Skip to content

Commit

Permalink
Merge pull request redhat-developer#37 from bf2fc6cc711aee1a0c2a/add_…
Browse files Browse the repository at this point in the history 
…token_to_sarcontroller

fix: adding offline token to serviceaccountrequestspec
  • Loading branch information
@secondsun
secondsun authored Jan 27, 2021
2 parents d9f1207 + 33d11e0 commit 867e412
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 7 deletions.
10 changes: 8 additions & 2 deletions java/rhoas/src/main/java/com/openshift/cloud/beans/TokenExchanger.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,19 @@ public class TokenExchanger {
@ConfigProperty(name = "auth.tokenPath", defaultValue = "protocol/openid-connect/token")
String tokenPath;

public String getToken(String secret) {
/**
* This method exchanges an offline token for a new refresh token
*
* @param offlineToken the token from ss.redhat.com
* @return a token to be used as a bearer token to authorize the user
*/
public String getToken(String offlineToken) {
try {
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(authServerUrl + "/" + tokenPath))
.header("content-type", "application/x-www-form-urlencoded")
.timeout(Duration.ofMinutes(2))
.POST(ofFormData("grant_type","refresh_token", "client_id","cloud-services", "refresh_token", secret))
.POST(ofFormData("grant_type","refresh_token", "client_id","cloud-services", "refresh_token", offlineToken))
.build();

HttpClient client = HttpClient.newBuilder().build();
Expand Down
9 changes: 4 additions & 5 deletions ...src/main/java/com/openshift/cloud/controllers/ManagedServiceAccountRequestController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,9 +54,6 @@ public class ManagedServiceAccountRequestController implements ResourceControlle
@ConfigProperty(name = "client.basePath", defaultValue = "https://api.stage.openshift.com")
String clientBasePath;

@ConfigProperty(name = "client.token")
String clientToken;

@Override
public DeleteControl deleteResource(ManagedServiceAccountRequest resource,
Context<ManagedServiceAccountRequest> context) {
Expand All @@ -75,7 +72,7 @@ public UpdateControl<ManagedServiceAccountRequest> createOrUpdateResource(Manage
if (resource.getSpec().getReset()) {
throw new NotImplementedException("Reset is not implemented");
} else {
var managedServiceClient = createClient();
var managedServiceClient = createClient(resource.getSpec().getAccessTokenSecretName());
var serviceAccountRequest = new ServiceAccountRequest();
serviceAccountRequest.setDescription(resource.getSpec().getDescription());
serviceAccountRequest.setName(resource.getSpec().getServiceAccountName());
Expand Down Expand Up @@ -119,13 +116,15 @@ public UpdateControl<ManagedServiceAccountRequest> createOrUpdateResource(Manage
}


private DefaultApi createClient() {
private DefaultApi createClient(String clientToken) {

ApiClient defaultClient = Configuration.getDefaultApiClient();
defaultClient.setBasePath(clientBasePath);

// Configure HTTP bearer authorization: Bearer
HttpBearerAuth Bearer = (HttpBearerAuth) defaultClient.getAuthentication("Bearer");

clientToken = tokenExchanger.getToken(clientToken);
Bearer.setBearerToken(clientToken);

return new DefaultApi(defaultClient);
Expand Down
10 changes: 10 additions & 0 deletions ...as/src/main/java/com/openshift/cloud/v1alpha/models/ManagedServiceAccountRequestSpec.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ public class ManagedServiceAccountRequestSpec {
private Boolean reset;
private String description;
private String serviceAccountSecretName;
private String accessTokenSecretName = "rhoas_binding_operator_token";

private Map<String, Object> additionalProperties = new HashMap<String, Object>();

/**
Expand All @@ -19,6 +21,14 @@ public class ManagedServiceAccountRequestSpec {
public ManagedServiceAccountRequestSpec() {
}

public String getAccessTokenSecretName() {
return accessTokenSecretName;
}

public void setAccessTokenSecretName(String accessTokenSecretName) {
this.accessTokenSecretName = accessTokenSecretName;
}

/**
*
* @param serviceAccountSecretName
Expand Down

0 comments on commit 867e412

Please sign in to comment.