package org.openslx.imagemaster.server; import java.io.File; import java.nio.ByteBuffer; import org.apache.log4j.Logger; import org.apache.thrift.TException; import org.openslx.imagemaster.App; import org.openslx.imagemaster.Globals; import org.openslx.imagemaster.db.DbSatellite; import org.openslx.imagemaster.ftp.ImageProcessor; import org.openslx.imagemaster.serversession.ServerAuthenticator; import org.openslx.imagemaster.serversession.ServerSession; import org.openslx.imagemaster.serversession.ServerSessionManager; import org.openslx.imagemaster.serversession.ServerUser; import org.openslx.imagemaster.session.Authenticator; import org.openslx.imagemaster.session.Session; import org.openslx.imagemaster.session.SessionManager; import org.openslx.imagemaster.session.User; import org.openslx.imagemaster.thrift.iface.AuthenticationError; import org.openslx.imagemaster.thrift.iface.AuthenticationException; import org.openslx.imagemaster.thrift.iface.AuthorizationError; import org.openslx.imagemaster.thrift.iface.AuthorizationException; import org.openslx.imagemaster.thrift.iface.FtpCredentials; import org.openslx.imagemaster.thrift.iface.ImageData; import org.openslx.imagemaster.thrift.iface.ImageDataError; import org.openslx.imagemaster.thrift.iface.ImageDataException; import org.openslx.imagemaster.thrift.iface.InvalidTokenException; import org.openslx.imagemaster.thrift.iface.ServerAuthenticationError; import org.openslx.imagemaster.thrift.iface.ServerAuthenticationException; import org.openslx.imagemaster.thrift.iface.ServerSessionData; import org.openslx.imagemaster.thrift.iface.SessionData; import org.openslx.imagemaster.thrift.iface.UserInfo; /** * API Server This is where all the requests from the outside arrive. We don't * handle them directly in the Thrift handlers, as we might be adding other APIs * later, like JSON/SOAP/REST/HTTP/XML or some other stuff. They'd all just * interface with this static class here. Note that we use the exceptions from * the thrift interface that you can simply catch in any other API handler and * eg. transform into error codes, if the API doesn't support exceptions. * * This will be accessed from multiple threads, so use synchronization when * needed (or in doubt) */ public class ApiServer { private static Logger log = Logger.getLogger( ApiServer.class ); /** * Request for authentication * * @param login The user's login in the form "user@organization.com" * @param password user's password * @return SessionData struct with session id/token iff login successful * @throws AuthenticationException if login not successful */ public static SessionData authenticate( String login, String password ) throws AuthenticationException { if ( login == null || password == null ) { throw new AuthenticationException( AuthenticationError.INVALID_CREDENTIALS, "Empty username or password!" ); } final User user = Authenticator.authenticate( login, password ); final Session session = new Session( user ); return SessionManager.addSession( session ); } /** * Request information about user for given token * * @param token a user's token * @return UserInfo struct for given token's user * @throws InvalidTokenException if no user matches the given token */ public static UserInfo getUserFromToken( String token ) throws InvalidTokenException { final Session session = SessionManager.getSession( token ); if ( session == null ) throw new InvalidTokenException(); return new UserInfo( session.getUserId(), session.getFirstName(), session.getLastName(), session.getEMail() ); } /** * Request ftp credentials to upload a new image to the masterserver. * * @param imageDescription MetaData of the new image * @param serverSessionData the session data of the authenticated uni/hs server * @return the genereated ftp credentials * @throws AuthorizationException if the uni/hs server has no valid session * @throws TException */ public static FtpCredentials submitImage( String serverSessionId, ImageData imageDescription ) throws AuthorizationException, ImageDataException { if ( ServerSessionManager.getSession( serverSessionId ) == null ) { throw new AuthorizationException( AuthorizationError.NOT_AUTHENTICATED, "No valid serverSessionData" ); } // create new user FtpCredentials ftpCredentials = App.ftpServer.addUser( serverSessionId ); if ( ftpCredentials == null ) { log.error( "Could not create ftp credentials" ); return null; } try { ImageProcessor.addImageDataToProcess( imageDescription, ftpCredentials.username ); } catch (ImageDataException e) { App.ftpServer.removeUser( serverSessionId ); throw new ImageDataException( ImageDataError.INVALID_DATA, e.getMessage() ); } return ftpCredentials; } /** * Start the server authentication of a uni/hs satellite server. * * @param organization the organization that the server belongs to * @return a random string that needs to be encrypted with the private * key of the requesting satellite server * @throws ServerAuthenticationException when organization is invalid/unknown */ public static String startServerAuthentication( String organization ) throws ServerAuthenticationException { if ( organization == null || organization == "" ) { throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Empty organization" ); } if ( DbSatellite.fromOrganization( organization ) == null ) { throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Unknown organization" ); } return ServerAuthenticator.startServerAuthentication( organization ); } /** * Authenticate the uni/hs satellite server with the encrypted string. * * @param organization the organization that the server belongs to * @param challengeResponse the encrypted string * @return session data iff the authentication was successful * @throws AuthenticationException * @throws TException */ public static ServerSessionData serverAuthenticate( String organization, ByteBuffer challengeResponse ) throws AuthenticationException, TException { if ( organization == null || challengeResponse == null ) { throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Empty organization or challengeResponse" ); } DbSatellite satellite = DbSatellite.fromOrganization( organization ); if ( satellite == null ) { throw new ServerAuthenticationException( ServerAuthenticationError.INVALID_ORGANIZATION, "Unknown organization" ); } final ServerUser serverUser = ServerAuthenticator.serverAuthenticate( organization, satellite.getAddress(), challengeResponse ); final ServerSession session = new ServerSession( serverUser ); return ServerSessionManager.addSession( session ); } /** * Tell the masterserver that the image upload finished. * * @param ftpUser the user that was used to upload * @param imageDescription the description of the uploaded image * @return if nothing went wrong * @throws ImageDataException if image was not submitted before * @throws AuthorizationException if no valid session exists */ public static boolean finishedUpload( String ftpUser, ImageData imageDescription ) throws ImageDataException { // check if user is valid synchronized ( App.ftpServer.users ) { if (!App.ftpServer.users.containsKey( ftpUser )) { throw new ImageDataException( ImageDataError.UNKNOWN_IMAGE, "Image with this data was not submitted before." ); } } // process the image File userDirectory = new File( Globals.getPropertyString( Globals.PropString.FTPBASEDIR ) + "/" + ftpUser ); File[] list = userDirectory.listFiles(); if ( list.length != 1 ) { // user uploaded too many files return false; } log.info( ftpUser + " is done with upload" ); ImageProcessor.processImageAfterUpload( ftpUser, list[0].getName() ); // remove user that is not needed anymore App.ftpServer.removeUser( ftpUser ); log.info( "Removed user: " + ftpUser ); return true; } }