diff --git a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
index 69bcf3d5e839759bc0a4dc65976cec26fb04db62..be65afa31fa3ec700143c952858b0765f3e0a40c 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/GmsApplication.java
@@ -1,7 +1,9 @@
package it.inaf.ia2.gms;
+import it.inaf.ia2.aa.AuthConfig;
import it.inaf.ia2.aa.ServiceLocator;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.aa.UserManager;
+import it.inaf.ia2.gms.authn.ServletRapClient;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
@@ -18,7 +20,17 @@ public class GmsApplication {
}
@Bean
- public RapClient rapClient() {
- return ServiceLocator.getInstance().getRapClient();
+ public AuthConfig authConfig() {
+ return ServiceLocator.getInstance().getConfig();
+ }
+
+ @Bean
+ public UserManager userManager() {
+ return ServiceLocator.getInstance().getUserManager();
+ }
+
+ @Bean
+ public ServletRapClient servletRapClient() {
+ return (ServletRapClient) ServiceLocator.getInstance().getRapClient();
}
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
index f2c047c6cfdd7ae965443cc2c1768f21b9d55752..92845ced2220b9fc362cf59c73655235f0cc9ced 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/JWTFilter.java
@@ -1,8 +1,8 @@
package it.inaf.ia2.gms.authn;
+import it.inaf.ia2.aa.UserManager;
import it.inaf.ia2.aa.data.User;
import it.inaf.ia2.gms.persistence.LoggingDAO;
-import it.inaf.ia2.rap.client.RapClient;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
@@ -19,11 +19,11 @@ import javax.servlet.http.HttpSession;
public class JWTFilter implements Filter {
private final LoggingDAO loggingDAO;
- private final RapClient rapClient;
+ private final UserManager userManager;
- public JWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
+ public JWTFilter(LoggingDAO loggingDAO, UserManager userManager) {
this.loggingDAO = loggingDAO;
- this.rapClient = rapClient;
+ this.userManager = userManager;
}
@Override
@@ -40,7 +40,6 @@ public class JWTFilter implements Filter {
HttpSession session = request.getSession(false);
User user = (User) session.getAttribute("user_data");
if (user != null) {
- rapClient.setAccessToken(user.getAccessToken());
ServletRequestWithSessionPrincipal wrappedRequest = new ServletRequestWithSessionPrincipal(request, user);
fc.doFilter(wrappedRequest, res);
return;
@@ -53,8 +52,7 @@ public class JWTFilter implements Filter {
String token = authHeader.replace("Bearer", "").trim();
- rapClient.setAccessToken(token);
- Map<String, Object> claims = rapClient.parseIdTokenClaims(token);
+ Map<String, Object> claims = userManager.parseIdTokenClaims(token);
if (claims.get("sub") == null) {
loggingDAO.logAction("Attempt to access WS with invalid token", request);
@@ -62,7 +60,7 @@ public class JWTFilter implements Filter {
return;
}
- ServletRequestWithJWTPrincipal wrappedRequest = new ServletRequestWithJWTPrincipal(request, claims);
+ ServletRequestWithJWTPrincipal wrappedRequest = new ServletRequestWithJWTPrincipal(request, token, claims);
loggingDAO.logAction("WS access from " + wrappedRequest.getUserPrincipal().getName(), request);
fc.doFilter(wrappedRequest, res);
@@ -87,9 +85,9 @@ public class JWTFilter implements Filter {
private final RapPrincipal principal;
- public ServletRequestWithJWTPrincipal(HttpServletRequest request, Map<String, Object> jwtClaims) {
+ public ServletRequestWithJWTPrincipal(HttpServletRequest request, String token, Map<String, Object> jwtClaims) {
super(request);
- this.principal = new RapPrincipal(jwtClaims);
+ this.principal = new RapPrincipal(token, jwtClaims);
}
@Override
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/RapClient.java b/gms/src/main/java/it/inaf/ia2/gms/authn/RapClient.java
new file mode 100644
index 0000000000000000000000000000000000000000..0da0a4f0bc4ac5987c918298ff128372446cab8c
--- /dev/null
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/RapClient.java
@@ -0,0 +1,17 @@
+package it.inaf.ia2.gms.authn;
+
+import it.inaf.ia2.rap.client.BoundedRapClient;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.annotation.RequestScope;
+
+@Component
+@RequestScope
+public class RapClient extends BoundedRapClient<HttpServletRequest> {
+
+ @Autowired
+ public RapClient(ServletRapClient servletRapClient, HttpServletRequest request) {
+ super(servletRapClient, request);
+ }
+}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/RapPrincipal.java b/gms/src/main/java/it/inaf/ia2/gms/authn/RapPrincipal.java
index 174ff2f114a4752cc45277a8c33d70845d71bf98..3d45ad21d26bccc29108b6509fa61d9437259a17 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/RapPrincipal.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/RapPrincipal.java
@@ -5,10 +5,12 @@ import java.util.Map;
public class RapPrincipal implements Principal {
+ private final String token;
private final String sub;
private final String altSub;
- public RapPrincipal(Map<String, Object> jwtClaims) {
+ public RapPrincipal(String token, Map<String, Object> jwtClaims) {
+ this.token = token;
sub = (String) jwtClaims.get("sub");
altSub = (String) jwtClaims.get("alt_sub");
}
@@ -24,4 +26,8 @@ public class RapPrincipal implements Principal {
public String getAlternativeName() {
return altSub;
}
+
+ public String getToken() {
+ return token;
+ }
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
index b2aa5b75b3a1735abe6c78e7587a91d3eae57658..7d4abcfb5f7af8781af632b124cdbd72067ee46e 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
@@ -1,7 +1,7 @@
package it.inaf.ia2.gms.authn;
+import it.inaf.ia2.aa.UserManager;
import it.inaf.ia2.gms.persistence.LoggingDAO;
-import it.inaf.ia2.rap.client.RapClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
@@ -48,9 +48,9 @@ public class SecurityConfig {
* Checks JWT for web services.
*/
@Bean
- public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO, RapClient rapClient) {
+ public FilterRegistrationBean serviceJWTFilter(LoggingDAO loggingDAO, UserManager userManager) {
FilterRegistrationBean bean = new FilterRegistrationBean();
- bean.setFilter(new JWTFilter(loggingDAO, rapClient));
+ bean.setFilter(new JWTFilter(loggingDAO, userManager));
bean.addUrlPatterns("/*");
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/ServletRapClient.java b/gms/src/main/java/it/inaf/ia2/gms/authn/ServletRapClient.java
new file mode 100644
index 0000000000000000000000000000000000000000..63e299e8ced513ab0ed5b04f689fcac972609738
--- /dev/null
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/ServletRapClient.java
@@ -0,0 +1,27 @@
+package it.inaf.ia2.gms.authn;
+
+import it.inaf.ia2.aa.data.User;
+import it.inaf.ia2.rap.client.RapClient;
+import java.security.Principal;
+import javax.servlet.http.HttpServletRequest;
+
+public class ServletRapClient extends RapClient<HttpServletRequest> {
+
+ public ServletRapClient(String baseUrl) {
+ super(baseUrl);
+ }
+
+ @Override
+ protected String getAccessToken(HttpServletRequest request) {
+ Principal principal = request.getUserPrincipal();
+ if (principal != null) {
+ if (principal instanceof User) {
+ return ((User) principal).getAccessToken();
+ }
+ if (principal instanceof RapPrincipal) {
+ return ((RapPrincipal) principal).getToken();
+ }
+ }
+ return null;
+ }
+}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
index 6d4194efdf445900f8dc366b037bd07fc80213fd..c4204660a0a31e1c13ffe87660a6a0a992ec3106 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SessionData.java
@@ -1,7 +1,6 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.aa.data.User;
-import it.inaf.ia2.rap.client.RapClient;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
@@ -20,9 +19,6 @@ public class SessionData {
@Autowired
private HttpServletRequest request;
- @Autowired
- private RapClient rapClient;
-
@PostConstruct
public void init() {
HttpSession session = request.getSession(false);
@@ -33,7 +29,6 @@ public class SessionData {
public void setUser(User user) {
this.user = user;
- rapClient.setAccessToken(user.getAccessToken());
}
public String getUserId() {
diff --git a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
index 5d96ed400e5379c49c8b7b45e8422c6c44fce729..082a4f324da627f7fe1e5e7d886f16ff4feb2560 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/controller/UsersController.java
@@ -1,6 +1,6 @@
package it.inaf.ia2.gms.controller;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.RapUser;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
index f3792ca8d1a87e804212b7b8731c560b94251159..f66d09496b74ff2d853287a2de6051a236aa5106 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/GroupStatusManager.java
@@ -7,13 +7,14 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.service.GroupsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -72,8 +73,9 @@ public class GroupStatusManager extends UserAwareComponent {
}
Map<String, String> usersMap = new HashMap<>();
- for (RapUser user : rapClient.getUsers(memberships.stream()
- .map(u -> u.getUserId()).collect(Collectors.toSet()))) {
+ Set<String> ids = memberships.stream().map(u -> u.getUserId()).collect(Collectors.toSet());
+ List<RapUser> usersList = rapClient.getUsers(ids);
+ for (RapUser user : usersList) {
usersMap.put(user.getId(), user.getPrimaryEmailAddress());
}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
index 7c9525d7e3ed319fb3c996df5e1c23ddc466369a..db85c42e0fb8562e23299966786a915789229bce 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/InvitedRegistrationManager.java
@@ -1,6 +1,5 @@
package it.inaf.ia2.gms.manager;
-import it.inaf.ia2.gms.authn.SessionData;
import it.inaf.ia2.gms.exception.BadRequestException;
import it.inaf.ia2.gms.exception.NotFoundException;
import it.inaf.ia2.gms.exception.UnauthorizedException;
@@ -14,7 +13,7 @@ import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.service.PermissionsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
index 83340a52446292d8dabfb169438254ade5a0cc47..9e2719898d2a7925a96df9b82f39e97dc472012f 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/MembershipManager.java
@@ -9,7 +9,7 @@ import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.MembershipEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.PermissionUtils;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.RapUser;
import java.util.HashSet;
import java.util.List;
diff --git a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
index 00a254533c3198b68fa9773ed5dc48218b9aba91..0bdbbb7bda36e50a90300545e33b56a578aec004 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/manager/PermissionsManager.java
@@ -8,7 +8,7 @@ import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.PermissionUtils;
import it.inaf.ia2.gms.service.PermissionsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.RapUser;
import java.util.ArrayList;
import java.util.List;
@@ -44,13 +44,15 @@ public class PermissionsManager extends UserAwareComponent {
.map(p -> p.getUserId())
.collect(Collectors.toSet());
- Map<String, RapUser> users = rapClient.getUsers(userIdentifiers).stream()
+ List<RapUser> users = rapClient.getUsers(userIdentifiers);
+
+ Map<String, RapUser> usersMap = users.stream()
.collect(Collectors.toMap(RapUser::getId, Function.identity()));
List<RapUserPermission> result = new ArrayList<>();
for (PermissionEntity p : permissions) {
- RapUser rapUser = users.get(p.getUserId());
+ RapUser rapUser = usersMap.get(p.getUserId());
if (rapUser != null) {
RapUserPermission permission = new RapUserPermission();
permission.setPermission(p.getPermission());
diff --git a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
index 8ba7f3c95737f20403746e13fe26a0a68413d88d..9cd5d43e8f88e099e69b2e7ed85ab99dc2cc889e 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/service/SearchService.java
@@ -13,7 +13,7 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
diff --git a/gms/src/main/resources/auth.properties b/gms/src/main/resources/auth.properties
index 19880c5b62856cb9a79ab8f73ff23cb447aa7135..89337cbdbf558c3379f79c6dcba19f94d29d108d 100644
--- a/gms/src/main/resources/auth.properties
+++ b/gms/src/main/resources/auth.properties
@@ -3,3 +3,4 @@ client_secret=gms-secret
rap_uri=http://localhost/rap-ia2
store_state_on_login_endpoint=true
scope=openid email profile read:rap
+rap_client_class=it.inaf.ia2.gms.authn.ServletRapClient
\ No newline at end of file
diff --git a/gms/src/test/java/it/inaf/ia2/gms/authn/SessionDataTest.java b/gms/src/test/java/it/inaf/ia2/gms/authn/SessionDataTest.java
index 75d44989f48e75cce0fd7d7c62b8079c91acd6e7..3b324cccb264cadebd72146f1972050eb2420274 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/authn/SessionDataTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/authn/SessionDataTest.java
@@ -1,7 +1,7 @@
package it.inaf.ia2.gms.authn;
import it.inaf.ia2.aa.data.User;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import static org.junit.Assert.assertTrue;
@@ -19,7 +19,7 @@ public class SessionDataTest {
@Mock
private HttpServletRequest request;
-
+
@Mock
private RapClient rapClient;
@@ -32,12 +32,12 @@ public class SessionDataTest {
HttpSession session = mock(HttpSession.class);
when(request.getSession(eq(false))).thenReturn(session);
- User user = new User()
- .setUserId("123")
- .setUserLabel("Name Surname")
- .setAccessToken("<access_token>")
- .setRefreshToken("<refresh_token>")
- .setExpiresIn(3600);
+ User user = new User();
+ user.setUserId("123");
+ user.setUserLabel("Name Surname");
+ user.setAccessToken("<access_token>");
+ user.setRefreshToken("<refresh_token>");
+ user.setExpiresIn(3600);
when(session.getAttribute(eq("user_data"))).thenReturn(user);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
index 4ce897a21f44e4e3c047087336188913ba198e60..7c6956ed9340199dc3b6cf5b55bc0fafef542736 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/InvitedRegistrationManagerTest.java
@@ -9,7 +9,7 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.InvitedRegistration;
import it.inaf.ia2.gms.service.PermissionsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.Identity;
import it.inaf.ia2.rap.data.IdentityType;
import it.inaf.ia2.rap.data.RapUser;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
index b0b73601f1e7719528b9e88980b50f1815aa539b..ad138063fbd1154dd238d2d325bc58e6659e30c8 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/PermissionsManagerIntegrationTest.java
@@ -9,7 +9,7 @@ import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.PermissionsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.RapUser;
import java.util.Collections;
import java.util.List;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/manager/UserAwareComponentTestUtil.java b/gms/src/test/java/it/inaf/ia2/gms/manager/UserAwareComponentTestUtil.java
index 79ebcdaad0c8b4e617a11c75d84c2b6a4675a8d5..e61703b9c364fb4cf04dbcafdbf64055a61f7158 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/manager/UserAwareComponentTestUtil.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/manager/UserAwareComponentTestUtil.java
@@ -13,7 +13,7 @@ public class UserAwareComponentTestUtil {
public static void setUser(UserAwareComponent component, String userId) {
Map<String, Object> jwtClaims = new HashMap<>();
jwtClaims.put("sub", userId);
- RapPrincipal principal = new RapPrincipal(jwtClaims);
+ RapPrincipal principal = new RapPrincipal("token", jwtClaims);
HttpServletRequest request = mock(HttpServletRequest.class);
when(request.getUserPrincipal()).thenReturn(principal);
ReflectionTestUtils.setField(component, "request", request);
diff --git a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
index 73d7d9985bb3dc0541b0c7aecc51d4e96c13b304..70896eaef44373d557ed9490b9b10e97f439b08d 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/persistence/NestedGroupsIntegrationTest.java
@@ -12,7 +12,7 @@ import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.GroupsTreeBuilder;
import it.inaf.ia2.gms.service.PermissionsService;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import java.util.List;
import javax.sql.DataSource;
import static org.junit.Assert.assertEquals;
diff --git a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
index de6961a5760d8efaaa8ad737ac76181e0c35be4f..8cd002411bc75be3d45a482c9e28eb87770cb64e 100644
--- a/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
+++ b/gms/src/test/java/it/inaf/ia2/gms/service/SearchServiceTest.java
@@ -11,7 +11,7 @@ import it.inaf.ia2.gms.persistence.MembershipsDAO;
import it.inaf.ia2.gms.persistence.PermissionsDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
-import it.inaf.ia2.rap.client.RapClient;
+import it.inaf.ia2.gms.authn.RapClient;
import it.inaf.ia2.rap.data.Identity;
import it.inaf.ia2.rap.data.IdentityType;
import it.inaf.ia2.rap.data.RapUser;