Search in sources :

Example 1 with HttpRetryableAction

use of io.hops.hopsworks.common.proxies.client.HttpRetryableAction in project hopsworks by logicalclocks.

the class CAProxy method revokeX509.

private void revokeX509(String parameterName, String parameterValue, String path) throws HopsSecurityException, GenericException {
    if (Strings.isNullOrEmpty(parameterValue)) {
        throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CERTIFICATE_NOT_FOUND, Level.SEVERE, null, "Certificate parameter value cannot be null or empty");
    }
    try {
        URI revokeURI = new URIBuilder(path).addParameter(parameterName, parameterValue).build();
        HttpDelete httpRequest = new HttpDelete(revokeURI);
        client.setAuthorizationHeader(httpRequest);
        HttpRetryableAction<Void> retryableAction = new HttpRetryableAction<Void>() {

            @Override
            public Void performAction() throws ClientProtocolException, IOException {
                return client.execute(httpRequest, CA_REVOKE_RESPONSE_HANDLER);
            }
        };
        retryableAction.tryAction();
    } catch (URISyntaxException ex) {
        throw new GenericException(RESTCodes.GenericErrorCode.UNKNOWN_ERROR, Level.SEVERE, null, null, ex);
    } catch (ClientProtocolException ex) {
        LOG.log(Level.WARNING, "Could not revoke X.509 " + parameterValue, ex);
        if (ex.getCause() instanceof HopsSecurityException) {
            throw (HopsSecurityException) ex.getCause();
        }
        throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CERTIFICATE_REVOKATION_ERROR, Level.WARNING, null, null, ex);
    } catch (IOException ex) {
        LOG.log(Level.SEVERE, "Could not revoke X.509 " + parameterValue, ex);
        throw new GenericException(RESTCodes.GenericErrorCode.UNKNOWN_ERROR, Level.SEVERE, "Generic error while revoking X.509", null, ex);
    }
}
Also used : HttpDelete(org.apache.http.client.methods.HttpDelete) HttpRetryableAction(io.hops.hopsworks.common.proxies.client.HttpRetryableAction) URISyntaxException(java.net.URISyntaxException) IOException(java.io.IOException) URI(java.net.URI) GenericException(io.hops.hopsworks.exceptions.GenericException) HopsSecurityException(io.hops.hopsworks.exceptions.HopsSecurityException) URIBuilder(org.apache.http.client.utils.URIBuilder) ClientProtocolException(org.apache.http.client.ClientProtocolException) NotRetryableClientProtocolException(io.hops.hopsworks.common.proxies.client.NotRetryableClientProtocolException)

Example 2 with HttpRetryableAction

use of io.hops.hopsworks.common.proxies.client.HttpRetryableAction in project hopsworks by logicalclocks.

the class CAProxy method signCSR.

private CSR signCSR(CSR csr, CA_PATH path) throws HopsSecurityException, GenericException {
    try {
        String csrJSON = objectMapper.writeValueAsString(csr);
        HttpPost httpRequest = new HttpPost(path.path);
        httpRequest.setHeader(HttpHeaders.CONTENT_TYPE, CONTENT_TYPE_JSON);
        client.setAuthorizationHeader(httpRequest);
        httpRequest.setEntity(new StringEntity(csrJSON));
        HttpRetryableAction<CSR> retryableAction = new HttpRetryableAction<CSR>() {

            @Override
            public CSR performAction() throws ClientProtocolException, IOException {
                return client.execute(httpRequest, CA_SIGN_RESPONSE_HANDLER);
            }
        };
        return retryableAction.tryAction();
    } catch (JsonProcessingException ex) {
        throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CSR_ERROR, Level.SEVERE, null, null, ex);
    } catch (ClientProtocolException ex) {
        LOG.log(Level.SEVERE, "Could not sign CSR", ex);
        throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CSR_ERROR, Level.SEVERE, null, null, ex.getCause());
    } catch (IOException ex) {
        LOG.log(Level.SEVERE, "Could not sign CSR", ex);
        throw new GenericException(RESTCodes.GenericErrorCode.UNKNOWN_ERROR, Level.SEVERE, "Generic error while signing CSR", null, ex);
    }
}
Also used : HttpPost(org.apache.http.client.methods.HttpPost) StringEntity(org.apache.http.entity.StringEntity) CSR(io.hops.hopsworks.common.security.CSR) HttpRetryableAction(io.hops.hopsworks.common.proxies.client.HttpRetryableAction) IOException(java.io.IOException) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) GenericException(io.hops.hopsworks.exceptions.GenericException) HopsSecurityException(io.hops.hopsworks.exceptions.HopsSecurityException) ClientProtocolException(org.apache.http.client.ClientProtocolException) NotRetryableClientProtocolException(io.hops.hopsworks.common.proxies.client.NotRetryableClientProtocolException)

Example 3 with HttpRetryableAction

use of io.hops.hopsworks.common.proxies.client.HttpRetryableAction in project hopsworks by logicalclocks.

the class KibanaClient method execute.

private JSONObject execute(HttpMethod method, KibanaType type, String id, String data, Users user, Project project, boolean overwrite, boolean runAsDataOwner) throws ElasticException {
    String url = settings.getKibanaUri() + "/api/saved_objects";
    if (type != KibanaType.All) {
        url += "/" + type.toString();
    }
    if (id != null) {
        url += "/" + id;
    }
    if (overwrite) {
        url += "?overwrite=true";
    }
    try {
        final HttpUriRequest httpRequest = buildHttpRequest(method, url, data);
        httpRequest.setHeader("kbn-xsrf", "required");
        httpRequest.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
        // authorization
        if (settings.isElasticOpenDistroSecurityEnabled()) {
            if (settings.isElasticJWTEnabled() && project != null && (user != null || runAsDataOwner)) {
                String token = runAsDataOwner ? elasticJWTController.createTokenForELKAsDataOwner(project) : elasticJWTController.createTokenForELK(user, project);
                httpRequest.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + token);
            } else {
                String userPass = settings.getElasticAdminUser() + ":" + settings.getElasticAdminPassword();
                httpRequest.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString(userPass.getBytes()));
            }
        }
        HttpRetryableAction<JSONObject> retryableAction = new HttpRetryableAction<JSONObject>(backOffPolicy) {

            @Override
            public JSONObject performAction() throws ClientProtocolException, IOException {
                return client.execute(httpRequest, httpResponse -> {
                    int statusCode = httpResponse.getStatusLine().getStatusCode();
                    if (statusCode / 100 == 2) {
                        String response = EntityUtils.toString(httpResponse.getEntity());
                        return Strings.isNullOrEmpty(response) ? new JSONObject() : new JSONObject(response);
                    } else if (statusCode / 100 == 4) {
                        if (statusCode == 404) {
                            throw new NotFoundClientProtocolException(httpResponse.toString());
                        } else {
                            throw new NotRetryableClientProtocolException(httpResponse.toString());
                        }
                    } else {
                        // Retry
                        throw new ClientProtocolException();
                    }
                });
            }
        };
        return retryableAction.tryAction();
    } catch (IOException e) {
        throw new ElasticException(RESTCodes.ElasticErrorCode.KIBANA_REQ_ERROR, Level.INFO, "Failed to execute a Kibana request. Reason: " + e.getMessage(), "url:" + url, e);
    }
}
Also used : HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) ElasticException(io.hops.hopsworks.exceptions.ElasticException) JSONObject(org.json.JSONObject) NotRetryableClientProtocolException(io.hops.hopsworks.common.proxies.client.NotRetryableClientProtocolException) HttpRetryableAction(io.hops.hopsworks.common.proxies.client.HttpRetryableAction) IOException(java.io.IOException) NotFoundClientProtocolException(io.hops.hopsworks.common.proxies.client.NotFoundClientProtocolException) ClientProtocolException(org.apache.http.client.ClientProtocolException) NotFoundClientProtocolException(io.hops.hopsworks.common.proxies.client.NotFoundClientProtocolException) NotRetryableClientProtocolException(io.hops.hopsworks.common.proxies.client.NotRetryableClientProtocolException)

Aggregations

HttpRetryableAction (io.hops.hopsworks.common.proxies.client.HttpRetryableAction)3 NotRetryableClientProtocolException (io.hops.hopsworks.common.proxies.client.NotRetryableClientProtocolException)3 IOException (java.io.IOException)3 ClientProtocolException (org.apache.http.client.ClientProtocolException)3 GenericException (io.hops.hopsworks.exceptions.GenericException)2 HopsSecurityException (io.hops.hopsworks.exceptions.HopsSecurityException)2 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 NotFoundClientProtocolException (io.hops.hopsworks.common.proxies.client.NotFoundClientProtocolException)1 CSR (io.hops.hopsworks.common.security.CSR)1 ElasticException (io.hops.hopsworks.exceptions.ElasticException)1 URI (java.net.URI)1 URISyntaxException (java.net.URISyntaxException)1 HttpDelete (org.apache.http.client.methods.HttpDelete)1 HttpPost (org.apache.http.client.methods.HttpPost)1 HttpUriRequest (org.apache.http.client.methods.HttpUriRequest)1 URIBuilder (org.apache.http.client.utils.URIBuilder)1 StringEntity (org.apache.http.entity.StringEntity)1 JSONObject (org.json.JSONObject)1