Merging for 03-28 release (#162)

* Update release with Fence-Integration (#153) * [HOT-FIX] Add maven war plugin version to fix production build [HOT-FIX] Add maven war plugin version to fix production build * [ALS-5514] AIM-AHEAD PIC-SURE AuthN (#150) [ALS-5332] BDC PIC-SURE: Support PSAMA persist admin roles fix compile issue Add manual roles check if roles are empty Add StudyAccessService Better error code; clean up Bump swagger version? Added jersey-server for tests Add guava to pom Adds method to look for accounts missing a subject Check if subject is empty * [ALS-5514] Add OktaOAuthAuthenticationService for user authentication The new class, OktaOAuthAuthenticationService, has been added to manage user authentication via Okta. This involves the process of code-token exchange, token introspection, and user initialization. It also contains utility methods for making requests to Okta API and processing the responses. * [ALS-5514] Add Okta authentication support in PIC-SURE This commit includes the addition of an OktaAuthenticationController which is responsible for handling Okta-based authentication requests. It also restructures the JAXRSConfiguration class's startup sequence and adds more flexibility in handling different Identity Provider (IDP) setups; specifically, it enhances the class's ability to properly configure and handle Okta IDP. * [ALS-5514] Remove unused import in AuthService.java * [ALS-5514] The 'standalone.xml' file has been updated to include OTKA parameters configuration. * [ALS-5514] Update maven war plugin * [ALS-5514] Use unauthorizedError in place of less specific error * [ALS-5514] Refactor UserRepository and improve user metadata generation Updated UserRepository.java to streamline the user data querying and creation process, and added explicit save(user) method for better clarity. In OktaOAuthAuthenticationService.java, a refactoring was done to simplify the process of updating user metadata. A unit test for generating user metadata was also added in a new OktaOAuthAuthenticationServiceTest.java file for improved code coverage and reliability. *[ALS-5514] Remove mapped clientId, refactor beanConfig scheme The commit eliminates mapped clientId resource in JAXRSConfiguration.java, instead retrieving it through ctx.lookup. This resolves issues in the cases where client_id may be empty. --------- Co-authored-by: James <[email protected]> --------- Co-authored-by: James <[email protected]> * [ALS-5858] AIM-AHEAD PIC-SURE: Landing page shows 0 studies (#156) * [ALS-5858] In order to upsert user studies we needed many of the same configuration values depended on by FENCE. I have refactored common JAXRSConfigurations to methods. They are now reused across different idp provider configurations. * ALS-6142: Update apache httpclient version (#160) * [ALS-5979] AIM-AHEAD PIC-SURE: Downloaded dataset seems incorrect (#161) * Refactor FENCEAuthenticationService to customize query fields Different fields for queryTemplateText are set based on the idp_provider in FENCEAuthenticationService. The "?fields" parameter of the query is now conditionally filled, with it being set to the parentAccessionField if idp_provider equals "fence", and empty otherwise. This change provides more flexibility for FENCE authentication depending on the provider setting. * Remove empty string for fields * Flip equals to avoid npe --------- Co-authored-by: James <[email protected]> Co-authored-by: ramari16 <[email protected]>
hms-dbmi · Mar 26, 2024 · 2e3fe39 · 2e3fe39
1 parent a85af0f
commit 2e3fe39
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/pic-sure-auth-services/pom.xml b/pic-sure-auth-services/pom.xml
@@ -32,7 +32,7 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpclient</artifactId>
-            <version>4.5.6</version>
+            <version>4.5.14</version>
         </dependency>
         <dependency>
             <groupId>io.jsonwebtoken</groupId>

diff --git a/...main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/FENCEAuthenticationService.java b/...main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/FENCEAuthenticationService.java
@@ -514,11 +514,18 @@ private Privilege upsertClinicalPrivilege(String studyIdentifier, String project
                     +"\":[\""
                     +studyIdentifierField
                     +"\"]},"
-                    +"\"numericFilters\":{},\"requiredFields\":[],"
-                    +"\"fields\":[\"" + parentAccessionField + "\"],"
-                    +"\"variantInfoFilters\":[{\"categoryVariantInfoFilters\":{},\"numericVariantInfoFilters\":{}}],"
+                    +"\"numericFilters\":{},\"requiredFields\":[],";
+
+                    if("fence".equalsIgnoreCase(JAXRSConfiguration.idp_provider)) {
+                    	queryTemplateText += "\"fields\":[\"" + parentAccessionField + "\"],";
+                    } else {
+                        queryTemplateText += "\"fields\":[],";
+                    }
+
+                    queryTemplateText+="\"variantInfoFilters\":[{\"categoryVariantInfoFilters\":{},\"numericVariantInfoFilters\":{}}],"
                     +"\"expectedResultType\": \"COUNT\""
                     +"}";
+
             priv.setQueryTemplate(queryTemplateText);
             if(isHarmonized) {
             	priv.setQueryScope("[\"" + conceptPath + "\",\"_\",\"" + fence_harmonized_concept_path + "\"]");