aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/src/main/java/org/onap/portal/bff/config/IdTokenExchangeFilterFunction.java70
-rw-r--r--lib/src/main/java/org/onap/portal/bff/config/clients/KeycloakConfig.java4
-rw-r--r--lib/src/main/java/org/onap/portal/bff/services/KeycloakService.java46
3 files changed, 61 insertions, 59 deletions
diff --git a/lib/src/main/java/org/onap/portal/bff/config/IdTokenExchangeFilterFunction.java b/lib/src/main/java/org/onap/portal/bff/config/IdTokenExchangeFilterFunction.java
index be3493d..9cd8ac0 100644
--- a/lib/src/main/java/org/onap/portal/bff/config/IdTokenExchangeFilterFunction.java
+++ b/lib/src/main/java/org/onap/portal/bff/config/IdTokenExchangeFilterFunction.java
@@ -22,9 +22,10 @@
package org.onap.portal.bff.config;
import com.nimbusds.jwt.JWTParser;
-import io.vavr.control.Option;
-import io.vavr.control.Try;
+import java.text.ParseException;
+import java.util.Collections;
import java.util.List;
+import java.util.Optional;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.reactive.function.client.ClientRequest;
import org.springframework.web.reactive.function.client.ClientResponse;
@@ -33,6 +34,7 @@ import org.springframework.web.reactive.function.client.ExchangeFunction;
import org.springframework.web.server.ServerWebExchange;
import org.zalando.problem.Problem;
import org.zalando.problem.Status;
+import reactor.core.Exceptions;
import reactor.core.publisher.Mono;
public class IdTokenExchangeFilterFunction implements ExchangeFilterFunction {
@@ -61,13 +63,8 @@ public class IdTokenExchangeFilterFunction implements ExchangeFilterFunction {
}
return extractServerWebExchange(request)
.flatMap(IdTokenExchangeFilterFunction::extractIdentityHeader)
- .flatMap(
- idToken -> {
- final ClientRequest requestWithIdToken =
- ClientRequest.from(request).header(X_AUTH_IDENTITY_HEADER, idToken).build();
-
- return next.exchange(requestWithIdToken);
- })
+ .map(idToken -> ClientRequest.from(request).header(X_AUTH_IDENTITY_HEADER, idToken).build())
+ .flatMap(requestWithIdToken -> next.exchange(requestWithIdToken))
.switchIfEmpty(Mono.defer(() -> next.exchange(request)));
}
@@ -78,11 +75,9 @@ public class IdTokenExchangeFilterFunction implements ExchangeFilterFunction {
}
private static Mono<String> extractIdentityHeader(ServerWebExchange exchange) {
- return io.vavr.collection.List.ofAll(
- exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER))
- .headOption()
- .map(Mono::just)
- .getOrElse(Mono.error(Problem.valueOf(Status.FORBIDDEN, "ID token is missing")));
+ return Mono.just(exchange)
+ .map(exch -> exch.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER).get(0))
+ .onErrorResume(ex -> Mono.error(Problem.valueOf(Status.FORBIDDEN, "ID token is missing")));
}
private static Mono<String> extractIdToken(ServerWebExchange exchange) {
@@ -96,30 +91,35 @@ public class IdTokenExchangeFilterFunction implements ExchangeFilterFunction {
return extractRoles(exchange)
.map(roles -> roles.stream().anyMatch(rolesListForMethod::contains))
.flatMap(
- match -> {
- if (Boolean.TRUE.equals(match)) {
- return Mono.empty();
- } else {
- return Mono.error(Problem.valueOf(Status.FORBIDDEN));
- }
- });
+ match ->
+ Boolean.TRUE.equals(match)
+ ? Mono.empty()
+ : Mono.error(Problem.valueOf(Status.FORBIDDEN)));
}
private static Mono<List<String>> extractRoles(ServerWebExchange exchange) {
return extractIdToken(exchange)
- .flatMap(
- token ->
- Try.of(() -> JWTParser.parse(token))
- .mapTry(jwt -> Option.of(jwt.getJWTClaimsSet()))
- .map(
- optionJwtClaimSet ->
- optionJwtClaimSet
- .flatMap(
- jwtClaimSet ->
- Option.of(jwtClaimSet.getClaim(CLAIM_NAME_ROLES)))
- .map(obj -> (List<String>) obj))
- .map(Mono::just)
- .getOrElseGet(Mono::error))
- .map(optionRoles -> optionRoles.getOrElse(List.of()));
+ .map(
+ token -> {
+ try {
+ return JWTParser.parse(token);
+ } catch (ParseException e) {
+ throw Exceptions.propagate(e);
+ }
+ })
+ .map(
+ jwt -> {
+ try {
+ return Optional.of(jwt.getJWTClaimsSet());
+ } catch (ParseException e) {
+ throw Exceptions.propagate(e);
+ }
+ })
+ .map(
+ optionalClaimsSet ->
+ optionalClaimsSet
+ .map(claimsSet -> claimsSet.getClaim(CLAIM_NAME_ROLES))
+ .map(obj -> (List<String>) obj))
+ .map(roles -> roles.orElse(Collections.emptyList()));
}
}
diff --git a/lib/src/main/java/org/onap/portal/bff/config/clients/KeycloakConfig.java b/lib/src/main/java/org/onap/portal/bff/config/clients/KeycloakConfig.java
index 0935a00..168c350 100644
--- a/lib/src/main/java/org/onap/portal/bff/config/clients/KeycloakConfig.java
+++ b/lib/src/main/java/org/onap/portal/bff/config/clients/KeycloakConfig.java
@@ -24,7 +24,6 @@ package org.onap.portal.bff.config.clients;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.List;
import java.util.function.Function;
-import lombok.extern.slf4j.Slf4j;
import org.onap.portal.bff.config.BeansConfig;
import org.onap.portal.bff.config.PortalBffConfig;
import org.onap.portal.bff.exceptions.DownstreamApiProblemException;
@@ -32,7 +31,6 @@ import org.onap.portal.bff.openapi.client_portal_keycloak.ApiClient;
import org.onap.portal.bff.openapi.client_portal_keycloak.api.KeycloakApi;
import org.onap.portal.bff.openapi.client_portal_keycloak.model.ErrorResponseKeycloakDto;
import org.onap.portal.bff.openapi.server.model.ProblemApiDto;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -41,14 +39,12 @@ import org.springframework.http.client.reactive.ClientHttpConnector;
import org.springframework.web.reactive.function.client.ExchangeFilterFunction;
import org.springframework.web.reactive.function.client.WebClient;
-@Slf4j
@Configuration
public class KeycloakConfig extends AbstractClientConfig<ErrorResponseKeycloakDto> {
private final ObjectMapper objectMapper;
private final PortalBffConfig bffConfig;
private final ExchangeFilterFunction oauth2ExchangeFilterFunction;
- @Autowired
public KeycloakConfig(
@Qualifier(BeansConfig.OAUTH2_EXCHANGE_FILTER_FUNCTION)
ExchangeFilterFunction oauth2ExchangeFilterFunction,
diff --git a/lib/src/main/java/org/onap/portal/bff/services/KeycloakService.java b/lib/src/main/java/org/onap/portal/bff/services/KeycloakService.java
index 88c25c2..765efa7 100644
--- a/lib/src/main/java/org/onap/portal/bff/services/KeycloakService.java
+++ b/lib/src/main/java/org/onap/portal/bff/services/KeycloakService.java
@@ -21,12 +21,11 @@
package org.onap.portal.bff.services;
-import io.vavr.API;
-import io.vavr.Tuple;
-import io.vavr.Tuple2;
import java.net.URI;
import java.util.Collections;
import java.util.List;
+import java.util.Map;
+import java.util.Optional;
import java.util.stream.Collectors;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
@@ -44,6 +43,7 @@ import org.springframework.stereotype.Service;
import org.zalando.problem.Status;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
+import reactor.util.function.Tuples;
@Slf4j
@RequiredArgsConstructor
@@ -141,6 +141,21 @@ public class KeycloakService {
log.debug("Get users from keycloak. page=`{}`, pageSize=`{}`", page, pageSize);
final int first = (page - 1) * pageSize;
+ var userIdRoleMap =
+ listRoles(xRequestId)
+ .flatMap(
+ role ->
+ listUsersByRole(role.getName(), xRequestId)
+ .map(userResponse -> Tuples.of(role.getName(), userResponse)))
+ .collectList()
+ .map(
+ tupleList ->
+ tupleList.stream()
+ .collect(
+ Collectors.groupingBy(
+ tuple -> tuple.getT2().getId(),
+ Collectors.mapping(tuple -> tuple.getT1(), Collectors.toList()))));
+
return Mono.zip(
keycloakApi.getUsersCount(null, null, null, null, null, null, null),
keycloakApi
@@ -148,31 +163,22 @@ public class KeycloakService {
null, null, null, null, null, null, null, null, first, pageSize, null, null,
null, null)
.collectList(),
- listRoles(xRequestId)
- .flatMap(
- role ->
- listUsersByRole(role.getName(), xRequestId)
- .map(user -> Tuple.of(user.getId(), role.getName())))
- .collectList()
- .map(io.vavr.collection.List::ofAll)
- .map(list -> list.groupBy(t -> t._1).map((k, v) -> Tuple.of(k, v.map(Tuple2::_2)))))
+ userIdRoleMap)
.map(
tuple -> {
final UserListResponseApiDto result = new UserListResponseApiDto();
+ Map<String, List<String>> userRoleMap = tuple.getT3();
result.setTotalCount(tuple.getT1());
- result.setItems(
- io.vavr.collection.List.ofAll(tuple.getT2())
+ var roleList =
+ tuple.getT2().stream()
.map(
user ->
usersMapper.convert(
user,
- tuple.getT3().getOrElse(user.getId(), API.List()).toJavaList()))
- .toJavaList());
- // result.setItems(
- // tuple.getT2().stream()
- // .map(user -> usersMapper.convert(user,tuple.getT3()))
- // .toList());
-
+ Optional.ofNullable(userRoleMap.get(user.getId()))
+ .orElse(Collections.emptyList())))
+ .toList();
+ result.setItems(roleList);
return result;
})
.onErrorResume(