Merge branch 'abpatil/token_generation' into 'master'

Using AzureServicePrincipleTokenService in implementation for IServiceAccountJwtClient

See merge request !190

NOTICE

@@ -397,6 +397,7 @@ The following software have components provided under the terms of this license:
 - JSON library from Android SDK (from http://developer.android.com/sdk)
 - JSON.simple (from http://code.google.com/p/json-simple/)
 - JSONassert (from https://github.com/skyscreamer/JSONassert)
+- JSR107 API and SPI (from https://github.com/jsr107/jsr107spec)
 - Jackson (from http://jackson.codehaus.org)
 - Jackson (from http://jackson.codehaus.org)
 - Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson2)
@@ -680,6 +681,12 @@ The following software have components provided under the terms of this license:
 - proto-google-common-protos (from https://github.com/googleapis/java-iam/proto-google-common-protos)
 - proto-google-iam-v1 (from https://github.com/googleapis/java-iam/proto-google-iam-v1)
 - rank-eval (from https://github.com/elastic/elasticsearch)
+- resilience4j (from https://github.com/resilience4j/resilience4j)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://github.com/resilience4j/resilience4j)
 - resilience4j (from https://resilience4j.readme.io)
 - resilience4j (from https://resilience4j.readme.io)
 - rest (from https://github.com/elastic/elasticsearch)
@@ -695,6 +702,7 @@ The following software have components provided under the terms of this license:
 - spring-boot-starter (from https://spring.io/projects/spring-boot)
 - spring-boot-starter-actuator (from https://spring.io/projects/spring-boot)
 - spring-boot-starter-amqp (from https://spring.io/projects/spring-boot)
+- spring-boot-starter-aop (from https://spring.io/projects/spring-boot)
 - spring-boot-starter-data-mongodb (from https://spring.io/projects/spring-boot)
 - spring-boot-starter-jersey (from https://spring.io/projects/spring-boot)
 - spring-boot-starter-json (from https://spring.io/projects/spring-boot)
@@ -908,6 +916,7 @@ EPL-1.0
 ========================================================================
 The following software have components provided under the terms of this license:
 
+- AspectJ Weaver (from https://www.eclipse.org/aspectj/)
 - Logback Classic Module (from https://repo1.maven.org/maven2/ch/qos/logback/logback-classic)
 - Logback Contrib :: JSON :: Classic (from https://repo1.maven.org/maven2/ch/qos/logback/contrib/logback-json-classic)
 - Logback Contrib :: JSON :: Core (from https://repo1.maven.org/maven2/ch/qos/logback/contrib/logback-json-core)

provider/indexer-azure/pom.xml

@@ -41,7 +41,7 @@
         <nimbus-jose-jwt.version>8.2</nimbus-jose-jwt.version>
         <indexer-core.version>0.12.0-SNAPSHOT</indexer-core.version>
         <spring-security-jwt.version>1.1.1.RELEASE</spring-security-jwt.version>
-        <osdu.corelibazure.version>0.10.1</osdu.corelibazure.version>
+        <osdu.corelibazure.version>0.11.0-rc5</osdu.corelibazure.version>
         <reactor-netty.version>0.9.12.RELEASE</reactor-netty.version>
         <java-jwt.version>3.8.1</java-jwt.version>
         <powermock.version>2.0.2</powermock.version>

provider/indexer-azure/src/main/java/org/opengroup/osdu/indexer/azure/util/ServiceAccountJwtClientImpl.java

@@ -14,29 +14,19 @@
 
 package org.opengroup.osdu.indexer.azure.util;
 
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.exceptions.JWTDecodeException;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-import com.microsoft.aad.adal4j.ClientCredential;
 import org.apache.http.HttpStatus;
-
+import org.opengroup.osdu.azure.util.AzureServicePrincipleTokenService;
 import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
 import org.opengroup.osdu.core.common.model.http.AppException;
 import org.opengroup.osdu.core.common.model.http.DpsHeaders;
-import org.opengroup.osdu.core.common.model.search.IdToken;
 import org.opengroup.osdu.core.common.model.tenant.TenantInfo;
-import org.opengroup.osdu.core.common.provider.interfaces.IJwtCache;
 import org.opengroup.osdu.core.common.provider.interfaces.ITenantFactory;
 import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.web.context.annotation.RequestScope;
 
 import javax.inject.Inject;
-import javax.inject.Named;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
 
 @Component
 @RequestScope
@@ -48,76 +38,23 @@ public class ServiceAccountJwtClientImpl implements IServiceAccountJwtClient {
     @Inject
     private DpsHeaders dpsHeaders;
 
-    @Inject
-    private IJwtCache cacheService;
-
     @Inject
     private JaxRsDpsLog log;
 
-    @Inject
-    @Named("AAD_OBO_API")
-    private String authAPI;
+    @Autowired
+    private AzureServicePrincipleTokenService tokenService;
 
-    @Inject
-    @Named("AUTH_CLIENT_ID")
-    private String authClientID;
-
-    @Inject
-    @Named("AUTH_CLIENT_SECRET")
-    private String authClientSecret;
-
-    @Inject
-    @Named("AUTH_URL")
-    private String authURL;
+    @Override
+    public String getIdToken(String partitionId){
 
-    public String getIdToken(String tenantName) {
-        this.log.info("Tenant name received for auth token is: " + tenantName);
-        TenantInfo tenant = this.tenantInfoServiceProvider.getTenantInfo(tenantName);
+        TenantInfo tenant = this.tenantInfoServiceProvider.getTenantInfo(partitionId);
         if (tenant == null) {
             this.log.error("Invalid tenant name receiving from azure");
             throw new AppException(HttpStatus.SC_BAD_REQUEST, "Invalid tenant Name", "Invalid tenant Name from azure");
         }
-        String ACCESS_TOKEN = "";
-        try {
 
-            IdToken cachedToken = (IdToken) this.cacheService.get(tenant.getServiceAccount());
-            this.dpsHeaders.put(DpsHeaders.USER_EMAIL, tenant.getServiceAccount());
-
-            if (!IdToken.refreshToken(cachedToken)) {
-                return cachedToken.getTokenValue();
-            }
-
-            ExecutorService service = Executors.newFixedThreadPool(1);
-            AuthenticationContext context = null;
-
-            try {
-                context = new AuthenticationContext(authURL, false, service);
-                ClientCredential credential = new ClientCredential(authClientID, authClientSecret);
-                Future<AuthenticationResult> future = context.acquireToken(authAPI, credential, null);
-
-                ACCESS_TOKEN =  future.get().getAccessToken();
-
-                if (future == null) {
-                    log.error(String.format("Azure Authentication: %s", future.get().getAccessToken()));
-                    throw new AppException(HttpStatus.SC_FORBIDDEN, "Access denied", "The user is not authorized to perform this action");
-                }
-                IdToken idToken = IdToken.builder().tokenValue(ACCESS_TOKEN).expirationTimeMillis(JWT.decode(ACCESS_TOKEN).getExpiresAt().getTime()).build();
-
-                this.cacheService.put(tenant.getServiceAccount(), idToken);
-
-            } catch (InterruptedException e) {
-                e.printStackTrace();
-            } finally {
-                service.shutdown();
-            }
-        } catch (JWTDecodeException e) {
-            throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Persistence error", "Invalid token, error decoding", e);
-        } catch (AppException e) {
-            throw e;
-        } catch (Exception e) {
-            throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Persistence error", "Error generating token", e);
-        }
+        this.dpsHeaders.put(DpsHeaders.USER_EMAIL, tenant.getServiceAccount());
 
-        return ACCESS_TOKEN;
+        return this.tokenService.getAuthorizationToken();
     }
 }