Commit 486005b2 authored by Spiros Koulouzis's avatar Spiros Koulouzis

Moved proxy creation and file utils

parent e08d13fd
...@@ -15,14 +15,18 @@ ...@@ -15,14 +15,18 @@
*/ */
package nl.uva.sne.drip.commons.utils; package nl.uva.sne.drip.commons.utils;
import java.io.ByteArrayInputStream;
import java.io.File; import java.io.File;
import java.io.FileOutputStream; import java.io.FileOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.channels.Channels;
import java.nio.channels.ReadableByteChannel;
import java.security.cert.CertificateEncodingException; import java.security.cert.CertificateEncodingException;
import java.util.List; import java.util.List;
import static nl.uva.sne.drip.commons.utils.FileUtils.untar;
import org.globus.common.CoGProperties; import org.globus.common.CoGProperties;
import org.globus.myproxy.GetParams; import org.globus.myproxy.GetParams;
import org.globus.myproxy.MyProxyException; import org.globus.myproxy.MyProxyException;
...@@ -39,18 +43,15 @@ import org.ietf.jgss.GSSManager; ...@@ -39,18 +43,15 @@ import org.ietf.jgss.GSSManager;
*/ */
public class AAUtils { public class AAUtils {
public static String generateProxy(String accessKeyId, String secretKey, SOURCE source) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}
public enum SOURCE { public enum SOURCE {
MY_PROXY, MY_PROXY,
CERTIFICATE CERTIFICATE, PROXY_FILE
} }
public static String generateProxy(String accessKeyId, String secretKey, SOURCE source, String myProxyEndpoint, List voname) throws IOException, CertificateEncodingException, GSSException, MyProxyException { public static String generateProxy(String accessKeyId, String secretKey, SOURCE source, String myProxyEndpoint, List voname) throws IOException, CertificateEncodingException, GSSException, MyProxyException {
File proxy_file = null; File proxy_file = null;
if (source.equals(SOURCE.MY_PROXY)) { switch (source) {
case MY_PROXY:
GetParams getRequest = new GetParams(); GetParams getRequest = new GetParams();
getRequest.setUserName(accessKeyId); getRequest.setUserName(accessKeyId);
getRequest.setCredentialName(null); getRequest.setCredentialName(null);
...@@ -58,42 +59,47 @@ public class AAUtils { ...@@ -58,42 +59,47 @@ public class AAUtils {
getRequest.setWantTrustroots(false); getRequest.setWantTrustroots(false);
getRequest.setPassphrase(secretKey); getRequest.setPassphrase(secretKey);
getRequest.setVoname(voname); getRequest.setVoname(voname);
GSSManager manager = ExtendedGSSManager.getInstance(); GSSManager manager = ExtendedGSSManager.getInstance();
GSSCredential credential = manager.createCredential(GSSCredential.INITIATE_ONLY); GSSCredential credential = manager.createCredential(GSSCredential.INITIATE_ONLY);
org.globus.myproxy.MyProxy myProxy = new org.globus.myproxy.MyProxy(myProxyEndpoint, 7512); org.globus.myproxy.MyProxy myProxy = new org.globus.myproxy.MyProxy(myProxyEndpoint, 7512);
GSSCredential newCred = myProxy.get(credential, getRequest); GSSCredential newCred = myProxy.get(credential, getRequest);
CoGProperties properties = CoGProperties.getDefault(); CoGProperties properties = CoGProperties.getDefault();
String outputFile = properties.getProxyFile(); String outputFile = properties.getProxyFile();
proxy_file = new File(outputFile); proxy_file = new File(outputFile);
String path = proxy_file.getPath(); String path = proxy_file.getPath();
try (FileOutputStream out = new FileOutputStream(path);) { try (FileOutputStream out = new FileOutputStream(path);) {
// set read only permissions
Util.setOwnerAccessOnly(path); Util.setOwnerAccessOnly(path);
byte[] data byte[] data
= ((ExtendedGSSCredential) newCred).export(ExtendedGSSCredential.IMPEXP_OPAQUE); = ((ExtendedGSSCredential) newCred).export(ExtendedGSSCredential.IMPEXP_OPAQUE);
out.write(data); out.write(data);
} } break;
} else if (source.equals(SOURCE.CERTIFICATE)) { case PROXY_FILE:
break;
case CERTIFICATE:
break;
default:
break;
} }
return proxy_file.getAbsolutePath(); return proxy_file.getAbsolutePath();
} }
public static void pipeStream(InputStream input, OutputStream output) public static void downloadCACertificates(URL url, String folder) throws MalformedURLException, IOException {
throws IOException { String[] parts = url.getFile().split("/");
byte buffer[] = new byte[1024]; String fileName = parts[parts.length - 1];
int numRead; File bundle = new File(folder + File.separator + fileName);
if (!bundle.getParentFile().exists()) {
if (!bundle.getParentFile().mkdirs()) {
throw new IOException(bundle + " could not be created");
}
}
do { if (!bundle.exists()) {
numRead = input.read(buffer); URL website = new URL(url.toString());
output.write(buffer, 0, numRead); ReadableByteChannel rbc = Channels.newChannel(website.openStream());
} while (input.available() > 0);
output.flush(); FileOutputStream fos = new FileOutputStream(bundle);
fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
untar(new File(folder), bundle);
}
} }
} }
...@@ -15,9 +15,12 @@ ...@@ -15,9 +15,12 @@
*/ */
package nl.uva.sne.drip.commons.utils; package nl.uva.sne.drip.commons.utils;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
import java.io.IOException; import java.io.IOException;
import java.io.InputStreamReader;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
...@@ -25,7 +28,7 @@ import java.security.NoSuchAlgorithmException; ...@@ -25,7 +28,7 @@ import java.security.NoSuchAlgorithmException;
* *
* @author S. Koulouzis * @author S. Koulouzis
*/ */
public class FileHash { public class FileUtils {
/** /**
* Code from: http://www.mkyong.com/java/java-sha-hashing-example/ * Code from: http://www.mkyong.com/java/java-sha-hashing-example/
...@@ -53,4 +56,63 @@ public class FileHash { ...@@ -53,4 +56,63 @@ public class FileHash {
} }
return sb.toString(); return sb.toString();
} }
public static void untar(File dest, File tarFile) throws IOException {
Process p = Runtime.getRuntime().exec(" tar -xzvf " + tarFile.getAbsolutePath() + " -C " + dest.getAbsolutePath());
BufferedReader stdError = new BufferedReader(new InputStreamReader(p.getErrorStream()));
String s = null;
StringBuilder error = new StringBuilder();
while ((s = stdError.readLine()) != null) {
error.append(s);
}
if (s != null) {
throw new IOException(error.toString());
}
// dest.mkdir();
// TarArchiveInputStream tarIn;
//
// tarIn = new TarArchiveInputStream(
// new GzipCompressorInputStream(
// new BufferedInputStream(
// new FileInputStream(
// tarFile
// )
// )
// )
// );
//
// org.apache.commons.compress.archivers.tar.TarArchiveEntry tarEntry = tarIn.getNextTarEntry();
//
// while (tarEntry != null) {
// File destPath = new File(dest, tarEntry.getName());
// if (tarEntry.isDirectory()) {
// destPath.mkdirs();
// } else {
// destPath.createNewFile();
// byte[] btoRead = new byte[1024];
// try (BufferedOutputStream bout = new BufferedOutputStream(new FileOutputStream(destPath))) {
// int len;
//
// while ((len = tarIn.read(btoRead)) != -1) {
// bout.write(btoRead, 0, len);
// }
// }
//// Set<PosixFilePermission> perms = new HashSet<>();
//// perms.add(PosixFilePermission.OWNER_READ);
//// perms.add(PosixFilePermission.OWNER_WRITE);
//// perms.add(PosixFilePermission.OWNER_EXECUTE);
////
//// perms.add(PosixFilePermission.GROUP_READ);
//// perms.add(PosixFilePermission.GROUP_WRITE);
//// perms.add(PosixFilePermission.GROUP_EXECUTE);
////
//// perms.add(PosixFilePermission.OTHERS_READ);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// Files.setPosixFilePermissions(Paths.get(destPath.getAbsolutePath()), perms);
// }
// tarEntry = tarIn.getNextTarEntry();
// }
// tarIn.close();
}
} }
...@@ -36,6 +36,7 @@ import java.util.List; ...@@ -36,6 +36,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import nl.uva.sne.drip.commons.utils.AAUtils; import nl.uva.sne.drip.commons.utils.AAUtils;
import nl.uva.sne.drip.commons.utils.AAUtils.SOURCE; import nl.uva.sne.drip.commons.utils.AAUtils.SOURCE;
import static nl.uva.sne.drip.commons.utils.AAUtils.downloadCACertificates;
import nl.uva.sne.drip.drip.commons.data.internal.MessageParameter; import nl.uva.sne.drip.drip.commons.data.internal.MessageParameter;
import nl.uva.sne.drip.drip.commons.data.v1.external.CloudCredentials; import nl.uva.sne.drip.drip.commons.data.v1.external.CloudCredentials;
import org.globus.myproxy.MyProxyException; import org.globus.myproxy.MyProxyException;
...@@ -166,9 +167,9 @@ public class MessageParsing { ...@@ -166,9 +167,9 @@ public class MessageParsing {
trustedCertificatesURL = (String) att.get("trustedCertificatesURL"); trustedCertificatesURL = (String) att.get("trustedCertificatesURL");
} }
if (trustedCertificatesURL != null) { if (trustedCertificatesURL != null) {
downloadCACertificates(new URL(trustedCertificatesURL)); downloadCACertificates(new URL(trustedCertificatesURL), PropertyValues.TRUSTED_CERTIFICATE_FOLDER);
} else { } else {
downloadCACertificates(PropertyValues.CA_BUNDLE_URL); downloadCACertificates(PropertyValues.CA_BUNDLE_URL, PropertyValues.TRUSTED_CERTIFICATE_FOLDER);
} }
String myProxyEndpoint = null; String myProxyEndpoint = null;
if (att != null && att.containsKey("myProxyEndpoint")) { if (att != null && att.containsKey("myProxyEndpoint")) {
...@@ -182,7 +183,7 @@ public class MessageParsing { ...@@ -182,7 +183,7 @@ public class MessageParsing {
List voNames = (List) Arrays.asList(myVOs); List voNames = (List) Arrays.asList(myVOs);
egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.MY_PROXY, myProxyEndpoint, voNames); egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.MY_PROXY, myProxyEndpoint, voNames);
} else { } else {
egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.CERTIFICATE); egi.proxyFilePath = AAUtils.generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.PROXY_FILE, myProxyEndpoint, null);
} }
egi.trustedCertPath = PropertyValues.TRUSTED_CERTIFICATE_FOLDER; egi.trustedCertPath = PropertyValues.TRUSTED_CERTIFICATE_FOLDER;
credential = egi; credential = egi;
...@@ -209,83 +210,4 @@ public class MessageParsing { ...@@ -209,83 +210,4 @@ public class MessageParsing {
return credentials; return credentials;
} }
private static void downloadCACertificates(URL url) throws MalformedURLException, IOException {
String[] parts = url.getFile().split("/");
String fileName = parts[parts.length - 1];
File bundle = new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER + File.separator + fileName);
if (!bundle.getParentFile().exists()) {
if (!bundle.getParentFile().mkdirs()) {
throw new IOException(bundle + " could not be created");
}
}
if (!bundle.exists()) {
URL website = new URL(url.toString());
ReadableByteChannel rbc = Channels.newChannel(website.openStream());
FileOutputStream fos = new FileOutputStream(bundle);
fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
untar(new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER), bundle);
}
}
private static void untar(File dest, File tarFile) throws IOException {
Process p = Runtime.getRuntime().exec(" tar -xzvf " + tarFile.getAbsolutePath() + " -C " + dest.getAbsolutePath());
BufferedReader stdError = new BufferedReader(new InputStreamReader(p.getErrorStream()));
String s = null;
StringBuilder error = new StringBuilder();
while ((s = stdError.readLine()) != null) {
error.append(s);
}
if (s != null) {
throw new IOException(error.toString());
}
// dest.mkdir();
// TarArchiveInputStream tarIn;
//
// tarIn = new TarArchiveInputStream(
// new GzipCompressorInputStream(
// new BufferedInputStream(
// new FileInputStream(
// tarFile
// )
// )
// )
// );
//
// org.apache.commons.compress.archivers.tar.TarArchiveEntry tarEntry = tarIn.getNextTarEntry();
//
// while (tarEntry != null) {
// File destPath = new File(dest, tarEntry.getName());
// if (tarEntry.isDirectory()) {
// destPath.mkdirs();
// } else {
// destPath.createNewFile();
// byte[] btoRead = new byte[1024];
// try (BufferedOutputStream bout = new BufferedOutputStream(new FileOutputStream(destPath))) {
// int len;
//
// while ((len = tarIn.read(btoRead)) != -1) {
// bout.write(btoRead, 0, len);
// }
// }
//// Set<PosixFilePermission> perms = new HashSet<>();
//// perms.add(PosixFilePermission.OWNER_READ);
//// perms.add(PosixFilePermission.OWNER_WRITE);
//// perms.add(PosixFilePermission.OWNER_EXECUTE);
////
//// perms.add(PosixFilePermission.GROUP_READ);
//// perms.add(PosixFilePermission.GROUP_WRITE);
//// perms.add(PosixFilePermission.GROUP_EXECUTE);
////
//// perms.add(PosixFilePermission.OTHERS_READ);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// perms.add(PosixFilePermission.OTHERS_EXECUTE);
//// Files.setPosixFilePermissions(Paths.get(destPath.getAbsolutePath()), perms);
// }
// tarEntry = tarIn.getNextTarEntry();
// }
// tarIn.close();
}
} }
<?xml version="1.0" encoding="UTF-8"?>
<project-private xmlns="http://www.netbeans.org/ns/project-private/1">
<editor-bookmarks xmlns="http://www.netbeans.org/ns/editor-bookmarks/2" lastBookmarkId="0"/>
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/2">
<group/>
</open-files>
</project-private>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment