diff options
Diffstat (limited to 'src/main/java/org/openslx/imagemaster/server/ApiServer.java')
-rw-r--r-- | src/main/java/org/openslx/imagemaster/server/ApiServer.java | 235 |
1 files changed, 0 insertions, 235 deletions
diff --git a/src/main/java/org/openslx/imagemaster/server/ApiServer.java b/src/main/java/org/openslx/imagemaster/server/ApiServer.java index ebd222e..57c3944 100644 --- a/src/main/java/org/openslx/imagemaster/server/ApiServer.java +++ b/src/main/java/org/openslx/imagemaster/server/ApiServer.java @@ -1,43 +1,5 @@ package org.openslx.imagemaster.server; -import java.nio.ByteBuffer; -import java.security.Key; -import java.security.NoSuchAlgorithmException; -import java.security.spec.InvalidKeySpecException; -import java.util.ArrayList; -import java.util.List; - -import org.apache.log4j.Logger; -import org.openslx.encryption.AsymKeyHolder; -import org.openslx.imagemaster.db.DbImage; -import org.openslx.imagemaster.db.DbPendingSatellite; -import org.openslx.imagemaster.db.DbSatellite; -import org.openslx.imagemaster.db.DbUser; -import org.openslx.imagemaster.serverconnection.ImageProcessor; -import org.openslx.imagemaster.serversession.ServerAuthenticator; -import org.openslx.imagemaster.serversession.ServerSession; -import org.openslx.imagemaster.serversession.ServerSessionManager; -import org.openslx.imagemaster.serversession.ServerUser; -import org.openslx.imagemaster.session.Authenticator; -import org.openslx.imagemaster.session.Session; -import org.openslx.imagemaster.session.SessionManager; -import org.openslx.imagemaster.session.User; -import org.openslx.imagemaster.thrift.iface.AuthenticationError; -import org.openslx.imagemaster.thrift.iface.AuthenticationException; -import org.openslx.imagemaster.thrift.iface.AuthorizationError; -import org.openslx.imagemaster.thrift.iface.AuthorizationException; -import org.openslx.imagemaster.thrift.iface.DownloadData; -import org.openslx.imagemaster.thrift.iface.ImageData; -import org.openslx.imagemaster.thrift.iface.ImageDataError; -import org.openslx.imagemaster.thrift.iface.ImageDataException; -import org.openslx.imagemaster.thrift.iface.InvalidTokenException; -import org.openslx.imagemaster.thrift.iface.OrganizationData; -import org.openslx.imagemaster.thrift.iface.ServerSessionData; -import org.openslx.imagemaster.thrift.iface.SessionData; -import org.openslx.imagemaster.thrift.iface.UploadData; -import org.openslx.imagemaster.thrift.iface.UploadException; -import org.openslx.imagemaster.thrift.iface.UserInfo; -import org.openslx.imagemaster.util.Util; /** * API Server This is where all the requests from the outside arrive. We don't @@ -52,201 +14,4 @@ import org.openslx.imagemaster.util.Util; */ public class ApiServer { - - private static final Logger LOG = Logger.getLogger( ApiServer.class ); - - /** - * Request for authentication - * - * @param login The user's login in the form "user@organization.com" - * @param password user's password - * @return SessionData struct with session id/token iff login successful - * @throws AuthenticationException if login not successful - */ - public static SessionData authenticate( String login, String password ) - throws AuthenticationException - { - if ( login == null || password == null ) { - throw new AuthenticationException( - AuthenticationError.INVALID_CREDENTIALS, - "Empty username or password!" ); - } - final User user = Authenticator.authenticate( login, password ); - - final Session session = new Session( user ); - return SessionManager.addSession( session ); - } - - /** - * Request information about user for given token - * - * @param token a user's token - * @return UserInfo struct for given token's user - * @throws InvalidTokenException if no user matches the given token - */ - public static UserInfo getUserFromToken( String token ) - throws InvalidTokenException - { - final Session session = SessionManager.getSessionFromToken( token ); - if ( session == null ) - throw new InvalidTokenException(); - return new UserInfo( session.getLogin(), session.getFirstName(), - session.getLastName(), session.getEMail(), session.getOrgenizationId() ); - } - - public static UploadData submitImage( String serverSessionId, ImageData imageDescription, List<Integer> crcSums ) - throws AuthorizationException, ImageDataException, UploadException - { - // first check session of server - if ( ServerSessionManager.getSession( serverSessionId ) == null ) { - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" ); - } - // then let the image processor decide what to do - return ImageProcessor.getUploadInfos( imageDescription, crcSums ); - } - - public static DownloadData getImage( String uuid, String serverSessionId ) throws AuthorizationException, ImageDataException - { - // first check session of server - if ( ServerSessionManager.getSession( serverSessionId ) == null ) { - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" ); - } - - if ( !DbImage.exists( uuid ) ) { - throw new ImageDataException( ImageDataError.UNKNOWN_IMAGE, "UUID is not known by this server." ); - } - - // then let the image processor decide what to do - return ImageProcessor.getDownloadInfos( uuid ); - } - - /** - * Start the server authentication of a uni/hs satellite server. - * - * @param organization the organization that the server belongs to - * @return a random string that needs to be encrypted with the private - * key of the requesting satellite server - * @throws ServerAuthenticationException when organization is invalid/unknown - */ - public static ByteBuffer startServerAuthentication( String organizationId ) - throws AuthenticationException - { - if ( organizationId == null || organizationId.isEmpty() ) - throw new AuthenticationException( AuthenticationError.INVALID_ORGANIZATION, "Empty organization" ); - - DbSatellite satellite = DbSatellite.fromOrganizationId( organizationId ); - if ( satellite == null ) - throw new AuthenticationException( AuthenticationError.INVALID_ORGANIZATION, "Unknown organization: '" + organizationId + "'" ); - if ( satellite.getPubkey() == null ) - throw new AuthenticationException( AuthenticationError.INVALID_KEY, "There is no public key known for your organization." ); - return ServerAuthenticator.startServerAuthentication( organizationId ); - } - - /** - * Authenticate the uni/hs satellite server with the encrypted string. - * - * @param organization the organization that the server belongs to - * @param challengeResponse the encrypted string - * @return session data iff the authentication was successful - * @throws AuthenticationException - */ - public static ServerSessionData serverAuthenticate( String organizationId, - ByteBuffer challengeResponse ) throws AuthenticationException - { - if ( organizationId == null || challengeResponse == null ) { - throw new AuthenticationException( AuthenticationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" ); - } - DbSatellite satellite = DbSatellite.fromOrganizationId( organizationId ); - if ( satellite == null ) - throw new AuthenticationException( AuthenticationError.INVALID_ORGANIZATION, "Unknown organization" ); - if ( satellite.getPubkey() == null ) - throw new AuthenticationException( AuthenticationError.INVALID_KEY, "There is no public key known for your organization." ); - - final ServerUser serverUser = ServerAuthenticator.serverAuthenticate( satellite, challengeResponse ); - - final ServerSession session = new ServerSession( serverUser ); - return ServerSessionManager.addSession( session ); - } - - public static boolean isServerAuthenticated( String serverSessionId ) - { - return ( ServerSessionManager.getSession( serverSessionId ) != null ); - } - - public static boolean publishUser( String serverSessionId, UserInfo user ) throws AuthorizationException - { - // Check session. - if ( ServerSessionManager.getSession( serverSessionId ) == null ) { - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" ); - } - if ( DbUser.forLogin( user.userId ) == null ) { - // User not known by server. Insert into server database. - return DbUser.insertOrUpdate( user ); - } - // Else user is already known by server. Do nothing. - return true; - } - - public static List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm ) throws AuthorizationException - { - // Needs to be a logged in user - if ( SessionManager.getSessionFromSessionId( sessionId ) == null ) - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" ); - // Search string needs to be at least 2 characters (FIXME: quick and dirty ignoring LIKE chars) - if ( searchTerm == null || searchTerm.length() < 2 || searchTerm.replaceAll( "[%_]", "" ).length() < 2 ) - return new ArrayList<>( 0 ); - return DbUser.findUser( organizationId, searchTerm ); - } - - public static List<OrganizationData> getOrganizations() - { - return DbSatellite.asOrganizationDataList(); - } - - public static List<ImageData> getPublicImages( String sessionId, int page ) throws AuthorizationException - { - if ( SessionManager.getSessionFromSessionId( sessionId ) == null ) - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" ); - return DbImage.asImageDataList( page * 100, ( page + 1 ) * 100 ); - } - - public static boolean registerSatellite( String organizationId, String address, String modulus, String exponent ) - { - if ( organizationId == null || address == null || exponent == null || modulus == null ) - return false; - Key newKey; - try { - newKey = new AsymKeyHolder( null, Util.tryToParseBigInt( exponent ), Util.tryToParseBigInt( modulus ) ).getPublicKey(); - } catch ( NoSuchAlgorithmException | InvalidKeySpecException e ) { - LOG.warn( "Invalid public key in registerOrganization for " + organizationId + " (" + address + ")", e ); - return false; - } - if ( newKey == null ) { - LOG.warn( "Uninstantiable public key in registerOrganization for " + organizationId + " (" + address + ")" ); - return false; - } - DbSatellite existing = DbSatellite.fromSuffix( organizationId ); - if ( existing != null ) { - Key existingKey = existing.getPubkey(); - if ( existingKey != null && Util.keysEqual( newKey, existingKey ) ) - return true; - } - return DbPendingSatellite.add( organizationId, address, modulus, exponent ); - } - - public static boolean updateSatelliteAddress( String serverSessionId, String address ) throws AuthorizationException - { - ServerSession session = ServerSessionManager.getSession( serverSessionId ); - if ( session == null ) - throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" ); - String organization = session.getOrganization(); - DbSatellite currentSatellite = DbSatellite.fromOrganizationId( organization ); - if (currentSatellite == null) { - // TODO: error. - } else { - currentSatellite.updateAddress(address, organization); - return true; - } - return false; - } } |