in custos-services/custos-integration-services/agent-management-service/src/main/java/org/apache/custos/agent/management/interceptors/AgentManagementUserAuthInterceptorImpl.java [58:237]
public <ReqT> ReqT intercept(String method, Metadata headers, ReqT msg) {
if (method.equals("enableAgents") || method.equals("configureAgentClient")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((AgentClientMetadata) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("registerAndEnableAgent")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((RegisterUserRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setClientId(claim.get().getCustosId())
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("getAgent") || method.equals("deleteAgent") || method.equals("disableAgent") ||
method.equals("enableAgent")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((AgentSearchRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("addAgentAttributes")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((AddUserAttributesRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("deleteAgentAttributes")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((DeleteUserAttributeRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("addRolesToAgent")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((AddUserRolesRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("deleteRolesFromAgent")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
return (ReqT) ((DeleteUserRolesRequest) msg).toBuilder()
.setTenantId(tenantId)
.setAccessToken(token)
.setPerformedBy(claim.get().getPerformedBy())
.build();
} else if (method.equals("addProtocolMapper")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
GetCredentialRequest request = GetCredentialRequest
.newBuilder()
.setType(Type.AGENT_CLIENT)
.setOwnerId(tenantId)
.build();
CredentialMetadata metadata = this.credentialStoreServiceClient.getCredential(request);
if (metadata == null || metadata.getId().equals("")) {
throw new UnAuthorizedException("Agent creation is not enabled", null);
}
return (ReqT) ((AddProtocolMapperRequest) msg).toBuilder()
.setTenantId(tenantId)
.setClientId(metadata.getId())
.build();
} else if (method.equals("addRolesToClient")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
GetCredentialRequest request = GetCredentialRequest
.newBuilder()
.setType(Type.AGENT_CLIENT)
.setOwnerId(tenantId)
.build();
CredentialMetadata metadata = this.credentialStoreServiceClient.getCredential(request);
if (metadata == null || metadata.getId().equals("")) {
throw new UnAuthorizedException("Agent creation is not enabled", null);
}
return (ReqT) ((AddRolesRequest) msg).toBuilder()
.setTenantId(tenantId)
.build();
} else if (method.equals("getAllAgents")) {
String token = getToken(headers);
Optional<AuthClaim> claim = authorizeUsingUserToken(headers);
if (claim.isEmpty()) {
throw new UnAuthorizedException("Request is not authorized", null);
}
long tenantId = claim.get().getTenantId();
GetCredentialRequest request = GetCredentialRequest
.newBuilder()
.setType(Type.AGENT_CLIENT)
.setOwnerId(tenantId)
.build();
CredentialMetadata metadata = this.credentialStoreServiceClient.getCredential(request);
if (metadata == null || metadata.getId().equals("")) {
throw new UnAuthorizedException("Agent creation is not enabled", null);
}
return (ReqT) ((GetAllResources) msg).toBuilder()
.setTenantId(tenantId)
.setClientId(metadata.getId())
.build();
}
return msg;
}