Repository: airavata Updated Branches: refs/heads/airavata-0.15-release-branch 170c2e310 -> 2c3a36886
adding credential store functions to airavata API Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/2c3a3688 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/2c3a3688 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/2c3a3688 Branch: refs/heads/airavata-0.15-release-branch Commit: 2c3a36886448b444fe2a8cea063f20f1d2aeac68 Parents: 170c2e3 Author: Chathuri Wimalasena <[email protected]> Authored: Thu Jul 16 10:58:25 2015 -0400 Committer: Chathuri Wimalasena <[email protected]> Committed: Thu Jul 16 10:58:25 2015 -0400 ---------------------------------------------------------------------- .../server/handler/AiravataServerHandler.java | 60 ++++++++++++++++++-- .../server/CredentialStoreServerHandler.java | 28 ++++++++- .../client/CredentialStoreClientFactory.java | 56 ++++++++++++++++++ 3 files changed, 139 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/2c3a3688/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java ---------------------------------------------------------------------- diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java index 04505d2..62d8e6f 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java @@ -33,6 +33,10 @@ import org.apache.airavata.common.logger.AiravataLogger; import org.apache.airavata.common.logger.AiravataLoggerFactory; import org.apache.airavata.common.utils.AiravataUtils; import org.apache.airavata.common.utils.ServerSettings; +import org.apache.airavata.credential.store.client.CredentialStoreClientFactory; +import org.apache.airavata.credential.store.cpi.CredentialStoreService; +import org.apache.airavata.credential.store.datamodel.SSHCredential; +import org.apache.airavata.credential.store.exception.CredentialStoreException; import org.apache.airavata.messaging.core.MessageContext; import org.apache.airavata.messaging.core.Publisher; import org.apache.airavata.messaging.core.PublisherFactory; @@ -68,6 +72,7 @@ import java.util.Map; public class AiravataServerHandler implements Airavata.Iface { private static final AiravataLogger logger = AiravataLoggerFactory.getLogger(AiravataServerHandler.class); private Registry registry; + private CredentialStoreService.Client csClient; private AppCatalog appCatalog; private Publisher publisher; private WorkflowCatalog workflowCatalog; @@ -204,17 +209,54 @@ public class AiravataServerHandler implements Airavata.Iface { @Override public String generateAndRegisterSSHKeys(String gatewayId, String userName) throws InvalidRequestException, AiravataClientException, AiravataSystemException, TException { - return null; + try { + if (csClient == null){ + csClient = getCredentialStoreServiceClient(); + } + SSHCredential sshCredential = new SSHCredential(); + sshCredential.setUsername(userName); + sshCredential.setGatewayId(gatewayId); + return csClient.addSSHCredential(sshCredential); + }catch (Exception e){ + logger.error("Error occurred while registering SSH Credential", e); + AiravataSystemException exception = new AiravataSystemException(); + exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR); + exception.setMessage("Error occurred while registering SSH Credential. More info : " + e.getMessage()); + throw exception; + } } @Override - public String getSSHPubKey(String airavataCredStoreToken) throws InvalidRequestException, AiravataClientException, AiravataSystemException, TException { - return null; + public String getSSHPubKey(String airavataCredStoreToken, String gatewayId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, TException { + try { + if (csClient == null){ + csClient = getCredentialStoreServiceClient(); + } + SSHCredential sshCredential = csClient.getSSHCredential(airavataCredStoreToken, gatewayId); + return sshCredential.getPublicKey(); + }catch (Exception e){ + logger.error("Error occurred while retrieving SSH credential", e); + AiravataSystemException exception = new AiravataSystemException(); + exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR); + exception.setMessage("Error occurred while retrieving SSH credential. More info : " + e.getMessage()); + throw exception; + } } @Override public Map<String, String> getAllUserSSHPubKeys(String userName) throws InvalidRequestException, AiravataClientException, AiravataSystemException, TException { - return null; + try { + if (csClient == null){ + csClient = getCredentialStoreServiceClient(); + } + return csClient.getAllSSHKeysForUser(userName); + }catch (Exception e){ + logger.error("Error occurred while retrieving SSH public keys for user : " + userName , e); + AiravataSystemException exception = new AiravataSystemException(); + exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR); + exception.setMessage("Error occurred while retrieving SSH public keys for user : " + userName + ". More info : " + e.getMessage()); + throw exception; + } } /** @@ -1738,6 +1780,16 @@ public class AiravataServerHandler implements Airavata.Iface { } } + private CredentialStoreService.Client getCredentialStoreServiceClient() throws TException{ + final int serverPort = Integer.parseInt(ServerSettings.getSetting(org.apache.airavata.common.utils.Constants.CREDENTIAL_SERVER_HOST,"8960")); + final String serverHost = ServerSettings.getSetting(org.apache.airavata.common.utils.Constants.CREDENTIAL_SERVER_PORT, null); + try { + return CredentialStoreClientFactory.createAiravataCSClient(serverHost, serverPort); + } catch (CredentialStoreException e) { + throw new TException("Unable to create credential store client...", e); + } + } + /** * Clone an specified experiment with a new name. A copy of the experiment configuration is made and is persisted with new metadata. * The client has to subsequently update this configuration if needed and launch the cloned experiment. http://git-wip-us.apache.org/repos/asf/airavata/blob/2c3a3688/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java index 8205a22..03020a0 100644 --- a/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java +++ b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java @@ -45,6 +45,9 @@ import sun.security.provider.X509Factory; import java.io.ByteArrayInputStream; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.List; +import java.util.Map; import java.util.UUID; public class CredentialStoreServerHandler implements CredentialStoreService.Iface { @@ -198,5 +201,28 @@ public class CredentialStoreServerHandler implements CredentialStoreService.Ifac return null; } - + @Override + public Map<String, String> getAllSSHKeysForUser(String username) throws org.apache.airavata.credential.store.exception.CredentialStoreException, TException { + Map<String, String> sshKeyMap = new HashMap<>(); + try { + List<Credential> allCredentials = credentialReader.getAllCredentials(); + if (allCredentials != null && !allCredentials.isEmpty()){ + for (Credential credential : allCredentials){ + if (credential.getPortalUserName().equals(username)){ + if (credential instanceof org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential){ + org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential sshCredential = (org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential)credential; + byte[] publicKey = sshCredential.getPublicKey(); + if (publicKey != null){ + sshKeyMap.put(sshCredential.getPortalUserName(), new String(publicKey)); + } + } + } + } + } + } catch (CredentialStoreException e) { + log.error("Error occurred while retrieving credentials", e); + throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while retrieving credentials"); + } + return sshKeyMap; + } } http://git-wip-us.apache.org/repos/asf/airavata/blob/2c3a3688/modules/credential-store/credential-store-stubs/src/main/java/org/apache/airavata/credential/store/client/CredentialStoreClientFactory.java ---------------------------------------------------------------------- diff --git a/modules/credential-store/credential-store-stubs/src/main/java/org/apache/airavata/credential/store/client/CredentialStoreClientFactory.java b/modules/credential-store/credential-store-stubs/src/main/java/org/apache/airavata/credential/store/client/CredentialStoreClientFactory.java new file mode 100644 index 0000000..283bb20 --- /dev/null +++ b/modules/credential-store/credential-store-stubs/src/main/java/org/apache/airavata/credential/store/client/CredentialStoreClientFactory.java @@ -0,0 +1,56 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ + +package org.apache.airavata.credential.store.client; + +import org.apache.airavata.common.exception.ApplicationSettingsException; +import org.apache.airavata.common.utils.ServerSettings; +import org.apache.airavata.credential.store.cpi.CredentialStoreService; +import org.apache.airavata.credential.store.exception.CredentialStoreException; +import org.apache.thrift.protocol.TBinaryProtocol; +import org.apache.thrift.protocol.TProtocol; +import org.apache.thrift.transport.TSSLTransportFactory; +import org.apache.thrift.transport.TTransport; +import org.apache.thrift.transport.TTransportException; + +public class CredentialStoreClientFactory { + + public static CredentialStoreService.Client createAiravataCSClient(String serverHost, int serverPort) throws CredentialStoreException { + TTransport transport; + try { + TSSLTransportFactory.TSSLTransportParameters params = + new TSSLTransportFactory.TSSLTransportParameters(); + String keystorePath = ServerSettings.getCredentialStoreThriftServerKeyStorePath(); + String keystorePWD = ServerSettings.getCredentialStoreThriftServerKeyStorePassword(); + params.setTrustStore(keystorePath, keystorePWD); + + transport = TSSLTransportFactory.getClientSocket(serverHost, serverPort, 10000, params); + TProtocol protocol = new TBinaryProtocol(transport); + + CredentialStoreService.Client client = new CredentialStoreService.Client(protocol); + return client; + } catch (TTransportException e) { + throw new CredentialStoreException("Unable to connect to the credential store server at " + serverHost + ":" + serverPort); + } catch (ApplicationSettingsException e) { + throw new CredentialStoreException("Unable to connect to the credential store server at " + serverHost + ":" + serverPort); + } + } +} \ No newline at end of file
