use of com.emc.storageos.security.authentication.AuthSvcInternalApiClientIterator in project coprhd-controller by CoprHD.
the class Validator method isUsableAuthenticationProvider.
/**
* Sends an internal api call to authsvc to validate authentication provider
* basic connectivity parameters
*
* @param param has the basic connectivity parameters
* @param errorString will be set to an error message if the validation fails
* @return true if validation succeeded. False otherwise.
*/
public static boolean isUsableAuthenticationProvider(AuthnProviderParamsToValidate param, StringBuilder errorString) {
String endpoint = null;
int attempts = 0;
while (attempts < _MAX_VALIDATION_RETRIES) {
_log.debug("Validation attempt {}", ++attempts);
AuthSvcInternalApiClientIterator authSvcClientItr = new AuthSvcInternalApiClientIterator(_authSvcEndPointLocator, _coordinator);
try {
if (authSvcClientItr.hasNext()) {
endpoint = authSvcClientItr.peek().toString();
_log.info("isAuthenticationProvider(): {}", endpoint);
final ClientResponse response = authSvcClientItr.post(URI.create(_URI_VALIDATE_AUTHNPROVIDER.toString()), param);
final int status = response.getStatus();
String errorRaw = response.getEntity(String.class);
_log.debug("Status: {}", status);
_log.debug("Response entity: {}", errorRaw);
if (status == ClientResponse.Status.OK.getStatusCode()) {
return true;
} else if (status == ClientResponse.Status.BAD_REQUEST.getStatusCode()) {
errorString.append(errorRaw);
return false;
} else {
_log.info("Unexpected response code {}.", status);
}
}
} catch (Exception e) {
_log.info("Exception connecting to {}. ", endpoint, e);
}
}
return false;
}
use of com.emc.storageos.security.authentication.AuthSvcInternalApiClientIterator in project coprhd-controller by CoprHD.
the class APINotifier method notifyChangeToAuthsvc.
/**
* Call the internode URI on all authSvc endpoints to reload
*/
public void notifyChangeToAuthsvc() {
try {
AuthSvcInternalApiClientIterator authSvcItr = new AuthSvcInternalApiClientIterator(_authSvcEndPointLocator, _coordinator);
while (authSvcItr.hasNext()) {
String endpoint = authSvcItr.peek().toString();
_log.info("sending request to endpoint: " + endpoint);
try {
ClientResponse response = authSvcItr.post(_URI_AUTH_RELOAD, null);
if (response.getStatus() != ClientResponse.Status.OK.getStatusCode()) {
_log.error("Failed to reload authN providers on endpoint {} response {}", endpoint, response.toString());
}
} catch (Exception e) {
_log.error("Caught exception trying to reload an authsvc on {} continuing", endpoint, e);
}
}
} catch (CoordinatorException e) {
_log.error("Caught coordinator exception trying to find an authsvc endpoint", e);
}
}
use of com.emc.storageos.security.authentication.AuthSvcInternalApiClientIterator in project coprhd-controller by CoprHD.
the class UserInfoHelper method getUserDetails.
/**
* Gets the groups a user is a member of.
*
* @param username the name of the user
* @return UserGroupList
*/
public UserDetails getUserDetails(String username, StringBuilder error) {
String endpoint = null;
String param;
try {
param = "?username=" + URLEncoder.encode(username, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw APIException.badRequests.unableToEncodeString(username, e);
}
int attempts = 0;
while (attempts < _MAX_VALIDATION_RETRIES) {
_log.debug("Get user details attempt {}", ++attempts);
AuthSvcInternalApiClientIterator authSvcClientItr = new AuthSvcInternalApiClientIterator(_authSvcEndPointLocator, _coordinator);
try {
if (authSvcClientItr.hasNext()) {
endpoint = authSvcClientItr.peek().toString();
_log.info("getUserDetails(): {}", endpoint);
final ClientResponse response = authSvcClientItr.get(URI.create(_URI_GET_USER_GROUPS + param));
final int status = response.getStatus();
_log.debug("Status: {}", status);
if (status == ClientResponse.Status.OK.getStatusCode()) {
return response.getEntity(UserDetails.class);
} else if (status == ClientResponse.Status.BAD_REQUEST.getStatusCode() || status == ClientResponse.Status.INTERNAL_SERVER_ERROR.getStatusCode()) {
ServiceErrorRestRep errorXml = response.getEntity(ServiceErrorRestRep.class);
error.append(errorXml.getDetailedMessage());
return null;
} else {
_log.warn("Unexpected response code {}.", status);
}
}
} catch (Exception e) {
_log.error("Exception while getting user groups. Details: " + e.getLocalizedMessage(), e);
}
}
throw SecurityException.retryables.requiredServiceUnvailable(ServiceLocatorInfo.AUTH_SVC.getServiceName());
}
use of com.emc.storageos.security.authentication.AuthSvcInternalApiClientIterator in project coprhd-controller by CoprHD.
the class CertificateVersionHelper method updateCertificateVersion.
public boolean updateCertificateVersion() {
int attempts = 0;
while (attempts < MAX_CONFIG_RETRIES) {
log.debug("Config attempt {}", ++attempts);
AuthSvcInternalApiClientIterator sysSvcClientItr = new AuthSvcInternalApiClientIterator(sysSvcEndPointLocator, coordinator);
if (sysSvcClientItr.hasNext()) {
final ClientResponse response = sysSvcClientItr.put(URI_INCREMENT_CERTIFICATE_VERSION, null);
final int status = response.getStatus();
if (status == ClientResponse.Status.OK.getStatusCode() || status == ClientResponse.Status.ACCEPTED.getStatusCode()) {
return true;
} else {
log.debug("Failed with status " + status + " to set certificate version.");
}
}
}
return false;
}
use of com.emc.storageos.security.authentication.AuthSvcInternalApiClientIterator in project coprhd-controller by CoprHD.
the class PasswordUtils method changePassword.
/**
* a wrapper to call change-password internal API or validate-change internal API in PasswordService
*
* bDryRun: if true, call validate-change internal API
* if false, call change-password internal API
*
* @param passwordChange
* @param bDryRun
* @return
*/
public Response changePassword(PasswordChangeParam passwordChange, boolean bDryRun) {
SysSvcEndPointLocator sysSvcEndPointLocator = new SysSvcEndPointLocator();
sysSvcEndPointLocator.setCoordinator(coordinator);
int attempts = 0;
ClientResponse response = null;
while (attempts < MAX_CONFIG_RETRIES) {
_log.debug("change password attempt {}", ++attempts);
AuthSvcInternalApiClientIterator sysSvcClientItr = new AuthSvcInternalApiClientIterator(sysSvcEndPointLocator, coordinator);
try {
if (sysSvcClientItr.hasNext()) {
if (bDryRun) {
_log.debug("change password dry run");
response = sysSvcClientItr.post(URI_VALIDATE_PASSWORD, passwordChange);
} else {
response = sysSvcClientItr.put(URI_CHANGE_PASSWORD, passwordChange);
}
_log.debug("change password response with status: " + response.getStatus());
break;
}
} catch (Exception exception) {
// log the exception and retry the request
_log.warn(exception.getMessage());
if (attempts == MAX_CONFIG_RETRIES - 1) {
throw exception;
}
}
}
Response.ResponseBuilder b = Response.status(response.getStatus());
if (!(response.getStatus() == ClientResponse.Status.NO_CONTENT.getStatusCode())) {
b.entity(response.getEntity(String.class));
}
return b.build();
}
Aggregations