gCubeSystem
/
storage-manager-trigger
16
0
Fork 0
Code Issues Releases Wiki Activity

add token call

This commit is contained in:
Roberto Cirillo 2021-05-12 07:10:02 +02:00
parent 702f109cde
commit 922c000518
6 changed files with 175 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
pom.xml
View File

@ -29,11 +29,11 @@
<artifactId>mongo-java-driver</artifactId>
<version>3.12.0</version>
</dependency>
<dependency>
<!--dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>1.6.4</version>
</dependency>
</dependency-->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
@ -72,12 +72,28 @@
<dependency>
<groupId>org.gcube.accounting</groupId>
<artifactId>accounting-lib</artifactId>
<!-- <version>[2.0.0-SNAPSHOT, 3.0.0-SNAPSHOT)</version> -->
</dependency>
<!-- <dependency> -->
<!-- <groupId>org.gcube.common</groupId> -->
<!-- <artifactId>authorization-client</artifactId> -->
<!-- </dependency> -->
<dependency>
<groupId>org.gcube.common</groupId>
<artifactId>oidc-library</artifactId>
<version>[1.3.0-SNAPSHOT,2.0.0-SNAPSHOT)</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>1.7.25</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>com.googlecode.json-simple</groupId>
<artifactId>json-simple</artifactId>
<version>1.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<plugins>

51
src/main/java/org/gcube/contentmanager/storageserver/consumer/UserAccountingConsumer.java
View File

@ -1,9 +1,13 @@
package org.gcube.contentmanager.storageserver.consumer;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;
import org.bson.types.ObjectId;
import org.gcube.accounting.datamodel.usagerecords.StorageUsageRecord;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.contentmanager.storageserver.accounting.Report;
import org.gcube.contentmanager.storageserver.accounting.ReportConfig;
@ -14,6 +18,10 @@ import org.gcube.contentmanager.storageserver.data.OpLogRemoteObject;
import org.gcube.contentmanager.storageserver.parse.utils.ValidationUtils;
import org.gcube.contentmanager.storageserver.store.MongoDB;
import org.gcube.contentmanager.storageserver.store.StorageStatusObject;
import org.gcube.contentmanager.storageserver.utils.Utils;
import org.gcube.oidc.rest.JWTToken;
import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
import org.gcube.oidc.rest.OpenIdConnectRESTHelperException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -30,15 +38,21 @@ public class UserAccountingConsumer extends Thread{
private String op;
private String user;
private String password;
private String clientId;
private String secret;
private String oidcEndpoint;
String[] server;
List<String> dtsHosts;
// private String id;
public UserAccountingConsumer(String[] srvs, CubbyHole c, int number,List<String> dtsHosts){
public UserAccountingConsumer(String[] srvs, CubbyHole c, int number,List<String> dtsHosts, String clientId, String secret, String authEndpoint){
this.c=c;
this.number=number;
this.server=srvs;
this.dtsHosts=dtsHosts;
this.clientId=clientId;
this.secret=secret;
this.oidcEndpoint=authEndpoint;
// init the accounting report
try {
init();
@ -47,13 +61,17 @@ public class UserAccountingConsumer extends Thread{
}
}
public UserAccountingConsumer(String[] srvs, String user, String password, CubbyHole c, int number, List<String> dtsHosts){
public UserAccountingConsumer(String[] srvs, String user, String password, CubbyHole c, int number, List<String> dtsHosts, String clientId, String secret, String authEndpoint){
this.c=c;
this.number=number;
this.server=srvs;
this.dtsHosts=dtsHosts;
this.user=user;
this.password=password;
this.clientId=clientId;
this.secret=secret;
this.oidcEndpoint=authEndpoint;
// init the accounting report
try {
init();
@ -225,11 +243,15 @@ public class UserAccountingConsumer extends Thread{
}
private void report(OpLogRemoteObject record, String scope, String totVolume, String totCount) {
private void report(OpLogRemoteObject record, String scope, String totVolume, String totCount) throws MalformedURLException, OpenIdConnectRESTHelperException{
// ACCOUNTING CALL TYPE: STORAGE USAGE
StorageUsageRecord sur=report.setGenericProperties(null, "storage-usage", record.getLastUser(), scope, record.getCreationTime(), record.getLastAccess(), record.getOwner(), record.getLastOperation(), record.getLength()+"");
sur=report.setSpecificProperties(sur, record.getFilename(), "STORAGE", record.getCallerIp(), record.getId());
logger.info("[accounting call] type: storage usage ");
URL oidcAddress=new URL(oidcEndpoint);
Utils.setToken(oidcAddress, clientId, secret);
logger.debug("sending record to the accounting");
report.printRecord(sur);
report.send(sur);
}
@ -257,5 +279,28 @@ public class UserAccountingConsumer extends Thread{
}else logger.error("Scope bad format: scope not retrieved from string: "+filename);
return null;
}
public JWTToken setToken(String oidcEndpoint, String clientId, String secret) {
String context=ScopeProvider.instance.get();
logger.info(clientId+" getting the UMAtoken for context "+context);
URL oidcAddress = null;
JWTToken token =null;
try {
oidcAddress = new URL(oidcEndpoint);
} catch (MalformedURLException e) {
logger.error("Malformed URL "+e);
e.printStackTrace();
}
try {
logger.debug("from "+oidcEndpoint);
token = OpenIdConnectRESTHelper.queryUMAToken(oidcAddress, clientId, secret, context, null);
logger.info("UMA token retrieved for context "+context);
UmaJWTProvider.instance.set(token.toString());
} catch (OpenIdConnectRESTHelperException e) {
logger.error( "failed to contacting the OIDC provider!", e );
}
return token;
}
}

25
src/main/java/org/gcube/contentmanager/storageserver/startup/Configuration.java
View File

@ -33,10 +33,13 @@ public class Configuration {
private boolean activeDTSFilter;
private static final String STORAGE_SE_CATEGORY="DataStorage";
private static final String STORAGE_SE_NAME="StorageManager";
private static final String SYSTEM_SE_CATEGORY="DataStorage";
private static final String SYSTEM_SE_NAME="StorageManager";
private static final String SYSTEM_SE_CATEGORY="SystemService";
private static final String SYSTEM_SE_NAME="storage-manager-trigger";
private static final String ACCOUNTING_USERNAME="accounting_user";
private static final String ACCOUNTING_PASSWORDNAME="accounting_pwd";
private static final String AUTH_SE_CATEGORY="Auth";
private static final String AUTH_SE_NAME="IAM";
private static final Object AUTH_SE_AP_NAME = "d4science-oidc-token";
protected String clientId;
protected String secret;
@ -359,6 +362,7 @@ public class Configuration {
}
public void setClientId(String clientId) {
logger.debug("clientID "+clientId);
this.clientId = clientId;
}
@ -370,6 +374,23 @@ public class Configuration {
this.secret = secret;
}
String getOidcEndpoint() {
logger.debug("query for Auth serviceEndpoint ongoing...");
SimpleQuery query = queryFor(ServiceEndpoint.class);
query.addCondition("$resource/Profile/Category/text() eq '"+AUTH_SE_CATEGORY+"' and $resource/Profile/Name eq '"+AUTH_SE_NAME+"' ");
DiscoveryClient<ServiceEndpoint> client = clientFor(ServiceEndpoint.class);
List<ServiceEndpoint> resources = client.submit(query);
if (resources.size() > 0) {
logger.debug("resource found on IS");
for (AccessPoint ap:resources.get(0).profile().accessPoints()) {
if (ap.name().equals(AUTH_SE_AP_NAME)) {
return ap.address();
}
}
}
throw new RuntimeException("accessPoint "+AUTH_SE_AP_NAME+" not found on SE "+AUTH_SE_CATEGORY+" - "+AUTH_SE_NAME);
}
}

6
src/main/java/org/gcube/contentmanager/storageserver/startup/Startup.java
View File

@ -20,6 +20,7 @@ public class Startup {
private static ServiceEndpoint system_se;
private static String clientId;
private static String secret;
private static String oidcEndpoint;
public static void main(String[] args) {
@ -57,6 +58,7 @@ public class Startup {
}
clientId=cfg.getClientId();
secret=cfg.getSecret();
oidcEndpoint=cfg.getOidcEndpoint();
String[] server=retrieveServerConfiguration(cfg);
List<String> dtsHosts=null;//retrieveDTSConfiguration(cfg);
@ -82,10 +84,10 @@ public class Startup {
String[] server, List<String> dtsHosts, CubbyHole c1) {
UserAccountingConsumer ssConsumer=null;
if(user!=null && password != null)
ssConsumer=new UserAccountingConsumer(server, user, password, c1, 1, dtsHosts);
ssConsumer=new UserAccountingConsumer(server, user, password, c1, 1, dtsHosts, clientId, secret, oidcEndpoint);
else //if(args.length == 4)
ssConsumer=new UserAccountingConsumer(server, c1, 1, dtsHosts);
ssConsumer=new UserAccountingConsumer(server, c1, 1, dtsHosts, clientId, secret, oidcEndpoint);
// else{
// throw new IllegalArgumentException("input parameter are incorrect");
// }

29
src/main/java/org/gcube/contentmanager/storageserver/utils/Utils.java Normal file
View File

@ -0,0 +1,29 @@
package org.gcube.contentmanager.storageserver.utils;
import java.net.MalformedURLException;
import java.net.URL;
import org.gcube.common.authorization.library.provider.UmaJWTProvider;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.oidc.rest.JWTToken;
import org.gcube.oidc.rest.OpenIdConnectRESTHelper;
import org.gcube.oidc.rest.OpenIdConnectRESTHelperException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class Utils {
private static final Logger logger = LoggerFactory.getLogger(Utils.class);
public static JWTToken setToken(URL oidcAddress, String clientId, String secret) throws OpenIdConnectRESTHelperException {
String context=ScopeProvider.instance.get();
logger.info(clientId+" getting the UMAtoken for context "+context);
JWTToken token =null;
logger.debug("from "+oidcAddress);
token = OpenIdConnectRESTHelper.queryUMAToken(oidcAddress, clientId, secret, context, null);
logger.info("UMA token retrieved for context "+context);
UmaJWTProvider.instance.set(token.toString());
return token;
}
}

48
src/test/java/org/gcube/contentmanager/storageserver/test/TokenTest.java Normal file
View File

@ -0,0 +1,48 @@
package org.gcube.contentmanager.storageserver.test;
import static org.junit.Assert.assertNotNull;
import java.io.StringReader;
import java.net.MalformedURLException;
import java.net.URL;
import org.bson.json.JsonReader;
import org.gcube.common.scope.api.ScopeProvider;
import org.gcube.contentmanager.storageserver.utils.Utils;
import org.gcube.oidc.rest.JWTToken;
import org.gcube.oidc.rest.OpenIdConnectRESTHelperException;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class TokenTest {
URL oidcEndpoint = null;
String clientId="storage-manager-trigger";//"robcomp";//"storage-manager-trigger";//"robcomp";//
String secret="e2591a99-b694-4dbe-8f7b-9755a3db80af";//"0fec31cb-23c3-44e2-9359-d6db6784b7d3";//"e2591a99-b694-4dbe-8f7b-9755a3db80af";//"0fec31cb-23c3-44e2-9359-d6db6784b7d3";/
String context ="/gcube"; // "/gcube/devNext/NextNext";
private static Logger logger= LoggerFactory.getLogger(TokenTest.class);
@Test
public void test() {
try {
oidcEndpoint=new URL("https://accounts.dev.d4science.org/auth/realms/d4science/protocol/openid-connect/token");
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
ScopeProvider.instance.set(context);
JWTToken token=null;
try {
token = Utils.setToken(oidcEndpoint, clientId, secret);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
assertNotNull(token);
logger.info("token found "+token);
}
}