#9 adding jwt config hooks

DICE-UNC · Aug 5, 2019 · 8d43a2a · 8d43a2a
1 parent 256fbd3
commit 8d43a2a
Show file tree

Hide file tree

Showing 4 changed files with 57 additions and 22 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,18 +4,20 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
-
-## [] - XXXX
 ### Added
 
 ### Changed
 
-
 #### Factor out metalnx circular dependencies into abstracted services #5
 
 Factor out generic concepts like stars/shares in a way that they can be used by other code, e.g. REST API or other clients. This corrects some circular dependencies in MetaLnx. metalnx core and services libraries are pulled out into stand-alone packages and then set as dependencies in Metalnx itself.
 
+#### Add JWT config and issue support #9
+
+Add ability to issue JWTs for logged-in users in order to access Metalnx associated microservices. This is initially to support pluggable search and notifications. This is for auth when Metalnx is acting as a client for other supporting microservices.
+
+This change requires the addition of several properties in metalnx.properties...
+
 
 ### Removed
 
diff --git a/...alnx-services/src/main/java/com/emc/metalnx/services/configuration/ConfigServiceImpl.java b/...alnx-services/src/main/java/com/emc/metalnx/services/configuration/ConfigServiceImpl.java
@@ -84,6 +84,25 @@ public class ConfigServiceImpl implements ConfigService {
 	@Value("${metalnx.enable.dashboard}")
 	private boolean dashboardEnabled;
 
+	/**
+	 * Issuer (iss) in the jwt token for access to microservices
+	 */
+	@Value("${jwt.issuer}")
+	private String jwtIssuer;
+
+	/**
+	 * Secret for jwt creation. Note that the underlying property should be treated
+	 * as secret data with appropriate controls
+	 */
+	@Value("${jwt.secret")
+	private String jwtSecret;
+
+	/**
+	 * algo for computing JWTs
+	 */
+	@Value("${jwt.algo}")
+	private String jwtAlgo;
+
 	/**
 	 * This is a string representation of AuthType mappings in the form
 	 * iRODType:userFriendlyType| (bar delimited) This is parsed from the
@@ -223,24 +242,6 @@ public void setDashboardEnabled(boolean dashboardEnabled) {
 		this.dashboardEnabled = dashboardEnabled;
 	}
 
-	@Override
-	public String toString() {
-		StringBuilder builder = new StringBuilder();
-		builder.append("ConfigServiceImpl [msiAPIVersionSupported=").append(msiAPIVersionSupported)
-				.append(", mlxMSIsExpected=").append(mlxMSIsExpected).append(", irods41MSIsExpected=")
-				.append(irods41MSIsExpected).append(", irods42MSIsExpected=").append(irods42MSIsExpected)
-				.append(", otherMSIsExpected=").append(otherMSIsExpected).append(", irodsHost=").append(irodsHost)
-				.append(", irodsPort=").append(irodsPort).append(", irodsZone=").append(irodsZone)
-				.append(", irodsJobUser=").append(irodsJobUser).append(", irodsJobPassword=").append(irodsJobPassword)
-				.append(", irodsAuthScheme=").append(irodsAuthScheme).append(", populateMsiEnabled=")
-				.append(populateMsiEnabled).append(", ticketsEnabled=").append(ticketsEnabled)
-				.append(", uploadRulesEnabled=").append(uploadRulesEnabled).append(", downloadLimit=")
-				.append(downloadLimit).append(", handleNoAccessViaProxy=").append(handleNoAccessViaProxy)
-				.append(", defaultIrodsAuthScheme=").append(defaultIrodsAuthScheme).append(", dashboardEnabled=")
-				.append(dashboardEnabled).append("]");
-		return builder.toString();
-	}
-
 	@Override
 	public List<AuthTypeMapping> listAuthTypeMappings() {
 		List<AuthTypeMapping> authTypeList = new ArrayList<AuthTypeMapping>();
@@ -272,4 +273,31 @@ public String getAuthtypeMappings() {
 	public void setAuthtypeMappings(String authtypeMappings) {
 		this.authtypeMappings = authtypeMappings;
 	}
+
+	@Override
+	public String getJwtIssuer() {
+		return jwtIssuer;
+	}
+
+	public void setJwtIssuer(String jwtIssuer) {
+		this.jwtIssuer = jwtIssuer;
+	}
+
+	@Override
+	public String getJwtSecret() {
+		return jwtSecret;
+	}
+
+	public void setJwtSecret(String jwtSecret) {
+		this.jwtSecret = jwtSecret;
+	}
+
+	@Override
+	public String getJwtAlgo() {
+		return jwtAlgo;
+	}
+
+	public void setJwtAlgo(String jwtAlgo) {
+		this.jwtAlgo = jwtAlgo;
+	}
 }
diff --git a/irodsext-data-profiler/src/main/java/com/emc/metalnx/services/interfaces/ConfigService.java b/irodsext-data-profiler/src/main/java/com/emc/metalnx/services/interfaces/ConfigService.java
@@ -150,4 +150,7 @@ public interface ConfigService {
 	 * @return {@code List} of {@link AuthTypeMapping}
 	 */
 	List<AuthTypeMapping> listAuthTypeMappings();
+	String getJwtAlgo();
+	String getJwtSecret();
+	String getJwtIssuer();
 }
diff --git a/pom.xml b/pom.xml
@@ -214,5 +214,7 @@
 		<module>irodsext-data-typer</module>
 		<module>emc-metalnx-core</module>
 		<module>emc-metalnx-services</module>
+		<module>dot-irods-utilities</module>
+		<module>virtual-collections</module>
 	</modules>
 </project>