diff --git a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
index a3b2a8f4c3c586824ecaad0ed62fb075ac3a8532..f3f4a5bcab393988d1e053c5e80897e8a73632be 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
@@ -1,7 +1,10 @@
package it.inaf.ia2.gms;
+import it.inaf.ia2.aa.ServiceLocator;
+import it.inaf.ia2.rap.client.RapClient;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -13,4 +16,9 @@ public class GmsApplication {
public static void main(String[] args) {
SpringApplication.run(GmsApplication.class, args);
}
+
+ @Bean
+ public RapClient rapClient() {
+ return ServiceLocator.getInstance().getRapClient();
+ }
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
index 9013c25432423528b134c3b96fc986b0910b8de3..6273aed731e85b1c44a8ed7cc4e9deb0c0fb4cb0 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
@@ -1,10 +1,7 @@
package it.inaf.ia2.gms.authn;
-import io.jsonwebtoken.Jwt;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SigningKeyResolver;
-import it.inaf.ia2.aa.ServiceLocator;
import it.inaf.ia2.gms.persistence.LoggingDAO;
+import it.inaf.ia2.rap.client.RapClient;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
@@ -20,11 +17,11 @@ import javax.servlet.http.HttpServletResponse;
public class JWTFilter implements Filter {
private final LoggingDAO loggingDAO;
- private final SigningKeyResolver signingKeyResolver;
+ private final RapClient rapClient;
- public JWTFilter(LoggingDAO loggingDAO) {
+ public JWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
this.loggingDAO = loggingDAO;
- this.signingKeyResolver = ServiceLocator.getInstance().getTokenManager().getSigningKeyResolver();
+ this.rapClient = rapClient;
}
@Override
@@ -40,13 +37,10 @@ public class JWTFilter implements Filter {
return;
}
- authHeader = authHeader.replace("Bearer", "").trim();
+ String token = authHeader.replace("Bearer", "").trim();
- Jwt jwt = Jwts.parser()
- .setSigningKeyResolver(signingKeyResolver)
- .parse(authHeader);
-
- Map<String, Object> claims = (Map<String, Object>) jwt.getBody();
+ rapClient.setAccessToken(token);
+ Map<String, Object> claims = rapClient.parseIdTokenClaims(token);
if (claims.get("sub") == null) {
loggingDAO.logAction("Attempt to access WS with invalid token", request);
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
index 9613dd410496fc6630c4b927135453c9b5a16ffc..57df36edd76cbcaf38fb4711bf4cc4b3f2f08c33 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
@@ -1,6 +1,7 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.gms.persistence.LoggingDAO;
+import it.inaf.ia2.rap.client.RapClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
@@ -47,9 +48,9 @@ public class SecurityConfig {
* Checks JWT for web services.
*/
@Bean
- public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO) {
+ public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
FilterRegistrationBean bean = new FilterRegistrationBean();
- bean.setFilter(new JWTFilter(loggingDAO));
+ bean.setFilter(new JWTFilter(loggingDAO, rapClient));
bean.addUrlPatterns("/ws/jwt/*");
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
index 0de00ba5ab5505fbcaba89a9b6d9bc206d1f9b1f..6d4194efdf445900f8dc366b037bd07fc80213fd 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
@@ -1,6 +1,7 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.aa.data.User;
+import it.inaf.ia2.rap.client.RapClient;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
@@ -14,58 +15,44 @@ public class SessionData {
private static final String USER_DATA = "user_data";
+ private User user;
+
@Autowired
private HttpServletRequest request;
- private String userId;
- private String userName;
- private String accessToken;
- private String refreshToken;
- private long expiration;
+ @Autowired
+ private RapClient rapClient;
@PostConstruct
public void init() {
-
HttpSession session = request.getSession(false);
if (session != null && session.getAttribute(USER_DATA) != null) {
- User user = (User) session.getAttribute(USER_DATA);
- userId = user.getName();
- userName = user.getUserLabel();
- accessToken = user.getAccessToken();
- refreshToken = user.getRefreshToken();
- setExpiresIn(user.getExpiresIn());
+ setUser((User) session.getAttribute(USER_DATA));
}
}
- public String getUserId() {
- return userId;
- }
-
- public String getAccessToken() {
- return accessToken;
+ public void setUser(User user) {
+ this.user = user;
+ rapClient.setAccessToken(user.getAccessToken());
}
- public void setAccessToken(String accessToken) {
- this.accessToken = accessToken;
- }
-
- public String getRefreshToken() {
- return refreshToken;
+ public String getUserId() {
+ return user.getName();
}
- public void setRefreshToken(String refreshToken) {
- this.refreshToken = refreshToken;
+ public String getUserName() {
+ return user.getUserLabel();
}
- public String getUserName() {
- return userName;
+ public String getAccessToken() {
+ return user.getAccessToken();
}
- public void setExpiresIn(long expiresIn) {
- this.expiration = System.currentTimeMillis() + expiresIn * 1000;
+ public String getRefreshToken() {
+ return user.getRefreshToken();
}
public long getExpiresIn() {
- return (expiration - System.currentTimeMillis()) / 1000;
+ return user.getExpiresIn();
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
index 8607c4b2e1ca838e1dc166e2fb634b8d80135e2b..930c8edea1a1de0e901c03c4e49d3bf67c730f3b 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
@@ -7,7 +7,6 @@ import it.inaf.ia2.gms.manager.InvitedRegistrationManager;
import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
@@ -19,6 +18,7 @@ import it.inaf.ia2.gms.service.GroupsService;
import it.inaf.ia2.gms.service.JoinService;
import it.inaf.ia2.gms.service.PermissionUtils;
import it.inaf.ia2.gms.service.SearchService;
+import it.inaf.ia2.rap.data.RapUser;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.Principal;
@@ -340,7 +340,7 @@ public class JWTWebServiceController {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (RapUser member : membershipManager.getMembers(groupEntity)) {
if (selectedUserIds == null || selectedUserIds.contains(member.getId())) {
- pw.println(member.getPrimaryEmail());
+ pw.println(member.getPrimaryEmailAddress());
}
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
index c41f012597cd6a7c5e59ce6d23db9c57049ab8b4..5e4b15fde34b823c852ad66b1523fe4d1873fda4 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
@@ -1,8 +1,10 @@
package it.inaf.ia2.gms.controller;
+import it.inaf.ia2.aa.ServiceLocator;
+import it.inaf.ia2.aa.UserManager;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.rap.RapClient;
import java.util.HashMap;
+import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -19,14 +21,17 @@ public class KeepAliveController {
@Autowired
private SessionData sessionData;
- @Autowired
- private RapClient rapClient;
+ private final UserManager userManager;
+
+ public KeepAliveController() {
+ userManager = ServiceLocator.getInstance().getUserManager();
+ }
@GetMapping(value = "/keepAlive", produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity<?> keepAlive() {
+ public ResponseEntity<?> keepAlive(HttpServletRequest request) {
LOG.trace("Keepalive called");
if (sessionData.getExpiresIn() < 60) {
- rapClient.refreshToken();
+ sessionData.setUser(userManager.refreshToken(request));
LOG.trace("RAP token refreshed");
}
// empty JSON object response
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
index f31966fc7c63369f672c1a745c4c310c9eae9691..3db24db6b7298493fc9b9c4ada31e10b6316d1cb 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
@@ -4,12 +4,12 @@ import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.request.AddMemberRequest;
import it.inaf.ia2.gms.model.response.PaginatedData;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.request.PaginatedModelRequest;
import it.inaf.ia2.gms.model.request.RemoveMemberRequest;
import it.inaf.ia2.gms.model.request.TabRequest;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.service.GroupsService;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.Collections;
import java.util.List;
import javax.validation.Valid;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
index c612e9c4baba290bcdcd75c8641cc88da7c38b30..46ec4842a75fd7d3035016dfe9ba3cfd22b57096 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
@@ -1,7 +1,6 @@
package it.inaf.ia2.gms.controller;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.PaginatedData;
import it.inaf.ia2.gms.model.response.SearchResponseItem;
import it.inaf.ia2.gms.model.response.UserSearchResponse;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
index e5d908c265228008b552db7aa3efa6cfd0ee826e..5d96ed400e5379c49c8b7b45e8422c6c44fce729 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
@@ -1,7 +1,7 @@
package it.inaf.ia2.gms.controller;
-import it.inaf.ia2.gms.model.RapUser;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
@@ -18,6 +18,6 @@ public class UsersController {
@GetMapping(value = "users", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<List<RapUser>> searchUsers(@RequestParam("search") String searchText) {
- return ResponseEntity.ok(rapClient.searchUsers(searchText));
+ return ResponseEntity.ok(rapClient.getUsers(searchText));
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
index 7e756500e4488c73773af36f1f2b75875738eb12..98cbccdb1acfeb858bf7e2bedd85e5d8510133be 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
@@ -2,14 +2,14 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.GroupNameService;
import it.inaf.ia2.gms.service.GroupsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -77,7 +77,7 @@ public class GroupStatusManager extends UserAwareComponent {
Map<String, String> usersMap = new HashMap<>();
for (RapUser user : rapClient.getUsers(memberships.stream()
.map(u -> u.getUserId()).collect(Collectors.toSet()))) {
- usersMap.put(user.getId(), user.getPrimaryEmail());
+ usersMap.put(user.getId(), user.getPrimaryEmailAddress());
}
List<String[]> rows = new ArrayList<>();
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
index dec9449f56626d78f3fdfd68f8a074f4d17a5192..82dace994e99bd7ca7a5a0bf76e717ff7575a00d 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
@@ -13,8 +13,8 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
index 022e54205e9074e28e7782e39d800024bc57add7..83340a52446292d8dabfb169438254ade5a0cc47 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
@@ -2,15 +2,15 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionUtils;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
index e6a655190684bb06718650b3ddce5c4ca99ef693..4fd1bdfef3ba6afafcbc3a97b69dd7ba4db18154 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
@@ -2,14 +2,14 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionUtils;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java b/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
index 66ab93a33f3bf02c4337ccd7b033c9ee91e94fdb..43a9e0abe60bf617736b904a8337b4c9b07f0f68 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
@@ -1,5 +1,7 @@
package it.inaf.ia2.gms.model;
+import it.inaf.ia2.rap.data.RapUser;
+
public class UserPermission {
private RapUser user;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java b/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
index 4d00c2489b6ff8f8c25f1aaf328e2b0aff2145b9..c3faa44f07338c9eddef86028af734a051dc1206 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
@@ -1,6 +1,6 @@
package it.inaf.ia2.gms.model.response;
-import it.inaf.ia2.gms.model.RapUser;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.List;
public class UserSearchResponse {
diff --git a/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java b/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
index a2e1948fa3f620416baf5bdad053d29661fcefd5..189472a49d8ea269b640e20894f3f7850d199f2e 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
@@ -3,7 +3,6 @@ package it.inaf.ia2.gms.rap;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -51,124 +50,124 @@ public class RapClient {
@Autowired(required = false)
private SessionData sessionData;
- private final RestTemplate rapRestTemplate;
-
- private final RestTemplate refreshTokenRestTemplate;
+// private final RestTemplate rapRestTemplate;
+//
+// private final RestTemplate refreshTokenRestTemplate;
private final ObjectMapper objectMapper = new ObjectMapper();
-
- @Autowired
- public RapClient(RestTemplate rapRestTemplate) {
- this.rapRestTemplate = rapRestTemplate;
- this.refreshTokenRestTemplate = new RestTemplate();
- }
-
- public RapUser getUser(String userId) {
-
- String url = rapBaseUrl + "/user/" + userId;
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<RapUser>() {
- }).getBody();
- });
- }
-
- public List<RapUser> getUsers(Set<String> identifiers) {
-
- if (identifiers.isEmpty()) {
- return new ArrayList<>();
- }
-
- String url = rapBaseUrl + "/user?identifiers=" + String.join(",", identifiers);
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
- }).getBody();
- });
- }
-
- public List<RapUser> searchUsers(String searchText) {
-
- if (searchText == null || searchText.trim().isEmpty()) {
- return new ArrayList<>();
- }
-
- String url = rapBaseUrl + "/user?search=" + searchText;
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
- }).getBody();
- });
- }
-
- private <R> R httpCall(Function<HttpEntity<?>, R> function) {
- return httpCall(function, null);
- }
-
- private <R, T> R httpCall(Function<HttpEntity<?>, R> function, T body) {
- try {
- try {
- return function.apply(getEntity(body));
- } catch (HttpClientErrorException.Unauthorized ex) {
- if (request.getSession(false) == null || sessionData.getExpiresIn() > 0) {
- // we can't refresh the token without a session
- throw ex;
- }
- refreshToken();
- return function.apply(getEntity(body));
- }
- } catch (HttpStatusCodeException ex) {
- try {
- Map<String, String> map = objectMapper.readValue(ex.getResponseBodyAsString(), Map.class);
- if (map.containsKey("error")) {
- String error = map.get("error");
- if (ex instanceof HttpClientErrorException) {
- throw new HttpClientErrorException(ex.getStatusCode(), error);
- } else if (ex instanceof HttpServerErrorException) {
- throw new HttpServerErrorException(ex.getStatusCode(), error);
- }
- }
- } catch (JsonProcessingException ignore) {
- }
- throw ex;
- }
- }
-
- private <T> HttpEntity<T> getEntity(T body) {
-
- HttpHeaders headers = new HttpHeaders();
- headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
- if (request.getSession(false) != null) {
- headers.add("Authorization", "Bearer " + sessionData.getAccessToken());
- } else {
- // from JWT web service
- headers.add("Authorization", request.getHeader("Authorization"));
- }
-
- return new HttpEntity<>(body, headers);
- }
-
- public void refreshToken() {
-
- HttpHeaders headers = new HttpHeaders();
- headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
- headers.setBasicAuth(clientId, clientSecret);
-
- headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
-
- MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
- map.add("grant_type", "refresh_token");
- map.add("refresh_token", sessionData.getRefreshToken());
- map.add("scope", scope.replace(",", " "));
-
- HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
-
- ResponseEntity<Map> response = refreshTokenRestTemplate.postForEntity(accessTokenUri, request, Map.class);
-
- Map<String, Object> values = response.getBody();
-
- sessionData.setAccessToken((String) values.get("access_token"));
- sessionData.setRefreshToken((String) values.get("refresh_token"));
- sessionData.setExpiresIn((int) values.get("expires_in"));
- }
+//
+// @Autowired
+// public RapClient(RestTemplate rapRestTemplate) {
+// this.rapRestTemplate = rapRestTemplate;
+// this.refreshTokenRestTemplate = new RestTemplate();
+// }
+//
+// public RapUser getUser(String userId) {
+//
+// String url = rapBaseUrl + "/user/" + userId;
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<RapUser>() {
+// }).getBody();
+// });
+// }
+//
+// public List<RapUser> getUsers(Set<String> identifiers) {
+//
+// if (identifiers.isEmpty()) {
+// return new ArrayList<>();
+// }
+//
+// String url = rapBaseUrl + "/user?identifiers=" + String.join(",", identifiers);
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
+// }).getBody();
+// });
+// }
+//
+// public List<RapUser> searchUsers(String searchText) {
+//
+// if (searchText == null || searchText.trim().isEmpty()) {
+// return new ArrayList<>();
+// }
+//
+// String url = rapBaseUrl + "/user?search=" + searchText;
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
+// }).getBody();
+// });
+// }
+//
+// private <R> R httpCall(Function<HttpEntity<?>, R> function) {
+// return httpCall(function, null);
+// }
+//
+// private <R, T> R httpCall(Function<HttpEntity<?>, R> function, T body) {
+// try {
+// try {
+// return function.apply(getEntity(body));
+// } catch (HttpClientErrorException.Unauthorized ex) {
+// if (request.getSession(false) == null || sessionData.getExpiresIn() > 0) {
+// // we can't refresh the token without a session
+// throw ex;
+// }
+// refreshToken();
+// return function.apply(getEntity(body));
+// }
+// } catch (HttpStatusCodeException ex) {
+// try {
+// Map<String, String> map = objectMapper.readValue(ex.getResponseBodyAsString(), Map.class);
+// if (map.containsKey("error")) {
+// String error = map.get("error");
+// if (ex instanceof HttpClientErrorException) {
+// throw new HttpClientErrorException(ex.getStatusCode(), error);
+// } else if (ex instanceof HttpServerErrorException) {
+// throw new HttpServerErrorException(ex.getStatusCode(), error);
+// }
+// }
+// } catch (JsonProcessingException ignore) {
+// }
+// throw ex;
+// }
+// }
+//
+// private <T> HttpEntity<T> getEntity(T body) {
+//
+// HttpHeaders headers = new HttpHeaders();
+// headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
+// if (request.getSession(false) != null) {
+// headers.add("Authorization", "Bearer " + sessionData.getAccessToken());
+// } else {
+// // from JWT web service
+// headers.add("Authorization", request.getHeader("Authorization"));
+// }
+//
+// return new HttpEntity<>(body, headers);
+// }
+//
+// public void refreshToken() {
+//
+// HttpHeaders headers = new HttpHeaders();
+// headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
+// headers.setBasicAuth(clientId, clientSecret);
+//
+// headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+//
+// MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
+// map.add("grant_type", "refresh_token");
+// map.add("refresh_token", sessionData.getRefreshToken());
+// map.add("scope", scope.replace(",", " "));
+//
+// HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
+//
+// ResponseEntity<Map> response = refreshTokenRestTemplate.postForEntity(accessTokenUri, request, Map.class);
+//
+// Map<String, Object> values = response.getBody();
+//
+// sessionData.setAccessToken((String) values.get("access_token"));
+// sessionData.setRefreshToken((String) values.get("refresh_token"));
+// sessionData.setExpiresIn((int) values.get("expires_in"));
+// }
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
index 9f59907cc51db024182baba78611e6c58b902135..89cd7c5fd6df52dc8a0bbdad142ed0ecd77b0fee 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
@@ -13,7 +13,7 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
import java.util.AbstractMap.SimpleEntry;
import java.util.ArrayList;
import java.util.List;
@@ -58,7 +58,7 @@ public class SearchService {
}
private List<SearchResponseItem> searchUsers(String query) {
- return rapClient.searchUsers(query).stream()
+ return rapClient.getUsers(query).stream()
.map(u -> {
SearchResponseItem item = new SearchResponseItem();
item.setType(SearchResponseType.USER);
diff --git a/gms/src/main/resources/application.properties b/gms/src/main/resources/application.properties
index 1091bbab7df23d083b6836d52dbc42db209311f1..3428af258478003b6ab781cd554b23699634b93b 100644
--- a/gms/src/main/resources/application.properties
+++ b/gms/src/main/resources/application.properties
@@ -4,14 +4,6 @@ server.servlet.context-path=/gms
spring.main.allow-bean-definition-overriding=true
server.error.whitelabel.enabled=false
-security.oauth2.client.client-id=gms
-security.oauth2.client.client-secret=gms-secret
-security.oauth2.client.access-token-uri=http://localhost/rap-ia2/auth/oauth2/token
-security.oauth2.client.user-authorization-uri=http://localhost/rap-ia2/auth/oauth2/authorize
-security.oauth2.resource.token-info-uri=http://localhost/rap-ia2/auth/oauth2/check_token
-security.oauth2.client.scope=openid,email,profile,read:rap
-security.oauth2.resource.jwk.key-set-uri=http://localhost/rap-ia2/auth/oidc/jwks
-
logging.level.it.inaf=TRACE
logging.level.org.springframework.security=DEBUG
logging.level.org.springframework.jdbc=TRACE
diff --git a/gms/src/main/resources/auth.properties b/gms/src/main/resources/auth.properties
index 7bd1b03a1fa98b51489556599bb2898e8ebf3297..19880c5b62856cb9a79ab8f73ff23cb447aa7135 100644
--- a/gms/src/main/resources/auth.properties
+++ b/gms/src/main/resources/auth.properties
@@ -1,10 +1,5 @@
client_id=gms
client_secret=gms-secret
-access_token_uri=http://localhost/rap-ia2/auth/oauth2/token
-user_authorization_uri=http://localhost/rap-ia2/auth/oauth2/authorize
-check_token_uri=http://localhost/rap-ia2/auth/oauth2/token
-jwks_uri=http://localhost/rap-ia2/auth/oidc/jwks
-gms_uri=http://localhost:8082/gms/ws/jwt
-groups_autoload=false
+rap_uri=http://localhost/rap-ia2
store_state_on_login_endpoint=true
scope=openid email profile read:rap
diff --git a/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java b/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
index 625e72c14dc3f3feb6113d24a72e2a309fe791c4..89453288494407d08101c36f322287d73aae4017 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
@@ -4,7 +4,6 @@ import it.inaf.ia2.gms.manager.GroupsManager;
import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
@@ -13,6 +12,7 @@ import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.GroupsService;
import it.inaf.ia2.gms.service.JoinService;
+import it.inaf.ia2.rap.data.RapUser;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
index 13cf87d37e771480d2d06898e3cbcf7e356f08fa..192c62e1a42b1750b4849c44660cc7d5e238745c 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
@@ -1,18 +1,18 @@
package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.Identity;
-import it.inaf.ia2.gms.model.IdentityType;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.InvitedRegistrationDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.Identity;
+import it.inaf.ia2.rap.data.IdentityType;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -102,7 +102,7 @@ public class InvitedRegistrationManagerTest {
Identity identity = new Identity();
identity.setType(IdentityType.EDU_GAIN);
identity.setEmail(EMAIL);
- user.setIdentities(Collections.singletonList(identity));
+ user.getIdentities().addAll(Collections.singletonList(identity));
when(rapClient.getUser(eq(USER_ID))).thenReturn(user);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
index 9a25bc6eaf540ce6f9465fdfe44374f014eb56cd..5eec6c7d48b9dcb3ee02e115f3e7c9ba873fb002 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
@@ -2,17 +2,18 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.DataSourceConfig;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.Collections;
import java.util.List;
+import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.sql.DataSource;
import static org.junit.Assert.assertEquals;
@@ -52,7 +53,7 @@ public class PermissionsManagerIntegrationTest {
// Mock RAP client
RapUser rapUser = new RapUser();
rapUser.setId(USER_ID);
- when(rapClient.getUsers(any())).thenReturn(Collections.singletonList(rapUser));
+ when(rapClient.getUsers(any(Set.class))).thenReturn(Collections.singletonList(rapUser));
PermissionsService permissionsService = new PermissionsService(permissionsDAO, loggingDAO);
PermissionsManager permissionsManager = new PermissionsManager(permissionsService, rapClient, loggingDAO);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
index baa08c183dd0e426f696857d3d8320d28c79a5fe..73d7d9985bb3dc0541b0c7aecc51d4e96c13b304 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
@@ -10,9 +10,9 @@ import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.model.request.GroupsRequest;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.GroupsTreeBuilder;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
import java.util.List;
import javax.sql.DataSource;
import static org.junit.Assert.assertEquals;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java b/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
index bd317c09d73c7def90f287ede0cf2c05ab08c584..09becbfc53457dea0335e75665a11b0003ac6cb0 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
@@ -1,7 +1,6 @@
package it.inaf.ia2.gms.rap;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
@@ -34,120 +33,120 @@ import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.HttpServerErrorException.InternalServerError;
import org.springframework.web.client.RestTemplate;
-@RunWith(MockitoJUnitRunner.class)
+//@RunWith(MockitoJUnitRunner.class)
public class RapClientTest {
- @Mock
- private HttpServletRequest request;
-
- @Mock
- private SessionData sessionData;
-
- @Mock
- private RestTemplate restTemplate;
-
- @Mock
- private RestTemplate refreshTokenRestTemplate;
-
- private RapClient rapClient;
-
- @Before
- public void init() {
- rapClient = new RapClient(restTemplate);
- ReflectionTestUtils.setField(rapClient, "request", request);
- ReflectionTestUtils.setField(rapClient, "refreshTokenRestTemplate", refreshTokenRestTemplate);
- ReflectionTestUtils.setField(rapClient, "scope", "openid");
- }
-
- @Test
- public void testUnauthorizedNoRefreshJsonMsg() {
-
- String jsonError = "{\"error\":\"Unauthorized: foo\"}";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpClientErrorException ex) {
- assertEquals("401 Unauthorized: foo", ex.getMessage());
- }
- }
-
- @Test
- public void testUnauthorizedNoRefreshNotJsonMsg() {
-
- String errorMessage = "THIS IS NOT A JSON";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, errorMessage.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpClientErrorException ex) {
- assertNotNull(ex.getMessage());
- }
- }
-
- @Test
- public void testServerErrorJsonMsg() {
-
- String jsonError = "{\"error\":\"Fatal error\"}";
-
- HttpServerErrorException exception = InternalServerError
- .create(HttpStatus.INTERNAL_SERVER_ERROR, "500", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpServerErrorException ex) {
- assertEquals("500 Fatal error", ex.getMessage());
- }
- }
-
- @Test
- public void testRefreshToken() {
-
- when(request.getSession(eq(false))).thenReturn(mock(HttpSession.class));
- when(sessionData.getExpiresIn()).thenReturn(-100l);
-
- ReflectionTestUtils.setField(rapClient, "sessionData", sessionData);
- ReflectionTestUtils.setField(rapClient, "clientId", "clientId");
- ReflectionTestUtils.setField(rapClient, "clientSecret", "clientSecret");
- ReflectionTestUtils.setField(rapClient, "accessTokenUri", "https://sso.ia2.inaf.it");
-
- String jsonError = "{\"error\":\"Unauthorized: token expired\"}";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception)
- .thenReturn(ResponseEntity.ok(new RapUser()));
-
- ResponseEntity refreshTokenResponse = mock(ResponseEntity.class);
- Map<String, Object> mockedBody = new HashMap<>();
- mockedBody.put("access_token", "<access_token>");
- mockedBody.put("refresh_token", "<refresh_token>");
- mockedBody.put("expires_in", 3600);
- when(refreshTokenResponse.getBody()).thenReturn(mockedBody);
-
- when(refreshTokenRestTemplate.postForEntity(anyString(), any(HttpEntity.class), any()))
- .thenReturn(refreshTokenResponse);
-
- RapUser user = rapClient.getUser("123");
- assertNotNull(user);
-
- // verifies that token is refreshed
- verify(sessionData, times(1)).setAccessToken(eq("<access_token>"));
- verify(sessionData, times(1)).setExpiresIn(eq(3600l));
- }
+// @Mock
+// private HttpServletRequest request;
+//
+// @Mock
+// private SessionData sessionData;
+//
+// @Mock
+// private RestTemplate restTemplate;
+//
+// @Mock
+// private RestTemplate refreshTokenRestTemplate;
+//
+// private RapClient rapClient;
+//
+// @Before
+// public void init() {
+// rapClient = new RapClient(restTemplate);
+// ReflectionTestUtils.setField(rapClient, "request", request);
+// ReflectionTestUtils.setField(rapClient, "refreshTokenRestTemplate", refreshTokenRestTemplate);
+// ReflectionTestUtils.setField(rapClient, "scope", "openid");
+// }
+//
+// @Test
+// public void testUnauthorizedNoRefreshJsonMsg() {
+//
+// String jsonError = "{\"error\":\"Unauthorized: foo\"}";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpClientErrorException ex) {
+// assertEquals("401 Unauthorized: foo", ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testUnauthorizedNoRefreshNotJsonMsg() {
+//
+// String errorMessage = "THIS IS NOT A JSON";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, errorMessage.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpClientErrorException ex) {
+// assertNotNull(ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testServerErrorJsonMsg() {
+//
+// String jsonError = "{\"error\":\"Fatal error\"}";
+//
+// HttpServerErrorException exception = InternalServerError
+// .create(HttpStatus.INTERNAL_SERVER_ERROR, "500", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpServerErrorException ex) {
+// assertEquals("500 Fatal error", ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testRefreshToken() {
+//
+// when(request.getSession(eq(false))).thenReturn(mock(HttpSession.class));
+// when(sessionData.getExpiresIn()).thenReturn(-100l);
+//
+// ReflectionTestUtils.setField(rapClient, "sessionData", sessionData);
+// ReflectionTestUtils.setField(rapClient, "clientId", "clientId");
+// ReflectionTestUtils.setField(rapClient, "clientSecret", "clientSecret");
+// ReflectionTestUtils.setField(rapClient, "accessTokenUri", "https://sso.ia2.inaf.it");
+//
+// String jsonError = "{\"error\":\"Unauthorized: token expired\"}";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception)
+// .thenReturn(ResponseEntity.ok(new RapUser()));
+//
+// ResponseEntity refreshTokenResponse = mock(ResponseEntity.class);
+// Map<String, Object> mockedBody = new HashMap<>();
+// mockedBody.put("access_token", "<access_token>");
+// mockedBody.put("refresh_token", "<refresh_token>");
+// mockedBody.put("expires_in", 3600);
+// when(refreshTokenResponse.getBody()).thenReturn(mockedBody);
+//
+// when(refreshTokenRestTemplate.postForEntity(anyString(), any(HttpEntity.class), any()))
+// .thenReturn(refreshTokenResponse);
+//
+// RapUser user = rapClient.getUser("123");
+// assertNotNull(user);
+//
+// // verifies that token is refreshed
+// verify(sessionData, times(1)).setAccessToken(eq("<access_token>"));
+// verify(sessionData, times(1)).setExpiresIn(eq(3600l));
+// }
}
diff --git a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
index 098d24c62d959296f238b88c12626b38b5c93930..bb44208ef9f8a15c0a99a6e231e869a1f442831d 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
@@ -1,10 +1,7 @@
package it.inaf.ia2.gms.service;
import it.inaf.ia2.gms.manager.GroupsManager;
-import it.inaf.ia2.gms.model.Identity;
-import it.inaf.ia2.gms.model.IdentityType;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.PaginatedData;
import it.inaf.ia2.gms.model.response.SearchResponseItem;
import it.inaf.ia2.gms.model.response.SearchResponseType;
@@ -14,7 +11,10 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.Identity;
+import it.inaf.ia2.rap.data.IdentityType;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -93,7 +93,7 @@ public class SearchServiceTest {
identity.setTypedId("user@inaf.it");
user.setIdentities(Collections.singletonList(identity));
- when(rapClient.searchUsers(any())).thenReturn(Collections.singletonList(user));
+ when(rapClient.getUsers(any(String.class))).thenReturn(Collections.singletonList(user));
GroupEntity group1 = new GroupEntity();
group1.setId("group1_id");