Examples with Asset edu.uiuc.ncsa.myproxy.oa4mp.client.Asset used on opensource projects

Example 1 with Asset

use of edu.uiuc.ncsa.myproxy.oa4mp.client.Asset in project OA4MP by ncsa.

the class AssetStoreTest method storeTest.

/**
 * @param store
 * @return
 * @throws Exception
 */
public void storeTest(AssetStore store) throws Exception {
    if (store == null) {
        System.out.println("WARNING: no asset store configured, skipping test.");
        return;
    }
    int count = 10;
    ArrayList<Asset> assets = new ArrayList<>();
    SecureRandom secureRandom = new SecureRandom();
    long l = secureRandom.nextLong();
    String r = Long.toHexString(l);
    KeyPair kp = KeyUtil.generateKeyPair();
    PrivateKey privateKey = kp.getPrivate();
    MyPKCS10CertRequest cr = CertUtil.createCertRequest(kp);
    String rawCR = CertUtil.fromCertReqToString(cr);
    for (int i = 0; i < count; i++) {
        Identifier id = BasicIdentifier.newID("asset:id:/" + r + "/" + i);
        Asset asset = store.create();
        assert asset != null : "Error: The store is not producing valid assets when requested. A null was returned";
        assets.add(asset);
        asset.setIdentifier(id);
        String username = "testUser-" + r;
        URI redirect = URI.create("http://test.foo/test/" + r);
        asset.setPrivateKey(privateKey);
        asset.setUsername(username);
        asset.setRedirect(redirect);
        asset.setCertReq(cr);
        store.save(asset);
    }
    for (Asset asset : assets) {
        Asset asset2 = store.get(asset.getIdentifier());
        assert asset2 != null : "No asset found for identifier \"" + asset.getIdentifier() + "\" on iteration # ";
        assert asset.getIdentifier().equals(asset2.getIdentifier()) : "Identifiers on assets do not match. " + "Expected \"" + asset.getIdentifierString() + "\" but got \"" + asset2.getIdentifierString() + "\"";
        assert asset.getUsername().equals(asset2.getUsername()) : "Username on assets do not match. " + "Expected \"" + asset.getUsername() + "\" but got \"" + asset2.getUsername();
        assert asset.getPrivateKey().equals(asset2.getPrivateKey()) : "Private keys on assets do not match. " + "Expected \"" + asset.getPrivateKey() + "\" but got \"" + asset2.getPrivateKey();
        assert asset.getRedirect().equals(asset2.getRedirect()) : "Redirect on assets do not match. " + "Expected \"" + asset.getRedirect() + "\" but got \"" + asset2.getRedirect();
        // Special note: MySQL will truncate nanoseconds from dates so the best we can do is verify the milliseconds match.
        assert Math.abs(asset.getCreationTime().getTime() - asset2.getCreationTime().getTime()) < 1000 : "Timestamp on assets do not match. " + "Expected \"" + asset.getCreationTime() + "\" but got \"" + asset2.getCreationTime() + "\"";
        // the requests should be identical so we can compare them as strings. This is a data integrity test.
        assert rawCR.equals(CertUtil.fromCertReqToString(asset2.getCertReq())) : "Certification requests on assets do not match. " + "Expected \"" + asset.getCertReq() + "\" but got \"" + asset2.getCertReq();
        // Don't clutter up the store with test cases.
        store.remove(asset.getIdentifier());
    }
}

Example 2 with Asset

use of edu.uiuc.ncsa.myproxy.oa4mp.client.Asset in project OA4MP by ncsa.

the class SimpleReadyServlet method doIt.

@Override
protected void doIt(HttpServletRequest request, HttpServletResponse response) throws Throwable {
    // Get the cert itself. The server itself does a redirect using the callback to this servlet
    // (so it is the portal that actually is invoking this method after the authorization
    // step.) The token and verifier are peeled off and used
    // to complete the request.
    info("2.a. Getting token and verifier.");
    String token = request.getParameter(CONST(ClientEnvironment.TOKEN));
    String verifier = request.getParameter(CONST(ClientEnvironment.VERIFIER));
    if (token == null && verifier == null) {
        warn("2.a. The token is " + (token == null ? "null" : token) + " and the verifier is " + (verifier == null ? "null" : verifier));
        GeneralException ge = new GeneralException("Error: This servlet requires parameters for the token and possibly verifier.");
        request.setAttribute("exception", ge);
        JSPUtil.fwd(request, response, getCE().getErrorPagePath());
        return;
    }
    info("2.a Token found.");
    info("2.a. Getting the cert(s) from the service");
    String identifier = clearCookie(request, response);
    if (identifier == null) {
        Asset asset = getCE().getAssetStore().getByToken(BasicIdentifier.newID(token));
        if (asset != null) {
            identifier = asset.getIdentifierString();
        }
    }
    AssetResponse assetResponse = null;
    if (identifier == null) {
        // Since this is a demo servlet, we don't blow up if there is no identifier found, just can't save anything.
        String msg = "Error: no cookie found. Cannot save certificates";
        warn(msg);
        debug("No cookie found");
        assetResponse = getOA4MPService().getCert(token, verifier);
    } else {
        // The general case is to do the call with the identifier if you want the asset store managed.
        assetResponse = getOA4MPService().getCert(token, verifier, BasicIdentifier.newID(identifier));
    }
    // The work in this call
    // Again, we take the first returned cert to peel off some information to display. This
    // just proves we got a response.
    X509Certificate cert = assetResponse.getX509Certificates()[0];
    info("2.b. Done! Displaying success page.");
    // Rest of this is putting up something for the user to see
    request.setAttribute("certSubject", cert.getSubjectDN());
    request.setAttribute("cert", CertUtil.toPEM(assetResponse.getX509Certificates()));
    request.setAttribute("username", assetResponse.getUsername());
    // Fix in cases where the server request passes through Apache before going to Tomcat.
    String contextPath = request.getContextPath();
    if (!contextPath.endsWith("/")) {
        contextPath = contextPath + "/";
    }
    request.setAttribute("action", contextPath);
    info("2.a. Completely finished with delegation.");
    JSPUtil.fwd(request, response, getCE().getSuccessPagePath());
    return;
}

Example 3 with Asset

use of edu.uiuc.ncsa.myproxy.oa4mp.client.Asset in project OA4MP by ncsa.

the class AssetStoreTest method testAsset.

@Test
public void testAsset() throws Exception {
    Identifier id = BasicIdentifier.newID("asset:id:/" + ClientTestStoreUtil.getRandomString());
    Asset asset = new Asset(id);
    PrivateKey privateKey = KeyUtil.generateKeyPair().getPrivate();
    String username = "testUser-" + ClientTestStoreUtil.getRandomString(8);
    URI redirect = URI.create("http://test.foo/test" + ClientTestStoreUtil.getRandomString(8));
    asset.setPrivateKey(privateKey);
    asset.setUsername(username);
    asset.setRedirect(redirect);
    assert asset.getPrivateKey().equals(privateKey);
    assert asset.getUsername().equals(username);
    assert asset.getRedirect().equals(redirect);
}

Example 4 with Asset

use of edu.uiuc.ncsa.myproxy.oa4mp.client.Asset in project OA4MP by ncsa.

the class AssetStoreTest method testUpdate.

public void testUpdate(AssetStore store) throws Exception {
    if (store == null) {
        System.out.println("WARNING: no asset store configured, skipping test.");
        return;
    }
    SecureRandom secureRandom = new SecureRandom();
    String r1 = Long.toHexString(secureRandom.nextLong());
    KeyPair kp1 = KeyUtil.generateKeyPair();
    PrivateKey privateKey1 = kp1.getPrivate();
    MyPKCS10CertRequest cr1 = CertUtil.createCertRequest(kp1);
    String rawCR1 = CertUtil.fromCertReqToString(cr1);
    String username1 = "testUser-" + r1;
    URI redirect1 = URI.create("http://test.foo/test/" + r1 + "/" + System.currentTimeMillis());
    Identifier token1 = BasicIdentifier.newID("token:id:/" + r1 + "/" + System.currentTimeMillis());
    Identifier id1 = BasicIdentifier.newID("asset:id:/" + r1 + "/" + System.currentTimeMillis());
    Asset asset = store.create();
    assert asset != null : "Error: The store is not producing valid assets when requested. A null was returned";
    asset.setIdentifier(id1);
    asset.setUsername(username1);
    asset.setPrivateKey(privateKey1);
    asset.setRedirect(redirect1);
    asset.setToken(token1);
    asset.setCertReq(cr1);
    store.save(asset);
    // Now try and update the identifier -- that should fail.
    String r2 = Long.toHexString(secureRandom.nextLong());
    Identifier id2 = BasicIdentifier.newID("asset:id:/" + r2 + "/" + System.currentTimeMillis());
    asset.setIdentifier(id2);
    // identifier means the object needs to be registered first.
    try {
        store.update(asset);
        assert false : "Error: was able to update the identifier.";
    } catch (UnregisteredObjectException t) {
        assert true;
    }
    // ok, set the id back since that worked.
    asset.setIdentifier(id1);
    // now for everything else.
    KeyPair kp2 = KeyUtil.generateKeyPair();
    PrivateKey privateKey2 = kp2.getPrivate();
    MyPKCS10CertRequest cr2 = CertUtil.createCertRequest(kp2);
    String rawCR2 = CertUtil.fromCertReqToString(cr2);
    String username2 = "testUser-" + r2;
    URI redirect2 = URI.create("http://test.foo/test/" + r2 + "/" + System.currentTimeMillis());
    Identifier token2 = BasicIdentifier.newID("token:id:/" + r1 + "/" + System.currentTimeMillis());
    asset.setUsername(username2);
    asset.setPrivateKey(privateKey2);
    asset.setCertReq(cr2);
    asset.setRedirect(redirect2);
    asset.setToken(token2);
    store.update(asset);
    Asset asset2 = store.get(asset.getIdentifier());
    assert asset2.getUsername().equals(username2);
    assert asset2.getPrivateKey().equals(privateKey2);
    assert CertUtil.fromCertReqToString(asset2.getCertReq()).equals(rawCR2);
    assert asset2.getToken().equals(token2);
    assert asset2.getRedirect().equals(redirect2);
    store.remove(asset.getIdentifier());
}

Example 5 with Asset

use of edu.uiuc.ncsa.myproxy.oa4mp.client.Asset in project OA4MP by ncsa.

the class ClientServletInitializer method init.

@Override
public void init() throws ServletException {
    if (hasRun)
        return;
    // run it once and only once.
    hasRun = true;
    MyLoggingFacade logger = getEnvironment().getMyLogger();
    ClientEnvironment ce = (ClientEnvironment) getEnvironment();
    // This next bit is a
    if (ce.hasAssetStore()) {
        if (ce.getAssetStore() instanceof SQLStore) {
            SQLStore sqlStore = (SQLStore) ce.getAssetStore();
            try {
                sqlStore.checkTable();
                sqlStore.checkColumns();
            } catch (SQLException sqlX) {
                logger.warn("Could not update store table:" + sqlX.getMessage());
            }
        }
        Cleanup<Identifier, Asset> assetCleanup = ClientServlet.assetCleanup;
        if (ce.isEnableAssetCleanup() && assetCleanup == null) {
            assetCleanup = new Cleanup<Identifier, Asset>(logger);
            assetCleanup.setStopThread(false);
            assetCleanup.setMap(ce.getAssetStore());
            assetCleanup.addRetentionPolicy(new ValidTimestampPolicy(ce.getMaxAssetLifetime()));
            logger.info("Starting asset cleanup thread");
            assetCleanup.start();
            ClientServlet.assetCleanup = assetCleanup;
        }
    } else {
        logger.info("No assets store, so no cleanup possible.");
    }
}