diff --git a/NOTICE b/NOTICE
index 4ac14f2772cf946379daa092a4901164cf8bd308..cf207af2adc5e5e9f7438c830089849e874aaec6 100644
--- a/NOTICE
+++ b/NOTICE
@@ -397,6 +397,7 @@ The following software have components provided under the terms of this license:
- JSON library from Android SDK (from http://developer.android.com/sdk)
- JSON.simple (from http://code.google.com/p/json-simple/)
- JSONassert (from https://github.com/skyscreamer/JSONassert)
+- JSR107 API and SPI (from https://github.com/jsr107/jsr107spec)
- Jackson (from http://jackson.codehaus.org)
- Jackson (from http://jackson.codehaus.org)
- Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://repo1.maven.org/maven2/com/google/http-client/google-http-client-jackson2)
@@ -680,6 +681,12 @@ The following software have components provided under the terms of this license:
- proto-google-common-protos (from https://github.com/googleapis/java-iam/proto-google-common-protos)
- proto-google-iam-v1 (from https://github.com/googleapis/java-iam/proto-google-iam-v1)
- rank-eval (from https://github.com/elastic/elasticsearch)
+- resilience4j (from https://github.com/resilience4j/resilience4j)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://resilience4j.readme.io)
+- resilience4j (from https://github.com/resilience4j/resilience4j)
- resilience4j (from https://resilience4j.readme.io)
- resilience4j (from https://resilience4j.readme.io)
- rest (from https://github.com/elastic/elasticsearch)
@@ -695,6 +702,7 @@ The following software have components provided under the terms of this license:
- spring-boot-starter (from https://spring.io/projects/spring-boot)
- spring-boot-starter-actuator (from https://spring.io/projects/spring-boot)
- spring-boot-starter-amqp (from https://spring.io/projects/spring-boot)
+- spring-boot-starter-aop (from https://spring.io/projects/spring-boot)
- spring-boot-starter-data-mongodb (from https://spring.io/projects/spring-boot)
- spring-boot-starter-jersey (from https://spring.io/projects/spring-boot)
- spring-boot-starter-json (from https://spring.io/projects/spring-boot)
@@ -908,6 +916,7 @@ EPL-1.0
========================================================================
The following software have components provided under the terms of this license:
+- AspectJ Weaver (from https://www.eclipse.org/aspectj/)
- Logback Classic Module (from https://repo1.maven.org/maven2/ch/qos/logback/logback-classic)
- Logback Contrib :: JSON :: Classic (from https://repo1.maven.org/maven2/ch/qos/logback/contrib/logback-json-classic)
- Logback Contrib :: JSON :: Core (from https://repo1.maven.org/maven2/ch/qos/logback/contrib/logback-json-core)
diff --git a/provider/indexer-azure/pom.xml b/provider/indexer-azure/pom.xml
index 47ae8f8994c291fc38e2d515aa48b82be5d7c8d4..c277281904b8a93175b79ae9de8c917e70bd8155 100644
--- a/provider/indexer-azure/pom.xml
+++ b/provider/indexer-azure/pom.xml
@@ -21,12 +21,12 @@
org.opengroup.osdu.indexer
indexer-service
- 0.11.0
+ 0.12.0-SNAPSHOT
../../pom.xml
indexer-azure
- 0.11.0
+ 0.12.0-SNAPSHOT
indexer-azure
Indexer Service Azure
jar
@@ -39,7 +39,7 @@
2.11.2
8.2
- 0.11.0
+ 0.12.0-SNAPSHOT
1.1.1.RELEASE
0.12.0-rc9
0.9.12.RELEASE
diff --git a/provider/indexer-azure/src/main/java/org/opengroup/osdu/indexer/azure/util/ServiceAccountJwtClientImpl.java b/provider/indexer-azure/src/main/java/org/opengroup/osdu/indexer/azure/util/ServiceAccountJwtClientImpl.java
index 202dd483b059254566f8cc3b971e678934f6db94..12ff2ac7990717e41ff96496bc48e65accdcb055 100644
--- a/provider/indexer-azure/src/main/java/org/opengroup/osdu/indexer/azure/util/ServiceAccountJwtClientImpl.java
+++ b/provider/indexer-azure/src/main/java/org/opengroup/osdu/indexer/azure/util/ServiceAccountJwtClientImpl.java
@@ -14,29 +14,19 @@
package org.opengroup.osdu.indexer.azure.util;
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.exceptions.JWTDecodeException;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-import com.microsoft.aad.adal4j.ClientCredential;
import org.apache.http.HttpStatus;
-
+import org.opengroup.osdu.azure.util.AzureServicePrincipleTokenService;
import org.opengroup.osdu.core.common.logging.JaxRsDpsLog;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.model.http.DpsHeaders;
-import org.opengroup.osdu.core.common.model.search.IdToken;
import org.opengroup.osdu.core.common.model.tenant.TenantInfo;
-import org.opengroup.osdu.core.common.provider.interfaces.IJwtCache;
import org.opengroup.osdu.core.common.provider.interfaces.ITenantFactory;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.annotation.RequestScope;
import javax.inject.Inject;
-import javax.inject.Named;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
@Component
@RequestScope
@@ -48,76 +38,23 @@ public class ServiceAccountJwtClientImpl implements IServiceAccountJwtClient {
@Inject
private DpsHeaders dpsHeaders;
- @Inject
- private IJwtCache cacheService;
-
@Inject
private JaxRsDpsLog log;
- @Inject
- @Named("AAD_OBO_API")
- private String authAPI;
+ @Autowired
+ private AzureServicePrincipleTokenService tokenService;
- @Inject
- @Named("AUTH_CLIENT_ID")
- private String authClientID;
-
- @Inject
- @Named("AUTH_CLIENT_SECRET")
- private String authClientSecret;
-
- @Inject
- @Named("AUTH_URL")
- private String authURL;
+ @Override
+ public String getIdToken(String partitionId){
- public String getIdToken(String tenantName) {
- this.log.info("Tenant name received for auth token is: " + tenantName);
- TenantInfo tenant = this.tenantInfoServiceProvider.getTenantInfo(tenantName);
+ TenantInfo tenant = this.tenantInfoServiceProvider.getTenantInfo(partitionId);
if (tenant == null) {
this.log.error("Invalid tenant name receiving from azure");
throw new AppException(HttpStatus.SC_BAD_REQUEST, "Invalid tenant Name", "Invalid tenant Name from azure");
}
- String ACCESS_TOKEN = "";
- try {
- IdToken cachedToken = (IdToken) this.cacheService.get(tenant.getServiceAccount());
- this.dpsHeaders.put(DpsHeaders.USER_EMAIL, tenant.getServiceAccount());
-
- if (!IdToken.refreshToken(cachedToken)) {
- return cachedToken.getTokenValue();
- }
-
- ExecutorService service = Executors.newFixedThreadPool(1);
- AuthenticationContext context = null;
-
- try {
- context = new AuthenticationContext(authURL, false, service);
- ClientCredential credential = new ClientCredential(authClientID, authClientSecret);
- Future future = context.acquireToken(authAPI, credential, null);
-
- ACCESS_TOKEN = future.get().getAccessToken();
-
- if (future == null) {
- log.error(String.format("Azure Authentication: %s", future.get().getAccessToken()));
- throw new AppException(HttpStatus.SC_FORBIDDEN, "Access denied", "The user is not authorized to perform this action");
- }
- IdToken idToken = IdToken.builder().tokenValue(ACCESS_TOKEN).expirationTimeMillis(JWT.decode(ACCESS_TOKEN).getExpiresAt().getTime()).build();
-
- this.cacheService.put(tenant.getServiceAccount(), idToken);
-
- } catch (InterruptedException e) {
- e.printStackTrace();
- } finally {
- service.shutdown();
- }
- } catch (JWTDecodeException e) {
- throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Persistence error", "Invalid token, error decoding", e);
- } catch (AppException e) {
- throw e;
- } catch (Exception e) {
- throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Persistence error", "Error generating token", e);
- }
+ this.dpsHeaders.put(DpsHeaders.USER_EMAIL, tenant.getServiceAccount());
- return ACCESS_TOKEN;
+ return this.tokenService.getAuthorizationToken();
}
}