dpc-api/src/main/java/gov/cms/dpc/api/tasks/tokens/GenerateClientTokens.java from CMSgov/dpc-app

dpc-api/src/main/java/gov/cms/dpc/api/tasks/tokens/GenerateClientTokens.java
Summary

Maintainability

55 mins
Test Coverage

100%
Issues
Coverage
package gov.cms.dpc.api.tasks.tokens;

import com.github.nitram509.jmacaroons.Macaroon;
import com.github.nitram509.jmacaroons.MacaroonVersion;
import gov.cms.dpc.api.auth.OrganizationPrincipal;
import gov.cms.dpc.api.entities.TokenEntity;
import gov.cms.dpc.api.resources.v1.TokenResource;
import gov.cms.dpc.macaroons.MacaroonBakery;
import io.dropwizard.jersey.jsr310.OffsetDateTimeParam;
import io.dropwizard.servlets.tasks.Task;
import org.apache.commons.lang3.StringUtils;
import org.hl7.fhir.dstu3.model.Organization;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.inject.Inject;
import javax.inject.Singleton;
import java.io.PrintWriter;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;

/**
 * Admin task for creating a Golden macaroon which has superuser permissions in the application.
 * This should only ever be called once per environment.
 */
@Singleton
public class GenerateClientTokens extends Task {

    private static final Logger logger = LoggerFactory.getLogger(GenerateClientTokens.class);

    private final MacaroonBakery bakery;
    private final TokenResource resource;

    @Inject
    public GenerateClientTokens(MacaroonBakery bakery, TokenResource resource) {
        super("generate-token");
        this.bakery = bakery;
        this.resource = resource;
    }

    @Override
    public void execute(Map<String, List<String>> parameters, PrintWriter output) {
        final List<String> expirationCollection = parameters.get("expiration");
        final List<String> labelCollection = parameters.get("label");
        final List<String> organizationCollection = parameters.get("organization");
        if (organizationCollection == null || organizationCollection.isEmpty()) {
            logger.warn("CREATING UNRESTRICTED MACAROON. ENSURE THIS IS OK");
            final Macaroon macaroon = bakery.createMacaroon(Collections.emptyList());
            output.write(macaroon.serialize(MacaroonVersion.SerializationVersion.V1_BINARY));
        } else {
            final String organization = organizationCollection.get(0);
            final Organization orgResource = new Organization();
            orgResource.setId(organization);
            final String tokenLabel = (labelCollection == null || labelCollection.isEmpty()) ? null : labelCollection.get(0);
            Optional<OffsetDateTimeParam> expiration = Optional.empty();
            if(expirationCollection != null && !expirationCollection.isEmpty() && !StringUtils.isBlank(expirationCollection.get(0))){
                expiration = Optional.of(new OffsetDateTimeParam(expirationCollection.get(0)));
            }
            final TokenEntity tokenResponse = this.resource
                    .createOrganizationToken(
                            new OrganizationPrincipal(orgResource), null,
                            tokenLabel,
                            expiration);

            output.write(tokenResponse.getToken());
        }
    }
}