Examples with IamAdminServicesException org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException used on opensource projects

Search in sources :

Example 16 with IamAdminServicesException

use of org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException in project airavata by apache.

the class TenantManagementKeycloakImpl method addTenant.

@Override
public Gateway addTenant(PasswordCredential isSuperAdminPasswordCreds, Gateway gatewayDetails) throws IamAdminServicesException {
    Keycloak client = null;
    try {
        // get client
        client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), this.superAdminRealmId, isSuperAdminPasswordCreds);
        // create realm
        RealmRepresentation newRealmDetails = new RealmRepresentation();
        newRealmDetails.setEnabled(true);
        newRealmDetails.setId(gatewayDetails.getGatewayId());
        newRealmDetails.setDisplayName(gatewayDetails.getGatewayName());
        newRealmDetails.setRealm(gatewayDetails.getGatewayId());
        // Following two settings allow duplicate email addresses
        newRealmDetails.setLoginWithEmailAllowed(false);
        newRealmDetails.setDuplicateEmailsAllowed(true);
        // Default access token lifespan to 30 minutes, SSO session idle to 60 minutes
        newRealmDetails.setAccessTokenLifespan(1800);
        newRealmDetails.setSsoSessionIdleTimeout(3600);
        RealmRepresentation realmWithRoles = TenantManagementKeycloakImpl.createDefaultRoles(newRealmDetails);
        client.realms().create(realmWithRoles);
        return gatewayDetails;
    } catch (ApplicationSettingsException ex) {
        logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
        IamAdminServicesException exception = new IamAdminServicesException();
        exception.setMessage("Error getting Iam server Url from property file, reason: " + ex.getMessage());
        throw exception;
    } catch (Exception ex) {
        logger.error("Error creating Realm in Keycloak Server, reason: " + ex.getMessage(), ex);
        IamAdminServicesException exception = new IamAdminServicesException();
        exception.setMessage("Error creating Realm in Keycloak Server, reason: " + ex.getMessage());
        throw exception;
    } finally {
        if (client != null) {
            client.close();
        }
    }
}
Also used : ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) Keycloak(org.keycloak.admin.client.Keycloak) IOException(java.io.IOException) ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException)

Example 17 with IamAdminServicesException

use of org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException in project airavata by apache.

the class TenantManagementKeycloakImpl method getUsersWithRole.

@Override
public List<UserProfile> getUsersWithRole(PasswordCredential realmAdminCreds, String tenantId, String roleName) throws IamAdminServicesException {
    Keycloak client = null;
    try {
        client = TenantManagementKeycloakImpl.getClient(ServerSettings.getIamServerUrl(), tenantId, realmAdminCreds);
        // FIXME: this only searches through the most recent 100 users for the given role (assuming there are no more than 10,000 users in the gateway)
        int totalUserCount = client.realm(tenantId).users().count();
        logger.debug("getUsersWithRole: totalUserCount=" + totalUserCount);
        // Load all users in batches
        List<UserRepresentation> allUsers = new ArrayList<>();
        int userBatchSize = 100;
        for (int start = 0; start < totalUserCount; start = start + userBatchSize) {
            logger.debug("getUsersWithRole: fetching " + userBatchSize + " users...");
            allUsers.addAll(client.realm(tenantId).users().search(null, null, null, null, start, userBatchSize));
        }
        logger.debug("getUsersWithRole: all users count=" + allUsers.size());
        allUsers.sort((a, b) -> a.getCreatedTimestamp() - b.getCreatedTimestamp() > 0 ? -1 : 1);
        // The 100 most recently created users
        List<UserRepresentation> mostRecentUsers = allUsers.subList(0, Math.min(allUsers.size(), 100));
        logger.debug("getUsersWithRole: most recent users count=" + mostRecentUsers.size());
        List<UserProfile> usersWithRole = new ArrayList<>();
        for (UserRepresentation user : mostRecentUsers) {
            UserResource userResource = client.realm(tenantId).users().get(user.getId());
            List<RoleRepresentation> roleRepresentations = userResource.roles().realmLevel().listAll();
            for (RoleRepresentation roleRepresentation : roleRepresentations) {
                if (roleRepresentation.getName().equals(roleName)) {
                    usersWithRole.add(convertUserRepresentationToUserProfile(user, tenantId));
                    break;
                }
            }
        }
        logger.debug("getUsersWithRole: most recent users with role count=" + usersWithRole.size());
        return usersWithRole;
    } catch (ApplicationSettingsException ex) {
        logger.error("Error getting values from property file, reason: " + ex.getMessage(), ex);
        IamAdminServicesException exception = new IamAdminServicesException();
        exception.setMessage("Error getting values from property file, reason " + ex.getMessage());
        throw exception;
    } finally {
        if (client != null) {
            logger.debug("getUsersWithRole: closing client...");
            client.close();
            logger.debug("getUsersWithRole: client closed");
        }
    }
}
Also used : ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) UserProfile(org.apache.airavata.model.user.UserProfile) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) ArrayList(java.util.ArrayList) UserResource(org.keycloak.admin.client.resource.UserResource) Keycloak(org.keycloak.admin.client.Keycloak)

Example 18 with IamAdminServicesException

use of org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException in project airavata by apache.

the class IamAdminServicesHandler method getUsersWithRole.

@Override
@SecurityCheck
public List<UserProfile> getUsersWithRole(AuthzToken authzToken, String roleName) throws IamAdminServicesException, AuthorizationException, TException {
    TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
    String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
    try {
        PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
        return keycloakclient.getUsersWithRole(isRealmAdminCredentials, gatewayId, roleName);
    } catch (Exception ex) {
        String msg = "Error while retrieving users with role, reason: " + ex.getMessage();
        logger.error(msg, ex);
        throw new IamAdminServicesException(msg);
    }
}
Also used : TenantManagementKeycloakImpl(org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) PasswordCredential(org.apache.airavata.model.credential.store.PasswordCredential) TException(org.apache.thrift.TException) AuthorizationException(org.apache.airavata.model.error.AuthorizationException) RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException) CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException) ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)

Example 19 with IamAdminServicesException

use of org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException in project airavata by apache.

the class IamAdminServicesHandler method enableUser.

@Override
@SecurityCheck
public boolean enableUser(AuthzToken authzToken, String username) throws IamAdminServicesException, AuthorizationException {
    TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
    String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
    try {
        PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
        if (keycloakclient.enableUserAccount(isRealmAdminCredentials, gatewayId, username))
            return true;
        else
            return false;
    } catch (TException | ApplicationSettingsException ex) {
        String msg = "Error while enabling user account, reason: " + ex.getMessage();
        logger.error(msg, ex);
        throw new IamAdminServicesException(msg);
    }
}
Also used : TenantManagementKeycloakImpl(org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl) TException(org.apache.thrift.TException) ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) PasswordCredential(org.apache.airavata.model.credential.store.PasswordCredential) SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)

Example 20 with IamAdminServicesException

use of org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException in project airavata by apache.

the class IamAdminServicesHandler method addRoleToUser.

@Override
@SecurityCheck
public boolean addRoleToUser(AuthzToken authzToken, String username, String roleName) throws IamAdminServicesException, AuthorizationException, TException {
    TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
    String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
    try {
        PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
        return keycloakclient.addRoleToUser(isRealmAdminCredentials, gatewayId, username, roleName);
    } catch (TException | ApplicationSettingsException ex) {
        String msg = "Error while adding role to user, reason: " + ex.getMessage();
        logger.error(msg, ex);
        throw new IamAdminServicesException(msg);
    }
}
Also used : TenantManagementKeycloakImpl(org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl) TException(org.apache.thrift.TException) ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException) IamAdminServicesException(org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException) PasswordCredential(org.apache.airavata.model.credential.store.PasswordCredential) SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)

Aggregations

IamAdminServicesException (org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException)25 ApplicationSettingsException (org.apache.airavata.common.exception.ApplicationSettingsException)21 PasswordCredential (org.apache.airavata.model.credential.store.PasswordCredential)12 TenantManagementKeycloakImpl (org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl)12 Keycloak (org.keycloak.admin.client.Keycloak)11 SecurityCheck (org.apache.airavata.service.security.interceptor.SecurityCheck)9 TException (org.apache.thrift.TException)8 UserResource (org.keycloak.admin.client.resource.UserResource)8 IOException (java.io.IOException)5 ArrayList (java.util.ArrayList)5 UserProfile (org.apache.airavata.model.user.UserProfile)4 Response (javax.ws.rs.core.Response)3 RoleResource (org.keycloak.admin.client.resource.RoleResource)3 Gateway (org.apache.airavata.model.workspace.Gateway)2 CredentialStoreService (org.apache.airavata.credential.store.cpi.CredentialStoreService)1 CredentialStoreException (org.apache.airavata.credential.store.exception.CredentialStoreException)1 AuthorizationException (org.apache.airavata.model.error.AuthorizationException)1 RegistryServiceException (org.apache.airavata.registry.api.exception.RegistryServiceException)1 UserProfileServiceException (org.apache.airavata.service.profile.user.cpi.exception.UserProfileServiceException)1 TBinaryProtocol (org.apache.thrift.protocol.TBinaryProtocol)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial