Commit b381dbb8 authored by Patrick Dowler's avatar Patrick Dowler Committed by GitHub
Browse files

Merge pull request #11 from pdowler/master

added --resourceID command-line argument
parents 97109c03 2a2cfe67
......@@ -15,7 +15,7 @@ sourceCompatibility = 1.7
group = 'org.opencadc'
version = '1.0.2'
version = '1.1'
mainClassName = 'ca.nrc.cadc.cred.client.Main'
......
......@@ -89,6 +89,7 @@ import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URISyntaxException;
import java.security.Principal;
import java.util.HashSet;
import java.util.Set;
......@@ -107,6 +108,7 @@ public class Main implements PrivilegedAction<Boolean>
public static final String ARG_VIEW_CMD = "view";
public static final String ARG_DELEGATE_CMD = "delegate";
public static final String ARG_VALID_DAYS = "daysValid";
public static final String ARG_RESOUIRCE_ID = "resourceID";
public static final String ARG_GET_PROXY = "get";
public static final String ARG_USERID = "userid";
......@@ -140,8 +142,6 @@ public class Main implements PrivilegedAction<Boolean>
private Operation operation; // current operation on Cred client
public static final String SERVICE_ID = "ivo://cadc.nrc.ca/cred";
/**
* Main class for accessing CDP
*
......@@ -384,29 +384,37 @@ public class Main implements PrivilegedAction<Boolean>
}
catch (Exception ex)
{
logger.error("failed to initialise SSL from certificates: "
+ ex.getMessage());
if (logger.getLevel() == Level.DEBUG)
{
ex.printStackTrace();
}
logger.error("failed to initialise SSL from certificates: " + ex.getMessage());
logger.debug("failed to initialise SSL from certificates: ", ex);
if (ex instanceof IllegalArgumentException)
{
usage();
}
System.exit(INIT_STATUS);
}
String rid = argMap.getValue(ARG_RESOUIRCE_ID);
if (rid == null)
{
usage();
logger.error("missing required --resourceID");
System.exit(INIT_STATUS);
}
try
{
URI serviceURI = new URI(SERVICE_ID);
this.client = new CredClient(serviceURI);
logger.info("created: " + client.getClass().getSimpleName() + " for " + serviceURI);
URI resourceID = new URI(rid);
this.client = new CredClient(resourceID);
logger.info("created: " + client.getClass().getSimpleName() + " for " + resourceID);
}
catch(URISyntaxException ex)
{
logger.error("malformed resourceID: " + rid);
System.exit(INIT_STATUS);
}
catch (Exception e)
{
logger.error("failed to find service URL for " + SERVICE_ID);
logger.error("reason: " + e.getMessage());
logger.debug("reason", e);
System.exit(INIT_STATUS);
}
}
......@@ -417,11 +425,13 @@ public class Main implements PrivilegedAction<Boolean>
public static void usage()
{
String[] um = {
"Usage: java -jar cadcCDP.jar [-v|--verbose|-d|--debug] <op> ...",
"Usage: java -jar cadcCDP.jar [-v|--verbose|-d|--debug] --resourceID=<CDP service to use> <op> ...",
CertCmdArgUtil.getCertArgUsage(),
"",
"Help: java -jar cadcCDP.jar <-h | --help>",
"",
" --resourceID specifies the CDP service to use (e.g. ivo://cadc.nrc.ca/cred)",
"",
" <op> is one of: ",
" --delegate [--daysValid=<days>]",
" create new proxy certificate on the server",
......
......@@ -14,7 +14,7 @@ sourceCompatibility = 1.7
group = 'org.opencadc'
version = '1.0.1'
version = '1.1'
mainClassName = 'ca.nrc.cadc.cert.Main'
......
......@@ -54,10 +54,14 @@ public abstract class AbstractCertGenAction implements PrivilegedAction<Object>
{
private static Logger LOGGER = Logger.getLogger(AbstractCertGenAction.class);
public static final URI CRED_SERVICE_ID = URI.create("ivo://cadc.nrc.ca/cred");
protected int expiring;
protected String userid;
protected final URI serviceID;
protected AbstractCertGenAction(URI serviceID)
{
this.serviceID = serviceID;
}
public boolean init(final ArgumentMap argMap) throws IOException
{
......
......@@ -49,8 +49,6 @@ import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.List;
import java.util.TimeZone;
import javax.security.auth.x500.X500Principal;
......@@ -71,6 +69,8 @@ import ca.nrc.cadc.cred.CertUtil;
import ca.nrc.cadc.cred.client.CredClient;
import ca.nrc.cadc.net.ResourceNotFoundException;
import ca.nrc.cadc.util.ArgumentMap;
import java.net.URI;
import java.security.spec.InvalidKeySpecException;
/**
* Generates a new certificate using CDP client API.
......@@ -90,6 +90,11 @@ public class CertGenAction extends DbCertGenAction
X509CertificateChain signer;
boolean dryRun = true;
public CertGenAction(URI serviceID)
{
super(serviceID);
}
@Override
public boolean init(final ArgumentMap argMap) throws IOException
{
......@@ -206,7 +211,7 @@ public class CertGenAction extends DbCertGenAction
LOGGER.debug("Generate private key & CSR");
CredClient client = new CredClient(CRED_SERVICE_ID);
CredClient client = new CredClient(serviceID);
try
{
client.deleteResource(userDN); // remove old CSR
......
......@@ -47,6 +47,7 @@ import ca.nrc.cadc.db.ConnectionConfig;
import ca.nrc.cadc.db.DBConfig;
import ca.nrc.cadc.db.DBUtil;
import ca.nrc.cadc.util.ArgumentMap;
import java.net.URI;
import java.util.Iterator;
import java.util.List;
......@@ -68,6 +69,11 @@ public abstract class DbCertGenAction extends AbstractCertGenAction
//public static final String GENERATE_DN_Q = "select dbo.genDN(?)";
protected DbCertGenAction(URI serviceID)
{
super(serviceID);
}
@Override
public boolean init(final ArgumentMap argMap) throws IOException
{
......
......@@ -41,9 +41,10 @@ import javax.security.auth.Subject;
import org.apache.log4j.Logger;
import ca.nrc.cadc.auth.CertCmdArgUtil;
import ca.nrc.cadc.reg.client.RegistryClient;
import ca.nrc.cadc.util.ArgumentMap;
import ca.nrc.cadc.util.LogArgUtil;
import java.net.URI;
import java.net.URISyntaxException;
/**
* Main class for the CertGenerator Discovery Agent. The DA generates
......@@ -66,6 +67,8 @@ public class Main
public static final String ARG_EXPIRING = "expiring";
public static final String ARG_USERID = "userid";
public static final String ARG_RESOUIRCE_ID = "resourceID";
public static final int STATUS_FAIL = 1; // exit code for failure
public static final int STATUS_OK = 0; // exit code for successful execution
protected static final int DEFAULT_EXPIRE = 30; // Default to 30 days
......@@ -126,34 +129,38 @@ public class Main
return STATUS_FAIL;
}
String credHost = argMap.getValue("cred");
if (credHost != null)
{
System.setProperty(RegistryClient.class.getName() + ".host", credHost);
LOGGER.info("override cred service host: " + credHost);
}
CertGenAction command = null;
String rid = argMap.getValue(ARG_RESOUIRCE_ID);
if (rid == null)
{
usage();
LOGGER.error("missing required --" + ARG_RESOUIRCE_ID);
return STATUS_FAIL;
}
try
{
command = new CertGenAction();
URI resourceID = new URI(rid);
command = new CertGenAction(resourceID);
if (!command.init(argMap))
{
usage();
return STATUS_FAIL;
}
}
catch(URISyntaxException ex)
{
LOGGER.error("malformed resourceID: " + rid);
return STATUS_FAIL;
}
catch (IOException e)
{
msg("Cannot find .dbrc file to connect to the database");
msg("");
LOGGER.error("Cannot find .dbrc file to connect to the database");
return STATUS_FAIL;
}
catch (IllegalArgumentException ex)
{
msg("illegal argument(s): " + ex.getMessage());
msg("");
LOGGER.error("illegal argument(s): " + ex.getMessage());
if (command != null)
{
usage();
......@@ -178,18 +185,6 @@ public class Main
return STATUS_OK;
}
/**
* Initializes of the base URL for the service
*
* @param argMap Parsed command arguments map.
*/
static AbstractCertGenAction getCommand(final ArgumentMap argMap)
throws IllegalArgumentException, IOException
{
return new CertGenAction();
}
/**
* Formats the usage message.
*/
......@@ -199,7 +194,7 @@ public class Main
String[] um = {
"",
"cadc-cert-gen [options] [--dryrun] --expiring=<numDays> --signingCert=<certfile.pem>",
"cadc-cert-gen [options] [--dryrun] --resourceID=<CDP service identifier> --expiring=<numDays> --signingCert=<certfile.pem>",
" \"renew certificates that will expire within <numDays>\"",
" --dryrun - only list the expiring certificates",
"",
......@@ -209,14 +204,17 @@ public class Main
" \"renew certificate for user with userid <userid>\"",
"",
" WHERE",
" --resourceID: specifies the CDP service to use (e.g. ivo://cadc.nrc.ca/cred)",
" --signingCert: PEM file containing certificate and key use to sign certificates",
"",
" OPTIONS:",
" --server=<server> (default is SYBASE)",
" --database=<database> (default is archive)",
" --cred=<CDP service host> (optional non-production service)",
" IMPORTANT: the --server/--database must specify the back-end persistence used",
" by the CDP service given by the --cred option",
"",
" IMPORTANT: the --server/--database must specify the same back-end persistence used",
" by the CDP service; the latter is controlled by setting the CADC_CERT_GEN_OPTS",
" environment variable in order to subvert the cadc-registry client",
"",
" -h --help: show help",
" -v --verbose",
" -d --debug",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment