Examples with UsersApi org.broadinstitute.dsde.workbench.client.sam.api.UsersApi used on opensource projects

Example 1 with UsersApi

use of org.broadinstitute.dsde.workbench.client.sam.api.UsersApi in project terra-workspace-manager by DataBiosphere.

the class SamService method initializeWsmServiceAccount.

/**
 * Register WSM's service account as a user in Sam if it isn't already. This should only need to
 * register with Sam once per environment, so it is implemented lazily.
 */
private void initializeWsmServiceAccount() throws InterruptedException {
    if (!wsmServiceAccountInitialized) {
        String wsmAccessToken = null;
        try {
            wsmAccessToken = getWsmServiceAccountToken();
        } catch (InternalServerErrorException e) {
            // In cases where WSM is not running as a service account (e.g. unit tests), the above call
            // will throw. This can be ignored now and later when the credentials are used again.
            logger.warn("Failed to register WSM service account in Sam. This is expected for tests.", e);
            return;
        }
        UsersApi usersApi = samUsersApi(wsmAccessToken);
        // If registering the service account fails, all we can do is to keep trying.
        if (!wsmServiceAccountRegistered(usersApi)) {
            // retries internally
            registerWsmServiceAccount(usersApi);
        }
        wsmServiceAccountInitialized = true;
    }
}

Example 2 with UsersApi

use of org.broadinstitute.dsde.workbench.client.sam.api.UsersApi in project terra-workspace-manager by DataBiosphere.

the class SamService method constructUserPetSaEmail.

/**
 * Construct the email of an arbitrary user's pet service account in a given project. Unlike
 * {@code getOrCreatePetSaEmail}, this will not create the underlying service account. It may
 * return the email of a service account which does not exist.
 */
public ServiceAccountName constructUserPetSaEmail(String projectId, String userEmail, AuthenticatedUserRequest userRequest) throws InterruptedException {
    UsersApi usersApi = samUsersApi(userRequest.getRequiredToken());
    try {
        String subjectId = SamRetry.retry(() -> usersApi.getUserIds(userEmail).getUserSubjectId());
        String saEmail = String.format("pet-%s@%s.iam.gserviceaccount.com", subjectId, projectId);
        return ServiceAccountName.builder().email(saEmail).projectId(projectId).build();
    } catch (ApiException apiException) {
        throw SamExceptionFactory.create("Error getting user subject ID from Sam", apiException);
    }
}

Example 3 with UsersApi

use of org.broadinstitute.dsde.workbench.client.sam.api.UsersApi in project terra-cli by DataBiosphere.

the class SamService method inviteUser.

/**
 * Call the SAM "/api/users/v1/invite/{inviteeEmail}" endpoint to invite a user and track them.
 * This is not the same thing as registering a user.
 *
 * @param userEmail email to invite
 */
public void inviteUser(String userEmail) {
    callWithRetries(() -> {
        logger.info("Inviting new user: {}", userEmail);
        UserStatusDetails userStatusDetails = new UsersApi(apiClient).inviteUser(userEmail);
        logger.info("Invited new user: {}", userStatusDetails);
    }, "Error inviting new user in SAM.");
}

Example 4 with UsersApi

use of org.broadinstitute.dsde.workbench.client.sam.api.UsersApi in project terra-cli by DataBiosphere.

the class SamService method registerUser.

/**
 * Call the SAM "/register/user/v1" endpoint to register the user who is currently logged in. This
 * is not the same as inviting a user.
 */
public void registerUser() {
    callWithRetries(() -> {
        UserStatus userStatus = new UsersApi(apiClient).createUserV2();
        logger.info("User registered in SAM: {}, {}", userStatus.getUserInfo().getUserSubjectId(), userStatus.getUserInfo().getUserEmail());
    }, "Error registering new user in SAM.");
}