Commit 6b55fde8 authored by Abhishek Patil's avatar Abhishek Patil Committed by Kishore Battula
Browse files

Revert "Upgrading core-lib-azure version. Using AzureServicePrincipal class from core-lib-azure."

This reverts commit 35549b85
parent 1fd77123
......@@ -60,7 +60,7 @@
<springfox-version>2.7.0</springfox-version>
<reactor.netty.version>0.9.0.RELEASE</reactor.netty.version>
<reactor.core.version>3.3.0.RELEASE</reactor.core.version>
<osdu.azurecore.version>0.0.19</osdu.azurecore.version>
<osdu.azurecore.version>0.0.29</osdu.azurecore.version>
</properties>
<licenses>
......
......@@ -16,6 +16,8 @@ package org.opengroup.osdu.azure.entitlements.di;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
import org.opengroup.osdu.azure.KeyVaultFacade;
import org.opengroup.osdu.azure.util.AzureServicePrincipal;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
......@@ -36,9 +38,6 @@ public class AzureBootstrapConfig {
@Value("${spring.application.name}")
private String springAppName ;
@Value("${azure.oath2.uri}")
private String oath2URI;
@Value("${azure.graph.uri}")
private String graphURI;
......@@ -57,19 +56,19 @@ public class AzureBootstrapConfig {
@Bean
@Named("APP_DEV_SP_TENANT_ID")
public String appDevSpTenantId(SecretClient kv) {
return getKeyVaultSecret(kv, "app-dev-sp-tenant-id");
return KeyVaultFacade.getSecretWithValidation(kv, "app-dev-sp-tenant-id");
}
@Bean
@Named("APP_DEV_SP_USERNAME")
public String appDevSpUsername(SecretClient kv) {
return getKeyVaultSecret(kv, "app-dev-sp-username");
return KeyVaultFacade.getSecretWithValidation(kv, "app-dev-sp-username");
}
@Bean
@Named("APP_DEV_SP_PASSWORD")
public String appDevSpPassword(SecretClient kv) {
return getKeyVaultSecret(kv, "app-dev-sp-password");
return KeyVaultFacade.getSecretWithValidation(kv, "app-dev-sp-password");
}
@Bean
......@@ -96,10 +95,6 @@ public class AzureBootstrapConfig {
return keyVaultURL;
}
@Bean
@Named("OATH2_URI")
public String oath2URI() { return oath2URI; }
@Bean
@Named("GRAPH_URI")
public String graphURI() { return graphURI; }
......@@ -123,27 +118,15 @@ public class AzureBootstrapConfig {
@Bean
@Named("COSMOS_ENDPOINT")
public String cosmosEndpoint(SecretClient kv) {
return getKeyVaultSecret(kv, "cosmos-endpoint");
return KeyVaultFacade.getSecretWithValidation(kv, "cosmos-endpoint");
}
@Bean
@Named("COSMOS_KEY")
public String cosmosKey(SecretClient kv) {
return getKeyVaultSecret(kv, "cosmos-primary-key");
return KeyVaultFacade.getSecretWithValidation(kv, "cosmos-primary-key");
}
String getKeyVaultSecret(SecretClient kv, String secretName) {
KeyVaultSecret secret = kv.getSecret(secretName);
if (secret == null) {
throw new IllegalStateException(String.format("No secret found with name %s", secretName));
}
String secretValue = secret.getValue();
if (secretValue == null) {
throw new IllegalStateException(String.format(
"Secret unexpectedly missing from KeyVault response for secret with name %s", secretName));
}
return secretValue;
}
@Bean
public AzureServicePrincipal getAzureServicePrincipal() { return new AzureServicePrincipal(); }
}
......@@ -26,7 +26,7 @@ import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.opengroup.osdu.azure.entitlements.security.AzureServicePrincipal;
import org.opengroup.osdu.azure.util.AzureServicePrincipal;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.springframework.beans.factory.annotation.Autowired;
......
// Copyright © Microsoft Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package org.opengroup.osdu.azure.entitlements.security;
import com.google.gson.Gson;
import com.google.gson.JsonObject;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import javax.inject.Inject;
import javax.inject.Named;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
@Service
public class AzureServicePrincipal {
@Autowired
private JaxRsDpsLog logger;
@Inject
@Named("OATH2_URI")
public String oath2URI;
/**
* Method to get an oauth2 token.
* @param sp_id
* @param sp_secret
* @param tenant_id
* @param app_resource_id
* @return The oauth2 token.
* @throws Exception
*/
public String getIdToken(String sp_id, String sp_secret, String tenant_id, String app_resource_id) throws Exception {
String aad_endpoint = oath2URI + "/" + tenant_id + "/oauth2/token";
URL url = new URL(aad_endpoint);
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
Map<String, String> parameters = new HashMap<>();
parameters.put("grant_type", "client_credentials");
parameters.put("client_id", sp_id);
parameters.put("client_secret", sp_secret);
parameters.put("resource", app_resource_id);
con.setDoOutput(true);
DataOutputStream out = new DataOutputStream(con.getOutputStream());
out.writeBytes(getParamsString(parameters));
out.flush();
out.close();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer content = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
content.append(inputLine);
}
in.close();
con.disconnect();
Gson gson = new Gson();
JsonObject jobj = gson.fromJson(content.toString(), JsonObject.class);
String token = jobj.get("access_token").getAsString();
return token;
}
/**
* Method to get the string representation for the parameters.
* @param params
* @return The string representation.
* @throws UnsupportedEncodingException
*/
private static String getParamsString(Map<String, String> params)
throws UnsupportedEncodingException {
StringBuilder result = new StringBuilder();
for (Map.Entry<String, String> entry : params.entrySet()) {
result.append(URLEncoder.encode(entry.getKey(), "UTF-8"));
result.append("=");
result.append(URLEncoder.encode(entry.getValue(), "UTF-8"));
result.append("&");
}
String resultString = result.toString();
return resultString.length() > 0
? resultString.substring(0, resultString.length() - 1)
: resultString;
}
}
......@@ -49,9 +49,6 @@ azure.graph.uri=https://graph.microsoft.com/v1.0/
# Azure Graph Resource ID
azure.graph.resourceid=https://graph.microsoft.com
# Azure Oath2 URI
azure.oath2.uri=https://login.microsoftonline.com
# Azure Graph URI
azure.graph-api.uri=https://graph.windows.net
......
......@@ -27,26 +27,6 @@ public class AzureBootstrapConfigTest {
private AzureBootstrapConfig bootstrapConfig = new AzureBootstrapConfig();
private SecretClient kv = Mockito.mock(SecretClient.class);
@Test(expected = IllegalStateException.class)
public void kvSecret_checksForNullResponse() {
// the null response is the default behavior, but its included here
// to be explicit
doReturn(null).when(kv).getSecret("secret-name");
bootstrapConfig.getKeyVaultSecret(kv, "secret-name");
}
@Test(expected = IllegalStateException.class)
public void kvSecret_checksForNullValueWithinResponse() {
KeyVaultSecret secret = Mockito.mock(KeyVaultSecret.class);
// the null response is the default behavior, but its included here
// to be explicit
doReturn(null).when(secret).getValue();
doReturn(secret).when(kv).getSecret("secret-name");
bootstrapConfig.getKeyVaultSecret(kv, "secret-name");
}
@Test
public void config_returnsCorrectSecret_cosmosKey() {
KeyVaultSecret secret = Mockito.mock(KeyVaultSecret.class);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment