Commit 486005b2 authored by Spiros Koulouzis's avatar Spiros Koulouzis

Moved proxy creation and file utils

parent e08d13fd
......@@ -15,14 +15,18 @@
*/
package nl.uva.sne.drip.commons.utils;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.channels.Channels;
import java.nio.channels.ReadableByteChannel;
import java.security.cert.CertificateEncodingException;
import java.util.List;
import static nl.uva.sne.drip.commons.utils.FileUtils.untar;
import org.globus.common.CoGProperties;
import org.globus.myproxy.GetParams;
import org.globus.myproxy.MyProxyException;
......@@ -39,61 +43,63 @@ import org.ietf.jgss.GSSManager;
*/
public class AAUtils {
public static String generateProxy(String accessKeyId, String secretKey, SOURCE source) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
public enum SOURCE {
MY_PROXY,
CERTIFICATE
CERTIFICATE, PROXY_FILE
}
public static String generateProxy(String accessKeyId, String secretKey, SOURCE source, String myProxyEndpoint, List voname) throws IOException, CertificateEncodingException, GSSException, MyProxyException {
File proxy_file = null;
if (source.equals(SOURCE.MY_PROXY)) {
GetParams getRequest = new GetParams();
getRequest.setUserName(accessKeyId);
getRequest.setCredentialName(null);
getRequest.setLifetime(43200);
getRequest.setWantTrustroots(false);
getRequest.setPassphrase(secretKey);
getRequest.setVoname(voname);
GSSManager manager = ExtendedGSSManager.getInstance();
GSSCredential credential = manager.createCredential(GSSCredential.INITIATE_ONLY);
org.globus.myproxy.MyProxy myProxy = new org.globus.myproxy.MyProxy(myProxyEndpoint, 7512);
GSSCredential newCred = myProxy.get(credential, getRequest);
CoGProperties properties = CoGProperties.getDefault();
String outputFile = properties.getProxyFile();
proxy_file = new File(outputFile);
String path = proxy_file.getPath();
try (FileOutputStream out = new FileOutputStream(path);) {
// set read only permissions
Util.setOwnerAccessOnly(path);
byte[] data
= ((ExtendedGSSCredential) newCred).export(ExtendedGSSCredential.IMPEXP_OPAQUE);
out.write(data);
}
} else if (source.equals(SOURCE.CERTIFICATE)) {
switch (source) {
case MY_PROXY:
GetParams getRequest = new GetParams();
getRequest.setUserName(accessKeyId);
getRequest.setCredentialName(null);
getRequest.setLifetime(43200);
getRequest.setWantTrustroots(false);
getRequest.setPassphrase(secretKey);
getRequest.setVoname(voname);
GSSManager manager = ExtendedGSSManager.getInstance();
GSSCredential credential = manager.createCredential(GSSCredential.INITIATE_ONLY);
org.globus.myproxy.MyProxy myProxy = new org.globus.myproxy.MyProxy(myProxyEndpoint, 7512);
GSSCredential newCred = myProxy.get(credential, getRequest);
CoGProperties properties = CoGProperties.getDefault();
String outputFile = properties.getProxyFile();
proxy_file = new File(outputFile);
String path = proxy_file.getPath();
try (FileOutputStream out = new FileOutputStream(path);) {
Util.setOwnerAccessOnly(path);
byte[] data
= ((ExtendedGSSCredential) newCred).export(ExtendedGSSCredential.IMPEXP_OPAQUE);
out.write(data);
} break;
case PROXY_FILE:
break;
case CERTIFICATE:
break;
default:
break;
}
return proxy_file.getAbsolutePath();
}
public static void pipeStream(InputStream input, OutputStream output)
throws IOException {
byte buffer[] = new byte[1024];
int numRead;
public static void downloadCACertificates(URL url, String folder) throws MalformedURLException, IOException {
String[] parts = url.getFile().split("/");
String fileName = parts[parts.length - 1];
File bundle = new File(folder + File.separator + fileName);
if (!bundle.getParentFile().exists()) {
if (!bundle.getParentFile().mkdirs()) {
throw new IOException(bundle + " could not be created");
}
}
do {
numRead = input.read(buffer);
output.write(buffer, 0, numRead);
} while (input.available() > 0);
if (!bundle.exists()) {
URL website = new URL(url.toString());
ReadableByteChannel rbc = Channels.newChannel(website.openStream());
output.flush();
FileOutputStream fos = new FileOutputStream(bundle);
fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
untar(new File(folder), bundle);
}
}
}
......@@ -15,9 +15,12 @@
*/
package nl.uva.sne.drip.commons.utils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
......@@ -25,7 +28,7 @@ import java.security.NoSuchAlgorithmException;
*
* @author S. Koulouzis
*/
public class FileHash {
public class FileUtils {
/**
* Code from: http://www.mkyong.com/java/java-sha-hashing-example/
......@@ -53,4 +56,63 @@ public class FileHash {
}
return sb.toString();
}
public static void untar(File dest, File tarFile) throws IOException {
Process p = Runtime.getRuntime().exec(" tar -xzvf " + tarFile.getAbsolutePath() + " -C " + dest.getAbsolutePath());
BufferedReader stdError = new BufferedReader(new InputStreamReader(p.getErrorStream()));
String s = null;
StringBuilder error = new StringBuilder();
while ((s = stdError.readLine()) != null) {
error.append(s);
}
if (s != null) {
throw new IOException(error.toString());
}
// dest.mkdir();
// TarArchiveInputStream tarIn;
//
// tarIn = new TarArchiveInputStream(
// new GzipCompressorInputStream(
// new BufferedInputStream(
// new FileInputStream(
// tarFile
// )
// )
// )
// );
//
// org.apache.commons.compress.archivers.tar.TarArchiveEntry tarEntry = tarIn.getNextTarEntry();
//
// while (tarEntry != null) {
// File destPath = new File(dest, tarEntry.getName());
// if (tarEntry.isDirectory()) {
// destPath.mkdirs();
// } else {
// destPath.createNewFile();
// byte[] btoRead = new byte[1024];
// try (BufferedOutputStream bout = new BufferedOutputStream(new FileOutputStream(destPath))) {
// int len;
//
// while ((len = tarIn.read(btoRead)) != -1) {
// bout.write(btoRead, 0, len);
// }
// }
//// Set<PosixFilePermission> perms = new HashSet<>();
//// perms.add(PosixFilePermission.OWNER_READ);
//// perms.add(PosixFilePermission.OWNER_WRITE);
//// perms.add(PosixFilePermission.OWNER_EXECUTE);
////
//// perms.add(PosixFilePermission.GROUP_READ);
//// perms.add(PosixFilePermission.GROUP_WRITE);
//// perms.add(PosixFilePermission.GROUP_EXECUTE);
////
//// perms.add(PosixFilePermission.OTHERS_READ);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// Files.setPosixFilePermissions(Paths.get(destPath.getAbsolutePath()), perms);
// }
// tarEntry = tarIn.getNextTarEntry();
// }
// tarIn.close();
}
}
......@@ -36,6 +36,7 @@ import java.util.List;
import java.util.Map;
import nl.uva.sne.drip.commons.utils.AAUtils;
import nl.uva.sne.drip.commons.utils.AAUtils.SOURCE;
import static nl.uva.sne.drip.commons.utils.AAUtils.downloadCACertificates;
import nl.uva.sne.drip.drip.commons.data.internal.MessageParameter;
import nl.uva.sne.drip.drip.commons.data.v1.external.CloudCredentials;
import org.globus.myproxy.MyProxyException;
......@@ -166,9 +167,9 @@ public class MessageParsing {
trustedCertificatesURL = (String) att.get("trustedCertificatesURL");
}
if (trustedCertificatesURL != null) {
downloadCACertificates(new URL(trustedCertificatesURL));
downloadCACertificates(new URL(trustedCertificatesURL), PropertyValues.TRUSTED_CERTIFICATE_FOLDER);
} else {
downloadCACertificates(PropertyValues.CA_BUNDLE_URL);
downloadCACertificates(PropertyValues.CA_BUNDLE_URL, PropertyValues.TRUSTED_CERTIFICATE_FOLDER);
}
String myProxyEndpoint = null;
if (att != null && att.containsKey("myProxyEndpoint")) {
......@@ -182,7 +183,7 @@ public class MessageParsing {
List voNames = (List) Arrays.asList(myVOs);
egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.MY_PROXY, myProxyEndpoint, voNames);
} else {
egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.CERTIFICATE);
egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.PROXY_FILE, myProxyEndpoint, null);
}
egi.trustedCertPath = PropertyValues.TRUSTED_CERTIFICATE_FOLDER;
credential = egi;
......@@ -209,83 +210,4 @@ public class MessageParsing {
return credentials;
}
private static void downloadCACertificates(URL url) throws MalformedURLException, IOException {
String[] parts = url.getFile().split("/");
String fileName = parts[parts.length - 1];
File bundle = new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER + File.separator + fileName);
if (!bundle.getParentFile().exists()) {
if (!bundle.getParentFile().mkdirs()) {
throw new IOException(bundle + " could not be created");
}
}
if (!bundle.exists()) {
URL website = new URL(url.toString());
ReadableByteChannel rbc = Channels.newChannel(website.openStream());
FileOutputStream fos = new FileOutputStream(bundle);
fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
untar(new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER), bundle);
}
}
private static void untar(File dest, File tarFile) throws IOException {
Process p = Runtime.getRuntime().exec(" tar -xzvf " + tarFile.getAbsolutePath() + " -C " + dest.getAbsolutePath());
BufferedReader stdError = new BufferedReader(new InputStreamReader(p.getErrorStream()));
String s = null;
StringBuilder error = new StringBuilder();
while ((s = stdError.readLine()) != null) {
error.append(s);
}
if (s != null) {
throw new IOException(error.toString());
}
// dest.mkdir();
// TarArchiveInputStream tarIn;
//
// tarIn = new TarArchiveInputStream(
// new GzipCompressorInputStream(
// new BufferedInputStream(
// new FileInputStream(
// tarFile
// )
// )
// )
// );
//
// org.apache.commons.compress.archivers.tar.TarArchiveEntry tarEntry = tarIn.getNextTarEntry();
//
// while (tarEntry != null) {
// File destPath = new File(dest, tarEntry.getName());
// if (tarEntry.isDirectory()) {
// destPath.mkdirs();
// } else {
// destPath.createNewFile();
// byte[] btoRead = new byte[1024];
// try (BufferedOutputStream bout = new BufferedOutputStream(new FileOutputStream(destPath))) {
// int len;
//
// while ((len = tarIn.read(btoRead)) != -1) {
// bout.write(btoRead, 0, len);
// }
// }
//// Set<PosixFilePermission> perms = new HashSet<>();
//// perms.add(PosixFilePermission.OWNER_READ);
//// perms.add(PosixFilePermission.OWNER_WRITE);
//// perms.add(PosixFilePermission.OWNER_EXECUTE);
////
//// perms.add(PosixFilePermission.GROUP_READ);
//// perms.add(PosixFilePermission.GROUP_WRITE);
//// perms.add(PosixFilePermission.GROUP_EXECUTE);
////
//// perms.add(PosixFilePermission.OTHERS_READ);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// Files.setPosixFilePermissions(Paths.get(destPath.getAbsolutePath()), perms);
// }
// tarEntry = tarIn.getNextTarEntry();
// }
// tarIn.close();
}
}
<?xml version="1.0" encoding="UTF-8"?>
<project-private xmlns="http://www.netbeans.org/ns/project-private/1">
<editor-bookmarks xmlns="http://www.netbeans.org/ns/editor-bookmarks/2" lastBookmarkId="0"/>
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/2">
<group/>
</open-files>
</project-private>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment