/**
  * Sets the authorization levels on the token
  *
  * @param token an EzSecurityToken to populate with authorizations
  * @param level the authorization level. if null, defaultAuthorizationLevel will be used
  * @param auths the auths. if null, defaultAuthorizations will be used
  */
 public static void populateAuthorizations(
     final EzSecurityToken token, String level, Set<String> auths) {
   token
       .getAuthorizations()
       .setFormalAuthorizations((auths == null) ? defaultAuthorizations : auths);
   token.setAuthorizationLevel((level == null) ? defaultAuthorizationLevel : level);
 }
 /**
  * Sets the appropriate fields on the EzSecurityToken for the passed in application information
  *
  * @param token an EzSecurityToken to populate with AppInfo. This object will only have AppInfo
  *     updated on it
  * @param appId the application security id, defaultSecurityId will be used if null
  * @param appPrincipal the application's principal, defaultSecurityId will be used if null
  */
 public static void populateAppInfo(
     final EzSecurityToken token, String appId, String appPrincipal) {
   token.getValidity().setIssuedTo((appId == null) ? defaultSecurityId : appId);
   token.getTokenPrincipal().setPrincipal((appId == null) ? defaultSecurityId : appId);
   token
       .getTokenPrincipal()
       .setExternalID((appPrincipal == null) ? defaultSecurityId : appPrincipal);
 }
  public static EzSecurityToken getMockUserToken(
      String principal,
      String authorizationLevel,
      Set<String> auths,
      Map<String, List<String>> projectGroups,
      boolean admin) {
    EzSecurityToken token = getBlankToken(null, null, 0);
    token.setType(TokenType.USER);

    populateUserInfo(token, principal, null, null);
    populateAuthorizations(token, authorizationLevel, auths);
    populateExternalProjectGroups(token, projectGroups, admin);

    return token;
  }
  public static EzSecurityToken getMockAppToken(
      String appId,
      String appPrincipal,
      String authorizationLevel,
      Set<String> authorizations,
      Map<String, List<String>> projectGroups) {
    EzSecurityToken ezToken = getBlankToken(null, null, 0);
    ezToken.setType(TokenType.APP);

    populateAppInfo(ezToken, appId, appPrincipal);
    populateAuthorizations(ezToken, authorizationLevel, authorizations);
    populateExternalProjectGroups(ezToken, projectGroups, false);

    return ezToken;
  }
  @Override
  public EzSecurityToken refreshSecurityToken(EzSecurityToken token)
      throws EzSecurityTokenException {
    EzSecurityToken refreshedToken;
    EzSecurity.Client client = null;
    try {
      TokenRequest request =
          new TokenRequest(securityId, System.currentTimeMillis(), token.getType());
      request.setTokenPrincipal(token);

      client = pool.get().getClient(ezsecurityConstants.SERVICE_NAME, EzSecurity.Client.class);
      refreshedToken = client.refreshToken(request, "");
    } catch (AppNotRegisteredException e) {
      log.error("Application {} is not registered with EzSecurity", securityId, e);
      throw new EzSecurityTokenException("Application not registered " + e.getMessage());
    } catch (TException e) {
      log.error("Unexpected thrift exception getting security token: {}", e.getMessage());
      throw new EzSecurityTokenException("TException getting security token: " + e.getMessage());
    } finally {
      if (client != null) {
        pool.get().returnToPool(client);
      }
    }

    return refreshedToken;
  }
  /**
   * Sets the external project groups no an EzSecurityToken
   *
   * @param token an EzSecurityToken to populate. This object will only have externalProjectGroups
   *     updated on it
   * @param projectGroups optional project groups to add to the token, mockProjectGroups will be
   *     applied if null
   * @param admin if true, admin project groups will be added to the token
   */
  public static void populateExternalProjectGroups(
      final EzSecurityToken token, Map<String, List<String>> projectGroups, boolean admin) {
    Map<String, List<String>> pgs = new HashMap<>();
    if (projectGroups != null) {
      pgs.putAll(projectGroups);
    } else {
      pgs.putAll(mockProjectGroups);
    }
    if (admin) {
      pgs.putAll(mockAdminProjectGroups);
    }

    token.setExternalProjectGroups(pgs);
  }
 /**
  * Generate an EzSecurityToken with just the basics set on it
  *
  * @param securityId the apps security ID, if null, defaultSecurityId will be used
  * @param targetSecurityId the target security ID, if null, securityId will be used
  * @param expiration how long the token should live before expiring
  * @return the initialized EzSecurityToken
  */
 public static EzSecurityToken getBlankToken(
     String securityId, String targetSecurityId, long expiration) {
   EzSecurityToken token = new EzSecurityToken();
   token.setValidity(
       new ValidityCaveats(
           "EzSecurity",
           securityId == null ? defaultSecurityId : securityId,
           getExpires(expiration),
           ""));
   token
       .getValidity()
       .setIssuedFor(
           (targetSecurityId == null) ? token.getValidity().getIssuedTo() : targetSecurityId);
   token.setTokenPrincipal(new EzSecurityPrincipal("", token.getValidity()));
   token.setAuthorizations(new Authorizations());
   return token;
 }
  public static EzSecurityToken getMockEzSecurityToken(
      String applicationSecurityId,
      String targetApplicationSecurityId,
      String principal,
      String appPrincipal,
      String citizenship,
      String organization,
      String authorizationLevel,
      Set<String> authorizations,
      Map<String, List<String>> projectGroups,
      TokenType type,
      long tokenExpiration,
      boolean admin,
      boolean validForExternalRequests) {
    EzSecurityToken ezToken = new EzSecurityToken();
    ezToken.setValidity(
        new ValidityCaveats(
            "EzSecurity", applicationSecurityId, System.currentTimeMillis() + tokenExpiration, ""));
    ezToken.getValidity().setIssuedFor(targetApplicationSecurityId);
    ezToken.getAuthorizations().setFormalAuthorizations(authorizations);
    ezToken.setAuthorizationLevel(authorizationLevel);

    ezToken.setType(type);
    switch (type) {
      case USER:
        populateUserInfo(ezToken, principal, citizenship, organization);
        break;
      case APP:
        populateAppInfo(ezToken, applicationSecurityId, appPrincipal);
        break;
    }

    populateExternalProjectGroups(ezToken, projectGroups, admin);

    return ezToken;
  }
 /**
  * Set the appropriate fields on the EzSecurityToken for the passed in fields
  *
  * @param token an EzSecurityToken to populate with UserInfo. This object will only have UserInfo
  *     updated on it
  * @param principal user principal, defaultUserPrincipal will be used if null
  * @param citizenship user citizenship, defaultUserCitizenship will be used if null
  * @param organization user organization, defaultUserOrganization will be used if null
  */
 public static void populateUserInfo(
     final EzSecurityToken token, String principal, String citizenship, String organization) {
   token.getTokenPrincipal().setPrincipal((principal == null) ? defaultUserPrincipal : principal);
   token.setCitizenship((citizenship == null) ? defaultUserCitizenship : citizenship);
   token.setOrganization((organization == null) ? defaultUserOrganization : organization);
 }