Examples with MachineTokenException org.eclipse.che.api.workspace.server.token.MachineTokenException used on opensource projects

Search in sources :

Example 1 with MachineTokenException

use of org.eclipse.che.api.workspace.server.token.MachineTokenException in project che-server by eclipse-che.

the class WorkspaceService method asDtoWithLinksAndToken.

private WorkspaceDto asDtoWithLinksAndToken(WorkspaceImpl workspace) throws ServerException {
    WorkspaceDto workspaceDto = asDto(workspace).withLinks(linksGenerator.genLinks(workspace, getServiceContext()));
    RuntimeDto runtimeDto = workspaceDto.getRuntime();
    if (runtimeDto != null) {
        try {
            runtimeDto.setMachineToken(machineTokenProvider.getToken(workspace.getId()));
        } catch (MachineAccessForbidden e) {
            // set runtime to null since user doesn't have the required permissions
            workspaceDto.setRuntime(null);
        } catch (MachineTokenException e) {
            throw new ServerException(e.getMessage(), e);
        }
    }
    return workspaceDto;
}
Also used : ServerException(org.eclipse.che.api.core.ServerException) WorkspaceDto(org.eclipse.che.api.workspace.shared.dto.WorkspaceDto) MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException) RuntimeDto(org.eclipse.che.api.workspace.shared.dto.RuntimeDto) MachineAccessForbidden(org.eclipse.che.api.workspace.server.token.MachineAccessForbidden)

Example 2 with MachineTokenException

use of org.eclipse.che.api.workspace.server.token.MachineTokenException in project devspaces-images by redhat-developer.

the class WsAgentServerLivenessProbeConfigFactory method get.

@Override
public HttpProbeConfig get(String userId, String workspaceId, Server server) throws InternalInfrastructureException {
    try {
        // add check path
        URI uri = UriBuilder.fromUri(server.getUrl()).path("/liveness").build();
        int port;
        if (uri.getPort() == -1) {
            if ("http".equals(uri.getScheme())) {
                port = 80;
            } else {
                port = 443;
            }
        } else {
            port = uri.getPort();
        }
        return new HttpProbeConfig(port, uri.getHost(), uri.getScheme(), uri.getPath(), singletonMap(HttpHeaders.AUTHORIZATION, "Bearer " + machineTokenProvider.getToken(userId, workspaceId)), successThreshold, 3, 120, 10, 10);
    } catch (MachineTokenException e) {
        throw new InternalInfrastructureException("Failed to retrieve workspace token for ws-agent server liveness probe. Error: " + e.getMessage());
    } catch (UriBuilderException e) {
        throw new InternalInfrastructureException("Wsagent server liveness probe url is invalid. Error: " + e.getMessage());
    }
}
Also used : MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException) HttpProbeConfig(org.eclipse.che.api.workspace.server.hc.probe.HttpProbeConfig) UriBuilderException(jakarta.ws.rs.core.UriBuilderException) URI(java.net.URI) InternalInfrastructureException(org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException)

Example 3 with MachineTokenException

use of org.eclipse.che.api.workspace.server.token.MachineTokenException in project che-server by eclipse-che.

the class MachineTokenRegistry method createToken.

/**
 * Creates new token with given data.
 */
private String createToken(String userId, String workspaceId) throws MachineTokenException {
    try {
        final PrivateKey privateKey = signatureKeyManager.getOrCreateKeyPair(workspaceId).getPrivate();
        final User user = userManager.getById(userId);
        final Map<String, Object> header = new HashMap<>(2);
        header.put("kind", MACHINE_TOKEN_KIND);
        header.put("kid", workspaceId);
        final Map<String, Object> claims = new HashMap<>();
        // to ensure that each token is unique
        claims.put(Claims.ID, UUID.randomUUID().toString());
        claims.put(Constants.USER_ID_CLAIM, userId);
        claims.put(Constants.USER_NAME_CLAIM, user.getName());
        claims.put(Constants.WORKSPACE_ID_CLAIM, workspaceId);
        // jwtproxy required claims
        claims.put(Claims.ISSUER, "wsmaster");
        claims.put(Claims.AUDIENCE, workspaceId);
        claims.put(Claims.EXPIRATION, Instant.now().plus(365, DAYS).getEpochSecond());
        // always
        claims.put(Claims.NOT_BEFORE, -1);
        claims.put(Claims.ISSUED_AT, Instant.now().getEpochSecond());
        final String token = Jwts.builder().setClaims(claims).setHeader(header).signWith(RS256, privateKey).compact();
        tokens.put(workspaceId, userId, token);
        return token;
    } catch (SignatureKeyManagerException | NotFoundException | ServerException ex) {
        throw new MachineTokenException(format("Failed to generate machine token for user '%s' and workspace '%s'. Cause: '%s'", userId, workspaceId, ex.getMessage()), ex);
    }
}
Also used : PrivateKey(java.security.PrivateKey) User(org.eclipse.che.api.core.model.user.User) ServerException(org.eclipse.che.api.core.ServerException) HashMap(java.util.HashMap) SignatureKeyManagerException(org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException) NotFoundException(org.eclipse.che.api.core.NotFoundException) MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException)

Example 4 with MachineTokenException

use of org.eclipse.che.api.workspace.server.token.MachineTokenException in project che-server by eclipse-che.

the class WsAgentServerLivenessProbeConfigFactory method get.

@Override
public HttpProbeConfig get(String userId, String workspaceId, Server server) throws InternalInfrastructureException {
    try {
        // add check path
        URI uri = UriBuilder.fromUri(server.getUrl()).path("/liveness").build();
        int port;
        if (uri.getPort() == -1) {
            if ("http".equals(uri.getScheme())) {
                port = 80;
            } else {
                port = 443;
            }
        } else {
            port = uri.getPort();
        }
        return new HttpProbeConfig(port, uri.getHost(), uri.getScheme(), uri.getPath(), singletonMap(HttpHeaders.AUTHORIZATION, "Bearer " + machineTokenProvider.getToken(userId, workspaceId)), successThreshold, 3, 120, 10, 10);
    } catch (MachineTokenException e) {
        throw new InternalInfrastructureException("Failed to retrieve workspace token for ws-agent server liveness probe. Error: " + e.getMessage());
    } catch (UriBuilderException e) {
        throw new InternalInfrastructureException("Wsagent server liveness probe url is invalid. Error: " + e.getMessage());
    }
}
Also used : MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException) HttpProbeConfig(org.eclipse.che.api.workspace.server.hc.probe.HttpProbeConfig) UriBuilderException(jakarta.ws.rs.core.UriBuilderException) URI(java.net.URI) InternalInfrastructureException(org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException)

Example 5 with MachineTokenException

use of org.eclipse.che.api.workspace.server.token.MachineTokenException in project devspaces-images by redhat-developer.

the class WorkspaceService method asDtoWithLinksAndToken.

private WorkspaceDto asDtoWithLinksAndToken(WorkspaceImpl workspace) throws ServerException {
    WorkspaceDto workspaceDto = asDto(workspace).withLinks(linksGenerator.genLinks(workspace, getServiceContext()));
    RuntimeDto runtimeDto = workspaceDto.getRuntime();
    if (runtimeDto != null) {
        try {
            runtimeDto.setMachineToken(machineTokenProvider.getToken(workspace.getId()));
        } catch (MachineAccessForbidden e) {
            // set runtime to null since user doesn't have the required permissions
            workspaceDto.setRuntime(null);
        } catch (MachineTokenException e) {
            throw new ServerException(e.getMessage(), e);
        }
    }
    return workspaceDto;
}
Also used : ServerException(org.eclipse.che.api.core.ServerException) WorkspaceDto(org.eclipse.che.api.workspace.shared.dto.WorkspaceDto) MachineTokenException(org.eclipse.che.api.workspace.server.token.MachineTokenException) RuntimeDto(org.eclipse.che.api.workspace.shared.dto.RuntimeDto) MachineAccessForbidden(org.eclipse.che.api.workspace.server.token.MachineAccessForbidden)

Aggregations

MachineTokenException (org.eclipse.che.api.workspace.server.token.MachineTokenException)6 ServerException (org.eclipse.che.api.core.ServerException)4 UriBuilderException (jakarta.ws.rs.core.UriBuilderException)2 URI (java.net.URI)2 PrivateKey (java.security.PrivateKey)2 HashMap (java.util.HashMap)2 NotFoundException (org.eclipse.che.api.core.NotFoundException)2 User (org.eclipse.che.api.core.model.user.User)2 HttpProbeConfig (org.eclipse.che.api.workspace.server.hc.probe.HttpProbeConfig)2 InternalInfrastructureException (org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException)2 MachineAccessForbidden (org.eclipse.che.api.workspace.server.token.MachineAccessForbidden)2 RuntimeDto (org.eclipse.che.api.workspace.shared.dto.RuntimeDto)2 WorkspaceDto (org.eclipse.che.api.workspace.shared.dto.WorkspaceDto)2 SignatureKeyManagerException (org.eclipse.che.multiuser.machine.authentication.server.signature.SignatureKeyManagerException)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial