Added authentification for uni/hs server

--> added serversession, serversessionmanager --> missing implementation for server authentication
author: Nils Schwabe 2014-04-10 11:58:34 +0200
committer: Nils Schwabe 2014-04-10 11:58:34 +0200
commit: d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc (patch)
tree: c9895bd99ed579d421343b41e9611da23eb1a4c1 /src/main/java/org/openslx/imagemaster/server
parent: added new thrift methods: (diff)
download: masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.tar.gz
masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.tar.xz
masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.zip
1 files changed, 98 insertions, 20 deletions
diff --git a/src/main/java/org/openslx/imagemaster/server/ApiServer.java b/src/main/java/org/openslx/imagemaster/server/ApiServer.java
index ba15623..3799079 100644
--- a/src/main/java/org/openslx/imagemaster/server/ApiServer.java
+++ b/src/main/java/org/openslx/imagemaster/server/ApiServer.java
@@ -1,15 +1,29 @@
 package org.openslx.imagemaster.server;
 
+import java.io.File;
+
 import org.apache.log4j.Logger;
+import org.apache.thrift.TException;
+import org.openslx.imagemaster.Globals;
+import org.openslx.imagemaster.db.DbSatellite;
+import org.openslx.imagemaster.serversession.ServerAuthenticator;
+import org.openslx.imagemaster.serversession.ServerSession;
+import org.openslx.imagemaster.serversession.ServerSessionManager;
+import org.openslx.imagemaster.serversession.ServerUser;
 import org.openslx.imagemaster.session.Authenticator;
 import org.openslx.imagemaster.session.Session;
 import org.openslx.imagemaster.session.SessionManager;
 import org.openslx.imagemaster.session.User;
 import org.openslx.imagemaster.thrift.iface.AuthenticationError;
 import org.openslx.imagemaster.thrift.iface.AuthenticationException;
+import org.openslx.imagemaster.thrift.iface.AuthorizationException;
+import org.openslx.imagemaster.thrift.iface.FtpCredentials;
+import org.openslx.imagemaster.thrift.iface.ImageData;
 import org.openslx.imagemaster.thrift.iface.InvalidTokenException;
+import org.openslx.imagemaster.thrift.iface.ServerSessionData;
 import org.openslx.imagemaster.thrift.iface.SessionData;
 import org.openslx.imagemaster.thrift.iface.UserInfo;
+import org.openslx.imagemaster.util.RandomString;
 
 /**
  * API Server This is where all the requests from the outside arrive. We don't
@@ -22,42 +36,106 @@ import org.openslx.imagemaster.thrift.iface.UserInfo;
  * This will be accessed from multiple threads, so use synchronization when
  * needed (or in doubt)
  */
-public class ApiServer
-{
-	@SuppressWarnings( "unused" )
-	private static Logger log = Logger.getLogger( ApiServer.class );
+public class ApiServer {
+	private static Logger log = Logger.getLogger(ApiServer.class);
 
 	/**
 	 * Request for authentication
-	 * @param login (username@organization)
+	 * 
+	 * @param login
+	 *            (username@organization)
 	 * @param password
 	 * @return SessionData struct with session id/token iff login successful
-	 * @throws AuthenticationException if login not successful
+	 * @throws AuthenticationException
+	 *             if login not successful
 	 */
-	public static SessionData authenticate( String login, String password )
+	public static SessionData authenticate(String login, String password)
 			throws AuthenticationException {
-		if ( login == null || password == null ) {
-			throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Empty username or password!" );
+		if (login == null || password == null) {
+			throw new AuthenticationException(
+					AuthenticationError.INVALID_CREDENTIALS,
+					"Empty username or password!");
 		}
-		final User user = Authenticator.authenticate( login, password );
+		final User user = Authenticator.authenticate(login, password);
 
-		final Session session = new Session( user );
-		return SessionManager.addSession( session );
+		final Session session = new Session(user);
+		return SessionManager.addSession(session);
 	}
 
 	/**
 	 * Request information about user for given token
-	 * @param token - a user's token
+	 * 
+	 * @param token
+	 *            - a user's token
 	 * @return UserInfo struct for given token's user
-	 * @throws InvalidTokenException if no user matches the given token
+	 * @throws InvalidTokenException
+	 *             if no user matches the given token
 	 */
-	public static UserInfo getUserFromToken( String token )
-			throws InvalidTokenException
-	{
-		final Session session = SessionManager.getSession( token );
-		if ( session == null )
+	public static UserInfo getUserFromToken(String token)
+			throws InvalidTokenException {
+		final Session session = SessionManager.getSession(token);
+		if (session == null)
 			throw new InvalidTokenException();
-		return new UserInfo( session.getUserId(), session.getFirstName(), session.getLastName(), session.getEMail() );
+		return new UserInfo(session.getUserId(), session.getFirstName(),
+				session.getLastName(), session.getEMail());
+	}
+
+	public static FtpCredentials submitImage(ImageData imageDescription,
+			ServerSessionData serverSessionData) throws AuthorizationException,
+			TException {
+		/*
+		 * TODO:
+		 * Check if session is ok.
+		 * create and return FtpCredentials
+		 */
+
+		/*
+		 * FTP Users can be added later with: ftpServer.addUser(username,
+		 * password, ftp_root);
+		 * 
+		 * And removed with: removeUser(username);
+		 */
+
+		String generatedUser = RandomString.generate(10, false);
+		String generatedPass = RandomString.generate(16, true);
+		String dir = Globals.properties.getProperty("ftp_base_dir") + "/"
+				+ generatedUser + "/";
+		if (new File(dir).mkdir()) {
+			Globals.ftpServer.addUser(generatedUser, generatedPass, dir, true);
+			log.info("Generated user/pass: " + generatedUser + "\t"
+					+ generatedPass + "\n with home dir: " + dir);
+		}
+		// TODO: remove old user
+
+		return new FtpCredentials(generatedUser, generatedPass);
+	}
+
+	public static String startServerAuthentication(String organization)
+			throws TException {
+		if (organization == null || organization == "") {
+			throw new TException("Empty organization");
+		}
+		if (DbSatellite.fromOrganization(organization) == null) {
+			throw new TException("Unkown organization");
+		}
+		return ServerAuthenticator.startServerAuthentication(organization);
+	}
+
+	public static ServerSessionData serverAuthenticate(String organization,
+			String challengeResponse) throws AuthenticationException,
+			TException {
+		if (organization == null || challengeResponse == null) {
+			throw new TException("Empty organization org challengeResponse");
+		}
+		DbSatellite satellite = DbSatellite.fromOrganization(organization);
+		if (satellite == null) {
+			throw new TException("Unkown organization");
+		}
+		final ServerUser serverUser = ServerAuthenticator.serverAuthenticate(
+				organization, satellite.getAddress(), challengeResponse);
+		
+		final ServerSession session = new ServerSession(serverUser);
+		return ServerSessionManager.addSession(session);
 	}
 
 }
author	Nils Schwabe	2014-04-10 11:58:34 +0200
committer	Nils Schwabe	2014-04-10 11:58:34 +0200
commit	d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc (patch)
tree	c9895bd99ed579d421343b41e9611da23eb1a4c1 /src/main/java/org/openslx/imagemaster/server
parent	added new thrift methods: (diff)
download	masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.tar.gz masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.tar.xz masterserver-d5e1e558f22de9e20fbee6c1e8a884e65fa7cbbc.zip