modify generator to remove domain from the model

89d8b8ba · frederic motte · 778ef2f1 · 89d8b8ba · 89d8b8ba
Commit 89d8b8ba authored Oct 12, 2016 by frederic motte
--- a/Security-filter-gen/src/main/java/eu/chorevolution/transformations/sfgenerator/SFGenerator.java
+++ b/Security-filter-gen/src/main/java/eu/chorevolution/transformations/sfgenerator/SFGenerator.java
@@ -11,13 +11,14 @@ public interface SFGenerator {
 	 * @param sfName Name of the securityFilter
 	 * @param role Role of the securityFilter
 	 * @param STSUrl URL of the Federation Server
+	 * @param domain 
 	 * @param securityModel The security model of the service
 	 * @param groupsThe list of groups allow to access the service
 	 * @param account The account provided by the choreography designer in case of the model required generic account (Null if the model required user account)
 	 * @return A SF element which contains the WAR element
 	 * @throws SFGeneratorException
 	 */
-	SF generateSecurityFilter(String sfName, String STSUrl, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException;
+	SF generateSecurityFilter(String sfName, String STSUrl, String domain, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException;

 	/**
 	 * Generation of the security filter present in front of the choreography

--- a/Security-filter-gen/src/main/java/eu/chorevolution/transformations/sfgenerator/impl/SFGeneratorImpl.java
+++ b/Security-filter-gen/src/main/java/eu/chorevolution/transformations/sfgenerator/impl/SFGeneratorImpl.java
@@ -8,7 +8,6 @@ import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
-import java.security.Provider.Service;
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
@@ -26,10 +25,6 @@ import org.eclipse.emf.common.util.URI;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

-//import com.sun.jersey.api.client.Client;
-//import com.sun.jersey.api.client.ClientResponse;
-//import com.sun.jersey.api.client.WebResource;
-
 import eu.chorevolution.transformations.sfgenerator.SFGeneratorException;
 import eu.chorevolution.transformations.sfgenerator.SFType;
 import eu.chorevolution.transformations.sfgenerator.impl.utility.Encryptor;
@@ -43,52 +38,14 @@ import eu.chorevolution.modelingnotations.security.Authentication;
 import eu.chorevolution.modelingnotations.security.AuthenticationTypeForwarded;
 import eu.chorevolution.modelingnotations.security.CredentialType;
 import eu.chorevolution.modelingnotations.security.SecurityModel;
-import eu.chorevolution.modelingnotations.security.SecurityPolicySet;
 import eu.chorevolution.transformations.sfgenerator.ConnectionAccount;
 import eu.chorevolution.transformations.sfgenerator.LoginPasswordConnectionAccount;
 import eu.chorevolution.transformations.sfgenerator.SFGenerator;

-import com.sun.jersey.api.client.Client;
-import com.sun.jersey.api.client.ClientResponse;
-import com.sun.jersey.api.client.WebResource;
-
 public class SFGeneratorImpl implements SFGenerator {

 	private static final Logger logger = LoggerFactory.getLogger(SFGeneratorImpl.class);

-	private void postService(String domain, String ServiceName , String service, String federationServerURL) throws SFGeneratorException{
-		try {
-		logger.info("Post service credential with" );
-		logger.info("	Domain:" + domain );
-		logger.info("	Service:" + service );
-		logger.info("	STSUrl:" + federationServerURL );
-		Client client = Client.create();
-
-		WebResource webResource = client
-				.resource(federationServerURL + "/resources/domains/"+domain+"/services/");
-		ClientResponse response= webResource.accept("application/json").type("application/json")
-				.post(ClientResponse.class, service);
-
-		logger.info("Post service " + response.getStatus());
-		logger.info("Post service " + response.getClientResponseStatus());
-
-		if (response.getClientResponseStatus().equals(response.getClientResponseStatus().BAD_REQUEST)){
-			WebResource webResourcePut = client
-					.resource(federationServerURL + "/resources/domains/"+domain+"/services/"+ ServiceName);
-			response= webResourcePut.accept("application/json").type("application/json")
-					.put(ClientResponse.class, service);
-
-			logger.info("put service " + response.getStatus());
-			logger.info("put service " + response.getClientResponseStatus());
-		}
-		if (response.getStatus() != 200 && response.getStatus() != 204&& response.getStatus() != 201) {
-			logger.error("problem during post user " + service);
-			//throw new SFGeneratorException("problem during post user " + service);
-		}
-		}catch(Exception e){
-			logger.error("problem during post user " + service);
-		}
-	}

 	private File generateConfigurationFile(String sfName, String destDir, byte[] securityModel, List<String> groups, ConnectionAccount account, SFType securityFilterType, String domain, String STSUrl) throws SFGeneratorException {

@@ -119,7 +76,7 @@ public class SFGeneratorImpl implements SFGenerator {
 				throw new SFGeneratorException("No security policy set defined into the security model");


-			securityPolicy.setDomain(sModel.getSecuritypolicyset().getDomainName());
+			securityPolicy.setDomain(domain);
 			securityPolicy.getProvider().setServiceName(sModel.getSecuritypolicyset().getServiceName());
 			if (sModel.getSecuritypolicyset().getAuthentication()!=null){

@@ -135,41 +92,26 @@ public class SFGeneratorImpl implements SFGenerator {


 						if (authentication.getAuthNTypeForwarded().equals(AuthenticationTypeForwarded.GENERIC_ACCOUNT)){
-
+							Encryptor enc = new Encryptor("dsadsadasa4444");
 							if (account!=null)
 							{
 								if (account instanceof LoginPasswordConnectionAccount) {
 									LoginPasswordConnectionAccount lpAccount = (LoginPasswordConnectionAccount) account;

 									e.setCredentialType(authentication.getCredentialType().getName());
-									e.setGenericAccount(null);
-									e.setGenericCredential(null);
-									e.setAuthNElement(null);
-
-
-									// forward the account into the Federation Server
-									String serviceName = sModel.getSecuritypolicyset().getServiceName();
-									if (lpAccount!=null)
-									{
-										if (lpAccount.getLogin()!=null && lpAccount.getPassword()!=null)
-										{
-											//TODO : remove hard coded value
-											Encryptor enc = new Encryptor("dsadsadasa4444");
-
-											String service;
-											try {
-												service = "{\"servicename\":\""+serviceName + "\",\"serviceaccount\":\"" + lpAccount.getLogin()+ "\",\"credentialtype\":\"usernametoken\",\"credential\":\""+enc.encode(lpAccount.getPassword())+"\"}";
-											} catch (InvalidKeyException | NoSuchAlgorithmException
-													| NoSuchPaddingException | IllegalBlockSizeException
-													| BadPaddingException | UnsupportedEncodingException e1) {
-												// TODO Auto-generated catch block
-												e1.printStackTrace();
-												throw new SFGeneratorException("Password encryption failed");
-											}
-											postService(sModel.getSecuritypolicyset().getDomainName(),serviceName, service, STSUrl);
-										}
+									if (lpAccount!=null){
+									e.setGenericAccount(lpAccount.getLogin());
+									try {
+										e.setGenericCredential(enc.encode(lpAccount.getPassword()));
+									} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
+											| IllegalBlockSizeException | BadPaddingException
+											| UnsupportedEncodingException e1) {
+										// TODO Auto-generated catch block
+										e1.printStackTrace();
+										throw new SFGeneratorException("Password encryption error");
 									}
-
+									}
+									e.setAuthNElement(null);
 								}
 								else{
 									throw new SFGeneratorException("Authentication mechanism not supported");
@@ -177,7 +119,15 @@ public class SFGeneratorImpl implements SFGenerator {
 							} else if (authentication.getGenericAccount()!=null && authentication.getGenericCredential()!=null) {
 								e.setCredentialType(authentication.getCredentialType().getName());
 								e.setGenericAccount(authentication.getGenericAccount());
-								e.setGenericCredential(authentication.getGenericCredential());
+								try {
+									e.setGenericCredential(enc.encode(authentication.getGenericCredential()));
+								} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
+										| IllegalBlockSizeException | BadPaddingException
+										| UnsupportedEncodingException e1) {
+									// TODO Auto-generated catch block
+									e1.printStackTrace();
+									throw new SFGeneratorException("Password encryption error");
+								}
 								e.setAuthNElement(null);
 							} else {
 								throw new SFGeneratorException("Generic account required but not provided");
@@ -216,7 +166,7 @@ public class SFGeneratorImpl implements SFGenerator {


 	@Override
-	public SF generateSecurityFilter(String sfName, String STSUrl, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException {
+	public SF generateSecurityFilter(String sfName, String STSUrl, String domain, byte[] securityModel, List<String> groups, ConnectionAccount account) throws SFGeneratorException {

 		SF sf = new SF(sfName);
 		try {
@@ -228,7 +178,7 @@ public class SFGeneratorImpl implements SFGenerator {
 			destDir = Utilities.getDestinationFolderPath(destDir);
 			Utilities.deleteProjectFolder(destDir);
 			File warResultFile = Utilities.copyWarTemplate(destDir);
-			File configurationFile = generateConfigurationFile(sfName, destDir, securityModel, groups, account, SFType.ADAPTATION, null, STSUrl);
+			File configurationFile = generateConfigurationFile(sfName, destDir, securityModel, groups, account, SFType.ADAPTATION, domain, STSUrl);
 			Utilities.addConfigFileintoWar(destDir, configurationFile);
 			File webXml = Utilities.createWebXml(destDir, sf.getName(), STSUrl);
 			Utilities.addWebXmlFileintoWar(destDir, webXml);
@@ -280,15 +230,16 @@ public class SFGeneratorImpl implements SFGenerator {
 		List<String> groups = new ArrayList<String>();
 		groups.add("group1");
 		groups.add("group5");
-
+		String domain = "Master";
+		
 		{
 			System.out.println("Generation of a SF in front of the choreography");
 			String SFName = "testProtection";

 			SFGenerator cdGenerator = new SFGeneratorImpl();

-			String domain = "domain2";
-			groups = null;
+
+			
 			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , groups);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}
@@ -300,7 +251,7 @@ public class SFGeneratorImpl implements SFGenerator {
 			byte[] securityModel = Files.readAllBytes(securityPath);

 			SFGenerator cdGenerator = new SFGeneratorImpl();		
-			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
+			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}

@@ -315,18 +266,19 @@ public class SFGeneratorImpl implements SFGenerator {
 			account.setLogin("root");
 			account.setPassword("password");

-			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, account);
+			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, account);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}

 		{
+			groups = null;
 			System.out.println("Generation of a SF in front of a legacy Service. During the service definition, the service owner has required a nominative user account");
 			String SFName = "testUserAccount";
 			Path securityPath = Paths.get("SecModelUserAccount.security");
 			byte[] securityModel = Files.readAllBytes(securityPath);

 			SFGenerator cdGenerator = new SFGeneratorImpl();
-			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
+			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}

@@ -337,7 +289,7 @@ public class SFGeneratorImpl implements SFGenerator {
 			byte[] securityModel = Files.readAllBytes(securityPath);

 			SFGenerator cdGenerator = new SFGeneratorImpl();
-			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, null);
+			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, null);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}

@@ -350,7 +302,7 @@ public class SFGeneratorImpl implements SFGenerator {
 			account.setLogin("root");
 			account.setPassword("password");
 			SFGenerator cdGenerator = new SFGeneratorImpl();
-			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", securityModel, groups, account);
+			SF cd = cdGenerator.generateSecurityFilter(SFName, "http://127.0.0.1:8080/SecurityTokenService", domain , securityModel, groups, account);
 			FileUtils.writeByteArrayToFile(new File( "." + File.separatorChar + SFName + File.separatorChar + "SecurityfilterServletProxy.war"), cd.getWar());
 		}