Commit 7d78c15f authored by Jeff Burke's avatar Jeff Burke
Browse files

s1849: updated clients to use the new RegistryClient.

parent 2880f318
......@@ -117,7 +117,7 @@
<target name="setup-test">
<copy overwrite="true"
file="${env.CADC_PREFIX}/etc/LocalAuthority.properties"
file="${env.A}/etc/LocalAuthority.properties"
tofile="${build}/class/LocalAuthority.properties"/>
</target>
......
......@@ -90,6 +90,7 @@ import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import javax.security.auth.Subject;
import ca.nrc.cadc.reg.Standards;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.Group;
......@@ -124,50 +125,24 @@ public class GMSClient implements TransferListener
{
private static final Logger log = Logger.getLogger(GMSClient.class);
private static final String GROUPS = "groups";
private static final String SEARCH = "search";
// socket factory to use when connecting
private SSLSocketFactory sslSocketFactory;
private SSLSocketFactory mySocketFactory;
private RegistryClient registryClient;
private URI gmsServiceURI;
private URI groupsURI;
private URI searchURI;
public GMSClient(URI serviceURI)
{
this(serviceURI, new RegistryClient());
}
private URI serviceID;
/**
* Slightly more complete constructor. Tests can override the
* RegistryClient.
* Constructor.
*
* @param serviceURI The service URI.
* @param registryClient The Registry Client.
* @param serviceID The service ID.
*/
public GMSClient(URI serviceURI, RegistryClient registryClient)
public GMSClient(URI serviceID)
{
if (serviceURI == null)
throw new IllegalArgumentException("invalid serviceURI: " + serviceURI);
if (serviceURI.getFragment() != null)
throw new IllegalArgumentException("invalid serviceURI (fragment not allowed): " + serviceURI);
this.registryClient = registryClient;
try
{
this.gmsServiceURI = serviceURI;
this.groupsURI = new URI(serviceURI.toASCIIString() + "#" + GROUPS);
this.searchURI = new URI(serviceURI.toASCIIString() + "#" + SEARCH);
}
catch(URISyntaxException ex)
{
throw new RuntimeException("BUG: failed to create standardID from serviceURI + fragment", ex);
}
if (serviceID == null)
throw new IllegalArgumentException("invalid serviceID: " + serviceID);
if (serviceID.getFragment() != null)
throw new IllegalArgumentException("invalid serviceID (fragment not allowed): " + serviceID);
this.serviceID = serviceID;
}
public void transferEvent(TransferEvent te)
......@@ -192,7 +167,6 @@ public class GMSClient implements TransferListener
throw new UnsupportedOperationException("Not yet implemented");
}
/**
* Create a new group.
*
......@@ -208,7 +182,8 @@ public class GMSClient implements TransferListener
throws GroupAlreadyExistsException, AccessControlException,
UserNotFoundException, WriterException, IOException
{
URL createGroupURL = registryClient.getServiceURL(groupsURI, "https", "", AuthMethod.CERT);
URL createGroupURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
log.debug("createGroupURL request to " + createGroupURL.toString());
// reset the state of the cache
......@@ -279,12 +254,13 @@ public class GMSClient implements TransferListener
public Group getGroup(String groupName)
throws GroupNotFoundException, AccessControlException, IOException
{
URL getGroupURL = registryClient.getServiceURL(groupsURI, "https", groupName, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL getGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName);
log.debug("getGroup request to " + getGroupURL.toString());
ByteArrayOutputStream out = new ByteArrayOutputStream();
HttpDownload transfer = new HttpDownload(getGroupURL, out);
transfer.setSSLSocketFactory(getSSLSocketFactory());
transfer.run();
......@@ -334,7 +310,8 @@ public class GMSClient implements TransferListener
public List<String> getGroupNames()
throws AccessControlException, IOException
{
URL getGroupNamesURL = registryClient.getServiceURL(groupsURI, "https", "", AuthMethod.CERT);
URL getGroupNamesURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
log.debug("getGroupNames request to " + getGroupNamesURL.toString());
......@@ -411,7 +388,9 @@ public class GMSClient implements TransferListener
throws IllegalArgumentException, GroupNotFoundException, UserNotFoundException,
AccessControlException, WriterException, IOException
{
URL updateGroupURL = registryClient.getServiceURL(groupsURI, "https", group.getID(), AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL updateGroupURL = new URL(groupsURL.toExternalForm() + "/" + group.getID());
log.debug("updateGroup request to " + updateGroupURL.toString());
// reset the state of the cache
......@@ -478,7 +457,9 @@ public class GMSClient implements TransferListener
public void deleteGroup(String groupName)
throws GroupNotFoundException, AccessControlException, IOException
{
URL deleteGroupURL = registryClient.getServiceURL(groupsURI, "https", groupName, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL deleteGroupURL = new URL(groupsURL.toExternalForm() + "/" + groupName);
log.debug("deleteGroup request to " + deleteGroupURL.toString());
// reset the state of the cache
......@@ -545,7 +526,9 @@ public class GMSClient implements TransferListener
{
String path = targetGroupName + "/groupMembers/" + groupMemberName;
URL addGroupMemberURL = registryClient.getServiceURL(groupsURI, "https", path, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL addGroupMemberURL = new URL(groupsURL.toExternalForm() + "/" + path);
log.debug("addGroupMember request to " + addGroupMemberURL.toString());
// reset the state of the cache
......@@ -604,7 +587,9 @@ public class GMSClient implements TransferListener
String userIDType = AuthenticationUtil.getPrincipalType(userID);
String path = targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType;
URL addUserMemberURL = registryClient.getServiceURL(groupsURI, "https", path, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL addUserMemberURL = new URL(groupsURL.toExternalForm() + "/" + path);
log.debug("addUserMember request to " + addUserMemberURL.toString());
......@@ -659,7 +644,9 @@ public class GMSClient implements TransferListener
{
String path = targetGroupName + "/groupMembers/" + groupMemberName;
URL removeGroupMemberURL = registryClient.getServiceURL(groupsURI, "https", path, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL removeGroupMemberURL = new URL(groupsURL.toExternalForm() + "/" + path);
log.debug("removeGroupMember request to " +
removeGroupMemberURL.toString());
......@@ -726,7 +713,9 @@ public class GMSClient implements TransferListener
log.debug("removeUserMember: " + targetGroupName + " - " + userID.getName() + " type: " + userIDType);
String path = targetGroupName + "/userMembers/" + NetUtil.encode(userID.getName()) + "?idType=" + userIDType;
URL removeUserMemberURL = registryClient.getServiceURL(groupsURI, "https", path, AuthMethod.CERT);
URL groupsURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT);
URL removeUserMemberURL = new URL(groupsURL.toExternalForm() + "/" + path);
log.debug("removeUserMember: " + removeUserMemberURL.toString());
......@@ -836,11 +825,13 @@ public class GMSClient implements TransferListener
//searchGroupURL.append("&IDTYPE=").append(NetUtil.encode(idType));
searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString));
URL searchURL = registryClient.getServiceURL(searchURI, "https", searchGroupPath.toString(), AuthMethod.CERT);
URL searchURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_SEARCH_01_URI, AuthMethod.CERT);
URL getMembershipsURL = new URL(searchURL.toExternalForm() + "/" + searchGroupPath.toString());
log.debug("getMemberships request to " + searchURL.toString());
log.debug("getMemberships request to " + getMembershipsURL.toString());
ByteArrayOutputStream out = new ByteArrayOutputStream();
HttpDownload transfer = new HttpDownload(searchURL, out);
HttpDownload transfer = new HttpDownload(getMembershipsURL, out);
transfer.setSSLSocketFactory(getSSLSocketFactory());
transfer.run();
......@@ -945,11 +936,13 @@ public class GMSClient implements TransferListener
searchGroupPath.append("&ROLE=").append(NetUtil.encode(roleString));
searchGroupPath.append("&GROUPID=").append(NetUtil.encode(groupName));
URL searchURL = registryClient.getServiceURL(searchURI, "https", searchGroupPath.toString(), AuthMethod.CERT);
URL searchURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.GMS_SEARCH_01_URI, AuthMethod.CERT);
URL getMembershipURL = new URL(searchURL.toExternalForm() + "/" + searchGroupPath.toString());
log.debug("getMembership request to " + searchURL.toString());
log.debug("getMembership request to " + getMembershipURL.toString());
ByteArrayOutputStream out = new ByteArrayOutputStream();
HttpDownload transfer = new HttpDownload(searchURL, out);
HttpDownload transfer = new HttpDownload(getMembershipURL, out);
transfer.setSSLSocketFactory(getSSLSocketFactory());
transfer.run();
......@@ -1102,17 +1095,17 @@ public class GMSClient implements TransferListener
Set<GroupMemberships> gset = subject.getPrivateCredentials(GroupMemberships.class);
if (gset == null || gset.isEmpty())
{
GroupMemberships mems = new GroupMemberships(gmsServiceURI.toString(), userID);
GroupMemberships mems = new GroupMemberships(serviceID.toString(), userID);
subject.getPrivateCredentials().add(mems);
return mems;
}
GroupMemberships mems = gset.iterator().next();
// check to ensure they have the same service URI
if (!gmsServiceURI.toString().equals(mems.getServiceURI()))
if (!serviceID.toString().equals(mems.getServiceURI()))
{
log.debug("Not using cache because of differing service URIs: " +
"[" + gmsServiceURI.toString() + "][" + mems.getServiceURI() + "]");
"[" + serviceID.toString() + "][" + mems.getServiceURI() + "]");
return null;
}
......@@ -1182,4 +1175,9 @@ public class GMSClient implements TransferListener
return false;
}
protected RegistryClient getRegistryClient()
{
return new RegistryClient();
}
}
......@@ -84,6 +84,8 @@ import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import ca.nrc.cadc.reg.Standards;
import ca.nrc.cadc.reg.client.LocalAuthority;
import org.apache.log4j.Logger;
import ca.nrc.cadc.ac.ReaderException;
......@@ -110,47 +112,22 @@ public class UserClient
{
private static final Logger log = Logger.getLogger(UserClient.class);
private static final String USERS = "users";
private static final String USER_REQUESTS = "reqs";
private RegistryClient registryClient;
private URI usersURI;
// to be used when the client can work with
// user requests
private URI userReqsURI;
private URI serviceID;
/**
* Constructor.
*
* @param serviceURI The URI of the supporting access control web service
* @param serviceID The URI of the supporting access control web service
* obtained from the registry.
*/
public UserClient(URI serviceURI)
public UserClient(URI serviceID)
throws IllegalArgumentException
{
this(serviceURI, new RegistryClient());
}
public UserClient(URI serviceURI, RegistryClient registryClient)
{
if (serviceURI == null)
if (serviceID == null)
throw new IllegalArgumentException("Service URI cannot be null.");
if (serviceURI.getFragment() != null)
throw new IllegalArgumentException("invalid serviceURI (fragment not allowed): " + serviceURI);
this.registryClient = registryClient;
try
{
this.usersURI = new URI(serviceURI.toASCIIString() + "#" + USERS);
this.userReqsURI = new URI(serviceURI.toASCIIString() + "#" + USER_REQUESTS);
}
catch(URISyntaxException ex)
{
throw new RuntimeException("BUG: failed to create standardID from serviceURI + fragment", ex);
}
if (serviceID.getFragment() != null)
throw new IllegalArgumentException("invalid serviceURI (fragment not allowed): " + serviceID);
this.serviceID = serviceID;
}
/**
......@@ -171,10 +148,12 @@ public class UserClient
String path = NetUtil.encode(userID) + "?idType=" + this.getIdType(principal) + "&detail=identity";
// augment subject calls are always https with client certs
URL getUserURL = registryClient.getServiceURL(usersURI, "https", path, AuthMethod.CERT);
URL usersURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.UMS_USERS_01_URI, AuthMethod.CERT);
URL getUserURL = new URL(usersURL.toExternalForm() + path);
if (getUserURL == null)
throw new IllegalArgumentException("No service endpoint for uri " + usersURI);
throw new IllegalArgumentException("No service endpoint for uri " + Standards.UMS_USERS_01_URI);
log.debug("augmentSubject request to " + getUserURL.toString());
ByteArrayOutputStream out = new ByteArrayOutputStream();
......@@ -209,7 +188,8 @@ public class UserClient
*/
public List<User> getDisplayUsers() throws IOException
{
URL usersURL = registryClient.getServiceURL(usersURI, "https");
URL usersURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.UMS_USERS_01_URI, AuthMethod.CERT);
final List<User> webUsers = new ArrayList<User>();
HttpDownload httpDownload =
new HttpDownload(usersURL,
......@@ -273,10 +253,11 @@ public class UserClient
StringBuilder userXML = new StringBuilder();
userWriter.write(user, userXML);
URL createUserURL = registryClient.getServiceURL(usersURI, "https", null, AuthMethod.CERT);
URL createUserURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.UMS_REQS_01_URI, AuthMethod.CERT);
if (createUserURL == null)
throw new IllegalArgumentException("No service endpoint for uri " + usersURI);
throw new IllegalArgumentException("No service endpoint for uri " + Standards.UMS_REQS_01_URI);
log.debug("createUser request to " + createUserURL.toString());
ByteArrayInputStream in = new ByteArrayInputStream(userXML.toString().getBytes());
......@@ -336,9 +317,11 @@ public class UserClient
String id = NetUtil.encode(principal.getName());
String path = "/" + id + "?idType=" + AuthenticationUtil.getPrincipalType(principal);
URL getUserURL = registryClient.getServiceURL(usersURI, "https", path, AuthMethod.CERT);
URL usersURL = getRegistryClient()
.getServiceURL(this.serviceID, Standards.UMS_USERS_01_URI, AuthMethod.CERT);
URL getUserURL = new URL(usersURL.toExternalForm() + path);
if (getUserURL == null)
throw new IllegalArgumentException("No service endpoint for uri " + usersURI);
throw new IllegalArgumentException("No service endpoint for uri " + Standards.UMS_USERS_01_URI);
log.debug("getUser request to " + getUserURL.toString());
ByteArrayOutputStream out = new ByteArrayOutputStream();
......@@ -433,4 +416,10 @@ public class UserClient
return idTypeStr;
}
protected RegistryClient getRegistryClient()
{
return new RegistryClient();
}
}
......@@ -81,6 +81,8 @@ import java.util.List;
import javax.security.auth.Subject;
import ca.nrc.cadc.auth.AuthMethod;
import ca.nrc.cadc.reg.Standards;
import org.apache.log4j.Level;
import org.junit.Assert;
import org.junit.Test;
......@@ -112,13 +114,20 @@ public class GMSClientTest
final RegistryClient mockRegistryClient =
createMock(RegistryClient.class);
final URI serviceURI = URI.create("http://mysite.com/users");
final URI serviceID = URI.create("ivo://mysite.com/users");
expect(mockRegistryClient.getServiceURL(serviceURI, "https")).andReturn(
new URL("http://mysite.com/users/endpoint"));
expect(mockRegistryClient.getServiceURL(serviceID, Standards.UMS_USERS_01_URI, AuthMethod.CERT))
.andReturn(new URL("http://mysite.com/users"));
replay(mockRegistryClient);
GMSClient client = new GMSClient(serviceURI, mockRegistryClient);
GMSClient client = new GMSClient(serviceID)
{
@Override
protected RegistryClient getRegistryClient()
{
return mockRegistryClient;
}
};
Assert.assertFalse(client.userIsSubject(null, null));
Assert.assertFalse(client.userIsSubject(userID, null));
......@@ -141,16 +150,22 @@ public class GMSClientTest
final HttpPrincipal test1UserID = new HttpPrincipal("test");
subject.getPrincipals().add(test1UserID);
final URI serviceURI = URI.create("http://mysite.com/users");
final URI serviceID = URI.create("ivo://mysite.com/users");
final RegistryClient mockRegistryClient =
createMock(RegistryClient.class);
expect(mockRegistryClient.getServiceURL(serviceURI, "https")).andReturn(
new URL("http://mysite.com/users/endpoint"));
expect(mockRegistryClient.getServiceURL(serviceID, Standards.GMS_GROUPS_01_URI, AuthMethod.CERT ))
.andReturn(new URL("http://mysite.com/users"));
replay(mockRegistryClient);
final GMSClient client = new GMSClient(serviceURI, mockRegistryClient);
final GMSClient client = new GMSClient(serviceID)
{
@Override
protected RegistryClient getRegistryClient()
{
return mockRegistryClient;
}
};
Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
{
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment