Examples with MultitenantConfiguration - org.platformlayer.ops.MultitenantConfiguration

Example 1 with MultitenantConfiguration

use of org.platformlayer.ops.MultitenantConfiguration in project platformlayer by platformlayer.

the class OpsContextBuilder method buildOpsContext.

public OpsContext buildOpsContext(ActiveJobExecution activeJob) throws OpsException {
    ServiceType serviceType = activeJob.getServiceType();
    ProjectAuthorization projectAuthz = activeJob.getProjectAuthorization();
    List<ProjectAuthorization> projects = Lists.newArrayList();
    // .getProject();
    ProjectAuthorization runAsProject = projectAuthz;
    projects.add(runAsProject);
    MultitenantConfiguration multitenant = opsSystem.getMultitenantConfiguration();
    if (multitenant != null) {
        ProjectAuthorization masterProject = multitenant.getMasterProject();
        if (runAsProject.getName().equals(masterProject.getName())) {
            // We're in the master project
            multitenant = null;
        } else {
            runAsProject = masterProject;
            projects.add(runAsProject);
        }
    }
    TypedPlatformLayerClient defaultClient = buildClient(runAsProject);
    FederationConfiguration federationMapConfig = FederatedPlatformLayerClient.buildFederationConfiguration(defaultClient);
    FederationMap federationMap = new FederationMap(httpStrategy, mapper, federationMapConfig);
    if (multitenant != null) {
        // .getProject();
        ProjectAuthorization localProject = projectAuthz;
        TypedPlatformLayerClient localClient = buildClient(localProject);
        FederationKey host = FederationKey.LOCAL;
        ProjectId project = localClient.getProject();
        FederationMapping mapKey = new FederationMapping(host, project);
        federationMap.addMapping(mapKey, localClient);
        for (PlatformLayerKey mappedService : multitenant.getMappedItems()) {
            FederationMap.Rule rule = new FederationMap.Rule();
            rule.mappedItems = mappedService;
            rule.targetKey = mapKey;
            federationMap.addRule(rule);
        }
    }
    ProjectId runAsProjectId = new ProjectId(runAsProject.getName());
    PlatformLayerClient platformLayerClient;
    if (federationMap.isEmpty()) {
        platformLayerClient = defaultClient;
    } else {
        federationMap.addDefault(defaultClient);
        platformLayerClient = FederatedPlatformLayerClient.build(runAsProjectId, federationMap);
    }
    ServiceConfiguration serviceConfiguration = new ServiceConfiguration(runAsProjectId, serviceType);
    ServiceAuthorization serviceAuthorization;
    try {
        serviceAuthorization = serviceAuthorizationService.findServiceAuthorization(serviceType, runAsProjectId);
        // }
        if (serviceAuthorization == null) {
            serviceAuthorization = new ServiceAuthorization();
            serviceAuthorization.serviceType = serviceConfiguration.getServiceType().getKey();
        }
    } catch (RepositoryException e) {
        throw new OpsException("Error reading from repository", e);
    }
    // OpsConfig opsConfig = OpsConfig.build(serviceAuthorization);
    // UserInfo userInfo = new SimpleUserInfo(auth, opsConfig);
    OpsContext opsContext = new OpsContext(opsSystem, activeJob, serviceConfiguration, platformLayerClient, projects);
    return opsContext;
}

Also used : TypedPlatformLayerClient(org.platformlayer.TypedPlatformLayerClient) OpsException(org.platformlayer.ops.OpsException) ProjectId(org.platformlayer.ids.ProjectId) FederationMap(org.platformlayer.federation.FederationMap) PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey) RepositoryException(org.platformlayer.RepositoryException) OpsContext(org.platformlayer.ops.OpsContext) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration) FederationKey(org.platformlayer.ids.FederationKey) ServiceAuthorization(org.platformlayer.xaas.model.ServiceAuthorization) DirectPlatformLayerClient(org.platformlayer.ops.DirectPlatformLayerClient) FederatedPlatformLayerClient(org.platformlayer.federation.FederatedPlatformLayerClient) PlatformLayerClient(org.platformlayer.PlatformLayerClient) TypedPlatformLayerClient(org.platformlayer.TypedPlatformLayerClient) FederationConfiguration(org.platformlayer.federation.model.FederationConfiguration) ServiceConfiguration(org.platformlayer.ops.ServiceConfiguration) ServiceType(org.platformlayer.ids.ServiceType) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) FederationMapping(org.platformlayer.federation.FederationMapping)

Example 2 with MultitenantConfiguration

use of org.platformlayer.ops.MultitenantConfiguration in project platformlayer by platformlayer.

the class SimpleMultitenantConfiguration method build.

public static MultitenantConfiguration build(Configuration configuration, EncryptionStore encryptionStore, AuthenticationService authenticationService, AuthenticationTokenValidator authenticationTokenValidator) throws OpsException {
    String projectKey = configuration.lookup("multitenant.project", null);
    String username = configuration.lookup("multitenant.user", null);
    String password = configuration.lookup("multitenant.password", null);
    String certAlias = configuration.lookup("multitenant.cert", null);
    CertificateAndKey certificateAndKey = null;
    if (certAlias != null) {
        certificateAndKey = encryptionStore.getCertificateAndKey(certAlias);
    }
    String message = "Invalid multitenant configuration";
    if (username == null || projectKey == null) {
        throw new OpsException(message);
    }
    AuthenticationToken authn = null;
    if (certificateAndKey != null) {
        try {
            authn = authenticationService.authenticateWithCertificate(username, certificateAndKey.getPrivateKey(), certificateAndKey.getCertificateChain());
        } catch (PlatformlayerAuthenticationClientException e) {
            throw new OpsException(message, e);
        }
    } else if (password != null) {
        log.warn("Using password authentication with multitenant");
        if (!ApplicationMode.isDevelopment()) {
            throw new IllegalStateException();
        }
        try {
            authn = authenticationService.authenticateWithPassword(username, password);
        } catch (PlatformlayerAuthenticationClientException e) {
            throw new OpsException(message, e);
        }
    }
    if (authn == null) {
        throw new OpsException(message);
    }
    ProjectAuthorization authz = authenticationTokenValidator.validateToken(authn, projectKey);
    if (authz == null) {
        throw new OpsException(message);
    }
    // {
    // try {
    // project = userRepository.findProject(user, projectKey);
    // } catch (RepositoryException e) {
    // throw new OpsException(message, e);
    // }
    // 
    // if (project == null) {
    // throw new OpsException(message);
    // }
    // }
    List<PlatformLayerKey> mappedItems = Lists.newArrayList();
    for (String key : Splitter.on(",").split(configuration.lookup("multitenant.keys", ""))) {
        String[] tokens = key.split("/");
        if (tokens.length != 2) {
            throw new IllegalStateException();
        }
        String serviceType = tokens[0];
        String itemType = tokens[1];
        mappedItems.add(PlatformLayerKey.fromServiceAndItem(serviceType, itemType));
    }
    if (mappedItems.isEmpty()) {
        throw new OpsException(message);
    }
    MultitenantConfiguration config = new SimpleMultitenantConfiguration(authz, mappedItems);
    return config;
}

Also used : OpsException(org.platformlayer.ops.OpsException) AuthenticationToken(org.platformlayer.auth.AuthenticationToken) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) PlatformlayerAuthenticationClientException(org.platformlayer.auth.PlatformlayerAuthenticationClientException) PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey) CertificateAndKey(com.fathomdb.crypto.CertificateAndKey) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration)

Example 3 with MultitenantConfiguration

use of org.platformlayer.ops.MultitenantConfiguration in project platformlayer by platformlayer.

the class OpsContextBuilder method getRunAsProjectId.

public ProjectId getRunAsProjectId(ProjectAuthorization project) throws OpsException {
    // authentication.getProject();
    ProjectAuthorization runAsProject = project;
    MultitenantConfiguration multitenant = opsSystem.getMultitenantConfiguration();
    if (multitenant != null) {
        runAsProject = multitenant.getMasterProject();
    }
    ProjectId runAsProjectId = new ProjectId(runAsProject.getName());
    return runAsProjectId;
}

Also used : ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) ProjectId(org.platformlayer.ids.ProjectId) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration)

Aggregations

ProjectAuthorization (org.platformlayer.model.ProjectAuthorization)3 MultitenantConfiguration (org.platformlayer.ops.MultitenantConfiguration)3 PlatformLayerKey (org.platformlayer.core.model.PlatformLayerKey)2 ProjectId (org.platformlayer.ids.ProjectId)2 OpsException (org.platformlayer.ops.OpsException)2 CertificateAndKey (com.fathomdb.crypto.CertificateAndKey)1 PlatformLayerClient (org.platformlayer.PlatformLayerClient)1 RepositoryException (org.platformlayer.RepositoryException)1 TypedPlatformLayerClient (org.platformlayer.TypedPlatformLayerClient)1 AuthenticationToken (org.platformlayer.auth.AuthenticationToken)1 PlatformlayerAuthenticationClientException (org.platformlayer.auth.PlatformlayerAuthenticationClientException)1 FederatedPlatformLayerClient (org.platformlayer.federation.FederatedPlatformLayerClient)1 FederationMap (org.platformlayer.federation.FederationMap)1 FederationMapping (org.platformlayer.federation.FederationMapping)1 FederationConfiguration (org.platformlayer.federation.model.FederationConfiguration)1 FederationKey (org.platformlayer.ids.FederationKey)1 ServiceType (org.platformlayer.ids.ServiceType)1 DirectPlatformLayerClient (org.platformlayer.ops.DirectPlatformLayerClient)1 OpsContext (org.platformlayer.ops.OpsContext)1 ServiceConfiguration (org.platformlayer.ops.ServiceConfiguration)1