use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.
the class LoadAuthChainsFromK8s method modifyObject.
@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
String rawJson = item.toJSONString();
StringBuffer b = new StringBuffer();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
try {
JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
JSONObject metadata = (JSONObject) newRoot.get("metadata");
if (metadata == null) {
throw new ProvisioningException("No metadata");
}
String name = (String) metadata.get("name");
logger.info("Modifying authentication chain " + name);
try {
AuthChainType act = this.createAuthChain(item, name);
synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getAuthChains()) {
GlobalEntries.getGlobalEntries().getConfigManager().getAuthChains().put(name, act);
}
synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getCfg()) {
AuthChainType curAct = null;
for (AuthChainType itAct : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain()) {
if (itAct.getName().equals(act.getName())) {
curAct = itAct;
break;
}
}
if (curAct != null) {
GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain().remove(curAct);
}
GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain().add(act);
}
} catch (Exception e) {
logger.warn("Could not initialize authentication chain " + name, e);
}
} catch (ParseException e) {
throw new ProvisioningException("Could not parse custom authorization", e);
}
}
use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.
the class LoadAuthMechsFromK8s method addObject.
@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
String rawJson = item.toJSONString();
StringBuffer b = new StringBuffer();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
try {
JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
JSONObject metadata = (JSONObject) newRoot.get("metadata");
if (metadata == null) {
throw new ProvisioningException("No metadata");
}
String name = (String) metadata.get("name");
logger.info("Adding authentication mechanism " + name);
try {
MechanismType mt = this.createAuthMech(item, name);
GlobalEntries.getGlobalEntries().getConfigManager().addAuthenticationMechanism(mt);
synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getCfg()) {
MechanismType curMech = null;
for (MechanismType itMech : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism()) {
if (itMech.getName().equals(mt.getName())) {
curMech = itMech;
break;
}
}
if (curMech != null) {
GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().remove(curMech);
}
GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().add(mt);
}
} catch (Exception e) {
logger.warn("Could not initialize authentication mechanism " + name, e);
return;
}
} catch (ParseException e) {
throw new ProvisioningException("Could not parse custom authorization", e);
}
}
use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.
the class LoadAuthorizationsFromK8s method createCustomAz.
private CustomAzRuleType createCustomAz(JSONObject item, String name) throws ProvisioningException {
CustomAzRuleType cart = new CustomAzRuleType();
JSONObject spec = (JSONObject) item.get("spec");
cart.setName(name);
cart.setClassName((String) spec.get("className"));
JSONObject params = (JSONObject) spec.get("params");
for (Object o : params.keySet()) {
String keyName = (String) o;
Object v = params.get(keyName);
if (v instanceof String) {
String val = (String) v;
ParamType pt = new ParamType();
pt.setName(keyName);
pt.setValue(val);
cart.getParams().add(pt);
} else if (v instanceof JSONArray) {
for (Object ov : ((JSONArray) v)) {
ParamType pt = new ParamType();
pt.setName(keyName);
pt.setValue((String) ov);
cart.getParams().add(pt);
}
}
}
JSONArray secretParams = (JSONArray) spec.get("secretParams");
if (secretParams != null) {
try {
HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
String token = this.k8sWatch.getK8s().getAuthToken();
try {
for (Object ox : secretParams) {
JSONObject secretParam = (JSONObject) ox;
String paramName = (String) secretParam.get("name");
String secretName = (String) secretParam.get("secretName");
String secretKey = (String) secretParam.get("secretKey");
String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue(secretValue);
cart.getParams().add(pt);
}
} finally {
nonwatchHttp.getHttp().close();
nonwatchHttp.getBcm().close();
}
} catch (Exception e) {
throw new ProvisioningException("Could not generate secret params from '" + name + "'", e);
}
}
return cart;
}
use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.
the class LoadAuthorizationsFromK8s method modifyObject.
@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
String rawJson = item.toJSONString();
StringBuffer b = new StringBuffer();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
try {
JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
JSONObject metadata = (JSONObject) newRoot.get("metadata");
if (metadata == null) {
throw new ProvisioningException("No metadata");
}
String name = (String) metadata.get("name");
logger.info("Modifying custom authorization " + name);
CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
} catch (ParseException e) {
throw new ProvisioningException("Could not parse custom authorization", e);
}
}
use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.
the class LoadAuthorizationsFromK8s method addObject.
@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
String rawJson = item.toJSONString();
StringBuffer b = new StringBuffer();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
try {
JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
JSONObject metadata = (JSONObject) newRoot.get("metadata");
if (metadata == null) {
throw new ProvisioningException("No metadata");
}
String name = (String) metadata.get("name");
logger.info("Adding custom authorization " + name);
CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
} catch (ParseException e) {
throw new ProvisioningException("Could not parse custom authorization", e);
}
}
Aggregations