Commit a1ecc2fc authored by Spiros Koulouzis's avatar Spiros Koulouzis

EGI works

parent 6d11914e
...@@ -210,7 +210,7 @@ ...@@ -210,7 +210,7 @@
"property2" : "..." "property2" : "..."
}, },
"key" : "...", "key" : "...",
"type" : "PUBLIC" "type" : "PRIVATE"
}, },
"keyPairId" : "...", "keyPairId" : "...",
"timestamp" : 12345, "timestamp" : 12345,
......
...@@ -202,7 +202,7 @@ Accept: application/json ...@@ -202,7 +202,7 @@ Accept: application/json
"property2" : "..." "property2" : "..."
}, },
"key" : "...", "key" : "...",
"type" : "PUBLIC" "type" : "PRIVATE"
}, },
"privateKey" : { "privateKey" : {
"name" : "...", "name" : "...",
...@@ -496,7 +496,7 @@ Content-Type: application/json ...@@ -496,7 +496,7 @@ Content-Type: application/json
"property2" : "..." "property2" : "..."
}, },
"key" : "...", "key" : "...",
"type" : "PUBLIC" "type" : "PRIVATE"
}, },
"privateKey" : { "privateKey" : {
"name" : "...", "name" : "...",
...@@ -505,7 +505,7 @@ Content-Type: application/json ...@@ -505,7 +505,7 @@ Content-Type: application/json
"property2" : "..." "property2" : "..."
}, },
"key" : "...", "key" : "...",
"type" : "PUBLIC" "type" : "PRIVATE"
}, },
"keyPairId" : "...", "keyPairId" : "...",
"timestamp" : 12345, "timestamp" : 12345,
...@@ -743,7 +743,7 @@ Content-Type: application/json ...@@ -743,7 +743,7 @@ Content-Type: application/json
"property2" : "..." "property2" : "..."
}, },
"key" : "...", "key" : "...",
"type" : "PRIVATE" "type" : "PUBLIC"
}, },
"privateKey" : { "privateKey" : {
"name" : "...", "name" : "...",
......
...@@ -38,6 +38,7 @@ import nl.uva.sne.drip.drip.commons.data.internal.MessageParameter; ...@@ -38,6 +38,7 @@ import nl.uva.sne.drip.drip.commons.data.internal.MessageParameter;
import nl.uva.sne.drip.drip.commons.data.v1.external.CloudCredentials; import nl.uva.sne.drip.drip.commons.data.v1.external.CloudCredentials;
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream; import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream; import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
import org.apache.commons.io.FilenameUtils;
import org.globus.gsi.X509Credential; import org.globus.gsi.X509Credential;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl; import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.myproxy.MyProxy; import org.globus.myproxy.MyProxy;
...@@ -149,14 +150,17 @@ public class MessageParsing { ...@@ -149,14 +150,17 @@ public class MessageParsing {
List<Credential> credentials = new ArrayList<>(); List<Credential> credentials = new ArrayList<>();
for (int i = 0; i < parameters.length(); i++) { for (int i = 0; i < parameters.length(); i++) {
JSONObject param = (JSONObject) parameters.get(i); JSONObject param = (JSONObject) parameters.get(i);
String name = (String) param.get("name");
if (name.equals("cloud_credential")) {
Credential credential = null;
ObjectMapper mapper = new ObjectMapper(); ObjectMapper mapper = new ObjectMapper();
mapper.configure(JsonParser.Feature.ALLOW_SINGLE_QUOTES, true); mapper.configure(JsonParser.Feature.ALLOW_SINGLE_QUOTES, true);
String credentialString = (String) param.get("value"); MessageParameter messageParam = mapper.readValue(param.toString(), MessageParameter.class);
credentialString = credentialString.substring(1, credentialString.length() - 1); String name = messageParam.getName();
CloudCredentials cred = mapper.readValue(credentialString, CloudCredentials.class); String value = messageParam.getValue();
if (name.equals("cloud_credential")) {
Credential credential = null;
value = value.substring(1, value.length() - 1);
CloudCredentials cred = mapper.readValue(value, CloudCredentials.class);
if (cred.getCloudProviderName().toLowerCase().equals("ec2")) { if (cred.getCloudProviderName().toLowerCase().equals("ec2")) {
EC2Credential ec2 = new EC2Credential(); EC2Credential ec2 = new EC2Credential();
ec2.accessKey = cred.getAccessKeyId(); ec2.accessKey = cred.getAccessKeyId();
...@@ -165,16 +169,29 @@ public class MessageParsing { ...@@ -165,16 +169,29 @@ public class MessageParsing {
} }
if (cred.getCloudProviderName().toLowerCase().equals("egi")) { if (cred.getCloudProviderName().toLowerCase().equals("egi")) {
EGICredential egi = new EGICredential(); EGICredential egi = new EGICredential();
if (PropertyValues.MY_PROXY_ENDPOINT != null || PropertyValues.MY_PROXY_ENDPOINT.length() > 2) { Map<String, Object> att = cred.getAttributes();
egi.proxyFilePath = generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.MY_PROXY); String trustedCertificatesURL = null;
if (att != null && att.containsKey("trustedCertificatesURL")) {
trustedCertificatesURL = (String) att.get("trustedCertificatesURL");
}
// if (trustedCertificatesURL != null) {
// downloadCACertificates(new URL(trustedCertificatesURL));
// } else {
// downloadCACertificates(PropertyValues.CA_BUNDLE_URL);
// }
String myProxyEndpoint = null;
if (att != null && att.containsKey("myProxyEndpoint")) {
myProxyEndpoint = (String) att.get("myProxyEndpoint");
}
if (myProxyEndpoint == null && PropertyValues.MY_PROXY_ENDPOINT != null) {
myProxyEndpoint = PropertyValues.MY_PROXY_ENDPOINT;
}
if (myProxyEndpoint != null) {
egi.proxyFilePath = "/tmp/x509up_u0";//generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.MY_PROXY);
} else { } else {
egi.proxyFilePath = generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.CERTIFICATE); egi.proxyFilePath = generateProxy(cred.getAccessKeyId(), cred.getSecretKey(), SOURCE.CERTIFICATE);
} }
// else if (){
//
// }
//
downloadCACertificates();
egi.trustedCertPath = PropertyValues.TRUSTED_CERTIFICATE_FOLDER; egi.trustedCertPath = PropertyValues.TRUSTED_CERTIFICATE_FOLDER;
credential = egi; credential = egi;
} }
...@@ -202,7 +219,9 @@ public class MessageParsing { ...@@ -202,7 +219,9 @@ public class MessageParsing {
private static String generateProxy(String accessKeyId, String secretKey, SOURCE source) throws MyProxyException, IOException, CertificateEncodingException { private static String generateProxy(String accessKeyId, String secretKey, SOURCE source) throws MyProxyException, IOException, CertificateEncodingException {
if (source.equals(SOURCE.MY_PROXY)) { if (source.equals(SOURCE.MY_PROXY)) {
MyProxy myProxy = new MyProxy(PropertyValues.MY_PROXY_ENDPOINT, 7512); MyProxy myProxy = new MyProxy(PropertyValues.MY_PROXY_ENDPOINT, 7512);
myProxy.writeTrustRoots(PropertyValues.TRUSTED_CERTIFICATE_FOLDER);
GSSCredential cert = myProxy.get(accessKeyId, secretKey, 2 * 3600); GSSCredential cert = myProxy.get(accessKeyId, secretKey, 2 * 3600);
X509Credential gCred = ((GlobusGSSCredentialImpl) cert).getX509Credential(); X509Credential gCred = ((GlobusGSSCredentialImpl) cert).getX509Credential();
gCred.save(new FileOutputStream("/tmp/x509up_u0")); gCred.save(new FileOutputStream("/tmp/x509up_u0"));
...@@ -211,14 +230,23 @@ public class MessageParsing { ...@@ -211,14 +230,23 @@ public class MessageParsing {
return "/tmp/x509up_u0"; return "/tmp/x509up_u0";
} }
private static void downloadCACertificates() throws MalformedURLException, IOException { private static void downloadCACertificates(URL url) throws MalformedURLException, IOException {
File bundle = new File(PropertyValues.CA_BUNDLE_URL.getFile());
String fileName = FilenameUtils.getBaseName(url.getFile());
File bundle = new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER + File.separator + fileName);
if (!bundle.getParentFile().exists()) {
if (!bundle.getParentFile().mkdirs()) {
throw new IOException(bundle + " could not be created");
}
}
// Path path = Paths.get(bundle.getAbsolutePath()); // Path path = Paths.get(bundle.getAbsolutePath());
// BasicFileAttributes attr = Files.readAttributes(path, BasicFileAttributes.class); // BasicFileAttributes attr = Files.readAttributes(path, BasicFileAttributes.class);
if (!bundle.exists()) { if (!bundle.exists()) {
URL website = new URL(PropertyValues.CA_BUNDLE_URL.toString()); URL website = new URL(url.toString());
ReadableByteChannel rbc = Channels.newChannel(website.openStream()); ReadableByteChannel rbc = Channels.newChannel(website.openStream());
FileOutputStream fos = new FileOutputStream(PropertyValues.CA_BUNDLE_URL.getFile());
FileOutputStream fos = new FileOutputStream(bundle);
fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE); fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE);
untar(new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER), bundle); untar(new File(PropertyValues.TRUSTED_CERTIFICATE_FOLDER), bundle);
} }
......
...@@ -295,10 +295,14 @@ public class Consumer extends DefaultConsumer { ...@@ -295,10 +295,14 @@ public class Consumer extends DefaultConsumer {
param = new MessageParameter(); param = new MessageParameter();
param.setEncoding(charset); param.setEncoding(charset);
param.setName("public_cloud_key"); param.setName("public_cloud_key");
bytes = Files.readAllBytes(Paths.get(d.getAbsolutePath() + File.separator + "name.pub")); File publicKey = new File(d.getAbsolutePath() + File.separator + "name.pub");
if (!publicKey.exists()) {
publicKey = new File(d.getAbsolutePath() + File.separator + "id_rsa.pub");
}
bytes = Files.readAllBytes(Paths.get(publicKey.getAbsolutePath()));
param.setValue(new String(bytes, charset)); param.setValue(new String(bytes, charset));
attributes = new HashMap<>(); attributes = new HashMap<>();
attributes.put("name", "name.pub"); attributes.put("name", publicKey.getName());
attributes.put("key_pair_id", d.getName()); attributes.put("key_pair_id", d.getName());
param.setAttributes(attributes); param.setAttributes(attributes);
responseParameters.add(param); responseParameters.add(param);
...@@ -347,6 +351,10 @@ public class Consumer extends DefaultConsumer { ...@@ -347,6 +351,10 @@ public class Consumer extends DefaultConsumer {
tEngine.deleteAll(tam.wholeTopology, userCredential, userDatabase); tEngine.deleteAll(tam.wholeTopology, userCredential, userDatabase);
} }
throw ex; throw ex;
} finally {
// if (tam != null) {
// tEngine.deleteAll(tam.wholeTopology, userCredential, userDatabase);
// }
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment