Search in sources :

Example 1 with JobAuthorization

use of org.datatransferproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class CreateTransferJobAction method setInitialAuthDataOnJob.

private PortabilityJob setInitialAuthDataOnJob(SecretKey sessionKey, PortabilityJob job, AuthFlowConfiguration exportConfiguration, AuthFlowConfiguration importConfiguration) throws JsonProcessingException {
    // If present, store initial auth data for export services, e.g. used for oauth1
    if (exportConfiguration.getInitialAuthData() != null) {
        // Ensure initial auth data for export has not already been set
        Preconditions.checkState(Strings.isNullOrEmpty(job.jobAuthorization().encryptedInitialExportAuthData()));
        // Serialize and encrypt the initial auth data
        String serialized = objectMapper.writeValueAsString(exportConfiguration.getInitialAuthData());
        String encryptedInitialAuthData = encrypterFactory.create(sessionKey).encrypt(serialized);
        // Add the serialized and encrypted initial auth data to the job authorization
        JobAuthorization updatedJobAuthorization = job.jobAuthorization().toBuilder().setEncryptedInitialExportAuthData(encryptedInitialAuthData).build();
        // Persist the updated PortabilityJob with the updated JobAuthorization
        job = job.toBuilder().setAndValidateJobAuthorization(updatedJobAuthorization).build();
    }
    if (importConfiguration.getInitialAuthData() != null) {
        // Ensure initial auth data for import has not already been set
        Preconditions.checkState(Strings.isNullOrEmpty(job.jobAuthorization().encryptedInitialImportAuthData()));
        // Serialize and encrypt the initial auth data
        String serialized = objectMapper.writeValueAsString(importConfiguration.getInitialAuthData());
        String encryptedInitialAuthData = encrypterFactory.create(sessionKey).encrypt(serialized);
        // Add the serialized and encrypted initial auth data to the job authorization
        JobAuthorization updatedJobAuthorization = job.jobAuthorization().toBuilder().setEncryptedInitialImportAuthData(encryptedInitialAuthData).build();
        // Persist the updated PortabilityJob with the updated JobAuthorization
        job = job.toBuilder().setAndValidateJobAuthorization(updatedJobAuthorization).build();
    }
    return job;
}
Also used : JobAuthorization(org.datatransferproject.spi.cloud.types.JobAuthorization)

Example 2 with JobAuthorization

use of org.datatransferproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class JobPollingServiceTest method pollingLifeCycle.

// TODO(data-transfer-project/issues/43): Make this an integration test which uses both the API
// and transfer worker, rather than simulating API calls, in case this test ever diverges from
// what the API actually does.
@Test
public void pollingLifeCycle() throws Exception {
    when(asymmetricKeyGenerator.generate()).thenReturn(TEST_KEY_PAIR);
    // Initial state
    assertThat(JobMetadata.isInitialized()).isFalse();
    // Run once with no data in the database
    jobPollingService.runOneIteration();
    assertThat(JobMetadata.isInitialized()).isFalse();
    PortabilityJob job = store.findJob(TEST_ID);
    // No existing ready job
    assertThat(job).isNull();
    // API inserts an job in initial authorization state
    job = PortabilityJob.builder().setTransferDataType("photo").setExportService("DummyExportService").setImportService("DummyImportService").setAndValidateJobAuthorization(JobAuthorization.builder().setEncryptionScheme("cleartext").setState(State.INITIAL).setSessionSecretKey("fooBar").build()).build();
    store.createJob(TEST_ID, job);
    // Verify initial authorization state
    job = store.findJob(TEST_ID);
    assertThat(job.jobAuthorization().state()).isEqualTo(State.INITIAL);
    // no auth data should exist yet
    assertThat(job.jobAuthorization().encryptedAuthData()).isNull();
    // API atomically updates job to from 'initial' to 'creds available'
    job = job.toBuilder().setAndValidateJobAuthorization(job.jobAuthorization().toBuilder().setState(State.CREDS_AVAILABLE).build()).build();
    store.updateJobAuthStateToCredsAvailable(TEST_ID);
    // Verify 'creds available' state
    job = store.findJob(TEST_ID);
    assertThat(job.jobAuthorization().state()).isEqualTo(State.CREDS_AVAILABLE);
    // no auth data should exist yet
    assertThat(job.jobAuthorization().encryptedAuthData()).isNull();
    // Worker initiates the JobPollingService
    jobPollingService.runOneIteration();
    assertThat(JobMetadata.isInitialized()).isTrue();
    assertThat(JobMetadata.getJobId()).isEqualTo(TEST_ID);
    // Verify assigned without auth data state
    job = store.findJob(TEST_ID);
    assertThat(job.jobAuthorization().state()).isEqualTo(JobAuthorization.State.CREDS_ENCRYPTION_KEY_GENERATED);
    assertThat(job.jobAuthorization().authPublicKey()).isNotEmpty();
    // Client encrypts data and updates the job
    job = job.toBuilder().setAndValidateJobAuthorization(job.jobAuthorization().toBuilder().setEncryptedAuthData("dummy export data").setState(State.CREDS_STORED).build()).build();
    store.updateJobWithCredentials(TEST_ID, job);
    // Run another iteration of the polling service
    // Worker should pick up encrypted data and update job
    jobPollingService.runOneIteration();
    job = store.findJob(TEST_ID);
    JobAuthorization jobAuthorization = job.jobAuthorization();
    assertThat(jobAuthorization.state()).isEqualTo(JobAuthorization.State.CREDS_STORED);
    assertThat(jobAuthorization.encryptedAuthData()).isNotEmpty();
    store.remove(TEST_ID);
}
Also used : PortabilityJob(org.datatransferproject.spi.cloud.types.PortabilityJob) JobAuthorization(org.datatransferproject.spi.cloud.types.JobAuthorization) Test(org.junit.Test)

Example 3 with JobAuthorization

use of org.datatransferproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class JobProcessor method processJob.

/**
 * Process our job, whose metadata is available via {@link JobMetadata}.
 */
void processJob() {
    boolean success = false;
    UUID jobId = JobMetadata.getJobId();
    monitor.debug(() -> format("Begin processing jobId: %s", jobId), EventCode.WORKER_JOB_STARTED);
    Collection<ErrorDetail> errors = null;
    try {
        markJobStarted(jobId);
        hooks.jobStarted(jobId);
        PortabilityJob job = store.findJob(jobId);
        JobAuthorization jobAuthorization = job.jobAuthorization();
        monitor.debug(() -> format("Starting copy job, id: %s, source: %s, destination: %s", jobId, job.exportService(), job.importService()));
        String scheme = jobAuthorization.encryptionScheme();
        AuthDataDecryptService decryptService = getAuthDecryptService(scheme);
        if (decryptService == null) {
            monitor.severe(() -> format("No auth decrypter found for scheme %s while processing job: %s", scheme, jobId));
            return;
        }
        String encrypted = jobAuthorization.encryptedAuthData();
        byte[] encodedPrivateKey = JobMetadata.getPrivateKey();
        AuthDataPair pair = decryptService.decrypt(encrypted, encodedPrivateKey);
        AuthData exportAuthData = objectMapper.readValue(pair.getExportAuthData(), AuthData.class);
        AuthData importAuthData = objectMapper.readValue(pair.getImportAuthData(), AuthData.class);
        String exportInfoStr = job.exportInformation();
        Optional<ExportInformation> exportInfo = Optional.empty();
        if (!Strings.isNullOrEmpty(exportInfoStr)) {
            exportInfo = Optional.of(objectMapper.readValue(exportInfoStr, ExportInformation.class));
        }
        // Copy the data
        dtpInternalMetricRecorder.startedJob(JobMetadata.getDataType(), JobMetadata.getExportService(), JobMetadata.getImportService());
        JobMetadata.getStopWatch().start();
        errors = copier.copy(exportAuthData, importAuthData, jobId, exportInfo);
        final int numErrors = errors.size();
        monitor.debug(() -> format("Finished copy for jobId: %s with %d error(s).", jobId, numErrors));
        success = errors.isEmpty();
    } catch (CopyExceptionWithFailureReason e) {
        String failureReason = e.getFailureReason();
        if (failureReason.contains(FailureReasons.DESTINATION_FULL.toString())) {
            monitor.info(() -> "The remaining storage in the user's account is not enough to perform this operation.", e);
        } else if (failureReason.contains(FailureReasons.INVALID_TOKEN.toString()) || failureReason.contains(FailureReasons.SESSION_INVALIDATED.toString()) || failureReason.contains(FailureReasons.UNCONFIRMED_USER.toString()) || failureReason.contains(FailureReasons.USER_CHECKPOINTED.toString())) {
            monitor.info(() -> "Got token error", e);
        } else {
            monitor.severe(() -> format("Error with failure code '%s' while processing jobId: %s", failureReason, jobId), e, EventCode.WORKER_JOB_ERRORED);
        }
        addFailureReasonToJob(jobId, failureReason);
    } catch (IOException | CopyException | RuntimeException e) {
        monitor.severe(() -> "Error processing jobId: " + jobId, e, EventCode.WORKER_JOB_ERRORED);
    } finally {
        monitor.debug(() -> "Finished processing jobId: " + jobId, EventCode.WORKER_JOB_FINISHED);
        addErrorsAndMarkJobFinished(jobId, success, errors);
        hooks.jobFinished(jobId, success);
        dtpInternalMetricRecorder.finishedJob(JobMetadata.getDataType(), JobMetadata.getExportService(), JobMetadata.getImportService(), success, JobMetadata.getStopWatch().elapsed());
        monitor.flushLogs();
        JobMetadata.reset();
    }
}
Also used : JobAuthorization(org.datatransferproject.spi.cloud.types.JobAuthorization) CopyException(org.datatransferproject.spi.transfer.types.CopyException) AuthData(org.datatransferproject.types.transfer.auth.AuthData) CopyExceptionWithFailureReason(org.datatransferproject.spi.transfer.types.CopyExceptionWithFailureReason) AuthDataDecryptService(org.datatransferproject.spi.transfer.security.AuthDataDecryptService) IOException(java.io.IOException) ErrorDetail(org.datatransferproject.types.transfer.errors.ErrorDetail) PortabilityJob(org.datatransferproject.spi.cloud.types.PortabilityJob) ExportInformation(org.datatransferproject.types.common.ExportInformation) UUID(java.util.UUID) AuthDataPair(org.datatransferproject.types.transfer.auth.AuthDataPair)

Example 4 with JobAuthorization

use of org.datatransferproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class JobStoreWithValidator method updateJobAuthStateToCredsAvailable.

@Override
public void updateJobAuthStateToCredsAvailable(UUID jobId) throws IOException {
    PortabilityJob job = findJob(jobId);
    // Set update job auth data
    JobAuthorization jobAuthorization = job.jobAuthorization().toBuilder().setState(CREDS_AVAILABLE).build();
    job = job.toBuilder().setAndValidateJobAuthorization(jobAuthorization).build();
    updateJob(jobId, job, (previous, updated) -> validateForUpdateStateToCredsAvailable(previous));
}
Also used : PortabilityJob(org.datatransferproject.spi.cloud.types.PortabilityJob) JobAuthorization(org.datatransferproject.spi.cloud.types.JobAuthorization)

Example 5 with JobAuthorization

use of org.datatransferproject.spi.cloud.types.JobAuthorization in project data-transfer-project by google.

the class CreateTransferJobAction method createJob.

/**
 * Populates the initial state of the {@link PortabilityJob} instance.
 */
private PortabilityJob createJob(String encodedSessionKey, String dataType, String exportService, String importService, Optional<ExportInformation> exportInformation, String encryptionScheme) throws IOException {
    // Job auth data
    JobAuthorization jobAuthorization = JobAuthorization.builder().setSessionSecretKey(encodedSessionKey).setEncryptionScheme(encryptionScheme).setState(JobAuthorization.State.INITIAL).build();
    PortabilityJob.Builder builder = PortabilityJob.builder().setTransferDataType(dataType).setExportService(exportService).setImportService(importService).setAndValidateJobAuthorization(jobAuthorization);
    if (exportInformation.isPresent()) {
        builder.setExportInformation(objectMapper.writeValueAsString(exportInformation.get()));
    }
    return builder.build();
}
Also used : JobAuthorization(org.datatransferproject.spi.cloud.types.JobAuthorization) PortabilityJob(org.datatransferproject.spi.cloud.types.PortabilityJob)

Aggregations

JobAuthorization (org.datatransferproject.spi.cloud.types.JobAuthorization)7 PortabilityJob (org.datatransferproject.spi.cloud.types.PortabilityJob)5 IOException (java.io.IOException)2 UUID (java.util.UUID)2 AuthDataDecryptService (org.datatransferproject.spi.transfer.security.AuthDataDecryptService)1 CopyException (org.datatransferproject.spi.transfer.types.CopyException)1 CopyExceptionWithFailureReason (org.datatransferproject.spi.transfer.types.CopyExceptionWithFailureReason)1 ExportInformation (org.datatransferproject.types.common.ExportInformation)1 AuthData (org.datatransferproject.types.transfer.auth.AuthData)1 AuthDataPair (org.datatransferproject.types.transfer.auth.AuthDataPair)1 ErrorDetail (org.datatransferproject.types.transfer.errors.ErrorDetail)1 Test (org.junit.Test)1