ext {
springBootVersion = '2.7.3'
springCloudVersion = '3.1.3'
- vavrVersion = '0.10.4'
- vavrJacksonVersion = '0.10.3'
lombokVersion = '1.18.24'
openapiVersion = '6.0.1'
redocVersion = '2.0.0-rc.65'
}
dependencies {
- implementation "io.vavr:vavr:$vavrVersion"
- implementation "io.vavr:vavr-jackson:$vavrJacksonVersion"
implementation "org.springframework.boot:spring-boot-starter-logging"
implementation "net.logstash.logback:logstash-logback-encoder:$logstashLogbackVersion"
package org.onap.portal.bff.config;
import com.nimbusds.jwt.JWTParser;
-import io.vavr.control.Option;
-import io.vavr.control.Try;
+import java.text.ParseException;
+import java.util.Collections;
import java.util.List;
+import java.util.Optional;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.reactive.function.client.ClientRequest;
import org.springframework.web.reactive.function.client.ClientResponse;
import org.springframework.web.server.ServerWebExchange;
import org.zalando.problem.Problem;
import org.zalando.problem.Status;
+import reactor.core.Exceptions;
import reactor.core.publisher.Mono;
public class IdTokenExchangeFilterFunction implements ExchangeFilterFunction {
}
return extractServerWebExchange(request)
.flatMap(IdTokenExchangeFilterFunction::extractIdentityHeader)
- .flatMap(
- idToken -> {
- final ClientRequest requestWithIdToken =
- ClientRequest.from(request).header(X_AUTH_IDENTITY_HEADER, idToken).build();
-
- return next.exchange(requestWithIdToken);
- })
+ .map(idToken -> ClientRequest.from(request).header(X_AUTH_IDENTITY_HEADER, idToken).build())
+ .flatMap(requestWithIdToken -> next.exchange(requestWithIdToken))
.switchIfEmpty(Mono.defer(() -> next.exchange(request)));
}
}
private static Mono<String> extractIdentityHeader(ServerWebExchange exchange) {
- return io.vavr.collection.List.ofAll(
- exchange.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER))
- .headOption()
- .map(Mono::just)
- .getOrElse(Mono.error(Problem.valueOf(Status.FORBIDDEN, "ID token is missing")));
+ return Mono.just(exchange)
+ .map(exch -> exch.getRequest().getHeaders().getOrEmpty(X_AUTH_IDENTITY_HEADER).get(0))
+ .onErrorResume(ex -> Mono.error(Problem.valueOf(Status.FORBIDDEN, "ID token is missing")));
}
private static Mono<String> extractIdToken(ServerWebExchange exchange) {
return extractRoles(exchange)
.map(roles -> roles.stream().anyMatch(rolesListForMethod::contains))
.flatMap(
- match -> {
- if (Boolean.TRUE.equals(match)) {
- return Mono.empty();
- } else {
- return Mono.error(Problem.valueOf(Status.FORBIDDEN));
- }
- });
+ match ->
+ Boolean.TRUE.equals(match)
+ ? Mono.empty()
+ : Mono.error(Problem.valueOf(Status.FORBIDDEN)));
}
private static Mono<List<String>> extractRoles(ServerWebExchange exchange) {
return extractIdToken(exchange)
- .flatMap(
- token ->
- Try.of(() -> JWTParser.parse(token))
- .mapTry(jwt -> Option.of(jwt.getJWTClaimsSet()))
- .map(
- optionJwtClaimSet ->
- optionJwtClaimSet
- .flatMap(
- jwtClaimSet ->
- Option.of(jwtClaimSet.getClaim(CLAIM_NAME_ROLES)))
- .map(obj -> (List<String>) obj))
- .map(Mono::just)
- .getOrElseGet(Mono::error))
- .map(optionRoles -> optionRoles.getOrElse(List.of()));
+ .map(
+ token -> {
+ try {
+ return JWTParser.parse(token);
+ } catch (ParseException e) {
+ throw Exceptions.propagate(e);
+ }
+ })
+ .map(
+ jwt -> {
+ try {
+ return Optional.of(jwt.getJWTClaimsSet());
+ } catch (ParseException e) {
+ throw Exceptions.propagate(e);
+ }
+ })
+ .map(
+ optionalClaimsSet ->
+ optionalClaimsSet
+ .map(claimsSet -> claimsSet.getClaim(CLAIM_NAME_ROLES))
+ .map(obj -> (List<String>) obj))
+ .map(roles -> roles.orElse(Collections.emptyList()));
}
}
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.List;
import java.util.function.Function;
-import lombok.extern.slf4j.Slf4j;
import org.onap.portal.bff.config.BeansConfig;
import org.onap.portal.bff.config.PortalBffConfig;
import org.onap.portal.bff.exceptions.DownstreamApiProblemException;
import org.onap.portal.bff.openapi.client_portal_keycloak.api.KeycloakApi;
import org.onap.portal.bff.openapi.client_portal_keycloak.model.ErrorResponseKeycloakDto;
import org.onap.portal.bff.openapi.server.model.ProblemApiDto;
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.reactive.function.client.ExchangeFilterFunction;
import org.springframework.web.reactive.function.client.WebClient;
-@Slf4j
@Configuration
public class KeycloakConfig extends AbstractClientConfig<ErrorResponseKeycloakDto> {
private final ObjectMapper objectMapper;
private final PortalBffConfig bffConfig;
private final ExchangeFilterFunction oauth2ExchangeFilterFunction;
- @Autowired
public KeycloakConfig(
@Qualifier(BeansConfig.OAUTH2_EXCHANGE_FILTER_FUNCTION)
ExchangeFilterFunction oauth2ExchangeFilterFunction,
package org.onap.portal.bff.services;
-import io.vavr.API;
-import io.vavr.Tuple;
-import io.vavr.Tuple2;
import java.net.URI;
import java.util.Collections;
import java.util.List;
+import java.util.Map;
+import java.util.Optional;
import java.util.stream.Collectors;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.zalando.problem.Status;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
+import reactor.util.function.Tuples;
@Slf4j
@RequiredArgsConstructor
log.debug("Get users from keycloak. page=`{}`, pageSize=`{}`", page, pageSize);
final int first = (page - 1) * pageSize;
+ var userIdRoleMap =
+ listRoles(xRequestId)
+ .flatMap(
+ role ->
+ listUsersByRole(role.getName(), xRequestId)
+ .map(userResponse -> Tuples.of(role.getName(), userResponse)))
+ .collectList()
+ .map(
+ tupleList ->
+ tupleList.stream()
+ .collect(
+ Collectors.groupingBy(
+ tuple -> tuple.getT2().getId(),
+ Collectors.mapping(tuple -> tuple.getT1(), Collectors.toList()))));
+
return Mono.zip(
keycloakApi.getUsersCount(null, null, null, null, null, null, null),
keycloakApi
null, null, null, null, null, null, null, null, first, pageSize, null, null,
null, null)
.collectList(),
- listRoles(xRequestId)
- .flatMap(
- role ->
- listUsersByRole(role.getName(), xRequestId)
- .map(user -> Tuple.of(user.getId(), role.getName())))
- .collectList()
- .map(io.vavr.collection.List::ofAll)
- .map(list -> list.groupBy(t -> t._1).map((k, v) -> Tuple.of(k, v.map(Tuple2::_2)))))
+ userIdRoleMap)
.map(
tuple -> {
final UserListResponseApiDto result = new UserListResponseApiDto();
+ Map<String, List<String>> userRoleMap = tuple.getT3();
result.setTotalCount(tuple.getT1());
- result.setItems(
- io.vavr.collection.List.ofAll(tuple.getT2())
+ var roleList =
+ tuple.getT2().stream()
.map(
user ->
usersMapper.convert(
user,
- tuple.getT3().getOrElse(user.getId(), API.List()).toJavaList()))
- .toJavaList());
- // result.setItems(
- // tuple.getT2().stream()
- // .map(user -> usersMapper.convert(user,tuple.getT3()))
- // .toList());
-
+ Optional.ofNullable(userRoleMap.get(user.getId()))
+ .orElse(Collections.emptyList())))
+ .toList();
+ result.setItems(roleList);
return result;
})
.onErrorResume(
Code Review / portal-ng / bff.git / commitdiff