Create or update user in Atlassian Crowd using REST API client
Atlassian Crowd is a central identity manager application for all Atlassian products (like JIRA or Confluence). During user data synchronization of the Avatar database, I needed to update some user information in the connected Crowd server.
In order to use the REST API of Crowd, we need to use the rest client, provided by Atlassian. By adding the following Maven dependency into your project, you can use the client:
<dependency> <version>2.8.3</version> <groupId>com.atlassian.crowd</groupId> <artifactId>crowd-integration-client-rest</artifactId> </dependency>
Using the client from JAVA code:
/** * */ package hu.vargasoft.avatar.dataimport.crowd; import javax.annotation.PostConstruct; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Repository; import com.atlassian.crowd.exception.ApplicationPermissionException; import com.atlassian.crowd.exception.InvalidAuthenticationException; import com.atlassian.crowd.exception.InvalidUserException; import com.atlassian.crowd.exception.OperationFailedException; import com.atlassian.crowd.exception.UserNotFoundException; import com.atlassian.crowd.integration.rest.service.factory.RestCrowdClientFactory; import com.atlassian.crowd.model.user.ImmutableUser; import com.atlassian.crowd.model.user.User; import com.atlassian.crowd.service.client.CrowdClient; /** * Proxy for the functionalities of Crowd REST API * * @author Peter Varga * */ @Repository("crowdRestApiProxy") public class CrowdRestApiProxy { // Logger instance private static final Logger log = LoggerFactory.getLogger(CrowdRestApiProxy.class); @Autowired CrowdPropertiesHolder crowdPropertiesHolder; private CrowdClient crowdClient; @PostConstruct void init() { crowdClient = new RestCrowdClientFactory().newInstance(crowdPropertiesHolder.getUrl(), crowdPropertiesHolder.getApplicationName(), crowdPropertiesHolder.getApplicationPassword()); } /** * Finds user with given account name * * @param accountName * user account in CROWD. Must not be null, or empty. * @return {@link User} object from CROWD, or null if user with given account not found */ User findUser(String accountName) { log.debug("Finding CROWD user with account: '{}'", accountName); User user = null; try { user = crowdClient.getUser(accountName); } catch (UserNotFoundException | OperationFailedException | ApplicationPermissionException | InvalidAuthenticationException e) { log.warn("Exception occurred while retrieving user '{}' from CROWD server: {}", accountName, e.getMessage()); } log.debug("Exiting findUser() with result: {}", user); return user; } /** * Updates user data in CROWD database * * @param account * of the user to be updated * @param lastName * new family name * @param firstName * new first name * @param emailAddress * new email address */ public void updateUser(String account, String firstName, String lastName, String emailAddress) { log.debug("Entering updateUserInCrowd(). Parameter: {} {} {} {}", account, lastName, firstName, emailAddress); User crowdUser = findUser(account); if (crowdUser == null) { return; } ImmutableUser user = new ImmutableUser(crowdUser.getDirectoryId(), crowdUser.getName(), crowdUser.getDisplayName(), emailAddress, crowdUser.isActive(), firstName, lastName, crowdUser.getExternalId()); try { crowdClient.updateUser(user); } catch (UserNotFoundException | InvalidUserException | OperationFailedException | ApplicationPermissionException | InvalidAuthenticationException e) { log.warn("Exception occurred while trying to update CROWD user {}:{} ", account, e.getMessage()); } } }
As the user object, returned ba the client is immutable, a new ImmutableUser instance needs to be created,
containing the new data. It should be later used as parameter of updateUser().
Starting the Crowd server locally, using the Atlassian SDK.
In a command window, execute the following command: atlas-run-standalone --product crowd
It starts the Crowd server, and makes it possible to log in to the administration GUI. Just open the following URL in your browser:
http://localhost:4990/crowd/ and use admin/admin as username/password.
http://localhost:4990/crowd/ and use admin/admin as username/password.
It is important to understand, that the authentication of the Crowd client in your Java code requires an application name, and a corresponding application
password. It does not allow logging in using a normal user, like the default 'admin' user. Therefore, before the client can be used, it is necessary to register
an application using Applications/Add application menu.
password. It does not allow logging in using a normal user, like the default 'admin' user. Therefore, before the client can be used, it is necessary to register
an application using Applications/Add application menu.
According to the information, found in Link:
https://developer.atlassian.com/display/CROWDDEV/Using+the+Crowd+REST+APIs
"Crowd offers a set of REST APIs for use by applications connecting to Crowd.
client of Crowd, whereas in JIRA/Confluence a user is the client. For example, when authenticating a request to a Crowd REST resource via basic
authentication, the application name and password is used (and not a username and password).
Keep this in mind when using the REST APIs."
As I am using a Windows 7 development environment, as a Virtual Machine image, I needed to add the IP address 10.0.2.15 at the "Remote addresses"
section. Before adding it, I got the following exception while connecting to the Crowd server:
com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 - Client with address "10.0.2.15" is forbidden from making requests
to the application, crowd.
section. Before adding it, I got the following exception while connecting to the Crowd server:
com.atlassian.crowd.exception.ApplicationPermissionException: HTTP Status 403 - Client with address "10.0.2.15" is forbidden from making requests
to the application, crowd.