http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store-service/pom.xml ---------------------------------------------------------------------- diff --git a/modules/credential-store-service/pom.xml b/modules/credential-store-service/pom.xml deleted file mode 100644 index efc075f..0000000 --- a/modules/credential-store-service/pom.xml +++ /dev/null @@ -1,42 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file - distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under - the Apache License, Version 2.0 (theà "License"); you may not use this file except in compliance with the License. You may - obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to - in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF - ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under - the License. --> - -<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> - - <parent> - <groupId>org.apache.airavata</groupId> - <artifactId>airavata</artifactId> - <version>0.15-SNAPSHOT</version> - <relativePath>../../pom.xml</relativePath> - </parent> - - <modelVersion>4.0.0</modelVersion> - <artifactId>airavata-credential-store-service</artifactId> - <packaging>pom</packaging> - <name>Airavata Credential Store Service</name> - <url>http://airavata.apache.org/</url> - - <profiles> - <profile> - <id>default</id> - <activation> - <activeByDefault>true</activeByDefault> - </activation> - <modules> - <module>credential-store</module> - <module>credential-store-webapp</module> - </modules> - </profile> - </profiles> - <properties> - <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> - <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> - </properties> -</project>
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/pom.xml ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-service/pom.xml b/modules/credential-store/credential-store-service/pom.xml new file mode 100644 index 0000000..d8af25f --- /dev/null +++ b/modules/credential-store/credential-store-service/pom.xml @@ -0,0 +1,154 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor + license agreements. See the NOTICE file distributed with this work for additional + information regarding copyright ownership. The ASF licenses this file to + you under the Apache License, Version 2.0 (theà "License"); you may not use + this file except in compliance with the License. You may obtain a copy of + the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required + by applicable law or agreed to in writing, software distributed under the + License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS + OF ANY ~ KIND, either express or implied. See the License for the specific + language governing permissions and limitations under the License. --> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <parent> + <groupId>org.apache.airavata</groupId> + <artifactId>airavata</artifactId> + <version>0.15-SNAPSHOT</version> + <relativePath>../../../pom.xml</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>airavata-credential-store</artifactId> + <name>Airavata Credential Store</name> + <description>Module to manage credentials</description> + + <dependencies> + <dependency> + <groupId>edu.uiuc.ncsa.myproxy</groupId> + <artifactId>oa4mp-client-api</artifactId> + <version>${oa4mp.version}</version> + </dependency> + <dependency> + <groupId>edu.uiuc.ncsa.myproxy</groupId> + <artifactId>oa4mp-client-loader-oauth1</artifactId> + <version>${oa4mp.version}</version> + <exclusions> + <exclusion> + <groupId>net.oauth.core</groupId> + <artifactId>oauth-httpclient4</artifactId> + </exclusion> + <exclusion> + <groupId>net.oauth.core</groupId> + <artifactId>oauth-consumer</artifactId> + </exclusion> + <exclusion> + <groupId>mysql</groupId> + <artifactId>mysql-connector-java</artifactId> + </exclusion> + <exclusion> + <groupId>postgresql</groupId> + <artifactId>postgresql</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>4.7</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derby</artifactId> + <version>${derby.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derbyclient</artifactId> + <version>${derby.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derbynet</artifactId> + <version>${derby.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derbytools</artifactId> + <version>${derby.version}</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>commons-dbcp</groupId> + <artifactId>commons-dbcp</artifactId> + <version>1.4</version> + </dependency> + <dependency> + <groupId>org.apache.airavata</groupId> + <artifactId>airavata-common-utils</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>com.jcraft</groupId> + <artifactId>jsch</artifactId> + <version>0.1.50</version> + </dependency> + <dependency> + <groupId>javax.servlet</groupId> + <artifactId>servlet-api</artifactId> + <version>2.5</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-email</artifactId> + <version>1.3.2</version> + </dependency> + <dependency> + <groupId>org.apache.commons</groupId> + <artifactId>commons-io</artifactId> + <version>1.3.2</version> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>${surefire.version}</version> + <inherited>true</inherited> + <configuration> + <systemPropertyVariables> + <credential.module.directory>${basedir}</credential.module.directory> + </systemPropertyVariables> + <excludes> + <exclude>**/DAOBaseTestCase.java</exclude> + <exclude>**/MappingDAOTest.java</exclude> + </excludes> + <testSourceDirectory>${basedir}\src\test\java\</testSourceDirectory> + </configuration> + </plugin> + + </plugins> + <testSourceDirectory>${project.basedir}/src/test/java</testSourceDirectory> + <testOutputDirectory>${project.build.directory}/test-classes</testOutputDirectory> + <testResources> + <testResource> + <directory>${project.basedir}/src/test/resources</directory> + </testResource> + </testResources> + </build> +</project> http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql b/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql new file mode 100644 index 0000000..91915b6 --- /dev/null +++ b/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql @@ -0,0 +1,42 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +CREATE TABLE COMMUNITY_USER +( + GATEWAY_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL, + PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME) +); + + +CREATE TABLE CREDENTIALS +( + GATEWAY_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_NAME VARCHAR(256) NOT NULL, + CREDENTIAL CLOB NOT NULL, + PRIVATE_KEY CLOB NOT NULL, + NOT_BEFORE VARCHAR(256) NOT NULL, + NOT_AFTER VARCHAR(256) NOT NULL, + LIFETIME MEDIUMINT NOT NULL, + REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL, + REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00', + PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME) +); \ No newline at end of file http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql b/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql new file mode 100644 index 0000000..50d5e0f --- /dev/null +++ b/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql @@ -0,0 +1,42 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +CREATE TABLE COMMUNITY_USER +( + GATEWAY_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL, + PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME) +); + + +CREATE TABLE CREDENTIALS +( + GATEWAY_NAME VARCHAR(256) NOT NULL, + COMMUNITY_USER_NAME VARCHAR(256) NOT NULL, + CREDENTIAL TEXT NOT NULL, + PRIVATE_KEY TEXT NOT NULL, + NOT_BEFORE VARCHAR(256) NOT NULL, + NOT_AFTER VARCHAR(256) NOT NULL, + LIFETIME MEDIUMINT NOT NULL, + REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL, + REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00', + PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME) +); http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java new file mode 100644 index 0000000..12105e2 --- /dev/null +++ b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java @@ -0,0 +1,140 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.airavata.credential.store.client; + +import org.apache.airavata.common.exception.ApplicationSettingsException; +import org.apache.airavata.common.utils.AiravataUtils; +import org.apache.airavata.common.utils.Constants; +import org.apache.airavata.common.utils.ServerSettings; +import org.apache.airavata.credential.store.cpi.CredentialStoreService; +import org.apache.airavata.credential.store.datamodel.CertificateCredential; +import org.apache.airavata.credential.store.datamodel.CommunityUser; +import org.apache.airavata.credential.store.datamodel.SSHCredential; +import org.apache.thrift.TException; +import org.apache.thrift.protocol.TBinaryProtocol; +import org.apache.thrift.protocol.TProtocol; +import org.apache.thrift.transport.TSSLTransportFactory; +import org.apache.thrift.transport.TTransport; +import org.apache.thrift.transport.TTransportException; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import org.apache.commons.codec.binary.Base64; + +public class TestSSLClient { + private void invoke() { + TTransport transport; + try { + AiravataUtils.setExecutionAsServer(); + TSSLTransportFactory.TSSLTransportParameters params = + new TSSLTransportFactory.TSSLTransportParameters(); + String keystorePath = ServerSettings.getCredentialStoreThriftServerKeyStorePath(); + String keystorePWD = ServerSettings.getCredentialStoreThriftServerKeyStorePassword(); + params.setTrustStore(keystorePath, keystorePWD); + final int serverPort = Integer.parseInt(ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_PORT, "8960")); + final String serverHost = ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_HOST, null); + + transport = TSSLTransportFactory.getClientSocket(serverHost, serverPort, 10000, params); + TProtocol protocol = new TBinaryProtocol(transport); + + CredentialStoreService.Client client = new CredentialStoreService.Client(protocol); +// testSSHCredential(client); + testCertificateCredential(client); + transport.close(); + } catch (TTransportException e) { + e.printStackTrace(); + }catch (ApplicationSettingsException e) { + e.printStackTrace(); + } + } + + public static void testSSHCredential (CredentialStoreService.Client client){ + try { + SSHCredential sshCredential = new SSHCredential(); + sshCredential.setUsername("test"); + sshCredential.setGatewayId("testGateway"); + sshCredential.setPassphrase("mypassphrase"); + String token = client.addSSHCredential(sshCredential); + System.out.println("SSH Token :" + token); + SSHCredential credential = client.getSSHCredential(token, "testGateway"); + System.out.println("private key : " + credential.getPrivateKey()); + System.out.println("public key : " + credential.getPublicKey()); + }catch (TTransportException e) { + e.printStackTrace(); + } catch (TException e) { + e.printStackTrace(); + } + } + + public static void testCertificateCredential (CredentialStoreService.Client client){ + try { + CertificateCredential certificateCredential = new CertificateCredential(); + CommunityUser communityUser = new CommunityUser("testGateway", "test", "test@ddsd"); + certificateCredential.setCommunityUser(communityUser); + X509Certificate[] x509Certificates = new X509Certificate[1]; + KeyStore ks = KeyStore.getInstance("JKS"); + File keyStoreFile = new File("/Users/chathuri/dev/airavata/credential-store/oa4mp/airavata.jks"); + FileInputStream fis = new FileInputStream(keyStoreFile); + char[] password = "airavata".toCharArray(); + ks.load(fis,password); + x509Certificates[0] = (X509Certificate) ks.getCertificate("airavata"); + Base64 encoder = new Base64(64); + String cert_begin = "-----BEGIN CERTIFICATE-----\n"; + String end_cert = "-----END CERTIFICATE-----"; + byte[] derCert = x509Certificates[0].getEncoded(); + String pemCertPre = new String(encoder.encode(derCert)); + String pemCert = cert_begin + pemCertPre + end_cert; + certificateCredential.setX509Cert(pemCert); + String token = client.addCertificateCredential(certificateCredential); + System.out.println("Certificate Token :" + token); + CertificateCredential credential = client.getCertificateCredential(token, "testGateway"); + System.out.println("certificate : " + credential.getX509Cert()); + System.out.println("gateway name : " + credential.getCommunityUser().getGatewayNmae()); + }catch (TTransportException e) { + e.printStackTrace(); + } catch (TException e) { + e.printStackTrace(); + } catch (KeyStoreException e) { + e.printStackTrace(); + } catch (FileNotFoundException e) { + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (CertificateException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } + } + + public static void main(String[] args) { + TestSSLClient c = new TestSSLClient(); + c.invoke(); + + } +}
