Commit e6b0576e authored by Rustam Lotsmanenko (EPAM)'s avatar Rustam Lotsmanenko (EPAM)
Browse files

temp fix for policy integration

parent cf571a7e
Pipeline #43330 passed with stages
in 32 minutes
package org.opengroup.osdu.search.provider.gcp.di;
import lombok.RequiredArgsConstructor;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.stereotype.Component;
//TODO temp fix for policy integration
@Component
@RequiredArgsConstructor
public class GCPJwtClientProvider extends AbstractFactoryBean<IServiceAccountJwtClient> {
@Value("${GOOGLE_AUDIENCES}")
private String audience;
@Override
public Class<?> getObjectType() {
return GcpServiceAccountJwtClient.class;
}
@Override
protected IServiceAccountJwtClient createInstance() throws Exception {
GcpServiceAccountJwtClient serviceAccountJwtClient = new GcpServiceAccountJwtClient(audience);
return serviceAccountJwtClient;
}
}
package org.opengroup.osdu.search.provider.gcp.di;
import com.google.auth.oauth2.AccessToken;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.auth.oauth2.IdTokenCredentials;
import com.google.auth.oauth2.IdTokenProvider;
import java.io.IOException;
import java.util.Objects;
import org.apache.http.HttpStatus;
import org.opengroup.osdu.core.common.model.http.AppException;
import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
//TODO temp fix for policy integration
public class GcpServiceAccountJwtClient implements IServiceAccountJwtClient {
private IdTokenProvider idTokenProvider;
private String targetAudience;
public GcpServiceAccountJwtClient(IdTokenProvider idTokenProvider, String targetAudience) {
this.idTokenProvider = idTokenProvider;
this.targetAudience = targetAudience;
}
public GcpServiceAccountJwtClient(String targetAudience) {
this.targetAudience = targetAudience;
}
@Override
public String getIdToken(String serviceAccount) {
try {
if (Objects.isNull(this.idTokenProvider)) {
GoogleCredentials adcCreds = GoogleCredentials.getApplicationDefault();
if (adcCreds instanceof IdTokenProvider) {
this.idTokenProvider = (IdTokenProvider) adcCreds;
} else {
throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Misconfigured credentials",
"GcpServiceAccountJwtClient have misconfigured token provider");
}
}
IdTokenCredentials tokenCredential = IdTokenCredentials.newBuilder()
.setIdTokenProvider(this.idTokenProvider)
.setTargetAudience(this.targetAudience)
.build();
AccessToken accessToken = tokenCredential.refreshAccessToken();
return accessToken.getTokenValue();
} catch (IOException e) {
throw new AppException(HttpStatus.SC_INTERNAL_SERVER_ERROR, "Misconfigured credentials",
"GcpServiceAccountJwtClient have misconfigured token provider", e);
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment