[JN-1331] Add support for Duo and Google Workspace (#1136)

broadinstitute · Oct 10, 2024 · c828dd6 · c828dd6
1 parent 80c26d2
commit c828dd6
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 0 deletions.
diff --git a/compliance/src/main/java/bio/terra/pearl/compliance/SyncVantaUsers.java b/compliance/src/main/java/bio/terra/pearl/compliance/SyncVantaUsers.java
@@ -4,7 +4,9 @@
 import bio.terra.pearl.compliance.exception.VantaUpdateException;
 import bio.terra.pearl.compliance.model.AccessToken;
 import bio.terra.pearl.compliance.model.CloudEventPayload;
+import bio.terra.pearl.compliance.model.DuoAccount;
 import bio.terra.pearl.compliance.model.GithubAccount;
+import bio.terra.pearl.compliance.model.GsuiteAccount;
 import bio.terra.pearl.compliance.model.JamfComputer;
 import bio.terra.pearl.compliance.model.JiraAccount;
 import bio.terra.pearl.compliance.model.PersonInScope;
@@ -88,6 +90,8 @@ public class SyncVantaUsers implements CommandLineRunner, CloudEventsFunction {
     public static final String SLACK_INTEGRATION_ID = "slack";
     public static final String GITHUB_INTEGRATION_ID = "github";
     public static final String JAMF_INTEGRATION_ID = "jamf";
+    public static final String DUO_INTEGRATION_ID = "duo";
+    public static final String GSUITE_INTEGRATION_ID = "gsuiteadmin";
 
     private Gson gson = newGson();
 
@@ -254,6 +258,10 @@ private WebClient getWebClientForIntegration(String accessToken, String integrat
 
     private List<VantaIntegration> getIntegrations() {
         List<VantaIntegration> integrationsToSync = new ArrayList<>();
+        integrationsToSync.add(new VantaIntegration(GSUITE_INTEGRATION_ID, "GsuiteUser", new ParameterizedTypeReference<VantaResultsResponse<GsuiteAccount>>() {},
+                userSyncConfig.getResourceIdsToIgnore(GSUITE_INTEGRATION_ID)));
+        integrationsToSync.add(new VantaIntegration(DUO_INTEGRATION_ID, "DuoAccount", new ParameterizedTypeReference<VantaResultsResponse<DuoAccount>>() {},
+                userSyncConfig.getResourceIdsToIgnore(DUO_INTEGRATION_ID)));
         integrationsToSync.add(new VantaIntegration(JAMF_INTEGRATION_ID, "JamfManagedComputer", new ParameterizedTypeReference<VantaResultsResponse<JamfComputer>>() {},
                 userSyncConfig.getResourceIdsToIgnore(JAMF_INTEGRATION_ID)));
         integrationsToSync.add(new VantaIntegration(JIRA_INTEGRATION_ID, "JiraAccount", new ParameterizedTypeReference<VantaResultsResponse<JiraAccount>>() {},
@@ -380,6 +388,7 @@ private void setInScope(String accessTokeen, Collection<VantaObject> vantaObject
         try {
             String updateResult = getWebClientForIntegration(accessTokeen, integrationId, resourceKind)
                     .patch().bodyValue(updateMetadata).retrieve().onStatus(HttpStatus.TOO_MANY_REQUESTS::equals, get429StatusHander())
+                    .onStatus(HttpStatus.UNPROCESSABLE_ENTITY::equals, res -> res.bodyToMono(String.class).map(VantaUpdateException::new))
                     .bodyToMono(String.class).retryWhen(getRetry()).block();
             log.info("Updated {} {} objects to {} with response {}", updateMetadata.size(), integrationId, isInScope, updateResult);
         } catch (VantaUpdateException e) {

diff --git a/compliance/src/main/java/bio/terra/pearl/compliance/model/DuoAccount.java b/compliance/src/main/java/bio/terra/pearl/compliance/model/DuoAccount.java
@@ -0,0 +1,29 @@
+package bio.terra.pearl.compliance.model;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.experimental.SuperBuilder;
+
+import java.util.Collection;
+
+@Getter
+@Setter
+@SuperBuilder
+@NoArgsConstructor
+@ToString
+public class DuoAccount extends VantaObject {
+
+    String accountName;
+
+    @Override
+    public boolean shouldBeInScope(Collection<PersonInScope> peopleInScope) {
+        return peopleInScope.stream().anyMatch(personInScope -> (accountName + "@broadinstitute.org").equalsIgnoreCase(personInScope.getEmail()));
+    }
+
+    @Override
+    public String getSimpleId() {
+        return "";
+    }
+}
diff --git a/compliance/src/main/java/bio/terra/pearl/compliance/model/GsuiteAccount.java b/compliance/src/main/java/bio/terra/pearl/compliance/model/GsuiteAccount.java
@@ -0,0 +1,29 @@
+package bio.terra.pearl.compliance.model;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+import lombok.experimental.SuperBuilder;
+
+import java.util.Collection;
+
+@Getter
+@Setter
+@SuperBuilder
+@NoArgsConstructor
+@ToString
+public class GsuiteAccount extends VantaObject {
+
+    String displayName;
+
+    @Override
+    public boolean shouldBeInScope(Collection<PersonInScope> peopleInScope) {
+        return peopleInScope.stream().anyMatch(personInScope -> displayName.equalsIgnoreCase(personInScope.getFullName()));
+    }
+
+    @Override
+    public String getSimpleId() {
+        return "";
+    }
+}