summaryrefslogtreecommitdiffstats
path: root/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java')
-rw-r--r--src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java305
1 files changed, 305 insertions, 0 deletions
diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java b/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java
new file mode 100644
index 0000000..ec13a6f
--- /dev/null
+++ b/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java
@@ -0,0 +1,305 @@
+package org.openslx.imagemaster.thrift.server;
+
+import java.nio.ByteBuffer;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+import org.openslx.bwlp.thrift.iface.AuthorizationError;
+import org.openslx.bwlp.thrift.iface.ClientSessionData;
+import org.openslx.bwlp.thrift.iface.ImagePublishData;
+import org.openslx.bwlp.thrift.iface.InvocationError;
+import org.openslx.bwlp.thrift.iface.MasterServer;
+import org.openslx.bwlp.thrift.iface.MasterSoftware;
+import org.openslx.bwlp.thrift.iface.MasterTag;
+import org.openslx.bwlp.thrift.iface.OperatingSystem;
+import org.openslx.bwlp.thrift.iface.Organization;
+import org.openslx.bwlp.thrift.iface.Satellite;
+import org.openslx.bwlp.thrift.iface.ServerSessionData;
+import org.openslx.bwlp.thrift.iface.SessionData;
+import org.openslx.bwlp.thrift.iface.TAuthorizationException;
+import org.openslx.bwlp.thrift.iface.TInvalidTokenException;
+import org.openslx.bwlp.thrift.iface.TInvocationException;
+import org.openslx.bwlp.thrift.iface.TNotFoundException;
+import org.openslx.bwlp.thrift.iface.TTransferRejectedException;
+import org.openslx.bwlp.thrift.iface.TransferInformation;
+import org.openslx.bwlp.thrift.iface.UserInfo;
+import org.openslx.bwlp.thrift.iface.Virtualizer;
+import org.openslx.encryption.AsymKeyHolder;
+import org.openslx.imagemaster.db.mappers.DbOrganization;
+import org.openslx.imagemaster.db.mappers.DbOsVirt;
+import org.openslx.imagemaster.db.mappers.DbPendingSatellite;
+import org.openslx.imagemaster.db.mappers.DbSatellite;
+import org.openslx.imagemaster.db.mappers.DbUser;
+import org.openslx.imagemaster.db.models.LocalSatellite;
+import org.openslx.imagemaster.serversession.ServerAuthenticator;
+import org.openslx.imagemaster.serversession.ServerSession;
+import org.openslx.imagemaster.serversession.ServerSessionManager;
+import org.openslx.imagemaster.session.Authenticator;
+import org.openslx.imagemaster.session.Session;
+import org.openslx.imagemaster.session.SessionManager;
+import org.openslx.imagemaster.util.Util;
+
+public class MasterServerHandler implements MasterServer.Iface
+{
+
+ private static final Logger LOGGER = Logger.getLogger( MasterServerHandler.class );
+
+ @Override
+ public boolean ping()
+ {
+ return true;
+ }
+
+ @Override
+ public SessionData authenticate( String login, String password ) throws TAuthorizationException, TInvocationException
+ {
+ ClientSessionData csd = localAccountLogin( login, password );
+ String serverAddress = null;
+ if ( csd.satellites != null && !csd.satellites.isEmpty() ) {
+ for ( Satellite sat : csd.satellites ) {
+ if ( sat.addressList == null || sat.addressList.isEmpty() )
+ continue;
+ if ( serverAddress == null || ( sat.displayName != null && sat.displayName.equals( "default" ) ) ) {
+ serverAddress = sat.addressList.get( 0 );
+ }
+ }
+ }
+ return new SessionData( csd.sessionId, csd.authToken, serverAddress );
+ }
+
+ /**
+ * Request for authentication
+ *
+ * @param login The user's login in the form "user@organization.com"
+ * @param password user's password
+ * @return SessionData struct with session id/token iff login successful
+ * @throws TAuthorizationException if login not successful
+ */
+ @Override
+ public ClientSessionData localAccountLogin( String login, String password )
+ throws TAuthorizationException, TInvocationException
+ {
+ if ( login == null || password == null ) {
+ throw new TAuthorizationException(
+ AuthorizationError.INVALID_CREDENTIALS,
+ "Empty username or password!" );
+ }
+ final UserInfo user = Authenticator.authenticate( login, password );
+
+ final Session session = new Session( user );
+ return SessionManager.addSession( session );
+ }
+
+ @Override
+ public List<UserInfo> findUser( String sessionId, String organizationId, String searchTerm )
+ throws TAuthorizationException, TInvocationException
+ {
+ // Needs to be a logged in user
+ if ( SessionManager.getSessionFromSessionId( sessionId ) == null )
+ throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" );
+ // Search string needs to be at least 2 characters (FIXME: quick and dirty ignoring LIKE chars)
+ if ( searchTerm == null || searchTerm.length() < 2 || searchTerm.replaceAll( "[%_]", "" ).length() < 2 )
+ return new ArrayList<>( 0 );
+ return DbUser.findUser( organizationId, searchTerm );
+ }
+
+ @Override
+ public List<ImagePublishData> getPublicImages( String sessionId, int page )
+ throws TAuthorizationException, TInvocationException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void invalidateSession( String sessionId ) throws TInvalidTokenException
+ {
+ SessionManager.invalidate( sessionId );
+ }
+
+ /**
+ * Request information about user for given token
+ *
+ * @param token a user's token
+ * @return UserInfo struct for given token's user
+ * @throws InvalidTokenException if no user matches the given token
+ */
+ @Override
+ public UserInfo getUserFromToken( String token ) throws TInvalidTokenException
+ {
+ final Session session = SessionManager.getSessionFromToken( token );
+ if ( session == null )
+ throw new TInvalidTokenException();
+ return new UserInfo( session.getLogin(), session.getFirstName(),
+ session.getLastName(), session.getEMail(), session.getOrgenizationId() );
+ }
+
+ @Override
+ public boolean isServerAuthenticated( String serverSessionId )
+ {
+ return ( ServerSessionManager.getSession( serverSessionId ) != null );
+ }
+
+ /**
+ * Start the server authentication of a uni/hs satellite server.
+ *
+ * @param organization the organization that the server belongs to
+ * @return a random string that needs to be encrypted with the private
+ * key of the requesting satellite server
+ * @throws ServerAuthenticationException when organization is invalid/unknown
+ */
+ @Override
+ public ByteBuffer startServerAuthentication( int satelliteId ) throws TAuthorizationException, TInvocationException
+ {
+ LocalSatellite satellite = DbSatellite.get( satelliteId );
+ if ( satellite == null )
+ throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId );
+ if ( satellite.getPubkey() == null )
+ throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." );
+ return ServerAuthenticator.startServerAuthentication( satelliteId );
+ }
+
+ /**
+ * Authenticate the uni/hs satellite server with the encrypted string.
+ *
+ * @param organization the organization that the server belongs to
+ * @param challengeResponse the encrypted string
+ * @return session data iff the authentication was successful
+ */
+ @Override
+ public ServerSessionData serverAuthenticate( int satelliteId, ByteBuffer challengeResponse )
+ throws TAuthorizationException, TInvocationException
+ {
+ if ( challengeResponse == null )
+ throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" );
+ LocalSatellite satellite = DbSatellite.get( satelliteId );
+ if ( satellite == null )
+ throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId );
+ if ( satellite.getPubkey() == null )
+ throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." );
+
+ ServerAuthenticator.serverAuthenticate( satellite, challengeResponse );
+
+ final ServerSession session = new ServerSession( satellite );
+ return ServerSessionManager.addSession( session );
+ }
+
+ @Override
+ public ImagePublishData getImageData( String serverSessionId, String imageVersionId )
+ throws TAuthorizationException, TInvocationException, TNotFoundException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public TransferInformation submitImage( String serverSessionId, ImagePublishData imageDescription, List<ByteBuffer> blockHashes )
+ throws TAuthorizationException, TInvocationException, TTransferRejectedException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public TransferInformation downloadImage( String sessionId, String imageVersionId )
+ throws TAuthorizationException, TInvocationException, TNotFoundException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<Organization> getOrganizations() throws TInvocationException
+ {
+ try {
+ return DbOrganization.getAll();
+ } catch ( SQLException e ) {
+ throw new TInvocationException();
+ }
+ }
+
+ @Override
+ public List<OperatingSystem> getOperatingSystems() throws TInvocationException
+ {
+ try {
+ return DbOsVirt.getOsList();
+ } catch ( SQLException e ) {
+ throw new TInvocationException();
+ }
+ }
+
+ @Override
+ public List<Virtualizer> getVirtualizers() throws TInvocationException
+ {
+ try {
+ return DbOsVirt.getVirtualizerList();
+ } catch ( SQLException e ) {
+ throw new TInvocationException();
+ }
+ }
+
+ @Override
+ public List<MasterTag> getTags( long startDate ) throws TInvocationException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<MasterSoftware> getSoftware( long startDate ) throws TInvocationException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public int registerSatellite( String userToken, String displayName, List<String> addresses, String modulus,
+ String exponent, ByteBuffer certSha256 ) throws TInvocationException
+ {
+ if ( userToken == null || exponent == null || modulus == null )
+ throw new TInvocationException( InvocationError.MISSING_DATA, "A required parameter is null" );
+ final Session session = SessionManager.getSessionFromToken( userToken );
+ if ( session == null || session.getUserInfo() == null )
+ throw new TInvocationException( InvocationError.UNKNOWN_USER, "Not a valid user token" );
+ String organizationId = session.getUserInfo().organizationId;
+ Key newKey;
+ try {
+ newKey = new AsymKeyHolder( null, Util.tryToParseBigInt( exponent ), Util.tryToParseBigInt( modulus ) ).getPublicKey();
+ } catch ( NoSuchAlgorithmException | InvalidKeySpecException e ) {
+ LOGGER.warn( "Invalid public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")", e );
+ throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" );
+ }
+ if ( newKey == null ) {
+ LOGGER.warn( "Uninstantiable public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")" );
+ throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" );
+ }
+ LocalSatellite existing = DbSatellite.get( organizationId, displayName );
+ if ( existing != null ) {
+ Key existingKey = existing.getPubkey();
+ if ( existingKey != null && Util.keysEqual( newKey, existingKey ) )
+ return existing.satelliteId;
+ }
+ try {
+ return DbPendingSatellite.add( session.getUserInfo(), displayName, addresses, modulus, exponent );
+ } catch ( SQLException e ) {
+ throw new TInvocationException();
+ }
+ }
+
+ @Override
+ public boolean updateSatellite( String serverSessionId, String displayName, List<String> addresses )
+ throws TAuthorizationException, TInvocationException
+ {
+ ServerSession session = ServerSessionManager.getSession( serverSessionId );
+ if ( session == null )
+ throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" );
+ // TODO
+ return false;
+ }
+
+}
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-03 13:19:29 +0200