This is an automated email from the ASF dual-hosted git repository.
isjarana pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/airavata-data-lake.git
The following commit(s) were added to refs/heads/master by this push:
new 86e313d Bug fix and auth cache
new a124f11 Merge pull request #20 from isururanawaka/workflow_invocation
86e313d is described below
commit 86e313dd160d2d00859425a0c9a472f989fde880
Author: Isuru Ranawaka <[email protected]>
AuthorDate: Thu Jul 8 11:49:35 2021 -0400
Bug fix and auth cache
---
.../processor/OutboundEventProcessor.java | 3 +-
.../drms/api/interceptors/Authenticator.java | 50 +++++++++++++++-------
.../drms/api/interceptors/authcache/AuthCache.java | 37 ++++++++++++++++
.../api/interceptors/authcache/CacheEntry.java | 39 +++++++++++++++++
.../core/serializer/GenericResourceSerializer.java | 2 +-
5 files changed, 113 insertions(+), 18 deletions(-)
diff --git
a/data-orchestrator/data-orchestrator-service/data-orchestrator-api-server/src/main/java/org/apache/airavata/datalake/orchestrator/processor/OutboundEventProcessor.java
b/data-orchestrator/data-orchestrator-service/data-orchestrator-api-server/src/main/java/org/apache/airavata/datalake/orchestrator/processor/OutboundEventProcessor.java
index 8038061..82e554c 100644
---
a/data-orchestrator/data-orchestrator-service/data-orchestrator-api-server/src/main/java/org/apache/airavata/datalake/orchestrator/processor/OutboundEventProcessor.java
+++
b/data-orchestrator/data-orchestrator-service/data-orchestrator-api-server/src/main/java/org/apache/airavata/datalake/orchestrator/processor/OutboundEventProcessor.java
@@ -101,8 +101,9 @@ public class OutboundEventProcessor implements
MessageProcessor<Configuration> {
for (int i = 1; i < collections.length - 1; i++) {
String resourceName = collections[i];
- String entityId =
Utils.getId(resourcePath.substring(resourcePath.indexOf(resourceName)));
String path = entity.getResourcePath().substring(0,
entity.getResourcePath().indexOf(resourceName));
+ path = path.concat(resourceName);
+ String entityId = Utils.getId(path);
Optional<GenericResource> optionalGenericResource =
this.drmsConnector.createResource(repository, entity,
entityId, resourceName, path, parentId, "COLLECTION");
if (optionalGenericResource.isPresent()) {
diff --git
a/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/Authenticator.java
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/Authenticator.java
index f2eae42..10cdf51 100644
---
a/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/Authenticator.java
+++
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/Authenticator.java
@@ -8,6 +8,8 @@ import io.grpc.Metadata;
import org.apache.airavata.datalake.drms.AuthCredentialType;
import org.apache.airavata.datalake.drms.AuthenticatedUser;
import org.apache.airavata.datalake.drms.DRMSServiceAuthToken;
+import org.apache.airavata.drms.api.interceptors.authcache.AuthCache;
+import org.apache.airavata.drms.api.interceptors.authcache.CacheEntry;
import org.apache.custos.clients.CustosClientProvider;
import org.apache.custos.iam.service.UserRepresentation;
import org.apache.custos.identity.management.client.IdentityManagementClient;
@@ -80,14 +82,22 @@ public class Authenticator implements ServiceInterceptor {
if
(drmsServiceAuthToken.getAuthCredentialType().equals(AuthCredentialType.UNKNOWN)
||
drmsServiceAuthToken.getAuthCredentialType().equals(AuthCredentialType.USER_CREDENTIAL))
{
String accessToken = drmsServiceAuthToken.getAccessToken();
- User user = identityManagementClient.getUser(accessToken);
- return Optional.ofNullable(AuthenticatedUser.newBuilder()
- .setUsername(user.getUsername())
- .setFirstName(user.getFirstName())
- .setLastName(user.getLastName())
- .setEmailAddress(user.getEmailAddress())
- .setTenantId(user.getClientId())
- .build());
+ Optional<AuthenticatedUser> optionalAuthenticatedUser =
AuthCache.getAuthenticatedUser(accessToken);
+ if (optionalAuthenticatedUser.isPresent()) {
+ return
Optional.ofNullable(optionalAuthenticatedUser.get());
+ } else {
+ User user = identityManagementClient.getUser(accessToken);
+ AuthenticatedUser authUser = AuthenticatedUser.newBuilder()
+ .setUsername(user.getUsername())
+ .setFirstName(user.getFirstName())
+ .setLastName(user.getLastName())
+ .setEmailAddress(user.getEmailAddress())
+ .setTenantId(user.getClientId())
+ .build();
+ CacheEntry cacheEntry = new CacheEntry(accessToken,
System.currentTimeMillis(), authUser);
+ AuthCache.cache(cacheEntry);
+ return Optional.ofNullable(authUser);
+ }
} else if (drmsServiceAuthToken.getAuthCredentialType()
.equals(AuthCredentialType.AGENT_ACCOUNT_CREDENTIAL)) {
//Agents use service account to get access token
@@ -113,14 +123,22 @@ public class Authenticator implements ServiceInterceptor {
}
} else {
//Assume rest clients always call with user token
- User user = identityManagementClient.getUser(tokenHeaders.get());
- return Optional.ofNullable(AuthenticatedUser.newBuilder()
- .setUsername(user.getUsername())
- .setFirstName(user.getFirstName())
- .setLastName(user.getLastName())
- .setEmailAddress(user.getEmailAddress())
- .setTenantId(user.getClientId())
- .build());
+ Optional<AuthenticatedUser> optionalAuthenticatedUser =
AuthCache.getAuthenticatedUser(tokenHeaders.get());
+ if (optionalAuthenticatedUser.isPresent()) {
+ return Optional.ofNullable(optionalAuthenticatedUser.get());
+ } else {
+ User user =
identityManagementClient.getUser(tokenHeaders.get());
+ AuthenticatedUser authUser = AuthenticatedUser.newBuilder()
+ .setUsername(user.getUsername())
+ .setFirstName(user.getFirstName())
+ .setLastName(user.getLastName())
+ .setEmailAddress(user.getEmailAddress())
+ .setTenantId(user.getClientId())
+ .build();
+ CacheEntry cacheEntry = new CacheEntry(tokenHeaders.get(),
System.currentTimeMillis(), authUser);
+ AuthCache.cache(cacheEntry);
+ return Optional.ofNullable(authUser);
+ }
}
return Optional.empty();
}
diff --git
a/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/AuthCache.java
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/AuthCache.java
new file mode 100644
index 0000000..a1adfe8
--- /dev/null
+++
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/AuthCache.java
@@ -0,0 +1,37 @@
+package org.apache.airavata.drms.api.interceptors.authcache;
+
+import org.apache.airavata.datalake.drms.AuthenticatedUser;
+
+import java.util.Optional;
+import java.util.concurrent.ConcurrentHashMap;
+
+public class AuthCache {
+ private static volatile ConcurrentHashMap authCache = new
ConcurrentHashMap();
+
+ private static final int MAX_NUMBER_OF_ENTRIES = 1000;
+ private static final long MAX_CACHE_TIME = 30 * 60 * 1000;
+
+
+ public static void cache(CacheEntry cacheEntry) {
+ if (authCache.size() == MAX_NUMBER_OF_ENTRIES) {
+ //TODO replace with FIFO
+ authCache.clear();
+ }
+ authCache.put(cacheEntry.getAccessToken(), cacheEntry);
+ }
+
+ public static Optional<AuthenticatedUser> getAuthenticatedUser(String
accessToken) {
+ if (authCache.containsKey(accessToken)) {
+ CacheEntry cacheEntry = (CacheEntry) authCache.get(accessToken);
+ long insertionTime = cacheEntry.getInsertionTime();
+ long entryExpiredTimeStamp = insertionTime + MAX_CACHE_TIME;
+ if (System.currentTimeMillis() - entryExpiredTimeStamp > 0) {
+ authCache.remove(accessToken);
+ return Optional.empty();
+ } else {
+ return Optional.ofNullable(((CacheEntry)
authCache.get(accessToken)).getUser());
+ }
+ }
+ return Optional.empty();
+ }
+}
diff --git
a/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/CacheEntry.java
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/CacheEntry.java
new file mode 100644
index 0000000..263d103
--- /dev/null
+++
b/data-resource-management-service/drms-api/src/main/java/org/apache/airavata/drms/api/interceptors/authcache/CacheEntry.java
@@ -0,0 +1,39 @@
+package org.apache.airavata.drms.api.interceptors.authcache;
+
+import org.apache.airavata.datalake.drms.AuthenticatedUser;
+
+public class CacheEntry {
+ private String accessToken;
+ private long insertionTime;
+ private AuthenticatedUser user;
+
+ public CacheEntry(String accessToken, long insertionTime,
AuthenticatedUser user) {
+ this.accessToken = accessToken;
+ this.insertionTime = insertionTime;
+ this.user = user;
+ }
+
+ public String getAccessToken() {
+ return accessToken;
+ }
+
+ public void setAccessToken(String accessToken) {
+ this.accessToken = accessToken;
+ }
+
+ public long getInsertionTime() {
+ return insertionTime;
+ }
+
+ public void setInsertionTime(long insertionTime) {
+ this.insertionTime = insertionTime;
+ }
+
+ public AuthenticatedUser getUser() {
+ return user;
+ }
+
+ public void setUser(AuthenticatedUser user) {
+ this.user = user;
+ }
+}
diff --git
a/data-resource-management-service/drms-core/src/main/java/org/apache/airavata/drms/core/serializer/GenericResourceSerializer.java
b/data-resource-management-service/drms-core/src/main/java/org/apache/airavata/drms/core/serializer/GenericResourceSerializer.java
index dc201c8..7f65770 100644
---
a/data-resource-management-service/drms-core/src/main/java/org/apache/airavata/drms/core/serializer/GenericResourceSerializer.java
+++
b/data-resource-management-service/drms-core/src/main/java/org/apache/airavata/drms/core/serializer/GenericResourceSerializer.java
@@ -12,7 +12,7 @@ public class GenericResourceSerializer {
public static Map<String, Object> serializeToMap(GenericResource
anyResource) {
Map<String, Object> fields = new HashMap<>();
- Map<Descriptors.FieldDescriptor, Object> allFields = null;
+ Map<Descriptors.FieldDescriptor, Object> allFields =
anyResource.getAllFields();
if (allFields != null) {
allFields.forEach((descriptor, value) -> {
