Examples with KeytabCache - com.sequenceiq.freeipa.entity.KeytabCache

Example 1 with KeytabCache

use of com.sequenceiq.freeipa.entity.KeytabCache in project cloudbreak by hortonworks.

the class ServiceKeytabService method getExistingServiceKeytab.

public ServiceKeytabResponse getExistingServiceKeytab(ServiceKeytabRequest request, String accountId) throws FreeIpaClientException {
    LOGGER.debug("Request to get service keytab for account {}: {}", accountId, request);
    validateRoleRequestNotPresent(request);
    Stack freeIpaStack = keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), accountId);
    String realm = keytabCommonService.getRealm(freeIpaStack);
    String servicePrincipal = keytabCommonService.constructPrincipal(request.getServiceName(), request.getServerHostName(), realm);
    Optional<KeytabCache> keytabCacheOptional = keytabCacheService.findByEnvironmentCrnAndPrincipal(request.getEnvironmentCrn(), servicePrincipal);
    if (keytabCacheOptional.isPresent()) {
        LOGGER.debug("Keytab is found in cache, using it");
        return createServiceKeytabResponse(keytabCacheOptional.get());
    } else {
        LOGGER.debug("Keytab is not found in cache.");
        FreeIpaClient ipaClient = freeIpaClientFactory.getFreeIpaClientForStack(freeIpaStack);
        KeytabCache serviceKeytab = keytabCommonService.getExistingKeytab(request.getEnvironmentCrn(), servicePrincipal, request.getServerHostName(), ipaClient);
        return createServiceKeytabResponse(serviceKeytab);
    }
}

Also used : KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Stack(com.sequenceiq.freeipa.entity.Stack)

Example 2 with KeytabCache

use of com.sequenceiq.freeipa.entity.KeytabCache in project cloudbreak by hortonworks.

the class HostKeytabService method generateHostKeytab.

public HostKeytabResponse generateHostKeytab(HostKeytabRequest request, String accountId) throws FreeIpaClientException {
    LOGGER.debug("Request to generate host keytab: {}", request);
    Stack freeIpaStack = keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), accountId);
    FreeIpaClient ipaClient = freeIpaClientFactory.getFreeIpaClientForStack(freeIpaStack);
    if (!roleComponent.privilegesExist(request.getRoleRequest(), ipaClient)) {
        throw new BadRequestException(PRIVILEGE_DOES_NOT_EXIST);
    } else {
        Host host = keytabCommonService.addHost(request.getServerHostName(), request.getRoleRequest(), ipaClient);
        KeytabCache hostKeytab = fetchKeytab(request, ipaClient, host);
        return createHostKeytabResponse(hostKeytab);
    }
}

Also used : KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) BadRequestException(com.sequenceiq.cloudbreak.common.exception.BadRequestException) Host(com.sequenceiq.freeipa.client.model.Host) Stack(com.sequenceiq.freeipa.entity.Stack)

Example 3 with KeytabCache

use of com.sequenceiq.freeipa.entity.KeytabCache in project cloudbreak by hortonworks.

the class HostKeytabService method getExistingHostKeytab.

public HostKeytabResponse getExistingHostKeytab(HostKeytabRequest request, String accountId) throws FreeIpaClientException {
    LOGGER.debug("Request to get host keytab for account {}: {}", accountId, request);
    if (request.getRoleRequest() != null) {
        throw new BadRequestException(ROLE_NOT_ALLOWED);
    } else {
        Stack freeIpaStack = keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), accountId);
        FreeIpaClient ipaClient = freeIpaClientFactory.getFreeIpaClientForStack(freeIpaStack);
        String hostPrincipal = ipaClient.showHost(request.getServerHostName()).getKrbprincipalname();
        KeytabCache hostKeytab = keytabCommonService.getExistingKeytab(request.getEnvironmentCrn(), hostPrincipal, request.getServerHostName(), ipaClient);
        return createHostKeytabResponse(hostKeytab);
    }
}

Example 4 with KeytabCache

use of com.sequenceiq.freeipa.entity.KeytabCache in project cloudbreak by hortonworks.

the class KeytabCacheServiceTest method testSaveOrUpdateCachedDifferent.

@Test
public void testSaveOrUpdateCachedDifferent() {
    KeytabCache keytabCache = new KeytabCache();
    keytabCache.setKeytab("oldone");
    when(keytabCacheRepository.findByEnvironmentCrnAndPrincipalHash(ENVIRONMENT_CRN, PRINCIPAL_HASH)).thenReturn(Optional.of(keytabCache));
    when(keytabCacheRepository.save(keytabCache)).thenAnswer(invocation -> invocation.getArgument(0, KeytabCache.class));
    KeytabCache result = underTest.saveOrUpdate(ENVIRONMENT_CRN, KEYTAB_PRINCIPAL, HOSTNAME, KEYTAB);
    assertEquals(KEYTAB, result.getKeytab().getRaw());
}

Also used : KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache) Test(org.junit.jupiter.api.Test)

Example 5 with KeytabCache

use of com.sequenceiq.freeipa.entity.KeytabCache in project cloudbreak by hortonworks.

the class KeytabCacheServiceTest method testSaveOrUpdateCachedSame.

@Test
public void testSaveOrUpdateCachedSame() {
    KeytabCache keytabCache = new KeytabCache();
    keytabCache.setKeytab(KEYTAB);
    when(keytabCacheRepository.findByEnvironmentCrnAndPrincipalHash(ENVIRONMENT_CRN, PRINCIPAL_HASH)).thenReturn(Optional.of(keytabCache));
    KeytabCache result = underTest.saveOrUpdate(ENVIRONMENT_CRN, KEYTAB_PRINCIPAL, HOSTNAME, KEYTAB);
    assertEquals(keytabCache, result);
    verify(keytabCacheRepository, times(0)).save(any(KeytabCache.class));
}

Also used : KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache) Test(org.junit.jupiter.api.Test)

Aggregations

KeytabCache (com.sequenceiq.freeipa.entity.KeytabCache)18 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)11 Test (org.junit.jupiter.api.Test)11 Stack (com.sequenceiq.freeipa.entity.Stack)8 Host (com.sequenceiq.freeipa.client.model.Host)5 Secret (com.sequenceiq.cloudbreak.service.secret.domain.Secret)4 SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)4 HostKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)4 HostKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)4 RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)3 Keytab (com.sequenceiq.freeipa.client.model.Keytab)3 BadRequestException (com.sequenceiq.cloudbreak.common.exception.BadRequestException)2 KeytabCreationException (com.sequenceiq.freeipa.kerberosmgmt.exception.KeytabCreationException)2 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)1 RetryableFreeIpaClientException (com.sequenceiq.freeipa.client.RetryableFreeIpaClientException)1