Added Kerberos auth to methods

3 years ago · fee2bd340f
7 changed files with 51 additions and 6 deletions
--- a/pom.xml
+++ b/pom.xml
@ -10,7 +10,7 @@
  </repositories>
  <modelVersion>4.0.0</modelVersion>
  <groupId>com.redhat.ncaughey</groupId>
-  <artifactId>rest-json-quickstart</artifactId>
+  <artifactId>osh</artifactId>
  <version>1.0.0-SNAPSHOT</version>
  <properties>
    <compiler-plugin.version>3.10.1</compiler-plugin.version>
--- a/src/main/docker/Dockerfile.jvm
+++ b/src/main/docker/Dockerfile.jvm
@ -86,8 +86,6 @@ COPY --chown=185 target/quarkus-app/*.jar /deployments/
 COPY --chown=185 target/quarkus-app/app/ /deployments/app/
 COPY --chown=185 target/quarkus-app/quarkus/ /deployments/quarkus/

-RUN microdnf install krb5-server krb5-libs krb5-workstation
-RUN cat /etc/krb5.conf

 EXPOSE 8080
 USER 185
--- a/src/main/java/rest/CreateGetResource.java
+++ b/src/main/java/rest/CreateGetResource.java
@ -2,7 +2,11 @@ package rest;

 import dto.ConnectDB;
 import dto.ScanObj;
+import io.quarkiverse.kerberos.KerberosPrincipal;
+import io.quarkus.security.Authenticated;
+import io.quarkus.security.identity.SecurityIdentity;

+import javax.inject.Inject;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
@ -14,14 +18,15 @@ import java.util.Collections;
 import java.util.LinkedHashMap;
 import java.util.Set;

+
 // import org.hibernate.EntityManager;


 // @Path("/api/v1/[osh-scan]")
@Path("/scanGet")
+@Authenticated
 public class CreateGetResource {
-    // @Inject
-    // EntityManager em;
+

    CreateScanService createScanService;

--- a/src/main/java/rest/CreateScanRequest.java
+++ b/src/main/java/rest/CreateScanRequest.java
@ -1,6 +1,7 @@
 package rest;

 import dto.*;
+import io.quarkus.security.Authenticated;
 import org.eclipse.microprofile.rest.client.inject.RestClient;
 import org.json.JSONObject;

@ -14,6 +15,7 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;

+@Authenticated
@Path("/scanRequest")
 public class CreateScanRequest {

--- a/src/main/java/rest/CreateStartScan.java
+++ b/src/main/java/rest/CreateStartScan.java
@ -2,6 +2,7 @@ package rest;

 import dto.ConnectDB;
 import dto.ScanObj;
+import io.quarkus.security.Authenticated;
 import org.eclipse.microprofile.rest.client.inject.RestClient;

 import javax.ws.rs.PUT;
@ -13,6 +14,7 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;

+@Authenticated
@Path("/startScan")
 public class CreateStartScan {

--- a/src/main/java/rest/UsersResource.java
+++ b/src/main/java/rest/UsersResource.java
@ -0,0 +1,36 @@
+package rest;
+
+import dto.ConnectDB;
+import dto.ScanObj;
+import io.quarkiverse.kerberos.KerberosPrincipal;
+import io.quarkus.security.Authenticated;
+import io.quarkus.security.identity.SecurityIdentity;
+
+import javax.inject.Inject;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import java.sql.Connection;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Statement;
+import java.util.Collections;
+import java.util.LinkedHashMap;
+import java.util.Set;
+import javax.ws.rs.Produces;
+
+@Path("/testKerberos")
+@Authenticated
+public class UsersResource {
+    @Inject
+    SecurityIdentity identity;
+    @Inject
+    KerberosPrincipal kerberosPrincipal;
+
+    @GET
+    @Path("/me")
+    @Produces("text/plain")
+    public String me() {
+        return identity.getPrincipal().getName();
+    }
+}
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -6,5 +6,7 @@

 # quarkus.hibernate-orm.database.generation=drop-and-create

-quarkus.kerberos.keytab-path= "file:///tmp/TASK1559577-openscanhub-wrapper.keytab"
+quarkus.kerberos.keytab-path= HTTP_osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM.keytab
+quarkus.kerberos.service-principal-name= HTTP/osh-pct-security-tooling.apps.ocp-c1.prod.psi.redhat.com@IPA.REDHAT.COM
+