Merge pull request #190 from apigee/Issue161

Issue161

pom.xml

@@ -47,8 +47,6 @@
 		<maven.compiler.source>1.8</maven.compiler.source>
 		<maven.compiler.target>1.8</maven.compiler.target>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<spring.version>5.3.27</spring.version>
-		<spring.security.version>5.6.1</spring.security.version>
 		<log4j.version>2.17.1</log4j.version>
 		<maven.version>3.8.1</maven.version>
 		<maven.api.version>3.5</maven.api.version>
@@ -186,32 +184,6 @@
 			<artifactId>json-simple</artifactId>
 			<version>1.1.1</version>
 		</dependency>
-		<!-- mgmt-api-java-sdk -->
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-core</artifactId>
-			<version>${spring.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-context</artifactId>
-			<version>${spring.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework</groupId>
-			<artifactId>spring-web</artifactId>
-			<version>${spring.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>org.springframework.security</groupId>
-			<artifactId>spring-security-crypto</artifactId>
-			<version>${spring.security.version}</version>
-		</dependency>
-		<dependency>
-			<groupId>cglib</groupId>
-			<artifactId>cglib</artifactId>
-			<version>2.2.2</version>
-		</dependency>
 		<dependency>
 			<groupId>com.auth0</groupId>
 			<artifactId>java-jwt</artifactId>
@@ -222,17 +194,21 @@
 		    <artifactId>json-unit</artifactId>
 		    <version>2.7.0</version>
 		</dependency>
-		<!-- mgmt-api-java-sdk -->
 		<dependency>
 			<groupId>com.google.auth</groupId>
 			<artifactId>google-auth-library-oauth2-http</artifactId>
-			<version>0.18.0</version>
+			<version>1.19.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-lang3</artifactId>
 			<version>3.1</version>
 		</dependency>
+		<dependency>
+		    <groupId>com.fasterxml.jackson.core</groupId>
+		    <artifactId>jackson-core</artifactId>
+		    <version>2.15.2</version>
+		</dependency>
 	</dependencies>
 
 	<build>

src/main/java/com/apigee/edge/config/rest/RestUtil.java

@@ -16,19 +16,26 @@
 package com.apigee.edge.config.rest;
 
 import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.net.URLEncoder;
 import java.nio.file.Files;
+import java.security.interfaces.RSAPrivateKey;
+import java.util.Date;
+import java.util.HashMap;
 import java.util.Map;
 
 import javax.net.ssl.HttpsURLConnection;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
+import org.json.simple.JSONObject;
+import org.json.simple.parser.JSONParser;
 
 import com.apigee.edge.config.utils.PrintUtil;
 import com.apigee.edge.config.utils.ServerProfile;
-import com.apigee.mgmtapi.sdk.client.MgmtAPIClient;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
 import com.google.api.client.http.ByteArrayContent;
 import com.google.api.client.http.GenericUrl;
 import com.google.api.client.http.HttpContent;
@@ -42,10 +49,12 @@
 import com.google.api.client.http.HttpResponseException;
 import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.MultipartContent;
+import com.google.api.client.http.UrlEncodedContent;
 import com.google.api.client.http.apache.ApacheHttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.client.json.jackson2.JacksonFactory;
+import com.google.auth.oauth2.ServiceAccountCredentials;
 
 public class RestUtil {
 	private static HttpRequestFactory REQUEST_FACTORY;
@@ -1090,15 +1099,14 @@ private HttpResponse executeAPI(ServerProfile profile, HttpRequest request)
             throws IOException {
     	HttpHeaders headers = request.getHeaders();
     	try {
-    		MgmtAPIClient client = new MgmtAPIClient();
     		if(profile.getBearerToken()!=null && !profile.getBearerToken().equalsIgnoreCase("")) {
     			logger.info("Using the bearer token");
     			accessToken = profile.getBearerToken();
     		}
     		else if(profile.getServiceAccountJSONFile()!=null && !profile.getServiceAccountJSONFile().equalsIgnoreCase("")) {
     			logger.info("Using the service account file to generate a token");
     			File serviceAccountJSON = new File(profile.getServiceAccountJSONFile());
-    			accessToken = client.getGoogleAccessToken(serviceAccountJSON);
+    			accessToken = getGoogleAccessToken(serviceAccountJSON);
     		}
     		else {
     			logger.error("Service Account file or bearer token is missing");
@@ -1116,4 +1124,44 @@ else if(profile.getServiceAccountJSONFile()!=null && !profile.getServiceAccountJ
         return request.execute();
     }
 
+    /**
+	 * To get the Google Service Account Access Token
+	 * 
+	 * @param serviceAccountFilePath
+	 * @return
+	 * @throws Exception
+	 */
+	private String getGoogleAccessToken(File serviceAccountJSON) throws IOException {
+		String tokenUrl = "https://oauth2.googleapis.com/token";
+		long now = System.currentTimeMillis();
+		try {
+			ServiceAccountCredentials serviceAccount = ServiceAccountCredentials.fromStream(new FileInputStream(serviceAccountJSON));
+			Algorithm algorithm = Algorithm.RSA256(null, (RSAPrivateKey)serviceAccount.getPrivateKey());
+			String signedJwt = JWT.create()
+	                .withKeyId(serviceAccount.getPrivateKeyId())
+	                .withIssuer(serviceAccount.getClientEmail())
+	                .withAudience(tokenUrl)
+	                .withClaim("scope","https://www.googleapis.com/auth/cloud-platform")
+	                .withIssuedAt(new Date(now))
+	                .withExpiresAt(new Date(now + 3600 * 1000L))
+	                .sign(algorithm);
+			//System.out.println(signedJwt);
+			Map<String, Object> params = new HashMap<String, Object>();
+			params.put("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
+			params.put("assertion", signedJwt);
+			HttpContent content = new UrlEncodedContent(params);
+
+			HttpRequest restRequest = REQUEST_FACTORY.buildPostRequest(new GenericUrl(tokenUrl), content);
+	        restRequest.setReadTimeout(0);
+	        HttpResponse response = restRequest.execute();
+	        String payload = response.parseAsString();
+            JSONParser parser = new JSONParser();       
+            JSONObject obj     = (JSONObject)parser.parse(payload);
+            return (String)obj.get("access_token");
+		}catch (Exception e) {
+			logger.error(e.getMessage());
+            throw new IOException(e.getMessage());
+		}
+	}
+
 }