From 0ed5db9366541069ac4585c16d57138a9c4deac2 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 1 Oct 2014 16:53:55 +0200 Subject: Adapt to changed DB scheme (eppn handling for multiple suffixes) --- .../org/openslx/imagemaster/db/DbSatellite.java | 42 ++++++++++++-------- .../java/org/openslx/imagemaster/db/DbUser.java | 45 ++++++++-------------- .../java/org/openslx/imagemaster/db/LdapUser.java | 8 ++-- .../org/openslx/imagemaster/server/ApiServer.java | 39 ++++++++++++++----- .../serversession/ServerAuthenticator.java | 10 ++--- .../org/openslx/imagemaster/session/Session.java | 9 ++++- .../imagemaster/session/SessionManager.java | 2 +- .../java/org/openslx/imagemaster/session/User.java | 18 ++++----- .../imagemaster/thrift/server/BinaryListener.java | 1 + .../thrift/server/ImageServerHandler.java | 25 ++++++++++-- 10 files changed, 119 insertions(+), 80 deletions(-) diff --git a/src/main/java/org/openslx/imagemaster/db/DbSatellite.java b/src/main/java/org/openslx/imagemaster/db/DbSatellite.java index 65450ed..a1c9b1a 100644 --- a/src/main/java/org/openslx/imagemaster/db/DbSatellite.java +++ b/src/main/java/org/openslx/imagemaster/db/DbSatellite.java @@ -17,7 +17,7 @@ public class DbSatellite { private static final Logger LOG = Logger.getLogger( DbSatellite.class ); - private String organization, address, name, prefix, publickeyString; + private String organizationId, address, name, publickeyString; private PublicKey publickey = null; private static final KeyFactory keyFact; @@ -33,31 +33,44 @@ public class DbSatellite } // needs to be public in order to be found by MySQL - public DbSatellite( String organization, String address, String name, String prefix, String publickeyString ) + public DbSatellite( String organizationId, String address, String name, String prefix, String publickeyString ) { - this.organization = organization; + this.organizationId = organizationId; this.address = address; this.name = name; - this.prefix = prefix; this.publickeyString = publickeyString; } - public static DbSatellite fromOrganization( String organization ) + public static DbSatellite fromOrganizationId( String organizationId ) { return MySQL .findUniqueOrNull( DbSatellite.class, - "SELECT satellite.organization, satellite.address, satellite.name, satellite.prefix, satellite.publickey FROM satellite WHERE satellite.organization = ? LIMIT 1", - organization ); + "SELECT satellite.organizationid, satellite.address, satellite.name, satellite.publickey FROM satellite WHERE satellite.organizationid = ? LIMIT 1", + organizationId ); + } + + public static DbSatellite fromSuffix( String suffix ) + { + return MySQL + .findUniqueOrNull( + DbSatellite.class, + "SELECT satellite.organizationid, satellite.address, satellite.name, satellite.publickey FROM satellite" + + " INNER JOIN satellite_suffix USING (organizationid)" + + " WHERE satellite_suffix.suffix = ? LIMIT 1", + suffix ); } public static DbSatellite fromPrefix( String prefix ) { + /* return MySQL .findUniqueOrNull( DbSatellite.class, - "SELECT satellite.organization, satellite.address, satellite.name, satellite.prefix, satellite.publickey FROM satellite WHERE satellite.prefix = ? LIMIT 1", + "SELECT satellite.organization, satellite.address, satellite.name, satellite.publickey FROM satellite WHERE satellite.prefix = ? LIMIT 1", prefix ); + */ + return null; } public String getAddress() @@ -70,14 +83,9 @@ public class DbSatellite return name; } - public String getOrganization() - { - return organization; - } - - public String getPrefix() + public String getOrganizationId() { - return this.prefix; + return organizationId; } /** @@ -99,9 +107,9 @@ public class DbSatellite publickey = keyFact.generatePublic( keySpec ); } } catch ( InvalidKeySpecException e ) { - LOG.info( "PubKey of " + this.organization + " is not valid.", e ); + LOG.info( "PubKey of " + this.name + " is not valid.", e ); } catch ( NumberFormatException e ) { - LOG.info( "PubKey of " + this.organization + " is corrupted in database!", e ); + LOG.info( "PubKey of " + this.name + " is corrupted in database!", e ); } } return publickey; diff --git a/src/main/java/org/openslx/imagemaster/db/DbUser.java b/src/main/java/org/openslx/imagemaster/db/DbUser.java index c486da3..b822e4d 100644 --- a/src/main/java/org/openslx/imagemaster/db/DbUser.java +++ b/src/main/java/org/openslx/imagemaster/db/DbUser.java @@ -12,11 +12,11 @@ public class DbUser extends User private static Logger log = Logger.getLogger( DbUser.class ); - public DbUser( int userId, String username, String password, String organization, + public DbUser( int userId, String eppn, String password, String organizationId, String firstName, String lastName, String eMail, String satelliteAddress ) { - super( userId, username, password, organization, firstName, lastName, eMail, + super( userId, eppn, password, organizationId, firstName, lastName, eMail, satelliteAddress ); } @@ -24,22 +24,19 @@ public class DbUser extends User * Query database for user with given login * * @param login - * (user@organization) + * (user@organizationSuffix) * @return instance of DbUser for matching entry from DB, or null if not * found */ public static DbUser forLogin( final String login ) { - final String[] parts = login.split( "@" ); - if ( parts.length != 2 ) - return null; return MySQL .findUniqueOrNull( DbUser.class, - "SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user" - + " LEFT JOIN satellite USING (organization)" - + " WHERE user.username = ? AND user.organization = ? LIMIT 1", - parts[0], parts[1] ); + "SELECT user.userid, user.eppn, user.password, user.organizationid, user.firstname, user.lastname, user.email, satellite.address FROM user" + + " LEFT JOIN satellite USING (organizationid)" + + " WHERE user.eppn = ? LIMIT 1", + login ); } /** @@ -54,8 +51,8 @@ public class DbUser extends User return MySQL .findUniqueOrNull( DbUser.class, - "SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user" - + " LEFT JOIN satellite USING (organization)" + "SELECT user.userid, user.eppn, user.password, user.organizationid, user.firstname, user.lastname, user.email, satellite.address FROM user" + + " LEFT JOIN satellite USING (organizationid)" + " WHERE user.userid = ? LIMIT 1", userid ); } @@ -75,21 +72,17 @@ public class DbUser extends User public static boolean insertOrUpdate( User user ) { - log.debug( "Inserted user '" + user.username + "' into db." ); + log.debug( "Inserted user '" + user.eppn + "' into db." ); MySQL.update( - "INSERT INTO user (username, password, organization, firstname, lastname, email) VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE password=VALUES(password), organization=VALUES(organization), firstname=VALUES(firstname), lastname=VALUES(lastname), email=VALUES(email)", - user.username, user.password, user.organization, user.firstName, user.lastName, user.eMail ); + "INSERT INTO user (eppn, password, organizationid, firstname, lastname, email) VALUES (?, ?, ?, ?, ?, ?) ON DUPLICATE KEY UPDATE password=VALUES(password), organizationid=VALUES(organizationid), firstname=VALUES(firstname), lastname=VALUES(lastname), email=VALUES(email)", + user.eppn, user.password, user.organizationId, user.firstName, user.lastName, user.eMail ); return false; } + /* public static int getUserIdByName( String username ) { - DbUser user = MySQL - .findUniqueOrNull( - DbUser.class, - "SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user" - + " LEFT JOIN satellite USING (organization)" - + " WHERE user.username = ? LIMIT 1", username ); + DbUser user = forLogin( username ); if ( user == null ) return 0; return user.userId; @@ -97,15 +90,11 @@ public class DbUser extends User public static String getUserNameById( int id ) { - DbUser user = MySQL - .findUniqueOrNull( - DbUser.class, - "SELECT user.userid, user.username, user.password, user.organization, user.firstname, user.lastname, user.email, satellite.address FROM user" - + " LEFT JOIN satellite USING (organization)" - + " WHERE user.userid = ? LIMIT 1", id ); + DbUser user = forLogin( id ); if ( user == null ) - return ""; + return null; return user.username; } + */ } diff --git a/src/main/java/org/openslx/imagemaster/db/LdapUser.java b/src/main/java/org/openslx/imagemaster/db/LdapUser.java index 2812755..b026e7e 100644 --- a/src/main/java/org/openslx/imagemaster/db/LdapUser.java +++ b/src/main/java/org/openslx/imagemaster/db/LdapUser.java @@ -105,7 +105,7 @@ public class LdapUser extends User eMail = entry.get( "mail" ).getString(); // get the satellite address from db - DbSatellite dbSatellite = DbSatellite.fromOrganization( organization ); + DbSatellite dbSatellite = DbSatellite.fromSuffix( organization ); if ( dbSatellite != null ) { satelliteAddress = dbSatellite.getAddress(); } else { @@ -118,7 +118,7 @@ public class LdapUser extends User if ( e.getMessage().contains( "Cannot connect on the server" ) ) { DbSatellite dbSatellite = DbSatellite.fromPrefix(split[0]); if (dbSatellite == null) throw new AuthenticationException(AuthenticationError.INVALID_CREDENTIALS, "Credentials invalid."); - String lo = split[1] + "@" + dbSatellite.getOrganization(); + String lo = split[1] + "@" + dbSatellite.getOrganizationId(); log.info( "LDAP server could not be reached. Trying to connect locally with: " + lo ); return LdapUser.localLogin(lo, password); } @@ -150,7 +150,7 @@ public class LdapUser extends User /** * Login user locally if external Ldap server is not available - * @param username Must be in form "username@organization" + * @param eppn Must be in form "username@organization" * @param password The user's password */ private static LdapUser localLogin( String login, String password ) @@ -162,7 +162,7 @@ public class LdapUser extends User if (!Sha512Crypt.verifyPassword( password, user.password )) return null; // return ldapuser if valid - return new LdapUser( user.userId, user.username, Sha512Crypt.Sha512_crypt( password, null, 0 ), user.organization, user.firstName, + return new LdapUser( user.userId, user.eppn, Sha512Crypt.Sha512_crypt( password, null, 0 ), user.organizationId, user.firstName, user.lastName, user.eMail, user.satelliteAddress ); } } diff --git a/src/main/java/org/openslx/imagemaster/server/ApiServer.java b/src/main/java/org/openslx/imagemaster/server/ApiServer.java index b39a517..6c5413f 100644 --- a/src/main/java/org/openslx/imagemaster/server/ApiServer.java +++ b/src/main/java/org/openslx/imagemaster/server/ApiServer.java @@ -24,6 +24,7 @@ import org.openslx.imagemaster.thrift.iface.ImageData; import org.openslx.imagemaster.thrift.iface.ImageDataError; import org.openslx.imagemaster.thrift.iface.ImageDataException; import org.openslx.imagemaster.thrift.iface.InvalidTokenException; +import org.openslx.imagemaster.thrift.iface.OrganizationData; import org.openslx.imagemaster.thrift.iface.ServerAuthenticationError; import org.openslx.imagemaster.thrift.iface.ServerAuthenticationException; import org.openslx.imagemaster.thrift.iface.ServerSessionData; @@ -81,8 +82,8 @@ public class ApiServer final Session session = SessionManager.getSession( token ); if ( session == null ) throw new InvalidTokenException(); - return new UserInfo( session.getUserId(), session.getFirstName(), - session.getLastName(), session.getEMail() ); + return new UserInfo( session.getLogin(), session.getFirstName(), + session.getLastName(), session.getEMail(), session.getOrgenizationId() ); } public static UploadData submitImage( String serverSessionId, ImageData imageDescription, List crcSums ) @@ -119,18 +120,18 @@ public class ApiServer * key of the requesting satellite server * @throws ServerAuthenticationException when organization is invalid/unknown */ - public static ByteBuffer startServerAuthentication( String organization ) + public static ByteBuffer startServerAuthentication( String organizationId ) throws ServerAuthenticationException { - if ( organization == null || organization.isEmpty() ) + if ( organizationId == null || organizationId.isEmpty() ) throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Empty organization" ); - DbSatellite satellite = DbSatellite.fromOrganization( organization ); + DbSatellite satellite = DbSatellite.fromOrganizationId( organizationId ); if ( satellite == null ) - throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Unknown organization: '" + organization + "'" ); + throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Unknown organization: '" + organizationId + "'" ); if ( satellite.getPubkey() == null ) throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_KEY, "There is no public key known for your organization." ); - return ServerAuthenticator.startServerAuthentication( organization ); + return ServerAuthenticator.startServerAuthentication( organizationId ); } /** @@ -142,14 +143,14 @@ public class ApiServer * @throws AuthenticationException * @throws TException */ - public static ServerSessionData serverAuthenticate( String organization, + public static ServerSessionData serverAuthenticate( String organizationId, ByteBuffer challengeResponse ) throws ServerAuthenticationException, TException { - if ( organization == null || challengeResponse == null ) { + if ( organizationId == null || challengeResponse == null ) { throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" ); } - DbSatellite satellite = DbSatellite.fromOrganization( organization ); + DbSatellite satellite = DbSatellite.fromOrganizationId( organizationId ); if ( satellite == null ) throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Unknown organization" ); if ( satellite.getPubkey() == null ) @@ -165,4 +166,22 @@ public class ApiServer { return ( ServerSessionManager.getSession( serverSessionId ) != null ); } + + public static boolean publishUser( String serverSessionId, UserInfo user ) + { + // TODO Auto-generated method stub + return false; + } + + public static List findUser( String sessionId, String organizationId, String searchTerm ) + { + // TODO Auto-generated method stub + return null; + } + + public static List getOrganizations() + { + // TODO Auto-generated method stub + return null; + } } diff --git a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java index d851c4e..4ec5acf 100644 --- a/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java +++ b/src/main/java/org/openslx/imagemaster/serversession/ServerAuthenticator.java @@ -45,7 +45,7 @@ public class ServerAuthenticator /** * Authenticate with the challengeResponse. * - * @param organization Is already verified. + * @param organizationId Is already verified. * @param address * @param challengeResponse * @return @@ -60,13 +60,13 @@ public class ServerAuthenticator AsymEncryptionHandler verifier = new AsymEncryptionHandler( satellite.getPubkey() ); - if ( !verifier.verifyMessage( encryptedBytes, authenticatingServers.get( satellite.getOrganization() ) ) ) + if ( !verifier.verifyMessage( encryptedBytes, authenticatingServers.get( satellite.getOrganizationId() ) ) ) throw new ServerAuthenticationException( ServerAuthenticationError.CHALLENGE_FAILED, "You failed the encryption challenge. private and public key don't seem to match." ); - log.info( "Server of organinzation '" + satellite.getOrganization() + " authenticated." ); + log.info( "Server of organinzation " + satellite.getName() + " (" + satellite.getOrganizationId() + ") authenticated." ); - authenticatingServers.remove( satellite.getOrganization() ); + authenticatingServers.remove( satellite.getOrganizationId() ); - return new ServerUser( satellite.getOrganization(), satellite.getAddress() ); + return new ServerUser( satellite.getOrganizationId(), satellite.getAddress() ); } } diff --git a/src/main/java/org/openslx/imagemaster/session/Session.java b/src/main/java/org/openslx/imagemaster/session/Session.java index 727045a..54a2757 100644 --- a/src/main/java/org/openslx/imagemaster/session/Session.java +++ b/src/main/java/org/openslx/imagemaster/session/Session.java @@ -37,9 +37,9 @@ public class Session return user.satelliteAddress; } - public String getUserId() + public String getLogin() { - return user.username + "@" + user.organization; + return user.eppn; } public String getFirstName() @@ -56,5 +56,10 @@ public class Session { return user.eMail; } + + public String getOrgenizationId() + { + return user.organizationId; + } } diff --git a/src/main/java/org/openslx/imagemaster/session/SessionManager.java b/src/main/java/org/openslx/imagemaster/session/SessionManager.java index 7891904..295b53e 100644 --- a/src/main/java/org/openslx/imagemaster/session/SessionManager.java +++ b/src/main/java/org/openslx/imagemaster/session/SessionManager.java @@ -60,7 +60,7 @@ public class SessionManager while ( it.hasNext() ) { final Session s = it.next(); if ( s.timedOut() ) { - log.debug( "Removing old session of " + s.getUserId() ); + log.debug( "Removing old session of " + s.getLogin() ); it.remove(); } } diff --git a/src/main/java/org/openslx/imagemaster/session/User.java b/src/main/java/org/openslx/imagemaster/session/User.java index 264c17f..bbbe8c7 100644 --- a/src/main/java/org/openslx/imagemaster/session/User.java +++ b/src/main/java/org/openslx/imagemaster/session/User.java @@ -7,19 +7,19 @@ package org.openslx.imagemaster.session; */ public abstract class User { - public final String username, organization; + public final String eppn, organizationId; public final String password; public final String firstName, lastName; public final String eMail; public final String satelliteAddress; public final int userId; - protected User( int userId, String username, String password, String organization, String firstName, String lastName, String eMail, + protected User( int userId, String eppn, String password, String organization, String firstName, String lastName, String eMail, String satelliteAddress ) { this.userId = userId; - this.username = username; - this.organization = organization; + this.eppn = eppn; + this.organizationId = organization; this.password = password; this.firstName = firstName; this.lastName = lastName; @@ -30,10 +30,10 @@ public abstract class User @Override public String toString() { - final StringBuilder sb = new StringBuilder( this.username ); - sb.append( "@" ); - sb.append( this.organization ); - sb.append( ": " ); + final StringBuilder sb = new StringBuilder( this.eppn ); + sb.append( " (" ); + sb.append( this.organizationId ); + sb.append( "): " ); sb.append( this.firstName ); sb.append( ' ' ); sb.append( this.lastName ); @@ -48,7 +48,7 @@ public abstract class User public String getLogin() { - return username + "@" + organization; + return eppn; } } diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java b/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java index 19a8a24..ebacbfc 100644 --- a/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java +++ b/src/main/java/org/openslx/imagemaster/thrift/server/BinaryListener.java @@ -31,6 +31,7 @@ public class BinaryListener implements Runnable TServer server = new THsHaServer( args ); log.info( "Starting Binary Thrift" ); server.serve(); + System.exit(1); } } diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java b/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java index af78258..fe878ce 100644 --- a/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java +++ b/src/main/java/org/openslx/imagemaster/thrift/server/ImageServerHandler.java @@ -13,6 +13,7 @@ import org.openslx.imagemaster.thrift.iface.ImageData; import org.openslx.imagemaster.thrift.iface.ImageDataException; import org.openslx.imagemaster.thrift.iface.ImageServer; import org.openslx.imagemaster.thrift.iface.InvalidTokenException; +import org.openslx.imagemaster.thrift.iface.OrganizationData; import org.openslx.imagemaster.thrift.iface.ServerAuthenticationException; import org.openslx.imagemaster.thrift.iface.ServerSessionData; import org.openslx.imagemaster.thrift.iface.SessionData; @@ -23,12 +24,9 @@ import org.openslx.imagemaster.thrift.iface.UserInfo; public class ImageServerHandler implements ImageServer.Iface { - private static Logger log = Logger.getLogger( ImageServerHandler.class ); - @Override public boolean ping() throws TException { - log.debug( "Ping..." ); // Return false if service unavailable but running return true; } @@ -63,7 +61,8 @@ public class ImageServerHandler implements ImageServer.Iface } @Override - public UploadData submitImage( String serverSessionId, ImageData imageDescription, List crcSums ) throws AuthorizationException, ImageDataException, UploadException, TException + public UploadData submitImage( String serverSessionId, ImageData imageDescription, List crcSums ) + throws AuthorizationException, ImageDataException, UploadException, TException { return ApiServer.submitImage( serverSessionId, imageDescription, crcSums ); } @@ -79,4 +78,22 @@ public class ImageServerHandler implements ImageServer.Iface { return ApiServer.isServerAuthenticated( serverSessionId ); } + + @Override + public List getOrganizations() throws TException + { + return ApiServer.getOrganizations(); + } + + @Override + public List findUser( String sessionId, String organizationId, String searchTerm ) throws TException + { + return ApiServer.findUser( sessionId, organizationId, searchTerm ); + } + + @Override + public boolean publishUser( String serverSessionId, UserInfo user ) throws TException + { + return ApiServer.publishUser( serverSessionId, user ); + } } -- cgit v1.2.3-55-g7522