredentialView.getSubscriptionId(), managementApiToken);
tenantChecker.checkTenant(armCredentialView.getTenantId(), managementApiToken);
String secretKey = UUID.randomUUID().toString();
String appId = applicationCreator.createApplication(graphApiAccessToken, armCredentialView.getTenantId(), secretKey);
sendStatusMessage(extendedCloudCredential, "Cloudbreak application created");
ServicePrincipalInner sp = principalCreator.createServicePrincipal(graphApiAccessToken, appId, armCredentialView.getTenantId());
String principalObjectId = sp.objectId();
String notification = new StringBuilder("Principal created for application!").append(" Name: ").append(sp.displayName()).append(", AppId: ").append(sp.appId()).toString();
sendStatusMessage(extendedCloudCredential, notification);
String roleName = armCredentialView.getRoleName();
String roleType = armCredentialView.getRoleType();
String roleId = azureRoleManager.handleRoleOperations(managementApiToken, armCredentialView.getSubscriptionId(), roleName, roleType);
azureRoleManager.assignRole(managementApiToken, armCredentialView.getSubscriptionId(), roleId, principalObjectId);
sendStatusMessage(extendedCloudCredential, "Role assigned for principal");
extendedCloudCredential.putParameter("accessKey", appId);
extendedCloudCredential.putParameter("secretKey", secretKey);
extendedCloudCredential.putParameter("spDisplayName", sp.displayName());
armInteractiveLoginStatusCheckerContext.getCredentialNotifier().createCredential(getAuthenticatedContext().getCloudContext(), extendedCloudCredential);
} catch (InteractiveLoginException | InteractiveLoginUnrecoverableException e) {
LOGGER.error("Interactive login failed", e);
sendErrorStatusMessage(extendedCloudCredential, e.getMessage());
}
} catch (IOException e) {
throw new IllegalStateException(e);
}
return true;
} else {
LOGGER.info("Polling request failed this time, status code {}, response: {}", response.getStatus(), response.readEntity(String.class));
return false;
}
}
Also used :
Response(javax.ws.rs.core.Response)
ExtendedCloudCredential(com.sequenceiq.cloudbreak.cloud.model.ExtendedCloudCredential)
AzureCredentialView(com.sequenceiq.cloudbreak.cloud.azure.view.AzureCredentialView)
ServicePrincipalInner(com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalInner)
IOException(java.io.IOException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Aggregations
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
ServicePrincipalInner (com.microsoft.azure.management.graphrbac.implementation.ServicePrincipalInner)2
IOException (java.io.IOException)2
Response (javax.ws.rs.core.Response)2
AzureCredentialView (com.sequenceiq.cloudbreak.cloud.azure.view.AzureCredentialView)1
ExtendedCloudCredential (com.sequenceiq.cloudbreak.cloud.model.ExtendedCloudCredential)1
Retryable (org.springframework.retry.annotation.Retryable)1
