package org.openslx.imagemaster.thrift.server;
import java.nio.ByteBuffer;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import org.apache.log4j.Logger;
import org.openslx.bwlp.thrift.iface.AuthorizationError;
import org.openslx.bwlp.thrift.iface.ClientSessionData;
import org.openslx.bwlp.thrift.iface.ImagePublishData;
import org.openslx.bwlp.thrift.iface.InvocationError;
import org.openslx.bwlp.thrift.iface.MasterServer;
import org.openslx.bwlp.thrift.iface.MasterSoftware;
import org.openslx.bwlp.thrift.iface.MasterTag;
import org.openslx.bwlp.thrift.iface.OperatingSystem;
import org.openslx.bwlp.thrift.iface.Organization;
import org.openslx.bwlp.thrift.iface.Satellite;
import org.openslx.bwlp.thrift.iface.ServerSessionData;
import org.openslx.bwlp.thrift.iface.SessionData;
import org.openslx.bwlp.thrift.iface.TAuthorizationException;
import org.openslx.bwlp.thrift.iface.TInvalidTokenException;
import org.openslx.bwlp.thrift.iface.TInvocationException;
import org.openslx.bwlp.thrift.iface.TNotFoundException;
import org.openslx.bwlp.thrift.iface.TTransferRejectedException;
import org.openslx.bwlp.thrift.iface.TransferInformation;
import org.openslx.bwlp.thrift.iface.UserInfo;
import org.openslx.bwlp.thrift.iface.Virtualizer;
import org.openslx.encryption.AsymKeyHolder;
import org.openslx.imagemaster.db.mappers.DbOrganization;
import org.openslx.imagemaster.db.mappers.DbOsVirt;
import org.openslx.imagemaster.db.mappers.DbPendingSatellite;
import org.openslx.imagemaster.db.mappers.DbSatellite;
import org.openslx.imagemaster.db.mappers.DbUser;
import org.openslx.imagemaster.db.models.LocalSatellite;
import org.openslx.imagemaster.serversession.ServerAuthenticator;
import org.openslx.imagemaster.serversession.ServerSession;
import org.openslx.imagemaster.serversession.ServerSessionManager;
import org.openslx.imagemaster.session.Authenticator;
import org.openslx.imagemaster.session.Session;
import org.openslx.imagemaster.session.SessionManager;
import org.openslx.imagemaster.util.Util;
public class MasterServerHandler implements MasterServer.Iface
{
private static final Logger LOGGER = Logger.getLogger( MasterServerHandler.class );
@Override
public boolean ping()
{
return true;
}
@Override
public SessionData authenticate( String login, String password ) throws TAuthorizationException, TInvocationException
{
ClientSessionData csd = localAccountLogin( login, password );
String serverAddress = null;
if ( csd.satellites != null && !csd.satellites.isEmpty() ) {
for ( Satellite sat : csd.satellites ) {
if ( sat.addressList == null || sat.addressList.isEmpty() )
continue;
if ( serverAddress == null || ( sat.displayName != null && sat.displayName.equals( "default" ) ) ) {
serverAddress = sat.addressList.get( 0 );
}
}
}
return new SessionData( csd.sessionId, csd.authToken, serverAddress );
}
/**
* Request for authentication
*
* @param login The user's login in the form "user@organization.com"
* @param password user's password
* @return SessionData struct with session id/token iff login successful
* @throws TAuthorizationException if login not successful
*/
@Override
public ClientSessionData localAccountLogin( String login, String password )
throws TAuthorizationException, TInvocationException
{
if ( login == null || password == null ) {
throw new TAuthorizationException(
AuthorizationError.INVALID_CREDENTIALS,
"Empty username or password!" );
}
final UserInfo user = Authenticator.authenticate( login, password );
final Session session = new Session( user );
return SessionManager.addSession( session );
}
@Override
public List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm )
throws TAuthorizationException, TInvocationException
{
// Needs to be a logged in user
if ( SessionManager.getSessionFromSessionId( sessionId ) == null )
throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" );
// Search string needs to be at least 2 characters (FIXME: quick and dirty ignoring LIKE chars)
if ( searchTerm == null || searchTerm.length() < 2 || searchTerm.replaceAll( "[%_]", "" ).length() < 2 )
return new ArrayList<>( 0 );
return DbUser.findUser( organizationId, searchTerm );
}
@Override
public List<ImagePublishData> getPublicImages( String sessionId, int page )
throws TAuthorizationException, TInvocationException
{
// TODO Auto-generated method stub
return null;
}
@Override
public void invalidateSession( String sessionId ) throws TInvalidTokenException
{
SessionManager.invalidate( sessionId );
}
/**
* Request information about user for given token
*
* @param token a user's token
* @return UserInfo struct for given token's user
* @throws InvalidTokenException if no user matches the given token
*/
@Override
public UserInfo getUserFromToken( String token ) throws TInvalidTokenException
{
final Session session = SessionManager.getSessionFromToken( token );
if ( session == null )
throw new TInvalidTokenException();
return session.getUserInfo();
}
@Override
public boolean isServerAuthenticated( String serverSessionId )
{
return ( ServerSessionManager.getSession( serverSessionId ) != null );
}
/**
* Start the server authentication of a uni/hs satellite server.
*
* @param organization the organization that the server belongs to
* @return a random string that needs to be encrypted with the private
* key of the requesting satellite server
* @throws ServerAuthenticationException when organization is invalid/unknown
*/
@Override
public ByteBuffer startServerAuthentication( int satelliteId ) throws TAuthorizationException, TInvocationException
{
LocalSatellite satellite = DbSatellite.get( satelliteId );
if ( satellite == null )
throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId );
if ( satellite.getPubkey() == null )
throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." );
return ServerAuthenticator.startServerAuthentication( satelliteId );
}
/**
* Authenticate the uni/hs satellite server with the encrypted string.
*
* @param organization the organization that the server belongs to
* @param challengeResponse the encrypted string
* @return session data iff the authentication was successful
*/
@Override
public ServerSessionData serverAuthenticate( int satelliteId, ByteBuffer challengeResponse )
throws TAuthorizationException, TInvocationException
{
if ( challengeResponse == null )
throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" );
LocalSatellite satellite = DbSatellite.get( satelliteId );
if ( satellite == null )
throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId );
if ( satellite.getPubkey() == null )
throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." );
ServerAuthenticator.serverAuthenticate( satellite, challengeResponse );
final ServerSession session = new ServerSession( satellite );
return ServerSessionManager.addSession( session );
}
@Override
public ImagePublishData getImageData( String serverSessionId, String imageVersionId )
throws TAuthorizationException, TInvocationException, TNotFoundException
{
// TODO Auto-generated method stub
return null;
}
@Override
public TransferInformation submitImage( String serverSessionId, ImagePublishData imageDescription, List<ByteBuffer> blockHashes )
throws TAuthorizationException, TInvocationException, TTransferRejectedException
{
// TODO Auto-generated method stub
return null;
}
@Override
public TransferInformation downloadImage( String sessionId, String imageVersionId )
throws TAuthorizationException, TInvocationException, TNotFoundException
{
// TODO Auto-generated method stub
return null;
}
@Override
public List<Organization> getOrganizations() throws TInvocationException
{
try {
return DbOrganization.getAll();
} catch ( SQLException e ) {
throw new TInvocationException();
}
}
@Override
public List<OperatingSystem> getOperatingSystems() throws TInvocationException
{
try {
return DbOsVirt.getOsList();
} catch ( SQLException e ) {
throw new TInvocationException();
}
}
@Override
public List<Virtualizer> getVirtualizers() throws TInvocationException
{
try {
return DbOsVirt.getVirtualizerList();
} catch ( SQLException e ) {
throw new TInvocationException();
}
}
@Override
public List<MasterTag> getTags( long startDate ) throws TInvocationException
{
// TODO Auto-generated method stub
return null;
}
@Override
public List<MasterSoftware> getSoftware( long startDate ) throws TInvocationException
{
// TODO Auto-generated method stub
return null;
}
@Override
public int registerSatellite( String userToken, String displayName, List<String> addresses, String modulus,
String exponent, ByteBuffer certSha256 ) throws TInvocationException
{
if ( userToken == null || exponent == null || modulus == null )
throw new TInvocationException( InvocationError.MISSING_DATA, "A required parameter is null" );
final Session session = SessionManager.getSessionFromToken( userToken );
if ( session == null || session.getUserInfo() == null )
throw new TInvocationException( InvocationError.UNKNOWN_USER, "Not a valid user token" );
String organizationId = session.getUserInfo().organizationId;
Key newKey;
try {
newKey = new AsymKeyHolder( null, Util.tryToParseBigInt( exponent ), Util.tryToParseBigInt( modulus ) ).getPublicKey();
} catch ( NoSuchAlgorithmException | InvalidKeySpecException e ) {
LOGGER.warn( "Invalid public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")", e );
throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" );
}
if ( newKey == null ) {
LOGGER.warn( "Uninstantiable public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")" );
throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" );
}
LocalSatellite existing = DbSatellite.get( organizationId, displayName );
if ( existing != null ) {
Key existingKey = existing.getPubkey();
if ( existingKey != null && Util.keysEqual( newKey, existingKey ) )
return existing.satelliteId;
}
try {
return DbPendingSatellite.add( session.getUserInfo(), displayName, addresses, modulus, exponent );
} catch ( SQLException e ) {
throw new TInvocationException();
}
}
@Override
public boolean updateSatellite( String serverSessionId, String displayName, List<String> addresses )
throws TAuthorizationException, TInvocationException
{
ServerSession session = ServerSessionManager.getSession( serverSessionId );
if ( session == null )
throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" );
// TODO
return false;
}
}