Search in sources :

Example 16 with PortabilityJob

use of org.dataportabilityproject.spi.cloud.types.PortabilityJob in project data-transfer-project by google.

the class JobPollingService method pollUntilJobIsReady.

/**
 * Polls for job with populated auth data and stops this service when found.
 */
private void pollUntilJobIsReady() {
    UUID jobId = JobMetadata.getJobId();
    PortabilityJob job = store.findJob(jobId);
    if (job == null) {
        logger.debug("Could not poll job {}, it was not present in the key-value store", jobId);
    } else if (job.jobAuthorization().state() == JobAuthorization.State.CREDS_ENCRYPTED) {
        logger.debug("Polled job {} in state CREDS_ENCRYPTED", jobId);
        JobAuthorization jobAuthorization = job.jobAuthorization();
        if (!Strings.isNullOrEmpty(jobAuthorization.encryptedExportAuthData()) && !Strings.isNullOrEmpty(jobAuthorization.encryptedImportAuthData())) {
            logger.debug("Polled job {} has auth data as expected. Done polling.", jobId);
        } else {
            logger.warn("Polled job {} does not have auth data as expected. " + "Done polling this job since it's in a bad state! Starting over.", jobId);
        }
        this.stopAsync();
    } else {
        logger.debug("Polling job {} until it's in state CREDS_ENCRYPTED. " + "It's currently in state: {}", jobId, job.jobAuthorization().state());
    }
}
Also used : PortabilityJob(org.dataportabilityproject.spi.cloud.types.PortabilityJob) JobAuthorization(org.dataportabilityproject.spi.cloud.types.JobAuthorization) UUID(java.util.UUID)

Example 17 with PortabilityJob

use of org.dataportabilityproject.spi.cloud.types.PortabilityJob in project data-transfer-project by google.

the class JobProcessor method processJob.

/**
 * Process our job, whose metadata is available via {@link JobMetadata}.
 */
void processJob() {
    UUID jobId = JobMetadata.getJobId();
    logger.debug("Begin processing jobId: {}", jobId);
    PortabilityJob job = store.findJob(jobId);
    JobAuthorization jobAuthorization = job.jobAuthorization();
    Preconditions.checkState(jobAuthorization.state() == JobAuthorization.State.CREDS_ENCRYPTED);
    try {
        logger.debug("Starting copy job, id: {}, source: {}, destination: {}", jobId, job.exportService(), job.importService());
        // Decrypt the encrypted outer symmetric key, which have been encrypted with our public key
        Decrypter decrypter = DecrypterFactory.create(JobMetadata.getKeyPair().getPrivate());
        byte[] decryptedSymmetricKey = BaseEncoding.base64Url().decode(decrypter.decrypt(jobAuthorization.authSecretKey()));
        SecretKey outerSymmetricKey = symmetricKeyGenerator.parse(decryptedSymmetricKey);
        // Decrypt the doubly encrypted export and import credentials, which have been doubly
        // encrypted with two symmetric keys
        // First decrypt with the outer (secondary) encryption key
        Decrypter outerAuthDataDecrypter = DecrypterFactory.create(outerSymmetricKey);
        String singlyEncryptedExportAuthData = outerAuthDataDecrypter.decrypt(jobAuthorization.encryptedExportAuthData());
        String singlyEncryptedImportAuthData = outerAuthDataDecrypter.decrypt(jobAuthorization.encryptedImportAuthData());
        // Parse the inner (initial) symmetric encryption key that is stored encoded with the
        // jobAuthorization
        byte[] keyBytes = BaseEncoding.base64Url().decode(jobAuthorization.sessionSecretKey());
        SecretKey innerSymmetricKey = symmetricKeyGenerator.parse(keyBytes);
        // Decrypt one more time
        Decrypter innerAuthDataDecrypter = DecrypterFactory.create(innerSymmetricKey);
        String serializedExportAuthData = innerAuthDataDecrypter.decrypt(singlyEncryptedExportAuthData);
        AuthData exportAuthData = deSerialize(serializedExportAuthData);
        String serializedImportAuthData = innerAuthDataDecrypter.decrypt(singlyEncryptedImportAuthData);
        AuthData importAuthData = deSerialize(serializedImportAuthData);
        // Copy the data
        copier.copy(exportAuthData, importAuthData, jobId);
        logger.debug("Finished copy for jobId: " + jobId);
    } catch (IOException e) {
        logger.error("Error processing jobId: " + jobId, e);
    } finally {
        try {
            store.remove(jobId);
            JobMetadata.reset();
        } catch (IOException e) {
            logger.error("Error removing jobId: " + jobId, e);
        }
    }
}
Also used : PortabilityJob(org.dataportabilityproject.spi.cloud.types.PortabilityJob) JobAuthorization(org.dataportabilityproject.spi.cloud.types.JobAuthorization) SecretKey(javax.crypto.SecretKey) AuthData(org.dataportabilityproject.types.transfer.auth.AuthData) Decrypter(org.dataportabilityproject.security.Decrypter) IOException(java.io.IOException) UUID(java.util.UUID)

Aggregations

PortabilityJob (org.dataportabilityproject.spi.cloud.types.PortabilityJob)17 IOException (java.io.IOException)10 UUID (java.util.UUID)8 SecretKey (javax.crypto.SecretKey)7 JobAuthorization (org.dataportabilityproject.spi.cloud.types.JobAuthorization)6 AuthDataGenerator (org.dataportabilityproject.spi.gateway.auth.AuthDataGenerator)5 DataTransferResponse (org.dataportabilityproject.types.client.transfer.DataTransferResponse)4 AuthData (org.dataportabilityproject.types.transfer.auth.AuthData)4 Headers (com.sun.net.httpserver.Headers)3 HttpCookie (java.net.HttpCookie)3 AuthMode (org.dataportabilityproject.spi.gateway.auth.AuthServiceProviderRegistry.AuthMode)3 HttpHeaders (com.google.common.net.HttpHeaders)2 AuthFlowConfiguration (org.dataportabilityproject.spi.gateway.types.AuthFlowConfiguration)2 Test (org.junit.Test)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 AuthorizationCodeResponseUrl (com.google.api.client.auth.oauth2.AuthorizationCodeResponseUrl)1 Entity (com.google.cloud.datastore.Entity)1 Key (com.google.cloud.datastore.Key)1 Transaction (com.google.cloud.datastore.Transaction)1 Map (java.util.Map)1