use of com.sequenceiq.cloudbreak.common.model.user.IdentityUserRole in project cloudbreak by hortonworks.
the class CachedUserDetailsService method getIdentityUser.
private IdentityUser getIdentityUser(String username, UserFilterField filterField, String clientSecret) {
WebTarget target;
LOGGER.info("Load user details: {}", username);
switch(filterField) {
case USERNAME:
target = identityWebTarget.queryParam("filter", "userName eq \"" + username + '"');
break;
case USERID:
target = identityWebTarget.path(username);
break;
default:
throw new UserDetailsUnavailableException("User details cannot be retrieved.");
}
AccessToken accessToken = identityClient.getToken(clientSecret);
String scimResponse = target.request(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + accessToken.getToken()).get(String.class);
try {
JsonNode root = JsonUtil.readTree(scimResponse);
List<IdentityUserRole> roles = new ArrayList<>();
String account = null;
JsonNode userNode = root;
if (UserFilterField.USERNAME.equals(filterField)) {
userNode = root.get("resources").get(0);
}
if (userNode == null) {
throw new UserDetailsUnavailableException("User details cannot be retrieved from identity server.");
}
for (JsonNode node : userNode.get("groups")) {
String group = node.get("display").asText();
if (group.startsWith("sequenceiq.account")) {
String[] parts = group.split("\\.");
if (account != null && !account.equals(parts[ACCOUNT_PART])) {
throw new IllegalStateException("A user can belong to only one account.");
}
account = parts[ACCOUNT_PART];
} else if (group.startsWith("sequenceiq.cloudbreak")) {
String[] parts = group.split("\\.");
roles.add(IdentityUserRole.fromString(parts[ROLE_PART]));
}
}
return createIdentityUser(roles, account, userNode);
} catch (IOException e) {
throw new UserDetailsUnavailableException("User details cannot be retrieved from identity server.", e);
}
}
Aggregations