Merge pull request #2 from indigo-paas/client_iam

Client iam

Author: maricaantonacci

src/main/java/it/reply/orchestrator/dto/iam/IamClientRequest.java

@@ -0,0 +1,118 @@
+/*
+ * Copyright © 2015-2021 I.N.F.N.
+ * Copyright © 2015-2020 Santer Reply S.p.A.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package it.reply.orchestrator.dto.iam;
+
+import com.fasterxml.jackson.databind.PropertyNamingStrategies;
+import com.fasterxml.jackson.databind.annotation.JsonNaming;
+import java.util.List;
+
+@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy.class)
+public class IamClientRequest {
+  private List<String> redirectUris;
+  private String clientName;
+  private List<String> contacts;
+  private String tokenEndpointAuthMethod;
+  private String scope;
+  private List<String> grantTypes;
+  private List<String> responseTypes;
+
+  /**
+   * Constructor of IAMClientRequest, used to send a request to IAM to create a client.
+   */
+  public IamClientRequest(List<String> redirectUris, String clientName, List<String> contacts,
+      String tokenEndpointAuthMethod, String scope, List<String> grantTypes,
+      List<String> responseTypes) {
+    this.redirectUris = redirectUris;
+    this.clientName = clientName;
+    this.contacts = contacts;
+    this.tokenEndpointAuthMethod = tokenEndpointAuthMethod;
+    this.scope = scope;
+    this.grantTypes = grantTypes;
+    this.responseTypes = responseTypes;
+  }
+
+  // Getter and setter for redirectUris
+
+  public List<String> getRedirectUris() {
+    return redirectUris;
+  }
+
+  public void setRedirectUris(List<String> redirectUris) {
+    this.redirectUris = redirectUris;
+  }
+
+  // Getter and setter for clientName
+
+  public String getClientName() {
+    return clientName;
+  }
+
+  public void setClientName(String clientName) {
+    this.clientName = clientName;
+  }
+
+  // Getter and setter for contacts
+
+  public List<String> getContacts() {
+    return contacts;
+  }
+
+  public void setContacts(List<String> contacts) {
+    this.contacts = contacts;
+  }
+
+  // Getter and setter for tokenEndpointAuthMethod
+
+  public String getTokenEndpointAuthMethod() {
+    return tokenEndpointAuthMethod;
+  }
+
+  public void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod) {
+    this.tokenEndpointAuthMethod = tokenEndpointAuthMethod;
+  }
+
+  // Getter and setter for scope
+
+  public String getScope() {
+    return scope;
+  }
+
+  public void setScope(String scope) {
+    this.scope = scope;
+  }
+
+  // Getter and setter for grantTypes
+
+  public List<String> getGrantTypes() {
+    return grantTypes;
+  }
+
+  public void setGrantTypes(List<String> grantTypes) {
+    this.grantTypes = grantTypes;
+  }
+
+  // Getter and setter for responseTypes
+
+  public List<String> getResponseTypes() {
+    return responseTypes;
+  }
+
+  public void setResponseTypes(List<String> responseTypes) {
+    this.responseTypes = responseTypes;
+  }
+}

src/main/java/it/reply/orchestrator/dto/iam/WellKnownResponse.java

@@ -0,0 +1,59 @@
+/*
+ * Copyright © 2015-2021 I.N.F.N.
+ * Copyright © 2015-2020 Santer Reply S.p.A.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package it.reply.orchestrator.dto.iam;
+
+import com.fasterxml.jackson.databind.PropertyNamingStrategies;
+import com.fasterxml.jackson.databind.annotation.JsonNaming;
+import java.util.List;
+
+@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy.class)
+public class WellKnownResponse {
+
+  private List<String> scopesSupported;
+  private String registrationEndpoint;
+  private String tokenEndpoint;
+
+  public WellKnownResponse() {
+    // Use the setter functions to set the attributes of the class
+  }
+
+  public List<String> getScopesSupported() {
+    return scopesSupported;
+  }
+
+  public void setScopesSupported(List<String> scopesSupported) {
+    this.scopesSupported = scopesSupported;
+  }
+
+  public String getRegistrationEndpoint() {
+    return registrationEndpoint;
+  }
+
+  public void setRegistrationEndpoint(String registrationEndpoint) {
+    this.registrationEndpoint = registrationEndpoint;
+  }
+
+  public String getTokenEndpoint() {
+    return tokenEndpoint;
+  }
+
+  public void setTokenEndpoint(String tokenEndpoint) {
+    this.tokenEndpoint = tokenEndpoint;
+  }
+
+}

src/main/java/it/reply/orchestrator/service/IamService.java

@@ -0,0 +1,133 @@
+/*
+ * Copyright © 2015-2021 I.N.F.N.
+ * Copyright © 2015-2020 Santer Reply S.p.A.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package it.reply.orchestrator.service;
+
+import it.reply.orchestrator.dal.entity.Resource;
+import it.reply.orchestrator.dto.iam.WellKnownResponse;
+import java.util.Map;
+import java.util.Set;
+import org.springframework.web.client.RestTemplate;
+
+public interface IamService {
+
+  public String getOrchestratorScopes();
+
+  /**
+   * Create a WellKnownResponse object for an IAM idp containing registration_endpoint,
+   * token_endpoint, and scopes_supported.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param issuer the identity provider
+   * @return the WellKnownResponse object
+   */
+  public WellKnownResponse getWellKnown(RestTemplate restTemplate, String issuer);
+
+  /**
+   * Get a token with client credentials as grant type.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param iamClientId client_id
+   * @param iamClientSecret client_secret
+   * @param iamClientScopes scopes to ask in the request
+   * @param iamTokenEndpoint IAM token endpoint
+   * @return the token with client credentials as grant type
+   */
+  public String getTokenClientCredentials(RestTemplate restTemplate, String iamClientId,
+      String iamClientSecret, String iamClientScopes, String iamTokenEndpoint);
+
+  /**
+   * Create an IAM client setting the minimal information, in addition to the mail field.
+   * As output it gives the client_id and registration_access_token of the created client.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param iamRegistration registration endpoint used to create a client
+   * @param uuid uuid of the deployment, used to set the client name
+   * @param userEmail user email, used to set the contacts field of the client
+   * @param scopes scopes to set for the new client
+   * @return a map of client_id:registration_access_token
+   */
+  public Map<String, String> createClient(RestTemplate restTemplate, String iamRegistration,
+      String uuid, String userEmail, String scopes);
+
+  /**
+   * Delete a client.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param clientId client_id
+   * @param iamUrl IAM endpoint to contact for the client deletion
+   * @param token the registration_access_token used for the deletion
+   * @return true if the deletion has been successful
+   */
+  public boolean deleteClient(RestTemplate restTemplate, String clientId, String iamUrl,
+      String token);
+
+  /**
+   * Delete all the clients stored in resources.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param resources resources linked to a given deployment
+   */
+  public void deleteAllClients(RestTemplate restTemplate, Map<Boolean, Set<Resource>> resources);
+
+  /**
+   * Assign the ownership of a client.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param clientId client_id
+   * @param iamUrl IAM Url
+   * @param accountId the id of the owner to be assigned to the client
+   * @param token the token with client credentials as grant type using the orchestrator client
+   */
+  public void assignOwnership(RestTemplate restTemplate, String clientId, String iamUrl,
+      String accountId, String token);
+
+  /**
+   * Check if a given idp ia an IAM.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param idpUrl Url to be checked if it is an IAM or not
+   * @return true if the idpurl is an IAM, otherwise false
+   */
+  public boolean checkIam(RestTemplate restTemplate, String idpUrl);
+
+  /**
+   * Get information about a client.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param clientId client_id
+   * @param iamUrl IAM Url
+   * @param token the token to use
+   * @return the json obtained as output from the HTPP request
+   */
+  public String getInfoIamClient(RestTemplate restTemplate, String clientId, String iamUrl,
+      String token);
+
+  /**
+   * Update information about a client.
+   *
+   * @param restTemplate object used to make HTTP requests
+   * @param clientId client_id
+   * @param iamUrl IAM Url
+   * @param token the token to use
+   * @param jsonUpdated the updated json obtained as output
+   * @return the json with the updated info about the client
+   */
+  public String updateClient(RestTemplate restTemplate, String clientId, String iamUrl,
+      String token, String jsonUpdated);
+
+}

src/main/java/it/reply/orchestrator/service/IamServiceException.java

@@ -0,0 +1,29 @@
+/*
+ * Copyright © 2015-2021 I.N.F.N.
+ * Copyright © 2015-2020 Santer Reply S.p.A.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package it.reply.orchestrator.service;
+
+public class IamServiceException extends RuntimeException {
+
+  public IamServiceException(String message) {
+    super(message);
+  }
+
+  public IamServiceException(String message, Throwable e) {
+    super(message, e);
+  }
+}