Examples with Timestamp com.yahoo.rdl.Timestamp used on opensource projects

Search in sources :

Example 6 with Timestamp

use of com.yahoo.rdl.Timestamp in project athenz by yahoo.

the class SignPoliciesUtility method signPolicies.

static String signPolicies(String ztsPrivateKeyPath, String zmsPrivateKeyPath, String signedPolicyFile, String newPolicyFile) {
    String etag = null;
    try {
        Path path = Paths.get(ztsPrivateKeyPath);
        PrivateKey ztsPrivateKey = Crypto.loadPrivateKey(new String((Files.readAllBytes(path))));
        path = Paths.get(zmsPrivateKeyPath);
        PrivateKey zmsPrivateKey = Crypto.loadPrivateKey(new String((Files.readAllBytes(path))));
        path = Paths.get(signedPolicyFile);
        DomainSignedPolicyData domainSignedPolicyData = JSON.fromBytes(Files.readAllBytes(path), DomainSignedPolicyData.class);
        SignedPolicyData signedPolicyData = domainSignedPolicyData.getSignedPolicyData();
        PolicyData policyData = signedPolicyData.getPolicyData();
        signedPolicyData.setZmsSignature(Crypto.sign(SignUtils.asCanonicalString(policyData), zmsPrivateKey));
        signedPolicyData.setZmsKeyId("0");
        long curTime = System.currentTimeMillis();
        Timestamp modified = Timestamp.fromMillis(curTime);
        signedPolicyData.setModified(modified);
        Timestamp expires = Timestamp.fromMillis(curTime + (1000L * 60 * 60 * 24 * 7));
        signedPolicyData.setExpires(expires);
        String signature = Crypto.sign(SignUtils.asCanonicalString(signedPolicyData), ztsPrivateKey);
        domainSignedPolicyData.setSignature(signature).setKeyId("0");
        File file = new File(newPolicyFile);
        file.createNewFile();
        Files.write(file.toPath(), JSON.bytes(domainSignedPolicyData));
        etag = "\"" + modified.toString() + "\"";
    } catch (IOException e) {
        System.out.println("Exception: " + e.getMessage());
        System.exit(-1);
    }
    System.out.println("Signed " + newPolicyFile + " policy file");
    return etag;
}
Also used : Path(java.nio.file.Path) PrivateKey(java.security.PrivateKey) SignedPolicyData(com.yahoo.athenz.zts.SignedPolicyData) PolicyData(com.yahoo.athenz.zts.PolicyData) DomainSignedPolicyData(com.yahoo.athenz.zts.DomainSignedPolicyData) DomainSignedPolicyData(com.yahoo.athenz.zts.DomainSignedPolicyData) IOException(java.io.IOException) SignedPolicyData(com.yahoo.athenz.zts.SignedPolicyData) DomainSignedPolicyData(com.yahoo.athenz.zts.DomainSignedPolicyData) Timestamp(com.yahoo.rdl.Timestamp) File(java.io.File)

Example 7 with Timestamp

use of com.yahoo.rdl.Timestamp in project athenz by yahoo.

the class ZMSImpl method getSignedDomains.

public void getSignedDomains(ResourceContext ctx, String domainName, String metaOnly, String matchingTag, GetSignedDomainsResult result) {
    final String caller = "getsigneddomains";
    metric.increment(ZMSConsts.HTTP_GET);
    metric.increment(ZMSConsts.HTTP_REQUEST);
    metric.increment(caller);
    Object timerMetric = metric.startTiming("getsigneddomains_timing", null);
    logPrincipal(ctx);
    validateRequest(ctx.request(), caller);
    if (domainName != null) {
        domainName = domainName.toLowerCase();
    }
    boolean setMetaDataOnly = false;
    if (metaOnly != null) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("getSignedDomains: metaonly: " + metaOnly, caller);
        }
        setMetaDataOnly = Boolean.parseBoolean(metaOnly.trim());
    }
    long timestamp = getModTimestamp(matchingTag);
    // if this is one of our system principals then we're going to
    // to use the master copy instead of read-only slaves
    Principal principal = ((RsrcCtxWrapper) ctx).principal();
    boolean masterCopy = principal.getFullName().startsWith("sys.");
    // if we're given a specific domain then we don't need to
    // retrieve the list of modified domains
    List<SignedDomain> sdList = new ArrayList<SignedDomain>();
    Long youngestDomMod = -1L;
    if (domainName != null && !domainName.isEmpty()) {
        Domain domain = null;
        try {
            domain = dbService.getDomain(domainName, masterCopy);
        } catch (ResourceException ex) {
            if (ex.getCode() != ResourceException.NOT_FOUND) {
                throw ex;
            }
        }
        if (domain != null) {
            youngestDomMod = domain.getModified().millis();
            if (timestamp != 0 && youngestDomMod <= timestamp) {
                EntityTag eTag = new EntityTag(domain.getModified().toString());
                result.done(304, eTag.toString());
            }
            // generate our signed domain object
            SignedDomain signedDomain = retrieveSignedDomain(domainName, youngestDomMod, setMetaDataOnly);
            if (signedDomain != null) {
                sdList.add(signedDomain);
            }
        } else {
            youngestDomMod = System.currentTimeMillis();
        }
    } else {
        if (matchingTag == null) {
            EntityTag eTag = new EntityTag(Timestamp.fromMillis(0).toString());
            matchingTag = eTag.toString();
        }
        DomainModifiedList dmlist = dbService.listModifiedDomains(timestamp);
        List<DomainModified> modlist = dmlist.getNameModList();
        if (modlist == null || modlist.size() == 0) {
            result.done(304, matchingTag);
        }
        for (DomainModified dmod : modlist) {
            Long domModMillis = dmod.getModified();
            if (domModMillis.compareTo(youngestDomMod) > 0) {
                youngestDomMod = domModMillis;
            }
            // generate our signed domain object
            SignedDomain signedDomain = retrieveSignedDomain(dmod.getName(), dmod.getModified(), setMetaDataOnly);
            if (signedDomain == null) {
                continue;
            }
            // we have a valid domain so we'll add it to our return list
            sdList.add(signedDomain);
        }
    }
    SignedDomains sdoms = new SignedDomains();
    sdoms.setDomains(sdList);
    Timestamp youngest = Timestamp.fromMillis(youngestDomMod);
    EntityTag eTag = new EntityTag(youngest.toString());
    metric.stopTiming(timerMetric);
    result.done(200, sdoms, eTag.toString());
}
Also used : ArrayList(java.util.ArrayList) Timestamp(com.yahoo.rdl.Timestamp) EntityTag(javax.ws.rs.core.EntityTag) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal)

Example 8 with Timestamp

use of com.yahoo.rdl.Timestamp in project athenz by yahoo.

the class DBService method getMembership.

Membership getMembership(String domainName, String roleName, String principal) {
    try (ObjectStoreConnection con = store.getConnection(true, false)) {
        Membership membership = con.getRoleMember(domainName, roleName, principal);
        Timestamp expiration = membership.getExpiration();
        if (expiration != null && expiration.millis() < System.currentTimeMillis()) {
            membership.setIsMember(false);
        }
        return membership;
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) Timestamp(com.yahoo.rdl.Timestamp)

Example 9 with Timestamp

use of com.yahoo.rdl.Timestamp in project athenz by yahoo.

the class ZMSImplTest method getRoles.

@DataProvider(name = "roles")
public static Object[][] getRoles() {
    final String memberName = "member1";
    final String memberNameToSearch = "notFound";
    final Timestamp expiredTimestamp = Timestamp.fromMillis(System.currentTimeMillis() - 10000);
    final Timestamp notExpiredTimestamp = Timestamp.fromMillis(System.currentTimeMillis() + 10000);
    return new Object[][] { // expired
    { memberName, memberName, expiredTimestamp, true, false }, // not expired
    { memberName, memberName, notExpiredTimestamp, true, true }, // not found
    { memberName, memberNameToSearch, notExpiredTimestamp, true, false }, // set not filled which means no members are defined
    { memberName, memberName, notExpiredTimestamp, false, false }, // null expiration
    { memberName, memberName, null, true, true } };
}
Also used : AthenzObject(com.yahoo.athenz.zms.ZMSImpl.AthenzObject) Timestamp(com.yahoo.rdl.Timestamp)

Example 10 with Timestamp

use of com.yahoo.rdl.Timestamp in project athenz by yahoo.

the class ZMSImplTest method testPutMembershipExpiration.

@Test
public void testPutMembershipExpiration() {
    String domainName = "testPutMembershipExpiration";
    TopLevelDomain dom1 = createTopLevelDomainObject(domainName, "Test Domain1", "testOrg", adminUser);
    zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom1);
    TopLevelDomain dom2 = createTopLevelDomainObject("coretech", "Test Domain2", "testOrg", adminUser);
    try {
        zms.postTopLevelDomain(mockDomRsrcCtx, auditRef, dom2);
    } catch (ResourceException ex) {
        assertTrue(ex.getMessage().contains("coretech - already exists"));
    }
    SubDomain subDom2 = createSubDomainObject("storage", "coretech", "Test Domain2", "testOrg", adminUser);
    zms.postSubDomain(mockDomRsrcCtx, "coretech", auditRef, subDom2);
    Role role1 = createRoleObject(domainName, "Role1", null, "user.joe", "user.jane");
    zms.putRole(mockDomRsrcCtx, domainName, "Role1", auditRef, role1);
    Timestamp expired = Timestamp.fromMillis(System.currentTimeMillis() - 100);
    Timestamp notExpired = Timestamp.fromMillis(System.currentTimeMillis() + TimeUnit.HOURS.toMillis(1));
    Membership mbr = generateMembership("Role1", "user.doe", expired);
    zms.putMembership(mockDomRsrcCtx, domainName, "Role1", "user.doe", auditRef, mbr);
    Membership expiredMember = zms.getMembership(mockDomRsrcCtx, domainName, "Role1", "user.doe");
    mbr = generateMembership("Role1", "coretech.storage", notExpired);
    zms.putMembership(mockDomRsrcCtx, domainName, "Role1", "coretech.storage", auditRef, mbr);
    Membership notExpiredMember = zms.getMembership(mockDomRsrcCtx, domainName, "Role1", "coretech.storage");
    Role role = zms.getRole(mockDomRsrcCtx, domainName, "Role1", false, false);
    assertNotNull(role);
    List<RoleMember> members = role.getRoleMembers();
    assertNotNull(members);
    assertEquals(members.size(), 4);
    List<String> checkList = new ArrayList<String>();
    checkList.add("user.joe");
    checkList.add("user.jane");
    checkList.add("user.doe");
    checkList.add("coretech.storage");
    checkRoleMember(checkList, role.getRoleMembers());
    for (RoleMember roleMember : members) {
        if (roleMember.getMemberName().equalsIgnoreCase("user.doe")) {
            Timestamp actual = roleMember.getExpiration();
            assertNotNull(actual);
            assertEquals(actual, expired);
        }
        if (roleMember.getMemberName().equalsIgnoreCase("coretech.storage")) {
            Timestamp actual = roleMember.getExpiration();
            assertNotNull(actual);
            assertEquals(actual, notExpired);
        }
    }
    assertFalse(expiredMember.getIsMember());
    assertTrue(notExpiredMember.getIsMember());
    zms.deleteSubDomain(mockDomRsrcCtx, "coretech", "storage", auditRef);
    zms.deleteTopLevelDomain(mockDomRsrcCtx, "coretech", auditRef);
    zms.deleteTopLevelDomain(mockDomRsrcCtx, domainName, auditRef);
}
Also used : ArrayList(java.util.ArrayList) Timestamp(com.yahoo.rdl.Timestamp)

Aggregations

Timestamp (com.yahoo.rdl.Timestamp)13 DomainSignedPolicyData (com.yahoo.athenz.zts.DomainSignedPolicyData)4 PolicyData (com.yahoo.athenz.zts.PolicyData)3 SignedPolicyData (com.yahoo.athenz.zts.SignedPolicyData)3 ArrayList (java.util.ArrayList)3 Principal (com.yahoo.athenz.auth.Principal)2 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)2 File (java.io.File)2 IOException (java.io.IOException)2 PrivateKey (java.security.PrivateKey)2 EntityTag (javax.ws.rs.core.EntityTag)2 Test (org.testng.annotations.Test)2 DomainData (com.yahoo.athenz.zms.DomainData)1 RoleMember (com.yahoo.athenz.zms.RoleMember)1 AthenzObject (com.yahoo.athenz.zms.ZMSImpl.AthenzObject)1 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)1 ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)1 JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)1 Assertion (com.yahoo.athenz.zts.Assertion)1 Policy (com.yahoo.athenz.zts.Policy)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial