use of org.apache.airavata.service.profile.tenant.cpi.TenantProfileService in project airavata by apache.
the class MigrationManager method migrateGatewayProfileToAiravata.
private boolean migrateGatewayProfileToAiravata() throws TException {
TenantProfileService.Client tenantProfileServiceClient = getTenantProfileServiceClient();
Airavata.Client airavataClient = airavataServiceSecure ? getAiravataSecureClient() : getAiravataClient();
IamAdminServices.Client iamAdminServicesClient = getIamAdminServicesClient();
// Get Gateway from Airavata API
Gateway gateway = airavataClient.getGateway(authzToken, gatewayId);
if (!GatewayApprovalStatus.APPROVED.equals(gateway.getGatewayApprovalStatus())) {
throw new RuntimeException("Gateway " + gatewayId + " is not APPROVED! Status is " + gateway.getGatewayApprovalStatus());
}
// Add Gateway through TenantProfileService
if (!tenantProfileServiceClient.isGatewayExist(authzToken, gatewayId)) {
System.out.println("Gateway [" + gatewayId + "] doesn't exist, adding in Profile Service...");
String airavataInternalGatewayId = tenantProfileServiceClient.addGateway(authzToken, gateway);
gateway.setAiravataInternalGatewayId(airavataInternalGatewayId);
} else {
System.out.println("Gateway [" + gatewayId + "] already exists in Profile Service");
gateway = tenantProfileServiceClient.getGateway(authzToken, gatewayId);
}
// Gateway URL is required by IAM Admin Services
if (gateway.getGatewayURL() == null) {
gateway.setGatewayURL(this.gatewayURL);
}
// Following are also required by IAM Admin Services in order to create an admin user for the realm
if (gateway.getIdentityServerUserName() == null) {
gateway.setIdentityServerUserName(this.gatewayAdminUsername);
}
if (gateway.getGatewayAdminFirstName() == null) {
gateway.setGatewayAdminFirstName(this.gatewayAdminFirstName);
}
if (gateway.getGatewayAdminLastName() == null) {
gateway.setGatewayAdminLastName(this.gatewayAdminLastName);
}
if (gateway.getGatewayAdminEmail() == null) {
gateway.setGatewayAdminEmail(this.gatewayAdminEmailAddress);
}
// Add Keycloak Tenant for Gateway
System.out.println("Creating Keycloak Tenant for gateway ...");
Gateway gatewayWithIdAndSecret = iamAdminServicesClient.setUpGateway(authzToken, gateway);
// Update Gateway profile with the client id and secret
System.out.println("Updating gateway with OAuth client id and secret ...");
tenantProfileServiceClient.updateGateway(authzToken, gatewayWithIdAndSecret);
KeycloakIdentityServerClient keycloakIdentityServerClient = getKeycloakIdentityServerClient();
// Set the admin user's password to the same as it was for wso2IS
keycloakIdentityServerClient.setUserPassword(gatewayId, this.gatewayAdminUsername, this.wso2ISAdminPassword);
// Create password credential for admin username and password
String passwordToken = airavataClient.registerPwdCredential(authzToken, gatewayId, this.gatewayAdminUsername, this.gatewayAdminUsername, this.wso2ISAdminPassword, "Keycloak admin password for realm " + gatewayId);
// Update gateway resource profile with tenant id (gatewayId) and admin user password token
GatewayResourceProfile gatewayResourceProfile = airavataClient.getGatewayResourceProfile(authzToken, gatewayId);
gatewayResourceProfile.setIdentityServerTenant(gatewayId);
gatewayResourceProfile.setIdentityServerPwdCredToken(passwordToken);
airavataClient.updateGatewayResourceProfile(authzToken, gatewayId, gatewayResourceProfile);
return true;
}
Aggregations