Commit 0a62195b authored by Wyatt Nielsen's avatar Wyatt Nielsen Committed by Rucha Deshpande
Browse files

Pull Oauth parameters from SSM

commit 51f4580a
Author: Wyatt Nielsen <wyatt.nielsen@parivedasolutions.com>
Date: Mon Dec 14 2020 20:47:37 GMT-0600 (Central Standard Time)

    Pull oAuth parameters from SSM

commit 8f4fd0df
Author: Wyatt Nielsen <wyatt.nielsen@parivedasolutions.com>
Date: Wed Dec 09 2020 17:05:13 GMT-0600 (Central Standard Time)

    Pull oAuth parameters from SSM
parent 8acc61df
Pipeline #19363 failed with stages
in 16 minutes and 53 seconds
......@@ -61,7 +61,7 @@
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
<version>0.3.12</version>
<version>0.3.14</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
......
......@@ -13,9 +13,15 @@
// limitations under the License.
package org.opengroup.osdu.aws.entitlements.utils;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement;
import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder;
import com.amazonaws.services.simplesystemsmanagement.model.GetParameterRequest;
import com.amazonaws.services.simplesystemsmanagement.model.GetParameterResult;
import org.opengroup.osdu.core.aws.dynamodb.DynamoDBQueryHelper;
import org.opengroup.osdu.core.aws.dynamodb.QueryPageResult;
import org.opengroup.osdu.core.aws.entitlements.*;
import org.opengroup.osdu.core.aws.iam.IAMConfig;
import org.opengroup.osdu.core.aws.lambda.HttpStatusCodes;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -34,17 +40,14 @@ public class EntitlementsHelper {
@Autowired
private GroupsUtil2 groupUtil2;
@Value("${aws.userInfo.url}")
private String userInfoUrl;
@Value("${aws.region}")
private String awsRegion;
@Value("${aws.environment}")
private String awsEnvironment;
@Value("${aws.oauth.custom.scope}")
private String awsOauthCustomScope;
private AWSSimpleSystemsManagement ssmManager;
private AWSCredentialsProvider amazonAWSCredentials = IAMConfig.amazonAWSCredentials();
String error_msg="";
......@@ -137,9 +140,11 @@ public class EntitlementsHelper {
public String validateJwt(Map<String, String> headers)
{
String oauth_custom_scope = "/osdu/" + awsEnvironment + "/oauth-custom-scope";
String oauthCustomScope = getSsmParameter(oauth_custom_scope);
int httpStatusCode = HttpStatusCodes.UNASSIGNED;
Authorizer authorizer = new Authorizer(awsRegion);
Authorizer authorizer = new Authorizer(awsRegion, awsEnvironment);
String memberEmail=null;
// check for valid JWT
// authorization header is lowercase in osdu services but standard is uppercase first letter
......@@ -154,7 +159,7 @@ public class EntitlementsHelper {
}
memberEmail = authorizer.validateJWT(authorizationContents,awsOauthCustomScope,awsEnvironment);
memberEmail = authorizer.validateJWT(authorizationContents,oauthCustomScope);
if(memberEmail == null)
......@@ -168,4 +173,18 @@ public class EntitlementsHelper {
}
}
private AWSSimpleSystemsManagement getSsmManager () {
if (this.ssmManager == null) {
this.ssmManager = (AWSSimpleSystemsManagement)((AWSSimpleSystemsManagementClientBuilder)((AWSSimpleSystemsManagementClientBuilder)AWSSimpleSystemsManagementClientBuilder.standard().withCredentials(this.amazonAWSCredentials)).withRegion(awsRegion)).build();
}
return this.ssmManager;
}
private String getSsmParameter(String parameterKey) {
GetParameterRequest paramRequest = (new GetParameterRequest()).withName(parameterKey).withWithDecryption(true);
GetParameterResult paramResult = getSsmManager().getParameter(paramRequest);
return paramResult.getParameter().getValue();
}
}
......@@ -32,8 +32,4 @@ aws.entitlements.default.role = ${DEFAULT_ROLE:OWNER}
aws.entitlements.default.limitAmount = ${DEFAULT_LIMIT_AMOUNT:1000000}
aws.userInfo.url=${OAUTH_USERINFO_ENDPOINT}
aws.environment=${ENVIRONMENT}
aws.oauth.custom.scope=${OAUTH_CUSTOM_SCOPE}
\ No newline at end of file
aws.environment=${ENVIRONMENT}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment