From 3aa85cd588b745fb2537dbe748580d9c3b980133 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 8 Sep 2015 17:38:07 +0200 Subject: Compilable... --- .../thrift/server/MasterServerHandler.java | 305 +++++++++++++++++++++ 1 file changed, 305 insertions(+) create mode 100644 src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java (limited to 'src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java') diff --git a/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java b/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java new file mode 100644 index 0000000..ec13a6f --- /dev/null +++ b/src/main/java/org/openslx/imagemaster/thrift/server/MasterServerHandler.java @@ -0,0 +1,305 @@ +package org.openslx.imagemaster.thrift.server; + +import java.nio.ByteBuffer; +import java.security.Key; +import java.security.NoSuchAlgorithmException; +import java.security.spec.InvalidKeySpecException; +import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; + +import org.apache.log4j.Logger; +import org.openslx.bwlp.thrift.iface.AuthorizationError; +import org.openslx.bwlp.thrift.iface.ClientSessionData; +import org.openslx.bwlp.thrift.iface.ImagePublishData; +import org.openslx.bwlp.thrift.iface.InvocationError; +import org.openslx.bwlp.thrift.iface.MasterServer; +import org.openslx.bwlp.thrift.iface.MasterSoftware; +import org.openslx.bwlp.thrift.iface.MasterTag; +import org.openslx.bwlp.thrift.iface.OperatingSystem; +import org.openslx.bwlp.thrift.iface.Organization; +import org.openslx.bwlp.thrift.iface.Satellite; +import org.openslx.bwlp.thrift.iface.ServerSessionData; +import org.openslx.bwlp.thrift.iface.SessionData; +import org.openslx.bwlp.thrift.iface.TAuthorizationException; +import org.openslx.bwlp.thrift.iface.TInvalidTokenException; +import org.openslx.bwlp.thrift.iface.TInvocationException; +import org.openslx.bwlp.thrift.iface.TNotFoundException; +import org.openslx.bwlp.thrift.iface.TTransferRejectedException; +import org.openslx.bwlp.thrift.iface.TransferInformation; +import org.openslx.bwlp.thrift.iface.UserInfo; +import org.openslx.bwlp.thrift.iface.Virtualizer; +import org.openslx.encryption.AsymKeyHolder; +import org.openslx.imagemaster.db.mappers.DbOrganization; +import org.openslx.imagemaster.db.mappers.DbOsVirt; +import org.openslx.imagemaster.db.mappers.DbPendingSatellite; +import org.openslx.imagemaster.db.mappers.DbSatellite; +import org.openslx.imagemaster.db.mappers.DbUser; +import org.openslx.imagemaster.db.models.LocalSatellite; +import org.openslx.imagemaster.serversession.ServerAuthenticator; +import org.openslx.imagemaster.serversession.ServerSession; +import org.openslx.imagemaster.serversession.ServerSessionManager; +import org.openslx.imagemaster.session.Authenticator; +import org.openslx.imagemaster.session.Session; +import org.openslx.imagemaster.session.SessionManager; +import org.openslx.imagemaster.util.Util; + +public class MasterServerHandler implements MasterServer.Iface +{ + + private static final Logger LOGGER = Logger.getLogger( MasterServerHandler.class ); + + @Override + public boolean ping() + { + return true; + } + + @Override + public SessionData authenticate( String login, String password ) throws TAuthorizationException, TInvocationException + { + ClientSessionData csd = localAccountLogin( login, password ); + String serverAddress = null; + if ( csd.satellites != null && !csd.satellites.isEmpty() ) { + for ( Satellite sat : csd.satellites ) { + if ( sat.addressList == null || sat.addressList.isEmpty() ) + continue; + if ( serverAddress == null || ( sat.displayName != null && sat.displayName.equals( "default" ) ) ) { + serverAddress = sat.addressList.get( 0 ); + } + } + } + return new SessionData( csd.sessionId, csd.authToken, serverAddress ); + } + + /** + * Request for authentication + * + * @param login The user's login in the form "user@organization.com" + * @param password user's password + * @return SessionData struct with session id/token iff login successful + * @throws TAuthorizationException if login not successful + */ + @Override + public ClientSessionData localAccountLogin( String login, String password ) + throws TAuthorizationException, TInvocationException + { + if ( login == null || password == null ) { + throw new TAuthorizationException( + AuthorizationError.INVALID_CREDENTIALS, + "Empty username or password!" ); + } + final UserInfo user = Authenticator.authenticate( login, password ); + + final Session session = new Session( user ); + return SessionManager.addSession( session ); + } + + @Override + public List findUser( String sessionId, String organizationId, String searchTerm ) + throws TAuthorizationException, TInvocationException + { + // Needs to be a logged in user + if ( SessionManager.getSessionFromSessionId( sessionId ) == null ) + throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "Session ID not valid" ); + // Search string needs to be at least 2 characters (FIXME: quick and dirty ignoring LIKE chars) + if ( searchTerm == null || searchTerm.length() < 2 || searchTerm.replaceAll( "[%_]", "" ).length() < 2 ) + return new ArrayList<>( 0 ); + return DbUser.findUser( organizationId, searchTerm ); + } + + @Override + public List getPublicImages( String sessionId, int page ) + throws TAuthorizationException, TInvocationException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public void invalidateSession( String sessionId ) throws TInvalidTokenException + { + SessionManager.invalidate( sessionId ); + } + + /** + * Request information about user for given token + * + * @param token a user's token + * @return UserInfo struct for given token's user + * @throws InvalidTokenException if no user matches the given token + */ + @Override + public UserInfo getUserFromToken( String token ) throws TInvalidTokenException + { + final Session session = SessionManager.getSessionFromToken( token ); + if ( session == null ) + throw new TInvalidTokenException(); + return new UserInfo( session.getLogin(), session.getFirstName(), + session.getLastName(), session.getEMail(), session.getOrgenizationId() ); + } + + @Override + public boolean isServerAuthenticated( String serverSessionId ) + { + return ( ServerSessionManager.getSession( serverSessionId ) != null ); + } + + /** + * Start the server authentication of a uni/hs satellite server. + * + * @param organization the organization that the server belongs to + * @return a random string that needs to be encrypted with the private + * key of the requesting satellite server + * @throws ServerAuthenticationException when organization is invalid/unknown + */ + @Override + public ByteBuffer startServerAuthentication( int satelliteId ) throws TAuthorizationException, TInvocationException + { + LocalSatellite satellite = DbSatellite.get( satelliteId ); + if ( satellite == null ) + throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId ); + if ( satellite.getPubkey() == null ) + throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." ); + return ServerAuthenticator.startServerAuthentication( satelliteId ); + } + + /** + * Authenticate the uni/hs satellite server with the encrypted string. + * + * @param organization the organization that the server belongs to + * @param challengeResponse the encrypted string + * @return session data iff the authentication was successful + */ + @Override + public ServerSessionData serverAuthenticate( int satelliteId, ByteBuffer challengeResponse ) + throws TAuthorizationException, TInvocationException + { + if ( challengeResponse == null ) + throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" ); + LocalSatellite satellite = DbSatellite.get( satelliteId ); + if ( satellite == null ) + throw new TAuthorizationException( AuthorizationError.INVALID_ORGANIZATION, "Unknown satellite id: " + satelliteId ); + if ( satellite.getPubkey() == null ) + throw new TAuthorizationException( AuthorizationError.INVALID_KEY, "There is no public key known for your satellite." ); + + ServerAuthenticator.serverAuthenticate( satellite, challengeResponse ); + + final ServerSession session = new ServerSession( satellite ); + return ServerSessionManager.addSession( session ); + } + + @Override + public ImagePublishData getImageData( String serverSessionId, String imageVersionId ) + throws TAuthorizationException, TInvocationException, TNotFoundException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public TransferInformation submitImage( String serverSessionId, ImagePublishData imageDescription, List blockHashes ) + throws TAuthorizationException, TInvocationException, TTransferRejectedException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public TransferInformation downloadImage( String sessionId, String imageVersionId ) + throws TAuthorizationException, TInvocationException, TNotFoundException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getOrganizations() throws TInvocationException + { + try { + return DbOrganization.getAll(); + } catch ( SQLException e ) { + throw new TInvocationException(); + } + } + + @Override + public List getOperatingSystems() throws TInvocationException + { + try { + return DbOsVirt.getOsList(); + } catch ( SQLException e ) { + throw new TInvocationException(); + } + } + + @Override + public List getVirtualizers() throws TInvocationException + { + try { + return DbOsVirt.getVirtualizerList(); + } catch ( SQLException e ) { + throw new TInvocationException(); + } + } + + @Override + public List getTags( long startDate ) throws TInvocationException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public List getSoftware( long startDate ) throws TInvocationException + { + // TODO Auto-generated method stub + return null; + } + + @Override + public int registerSatellite( String userToken, String displayName, List addresses, String modulus, + String exponent, ByteBuffer certSha256 ) throws TInvocationException + { + if ( userToken == null || exponent == null || modulus == null ) + throw new TInvocationException( InvocationError.MISSING_DATA, "A required parameter is null" ); + final Session session = SessionManager.getSessionFromToken( userToken ); + if ( session == null || session.getUserInfo() == null ) + throw new TInvocationException( InvocationError.UNKNOWN_USER, "Not a valid user token" ); + String organizationId = session.getUserInfo().organizationId; + Key newKey; + try { + newKey = new AsymKeyHolder( null, Util.tryToParseBigInt( exponent ), Util.tryToParseBigInt( modulus ) ).getPublicKey(); + } catch ( NoSuchAlgorithmException | InvalidKeySpecException e ) { + LOGGER.warn( "Invalid public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")", e ); + throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" ); + } + if ( newKey == null ) { + LOGGER.warn( "Uninstantiable public key in registerOrganization for " + organizationId + " (By " + session.getLogin() + ")" ); + throw new TInvocationException( InvocationError.INVALID_DATA, "Cannot reconstruct public key" ); + } + LocalSatellite existing = DbSatellite.get( organizationId, displayName ); + if ( existing != null ) { + Key existingKey = existing.getPubkey(); + if ( existingKey != null && Util.keysEqual( newKey, existingKey ) ) + return existing.satelliteId; + } + try { + return DbPendingSatellite.add( session.getUserInfo(), displayName, addresses, modulus, exponent ); + } catch ( SQLException e ) { + throw new TInvocationException(); + } + } + + @Override + public boolean updateSatellite( String serverSessionId, String displayName, List addresses ) + throws TAuthorizationException, TInvocationException + { + ServerSession session = ServerSessionManager.getSession( serverSessionId ); + if ( session == null ) + throw new TAuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionId" ); + // TODO + return false; + } + +} -- cgit v1.2.3-55-g7522