use of com.tremolosecurity.provisioning.util.HttpCon in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method deleteFullName.
private String deleteFullName(User user, int approvalID, Workflow workflow, Gson gson, StringBuffer b) throws Exception, IOException, ClientProtocolException, ProvisioningException {
String token;
token = this.getAuthToken();
HttpCon con = this.createClient();
try {
b.append("/apis/user.openshift.io/v1/users/").append(user.getUserID());
String json = callWS(token, con, b.toString());
com.tremolosecurity.unison.openshiftv3.model.users.User osUser = gson.fromJson(json, com.tremolosecurity.unison.openshiftv3.model.users.User.class);
osUser.setFullName(null);
json = gson.toJson(osUser);
json = callWSPut(token, con, b.toString(), json);
osUser = gson.fromJson(json, com.tremolosecurity.unison.openshiftv3.model.users.User.class);
if (osUser.getKind().equals("User")) {
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Delete, approvalID, workflow, "fullName", osUser.getFullName());
} else {
throw new Exception("Could not unset fullName for " + user.getUserID() + " - " + osUser.getReason());
}
} finally {
con.getHttp().close();
con.getBcm().shutdown();
}
return token;
}
use of com.tremolosecurity.provisioning.util.HttpCon in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method syncGroups.
private void syncGroups(User user, boolean addOnly, int approvalID, Workflow workflow, User fromServer, String token) throws Exception, IOException {
HttpCon con = null;
try {
// first see if there are groups to add
HashSet<String> fromServerGroups = new HashSet<String>();
fromServerGroups.addAll(fromServer.getGroups());
for (String groupName : user.getGroups()) {
if (!fromServerGroups.contains(groupName)) {
if (token == null) {
token = this.getAuthToken();
}
if (con == null) {
con = this.createClient();
}
this.addUserToGroup(token, con, user.getUserID(), groupName, approvalID, workflow);
}
}
if (!addOnly) {
// remove groups no longer present
HashSet<String> fromUserGroups = new HashSet<String>();
fromUserGroups.addAll(user.getGroups());
for (String groupName : fromServer.getGroups()) {
if (!fromUserGroups.contains(groupName)) {
if (token == null) {
token = this.getAuthToken();
}
if (con == null) {
con = this.createClient();
}
this.removeUserFromGroup(token, con, user.getUserID(), groupName, approvalID, workflow);
}
}
}
} finally {
if (con != null) {
con.getBcm().shutdown();
con.getHttp().close();
}
}
}
use of com.tremolosecurity.provisioning.util.HttpCon in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
com.tremolosecurity.unison.openshiftv3.model.users.User osUser = new com.tremolosecurity.unison.openshiftv3.model.users.User();
osUser.setKind("User");
osUser.setApiVersion("user.openshift.io/v1");
osUser.getMetadata().put("name", user.getUserID());
if (user.getAttribs().get("fullName") != null) {
osUser.setFullName(user.getAttribs().get("fullName").getValues().get(0));
}
Gson gson = new Gson();
try {
String token = this.getAuthToken();
HttpCon con = this.createClient();
try {
String json = gson.toJson(osUser);
StringBuffer b = new StringBuffer();
b.append("/apis/user.openshift.io/v1/users");
osUser = gson.fromJson(this.callWSPost(token, con, b.toString(), json), com.tremolosecurity.unison.openshiftv3.model.users.User.class);
if (!osUser.getKind().equals("User")) {
throw new ProvisioningException("Could not create user " + user.getUserID() + " - " + osUser.getReason());
}
this.cfgMgr.getProvisioningEngine().logAction(name, true, ActionType.Add, approvalID, workflow, "name", user.getUserID());
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "name", (String) osUser.getMetadata().get("name"));
if (user.getAttribs().get("fullName") != null) {
this.cfgMgr.getProvisioningEngine().logAction(name, false, ActionType.Add, approvalID, workflow, "fullName", osUser.getFullName());
}
for (String groupName : user.getGroups()) {
this.addUserToGroup(token, con, user.getUserID(), groupName, approvalID, workflow);
}
} finally {
if (con != null) {
con.getBcm().shutdown();
}
}
} catch (Exception e) {
throw new ProvisioningException("Could not create user", e);
}
}
use of com.tremolosecurity.provisioning.util.HttpCon in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method findUser.
@Override
public User findUser(String userID, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
try {
User user = null;
String token = this.getAuthToken();
// users aren't bound to groups and there's no way to directly lookup what groups a user has
// so we need to read all groups and see if the user exists
ArrayList<String> groupsForUser = new ArrayList<String>();
HttpCon con = this.createClient();
StringBuffer b = new StringBuffer();
com.tremolosecurity.unison.openshiftv3.model.List<GroupItem> groupList = null;
try {
String json = callWS(token, con, "/apis/user.openshift.io/v1/groups");
Gson gson = new Gson();
TypeToken<com.tremolosecurity.unison.openshiftv3.model.List<GroupItem>> tokenType = new TypeToken<com.tremolosecurity.unison.openshiftv3.model.List<GroupItem>>() {
};
groupList = gson.fromJson(json, tokenType.getType());
b.append("/apis/user.openshift.io/v1/users/").append(userID);
json = callWS(token, con, b.toString());
com.tremolosecurity.unison.openshiftv3.model.users.User osUser = gson.fromJson(json, com.tremolosecurity.unison.openshiftv3.model.users.User.class);
if (osUser.getKind().equalsIgnoreCase("User")) {
user = new User(userID);
for (String attrName : osUser.getMetadata().keySet()) {
if (!attrName.equalsIgnoreCase("fullName") && attributes.contains(attrName)) {
user.getAttribs().put(attrName, new Attribute(attrName, (String) osUser.getMetadata().get(attrName)));
}
}
if (attributes.contains("fullName") && osUser.getFullName() != null) {
user.getAttribs().put("fullName", new Attribute("fullName", osUser.getFullName()));
}
}
} finally {
if (con != null) {
con.getBcm().shutdown();
}
}
for (GroupItem group : groupList.getItems()) {
if (group.getUsers() != null && group.getUsers().contains(userID)) {
groupsForUser.add((String) group.getMetadata().get("name"));
}
}
if (groupsForUser.isEmpty()) {
return user;
} else {
if (user == null) {
// user = new User(userID);
return null;
}
user.getGroups().addAll(groupsForUser);
return user;
}
} catch (Exception e) {
throw new ProvisioningException("Could not load " + userID, e);
}
}
use of com.tremolosecurity.provisioning.util.HttpCon in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method createClient.
public HttpCon createClient() throws Exception {
ArrayList<Header> defheaders = new ArrayList<Header>();
defheaders.add(new BasicHeader("X-Csrf-Token", "1"));
BasicHttpClientConnectionManager bhcm = new BasicHttpClientConnectionManager(cfgMgr.getHttpClientSocketRegistry());
RequestConfig rc = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD).setRedirectsEnabled(false).build();
CloseableHttpClient http = HttpClients.custom().setConnectionManager(bhcm).setDefaultHeaders(defheaders).setDefaultRequestConfig(rc).build();
HttpCon con = new HttpCon();
con.setBcm(bhcm);
con.setHttp(http);
return con;
}
Aggregations