Search in sources :

Example 1 with IdentityUserRole

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUserRole in project cloudbreak by hortonworks.

the class CachedUserDetailsService method getIdentityUser.

private IdentityUser getIdentityUser(String username, UserFilterField filterField, String clientSecret) {
    WebTarget target;
    LOGGER.info("Load user details: {}", username);
    switch(filterField) {
        case USERNAME:
            target = identityWebTarget.queryParam("filter", "userName eq \"" + username + '"');
            break;
        case USERID:
            target = identityWebTarget.path(username);
            break;
        default:
            throw new UserDetailsUnavailableException("User details cannot be retrieved.");
    }
    AccessToken accessToken = identityClient.getToken(clientSecret);
    String scimResponse = target.request(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + accessToken.getToken()).get(String.class);
    try {
        JsonNode root = JsonUtil.readTree(scimResponse);
        List<IdentityUserRole> roles = new ArrayList<>();
        String account = null;
        JsonNode userNode = root;
        if (UserFilterField.USERNAME.equals(filterField)) {
            userNode = root.get("resources").get(0);
        }
        if (userNode == null) {
            throw new UserDetailsUnavailableException("User details cannot be retrieved from identity server.");
        }
        for (JsonNode node : userNode.get("groups")) {
            String group = node.get("display").asText();
            if (group.startsWith("sequenceiq.account")) {
                String[] parts = group.split("\\.");
                if (account != null && !account.equals(parts[ACCOUNT_PART])) {
                    throw new IllegalStateException("A user can belong to only one account.");
                }
                account = parts[ACCOUNT_PART];
            } else if (group.startsWith("sequenceiq.cloudbreak")) {
                String[] parts = group.split("\\.");
                roles.add(IdentityUserRole.fromString(parts[ROLE_PART]));
            }
        }
        return createIdentityUser(roles, account, userNode);
    } catch (IOException e) {
        throw new UserDetailsUnavailableException("User details cannot be retrieved from identity server.", e);
    }
}
Also used : IdentityUserRole(com.sequenceiq.cloudbreak.common.model.user.IdentityUserRole) AccessToken(com.sequenceiq.cloudbreak.client.AccessToken) ArrayList(java.util.ArrayList) JsonNode(com.fasterxml.jackson.databind.JsonNode) WebTarget(javax.ws.rs.client.WebTarget) IOException(java.io.IOException)

Aggregations

JsonNode (com.fasterxml.jackson.databind.JsonNode)1 AccessToken (com.sequenceiq.cloudbreak.client.AccessToken)1 IdentityUserRole (com.sequenceiq.cloudbreak.common.model.user.IdentityUserRole)1 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1 WebTarget (javax.ws.rs.client.WebTarget)1