First changes on entitlements to integration tests

testing/indexer-test-aws/pom.xml

@@ -125,4 +125,22 @@
             <version>27.1-jre</version>
         </dependency>
     </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.5</version>
+                <configuration>
+                    <systemPropertyVariables>
+                        <AWS_COGNITO_CLIENT_ID>3rmgmg8mup281ttc1mbut1pimc</AWS_COGNITO_CLIENT_ID>
+                        <AWS_COGNITO_AUTH_FLOW>USER_PASSWORD_AUTH</AWS_COGNITO_AUTH_FLOW>
+                        <AWS_COGNITO_AUTH_PARAMS_USER>test-user-with-access@testing.com</AWS_COGNITO_AUTH_PARAMS_USER>
+                        <AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS>test-user-without-access@testing.com</AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS>
+                        <AWS_COGNITO_AUTH_PARAMS_PASSWORD>Password123*</AWS_COGNITO_AUTH_PARAMS_PASSWORD>
+                    </systemPropertyVariables>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
 </project>
\ No newline at end of file

testing/indexer-test-aws/src/test/java/org/opengroup/osdu/util/AWSHTTPClient.java

@@ -16,7 +16,7 @@ public class AWSHTTPClient extends HTTPClient {
         if(token == null) {
             try {
                 token = "Bearer " + JwtTokenUtil.getAccessToken();
-            } catch (IOException e) {
+            } catch (Exception e) {
                 e.printStackTrace();
             }
         }

testing/indexer-test-aws/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java

 package org.opengroup.osdu.util;
 
-import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
-import com.google.api.client.json.JsonFactory;
-import com.google.api.client.json.jackson2.JacksonFactory;
-import com.google.api.client.json.webtoken.JsonWebSignature;
-import com.google.api.client.json.webtoken.JsonWebToken;
-import com.google.api.client.util.Clock;
-import com.google.common.base.Strings;
-import com.google.gson.Gson;
-import lombok.Data;
-import org.apache.commons.io.Charsets;
-import org.apache.commons.io.IOUtils;
-import org.apache.http.HttpResponse;
-import org.apache.http.NameValuePair;
-import org.apache.http.client.entity.UrlEncodedFormEntity;
-import org.apache.http.client.methods.HttpPost;
-import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.apache.http.message.BasicNameValuePair;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-import java.util.ArrayList;
-import java.util.Base64;
-import java.util.List;
+import org.opengroup.osdu.core.aws.cognito.AWSCognitoClient;
 
 class JwtTokenUtil {
-
-    private static String accessToken;
-
-    static String getAccessToken() throws IOException {
-
-        if (Strings.isNullOrEmpty(accessToken)) {
-            accessToken = getServiceAccountAccessToken(getJwtForIntegrationTesterAccount());
-        }
-        return accessToken;
-    }
-
-    private static String getServiceAccountAccessToken(String key) throws IOException {
-
-        try (CloseableHttpClient httpClient = HttpClientBuilder.create().build()) {
-
-            List<NameValuePair> parameters = new ArrayList<>();
-            parameters.add(new BasicNameValuePair("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer"));
-            parameters.add(new BasicNameValuePair("assertion", key));
-
-            HttpPost postRequest = new HttpPost("https://www.googleapis.com/oauth2/v4/token");
-            postRequest.addHeader("Content-Type", "application/x-www-form-urlencoded");
-            postRequest.setEntity(new UrlEncodedFormEntity(parameters));
-
-            HttpResponse response = httpClient.execute(postRequest);
-            String responseContent = IOUtils.toString(response.getEntity().getContent(), Charsets.toCharset("UTF-8"));
-
-            JwtTokenUtil.ResponseToken responseToken = new Gson().fromJson(responseContent, JwtTokenUtil.ResponseToken.class);
-
-            return responseToken.getId_token();
-        }
-    }
-
-    private static String getJwtForIntegrationTesterAccount() throws IOException {
-        String serviceAccountFile = Config.getKeyValue();
-        return getJwt(serviceAccountFile);
-    }
-
-    private static String getJwt(String serviceAccountFile) throws IOException {
-
-        String targetAudience = Config.getTargetAudience();
-        long currentTime = Clock.SYSTEM.currentTimeMillis();
-
-        InputStream stream = new ByteArrayInputStream(Base64.getDecoder().decode(serviceAccountFile));
-        GoogleCredential credential = GoogleCredential.fromStream(stream);
-
-        JsonWebSignature.Header header = new JsonWebSignature.Header();
-        header.setAlgorithm("RS256");
-        header.setType("JWT");
-        header.setKeyId(credential.getServiceAccountPrivateKeyId());
-
-        JsonWebSignature.Payload payload = new JsonWebToken.Payload();
-        payload.setIssuedAtTimeSeconds(currentTime / 1000);
-        payload.setExpirationTimeSeconds(currentTime / 1000 + 3600);
-        payload.setAudience("https://www.googleapis.com/oauth2/v4/token");
-        payload.setIssuer(credential.getServiceAccountId());
-        payload.set("target_audience", targetAudience);
-
-        JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
-        String signedJwt = null;
-        try {
-            signedJwt = JsonWebSignature.signUsingRsaSha256(credential.getServiceAccountPrivateKey(), jsonFactory, header, payload);
-        } catch (GeneralSecurityException e) {
-            e.printStackTrace();
-        }
-
-        return signedJwt;
-    }
-
-    @Data
-    class ResponseToken {
-        public String id_token;
+    static String getAccessToken() {
+        String clientId = Config.getAWSCognitoClientId();
+        String authFlow = Config.getAWSCognitoAuthFlow();
+        String user = Config.getAWSCognitoUser();
+        String password = Config.getAWSCognitoPassword();
+        AWSCognitoClient client = new AWSCognitoClient(clientId, authFlow, user, password);
+        return client.getTokenForUserWithAccess();
     }
 }

testing/indexer-test-core/pom.xml

@@ -115,5 +115,16 @@
             <artifactId>guava</artifactId>
             <version>27.1-jre</version>
         </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk</artifactId>
+            <version>1.11.651</version>
+        </dependency>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-core</artifactId>
+            <version>1.11.651</version>
+        </dependency>
     </dependencies>
 </project>
\ No newline at end of file

testing/indexer-test-core/src/main/java/org/opengroup/osdu/util/Config.java

@@ -74,6 +74,22 @@ public class Config {
         return getEnvironmentVariableOrDefaultValue("ENTITLEMENTS_DOMAIN", DEFAULT_ENTITLEMENTS_DOMAIN);
     }
 
+    public static String getAWSCognitoClientId() {
+        return getEnvironmentVariableOrDefaultValue("AWS_COGNITO_CLIENT_ID", "");
+    }
+
+    public static String getAWSCognitoAuthFlow() {
+        return getEnvironmentVariableOrDefaultValue("AWS_COGNITO_AUTH_FLOW", "");
+    }
+
+    public static String getAWSCognitoUser() {
+        return getEnvironmentVariableOrDefaultValue("AWS_COGNITO_AUTH_PARAMS_USER", "");
+    }
+
+    public static String getAWSCognitoPassword() {
+        return getEnvironmentVariableOrDefaultValue("AWS_COGNITO_AUTH_PARAMS_PASSWORD", "");
+    }
+
     private static String getEnvironmentVariableOrDefaultValue(String key, String defaultValue) {
         String environmentVariable = getEnvironmentVariable(key);
         if (environmentVariable == null) {