/** * Sets the authorization levels on the token * * @param token an EzSecurityToken to populate with authorizations * @param level the authorization level. if null, defaultAuthorizationLevel will be used * @param auths the auths. if null, defaultAuthorizations will be used */ public static void populateAuthorizations( final EzSecurityToken token, String level, Set<String> auths) { token .getAuthorizations() .setFormalAuthorizations((auths == null) ? defaultAuthorizations : auths); token.setAuthorizationLevel((level == null) ? defaultAuthorizationLevel : level); }
/** * Sets the appropriate fields on the EzSecurityToken for the passed in application information * * @param token an EzSecurityToken to populate with AppInfo. This object will only have AppInfo * updated on it * @param appId the application security id, defaultSecurityId will be used if null * @param appPrincipal the application's principal, defaultSecurityId will be used if null */ public static void populateAppInfo( final EzSecurityToken token, String appId, String appPrincipal) { token.getValidity().setIssuedTo((appId == null) ? defaultSecurityId : appId); token.getTokenPrincipal().setPrincipal((appId == null) ? defaultSecurityId : appId); token .getTokenPrincipal() .setExternalID((appPrincipal == null) ? defaultSecurityId : appPrincipal); }
public static EzSecurityToken getMockUserToken( String principal, String authorizationLevel, Set<String> auths, Map<String, List<String>> projectGroups, boolean admin) { EzSecurityToken token = getBlankToken(null, null, 0); token.setType(TokenType.USER); populateUserInfo(token, principal, null, null); populateAuthorizations(token, authorizationLevel, auths); populateExternalProjectGroups(token, projectGroups, admin); return token; }
public static EzSecurityToken getMockAppToken( String appId, String appPrincipal, String authorizationLevel, Set<String> authorizations, Map<String, List<String>> projectGroups) { EzSecurityToken ezToken = getBlankToken(null, null, 0); ezToken.setType(TokenType.APP); populateAppInfo(ezToken, appId, appPrincipal); populateAuthorizations(ezToken, authorizationLevel, authorizations); populateExternalProjectGroups(ezToken, projectGroups, false); return ezToken; }
@Override public EzSecurityToken refreshSecurityToken(EzSecurityToken token) throws EzSecurityTokenException { EzSecurityToken refreshedToken; EzSecurity.Client client = null; try { TokenRequest request = new TokenRequest(securityId, System.currentTimeMillis(), token.getType()); request.setTokenPrincipal(token); client = pool.get().getClient(ezsecurityConstants.SERVICE_NAME, EzSecurity.Client.class); refreshedToken = client.refreshToken(request, ""); } catch (AppNotRegisteredException e) { log.error("Application {} is not registered with EzSecurity", securityId, e); throw new EzSecurityTokenException("Application not registered " + e.getMessage()); } catch (TException e) { log.error("Unexpected thrift exception getting security token: {}", e.getMessage()); throw new EzSecurityTokenException("TException getting security token: " + e.getMessage()); } finally { if (client != null) { pool.get().returnToPool(client); } } return refreshedToken; }
/** * Sets the external project groups no an EzSecurityToken * * @param token an EzSecurityToken to populate. This object will only have externalProjectGroups * updated on it * @param projectGroups optional project groups to add to the token, mockProjectGroups will be * applied if null * @param admin if true, admin project groups will be added to the token */ public static void populateExternalProjectGroups( final EzSecurityToken token, Map<String, List<String>> projectGroups, boolean admin) { Map<String, List<String>> pgs = new HashMap<>(); if (projectGroups != null) { pgs.putAll(projectGroups); } else { pgs.putAll(mockProjectGroups); } if (admin) { pgs.putAll(mockAdminProjectGroups); } token.setExternalProjectGroups(pgs); }
/** * Generate an EzSecurityToken with just the basics set on it * * @param securityId the apps security ID, if null, defaultSecurityId will be used * @param targetSecurityId the target security ID, if null, securityId will be used * @param expiration how long the token should live before expiring * @return the initialized EzSecurityToken */ public static EzSecurityToken getBlankToken( String securityId, String targetSecurityId, long expiration) { EzSecurityToken token = new EzSecurityToken(); token.setValidity( new ValidityCaveats( "EzSecurity", securityId == null ? defaultSecurityId : securityId, getExpires(expiration), "")); token .getValidity() .setIssuedFor( (targetSecurityId == null) ? token.getValidity().getIssuedTo() : targetSecurityId); token.setTokenPrincipal(new EzSecurityPrincipal("", token.getValidity())); token.setAuthorizations(new Authorizations()); return token; }
public static EzSecurityToken getMockEzSecurityToken( String applicationSecurityId, String targetApplicationSecurityId, String principal, String appPrincipal, String citizenship, String organization, String authorizationLevel, Set<String> authorizations, Map<String, List<String>> projectGroups, TokenType type, long tokenExpiration, boolean admin, boolean validForExternalRequests) { EzSecurityToken ezToken = new EzSecurityToken(); ezToken.setValidity( new ValidityCaveats( "EzSecurity", applicationSecurityId, System.currentTimeMillis() + tokenExpiration, "")); ezToken.getValidity().setIssuedFor(targetApplicationSecurityId); ezToken.getAuthorizations().setFormalAuthorizations(authorizations); ezToken.setAuthorizationLevel(authorizationLevel); ezToken.setType(type); switch (type) { case USER: populateUserInfo(ezToken, principal, citizenship, organization); break; case APP: populateAppInfo(ezToken, applicationSecurityId, appPrincipal); break; } populateExternalProjectGroups(ezToken, projectGroups, admin); return ezToken; }
/** * Set the appropriate fields on the EzSecurityToken for the passed in fields * * @param token an EzSecurityToken to populate with UserInfo. This object will only have UserInfo * updated on it * @param principal user principal, defaultUserPrincipal will be used if null * @param citizenship user citizenship, defaultUserCitizenship will be used if null * @param organization user organization, defaultUserOrganization will be used if null */ public static void populateUserInfo( final EzSecurityToken token, String principal, String citizenship, String organization) { token.getTokenPrincipal().setPrincipal((principal == null) ? defaultUserPrincipal : principal); token.setCitizenship((citizenship == null) ? defaultUserCitizenship : citizenship); token.setOrganization((organization == null) ? defaultUserOrganization : organization); }