Example 1 with OAuth2Client
use of fish.payara.microprofile.config.extensions.oauth.OAuth2Client in project Payara by payara.
the class AzureSecretsConfigSource method bootstrap.
@Override
public void bootstrap() {
StringBuilder contentBuilder = new StringBuilder();
try {
final File tokenFile = getPrivateKeyFile();
if (tokenFile == null) {
LOGGER.warning("Couldn't find private key file, make sure it's configured.");
} else {
try (Stream<String> stream = Files.lines(tokenFile.toPath())) {
stream.forEach(s -> contentBuilder.append(s));
}
}
} catch (Exception ex) {
LOGGER.log(Level.WARNING, "Couldn't find or read the private key file, make sure it exists.", ex);
}
Map<String, String> data = new HashMap<>();
String tenantId = configuration.getTenantId();
String clientId = configuration.getClientId();
if (tenantId == null || clientId == null) {
LOGGER.warning("An error occurred while authenticating Azure to get a token, makes sure Azure Config Source has been configured with correct configuration options.");
} else {
data.put("grant_type", "client_credentials");
data.put("client_id", clientId);
data.put("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
data.put("scope", SCOPE_URL);
try {
final SignedJWT jwt = buildJwt(clientId, String.format(AUTH_URL, tenantId), configuration.getThumbprint());
jwt.sign(new RSASSASigner(parsePrivateKey(contentBuilder.toString())));
data.put("client_assertion", jwt.serialize());
} catch (NoSuchAlgorithmException | InvalidKeySpecException | JOSEException e) {
LOGGER.log(Level.WARNING, "An error occurred while signing the Azure auth token", e);
}
this.authClient = new OAuth2Client(String.format(AUTH_URL, tenantId), data);
}
}
Also used :
HashMap(java.util.HashMap)
OAuth2Client(fish.payara.microprofile.config.extensions.oauth.OAuth2Client)
SignedJWT(com.nimbusds.jwt.SignedJWT)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
JOSEException(com.nimbusds.jose.JOSEException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
File(java.io.File)
JOSEException(com.nimbusds.jose.JOSEException)
Example 2 with OAuth2Client
use of fish.payara.microprofile.config.extensions.oauth.OAuth2Client in project Payara by payara.
the class GCPSecretsConfigSource method bootstrap.
@Override
public void bootstrap() {
String clientEmail = null;
String privateKey = null;
try {
final File tokenFile = getTokenFile();
if (tokenFile == null) {
LOGGER.warning("Couldn't find token file, make sure it's configured.");
} else {
try (JsonParser parser = Json.createParser(new FileInputStream(getTokenFile()))) {
while (parser.hasNext()) {
JsonParser.Event parseEvent = parser.next();
if (parseEvent == Event.KEY_NAME) {
final String keyName = parser.getString();
parser.next();
switch(keyName) {
case "client_email":
clientEmail = parser.getString();
break;
case "private_key":
privateKey = parser.getString();
break;
}
if (clientEmail != null && privateKey != null) {
break;
}
}
}
if (clientEmail == null || privateKey == null) {
throw new PropertyVetoException("Error reading JSON key file", new PropertyChangeEvent(configuration, "jsonKeyFile", null, null));
}
}
}
} catch (Exception ex) {
LOGGER.log(Level.WARNING, "Couldn't find or read the GCP key file, make sure it exists.", ex);
}
Map<String, String> data = new HashMap<>();
data.put("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
if (clientEmail != null && privateKey != null) {
try {
final SignedJWT jwt = buildJwt(// issuer
clientEmail, // scope
"https://www.googleapis.com/auth/cloud-platform");
jwt.sign(new RSASSASigner(parsePrivateKey(privateKey)));
data.put("assertion", jwt.serialize());
} catch (NoSuchAlgorithmException | InvalidKeySpecException | JOSEException e) {
LOGGER.log(Level.WARNING, "An error occurred while signing the GCP auth token", e);
}
}
this.authClient = new OAuth2Client(AUTH_URL, data);
}
Also used :
PropertyChangeEvent(java.beans.PropertyChangeEvent)
HashMap(java.util.HashMap)
OAuth2Client(fish.payara.microprofile.config.extensions.oauth.OAuth2Client)
SignedJWT(com.nimbusds.jwt.SignedJWT)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
FileInputStream(java.io.FileInputStream)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
JOSEException(com.nimbusds.jose.JOSEException)
PropertyVetoException(java.beans.PropertyVetoException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
PropertyVetoException(java.beans.PropertyVetoException)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Event(javax.json.stream.JsonParser.Event)
File(java.io.File)
JOSEException(com.nimbusds.jose.JOSEException)
JsonParser(javax.json.stream.JsonParser)
Aggregations
JOSEException (com.nimbusds.jose.JOSEException)2
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)2
SignedJWT (com.nimbusds.jwt.SignedJWT)2
OAuth2Client (fish.payara.microprofile.config.extensions.oauth.OAuth2Client)2
File (java.io.File)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)2
HashMap (java.util.HashMap)2
PropertyChangeEvent (java.beans.PropertyChangeEvent)1
PropertyVetoException (java.beans.PropertyVetoException)1
FileInputStream (java.io.FileInputStream)1
JsonParser (javax.json.stream.JsonParser)1
Event (javax.json.stream.JsonParser.Event)1
