Commit 89d8b8ba authored by frederic motte's avatar frederic motte
Browse files

modify generator to remove domain from the model

parent 778ef2f1
......@@ -11,13 +11,14 @@ public interface SFGenerator {
* @param sfName Name of the securityFilter
* @param role Role of the securityFilter
* @param STSUrl URL of the Federation Server
* @param domain
* @param securityModel The security model of the service
* @param groupsThe list of groups allow to access the service
* @param account The account provided by the choreography designer in case of the model required generic account (Null if the model required user account)
* @return A SF element which contains the WAR element
* @throws SFGeneratorException
*/
SF generateSecurityFilter(String sfName, String STSUrl, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException;
SF generateSecurityFilter(String sfName, String STSUrl, String domain, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException;
/**
* Generation of the security filter present in front of the choreography
......
......@@ -8,7 +8,6 @@ import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider.Service;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
......@@ -26,10 +25,6 @@ import org.eclipse.emf.common.util.URI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
//import com.sun.jersey.api.client.Client;
//import com.sun.jersey.api.client.ClientResponse;
//import com.sun.jersey.api.client.WebResource;
import eu.chorevolution.transformations.sfgenerator.SFGeneratorException;
import eu.chorevolution.transformations.sfgenerator.SFType;
import eu.chorevolution.transformations.sfgenerator.impl.utility.Encryptor;
......@@ -43,52 +38,14 @@ import eu.chorevolution.modelingnotations.security.Authentication;
import eu.chorevolution.modelingnotations.security.AuthenticationTypeForwarded;
import eu.chorevolution.modelingnotations.security.CredentialType;
import eu.chorevolution.modelingnotations.security.SecurityModel;
import eu.chorevolution.modelingnotations.security.SecurityPolicySet;
import eu.chorevolution.transformations.sfgenerator.ConnectionAccount;
import eu.chorevolution.transformations.sfgenerator.LoginPasswordConnectionAccount;
import eu.chorevolution.transformations.sfgenerator.SFGenerator;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
public class SFGeneratorImpl implements SFGenerator {
private static final Logger logger = LoggerFactory.getLogger(SFGeneratorImpl.class);
private void postService(String domain, String ServiceName , String service, String federationServerURL) throws SFGeneratorException{
try {
logger.info("Post service credential with" );
logger.info(" Domain:" + domain );
logger.info(" Service:" + service );
logger.info(" STSUrl:" + federationServerURL );
Client client = Client.create();
WebResource webResource = client
.resource(federationServerURL + "/resources/domains/"+domain+"/services/");
ClientResponse response= webResource.accept("application/json").type("application/json")
.post(ClientResponse.class, service);
logger.info("Post service " + response.getStatus());
logger.info("Post service " + response.getClientResponseStatus());
if (response.getClientResponseStatus().equals(response.getClientResponseStatus().BAD_REQUEST)){
WebResource webResourcePut = client
.resource(federationServerURL + "/resources/domains/"+domain+"/services/"+ ServiceName);
response= webResourcePut.accept("application/json").type("application/json")
.put(ClientResponse.class, service);
logger.info("put service " + response.getStatus());
logger.info("put service " + response.getClientResponseStatus());
}
if (response.getStatus() != 200 && response.getStatus() != 204&& response.getStatus() != 201) {
logger.error("problem during post user " + service);
//throw new SFGeneratorException("problem during post user " + service);
}
}catch(Exception e){
logger.error("problem during post user " + service);
}
}
private File generateConfigurationFile(String sfName, String destDir, byte[] securityModel, List<String> groups, ConnectionAccount account, SFType securityFilterType, String domain, String STSUrl) throws SFGeneratorException {
......@@ -119,7 +76,7 @@ public class SFGeneratorImpl implements SFGenerator {
throw new SFGeneratorException("No security policy set defined into the security model");
securityPolicy.setDomain(sModel.getSecuritypolicyset().getDomainName());
securityPolicy.setDomain(domain);
securityPolicy.getProvider().setServiceName(sModel.getSecuritypolicyset().getServiceName());
if (sModel.getSecuritypolicyset().getAuthentication()!=null){
......@@ -135,41 +92,26 @@ public class SFGeneratorImpl implements SFGenerator {
if (authentication.getAuthNTypeForwarded().equals(AuthenticationTypeForwarded.GENERIC_ACCOUNT)){
Encryptor enc = new Encryptor("dsadsadasa4444");
if (account!=null)
{
if (account instanceof LoginPasswordConnectionAccount) {
LoginPasswordConnectionAccount lpAccount = (LoginPasswordConnectionAccount) account;
e.setCredentialType(authentication.getCredentialType().getName());
e.setGenericAccount(null);
e.setGenericCredential(null);
e.setAuthNElement(null);
// forward the account into the Federation Server
String serviceName = sModel.getSecuritypolicyset().getServiceName();
if (lpAccount!=null)
{
if (lpAccount.getLogin()!=null && lpAccount.getPassword()!=null)
{
//TODO : remove hard coded value
Encryptor enc = new Encryptor("dsadsadasa4444");
String service;
try {
service = "{\"servicename\":\""+serviceName + "\",\"serviceaccount\":\"" + lpAccount.getLogin()+ "\",\"credentialtype\":\"usernametoken\",\"credential\":\""+enc.encode(lpAccount.getPassword())+"\"}";
} catch (InvalidKeyException | NoSuchAlgorithmException
| NoSuchPaddingException | IllegalBlockSizeException
| BadPaddingException | UnsupportedEncodingException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
throw new SFGeneratorException("Password encryption failed");
}
postService(sModel.getSecuritypolicyset().getDomainName(),serviceName, service, STSUrl);
}
if (lpAccount!=null){
e.setGenericAccount(lpAccount.getLogin());
try {
e.setGenericCredential(enc.encode(lpAccount.getPassword()));
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
| IllegalBlockSizeException | BadPaddingException
| UnsupportedEncodingException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
throw new SFGeneratorException("Password encryption error");
}
}
e.setAuthNElement(null);
}
else{
throw new SFGeneratorException("Authentication mechanism not supported");
......@@ -177,7 +119,15 @@ public class SFGeneratorImpl implements SFGenerator {
} else if (authentication.getGenericAccount()!=null && authentication.getGenericCredential()!=null) {
e.setCredentialType(authentication.getCredentialType().getName());
e.setGenericAccount(authentication.getGenericAccount());
e.setGenericCredential(authentication.getGenericCredential());
try {
e.setGenericCredential(enc.encode(authentication.getGenericCredential()));
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
| IllegalBlockSizeException | BadPaddingException
| UnsupportedEncodingException e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
throw new SFGeneratorException("Password encryption error");
}
e.setAuthNElement(null);
} else {
throw new SFGeneratorException("Generic account required but not provided");
......@@ -216,7 +166,7 @@ public class SFGeneratorImpl implements SFGenerator {
@Override
public SF generateSecurityFilter(String sfName, String STSUrl, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException {
public SF generateSecurityFilter(String sfName, String STSUrl, String domain, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException {
SF sf = new SF(sfName);
try {
......@@ -228,7 +178,7 @@ public class SFGeneratorImpl implements SFGenerator {
destDir = Utilities.getDestinationFolderPath(destDir);
Utilities.deleteProjectFolder(destDir);
File warResultFile = Utilities.copyWarTemplate(destDir);
File configurationFile = generateConfigurationFile(sfName, destDir, securityModel, groups, account, SFType.ADAPTATION, null, STSUrl);
File configurationFile = generateConfigurationFile(sfName, destDir, securityModel, groups, account, SFType.ADAPTATION, domain, STSUrl);
Utilities.addConfigFileintoWar(destDir, configurationFile);
File webXml = Utilities.createWebXml(destDir, sf.getName(), STSUrl);
Utilities.addWebXmlFileintoWar(destDir, webXml);
......@@ -280,15 +230,16 @@ public class SFGeneratorImpl implements SFGenerator {
List<String> groups = new ArrayList<String>();
groups.add("group1");
groups.add("group5");
String domain = "Master";
{
System.out.println("Generation of a SF in front of the choreography");
String SFName = "testProtection";
SFGenerator cdGenerator = new SFGeneratorImpl();
String domain = "domain2";
groups = null;
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , groups);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
......@@ -300,7 +251,7 @@ public class SFGeneratorImpl implements SFGenerator {
byte[] securityModel = Files.readAllBytes(securityPath);
SFGenerator cdGenerator = new SFGeneratorImpl();
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
......@@ -315,18 +266,19 @@ public class SFGeneratorImpl implements SFGenerator {
account.setLogin("root");
account.setPassword("password");
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, account);
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, account);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
{
groups = null;
System.out.println("Generation of a SF in front of a legacy Service. During the service definition, the service owner has required a nominative user account");
String SFName = "testUserAccount";
Path securityPath = Paths.get("SecModelUserAccount.security");
byte[] securityModel = Files.readAllBytes(securityPath);
SFGenerator cdGenerator = new SFGeneratorImpl();
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
......@@ -337,7 +289,7 @@ public class SFGeneratorImpl implements SFGenerator {
byte[] securityModel = Files.readAllBytes(securityPath);
SFGenerator cdGenerator = new SFGeneratorImpl();
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
......@@ -350,7 +302,7 @@ public class SFGeneratorImpl implements SFGenerator {
account.setLogin("root");
account.setPassword("password");
SFGenerator cdGenerator = new SFGeneratorImpl();
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, account);
SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, account);
FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment