Example 6 with CommunityUser
use of org.apache.airavata.credential.store.credential.CommunityUser in project airavata by apache.
the class CredentialStoreCallbackServlet method doIt.
@Override
protected void doIt(HttpServletRequest request, HttpServletResponse response) throws Throwable {
String gatewayName = request.getParameter(CredentialStoreConstants.GATEWAY_NAME_QUERY_PARAMETER);
String portalUserName = request.getParameter(CredentialStoreConstants.PORTAL_USER_QUERY_PARAMETER);
String durationParameter = request.getParameter(CredentialStoreConstants.DURATION_QUERY_PARAMETER);
String contactEmail = request.getParameter(CredentialStoreConstants.PORTAL_USER_EMAIL_QUERY_PARAMETER);
String portalTokenId = request.getParameter(CredentialStoreConstants.PORTAL_TOKEN_ID_ASSIGNED);
// TODO remove hard coded values, once passing query parameters is
// fixed in OA4MP client api
long duration = 864000;
if (durationParameter != null) {
duration = Long.parseLong(durationParameter);
}
if (portalTokenId == null) {
error("Token given by portal is invalid.");
GeneralException ge = new GeneralException("Error: The token presented by portal is null.");
request.setAttribute("exception", ge);
JSPUtil.fwd(request, response, configurationReader.getErrorUrl());
return;
}
info("Gateway name " + gatewayName);
info("Portal user name " + portalUserName);
info("Community user contact email " + contactEmail);
info("Token id presented " + portalTokenId);
info("2.a. Getting token and verifier.");
String token = request.getParameter(CONST(ClientEnvironment.TOKEN));
String verifier = request.getParameter(CONST(ClientEnvironment.VERIFIER));
if (token == null || verifier == null) {
warn("2.a. The token is " + (token == null ? "null" : token) + " and the verifier is " + (verifier == null ? "null" : verifier));
GeneralException ge = new GeneralException("Error: This servlet requires parameters for the token and verifier. It cannot be called directly.");
request.setAttribute("exception", ge);
JSPUtil.fwd(request, response, configurationReader.getErrorUrl());
return;
}
info("2.a Token and verifier found.");
X509Certificate[] certificates;
AssetResponse assetResponse = null;
PrivateKey privateKey;
try {
PrivateKeyStore privateKeyStore = PrivateKeyStore.getPrivateKeyStore();
privateKey = privateKeyStore.getKey(portalTokenId);
if (privateKey != null) {
info("Found private key for token " + portalTokenId);
} else {
info("Could not find private key for token " + portalTokenId);
}
info("2.a. Getting the cert(s) from the service");
assetResponse = getOA4MPService().getCert(token, verifier);
certificates = assetResponse.getX509Certificates();
} catch (Throwable t) {
warn("2.a. Exception from the server: " + t.getCause().getMessage());
error("Exception while trying to get cert. message:" + t.getMessage());
request.setAttribute("exception", t);
JSPUtil.fwd(request, response, configurationReader.getErrorUrl());
return;
}
info("2.b. Done! Displaying success page.");
CertificateCredential certificateCredential = new CertificateCredential();
// TODO check this is correct
certificateCredential.setNotBefore(Utility.convertDateToString(certificates[0].getNotBefore()));
certificateCredential.setNotAfter(Utility.convertDateToString(certificates[0].getNotAfter()));
certificateCredential.setCertificates(certificates);
certificateCredential.setPrivateKey(privateKey);
certificateCredential.setCommunityUser(new CommunityUser(gatewayName, assetResponse.getUsername(), contactEmail));
certificateCredential.setPortalUserName(portalUserName);
certificateCredential.setLifeTime(duration);
certificateCredential.setToken(portalTokenId);
certificateCredentialWriter.writeCredentials(certificateCredential);
StringBuilder stringBuilder = new StringBuilder("Certificate for community user ");
stringBuilder.append(assetResponse.getUsername()).append(" successfully persisted.");
stringBuilder.append(" Certificate DN - ").append(certificates[0].getSubjectDN());
info(stringBuilder.toString());
if (isUrlInSameServer(configurationReader.getSuccessUrl())) {
String contextPath = request.getContextPath();
if (!contextPath.endsWith("/")) {
contextPath = contextPath + "/";
}
request.setAttribute("action", contextPath);
request.setAttribute("tokenId", portalTokenId);
JSPUtil.fwd(request, response, configurationReader.getSuccessUrl());
} else {
String urlToRedirect = decorateUrlWithToken(configurationReader.getSuccessUrl(), portalTokenId);
info("Redirecting to url - " + urlToRedirect);
response.sendRedirect(urlToRedirect);
}
info("2.a. Completely finished with delegation.");
}
Also used :
CertificateCredential(org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential)
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
PrivateKey(java.security.PrivateKey)
CommunityUser(org.apache.airavata.credential.store.credential.CommunityUser)
PrivateKeyStore(org.apache.airavata.credential.store.util.PrivateKeyStore)
AssetResponse(edu.uiuc.ncsa.myproxy.oa4mp.client.AssetResponse)
X509Certificate(java.security.cert.X509Certificate)
Example 7 with CommunityUser
use of org.apache.airavata.credential.store.credential.CommunityUser in project airavata by apache.
the class CredentialReaderImpl method getAuditInfo.
public CertificateAuditInfo getAuditInfo(String gatewayName, String tokenId) throws CredentialStoreException {
Connection connection = getConnection();
CertificateAuditInfo certificateAuditInfo;
try {
CertificateCredential certificateCredential = (CertificateCredential) this.credentialsDAO.getCredential(gatewayName, tokenId, connection);
certificateAuditInfo = new CertificateAuditInfo();
CommunityUser retrievedUser = certificateCredential.getCommunityUser();
certificateAuditInfo.setCommunityUserName(retrievedUser.getUserName());
certificateAuditInfo.setCredentialLifeTime(certificateCredential.getLifeTime());
certificateAuditInfo.setCredentialsRequestedTime(certificateCredential.getCertificateRequestedTime());
certificateAuditInfo.setGatewayName(gatewayName);
certificateAuditInfo.setNotAfter(certificateCredential.getNotAfter());
certificateAuditInfo.setNotBefore(certificateCredential.getNotBefore());
certificateAuditInfo.setPortalUserName(certificateCredential.getPortalUserName());
} finally {
DBUtil.cleanup(connection);
}
return certificateAuditInfo;
}
Also used :
CertificateCredential(org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential)
CommunityUser(org.apache.airavata.credential.store.credential.CommunityUser)
Connection(java.sql.Connection)
CertificateAuditInfo(org.apache.airavata.credential.store.credential.impl.certificate.CertificateAuditInfo)
Example 8 with CommunityUser
use of org.apache.airavata.credential.store.credential.CommunityUser in project airavata by apache.
the class CommunityUserDAO method getCommunityUser.
public CommunityUser getCommunityUser(String gatewayName, String communityUserName, Connection connection) throws CredentialStoreException {
String sql = "SELECT * FROM COMMUNITY_USER WHERE GATEWAY_ID=? AND COMMUNITY_USER_NAME=?";
PreparedStatement preparedStatement = null;
try {
preparedStatement = connection.prepareStatement(sql);
preparedStatement.setString(1, gatewayName);
preparedStatement.setString(2, communityUserName);
ResultSet resultSet = preparedStatement.executeQuery();
if (resultSet.next()) {
// TODO fix typo
String email = resultSet.getString("COMMUNITY_USER_EMAIL");
return new CommunityUser(gatewayName, communityUserName, email);
}
} catch (SQLException e) {
StringBuilder stringBuilder = new StringBuilder("Error retrieving community user.");
stringBuilder.append("gateway - ").append(gatewayName);
stringBuilder.append("community user name - ").append(communityUserName);
log.error(stringBuilder.toString(), e);
throw new CredentialStoreException(stringBuilder.toString(), e);
} finally {
DBUtil.cleanup(preparedStatement);
}
return null;
}
Also used :
CommunityUser(org.apache.airavata.credential.store.credential.CommunityUser)
SQLException(java.sql.SQLException)
ResultSet(java.sql.ResultSet)
PreparedStatement(java.sql.PreparedStatement)
CredentialStoreException(org.apache.airavata.credential.store.store.CredentialStoreException)
Example 9 with CommunityUser
use of org.apache.airavata.credential.store.credential.CommunityUser in project airavata by apache.
the class CredentialStoreServerHandler method addCertificateCredential.
@Override
public String addCertificateCredential(CertificateCredential certificateCredential) throws org.apache.airavata.credential.store.exception.CredentialStoreException, TException {
try {
org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential credential = new org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential();
credential.setPortalUserName(certificateCredential.getCommunityUser().getUsername());
credential.setCommunityUser(new CommunityUser(certificateCredential.getCommunityUser().getGatewayName(), certificateCredential.getCommunityUser().getUsername(), certificateCredential.getCommunityUser().getUserEmail()));
String token = TokenGenerator.generateToken(certificateCredential.getCommunityUser().getGatewayName(), null);
credential.setToken(token);
Base64 encoder = new Base64(64);
byte[] decoded = encoder.decode(certificateCredential.getX509Cert().replaceAll(X509Factory.BEGIN_CERT, "").replaceAll(X509Factory.END_CERT, ""));
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(decoded));
X509Certificate[] certificates = new X509Certificate[1];
certificates[0] = certificate;
credential.setCertificates(certificates);
certificateCredentialWriter.writeCredentials(credential);
return token;
} catch (CredentialStoreException e) {
log.error("Error occurred while saving Certificate Credentials.", e);
throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while saving Certificate Credentials.");
} catch (Exception e) {
log.error("Error occurred while converting to X509 certificate.", e);
throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while converting to X509 certificate..");
}
}
Also used :
Base64(org.apache.commons.codec.binary.Base64)
CommunityUser(org.apache.airavata.credential.store.credential.CommunityUser)
org.apache.airavata.model.credential.store(org.apache.airavata.model.credential.store)
CredentialStoreException(org.apache.airavata.credential.store.store.CredentialStoreException)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
SQLException(java.sql.SQLException)
CredentialStoreException(org.apache.airavata.credential.store.store.CredentialStoreException)
TException(org.apache.thrift.TException)
IOException(java.io.IOException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Example 10 with CommunityUser
use of org.apache.airavata.credential.store.credential.CommunityUser in project airavata by apache.
the class CommunityUserDAOTest method testGetCommunityUsersForGateway.
@Test
public void testGetCommunityUsersForGateway() throws Exception {
Connection connection = getConnection();
CommunityUser communityUser = new CommunityUser("gw1", "ogce", "ogce@sciencegateway.org");
communityUserDAO.addCommunityUser(communityUser, "Token1", connection);
communityUser = new CommunityUser("gw1", "ogce2", "ogce@sciencegateway.org");
communityUserDAO.addCommunityUser(communityUser, "Token2", connection);
List<CommunityUser> users = communityUserDAO.getCommunityUsers("gw1", connection);
Assert.assertNotNull(users);
Assert.assertEquals(2, users.size());
Assert.assertEquals(users.get(0).getUserName(), "ogce");
Assert.assertEquals(users.get(1).getUserName(), "ogce2");
}
Also used :
CommunityUser(org.apache.airavata.credential.store.credential.CommunityUser)
Connection(java.sql.Connection)
Aggregations
CommunityUser (org.apache.airavata.credential.store.credential.CommunityUser)14
Connection (java.sql.Connection)7
CredentialStoreException (org.apache.airavata.credential.store.store.CredentialStoreException)6
SQLException (java.sql.SQLException)4
CertificateCredential (org.apache.airavata.credential.store.credential.impl.certificate.CertificateCredential)4
PreparedStatement (java.sql.PreparedStatement)3
ResultSet (java.sql.ResultSet)3
X509Certificate (java.security.cert.X509Certificate)2
ApplicationSettingsException (org.apache.airavata.common.exception.ApplicationSettingsException)2
Credential (org.apache.airavata.credential.store.credential.Credential)2
org.apache.airavata.model.credential.store (org.apache.airavata.model.credential.store)2
AssetResponse (edu.uiuc.ncsa.myproxy.oa4mp.client.AssetResponse)1
GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
PrivateKey (java.security.PrivateKey)1
CertificateFactory (java.security.cert.CertificateFactory)1
ParseException (java.text.ParseException)1
ArrayList (java.util.ArrayList)1
CertificateAuditInfo (org.apache.airavata.credential.store.credential.impl.certificate.CertificateAuditInfo)1
