Example 6 with LocalizableValidationException
use of com.vmware.xenon.common.LocalizableValidationException in project photon-model by vmware.
the class EncryptorServiceTest method testWrongFile.
@Test
public void testWrongFile() throws IOException {
// it doesn't exist!
File keyFile = new File("wrong");
try {
new EncryptorService(keyFile);
fail("It shouldn't get here");
} catch (LocalizableValidationException e) {
assertTrue(e.getMessage().equalsIgnoreCase("Invalid encryption key file!"));
}
}
Also used :
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
File(java.io.File)
Test(org.junit.Test)
Example 7 with LocalizableValidationException
use of com.vmware.xenon.common.LocalizableValidationException in project photon-model by vmware.
the class EncryptionUtils method getEncryptionFile.
private static File getEncryptionFile() {
String param = System.getProperty(ENCRYPTION_KEY);
if (param == null) {
return null;
}
File encryptionKeyFile = new File(param);
if (!encryptionKeyFile.exists()) {
if (Boolean.getBoolean(INIT_KEY_IF_MISSING)) {
try {
Files.write(encryptionKeyFile.toPath(), EncryptorService.generateKey());
} catch (Exception e) {
throw new LocalizableValidationException(e, "Error initializing the encryption key file '" + param + "'!", "common.encryption.file.init", param);
}
} else {
throw new LocalizableValidationException("File '" + param + "' does not exist!", "common.encryption.file.missing", param);
}
}
return encryptionKeyFile;
}
Also used :
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
File(java.io.File)
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
Example 8 with LocalizableValidationException
use of com.vmware.xenon.common.LocalizableValidationException in project photon-model by vmware.
the class AWSEndpointAdapterService method validateCredentialsWithRegions.
/**
* Method to validate credentials until atleast one region returns success. Validation fails if
* unable to validate in any region.
*/
private void validateCredentialsWithRegions(AuthCredentialsServiceState credentials, AtomicInteger index, Regions[] regions, DeferredResult<Void> deferredResult) {
if (index.get() >= regions.length) {
// Unable to validate in any of the Regions.
deferredResult.fail(new LocalizableValidationException(UNABLE_TO_VALIDATE_CREDENTIALS_IN_ANY_AWS_REGION, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE));
return;
}
String region = regions[index.get()].getName();
getEc2AsyncClient(credentials, region, this.clientManager.getExecutor()).thenCompose(this::validateCredentials).whenComplete((res, e) -> {
if (e == null) {
// Validation succeeded in the region
deferredResult.complete((Void) null);
return;
}
if (!(e.getCause() instanceof LocalizableValidationException)) {
deferredResult.fail(new LocalizableValidationException(e, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE));
return;
}
index.getAndIncrement();
validateCredentialsWithRegions(credentials, index, regions, deferredResult);
});
}
Also used :
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
Example 9 with LocalizableValidationException
use of com.vmware.xenon.common.LocalizableValidationException in project photon-model by vmware.
the class AzureEndpointAdapterService method validate.
private BiConsumer<AuthCredentialsServiceState, BiConsumer<ServiceErrorResponse, Throwable>> validate(EndpointConfigRequest body) {
return (credentials, callback) -> {
try {
Boolean shouldProvision = Boolean.parseBoolean(body.endpointProperties.get(AZURE_PROVISIONING_PERMISSION));
validateEndpointUniqueness(credentials, body.checkForEndpointUniqueness, body.tenantLinks).thenCompose(aVoid -> validateCredentials(credentials)).thenCompose(subscription -> getPermissions(credentials)).thenCompose(permList -> verifyPermissions(permList, shouldProvision)).whenComplete((aVoid, e) -> {
if (e == null) {
callback.accept(null, null);
return;
}
if (e instanceof CompletionException) {
e = e.getCause();
}
final LocalizableValidationException localizableExc;
if (e instanceof LocalizableValidationException) {
localizableExc = (LocalizableValidationException) e;
} else {
// Azure doesn't send us any meaningful status code to work with
localizableExc = new LocalizableValidationException(e, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE);
}
ServiceErrorResponse rsp = Utils.toServiceErrorResponse(localizableExc);
rsp.statusCode = STATUS_CODE_UNAUTHORIZED;
callback.accept(rsp, localizableExc);
});
} catch (Throwable e) {
logSevere(e);
ServiceErrorResponse rsp = new ServiceErrorResponse();
rsp.message = "Invalid Azure credentials";
rsp.statusCode = STATUS_CODE_UNAUTHORIZED;
callback.accept(rsp, e);
}
};
}
Also used :
AuthCredentialsServiceState(com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState)
QUERY_PARAM_API_VERSION(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.QUERY_PARAM_API_VERSION)
QueryTask(com.vmware.xenon.services.common.QueryTask)
PROVIDER_PERMISSIONS_URI(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.PROVIDER_PERMISSIONS_URI)
AzureUriPaths(com.vmware.photon.controller.model.adapters.azure.AzureUriPaths)
SubscriptionInner(com.microsoft.azure.management.resources.implementation.SubscriptionInner)
ComputeType(com.vmware.photon.controller.model.resources.ComputeDescriptionService.ComputeDescription.ComputeType)
AzureSdkClients(com.vmware.photon.controller.model.adapters.azure.utils.AzureSdkClients)
Utils(com.vmware.xenon.common.Utils)
EndpointService(com.vmware.photon.controller.model.resources.EndpointService)
PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE(com.vmware.photon.controller.model.adapters.util.AdapterConstants.PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE)
URI(java.net.URI)
Permission(com.vmware.photon.controller.model.adapters.azure.model.permission.Permission)
ComputeDescription(com.vmware.photon.controller.model.resources.ComputeDescriptionService.ComputeDescription)
StatelessService(com.vmware.xenon.common.StatelessService)
AUTHORIZATION_NAMESPACE(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.AUTHORIZATION_NAMESPACE)
PROVIDER_REST_API_VERSION(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.PROVIDER_REST_API_VERSION)
CompletionException(java.util.concurrent.CompletionException)
PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE(com.vmware.photon.controller.model.adapters.util.AdapterConstants.PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE)
List(java.util.List)
RequestType(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.RequestType)
AzureUtils(com.vmware.photon.controller.model.adapters.azure.utils.AzureUtils)
DeferredResult(com.vmware.xenon.common.DeferredResult)
UriUtils(com.vmware.xenon.common.UriUtils)
STATUS_CODE_UNAUTHORIZED(com.vmware.xenon.common.Operation.STATUS_CODE_UNAUTHORIZED)
Optional(java.util.Optional)
AzureUtils.getAzureConfig(com.vmware.photon.controller.model.adapters.azure.utils.AzureUtils.getAzureConfig)
Builder(com.vmware.xenon.services.common.QueryTask.Query.Builder)
PermissionList(com.vmware.photon.controller.model.adapters.azure.model.permission.PermissionList)
PRIVATE_KEY_KEY(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.PRIVATE_KEY_KEY)
SubscriptionState(com.microsoft.azure.management.resources.SubscriptionState)
USER_LINK_KEY(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.USER_LINK_KEY)
HashMap(java.util.HashMap)
PRIVATE_KEYID_KEY(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.PRIVATE_KEYID_KEY)
SubscriptionClientImpl(com.microsoft.azure.management.resources.implementation.SubscriptionClientImpl)
ArrayList(java.util.ArrayList)
ZONE_KEY(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.ZONE_KEY)
EndpointConfigRequest(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest)
Query(com.vmware.xenon.services.common.QueryTask.Query)
AUTH_HEADER_BEARER_PREFIX(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.AUTH_HEADER_BEARER_PREFIX)
ComputeState(com.vmware.photon.controller.model.resources.ComputeService.ComputeState)
BiConsumer(java.util.function.BiConsumer)
Retriever(com.vmware.photon.controller.model.adapters.util.EndpointAdapterUtils.Retriever)
EndpointType(com.vmware.photon.controller.model.constants.PhotonModelConstants.EndpointType)
ServiceErrorResponse(com.vmware.xenon.common.ServiceErrorResponse)
EndpointAdapterUtils(com.vmware.photon.controller.model.adapters.util.EndpointAdapterUtils)
AZURE_TENANT_ID(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.AZURE_TENANT_ID)
SUPPORT_DATASTORES(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.SUPPORT_DATASTORES)
AZURE_PROVISIONING_PERMISSION(com.vmware.photon.controller.model.adapters.azure.constants.AzureConstants.AZURE_PROVISIONING_PERMISSION)
AdapterUriUtil(com.vmware.photon.controller.model.adapters.util.AdapterUriUtil)
Operation(com.vmware.xenon.common.Operation)
QueryUtils(com.vmware.photon.controller.model.query.QueryUtils)
IOException(java.io.IOException)
AzureDeferredResultServiceCallback(com.vmware.photon.controller.model.adapters.azure.utils.AzureDeferredResultServiceCallback)
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
PhotonModelConstants(com.vmware.photon.controller.model.constants.PhotonModelConstants)
REGION_KEY(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.REGION_KEY)
SUPPORT_PUBLIC_IMAGES(com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.SUPPORT_PUBLIC_IMAGES)
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
CompletionException(java.util.concurrent.CompletionException)
ServiceErrorResponse(com.vmware.xenon.common.ServiceErrorResponse)
Example 10 with LocalizableValidationException
use of com.vmware.xenon.common.LocalizableValidationException in project photon-model by vmware.
the class CertificateUtil method validateCertificateChain.
public static void validateCertificateChain(X509Certificate[] certificateChain) throws Exception {
List<X509Certificate> certificates = Arrays.asList(certificateChain);
for (X509Certificate certificate : certificates) {
checkIfCertificateExistsMoreThanOneTimeInChain(certificates, certificate);
}
Iterator<X509Certificate> it = certificates.iterator();
X509Certificate current = it.next();
current.checkValidity();
while (it.hasNext()) {
X509Certificate next = it.next();
next.checkValidity();
try {
current.verify(next.getPublicKey());
} catch (InvalidKeyException | CertificateException | NoSuchAlgorithmException | NoSuchProviderException e) {
throw new IllegalArgumentException(e);
} catch (SignatureException e) {
throw new LocalizableValidationException("Certificate chain is not valid.", "security.certificate.invalid");
}
current = next;
}
}
Also used :
LocalizableValidationException(com.vmware.xenon.common.LocalizableValidationException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SignatureException(java.security.SignatureException)
InvalidKeyException(java.security.InvalidKeyException)
NoSuchProviderException(java.security.NoSuchProviderException)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
LocalizableValidationException (com.vmware.xenon.common.LocalizableValidationException)11
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
IOException (java.io.IOException)3
File (java.io.File)2
BufferedBlockCipher (org.bouncycastle.crypto.BufferedBlockCipher)2
PaddedBufferedBlockCipher (org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher)2
Test (org.junit.Test)2
AmazonServiceException (com.amazonaws.AmazonServiceException)1
DescribeAvailabilityZonesRequest (com.amazonaws.services.ec2.model.DescribeAvailabilityZonesRequest)1
DescribeAvailabilityZonesResult (com.amazonaws.services.ec2.model.DescribeAvailabilityZonesResult)1
SubscriptionState (com.microsoft.azure.management.resources.SubscriptionState)1
SubscriptionClientImpl (com.microsoft.azure.management.resources.implementation.SubscriptionClientImpl)1
SubscriptionInner (com.microsoft.azure.management.resources.implementation.SubscriptionInner)1
EndpointConfigRequest (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest)1
PRIVATE_KEYID_KEY (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.PRIVATE_KEYID_KEY)1
PRIVATE_KEY_KEY (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.PRIVATE_KEY_KEY)1
REGION_KEY (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.REGION_KEY)1
RequestType (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.RequestType)1
SUPPORT_DATASTORES (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.SUPPORT_DATASTORES)1
SUPPORT_PUBLIC_IMAGES (com.vmware.photon.controller.model.adapterapi.EndpointConfigRequest.SUPPORT_PUBLIC_IMAGES)1
