Search in sources :

Example 1 with RpcException

use of cz.metacentrum.perun.core.api.exceptions.RpcException in project perun by CESNET.

the class OIDC method process.

public Object process(PerunSession sess, String method, Deserializer params) throws InternalErrorException, WrongAttributeAssignmentException, UserNotExistsException, PrivilegeException {
    if (USERINFO_METHOD.equals(method)) {
        User user = sess.getPerunPrincipal().getUser();
        Map<String, String> properties = BeansUtils.getAllPropertiesFromCustomConfiguration(CONFIG_FILE);
        if (sess.getPerunClient().getScopes().contains(PerunClient.SCOPE_ALL)) {
            return getUserinfo(sess, user, properties.keySet(), properties);
        } else {
            return getUserinfo(sess, user, sess.getPerunClient().getScopes(), properties);
        }
    } else if (USERINFO_FOR_USER_METHOD.equals(method)) {
        User user = sess.getPerun().getUsersManager().getUserById(sess, params.readInt("user"));
        Map<String, String> properties = BeansUtils.getAllPropertiesFromCustomConfiguration(CONFIG_FILE);
        if (sess.getPerunClient().getScopes().contains(PerunClient.SCOPE_ALL)) {
            return getUserinfo(sess, user, properties.keySet(), properties);
        } else {
            return getUserinfo(sess, user, sess.getPerunClient().getScopes(), properties);
        }
    } else {
        throw new RpcException(RpcException.Type.UNKNOWN_METHOD, "No method " + method + " was found. Try /" + USERINFO_METHOD + " instead.");
    }
}
Also used : User(cz.metacentrum.perun.core.api.User) RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException) Map(java.util.Map)

Example 2 with RpcException

use of cz.metacentrum.perun.core.api.exceptions.RpcException in project perun by CESNET.

the class RpcCallerImpl method call.

public Deserializer call(String managerName, String methodName, Map<String, Object> params) throws PerunException {
    // Get the connection
    HttpURLConnection conn = this.getHttpURLConnection(managerName, methodName);
    log.debug("Calling RPC method {}.{}, using connection {}", new Object[] { managerName, methodName, conn });
    if (params == null) {
        params = new HashMap<String, Object>();
    }
    // Setup delegated identity
    params.put("delegatedLogin", perunPrincipal.getActor());
    params.put("delegatedExtSourceName", perunPrincipal.getExtSourceName());
    params.put("delegatedExtSourceType", perunPrincipal.getExtSourceType());
    // Send the parameters to the RPC server
    try {
        this.sendParametersToRpcServer(conn.getOutputStream(), params);
    } catch (IOException e) {
        this.processIOException(conn, e);
    }
    // If Perun's RPC is temporarily unavailable, and Apache respond in HTML instead of JSON
    try {
        int responseCode = conn.getResponseCode();
        if (responseCode != HttpURLConnection.HTTP_OK) {
            throw new RpcException(RpcException.Type.PERUN_RPC_SERVER_ERROR_HTTP_CODE, "Perun server on URL: " + perunUrl + " returned HTTP code: " + responseCode);
        }
    } catch (IOException ex) {
        this.processIOException(conn, ex);
    }
    // Get the answer from the server
    InputStream rpcServerAnswer = null;
    try {
        rpcServerAnswer = conn.getInputStream();
    } catch (IOException e) {
        try {
            this.processIOException(conn, e);
        } catch (RpcException e1) {
            this.processRpcServerException(conn.getErrorStream());
        }
    }
    // Initialize deserializer with the data received from the RPC server
    JsonDeserializer des = null;
    try {
        des = new JsonDeserializer(rpcServerAnswer);
    } catch (IOException e) {
        this.processIOException(conn, e);
    }
    return des;
}
Also used : HttpURLConnection(java.net.HttpURLConnection) RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException)

Example 3 with RpcException

use of cz.metacentrum.perun.core.api.exceptions.RpcException in project perun by CESNET.

the class Api method serve.

private void serve(HttpServletRequest req, HttpServletResponse resp, boolean isGet, boolean isPut) throws IOException {
    Serializer ser = null;
    String manager = "N/A";
    String method = "N/A";
    boolean isJsonp = false;
    PerunRequest perunRequest = null;
    ApiCaller caller;
    String callbackName = req.getParameter("callback");
    long timeStart = System.currentTimeMillis();
    caller = (ApiCaller) req.getSession(true).getAttribute(APICALLER);
    OutputStream out = resp.getOutputStream();
    // init pending request in HTTP session
    if (req.getSession().getAttribute(PERUNREQUESTS) == null) {
        req.getSession().setAttribute(PERUNREQUESTS, new ConcurrentSkipListMap<String, PerunRequest>());
    }
    // store pending requests locally, because accessing it from session object after response is written would cause IllegalStateException
    ConcurrentSkipListMap<String, PerunRequest> pendingRequests = ((ConcurrentSkipListMap<String, PerunRequest>) req.getSession().getAttribute(PERUNREQUESTS));
    // Check if it is request for list of pending operations.
    if (req.getPathInfo().equals("/jsonp/" + PERUNREQUESTSURL)) {
        // name used to identify pending request
        String callbackId = req.getParameter("callbackId");
        JsonSerializerJSONP serializer = new JsonSerializerJSONP(out, req, resp);
        resp.setContentType(serializer.getContentType());
        try {
            // Create a copy of the PERUNREQUESTS and then pass it to the serializer
            if (callbackId != null) {
                // return single entry
                serializer.write(pendingRequests.get(callbackId));
            } else {
                // return all pending requests
                serializer.write(Arrays.asList(pendingRequests.values().toArray()));
            }
        } catch (RpcException e) {
            serializer.writePerunException(e);
        }
        out.close();
        return;
    }
    //prepare result object
    Object result = null;
    try {
        //[0] format, [1] class, [2] method
        String[] fcm;
        try {
            if (req.getPathInfo() == null) {
                throw new RpcException(RpcException.Type.NO_PATHINFO);
            }
            fcm = req.getPathInfo().substring(1).split("/", 3);
            if (fcm.length != 3 || fcm[2].isEmpty()) {
                throw new RpcException(RpcException.Type.INVALID_URL, req.getPathInfo());
            }
            manager = fcm[1];
            method = fcm[2];
            ser = selectSerializer(fcm[0], out, req, resp);
            // is the output JSONP?
            if ("jsonp".equalsIgnoreCase(fcm[0])) {
                isJsonp = true;
            }
            resp.setContentType(ser.getContentType());
        } catch (RpcException rex) {
            //selects the default serializer (json) before throwing the exception
            ser = new JsonSerializer(out);
            resp.setContentType(ser.getContentType());
            throw rex;
        }
        // Initialize deserializer
        Deserializer des;
        if (isGet) {
            des = new UrlDeserializer(req);
        } else {
            des = selectDeserializer(fcm[0], req);
        }
        // We have new request, so do the whole auth/authz stuff
        if (caller == null) {
            caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
            // Store the current session
            req.getSession(true).setAttribute(APICALLER, caller);
        } else if (!Objects.equals(caller.getSession().getPerunPrincipal().getExtSourceName(), this.getExtSourceName(req, des))) {
            // If the user is coming from the URL protected by different authN mechanism, destroy and create session again
            caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
            req.getSession(true).setAttribute(APICALLER, caller);
        } else if (!Objects.equals(caller.getSession().getPerunPrincipal().getActor(), this.getActor(req, des)) && !caller.getSession().getPerunPrincipal().getExtSourceName().equals(ExtSourcesManager.EXTSOURCE_NAME_LOCAL)) {
            // prevent cookie stealing (if remote user changed, rebuild session)
            caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
            req.getSession(true).setAttribute(APICALLER, caller);
        }
        // Does user want to logout from perun?
        if ("utils".equals(manager) && "logout".equals(method)) {
            if (req.getSession(false) != null) {
                req.getSession().removeAttribute(APICALLER);
                // deletes the cookies
                Cookie[] cookies = req.getCookies();
                if (cookies != null) {
                    final String SHIBBOLETH_COOKIE_FORMAT = "^_shib.+$";
                    for (int i = 0; i < cookies.length; i++) {
                        Cookie c = cookies[i];
                        // if shibboleth cookie
                        if (c.getName().matches(SHIBBOLETH_COOKIE_FORMAT)) {
                            // remove it
                            c.setValue("0");
                            c.setMaxAge(0);
                            // add updated cookie to the response
                            resp.addCookie(c);
                        }
                    }
                }
                // Invalidate session
                req.getSession().invalidate();
            }
            ser.write(new String("Logout"));
            // closes the request
            out.close();
            return;
        } else if ("utils".equals(manager) && "getGuiConfiguration".equals(method)) {
            ser.write(BeansUtils.getAllPropertiesFromCustomConfiguration("perun-web-gui.properties"));
            // closes the request
            out.close();
            return;
        } else if ("utils".equals(manager) && PERUNSTATUS.equals(method)) {
            Date date = new Date();
            Timestamp timestamp = new Timestamp(date.getTime());
            Map<String, Integer> auditerConsumers;
            auditerConsumers = (Map<String, Integer>) caller.call("auditMessagesManager", "getAllAuditerConsumers", des);
            List<String> perunStatus = new ArrayList<>();
            perunStatus.add("Version of PerunDB: " + caller.call("databaseManager", "getCurrentDatabaseVersion", des));
            perunStatus.add("Version of Servlet: " + getServletContext().getServerInfo());
            perunStatus.add("Version of DB-driver: " + caller.call("databaseManager", "getDatabaseDriverInformation", des));
            perunStatus.add("Version of DB: " + caller.call("databaseManager", "getDatabaseInformation", des));
            perunStatus.add("Version of Java platform: " + System.getProperty("java.version"));
            for (String consumerName : auditerConsumers.keySet()) {
                Integer lastProcessedId = auditerConsumers.get(consumerName);
                perunStatus.add("AuditerConsumer: '" + consumerName + "' with last processed id='" + lastProcessedId + "'");
            }
            perunStatus.add("LastMessageId: " + caller.call("auditMessagesManager", "getLastMessageId", des));
            perunStatus.add("Timestamp: " + timestamp);
            ser.write(perunStatus);
            out.close();
            return;
        } else if ("utils".equals(manager) && PERUNSTATISTICS.equals(method)) {
            Date date = new Date();
            Timestamp timestamp = new Timestamp(date.getTime());
            List<String> perunStatistics = new ArrayList<>();
            perunStatistics.add("Timestamp: '" + timestamp + "'");
            perunStatistics.add("USERS: '" + caller.call("usersManager", "getUsersCount", des) + "'");
            perunStatistics.add("FACILITIES: '" + caller.call("facilitiesManager", "getFacilitiesCount", des) + "'");
            perunStatistics.add("DESTINATIONS: '" + caller.call("servicesManager", "getDestinationsCount", des) + "'");
            perunStatistics.add("VOS: '" + caller.call("vosManager", "getVosCount", des) + "'");
            perunStatistics.add("RESOURCES: '" + caller.call("resourcesManager", "getResourcesCount", des) + "'");
            perunStatistics.add("GROUPS: '" + caller.call("groupsManager", "getGroupsCount", des) + "'");
            perunStatistics.add("AUDITMESSAGES: '" + caller.call("auditMessagesManager", "getAuditerMessagesCount", des) + "'");
            ser.write(perunStatistics);
            out.close();
            return;
        }
        // In case of GET requests (read ones) set changing state to false
        caller.setStateChanging(!isGet);
        // Store identification of the request only if supported by app (it passed unique callbackName)
        if (callbackName != null) {
            perunRequest = new PerunRequest(caller.getSession().getPerunPrincipal(), callbackName, manager, method, des.readAll());
            // Add perunRequest into the queue of the requests for POST only
            if (!isGet && !isPut) {
                pendingRequests.put(callbackName, perunRequest);
            }
        }
        /* Security check. Currently only OIDC manager can handle scopes from untrustful (OAuth2) clients
				or client has to have allowed scope ALL. */
        if (!caller.getSession().getPerunClient().getType().equals(PerunClient.Type.INTERNAL)) {
            if (!OIDCMANAGER.equals(manager) && !caller.getSession().getPerunClient().getScopes().contains(PerunClient.SCOPE_ALL)) {
                throw new PrivilegeException("Your client " + caller.getSession().getPerunClient().getId() + " is not allowed to call manager " + manager + ". Try " + OIDCMANAGER + " instead.");
            }
        }
        // Process request and sent the response back
        if (VOOTMANAGER.equals(manager)) {
            // Process VOOT protocol
            result = caller.getVOOTManager().process(caller.getSession(), method, des.readAll());
            if (perunRequest != null)
                perunRequest.setResult(result);
            ser.write(result);
        } else if (OIDCMANAGER.equals(manager)) {
            // OIDC
            result = caller.getOIDCManager().process(caller.getSession(), method, des);
            if (perunRequest != null)
                perunRequest.setResult(result);
            ser.write(result);
        } else {
            //Save only exceptions from caller to result
            try {
                result = caller.call(manager, method, des);
                if (perunRequest != null)
                    perunRequest.setResult(result);
            } catch (Exception ex) {
                result = ex;
                throw ex;
            }
            ser.write(result);
        }
    } catch (PerunException pex) {
        // If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
        if (!isJsonp) {
            resp.setStatus(400);
        }
        ser.writePerunException(pex);
    } catch (PerunRuntimeException prex) {
        // If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
        if (!isJsonp) {
            resp.setStatus(400);
        }
        ser.writePerunRuntimeException(prex);
    } catch (IOException ioex) {
        //IOException gets logged and is rethrown
        new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ioex);
        throw ioex;
    } catch (Exception ex) {
        // If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
        if (!isJsonp) {
            resp.setStatus(500);
        }
        ser.writePerunException(new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ex));
    } finally {
        if (!isGet && !isPut && perunRequest != null) {
            //save result of this perunRequest
            perunRequest.setEndTime(System.currentTimeMillis());
            if (result instanceof Exception)
                perunRequest.setResult(result);
            perunRequest.setEndTime(System.currentTimeMillis());
        }
        //Check all resolved requests and remove them if they are old than timeToLiveWhenDone
        Iterator<String> iterator = pendingRequests.keySet().iterator();
        while (iterator.hasNext()) {
            String key = iterator.next();
            PerunRequest value = pendingRequests.get(key);
            if (value != null) {
                if (value.getEndTime() < 0)
                    continue;
                if (System.currentTimeMillis() - value.getEndTime() > timeToLiveWhenDone) {
                    pendingRequests.remove(key);
                }
            }
        }
    }
    out.close();
    log.debug("Method {}.{} called by {} from {}, duration {} ms.", new Object[] { manager, method, caller.getSession().getPerunPrincipal().getActor(), caller.getSession().getPerunPrincipal().getExtSourceName(), (System.currentTimeMillis() - timeStart) });
}
Also used : OutputStream(java.io.OutputStream) JsonSerializer(cz.metacentrum.perun.rpc.serializer.JsonSerializer) Timestamp(java.sql.Timestamp) RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException) PerunRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException) PerunRequest(cz.metacentrum.perun.core.api.PerunRequest) JsonSerializer(cz.metacentrum.perun.rpc.serializer.JsonSerializer) Serializer(cz.metacentrum.perun.rpc.serializer.Serializer) Cookie(javax.servlet.http.Cookie) UrlDeserializer(cz.metacentrum.perun.rpc.deserializer.UrlDeserializer) PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException) IOException(java.io.IOException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException) CertificateParsingException(java.security.cert.CertificateParsingException) PerunRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException) IOException(java.io.IOException) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) UserNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserNotExistsException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) PerunException(cz.metacentrum.perun.core.api.exceptions.PerunException) JsonDeserializer(cz.metacentrum.perun.rpc.deserializer.JsonDeserializer) UrlDeserializer(cz.metacentrum.perun.rpc.deserializer.UrlDeserializer) Deserializer(cz.metacentrum.perun.rpc.deserializer.Deserializer) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) JsonSerializerJSONP(cz.metacentrum.perun.rpc.serializer.JsonSerializerJSONP)

Example 4 with RpcException

use of cz.metacentrum.perun.core.api.exceptions.RpcException in project perun by CESNET.

the class JsonDeserializer method readList.

@Override
public <T> List<T> readList(String name, Class<T> valueType) throws RpcException {
    JsonNode node;
    if (name == null) {
        // The object is not under root, but directly in the response
        node = root;
        name = "root";
    } else {
        node = root.get(name);
    }
    if (node == null) {
        throw new RpcException(RpcException.Type.MISSING_VALUE, name);
    }
    if (node.isNull()) {
        return null;
    }
    if (!node.isArray()) {
        throw new RpcException(RpcException.Type.CANNOT_DESERIALIZE_VALUE, node.toString() + " as List<" + valueType.getSimpleName() + "> - not an array");
    }
    try {
        List<T> list = new ArrayList<>(node.size());
        for (JsonNode e : node) {
            list.add(mapper.readValue(e, valueType));
        }
        return list;
    } catch (IOException ex) {
        throw new RpcException(RpcException.Type.CANNOT_DESERIALIZE_VALUE, node.toString() + " as List<" + valueType.getSimpleName() + ">", ex);
    }
}
Also used : RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException) ArrayList(java.util.ArrayList) JsonNode(org.codehaus.jackson.JsonNode) IOException(java.io.IOException)

Example 5 with RpcException

use of cz.metacentrum.perun.core.api.exceptions.RpcException in project perun by CESNET.

the class JsonDeserializer method readArrayOfInts.

@Override
public int[] readArrayOfInts(String name) throws RpcException {
    JsonNode node = root.get(name);
    if (node == null) {
        throw new RpcException(RpcException.Type.MISSING_VALUE, name);
    }
    if (node.isNull()) {
        return null;
    }
    if (!node.isArray()) {
        throw new RpcException(RpcException.Type.CANNOT_DESERIALIZE_VALUE, node.toString() + " as int[] - not an array");
    }
    int[] array = new int[node.size()];
    for (int i = 0; i < node.size(); ++i) {
        JsonNode value = node.get(i);
        if (!value.isInt()) {
            throw new RpcException(RpcException.Type.CANNOT_DESERIALIZE_VALUE, node.toString() + " as int");
        }
        array[i] = node.get(i).getIntValue();
    }
    return array;
}
Also used : RpcException(cz.metacentrum.perun.core.api.exceptions.RpcException) JsonNode(org.codehaus.jackson.JsonNode)

Aggregations

RpcException (cz.metacentrum.perun.core.api.exceptions.RpcException)19 JsonNode (org.codehaus.jackson.JsonNode)8 IOException (java.io.IOException)6 JsonGenerator (org.codehaus.jackson.JsonGenerator)6 JsonProcessingException (org.codehaus.jackson.JsonProcessingException)5 ArrayList (java.util.ArrayList)4 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)2 PerunException (cz.metacentrum.perun.core.api.exceptions.PerunException)2 PerunRequest (cz.metacentrum.perun.core.api.PerunRequest)1 User (cz.metacentrum.perun.core.api.User)1 ExtendMembershipException (cz.metacentrum.perun.core.api.exceptions.ExtendMembershipException)1 PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)1 UserNotExistsException (cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)1 PerunRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PerunRuntimeException)1 Deserializer (cz.metacentrum.perun.rpc.deserializer.Deserializer)1 JsonDeserializer (cz.metacentrum.perun.rpc.deserializer.JsonDeserializer)1 UrlDeserializer (cz.metacentrum.perun.rpc.deserializer.UrlDeserializer)1 JsonSerializer (cz.metacentrum.perun.rpc.serializer.JsonSerializer)1 JsonSerializerJSONP (cz.metacentrum.perun.rpc.serializer.JsonSerializerJSONP)1 Serializer (cz.metacentrum.perun.rpc.serializer.Serializer)1