This is an automated email from the ASF dual-hosted git repository. bhliva pushed a commit to branch feature-DLAB-2 in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
The following commit(s) were added to refs/heads/feature-DLAB-2 by this push: new f2f0cdb DLAB-2 added possibility to use admin key during ssh connection f2f0cdb is described below commit f2f0cdbb6d5a597a4d566c213c6e9a2d8e402487 Author: bhliva <bohdan_hl...@epam.com> AuthorDate: Mon May 6 14:44:02 2019 +0300 DLAB-2 added possibility to use admin key during ssh connection --- .../java/com/epam/dlab/rest/contracts/KeyAPI.java | 3 ++- .../backendapi/resources/base/KeyResource.java | 25 ++++++++++++++----- .../{ReuploadKeyService.java => KeyService.java} | 29 +++++++++++++++++++--- .../service/impl/GuacamoleServiceImpl.java | 17 ++++++++----- .../service/impl/ReuploadKeyServiceImplTest.java | 10 ++++---- 5 files changed, 63 insertions(+), 21 deletions(-) diff --git a/services/dlab-webapp-common/src/main/java/com/epam/dlab/rest/contracts/KeyAPI.java b/services/dlab-webapp-common/src/main/java/com/epam/dlab/rest/contracts/KeyAPI.java index 422d36b..4b5eba3 100644 --- a/services/dlab-webapp-common/src/main/java/com/epam/dlab/rest/contracts/KeyAPI.java +++ b/services/dlab-webapp-common/src/main/java/com/epam/dlab/rest/contracts/KeyAPI.java @@ -20,7 +20,8 @@ package com.epam.dlab.rest.contracts; public class KeyAPI { - public static final String REUPLOAD_KEY = "/reupload_key"; + public static final String REUPLOAD_KEY = "/key/reupload"; + public static final String GET_ADMIN_KEY = "/key"; public static final String KEY_EXTENTION = ".pub"; private KeyAPI() { diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/KeyResource.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/KeyResource.java index 9e8b975..fcacef0 100644 --- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/KeyResource.java +++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/resources/base/KeyResource.java @@ -23,7 +23,7 @@ package com.epam.dlab.backendapi.resources.base; import com.epam.dlab.auth.UserInfo; import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration; import com.epam.dlab.backendapi.core.commands.DockerAction; -import com.epam.dlab.backendapi.service.impl.ReuploadKeyService; +import com.epam.dlab.backendapi.service.impl.KeyService; import com.epam.dlab.dto.reuploadkey.ReuploadKeyDTO; import com.epam.dlab.rest.contracts.KeyAPI; import com.epam.dlab.util.FileUtils; @@ -39,26 +39,39 @@ import java.util.UUID; /** * Provides API for reuploading keys */ -@Path(KeyAPI.REUPLOAD_KEY) +@Path("key") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public class KeyResource { + private final KeyService keyService; + private final ProvisioningServiceApplicationConfiguration configuration; + private final String keyContent; + @Inject - private ReuploadKeyService reuploadKeyService; - @Inject - private ProvisioningServiceApplicationConfiguration configuration; + public KeyResource(KeyService keyService, ProvisioningServiceApplicationConfiguration configuration) { + this.keyService = keyService; + this.configuration = configuration; + this.keyContent = keyService.getAdminKey(); + } + + @Path("/reupload") @POST public String reuploadKey(@Auth UserInfo ui, @DefaultValue("true") @QueryParam("is_primary_reuploading") boolean isPrimaryReuploading, ReuploadKeyDTO dto) throws IOException { if (isPrimaryReuploading) { replaceKeyfile(dto); } - reuploadKeyService.reuploadKeyAction(ui.getName(), dto, DockerAction.REUPLOAD_KEY); + keyService.reuploadKeyAction(ui.getName(), dto, DockerAction.REUPLOAD_KEY); return UUID.randomUUID().toString(); } + @GET + public String getAdminKey(@Auth UserInfo userInfo) { + return keyContent; + } + private void replaceKeyfile(ReuploadKeyDTO dto) throws IOException { String edgeUserName = dto.getEdgeUserName(); String filename = UsernameUtils.replaceWhitespaces(edgeUserName) + KeyAPI.KEY_EXTENTION; diff --git a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyService.java b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java similarity index 82% rename from services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyService.java rename to services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java index e3889cb..6394564 100644 --- a/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyService.java +++ b/services/provisioning-service/src/main/java/com/epam/dlab/backendapi/service/impl/KeyService.java @@ -20,28 +20,42 @@ package com.epam.dlab.backendapi.service.impl; import com.epam.dlab.auth.SystemUserInfoService; +import com.epam.dlab.backendapi.ProvisioningServiceApplicationConfiguration; import com.epam.dlab.backendapi.core.Directories; import com.epam.dlab.backendapi.core.commands.DockerAction; import com.epam.dlab.backendapi.core.commands.DockerCommands; import com.epam.dlab.backendapi.core.commands.RunDockerCommand; import com.epam.dlab.backendapi.core.response.handlers.ReuploadKeyCallbackHandler; -import com.epam.dlab.backendapi.service.impl.DockerService; import com.epam.dlab.dto.reuploadkey.ReuploadKeyCallbackDTO; import com.epam.dlab.dto.reuploadkey.ReuploadKeyDTO; +import com.epam.dlab.exceptions.DlabException; import com.epam.dlab.model.ResourceData; import com.epam.dlab.rest.contracts.ApiCallbacks; import com.google.inject.Inject; import com.google.inject.Singleton; import lombok.extern.slf4j.Slf4j; +import java.io.IOException; + +import static java.lang.String.format; +import static java.nio.file.Files.readAllBytes; +import static java.nio.file.Paths.get; + @Slf4j @Singleton -public class ReuploadKeyService extends DockerService implements DockerCommands { +public class KeyService extends DockerService implements DockerCommands { private static final String REUPLOAD_KEY_ACTION = "reupload_key"; + private final SystemUserInfoService systemUserInfoService; + private final ProvisioningServiceApplicationConfiguration conf; + @Inject - private SystemUserInfoService systemUserInfoService; + public KeyService(SystemUserInfoService systemUserInfoService, ProvisioningServiceApplicationConfiguration conf) { + this.systemUserInfoService = systemUserInfoService; + this.conf = conf; + } + public void reuploadKeyAction(String userName, ReuploadKeyDTO dto, DockerAction action) { log.debug("{} for edge user {}", action, dto.getEdgeUserName()); @@ -57,6 +71,15 @@ public class ReuploadKeyService extends DockerService implements DockerCommands log.debug("Executed {} Docker commands", count); } + public String getAdminKey() { + try { + return new String(readAllBytes(get(format("%s/%s.pem", conf.getKeyDirectory(), conf.getAdminKey())))); + } catch (IOException e) { + log.error("Can not read admin key: {}", e.getMessage()); + throw new DlabException("Can not read admin key: " + e.getMessage(), e); + } + } + private String getUuid() { return DockerCommands.generateUUID(); } diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/GuacamoleServiceImpl.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/GuacamoleServiceImpl.java index 7292646..62721ec 100644 --- a/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/GuacamoleServiceImpl.java +++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/service/impl/GuacamoleServiceImpl.java @@ -3,7 +3,10 @@ package com.epam.dlab.backendapi.service.impl; import com.epam.dlab.auth.UserInfo; import com.epam.dlab.backendapi.SelfServiceApplicationConfiguration; import com.epam.dlab.backendapi.service.GuacamoleService; +import com.epam.dlab.constants.ServiceConsts; import com.epam.dlab.exceptions.DlabException; +import com.epam.dlab.rest.client.RESTService; +import com.epam.dlab.rest.contracts.KeyAPI; import com.google.inject.Inject; import com.google.inject.Singleton; import lombok.extern.slf4j.Slf4j; @@ -13,6 +16,7 @@ import org.apache.guacamole.net.SimpleGuacamoleTunnel; import org.apache.guacamole.protocol.ConfiguredGuacamoleSocket; import org.apache.guacamole.protocol.GuacamoleConfiguration; +import javax.inject.Named; import java.util.Map; @Slf4j @@ -23,20 +27,21 @@ public class GuacamoleServiceImpl implements GuacamoleService { private static final String HOSTNAME_PARAM = "hostname"; private static final String CONNECTION_PROTOCOL_PARAM = "connectionProtocol"; private final SelfServiceApplicationConfiguration conf; + private final RESTService provisioningService; @Inject - public GuacamoleServiceImpl(SelfServiceApplicationConfiguration conf) { + public GuacamoleServiceImpl(SelfServiceApplicationConfiguration conf, + @Named(ServiceConsts.PROVISIONING_SERVICE_NAME) RESTService provisioningService) { this.conf = conf; + this.provisioningService = provisioningService; } @Override public GuacamoleTunnel getTunnel(UserInfo userInfo, String host) { try { - final String privateKeyContent = "";// TODO figure out from which place private key should be taken - final InetGuacamoleSocket socket = new InetGuacamoleSocket(conf.getGuacamoleHost(), - conf.getGuacamolePort()); - final GuacamoleConfiguration guacamoleConfig = getGuacamoleConfig(privateKeyContent, conf.getGuacamole(), - host); + String key = provisioningService.get(KeyAPI.GET_ADMIN_KEY, userInfo.getAccessToken(), String.class); + InetGuacamoleSocket socket = new InetGuacamoleSocket(conf.getGuacamoleHost(), conf.getGuacamolePort()); + GuacamoleConfiguration guacamoleConfig = getGuacamoleConfig(key, conf.getGuacamole(), host); return new SimpleGuacamoleTunnel(new ConfiguredGuacamoleSocket(socket, guacamoleConfig)); } catch (Exception e) { log.error("Can not create guacamole tunnel due to: " + e.getMessage()); diff --git a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyServiceImplTest.java b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyServiceImplTest.java index 06dd1a5..6e4bdc1 100644 --- a/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyServiceImplTest.java +++ b/services/self-service/src/test/java/com/epam/dlab/backendapi/service/impl/ReuploadKeyServiceImplTest.java @@ -141,7 +141,7 @@ public class ReuploadKeyServiceImplTest { Arrays.asList(RUNNING, REUPLOADING_KEY), Arrays.asList(DataEngineType.SPARK_STANDALONE, DataEngineType.CLOUD_SERVICE), RUNNING); verify(requestBuilder).newKeyReupload(refEq(userInfo), anyString(), eq(keyContent), any(List.class)); - verify(provisioningService).post("/reupload_key", TOKEN, reuploadFile, String.class); + verify(provisioningService).post("/key/reupload", TOKEN, reuploadFile, String.class); verifyNoMoreInteractions(userResourceService, exploratoryService, keyDAO, exploratoryDAO, computationalDAO, requestBuilder, provisioningService); verifyZeroInteractions(requestId); @@ -184,7 +184,7 @@ public class ReuploadKeyServiceImplTest { Arrays.asList(RUNNING, REUPLOADING_KEY), Arrays.asList(DataEngineType.SPARK_STANDALONE, DataEngineType.CLOUD_SERVICE), RUNNING); verify(requestBuilder).newKeyReupload(refEq(userInfo), anyString(), eq(keyContent), any(List.class)); - verify(provisioningService).post("/reupload_key", TOKEN, reuploadFile, String.class); + verify(provisioningService).post("/key/reupload", TOKEN, reuploadFile, String.class); verifyNoMoreInteractions(userResourceService, exploratoryService, keyDAO, exploratoryDAO, computationalDAO, requestBuilder, provisioningService); verifyZeroInteractions(requestId); @@ -299,7 +299,7 @@ public class ReuploadKeyServiceImplTest { verify(keyDAO).updateEdgeStatus(USER, "reuploading key"); verify(requestBuilder).newKeyReupload(refEq(userInfo), anyString(), eq(""), any(List.class)); - verify(provisioningService).post("/reupload_key", TOKEN, reuploadFile, String.class, + verify(provisioningService).post("/key/reupload", TOKEN, reuploadFile, String.class, Collections.singletonMap("is_primary_reuploading", false)); verify(requestId).put(USER, expectedUuid); verifyNoMoreInteractions(keyDAO, requestBuilder, provisioningService, requestId); @@ -347,7 +347,7 @@ public class ReuploadKeyServiceImplTest { verify(exploratoryDAO).updateStatusForExploratory(USER, EXPLORATORY_NAME, REUPLOADING_KEY); verify(requestBuilder).newKeyReupload(refEq(userInfo), anyString(), eq(""), any(List.class)); - verify(provisioningService).post("/reupload_key", TOKEN, reuploadFile, String.class, + verify(provisioningService).post("/key/reupload", TOKEN, reuploadFile, String.class, Collections.singletonMap("is_primary_reuploading", false)); verify(requestId).put(USER, expectedUuid); verifyNoMoreInteractions(exploratoryDAO, requestBuilder, provisioningService, requestId); @@ -399,7 +399,7 @@ public class ReuploadKeyServiceImplTest { verify(computationalDAO).updateStatusForComputationalResource(USER, EXPLORATORY_NAME, "compName", REUPLOADING_KEY); verify(requestBuilder).newKeyReupload(refEq(userInfo), anyString(), eq(""), any(List.class)); - verify(provisioningService).post("/reupload_key", TOKEN, reuploadFile, String.class, + verify(provisioningService).post("/key/reupload", TOKEN, reuploadFile, String.class, Collections.singletonMap("is_primary_reuploading", false)); verify(requestId).put(USER, expectedUuid); verifyNoMoreInteractions(computationalDAO, requestBuilder, provisioningService, requestId); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@dlab.apache.org For additional commands, e-mail: commits-h...@dlab.apache.org