Examples with JobAuthorization org.dataportabilityproject.spi.cloud.types.JobAuthorization used on opensource projects

Example 6 with JobAuthorization

use of org.dataportabilityproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class JobPollingService method pollUntilJobIsReady.

/**
 * Polls for job with populated auth data and stops this service when found.
 */
private void pollUntilJobIsReady() {
    UUID jobId = JobMetadata.getJobId();
    PortabilityJob job = store.findJob(jobId);
    if (job == null) {
        logger.debug("Could not poll job {}, it was not present in the key-value store", jobId);
    } else if (job.jobAuthorization().state() == JobAuthorization.State.CREDS_ENCRYPTED) {
        logger.debug("Polled job {} in state CREDS_ENCRYPTED", jobId);
        JobAuthorization jobAuthorization = job.jobAuthorization();
        if (!Strings.isNullOrEmpty(jobAuthorization.encryptedExportAuthData()) && !Strings.isNullOrEmpty(jobAuthorization.encryptedImportAuthData())) {
            logger.debug("Polled job {} has auth data as expected. Done polling.", jobId);
        } else {
            logger.warn("Polled job {} does not have auth data as expected. " + "Done polling this job since it's in a bad state! Starting over.", jobId);
        }
        this.stopAsync();
    } else {
        logger.debug("Polling job {} until it's in state CREDS_ENCRYPTED. " + "It's currently in state: {}", jobId, job.jobAuthorization().state());
    }
}

Example 7 with JobAuthorization

use of org.dataportabilityproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class JobProcessor method processJob.

/**
 * Process our job, whose metadata is available via {@link JobMetadata}.
 */
void processJob() {
    UUID jobId = JobMetadata.getJobId();
    logger.debug("Begin processing jobId: {}", jobId);
    PortabilityJob job = store.findJob(jobId);
    JobAuthorization jobAuthorization = job.jobAuthorization();
    Preconditions.checkState(jobAuthorization.state() == JobAuthorization.State.CREDS_ENCRYPTED);
    try {
        logger.debug("Starting copy job, id: {}, source: {}, destination: {}", jobId, job.exportService(), job.importService());
        // Decrypt the encrypted outer symmetric key, which have been encrypted with our public key
        Decrypter decrypter = DecrypterFactory.create(JobMetadata.getKeyPair().getPrivate());
        byte[] decryptedSymmetricKey = BaseEncoding.base64Url().decode(decrypter.decrypt(jobAuthorization.authSecretKey()));
        SecretKey outerSymmetricKey = symmetricKeyGenerator.parse(decryptedSymmetricKey);
        // Decrypt the doubly encrypted export and import credentials, which have been doubly
        // encrypted with two symmetric keys
        // First decrypt with the outer (secondary) encryption key
        Decrypter outerAuthDataDecrypter = DecrypterFactory.create(outerSymmetricKey);
        String singlyEncryptedExportAuthData = outerAuthDataDecrypter.decrypt(jobAuthorization.encryptedExportAuthData());
        String singlyEncryptedImportAuthData = outerAuthDataDecrypter.decrypt(jobAuthorization.encryptedImportAuthData());
        // Parse the inner (initial) symmetric encryption key that is stored encoded with the
        // jobAuthorization
        byte[] keyBytes = BaseEncoding.base64Url().decode(jobAuthorization.sessionSecretKey());
        SecretKey innerSymmetricKey = symmetricKeyGenerator.parse(keyBytes);
        // Decrypt one more time
        Decrypter innerAuthDataDecrypter = DecrypterFactory.create(innerSymmetricKey);
        String serializedExportAuthData = innerAuthDataDecrypter.decrypt(singlyEncryptedExportAuthData);
        AuthData exportAuthData = deSerialize(serializedExportAuthData);
        String serializedImportAuthData = innerAuthDataDecrypter.decrypt(singlyEncryptedImportAuthData);
        AuthData importAuthData = deSerialize(serializedImportAuthData);
        // Copy the data
        copier.copy(exportAuthData, importAuthData, jobId);
        logger.debug("Finished copy for jobId: " + jobId);
    } catch (IOException e) {
        logger.error("Error processing jobId: " + jobId, e);
    } finally {
        try {
            store.remove(jobId);
            JobMetadata.reset();
        } catch (IOException e) {
            logger.error("Error removing jobId: " + jobId, e);
        }
    }
}

Example 8 with JobAuthorization

use of org.dataportabilityproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class CreateJobAction method createJob.

/**
 * Populates the initial state of the {@link PortabilityJob} instance.
 */
private static PortabilityJob createJob(String encodedSessionKey, String dataType, String exportService, String importService) {
    Preconditions.checkArgument(!Strings.isNullOrEmpty(encodedSessionKey), "sessionKey missing");
    Preconditions.checkArgument(!Strings.isNullOrEmpty(exportService), "exportService missing");
    Preconditions.checkArgument(!Strings.isNullOrEmpty(importService), "importService missing");
    Preconditions.checkNotNull(dataType, "dataType missing");
    // Job auth data
    JobAuthorization jobAuthorization = JobAuthorization.builder().setSessionSecretKey(encodedSessionKey).setState(JobAuthorization.State.INITIAL).build();
    return PortabilityJob.builder().setTransferDataType(dataType).setExportService(exportService).setImportService(importService).setAndValidateJobAuthorization(jobAuthorization).build();
}