diff options
Diffstat (limited to 'sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data')
15 files changed, 1530 insertions, 0 deletions
diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/Config.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/Config.java new file mode 100644 index 000000000..6798026f3 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/Config.java @@ -0,0 +1,347 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.fasterxml.jackson.annotation.JsonGetter; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonSetter; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.nio.file.Files; +import java.security.SecureRandom; +import java.util.Arrays; +import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class Config { + + private static final Logger LOG = LoggerFactory.getLogger(Config.class); + private static final String DEFAULT_CONFIGFILENAME = "etc/oauth-provider.config.json"; + private static final String ENVVARIABLE = "${"; + private static final String REGEXENVVARIABLE = "(\\$\\{[A-Z0-9_-]+\\})"; + private static final Pattern pattern = Pattern.compile(REGEXENVVARIABLE); + private static final String DEFAULT_TOKENISSUER = "Opendaylight"; + private static final String DEFAULT_TOKENSECRET = generateSecret(); + private static final String DEFAULT_REDIRECTURI = "/odlux/index.html#/oauth?token="; + private static final String DEFAULT_SUPPORTODLUSERS = "true"; + public static final String TOKENALG_HS256 = "HS256"; + public static final String TOKENALG_RS256 = "RS256"; + public static final String TOKENALG_RS512 = "RS512"; + private static final String CLIENTALG_PRE = "Client"; + public static final String TOKENALG_CLIENT_RS256 = CLIENTALG_PRE + TOKENALG_RS256; + public static final String TOKENALG_CLIENT_RS512 = CLIENTALG_PRE + TOKENALG_RS512; + private static final String DEFAULT_TOKEN_ALGORITHM = TOKENALG_HS256; + + private static final long DEFAULT_TOKEN_LIFETIME = 30 * 60; + private static final List<String> VALID_ALGORITHMS = + Arrays.asList(TOKENALG_HS256, TOKENALG_RS256, TOKENALG_RS512, TOKENALG_CLIENT_RS256, TOKENALG_CLIENT_RS512); + private static final List<String> VALID_ALGORITHMS_FOR_INTERNAL_LOGIN = + Arrays.asList(TOKENALG_HS256, TOKENALG_RS256, TOKENALG_RS512); + private static SecureRandom random; + private static Config _instance; + + private List<OAuthProviderConfig> providers; + private String redirectUri; + private String supportOdlUsers; + private String tokenSecret; + private String tokenPubKey; + private String algorithm; + private String tokenIssuer; + private String publicUrl; + private long tokenLifetime; + + @Override + public String toString() { + return "Config [providers=" + providers + ", redirectUri=" + redirectUri + ", supportOdlUsers=" + + supportOdlUsers + ", tokenSecret=***, tokenPubKey=" + tokenPubKey + ", algorithm=" + algorithm + + ", tokenIssuer=" + tokenIssuer + ", publicUrl=" + publicUrl + ", tokenLifetime=" + tokenLifetime + + "]"; + } + + public List<OAuthProviderConfig> getProviders() { + return providers; + } + + public void setProviders(List<OAuthProviderConfig> providers) { + this.providers = providers; + } + + public String getRedirectUri() { + return redirectUri; + } + + public void setRedirectUri(String redirectUri) { + this.redirectUri = redirectUri; + } + + public String getSupportOdlUsers() { + return supportOdlUsers; + } + + public void setSupportOdlUsers(String supportOdlUsers) { + this.supportOdlUsers = supportOdlUsers; + } + + public String getTokenSecret() { + return tokenSecret; + } + + public void setTokenSecret(String tokenSecret) { + this.tokenSecret = tokenSecret; + } + + public String getAlgorithm() { + return this.algorithm; + } + + public void setAlgorithm(String alg) { + this.algorithm = alg; + } + + @JsonGetter("tokenPubKey") + public String getPublicKey() { + return this.tokenPubKey; + } + + @JsonSetter("tokenPubKey") + public void setPublicKey(String pubKey) { + this.tokenPubKey = pubKey; + } + + public String getTokenIssuer() { + return tokenIssuer; + } + + public void setTokenIssuer(String tokenIssuer) { + this.tokenIssuer = tokenIssuer; + } + + public String getPublicUrl() { + return publicUrl; + } + + public void setPublicUrl(String publicUrl) { + this.publicUrl = publicUrl; + } + + public long getTokenLifetime() { + return this.tokenLifetime; + } + + public void setTokenLifetime(long lifetime) { + this.tokenLifetime = lifetime; + } + + @JsonIgnore + private void handleEnvironmentVars() { + if (isEnvExpression(this.tokenIssuer)) { + this.tokenIssuer = getProperty(this.tokenIssuer, null); + } + if (isEnvExpression(this.tokenSecret)) { + this.tokenSecret = getProperty(this.tokenSecret, null); + } + if (isEnvExpression(this.tokenPubKey)) { + this.tokenPubKey = getProperty(this.tokenPubKey, null); + } + if (isEnvExpression(this.algorithm)) { + this.algorithm = getProperty(this.algorithm, null); + } + if (isEnvExpression(this.publicUrl)) { + this.publicUrl = getProperty(this.publicUrl, null); + } + if (isEnvExpression(this.redirectUri)) { + this.redirectUri = getProperty(this.redirectUri, null); + } + if (isEnvExpression(this.supportOdlUsers)) { + this.supportOdlUsers = getProperty(this.supportOdlUsers, null); + } + if (this.providers != null && !this.providers.isEmpty()) { + for (OAuthProviderConfig cfg : this.providers) { + cfg.handleEnvironmentVars(); + } + } + } + + @JsonIgnore + private void handleDefaultValues() { + if (this.tokenIssuer == null || this.tokenIssuer.isEmpty()) { + this.tokenIssuer = DEFAULT_TOKENISSUER; + } + if (this.algorithm == null || this.algorithm.isEmpty()) { + this.algorithm = DEFAULT_TOKEN_ALGORITHM; + } + if (TOKENALG_HS256.equals(this.algorithm) && (this.tokenSecret == null || this.tokenSecret.isEmpty())) { + this.tokenSecret = DEFAULT_TOKENSECRET; + } + if (this.redirectUri == null || this.redirectUri.isEmpty() || "null".equals(this.redirectUri)) { + this.redirectUri = DEFAULT_REDIRECTURI; + } + if (this.publicUrl != null && (this.publicUrl.isEmpty() || "null".equals(this.publicUrl))) { + this.publicUrl = null; + } + if (this.supportOdlUsers == null || this.supportOdlUsers.isEmpty()) { + this.supportOdlUsers = DEFAULT_SUPPORTODLUSERS; + } + if (this.tokenLifetime <= 0) { + this.tokenLifetime = DEFAULT_TOKEN_LIFETIME; + } + } + + static boolean isEnvExpression(String key) { + return key != null && key.contains(ENVVARIABLE); + } + + public static String generateSecret() { + return generateSecret(30); + } + + public static String generateSecret(int targetStringLength) { + int leftLimit = 48; // numeral '0' + int rightLimit = 122; // letter 'z' + if (random == null) { + random = new SecureRandom(); + } + String generatedString = random.ints(leftLimit, rightLimit + 1) + .filter(i -> (i <= 57 || i >= 65) && (i <= 90 || i >= 97)).limit(targetStringLength) + .collect(StringBuilder::new, StringBuilder::appendCodePoint, StringBuilder::append).toString(); + return generatedString; + } + + /** + * + * @param key environment var + * @param defValue default value if no env var found + * @return + */ + public static String getProperty(final String key, final String defValue) { + String value = defValue; + //try to read env var + boolean found = false; + if (isEnvExpression(key)) { + + LOG.info("try to find env var(s) for {}", key); + final Matcher matcher = pattern.matcher(key); + String tmp = new String(key); + while (matcher.find() && matcher.groupCount() > 0) { + final String mkey = matcher.group(1); + if (mkey != null) { + try { + LOG.info("match found for v={} and env key={}", key, mkey); + String envvar = mkey.substring(2, mkey.length() - 1); + String env = System.getenv(envvar); + tmp = tmp.replace(mkey, env == null ? "" : env); + if (env != null && !env.isEmpty()) { + found = true; + } + } catch (SecurityException e) { + LOG.warn("unable to read env {}: {}", key, e); + } + } + } + if (found) { + value = tmp; + } + } + return value; + } + + public static boolean getPropertyBoolean(String key, boolean defaultValue) { + final String value = getProperty(key, String.valueOf(defaultValue)); + return value.equals("true"); + } + + public static Config load(String filename) throws IOException, InvalidConfigurationException { + CustomObjectMapper mapper = new CustomObjectMapper(); + File file = new File(filename); + if (!file.exists()) { + throw new FileNotFoundException(); + } + String content = String.join("", Files.readAllLines(file.toPath())); + Config cfg = mapper.readValue(content, Config.class); + cfg.handleEnvironmentVars(); + cfg.handleDefaultValues(); + cfg.validate(); + return cfg; + } + + + @JsonIgnore + private void validate() throws InvalidConfigurationException { + //verify that algorithm is supported + if (!VALID_ALGORITHMS.contains(this.algorithm)) { + throw new InvalidConfigurationException(String.format("Algorithm '%s' is not supported ", this.algorithm)); + } + //verify that set values are matching the algorithm + //if hs256 check if secret is set + if (this.algorithm.startsWith("HS")) { + if (this.tokenSecret == null || this.tokenSecret.isBlank()) { + throw new InvalidConfigurationException( + String.format("There is no secret set for algorithm '%s'", this.algorithm)); + } + } + //if rs256 or rs512 check if secret(private key) and pubkey are set + if (this.algorithm.startsWith("RS")) { + if (this.tokenSecret == null || this.tokenSecret.isBlank()) { + throw new InvalidConfigurationException( + String.format("There is no secret set for algorithm '%s'", this.algorithm)); + } + if (this.tokenPubKey == null || this.tokenPubKey.isBlank()) { + throw new InvalidConfigurationException( + String.format("There is no public key for algorithm '%s'", this.algorithm)); + } + } + //if client rs256 or client rs512 check if pubkey are set + if (this.algorithm.startsWith("Client")) { + if (this.tokenPubKey == null || this.tokenPubKey.isBlank()) { + throw new InvalidConfigurationException( + String.format("There is no public key for algorithm '%s'", this.algorithm)); + } + } + } + + @JsonIgnore + public boolean doSupportOdlUsers() { + return "true".equals(this.supportOdlUsers); + } + + + public static Config getInstance() throws IOException, InvalidConfigurationException { + return getInstance(DEFAULT_CONFIGFILENAME); + } + + public static Config getInstance(String filename) throws IOException, InvalidConfigurationException { + if (_instance == null) { + _instance = load(filename); + } + return _instance; + } + + public boolean loginActive() { + return VALID_ALGORITHMS_FOR_INTERNAL_LOGIN.contains(this.algorithm); + } + + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/CustomObjectMapper.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/CustomObjectMapper.java new file mode 100644 index 000000000..aa23d4dc1 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/CustomObjectMapper.java @@ -0,0 +1,39 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.fasterxml.jackson.annotation.JsonInclude.Include; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.MapperFeature; +import com.fasterxml.jackson.databind.ObjectMapper; + +public class CustomObjectMapper extends ObjectMapper{ + + private static final long serialVersionUID = 1L; + + + public CustomObjectMapper() { + this.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + this.setSerializationInclusion(Include.NON_NULL); + this.enable(MapperFeature.USE_GETTERS_AS_SETTERS); + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/InvalidConfigurationException.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/InvalidConfigurationException.java new file mode 100644 index 000000000..a0e97de74 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/InvalidConfigurationException.java @@ -0,0 +1,32 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class InvalidConfigurationException extends Exception { + + public InvalidConfigurationException(String str) { + super(str); + } + + private static final long serialVersionUID = 1L; + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakRole.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakRole.java new file mode 100644 index 000000000..67186baa7 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakRole.java @@ -0,0 +1,80 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class KeycloakRole { + private String id; + private String name; + private String description; + private boolean composite; + private boolean clientRole; + private String containerId; // realmname + + public String getName() { + return name; + } + + public boolean isClientRole() { + return clientRole; + } + + public void setClientRole(boolean clientRole) { + this.clientRole = clientRole; + } + + public String getContainerId() { + return containerId; + } + + public void setContainerId(String containerId) { + this.containerId = containerId; + } + + public boolean isComposite() { + return composite; + } + + public void setComposite(boolean composite) { + this.composite = composite; + } + + public String getId() { + return id; + } + + public void setId(String id) { + this.id = id; + } + + public String getDescription() { + return description; + } + + public void setDescription(String description) { + this.description = description; + } + + public void setName(String name) { + this.name = name; + } + +}
\ No newline at end of file diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakUserTokenPayload.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakUserTokenPayload.java new file mode 100644 index 000000000..c99ec0d71 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/KeycloakUserTokenPayload.java @@ -0,0 +1,231 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.fasterxml.jackson.annotation.JsonProperty; +import java.util.List; + +/** + * { + "exp": 1610362593, + "iat": 1610361393, + "jti": "09bd6f2c-5dba-44a0-bd76-cd0d440137d0", + "iss": "http://10.20.11.160:8080/auth/realms/onap", + "aud": "account", + "sub": "446a24bc-d8a0-43dd-afa5-e56eed75deb8", + "typ": "Bearer", + "azp": "admin-cli", + "session_state": "db2c96f4-cc9b-47e8-a83f-a01c50d656f2", + "acr": "1", + "realm_access": { + "roles": [ + "provision", + "offline_access", + "uma_authorization" + ] + }, + "resource_access": { + "account": { + "roles": [ + "manage-account", + "manage-account-links", + "view-profile" + ] + } + }, + "scope": "profile email", + "email_verified": false, + "name": "Luke Skywalker", + "preferred_username": "luke.skywalker", + "given_name": "Luke", + "family_name": "Skywalker", + "email": "luke.skywalker@sdnr.onap.org" +} + * @author jack + * + */ +public class KeycloakUserTokenPayload { + + private long exp; + private long iat; + private String jti; + private String iss; + private String aud; + private String sub; + private String typ; + private String azp; + @JsonProperty("session_state") + private String sessionState; + private String acr; + @JsonProperty("realm_access") + private RealmAccessData realmAccess; + @JsonProperty("resource_access") + private ResourceAccessData resourceAccess; + private String scope; + @JsonProperty("email_verified") + private String emailVerified; + private String name; + @JsonProperty("preferred_username") + private String preferredUsername; + @JsonProperty("given_name") + private String givenName; + @JsonProperty("family_name") + private String familyName; + private String email; + + public long getExp() { + return exp; + } + public void setExp(long exp) { + this.exp = exp; + } + public long getIat() { + return iat; + } + public void setIat(long iat) { + this.iat = iat; + } + public String getJti() { + return jti; + } + public void setJti(String jti) { + this.jti = jti; + } + public String getIss() { + return iss; + } + public void setIss(String iss) { + this.iss = iss; + } + public String getAud() { + return aud; + } + public void setAud(String aud) { + this.aud = aud; + } + public String getSub() { + return sub; + } + public void setSub(String sub) { + this.sub = sub; + } + public String getTyp() { + return typ; + } + public void setTyp(String typ) { + this.typ = typ; + } + public String getAzp() { + return azp; + } + public void setAzp(String azp) { + this.azp = azp; + } + public String getSessionState() { + return sessionState; + } + public void setSessionState(String sessionState) { + this.sessionState = sessionState; + } + public String getAcr() { + return acr; + } + public void setAcr(String acr) { + this.acr = acr; + } + public RealmAccessData getRealmAccess() { + return realmAccess; + } + public void setRealmAccess(RealmAccessData realmAccess) { + this.realmAccess = realmAccess; + } + public ResourceAccessData getResourceAccess() { + return resourceAccess; + } + public void setResourceAccess(ResourceAccessData resourceAccess) { + this.resourceAccess = resourceAccess; + } + public String getScope() { + return scope; + } + public void setScope(String scope) { + this.scope = scope; + } + public String getEmailVerified() { + return emailVerified; + } + public void setEmailVerified(String emailVerified) { + this.emailVerified = emailVerified; + } + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + public String getPreferredUsername() { + return preferredUsername; + } + public void setPreferredUsername(String preferredUsername) { + this.preferredUsername = preferredUsername; + } + public String getGivenName() { + return givenName; + } + public void setGivenName(String givenName) { + this.givenName = givenName; + } + public String getFamilyName() { + return familyName; + } + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + public String getEmail() { + return email; + } + public void setEmail(String email) { + this.email = email; + } + + + public static class RealmAccessData { + private List<String> roles; + + public List<String> getRoles(){ + return this.roles; + } + public void setRoles(List<String> roles) { + this.roles = roles; + } + } + public static class ResourceAccessData { + private RealmAccessData account; + + public RealmAccessData getAccount() { + return this.account; + } + public void setAccount(RealmAccessData account) { + this.account = account; + } + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/NoDefinitionFoundException.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/NoDefinitionFoundException.java new file mode 100644 index 000000000..d13be9602 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/NoDefinitionFoundException.java @@ -0,0 +1,33 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2021 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class NoDefinitionFoundException extends Exception { + + private static final long serialVersionUID = 1L; + + public NoDefinitionFoundException(String message) { + super(message); + } + + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthProviderConfig.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthProviderConfig.java new file mode 100644 index 000000000..4fb0d0069 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthProviderConfig.java @@ -0,0 +1,202 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2021 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import java.util.HashMap; +import java.util.Map; +import org.onap.ccsdk.features.sdnr.wt.oauthprovider.providers.OAuthProviderFactory.OAuthProvider; + +public class OAuthProviderConfig { + + private String url; + private String internalUrl; + private String clientId; + private String secret; + private String id; + private String title; + private String scope; + private String realmName; + private String openIdConfigUrl; + + private boolean trustAll; + private OAuthProvider type; + private Map<String, String> roleMapping; + + public OAuthProvider getType() { + return type; + } + + public OAuthProviderConfig(String id, String url, String internalUrl, String clientId, String secret, String scope, + String title, String realmName, String openIdConfigUrl, boolean trustAll) { + this.id = id; + this.url = url; + this.internalUrl = internalUrl; + this.clientId = clientId; + this.secret = secret; + this.scope = scope; + this.title = title; + this.realmName = realmName; + this.trustAll = trustAll; + this.openIdConfigUrl = openIdConfigUrl; + this.roleMapping = new HashMap<>(); + } + + @Override + public String toString() { + return "OAuthProviderConfig [url=" + url + ", clientId=" + clientId + ", secret=" + secret + ", id=" + id + + ", title=" + title + ", scope=" + scope + ", realmName=" + realmName + ", trustAll=" + trustAll + + ", type=" + type + ", roleMapping=" + roleMapping + "]"; + } + + public void setType(OAuthProvider type) { + this.type = type; + } + + public OAuthProviderConfig() { + this(null, null, null, null, null, null, null, null, null, false); + } + + public void setUrl(String url) { + this.url = url; + } + + public void setClientId(String clientId) { + this.clientId = clientId; + } + + public void setSecret(String secret) { + this.secret = secret; + } + + public void setId(String id) { + this.id = id; + } + + public void setTitle(String title) { + this.title = title; + } + + public void setScope(String scope) { + this.scope = scope; + } + + public String getId() { + return this.id; + } + + public String getUrl() { + return this.url; + } + + public String getClientId() { + return this.clientId; + } + + public String getSecret() { + return this.secret; + } + + public String getTitle() { + return this.title; + } + + public String getScope() { + return this.scope; + } + + public String getRealmName() { + return realmName; + } + + public void setRealmName(String realmName) { + this.realmName = realmName; + } + + public boolean trustAll() { + return trustAll; + } + + public void setTrustAll(boolean trustAll) { + this.trustAll = trustAll; + } + + public Map<String, String> getRoleMapping() { + return roleMapping; + } + + public void setRoleMapping(Map<String, String> roleMapping) { + this.roleMapping = roleMapping; + } + + public String getInternalUrl() { + return internalUrl; + } + + public void setInternalUrl(String internalUrl) { + this.internalUrl = internalUrl; + } + + public void setOpenIdConfigUrl(String openIdConfigUrl){ this.openIdConfigUrl = openIdConfigUrl;} + + public String getOpenIdConfigUrl() { return this.openIdConfigUrl;} + @JsonIgnore + public void handleEnvironmentVars() { + if (Config.isEnvExpression(this.id)) { + this.id = Config.getProperty(this.id, null); + } + if (Config.isEnvExpression(this.url)) { + this.url = Config.getProperty(this.url, null); + } + if (Config.isEnvExpression(this.internalUrl)) { + this.internalUrl = Config.getProperty(this.internalUrl, null); + } + if (Config.isEnvExpression(this.clientId)) { + this.clientId = Config.getProperty(this.clientId, null); + } + if (Config.isEnvExpression(this.secret)) { + this.secret = Config.getProperty(this.secret, null); + } + if (Config.isEnvExpression(this.scope)) { + this.scope = Config.getProperty(this.scope, null); + } + if (Config.isEnvExpression(this.title)) { + this.title = Config.getProperty(this.title, null); + } + if (Config.isEnvExpression(this.realmName)) { + this.realmName = Config.getProperty(this.realmName, null); + } + if (Config.isEnvExpression(this.openIdConfigUrl)) { + this.openIdConfigUrl = Config.getProperty(this.openIdConfigUrl, null); + } + } + + @JsonIgnore + public String getUrlOrInternal() { + return this.internalUrl != null && this.internalUrl.length() > 0 ? this.internalUrl : this.url; + } + + @JsonIgnore + public boolean hasToBeConfigured(){ + return this.openIdConfigUrl!=null && this.openIdConfigUrl.length()>0; + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthResponseData.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthResponseData.java new file mode 100644 index 000000000..0e25b5b0f --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthResponseData.java @@ -0,0 +1,88 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class OAuthResponseData { + + private String access_token; + private double expires_in; + private double refresh_expires_in; + private String refresh_token; + private String token_type; + private String id_token; + + public OAuthResponseData() { + } + + public OAuthResponseData(String token) { + this.access_token = token; + } + + public String getAccess_token() { + return access_token; + } + + public String getToken_type() { + return token_type; + } + + public void setToken_type(String token_type) { + this.token_type = token_type; + } + + public String getRefresh_token() { + return refresh_token; + } + + public void setRefresh_token(String refresh_token) { + this.refresh_token = refresh_token; + } + + public double getRefresh_expires_in() { + return refresh_expires_in; + } + + public void setRefresh_expires_in(double refresh_expires_in) { + this.refresh_expires_in = refresh_expires_in; + } + + public double getExpires_in() { + return expires_in; + } + + public void setExpires_in(double expires_in) { + this.expires_in = expires_in; + } + + public void setAccess_token(String access_token) { + this.access_token = access_token; + } + + public void setId_token(String id_token){ this.id_token = id_token;} + public String getId_token(){ return this.id_token;} + @Override + public String toString() { + return "OAuthResponseData [access_token=" + access_token + ", expires_in=" + expires_in + + ", refresh_expires_in=" + refresh_expires_in + ", refresh_token=" + refresh_token + ", token_type=" + + token_type + "]"; + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthToken.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthToken.java new file mode 100644 index 000000000..0371f377d --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OAuthToken.java @@ -0,0 +1,57 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.interfaces.DecodedJWT; +import org.apache.shiro.authc.BearerToken; + +public class OAuthToken { + private final String access_token; + private final String token_type; + private final long expires_at; + private final long issued_at; + + public OAuthToken(BearerToken btoken) { + this.access_token = btoken.getToken(); + this.token_type = "Bearer"; + DecodedJWT token = JWT.decode(this.access_token); + this.expires_at = token.getExpiresAt().getTime() / 1000L; + this.issued_at = token.getIssuedAt().getTime() / 1000L; + } + + public String getAccess_token() { + return access_token; + } + + public String getToken_type() { + return token_type; + } + + public long getExpires_at() { + return expires_at; + } + public long getIssued_at() { + return issued_at; + } + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlPolicy.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlPolicy.java new file mode 100644 index 000000000..19eb4b68e --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlPolicy.java @@ -0,0 +1,130 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2021 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class OdlPolicy { + + private String path; + private PolicyMethods methods; + + + public OdlPolicy() { + + } + + public OdlPolicy(String path, PolicyMethods methods) { + this.path = path; + this.methods = methods; + } + + public PolicyMethods getMethods() { + return methods; + } + + public void setMethods(PolicyMethods methods) { + this.methods = methods; + } + + public String getPath() { + return path; + } + + public void setPath(String path) { + this.path = path; + } + + public static OdlPolicy allowAll(String path) { + return new OdlPolicy(path, PolicyMethods.allowAll()); + } + + public static OdlPolicy denyAll(String path) { + return new OdlPolicy(path, PolicyMethods.denyAll()); + } + + public static class PolicyMethods { + private boolean get; + private boolean post; + private boolean put; + private boolean delete; + private boolean patch; + + public PolicyMethods() { + this(false, false, false, false, false); + } + + public PolicyMethods(boolean get, boolean post, boolean put, boolean del, boolean patch) { + this.get = get; + this.post = post; + this.put = put; + this.delete = del; + this.patch = patch; + } + + public boolean isGet() { + return get; + } + + public void setGet(boolean get) { + this.get = get; + } + + public boolean isPost() { + return post; + } + + public void setPost(boolean post) { + this.post = post; + } + + public boolean isPut() { + return put; + } + + public void setPut(boolean put) { + this.put = put; + } + + public boolean isDelete() { + return delete; + } + + public void setDelete(boolean delete) { + this.delete = delete; + } + + public boolean isPatch() { + return patch; + } + + public void setPatch(boolean patch) { + this.patch = patch; + } + + public static PolicyMethods allowAll() { + return new PolicyMethods(true, true, true, true, true); + } + + public static PolicyMethods denyAll() { + return new PolicyMethods(false, false, false, false, false); + } + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlShiroConfiguration.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlShiroConfiguration.java new file mode 100644 index 000000000..f5e067450 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlShiroConfiguration.java @@ -0,0 +1,67 @@ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import java.util.List; + +public class OdlShiroConfiguration { + + private List<MainItem> main; + private List<UrlItem> urls; + + + + public List<MainItem> getMain() { + return main; + } + + public void setMain(List<MainItem> main) { + this.main = main; + } + public List<UrlItem> getUrls() { + return urls; + } + public void setUrls(List<UrlItem> urls) { + this.urls = urls; + } + public OdlShiroConfiguration(){ + + } + + public static class BaseItem{ + private String pairKey; + private String pairValue; + + public String getPairKey() { + return pairKey; + } + + public void setPairKey(String pairKey) { + this.pairKey = pairKey; + } + + public String getPairValue() { + return pairValue; + } + + public void setPairValue(String pairValue) { + this.pairValue = pairValue; + } + + public BaseItem(){ + + } + + } + + public static class MainItem extends BaseItem{ + public MainItem(){ + super(); + } + + } + public static class UrlItem extends BaseItem{ + public UrlItem(){ + super(); + } + } + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlXmlMapper.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlXmlMapper.java new file mode 100644 index 000000000..cbdc1d0d9 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OdlXmlMapper.java @@ -0,0 +1,44 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2021 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import com.fasterxml.jackson.annotation.JsonInclude.Include; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.MapperFeature; +import com.fasterxml.jackson.databind.PropertyNamingStrategy; +import com.fasterxml.jackson.dataformat.xml.XmlMapper; +import org.onap.ccsdk.features.sdnr.wt.yang.mapper.mapperextensions.YangToolsBuilderAnnotationIntrospector; + +public class OdlXmlMapper extends XmlMapper { + + private static final long serialVersionUID = 1L; + + + public OdlXmlMapper() { + this.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + this.setSerializationInclusion(Include.NON_NULL); + this.setPropertyNamingStrategy(PropertyNamingStrategy.KEBAB_CASE); + this.enable(MapperFeature.USE_GETTERS_AS_SETTERS); + YangToolsBuilderAnnotationIntrospector introspector = new YangToolsBuilderAnnotationIntrospector(); + this.setAnnotationIntrospector(introspector); + } +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OpenIdConfigResponseData.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OpenIdConfigResponseData.java new file mode 100644 index 000000000..d94631fe3 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/OpenIdConfigResponseData.java @@ -0,0 +1,65 @@ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class OpenIdConfigResponseData { + + private String issuer; + private String authorization_endpoint; + private String token_endpoint; + private String userinfo_endpoint; + + private String end_session_endpoint; + private String jwks_uri; + + public OpenIdConfigResponseData(){ + + } + + public String getIssuer() { + return issuer; + } + + public void setIssuer(String issuer) { + this.issuer = issuer; + } + + public String getAuthorization_endpoint() { + return authorization_endpoint; + } + + public void setAuthorization_endpoint(String authorization_endpoint) { + this.authorization_endpoint = authorization_endpoint; + } + + public String getToken_endpoint() { + return token_endpoint; + } + + public void setToken_endpoint(String token_endpoint) { + this.token_endpoint = token_endpoint; + } + + public String getUserinfo_endpoint() { + return userinfo_endpoint; + } + + public void setUserinfo_endpoint(String userinfo_endpoint) { + this.userinfo_endpoint = userinfo_endpoint; + } + + public String getJwks_uri() { + return jwks_uri; + } + + public void setJwks_uri(String jwks_uri) { + this.jwks_uri = jwks_uri; + } + + public String getEnd_session_endpoint() { + return end_session_endpoint; + } + + public void setEnd_session_endpoint(String end_session_endpoint) { + this.end_session_endpoint = end_session_endpoint; + } + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UnableToConfigureOAuthService.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UnableToConfigureOAuthService.java new file mode 100644 index 000000000..b791a4040 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UnableToConfigureOAuthService.java @@ -0,0 +1,12 @@ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +public class UnableToConfigureOAuthService extends Exception { + + public UnableToConfigureOAuthService(String configUrl){ + super(String.format("Unable to configure OAuth service from url %s", configUrl)); + } + public UnableToConfigureOAuthService(String configUrl, int responseCode){ + super(String.format("Unable to configure OAuth service from url %s. bad response with code %d", configUrl, responseCode)); + } + +} diff --git a/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UserTokenPayload.java b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UserTokenPayload.java new file mode 100644 index 000000000..f7731f0b8 --- /dev/null +++ b/sdnr/wt/oauth-provider/oauth-core/src/main/java/org/onap/ccsdk/features/sdnr/wt/oauthprovider/data/UserTokenPayload.java @@ -0,0 +1,103 @@ +/* + * ============LICENSE_START======================================================= + * ONAP : ccsdk features + * ================================================================================ + * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property. + * All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + * + */ +package org.onap.ccsdk.features.sdnr.wt.oauthprovider.data; + +import java.util.List; + +public class UserTokenPayload { + + public static final String PROVIDERID_INTERNAL="Internal"; + + private List<String> roles; + private String preferredUsername; + private String givenName; + private String familyName; + private long exp; + private long iat; + + private String providerId; + + public long getExp() { + return exp; + } + + public long getIat() { + return this.iat; + } + + public void setPreferredUsername(String preferredUsername) { + this.preferredUsername = preferredUsername; + } + + public void setGivenName(String givenName) { + this.givenName = givenName; + } + + public void setFamilyName(String familyName) { + this.familyName = familyName; + } + + public void setExp(long exp) { + this.exp = exp; + } + + public void setIat(long iat) { + this.iat = iat; + } + + public String getPreferredUsername() { + return preferredUsername; + } + + public String getGivenName() { + return givenName; + } + + public String getFamilyName() { + return familyName; + } + + public List<String> getRoles() { + return this.roles; + } + + public void setRoles(List<String> roles) { + this.roles = roles; + } + + public void setProviderId(String providerId){ this.providerId = providerId;} + + public String getProviderId(){ return this.providerId;} + + public static UserTokenPayload createInternal(String username, List<String> roles) { + UserTokenPayload data = new UserTokenPayload(); + data.setPreferredUsername(username); + data.setRoles(roles); + data.setProviderId(PROVIDERID_INTERNAL); + return data; + } + + + public boolean isInternal() { + return PROVIDERID_INTERNAL.equals(this.providerId); + } +} |