Commit d8af9811 authored by benjamin.ertl's avatar benjamin.ertl
Browse files

clean up + code style

parent e1f942cc
Pipeline #1838 skipped
...@@ -9,6 +9,7 @@ ...@@ -9,6 +9,7 @@
<properties> <properties>
<java.version>1.8</java.version> <java.version>1.8</java.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<checkstyle.config.location>google_checks.xml</checkstyle.config.location>
</properties> </properties>
<build> <build>
...@@ -24,6 +25,27 @@ ...@@ -24,6 +25,27 @@
<skipTests>true</skipTests> <skipTests>true</skipTests>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>2.17</version>
<executions>
<execution>
<id>validate</id>
<phase>validate</phase>
<configuration>
<configLocation>google_checks.xml</configLocation>
<encoding>UTF-8</encoding>
<consoleOutput>true</consoleOutput>
<failsOnError>true</failsOnError>
<linkXRef>false</linkXRef>
</configuration>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</build> </build>
......
/* Copyright 2016 Karlsruhe Institute of Technology (KIT) /*
* Copyright 2016 Karlsruhe Institute of Technology (KIT)
Licensed under the Apache License, Version 2.0 (the "License"); *
you may not use this file except in compliance with the License. * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
You may obtain a copy of the License at * in compliance with the License. You may obtain a copy of the License at
*
http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
package edu.kit.scc; package edu.kit.scc;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
...@@ -14,9 +15,14 @@ import org.springframework.boot.autoconfigure.SpringBootApplication; ...@@ -14,9 +15,14 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication @SpringBootApplication
public class Application { public class Application {
public static void main(String[] args) { /**
* Spring Boot Application Runner.
*
* @param args command line arguments
*/
public static void main(String[] args) {
SpringApplication.run(Application.class, args); SpringApplication.run(Application.class, args);
} }
} }
/* Copyright 2016 Karlsruhe Institute of Technology (KIT)
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
*/
package edu.kit.scc;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@Controller
public class AuthenticationController {
private static final Logger log = LoggerFactory.getLogger(AuthenticationController.class);
@Value("${oauth2.authorizeUri}")
private String oauth2AuthorizeUri;
@Value("${oauth2.redirectUri}")
private String oauth2RedirectUri;
@Value("${oauth2.clientId}")
private String oauth2ClientId;
@RequestMapping("/login")
public String login(HttpServletResponse response, Model model) throws UnsupportedEncodingException {
String redirectUrl = oauth2AuthorizeUri.replaceAll("/$", "");
redirectUrl += "?response_type=code&scope=openid%20email&client_id=";
redirectUrl += oauth2ClientId;
redirectUrl += "&redirect_uri=";
redirectUrl += oauth2RedirectUri;
log.debug("Redirect to {}", redirectUrl);
try {
SecureRandom secRnd = new SecureRandom();
char[] VALID_CHARACTERS = "abcdefghijklmnopqrstuvwxyz".toCharArray();
char[] chars = new char[16];
for (int i = 0; i < chars.length; i++)
chars[i] = VALID_CHARACTERS[secRnd.nextInt(chars.length)];
} catch (Exception e) {
log.error("ERROR {}", e.getMessage());
}
return "redirect:" + redirectUrl;
}
@RequestMapping(path = "/oauth2")
public String oauth2Authentication(@RequestParam(value = "code", required = true) String code, Model model) {
log.debug(code);
model.addAttribute("code", code);
return "index";
}
}
/* Copyright 2016 Karlsruhe Institute of Technology (KIT) /*
* Copyright 2016 Karlsruhe Institute of Technology (KIT)
Licensed under the Apache License, Version 2.0 (the "License"); *
you may not use this file except in compliance with the License. * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
You may obtain a copy of the License at * in compliance with the License. You may obtain a copy of the License at
*
http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
package edu.kit.scc;
import java.util.ArrayList; package edu.kit.scc;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import edu.kit.scc.dto.PosixGroup; import edu.kit.scc.dto.PosixGroup;
import edu.kit.scc.dto.PosixUser; import edu.kit.scc.dto.PosixUser;
...@@ -23,147 +16,169 @@ import edu.kit.scc.scim.ScimGroup; ...@@ -23,147 +16,169 @@ import edu.kit.scc.scim.ScimGroup;
import edu.kit.scc.scim.ScimUser; import edu.kit.scc.scim.ScimUser;
import edu.kit.scc.scim.ScimUser.Meta; import edu.kit.scc.scim.ScimUser.Meta;
@Component import org.slf4j.Logger;
public class IdentityHarmonizer { import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
private static final Logger log = LoggerFactory.getLogger(IdentityHarmonizer.class); import org.springframework.stereotype.Component;
@Autowired
private LdapClient ldapClient;
public List<ScimUser> harmonizeIdentities(List<ScimUser> scimUsers) {
ArrayList<ScimUser> linkedUsers = new ArrayList<>();
ScimUser primaryUser = null;
for (ScimUser user : scimUsers) {
if (user.isActive()) {
primaryUser = user;
break;
}
}
if (scimUsers.remove(primaryUser)) {
PosixUser primaryPosixUser = ldapClient.getPosixUser(primaryUser.getUserName());
log.debug("Primary user {}", primaryPosixUser.toString());
Meta metaData = new Meta();
metaData.put("homeDirectory", primaryPosixUser.getHomeDirectory());
metaData.put("cn", primaryPosixUser.getCommonName());
metaData.put("gidNumber", String.valueOf(primaryPosixUser.getGidNumber()));
metaData.put("uid", primaryPosixUser.getUid());
metaData.put("uidNumber", String.valueOf(primaryPosixUser.getUidNumber()));
primaryUser.setMeta(metaData); import java.util.ArrayList;
import java.util.List;
List<PosixGroup> primaryGroups = ldapClient.getUserGroups(primaryUser.getUserName()); @Component
log.debug("Primary groups {}", primaryGroups.toString()); public class IdentityHarmonizer {
primaryUser.setGroups(new ArrayList<>()); private static final Logger log = LoggerFactory.getLogger(IdentityHarmonizer.class);
for (ScimUser secondaryUser : scimUsers) { @Autowired
PosixUser secondaryPosixUser = ldapClient.getPosixUser(secondaryUser.getUserName()); private LdapClient ldapClient;
log.debug("Secondary user {}", secondaryUser.toString());
metaData = new Meta(); /**
metaData.put("homeDirectory", secondaryPosixUser.getHomeDirectory()); * Links the users represented in the JSON serialized list of SCIM user's via LDAP locally.
metaData.put("cn", secondaryPosixUser.getCommonName()); *
metaData.put("gidNumber", String.valueOf(secondaryPosixUser.getGidNumber())); * @param scimUsers the SCIM user's to link
metaData.put("uid", secondaryPosixUser.getUid()); * @return a list of JSON serialized SCIM user's containing the modification information
metaData.put("uidNumber", String.valueOf(secondaryPosixUser.getUidNumber())); */
public List<ScimUser> harmonizeIdentities(List<ScimUser> scimUsers) {
secondaryUser.setMeta(metaData); ArrayList<ScimUser> linkedUsers = new ArrayList<>();
ScimUser primaryUser = null;
List<PosixGroup> secondaryGroups = ldapClient.getUserGroups(secondaryUser.getUserName());
log.debug("Secondary groups {}", secondaryGroups.toString()); for (ScimUser user : scimUsers) {
if (user.isActive()) {
secondaryUser.setGroups(new ArrayList<>()); primaryUser = user;
break;
for (PosixGroup group : primaryGroups) { }
List<String> members = group.getMemberUids(); }
log.debug("Group {} members {}", group.getCommonName(), members);
if (!members.contains(secondaryUser.getUserName())) { if (scimUsers.remove(primaryUser)) {
ldapClient.addGroupMember(group.getCommonName(), secondaryUser.getUserName()); PosixUser primaryPosixUser = ldapClient.getPosixUser(primaryUser.getUserName());
log.debug("Primary user {}", primaryPosixUser.toString());
ScimGroup scimGroup = new ScimGroup();
scimGroup.setDisplay(group.getCommonName()); Meta metaData = new Meta();
scimGroup.setValue(String.valueOf(group.getGidNumber())); metaData.put("homeDirectory", primaryPosixUser.getHomeDirectory());
secondaryUser.getGroups().add(scimGroup); metaData.put("cn", primaryPosixUser.getCommonName());
metaData.put("gidNumber", String.valueOf(primaryPosixUser.getGidNumber()));
log.debug("Adding user {} to group {}", secondaryUser.getUserName(), group.getCommonName()); metaData.put("uid", primaryPosixUser.getUid());
} metaData.put("uidNumber", String.valueOf(primaryPosixUser.getUidNumber()));
}
for (PosixGroup group : secondaryGroups) {
List<String> members = group.getMemberUids();
log.debug("Group members {}", members);
if (!members.contains(primaryUser.getUserName())) {
ldapClient.addGroupMember(group.getCommonName(), primaryUser.getUserName());
ScimGroup scimGroup = new ScimGroup();
scimGroup.setDisplay(group.getCommonName());
scimGroup.setValue(String.valueOf(group.getGidNumber()));
primaryUser.getGroups().add(scimGroup);
log.debug("Adding user {} to group {}", primaryUser.getUserName(), group.getCommonName());
}
}
linkedUsers.add(secondaryUser);
secondaryPosixUser.setUidNumber(primaryPosixUser.getUidNumber());
secondaryPosixUser.setHomeDirectory(primaryPosixUser.getHomeDirectory());
ldapClient.updatePosixUser(secondaryPosixUser);
log.debug("Modified LDAP user {}", secondaryUser.toString());
}
linkedUsers.add(primaryUser);
}
return linkedUsers;
}
public List<ScimUser> unlinkUsers(List<ScimUser> scimUsers) {
ArrayList<ScimUser> unlinkedUsers = new ArrayList<>();
for (ScimUser user : scimUsers) {
PosixUser posixUser = ldapClient.getPosixUser(user.getUserName());
log.debug("Posix user {}", posixUser.toString());
for (ScimGroup group : user.getGroups()) {
ldapClient.removeGroupMember(group.getDisplay(), user.getUserName());
log.debug("Remove user {} from group {}", user.getUserName(), group.getDisplay());
}
if (!user.isActive() && user.getMeta() != null) {
posixUser.setHomeDirectory(user.getMeta().get("homeDirectory"));
posixUser.setUidNumber(Integer.valueOf(user.getMeta().get("uidNumber")));
ldapClient.updatePosixUser(posixUser);
log.debug("Modified LDAP user {}", posixUser.toString());
}
posixUser = ldapClient.getPosixUser(user.getUserName());
Meta metaData = new Meta();
metaData.put("homeDirectory", posixUser.getHomeDirectory());
metaData.put("cn", posixUser.getCommonName());
metaData.put("gidNumber", String.valueOf(posixUser.getGidNumber()));
metaData.put("uid", posixUser.getUid());
metaData.put("uidNumber", String.valueOf(posixUser.getUidNumber()));
user.setGroups(new ArrayList<>()); primaryUser.setMeta(metaData);
List<PosixGroup> posixGroups = ldapClient.getUserGroups(user.getUserName());
for (PosixGroup group : posixGroups) { List<PosixGroup> primaryGroups = ldapClient.getUserGroups(primaryUser.getUserName());
ScimGroup scimGroup = new ScimGroup(); log.debug("Primary groups {}", primaryGroups.toString());
scimGroup.setDisplay(group.getCommonName());
scimGroup.setValue(String.valueOf(group.getGidNumber())); primaryUser.setGroups(new ArrayList<>());
user.getGroups().add(scimGroup);
} for (ScimUser secondaryUser : scimUsers) {
user.setActive(true); PosixUser secondaryPosixUser = ldapClient.getPosixUser(secondaryUser.getUserName());
unlinkedUsers.add(user); log.debug("Secondary user {}", secondaryUser.toString());
}
return unlinkedUsers; metaData = new Meta();
} metaData.put("homeDirectory", secondaryPosixUser.getHomeDirectory());
metaData.put("cn", secondaryPosixUser.getCommonName());
metaData.put("gidNumber", String.valueOf(secondaryPosixUser.getGidNumber()));
metaData.put("uid", secondaryPosixUser.getUid());
metaData.put("uidNumber", String.valueOf(secondaryPosixUser.getUidNumber()));
secondaryUser.setMeta(metaData);
List<PosixGroup> secondaryGroups = ldapClient.getUserGroups(secondaryUser.getUserName());
log.debug("Secondary groups {}", secondaryGroups.toString());
secondaryUser.setGroups(new ArrayList<>());
for (PosixGroup group : primaryGroups) {
List<String> members = group.getMemberUids();
log.debug("Group {} members {}", group.getCommonName(), members);
if (!members.contains(secondaryUser.getUserName())) {
ldapClient.addGroupMember(group.getCommonName(), secondaryUser.getUserName());
ScimGroup scimGroup = new ScimGroup();
scimGroup.setDisplay(group.getCommonName());
scimGroup.setValue(String.valueOf(group.getGidNumber()));
secondaryUser.getGroups().add(scimGroup);
log.debug("Adding user {} to group {}", secondaryUser.getUserName(),
group.getCommonName());
}
}
for (PosixGroup group : secondaryGroups) {
List<String> members = group.getMemberUids();
log.debug("Group members {}", members);
if (!members.contains(primaryUser.getUserName())) {
ldapClient.addGroupMember(group.getCommonName(), primaryUser.getUserName());
ScimGroup scimGroup = new ScimGroup();
scimGroup.setDisplay(group.getCommonName());
scimGroup.setValue(String.valueOf(group.getGidNumber()));
primaryUser.getGroups().add(scimGroup);
log.debug("Adding user {} to group {}", primaryUser.getUserName(),
group.getCommonName());
}
}
linkedUsers.add(secondaryUser);
secondaryPosixUser.setUidNumber(primaryPosixUser.getUidNumber());
secondaryPosixUser.setHomeDirectory(primaryPosixUser.getHomeDirectory());
ldapClient.updatePosixUser(secondaryPosixUser);
log.debug("Modified LDAP user {}", secondaryUser.toString());
}
linkedUsers.add(primaryUser);
}
return linkedUsers;
}
/**
* Unlinks the users represented in the JSON serialized list of SCIM user's via LDAP locally.
*
* @param scimUsers the SCIM user's to unlink
* @return a list of JSON serialized SCIM user's containing the user's information after unlinking
*/
public List<ScimUser> unlinkUsers(List<ScimUser> scimUsers) {
ArrayList<ScimUser> unlinkedUsers = new ArrayList<>();
for (ScimUser user : scimUsers) {
PosixUser posixUser = ldapClient.getPosixUser(user.getUserName());
log.debug("Posix user {}", posixUser.toString());
for (ScimGroup group : user.getGroups()) {
ldapClient.removeGroupMember(group.getDisplay(), user.getUserName());
log.debug("Remove user {} from group {}", user.getUserName(), group.getDisplay());
}
if (!user.isActive() && user.getMeta() != null) {
posixUser.setHomeDirectory(user.getMeta().get("homeDirectory"));
posixUser.setUidNumber(Integer.valueOf(user.getMeta().get("uidNumber")));
ldapClient.updatePosixUser(posixUser);
log.debug("Modified LDAP user {}", posixUser.toString());
}
posixUser = ldapClient.getPosixUser(user.getUserName());
Meta metaData = new Meta();
metaData.put("homeDirectory", posixUser.getHomeDirectory());
metaData.put("cn", posixUser.getCommonName());
metaData.put("gidNumber", String.valueOf(posixUser.getGidNumber()));
metaData.put("uid", posixUser.getUid());
metaData.put("uidNumber", String.valueOf(posixUser.getUidNumber()));
user.setGroups(new ArrayList<>());
List<PosixGroup> posixGroups = ldapClient.getUserGroups(user.getUserName());
for (PosixGroup group : posixGroups) {
ScimGroup scimGroup = new ScimGroup();
scimGroup.setDisplay(group.getCommonName());
scimGroup.setValue(String.valueOf(group.getGidNumber()));
user.getGroups().add(scimGroup);
}
user.setActive(true);
unlinkedUsers.add(user);
}
return unlinkedUsers;
}
} }
/* Copyright 2016 Karlsruhe Institute of Technology (KIT) /*
* Copyright 2016 Karlsruhe Institute of Technology (KIT)
Licensed under the Apache License, Version 2.0 (the "License"); *
you may not use this file except in compliance with the License. * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
You may obtain a copy of the License at * in compliance with the License. You may obtain a copy of the License at
*
http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
*/ */
package edu.kit.scc;
import java.util.List; package edu.kit.scc;
import javax.servlet.http.HttpServletResponse; import edu.kit.scc.scim.ScimUser;
import javax.ws.rs.FormParam;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger; import org.slf4j.Logger;
...@@ -19,7 +17,6 @@ import org.slf4j.LoggerFactory; ...@@ -19,7 +17,6 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
...@@ -27,170 +24,114 @@ import org.springframework.web.bind.annotation.RequestMethod; ...@@ -27,170 +24,114 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens; import java.util.List;
import edu.kit.scc.http.HttpResponse; import javax.servlet.http.HttpServletResponse;
import edu.kit.scc.oidc.OidcClient;
import edu.kit.scc.regapp.RegAppClient;
import edu.kit.scc.scim.ScimListResponse;
import edu.kit.scc.scim.ScimUser;
@RestController @RestController
@RequestMapping("/rest") @RequestMapping("/rest")
public class RestServiceController { public class RestServiceController {
private static Logger log = LoggerFactory.getLogger(RestServiceController.class); private static Logger log = LoggerFactory.getLogger(RestServiceController.class);
@Value("${rest.serviceUsername}") @Value("${rest.serviceUsername}")
private String restUser; private String restUser;
@Value("${rest.servicePassword}") @Value("${rest.servicePassword}")
private String restPassword; private String restPassword;
@Autowired @Autowired
private RegAppClient regAppClient; private IdentityHarmonizer identityHarmonizer;
@Autowired /**
private OidcClient oidcClient; * Linking endpoint.
*
@Autowired * @param basicAuthorization authorization header value
private IdentityHarmonizer identityHarmonizer; * @param scimUsers a JSON serialized list of SCIM users for linking
* @param response the HttpServletResponse
@RequestMapping(<