From 0777d93e237f29794b9f569451d8d0618ed4dca8 Mon Sep 17 00:00:00 2001
From: Sonia Zorba <sonia.zorba@inaf.it>
Date: Mon, 26 Oct 2020 18:08:48 +0100
Subject: [PATCH] Changes for the refactored AuthLib version
---
.../java/it/inaf/ia2/gms/GmsApplication.java | 8 +
.../java/it/inaf/ia2/gms/authn/JWTFilter.java | 20 +-
.../it/inaf/ia2/gms/authn/SecurityConfig.java | 5 +-
.../it/inaf/ia2/gms/authn/SessionData.java | 49 ++--
.../controller/JWTWebServiceController.java | 4 +-
.../gms/controller/KeepAliveController.java | 15 +-
.../ia2/gms/controller/MembersController.java | 2 +-
.../ia2/gms/controller/SearchController.java | 1 -
.../ia2/gms/controller/UsersController.java | 6 +-
.../ia2/gms/manager/GroupStatusManager.java | 6 +-
.../manager/InvitedRegistrationManager.java | 2 +-
.../ia2/gms/manager/MembershipManager.java | 4 +-
.../ia2/gms/manager/PermissionsManager.java | 4 +-
.../it/inaf/ia2/gms/model/UserPermission.java | 2 +
.../model/response/UserSearchResponse.java | 2 +-
.../java/it/inaf/ia2/gms/rap/RapClient.java | 237 +++++++++---------
.../inaf/ia2/gms/service/SearchService.java | 4 +-
gms/src/main/resources/application.properties | 8 -
gms/src/main/resources/auth.properties | 7 +-
.../JWTWebServiceControllerTest.java | 2 +-
.../InvitedRegistrationManagerTest.java | 10 +-
.../PermissionsManagerIntegrationTest.java | 7 +-
.../NestedGroupsIntegrationTest.java | 2 +-
.../it/inaf/ia2/gms/rap/RapClientTest.java | 229 +++++++++--------
.../ia2/gms/service/SearchServiceTest.java | 10 +-
25 files changed, 314 insertions(+), 332 deletions(-)
diff --git a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
index a3b2a8f..f3f4a5b 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
@@ -1,7 +1,10 @@
package it.inaf.ia2.gms;
+import it.inaf.ia2.aa.ServiceLocator;
+import it.inaf.ia2.rap.client.RapClient;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -13,4 +16,9 @@ public class GmsApplication {
public static void main(String[] args) {
SpringApplication.run(GmsApplication.class, args);
}
+
+ @Bean
+ public RapClient rapClient() {
+ return ServiceLocator.getInstance().getRapClient();
+ }
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
index 9013c25..6273aed 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
@@ -1,10 +1,7 @@
package it.inaf.ia2.gms.authn;
-import io.jsonwebtoken.Jwt;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SigningKeyResolver;
-import it.inaf.ia2.aa.ServiceLocator;
import it.inaf.ia2.gms.persistence.LoggingDAO;
+import it.inaf.ia2.rap.client.RapClient;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
@@ -20,11 +17,11 @@ import javax.servlet.http.HttpServletResponse;
public class JWTFilter implements Filter {
private final LoggingDAO loggingDAO;
- private final SigningKeyResolver signingKeyResolver;
+ private final RapClient rapClient;
- public JWTFilter(LoggingDAO loggingDAO) {
+ public JWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
this.loggingDAO = loggingDAO;
- this.signingKeyResolver = ServiceLocator.getInstance().getTokenManager().getSigningKeyResolver();
+ this.rapClient = rapClient;
}
@Override
@@ -40,13 +37,10 @@ public class JWTFilter implements Filter {
return;
}
- authHeader = authHeader.replace("Bearer", "").trim();
+ String token = authHeader.replace("Bearer", "").trim();
- Jwt jwt = Jwts.parser()
- .setSigningKeyResolver(signingKeyResolver)
- .parse(authHeader);
-
- Map<String, Object> claims = (Map<String, Object>) jwt.getBody();
+ rapClient.setAccessToken(token);
+ Map<String, Object> claims = rapClient.parseIdTokenClaims(token);
if (claims.get("sub") == null) {
loggingDAO.logAction("Attempt to access WS with invalid token", request);
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
index 9613dd4..57df36e 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
@@ -1,6 +1,7 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.gms.persistence.LoggingDAO;
+import it.inaf.ia2.rap.client.RapClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
@@ -47,9 +48,9 @@ public class SecurityConfig {
* Checks JWT for web services.
*/
@Bean
- public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO) {
+ public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
FilterRegistrationBean bean = new FilterRegistrationBean();
- bean.setFilter(new JWTFilter(loggingDAO));
+ bean.setFilter(new JWTFilter(loggingDAO, rapClient));
bean.addUrlPatterns("/ws/jwt/*");
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
index 0de00ba..6d4194e 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
@@ -1,6 +1,7 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.aa.data.User;
+import it.inaf.ia2.rap.client.RapClient;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
@@ -14,58 +15,44 @@ public class SessionData {
private static final String USER_DATA = "user_data";
+ private User user;
+
@Autowired
private HttpServletRequest request;
- private String userId;
- private String userName;
- private String accessToken;
- private String refreshToken;
- private long expiration;
+ @Autowired
+ private RapClient rapClient;
@PostConstruct
public void init() {
-
HttpSession session = request.getSession(false);
if (session != null && session.getAttribute(USER_DATA) != null) {
- User user = (User) session.getAttribute(USER_DATA);
- userId = user.getName();
- userName = user.getUserLabel();
- accessToken = user.getAccessToken();
- refreshToken = user.getRefreshToken();
- setExpiresIn(user.getExpiresIn());
+ setUser((User) session.getAttribute(USER_DATA));
}
}
- public String getUserId() {
- return userId;
- }
-
- public String getAccessToken() {
- return accessToken;
+ public void setUser(User user) {
+ this.user = user;
+ rapClient.setAccessToken(user.getAccessToken());
}
- public void setAccessToken(String accessToken) {
- this.accessToken = accessToken;
- }
-
- public String getRefreshToken() {
- return refreshToken;
+ public String getUserId() {
+ return user.getName();
}
- public void setRefreshToken(String refreshToken) {
- this.refreshToken = refreshToken;
+ public String getUserName() {
+ return user.getUserLabel();
}
- public String getUserName() {
- return userName;
+ public String getAccessToken() {
+ return user.getAccessToken();
}
- public void setExpiresIn(long expiresIn) {
- this.expiration = System.currentTimeMillis() + expiresIn * 1000;
+ public String getRefreshToken() {
+ return user.getRefreshToken();
}
public long getExpiresIn() {
- return (expiration - System.currentTimeMillis()) / 1000;
+ return user.getExpiresIn();
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
index 8607c4b..930c8ed 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/JWTWebServiceController.java
@@ -7,7 +7,6 @@ import it.inaf.ia2.gms.manager.InvitedRegistrationManager;
import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
@@ -19,6 +18,7 @@ import it.inaf.ia2.gms.service.GroupsService;
import it.inaf.ia2.gms.service.JoinService;
import it.inaf.ia2.gms.service.PermissionUtils;
import it.inaf.ia2.gms.service.SearchService;
+import it.inaf.ia2.rap.data.RapUser;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.Principal;
@@ -340,7 +340,7 @@ public class JWTWebServiceController {
try ( PrintWriter pw = new PrintWriter(response.getOutputStream())) {
for (RapUser member : membershipManager.getMembers(groupEntity)) {
if (selectedUserIds == null || selectedUserIds.contains(member.getId())) {
- pw.println(member.getPrimaryEmail());
+ pw.println(member.getPrimaryEmailAddress());
}
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
index c41f012..5e4b15f 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/KeepAliveController.java
@@ -1,8 +1,10 @@
package it.inaf.ia2.gms.controller;
+import it.inaf.ia2.aa.ServiceLocator;
+import it.inaf.ia2.aa.UserManager;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.rap.RapClient;
import java.util.HashMap;
+import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -19,14 +21,17 @@ public class KeepAliveController {
@Autowired
private SessionData sessionData;
- @Autowired
- private RapClient rapClient;
+ private final UserManager userManager;
+
+ public KeepAliveController() {
+ userManager = ServiceLocator.getInstance().getUserManager();
+ }
@GetMapping(value = "/keepAlive", produces = MediaType.APPLICATION_JSON_VALUE)
- public ResponseEntity<?> keepAlive() {
+ public ResponseEntity<?> keepAlive(HttpServletRequest request) {
LOG.trace("Keepalive called");
if (sessionData.getExpiresIn() < 60) {
- rapClient.refreshToken();
+ sessionData.setUser(userManager.refreshToken(request));
LOG.trace("RAP token refreshed");
}
// empty JSON object response
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
index f31966f..3db24db 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/MembersController.java
@@ -4,12 +4,12 @@ import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.request.AddMemberRequest;
import it.inaf.ia2.gms.model.response.PaginatedData;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.request.PaginatedModelRequest;
import it.inaf.ia2.gms.model.request.RemoveMemberRequest;
import it.inaf.ia2.gms.model.request.TabRequest;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.service.GroupsService;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.Collections;
import java.util.List;
import javax.validation.Valid;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
index c612e9c..46ec484 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/SearchController.java
@@ -1,7 +1,6 @@
package it.inaf.ia2.gms.controller;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.PaginatedData;
import it.inaf.ia2.gms.model.response.SearchResponseItem;
import it.inaf.ia2.gms.model.response.UserSearchResponse;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
index e5d908c..5d96ed4 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
@@ -1,7 +1,7 @@
package it.inaf.ia2.gms.controller;
-import it.inaf.ia2.gms.model.RapUser;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
@@ -18,6 +18,6 @@ public class UsersController {
@GetMapping(value = "users", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<List<RapUser>> searchUsers(@RequestParam("search") String searchText) {
- return ResponseEntity.ok(rapClient.searchUsers(searchText));
+ return ResponseEntity.ok(rapClient.getUsers(searchText));
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
index 7e75650..98cbccd 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
@@ -2,14 +2,14 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.GroupNameService;
import it.inaf.ia2.gms.service.GroupsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -77,7 +77,7 @@ public class GroupStatusManager extends UserAwareComponent {
Map<String, String> usersMap = new HashMap<>();
for (RapUser user : rapClient.getUsers(memberships.stream()
.map(u -> u.getUserId()).collect(Collectors.toSet()))) {
- usersMap.put(user.getId(), user.getPrimaryEmail());
+ usersMap.put(user.getId(), user.getPrimaryEmailAddress());
}
List<String[]> rows = new ArrayList<>();
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
index dec9449..82dace9 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
@@ -13,8 +13,8 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
index 022e542..83340a5 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
@@ -2,15 +2,15 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionUtils;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
index e6a6551..4fd1bdf 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
@@ -2,14 +2,14 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionUtils;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java b/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
index 66ab93a..43a9e0a 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/UserPermission.java
@@ -1,5 +1,7 @@
package it.inaf.ia2.gms.model;
+import it.inaf.ia2.rap.data.RapUser;
+
public class UserPermission {
private RapUser user;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java b/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
index 4d00c24..c3faa44 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/response/UserSearchResponse.java
@@ -1,6 +1,6 @@
package it.inaf.ia2.gms.model.response;
-import it.inaf.ia2.gms.model.RapUser;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.List;
public class UserSearchResponse {
diff --git a/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java b/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
index a2e1948..189472a 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/rap/RapClient.java
@@ -3,7 +3,6 @@ package it.inaf.ia2.gms.rap;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
@@ -51,124 +50,124 @@ public class RapClient {
@Autowired(required = false)
private SessionData sessionData;
- private final RestTemplate rapRestTemplate;
-
- private final RestTemplate refreshTokenRestTemplate;
+// private final RestTemplate rapRestTemplate;
+//
+// private final RestTemplate refreshTokenRestTemplate;
private final ObjectMapper objectMapper = new ObjectMapper();
-
- @Autowired
- public RapClient(RestTemplate rapRestTemplate) {
- this.rapRestTemplate = rapRestTemplate;
- this.refreshTokenRestTemplate = new RestTemplate();
- }
-
- public RapUser getUser(String userId) {
-
- String url = rapBaseUrl + "/user/" + userId;
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<RapUser>() {
- }).getBody();
- });
- }
-
- public List<RapUser> getUsers(Set<String> identifiers) {
-
- if (identifiers.isEmpty()) {
- return new ArrayList<>();
- }
-
- String url = rapBaseUrl + "/user?identifiers=" + String.join(",", identifiers);
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
- }).getBody();
- });
- }
-
- public List<RapUser> searchUsers(String searchText) {
-
- if (searchText == null || searchText.trim().isEmpty()) {
- return new ArrayList<>();
- }
-
- String url = rapBaseUrl + "/user?search=" + searchText;
-
- return httpCall(entity -> {
- return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
- }).getBody();
- });
- }
-
- private <R> R httpCall(Function<HttpEntity<?>, R> function) {
- return httpCall(function, null);
- }
-
- private <R, T> R httpCall(Function<HttpEntity<?>, R> function, T body) {
- try {
- try {
- return function.apply(getEntity(body));
- } catch (HttpClientErrorException.Unauthorized ex) {
- if (request.getSession(false) == null || sessionData.getExpiresIn() > 0) {
- // we can't refresh the token without a session
- throw ex;
- }
- refreshToken();
- return function.apply(getEntity(body));
- }
- } catch (HttpStatusCodeException ex) {
- try {
- Map<String, String> map = objectMapper.readValue(ex.getResponseBodyAsString(), Map.class);
- if (map.containsKey("error")) {
- String error = map.get("error");
- if (ex instanceof HttpClientErrorException) {
- throw new HttpClientErrorException(ex.getStatusCode(), error);
- } else if (ex instanceof HttpServerErrorException) {
- throw new HttpServerErrorException(ex.getStatusCode(), error);
- }
- }
- } catch (JsonProcessingException ignore) {
- }
- throw ex;
- }
- }
-
- private <T> HttpEntity<T> getEntity(T body) {
-
- HttpHeaders headers = new HttpHeaders();
- headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
- if (request.getSession(false) != null) {
- headers.add("Authorization", "Bearer " + sessionData.getAccessToken());
- } else {
- // from JWT web service
- headers.add("Authorization", request.getHeader("Authorization"));
- }
-
- return new HttpEntity<>(body, headers);
- }
-
- public void refreshToken() {
-
- HttpHeaders headers = new HttpHeaders();
- headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
- headers.setBasicAuth(clientId, clientSecret);
-
- headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
-
- MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
- map.add("grant_type", "refresh_token");
- map.add("refresh_token", sessionData.getRefreshToken());
- map.add("scope", scope.replace(",", " "));
-
- HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
-
- ResponseEntity<Map> response = refreshTokenRestTemplate.postForEntity(accessTokenUri, request, Map.class);
-
- Map<String, Object> values = response.getBody();
-
- sessionData.setAccessToken((String) values.get("access_token"));
- sessionData.setRefreshToken((String) values.get("refresh_token"));
- sessionData.setExpiresIn((int) values.get("expires_in"));
- }
+//
+// @Autowired
+// public RapClient(RestTemplate rapRestTemplate) {
+// this.rapRestTemplate = rapRestTemplate;
+// this.refreshTokenRestTemplate = new RestTemplate();
+// }
+//
+// public RapUser getUser(String userId) {
+//
+// String url = rapBaseUrl + "/user/" + userId;
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<RapUser>() {
+// }).getBody();
+// });
+// }
+//
+// public List<RapUser> getUsers(Set<String> identifiers) {
+//
+// if (identifiers.isEmpty()) {
+// return new ArrayList<>();
+// }
+//
+// String url = rapBaseUrl + "/user?identifiers=" + String.join(",", identifiers);
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
+// }).getBody();
+// });
+// }
+//
+// public List<RapUser> searchUsers(String searchText) {
+//
+// if (searchText == null || searchText.trim().isEmpty()) {
+// return new ArrayList<>();
+// }
+//
+// String url = rapBaseUrl + "/user?search=" + searchText;
+//
+// return httpCall(entity -> {
+// return rapRestTemplate.exchange(url, HttpMethod.GET, entity, new ParameterizedTypeReference<List<RapUser>>() {
+// }).getBody();
+// });
+// }
+//
+// private <R> R httpCall(Function<HttpEntity<?>, R> function) {
+// return httpCall(function, null);
+// }
+//
+// private <R, T> R httpCall(Function<HttpEntity<?>, R> function, T body) {
+// try {
+// try {
+// return function.apply(getEntity(body));
+// } catch (HttpClientErrorException.Unauthorized ex) {
+// if (request.getSession(false) == null || sessionData.getExpiresIn() > 0) {
+// // we can't refresh the token without a session
+// throw ex;
+// }
+// refreshToken();
+// return function.apply(getEntity(body));
+// }
+// } catch (HttpStatusCodeException ex) {
+// try {
+// Map<String, String> map = objectMapper.readValue(ex.getResponseBodyAsString(), Map.class);
+// if (map.containsKey("error")) {
+// String error = map.get("error");
+// if (ex instanceof HttpClientErrorException) {
+// throw new HttpClientErrorException(ex.getStatusCode(), error);
+// } else if (ex instanceof HttpServerErrorException) {
+// throw new HttpServerErrorException(ex.getStatusCode(), error);
+// }
+// }
+// } catch (JsonProcessingException ignore) {
+// }
+// throw ex;
+// }
+// }
+//
+// private <T> HttpEntity<T> getEntity(T body) {
+//
+// HttpHeaders headers = new HttpHeaders();
+// headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
+// if (request.getSession(false) != null) {
+// headers.add("Authorization", "Bearer " + sessionData.getAccessToken());
+// } else {
+// // from JWT web service
+// headers.add("Authorization", request.getHeader("Authorization"));
+// }
+//
+// return new HttpEntity<>(body, headers);
+// }
+//
+// public void refreshToken() {
+//
+// HttpHeaders headers = new HttpHeaders();
+// headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
+// headers.setBasicAuth(clientId, clientSecret);
+//
+// headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+//
+// MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
+// map.add("grant_type", "refresh_token");
+// map.add("refresh_token", sessionData.getRefreshToken());
+// map.add("scope", scope.replace(",", " "));
+//
+// HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
+//
+// ResponseEntity<Map> response = refreshTokenRestTemplate.postForEntity(accessTokenUri, request, Map.class);
+//
+// Map<String, Object> values = response.getBody();
+//
+// sessionData.setAccessToken((String) values.get("access_token"));
+// sessionData.setRefreshToken((String) values.get("refresh_token"));
+// sessionData.setExpiresIn((int) values.get("expires_in"));
+// }
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
index 9f59907..89cd7c5 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
@@ -13,7 +13,7 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
import java.util.AbstractMap.SimpleEntry;
import java.util.ArrayList;
import java.util.List;
@@ -58,7 +58,7 @@ public class SearchService {
}
private List<SearchResponseItem> searchUsers(String query) {
- return rapClient.searchUsers(query).stream()
+ return rapClient.getUsers(query).stream()
.map(u -> {
SearchResponseItem item = new SearchResponseItem();
item.setType(SearchResponseType.USER);
diff --git a/gms/src/main/resources/application.properties b/gms/src/main/resources/application.properties
index 1091bba..3428af2 100644
--- a/gms/src/main/resources/application.properties
+++ b/gms/src/main/resources/application.properties
@@ -4,14 +4,6 @@ server.servlet.context-path=/gms
spring.main.allow-bean-definition-overriding=true
server.error.whitelabel.enabled=false
-security.oauth2.client.client-id=gms
-security.oauth2.client.client-secret=gms-secret
-security.oauth2.client.access-token-uri=http://localhost/rap-ia2/auth/oauth2/token
-security.oauth2.client.user-authorization-uri=http://localhost/rap-ia2/auth/oauth2/authorize
-security.oauth2.resource.token-info-uri=http://localhost/rap-ia2/auth/oauth2/check_token
-security.oauth2.client.scope=openid,email,profile,read:rap
-security.oauth2.resource.jwk.key-set-uri=http://localhost/rap-ia2/auth/oidc/jwks
-
logging.level.it.inaf=TRACE
logging.level.org.springframework.security=DEBUG
logging.level.org.springframework.jdbc=TRACE
diff --git a/gms/src/main/resources/auth.properties b/gms/src/main/resources/auth.properties
index 7bd1b03..19880c5 100644
--- a/gms/src/main/resources/auth.properties
+++ b/gms/src/main/resources/auth.properties
@@ -1,10 +1,5 @@
client_id=gms
client_secret=gms-secret
-access_token_uri=http://localhost/rap-ia2/auth/oauth2/token
-user_authorization_uri=http://localhost/rap-ia2/auth/oauth2/authorize
-check_token_uri=http://localhost/rap-ia2/auth/oauth2/token
-jwks_uri=http://localhost/rap-ia2/auth/oidc/jwks
-gms_uri=http://localhost:8082/gms/ws/jwt
-groups_autoload=false
+rap_uri=http://localhost/rap-ia2
store_state_on_login_endpoint=true
scope=openid email profile read:rap
diff --git a/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java b/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
index 625e72c..8945328 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/controller/JWTWebServiceControllerTest.java
@@ -4,7 +4,6 @@ import it.inaf.ia2.gms.manager.GroupsManager;
import it.inaf.ia2.gms.manager.MembershipManager;
import it.inaf.ia2.gms.manager.PermissionsManager;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
@@ -13,6 +12,7 @@ import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.GroupsService;
import it.inaf.ia2.gms.service.JoinService;
+import it.inaf.ia2.rap.data.RapUser;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
index 13cf87d..192c62e 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
@@ -1,18 +1,18 @@
package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.Identity;
-import it.inaf.ia2.gms.model.IdentityType;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.InvitedRegistrationDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.Identity;
+import it.inaf.ia2.rap.data.IdentityType;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -102,7 +102,7 @@ public class InvitedRegistrationManagerTest {
Identity identity = new Identity();
identity.setType(IdentityType.EDU_GAIN);
identity.setEmail(EMAIL);
- user.setIdentities(Collections.singletonList(identity));
+ user.getIdentities().addAll(Collections.singletonList(identity));
when(rapClient.getUser(eq(USER_ID))).thenReturn(user);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
index 9a25bc6..5eec6c7 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
@@ -2,17 +2,18 @@ package it.inaf.ia2.gms.manager;
import it.inaf.ia2.gms.DataSourceConfig;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.UserPermission;
import it.inaf.ia2.gms.persistence.GroupsDAO;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.Collections;
import java.util.List;
+import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.sql.DataSource;
import static org.junit.Assert.assertEquals;
@@ -52,7 +53,7 @@ public class PermissionsManagerIntegrationTest {
// Mock RAP client
RapUser rapUser = new RapUser();
rapUser.setId(USER_ID);
- when(rapClient.getUsers(any())).thenReturn(Collections.singletonList(rapUser));
+ when(rapClient.getUsers(any(Set.class))).thenReturn(Collections.singletonList(rapUser));
PermissionsService permissionsService = new PermissionsService(permissionsDAO, loggingDAO);
PermissionsManager permissionsManager = new PermissionsManager(permissionsService, rapClient, loggingDAO);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
index baa08c1..73d7d99 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
@@ -10,9 +10,9 @@ import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.model.request.GroupsRequest;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
import it.inaf.ia2.gms.service.GroupsTreeBuilder;
import it.inaf.ia2.gms.service.PermissionsService;
+import it.inaf.ia2.rap.client.RapClient;
import java.util.List;
import javax.sql.DataSource;
import static org.junit.Assert.assertEquals;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java b/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
index bd317c0..09becbf 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/rap/RapClientTest.java
@@ -1,7 +1,6 @@
package it.inaf.ia2.gms.rap;
import it.inaf.ia2.gms.authn.SessionData;
-import it.inaf.ia2.gms.model.RapUser;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
@@ -34,120 +33,120 @@ import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.HttpServerErrorException.InternalServerError;
import org.springframework.web.client.RestTemplate;
-@RunWith(MockitoJUnitRunner.class)
+//@RunWith(MockitoJUnitRunner.class)
public class RapClientTest {
- @Mock
- private HttpServletRequest request;
-
- @Mock
- private SessionData sessionData;
-
- @Mock
- private RestTemplate restTemplate;
-
- @Mock
- private RestTemplate refreshTokenRestTemplate;
-
- private RapClient rapClient;
-
- @Before
- public void init() {
- rapClient = new RapClient(restTemplate);
- ReflectionTestUtils.setField(rapClient, "request", request);
- ReflectionTestUtils.setField(rapClient, "refreshTokenRestTemplate", refreshTokenRestTemplate);
- ReflectionTestUtils.setField(rapClient, "scope", "openid");
- }
-
- @Test
- public void testUnauthorizedNoRefreshJsonMsg() {
-
- String jsonError = "{\"error\":\"Unauthorized: foo\"}";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpClientErrorException ex) {
- assertEquals("401 Unauthorized: foo", ex.getMessage());
- }
- }
-
- @Test
- public void testUnauthorizedNoRefreshNotJsonMsg() {
-
- String errorMessage = "THIS IS NOT A JSON";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, errorMessage.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpClientErrorException ex) {
- assertNotNull(ex.getMessage());
- }
- }
-
- @Test
- public void testServerErrorJsonMsg() {
-
- String jsonError = "{\"error\":\"Fatal error\"}";
-
- HttpServerErrorException exception = InternalServerError
- .create(HttpStatus.INTERNAL_SERVER_ERROR, "500", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception);
-
- try {
- rapClient.getUser("123");
- } catch (HttpServerErrorException ex) {
- assertEquals("500 Fatal error", ex.getMessage());
- }
- }
-
- @Test
- public void testRefreshToken() {
-
- when(request.getSession(eq(false))).thenReturn(mock(HttpSession.class));
- when(sessionData.getExpiresIn()).thenReturn(-100l);
-
- ReflectionTestUtils.setField(rapClient, "sessionData", sessionData);
- ReflectionTestUtils.setField(rapClient, "clientId", "clientId");
- ReflectionTestUtils.setField(rapClient, "clientSecret", "clientSecret");
- ReflectionTestUtils.setField(rapClient, "accessTokenUri", "https://sso.ia2.inaf.it");
-
- String jsonError = "{\"error\":\"Unauthorized: token expired\"}";
-
- HttpClientErrorException exception = Unauthorized
- .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
-
- when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
- }))).thenThrow(exception)
- .thenReturn(ResponseEntity.ok(new RapUser()));
-
- ResponseEntity refreshTokenResponse = mock(ResponseEntity.class);
- Map<String, Object> mockedBody = new HashMap<>();
- mockedBody.put("access_token", "<access_token>");
- mockedBody.put("refresh_token", "<refresh_token>");
- mockedBody.put("expires_in", 3600);
- when(refreshTokenResponse.getBody()).thenReturn(mockedBody);
-
- when(refreshTokenRestTemplate.postForEntity(anyString(), any(HttpEntity.class), any()))
- .thenReturn(refreshTokenResponse);
-
- RapUser user = rapClient.getUser("123");
- assertNotNull(user);
-
- // verifies that token is refreshed
- verify(sessionData, times(1)).setAccessToken(eq("<access_token>"));
- verify(sessionData, times(1)).setExpiresIn(eq(3600l));
- }
+// @Mock
+// private HttpServletRequest request;
+//
+// @Mock
+// private SessionData sessionData;
+//
+// @Mock
+// private RestTemplate restTemplate;
+//
+// @Mock
+// private RestTemplate refreshTokenRestTemplate;
+//
+// private RapClient rapClient;
+//
+// @Before
+// public void init() {
+// rapClient = new RapClient(restTemplate);
+// ReflectionTestUtils.setField(rapClient, "request", request);
+// ReflectionTestUtils.setField(rapClient, "refreshTokenRestTemplate", refreshTokenRestTemplate);
+// ReflectionTestUtils.setField(rapClient, "scope", "openid");
+// }
+//
+// @Test
+// public void testUnauthorizedNoRefreshJsonMsg() {
+//
+// String jsonError = "{\"error\":\"Unauthorized: foo\"}";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpClientErrorException ex) {
+// assertEquals("401 Unauthorized: foo", ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testUnauthorizedNoRefreshNotJsonMsg() {
+//
+// String errorMessage = "THIS IS NOT A JSON";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, errorMessage.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpClientErrorException ex) {
+// assertNotNull(ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testServerErrorJsonMsg() {
+//
+// String jsonError = "{\"error\":\"Fatal error\"}";
+//
+// HttpServerErrorException exception = InternalServerError
+// .create(HttpStatus.INTERNAL_SERVER_ERROR, "500", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception);
+//
+// try {
+// rapClient.getUser("123");
+// } catch (HttpServerErrorException ex) {
+// assertEquals("500 Fatal error", ex.getMessage());
+// }
+// }
+//
+// @Test
+// public void testRefreshToken() {
+//
+// when(request.getSession(eq(false))).thenReturn(mock(HttpSession.class));
+// when(sessionData.getExpiresIn()).thenReturn(-100l);
+//
+// ReflectionTestUtils.setField(rapClient, "sessionData", sessionData);
+// ReflectionTestUtils.setField(rapClient, "clientId", "clientId");
+// ReflectionTestUtils.setField(rapClient, "clientSecret", "clientSecret");
+// ReflectionTestUtils.setField(rapClient, "accessTokenUri", "https://sso.ia2.inaf.it");
+//
+// String jsonError = "{\"error\":\"Unauthorized: token expired\"}";
+//
+// HttpClientErrorException exception = Unauthorized
+// .create(HttpStatus.UNAUTHORIZED, "401", HttpHeaders.EMPTY, jsonError.getBytes(), StandardCharsets.UTF_8);
+//
+// when(restTemplate.exchange(anyString(), eq(HttpMethod.GET), any(HttpEntity.class), eq(new ParameterizedTypeReference<RapUser>() {
+// }))).thenThrow(exception)
+// .thenReturn(ResponseEntity.ok(new RapUser()));
+//
+// ResponseEntity refreshTokenResponse = mock(ResponseEntity.class);
+// Map<String, Object> mockedBody = new HashMap<>();
+// mockedBody.put("access_token", "<access_token>");
+// mockedBody.put("refresh_token", "<refresh_token>");
+// mockedBody.put("expires_in", 3600);
+// when(refreshTokenResponse.getBody()).thenReturn(mockedBody);
+//
+// when(refreshTokenRestTemplate.postForEntity(anyString(), any(HttpEntity.class), any()))
+// .thenReturn(refreshTokenResponse);
+//
+// RapUser user = rapClient.getUser("123");
+// assertNotNull(user);
+//
+// // verifies that token is refreshed
+// verify(sessionData, times(1)).setAccessToken(eq("<access_token>"));
+// verify(sessionData, times(1)).setExpiresIn(eq(3600l));
+// }
}
diff --git a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
index 098d24c..bb44208 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
@@ -1,10 +1,7 @@
package it.inaf.ia2.gms.service;
import it.inaf.ia2.gms.manager.GroupsManager;
-import it.inaf.ia2.gms.model.Identity;
-import it.inaf.ia2.gms.model.IdentityType;
import it.inaf.ia2.gms.model.Permission;
-import it.inaf.ia2.gms.model.RapUser;
import it.inaf.ia2.gms.model.response.PaginatedData;
import it.inaf.ia2.gms.model.response.SearchResponseItem;
import it.inaf.ia2.gms.model.response.SearchResponseType;
@@ -14,7 +11,10 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.gms.rap.RapClient;
+import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.rap.data.Identity;
+import it.inaf.ia2.rap.data.IdentityType;
+import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
@@ -93,7 +93,7 @@ public class SearchServiceTest {
identity.setTypedId("user@inaf.it");
user.setIdentities(Collections.singletonList(identity));
- when(rapClient.searchUsers(any())).thenReturn(Collections.singletonList(user));
+ when(rapClient.getUsers(any(String.class))).thenReturn(Collections.singletonList(user));
GroupEntity group1 = new GroupEntity();
group1.setId("group1_id");
--
GitLab