moved to version 1.4.0

Reviewed-on: #2

CHANGELOG.md

@@ -3,20 +3,24 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [v1.3.0-SNAPSHOT] - [2023-01-27]
+## [v1.4.0] - [2023-03-09]
 
+- Feature #24254 simple serviceEndpoint creation 
 - add support for UMA token
 - Feature #24253 add support for decrypted ServiceEndpoint
 - update lombok library to 1.18.4 with scope provided
 
+
 ## [v1.2.0] - [2021-06-08]
 
 - Feature #21584 added support for /ServiceEndpoint/{category} REST call
 
+
 ## [v1.1.0-SNAPSHOT] - [2016-10-03]
 
 - porting to auth v.2
 
+
 ## [v1.0.0] - [2015-07-01]
 
 - First commit

pom.xml

@@ -11,7 +11,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.gcube.information-system</groupId>
 	<artifactId>icproxy</artifactId>
-	<version>1.3.0-SNAPSHOT</version>
+	<version>1.4.0</version>
 	<name>ICProxy</name>
 
 	<packaging>war</packaging>
@@ -66,7 +66,6 @@
 			<groupId>org.gcube.resources.discovery</groupId>
 			<artifactId>ic-client</artifactId>
 		</dependency>
-		
 		<dependency>
 			<groupId>org.gcube.resources</groupId>
 			<artifactId>common-gcore-resources</artifactId>
@@ -82,31 +81,11 @@
 			<groupId>org.glassfish.jersey.containers</groupId>
 			<artifactId>jersey-container-servlet-core</artifactId>
 		</dependency>
-
 		<dependency>
 			<groupId>org.glassfish.jersey.containers</groupId>
 			<!-- if your container implements Servlet API older than 3.0, use "jersey-container-servlet-core" -->
 			<artifactId>jersey-container-servlet</artifactId>
 		</dependency>
-
-		<dependency>
-			<groupId>javax.servlet</groupId>
-			<artifactId>javax.servlet-api</artifactId>
-			<version>3.0.1</version>
-			<scope>provided</scope>
-		</dependency>
-
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-api</artifactId>
-		</dependency>
-		<!-- lombok -->
-		<dependency>
-			<groupId>org.projectlombok</groupId>
-			<artifactId>lombok</artifactId>
-			<version>1.18.4</version>
-			<scope>provided</scope>
-		</dependency>
 		<dependency>
 			<groupId>org.glassfish.jersey.test-framework</groupId>
 			<artifactId>jersey-test-framework-util</artifactId>
@@ -117,6 +96,30 @@
 			<artifactId>jersey-test-framework-provider-simple</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<!-- used for converting xml request in json request -->
+		<dependency>
+			<groupId>org.glassfish.jersey.media</groupId>
+			<artifactId>jersey-media-moxy</artifactId>
+			<version>2.39</version>
+		</dependency>
+		<!-- lombok -->
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<version>1.18.4</version>
+			<scope>provided</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>javax.servlet-api</artifactId>
+			<version>3.0.1</version>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-api</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>
@@ -128,6 +131,22 @@
 			<artifactId>keycloak-client</artifactId>
 			<version>[1.0.0,2.0.0-SNAPSHOT)</version>
 		</dependency>
+	<!-- JAXB DEPS IN ORDER TO WORK WITH JDK11-->
+		<dependency>
+			<groupId>javax.xml.bind</groupId>
+			<artifactId>jaxb-api</artifactId>
+			<version>2.3.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.xml.bind</groupId>
+			<artifactId>jaxb-core</artifactId>
+			<version>2.3.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.xml.bind</groupId>
+			<artifactId>jaxb-impl</artifactId>
+			<version>2.3.0</version>
+		</dependency>
 	</dependencies>
 	<build>
 		<finalName>${artifactId}</finalName>

src/main/java/org/gcube/informationsystem/icproxy/profiles/ServiceEndpointProfile.java

@@ -0,0 +1,34 @@
+package org.gcube.informationsystem.icproxy.profiles;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.Setter;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement( name="resource")
+public class ServiceEndpointProfile {
+    @Getter
+    @Setter
+    private String category;
+    @Getter
+    @Setter
+    private String name;
+    @Getter
+    @Setter
+    private String platform="d4science";
+    @Getter
+    @Setter
+    private String accessPointName;
+    @Getter
+    @Setter (AccessLevel.PROTECTED)
+    private String accessPointAddress;
+    @Getter
+    @Setter (AccessLevel.PROTECTED)
+    private String accessPointUsername;
+    @Getter
+    @Setter (AccessLevel.PROTECTED)
+    private String accessPointPass;
+    @Getter
+    @Setter (AccessLevel.PROTECTED)
+    private String host;
+}

src/main/java/org/gcube/informationsystem/icproxy/resources/ServiceEndpointResource.java

@@ -15,6 +15,9 @@ import org.gcube.common.keycloak.model.ModelUtils;
 import org.gcube.common.resources.gcore.*;
 import org.gcube.common.resources.gcore.utils.Group;
 import org.gcube.common.scope.api.ScopeProvider;
+import org.gcube.informationsystem.icproxy.profiles.ServiceEndpointProfile;
+import org.gcube.informationsystem.publisher.RegistryPublisher;
+import org.gcube.informationsystem.publisher.RegistryPublisherFactory;
 import org.gcube.resources.discovery.client.api.DiscoveryClient;
 import org.gcube.resources.discovery.client.queries.api.SimpleQuery;
 import org.gcube.common.encryption.StringEncrypter;
@@ -23,14 +26,15 @@ import org.gcube.common.encryption.StringEncrypter;
 @Path("ServiceEndpoint")
 public class ServiceEndpointResource {
 	
+	public static final String DECRYPT_ROLE ="service-endpoint-key";
+	public static final String CREATE_ROLE ="is-resource-create";
+	
 	@GET
 	@Path("/{category}")
 	@Produces(MediaType.APPLICATION_XML)
 	public List<ServiceEndpoint> retrieve(@NotNull @PathParam("category") String resourceCategory) {
 		log.info("ServiceEndpoint called with category {} in context {}",resourceCategory, ScopeProvider.instance.get());
-		
 		DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
-
 		List<ServiceEndpoint> endpoints = client.submit(getQuery(resourceCategory));
 		log.debug("retrieved resources are "+endpoints.size());
 		return endpoints; 
@@ -60,26 +64,72 @@ public class ServiceEndpointResource {
 			@NotNull @PathParam("category") String resourceCategory, @NotNull @PathParam("result") String resultXPath) {
 		log.info("ServiceEndpoint called with category {} and name {} and result {} in scope {}"
 				,resourceCategory, resourceName, resultXPath, ScopeProvider.instance.get());
-		
 		SimpleQuery query = getQuery(resourceName, resourceCategory);
-				
 		if (resultXPath.startsWith("/"))
 			query.setResult("$resource"+resultXPath);
 		else
 			query.setResult("$resource/"+resultXPath);
-		
 		DiscoveryClient<String> client = client();
 		List<String> endpoints = client.submit(query);
 		StringBuilder builder = new StringBuilder("<Results>");
 		for (String single: endpoints)
 			builder.append("<Result>").append(single.replaceAll("\n", "")).append("</Result>");
-		
 		builder.append("</Results>");
-		
 		log.debug("retrieved resources are "+endpoints.size());
 		return builder.toString(); 
 	}
 
+	/**
+	 * Used for creating a new ServiceEndpoint resource starting from a XML resource as input param
+	 * @param resourceProfile a complete ServiceEndpoint resource in XML
+	 * @return the resource id
+	 */
+	@POST
+	@Produces(MediaType.TEXT_PLAIN)
+	@Consumes(MediaType.APPLICATION_XML)
+	public String create(ServiceEndpoint resourceProfile) {
+		log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
+		if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
+			log.debug("going to encrypt and push");
+			String id=registerSE(encryptResource(resourceProfile));
+			log.debug("pushed on IS");
+			return id;
+		}else{
+			throw new RuntimeException("ServiceEndpoint profile is null or user not enabled");
+		}
+
+	}
+
+	/**
+	 * Used for creating a new ServiceEndpoint resource starting from a simplified JSON resource
+	 * @param resourceProfile a simplified JSON resource defined by ServiceEndpointProfile class
+	 * @return the new resource created in XML format
+	 */
+	@POST
+	@Produces(MediaType.APPLICATION_XML)
+	@Consumes(MediaType.APPLICATION_JSON)
+	public ServiceEndpoint create(ServiceEndpointProfile resourceProfile) {
+		log.debug("Try to create new serviceEndpoint profile {} in {}",resourceProfile, ScopeProvider.instance.get());
+		if (Objects.nonNull(resourceProfile) && isRoleEnabled(CREATE_ROLE)){
+			ServiceEndpoint newResource= new ServiceEndpoint();
+			ServiceEndpoint.Profile profile=newResource.newProfile().category(resourceProfile.getCategory()).name(resourceProfile.getName());
+		    profile.newPlatform().name(resourceProfile.getPlatform()).version((short)1).minorVersion((short)0).revisionVersion((short)0).buildVersion((short)0);
+			profile.newRuntime().hostedOn(resourceProfile.getHost()).status("ready").ghnId("");
+			ServiceEndpoint.AccessPoint ap=new ServiceEndpoint.AccessPoint();
+			ap.name(resourceProfile.getAccessPointName());
+			ap.address(resourceProfile.getAccessPointAddress());
+			ap.credentials(resourceProfile.getAccessPointPass(), resourceProfile.getAccessPointUsername());
+			profile.accessPoints().add(ap);
+			log.debug("going to encrypt and push");
+			registerSE(encryptResource(newResource));
+			log.debug("pushed on IS");
+			return newResource;
+		}else{
+			throw new RuntimeException("ServiceEndpoint profile is null or user not enabled");
+		}
+
+	}
+
 	private SimpleQuery getQuery(String resourceName, String resourceCategory){
 		SimpleQuery query = queryFor(ServiceEndpoint.class);
 		query.addCondition(String.format("$resource/Profile/Name/text() eq '%s'",resourceName));
@@ -94,6 +144,7 @@ public class ServiceEndpointResource {
 	}
 
 	private ServiceEndpoint decryptResource(ServiceEndpoint resource) {
+		log.debug("encrypting serviceEndpoint {} ", resource.id());
 		Group<ServiceEndpoint.AccessPoint> aps=resource.profile().accessPoints();
 		for (ServiceEndpoint.AccessPoint ap : aps){
 			String decrypted =decryptString(ap.password());
@@ -103,17 +154,40 @@ public class ServiceEndpointResource {
 		}
 		return resource;
 	}
+	
+	private ServiceEndpoint encryptResource(ServiceEndpoint resource) {
+		log.debug("encrypting serviceEndpoint {} ", resource.id());
+		Group<ServiceEndpoint.AccessPoint> aps=resource.profile().accessPoints();
+		for (ServiceEndpoint.AccessPoint ap : aps){
+			String decrypted =encryptString(ap.password());
+			String user= ap.username();
+			ap.credentials(decrypted, user);
+		}
+		return resource;
+	}	
+		
 
 	private static String decryptString(String toDecrypt){
+		log.debug("decrypting string");
 		try{
 			return StringEncrypter.getEncrypter().decrypt(toDecrypt);
 		}catch(Exception e) {
 			throw new RuntimeException("Unable to decrypt : "+toDecrypt,e);
 		}
 	}
+	
+	private static String encryptString(String toEncrypt){
+		log.debug("encrypting string");
+		try{
+			return StringEncrypter.getEncrypter().encrypt(toEncrypt);
+		}catch(Exception e) {
+			throw new RuntimeException("Unable to encrypt : "+toEncrypt,e);
+		}
+	}
+	
 	private List<ServiceEndpoint> getServiceEndpoints(boolean isDecrypt, List<ServiceEndpoint> endpoints) {
 		if (isDecrypt) {
-			if (isRoleEnabled()){
+			if (isRoleEnabled(DECRYPT_ROLE)){
 				List<ServiceEndpoint> ses = new ArrayList<>(endpoints.size());
 				for (ServiceEndpoint resource : endpoints) {
 					ses.add(decryptResource(resource));
@@ -126,18 +200,33 @@ public class ServiceEndpointResource {
 		return endpoints;
 	}
 
-	private boolean isRoleEnabled(){
+	private boolean isRoleEnabled(String role){
+		boolean isEnabled = false;
+		log.debug("checking role: "+role);
 		String at= AccessTokenProvider.instance.get();
 		try{
-			if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains("service-endpoint-key" )) {
-				log.info("The client is authorized to see the resource as 'free-to-air'");
-				return true;
+			if (ModelUtils.getAccessTokenFrom(at).getRealmAccess().getRoles().contains(role)) {
+				isEnabled=true;
 			}
 		}catch (Exception e){
 			log.error("token not retrieved properly: "+e.getMessage());
 			e.printStackTrace();
 		}
-		log.info("user not authorized, sorry");
-		return false;
+		log.debug("role enabled "+isEnabled);
+		return isEnabled;
 	}
+	private static String registerSE(ServiceEndpoint toRegister) {
+		log.trace("going to create a new ServiceEndpoint resource. registerSE method");
+		RegistryPublisher rp= RegistryPublisherFactory.create();
+		if(log.isDebugEnabled())
+			Resources.print(toRegister);
+		Resource r=rp.create(toRegister);
+		if (Objects.nonNull(r)) {
+			log.debug("resource registered with id " + r.id());
+			return r.id();
+		}else{
+			throw new RuntimeException("Creation failed, null returned: "+toRegister);
+		}
+	}
+
 }