You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by mr...@apache.org on 2016/06/24 23:58:31 UTC
usergrid git commit: Removed files that were moved elsewhere.
Repository: usergrid
Updated Branches:
refs/heads/apigee-sso-provider 7cf07b4ed -> 6c36882e2
Removed files that were moved elsewhere.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/6c36882e
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/6c36882e
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/6c36882e
Branch: refs/heads/apigee-sso-provider
Commit: 6c36882e2231863f1628e3fbf0cf93227b957183
Parents: 7cf07b4
Author: Michael Russo <mr...@apigee.com>
Authored: Fri Jun 24 16:58:29 2016 -0700
Committer: Michael Russo <mr...@apigee.com>
Committed: Fri Jun 24 16:58:29 2016 -0700
----------------------------------------------------------------------
.../ExternalTokenProvider.java | 17 --
.../externalProviders/UsergridCentral.java | 259 -------------------
2 files changed, 276 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/6c36882e/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/ExternalTokenProvider.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/ExternalTokenProvider.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/ExternalTokenProvider.java
deleted file mode 100644
index 935c8ad..0000000
--- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/ExternalTokenProvider.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package org.apache.usergrid.security.tokens.externalProviders;
-
-import org.apache.usergrid.management.UserInfo;
-import org.apache.usergrid.security.tokens.TokenInfo;
-
-/**
- * Created by ayeshadastagiri on 6/22/16.
- */
-public interface ExternalTokenProvider {
-
- /** Authenticate a userId and external token against this provider */
- TokenInfo validateAndReturnTokenInfo(String token, long ttl) throws Exception;
-
- /** Authenticate a userId and external token against this provider */
- UserInfo validateAndReturnUserInfo(String token, long ttl) throws Exception;
-
-}
http://git-wip-us.apache.org/repos/asf/usergrid/blob/6c36882e/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/UsergridCentral.java
----------------------------------------------------------------------
diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/UsergridCentral.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/UsergridCentral.java
deleted file mode 100644
index fd07d6f..0000000
--- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/externalProviders/UsergridCentral.java
+++ /dev/null
@@ -1,259 +0,0 @@
-package org.apache.usergrid.security.tokens.externalProviders;
-
-import com.codahale.metrics.Counter;
-import com.google.inject.Injector;
-import org.apache.commons.lang.RandomStringUtils;
-import org.apache.http.impl.conn.PoolingClientConnectionManager;
-import org.apache.usergrid.management.*;
-import org.apache.usergrid.persistence.core.metrics.MetricsFactory;
-import org.apache.usergrid.persistence.exceptions.EntityNotFoundException;
-import org.apache.usergrid.security.tokens.TokenInfo;
-import org.codehaus.jackson.JsonNode;
-import org.glassfish.jersey.apache.connector.ApacheClientProperties;
-import org.glassfish.jersey.apache.connector.ApacheConnectorProvider;
-import org.glassfish.jersey.client.ClientConfig;
-import org.glassfish.jersey.client.ClientProperties;
-import org.glassfish.jersey.jackson.JacksonFeature;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.core.MediaType;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.Properties;
-import java.util.UUID;
-
-/**
- * Created by ayeshadastagiri on 6/23/16.
- */
-public class UsergridCentral implements ExternalTokenProvider {
- private static final Logger logger = LoggerFactory.getLogger(ApigeeSSO2Provider.class);
-
- private static final String SSO_PROCESSING_TIME = "sso.processing_time";
- private static final String SSO_TOKENS_REJECTED = "sso.tokens_rejected";
- private static final String SSO_TOKENS_VALIDATED = "sso.tokens_validated";
- public static final String USERGRID_CENTRAL_URL = "usergrid.external.sso.publicKeyUrl";
- public static final String CENTRAL_CONNECTION_POOL_SIZE = "usergrid.central.connection.pool.size";
- public static final String CENTRAL_CONNECTION_TIMEOUT = "usergrid.central.connection.timeout";
- public static final String CENTRAL_READ_TIMEOUT = "usergrid.central.read.timeout";
- private static final String SSO_CREATED_LOCAL_ADMINS = "sso.created_local_admins";
-
- protected ManagementService management;
- protected MetricsFactory metricsFactory;
- protected Properties properties;
-
- private static Client jerseyClient = null;
-
- @Autowired
- private Injector injector;
-
- @Autowired
- private ApplicationCreator applicationCreator;
-
- @Autowired
- public void setManagement(ManagementService management) {
- this.management = management;
- }
-
- @Autowired
- public void setProperties(Properties properties) {
- this.properties = properties;
- }
-
- @Autowired
- public void setMetricFactory() {
- this.metricsFactory = injector.getInstance(MetricsFactory.class);
- }
-
- MetricsFactory getMetricsFactory() {
- return metricsFactory;
- }
-
- @Override
- public TokenInfo validateAndReturnTokenInfo(String token, long ttl) throws Exception {
- return null;
- }
-
- @Override
- public UserInfo validateAndReturnUserInfo(String token, long ttl) throws Exception {
- if (token == null) {
- throw new IllegalArgumentException("ext_access_token must be specified");
- }
- if (ttl == -1) {
- throw new IllegalArgumentException("ttl must be specified");
- }
-
- com.codahale.metrics.Timer processingTimer = getMetricsFactory().getTimer(
- UsergridCentral.class, SSO_PROCESSING_TIME);
-
- com.codahale.metrics.Timer.Context timerContext = processingTimer.time();
-
- try {
- // look up user via UG Central's /management/me endpoint.
-
- JsonNode accessInfoNode = getMeFromUgCentral(token);
-
- JsonNode userNode = accessInfoNode.get("user");
-
- String username = userNode.get("username").asText();
-
- // if user does not exist locally then we need to fix that
-
- UserInfo userInfo = management.getAdminUserByUsername(username);
- UUID userId = userInfo == null ? null : userInfo.getUuid();
-
- if (userId == null) {
-
- // create local user and and organizations they have on the central Usergrid instance
- logger.info("User {} does not exist locally, creating", username);
-
- String name = userNode.get("name").asText();
- String email = userNode.get("email").asText();
- String dummyPassword = RandomStringUtils.randomAlphanumeric(40);
-
- JsonNode orgsNode = userNode.get("organizations");
- Iterator<String> fieldNames = orgsNode.getFieldNames();
-
- if (!fieldNames.hasNext()) {
- // no organizations for user exist in response from central Usergrid SSO
- // so create user's personal organization and use username as organization name
- fieldNames = Collections.singletonList(username).iterator();
- }
-
- // create user and any organizations that user is supposed to have
-
- while (fieldNames.hasNext()) {
-
- String orgName = fieldNames.next();
-
- if (userId == null) {
-//
- // haven't created user yet so do that now
- OrganizationOwnerInfo ownerOrgInfo = management.createOwnerAndOrganization(
- orgName, username, name, email, dummyPassword, true, false);
-
- applicationCreator.createSampleFor(ownerOrgInfo.getOrganization());
-
- userId = ownerOrgInfo.getOwner().getUuid();
- userInfo = ownerOrgInfo.getOwner();
-
- Counter createdAdminsCounter = getMetricsFactory().getCounter(
- UsergridCentral.class, SSO_CREATED_LOCAL_ADMINS);
- createdAdminsCounter.inc();
-
- logger.info("Created user {} and org {}", username, orgName);
-
- } else {
-
- // already created user, so just create an org
- final OrganizationInfo organization =
- management.createOrganization(orgName, userInfo, true);
-
- applicationCreator.createSampleFor(organization);
-
- logger.info("Created user {}'s other org {}", username, orgName);
- }
- }
- }
-
- return userInfo;
- } catch (Exception e) {
- timerContext.stop();
- logger.debug("Error validating external token", e);
- throw e;
- }
-
- }
-
- /**
- * Look up Admin User via UG Central's /management/me endpoint.
- *
- * @param extAccessToken Access token issued by UG Central of Admin User
- * @return JsonNode representation of AccessInfo object for Admin User
- * @throws EntityNotFoundException if access_token is not valid.
- */
- private JsonNode getMeFromUgCentral(String extAccessToken) throws EntityNotFoundException {
-
- // prepare to count tokens validated and rejected
-
- Counter tokensRejectedCounter = getMetricsFactory().getCounter(
- UsergridCentral.class, SSO_TOKENS_REJECTED);
- Counter tokensValidatedCounter = getMetricsFactory().getCounter(
- UsergridCentral.class, SSO_TOKENS_VALIDATED);
-
- // create URL of central Usergrid's /management/me endpoint
-
- String externalUrl = properties.getProperty(USERGRID_CENTRAL_URL).trim();
-
- // be lenient about trailing slash
- externalUrl = !externalUrl.endsWith("/") ? externalUrl + "/" : externalUrl;
- String me = externalUrl + "management/me?access_token=" + extAccessToken;
-
- // use our favorite HTTP client to GET /management/me
-
- Client client = getJerseyClient();
- final org.codehaus.jackson.JsonNode accessInfoNode;
- try {
- accessInfoNode = client.target(me).request()
- .accept(MediaType.APPLICATION_JSON_TYPE)
- .get(org.codehaus.jackson.JsonNode.class);
-
- tokensValidatedCounter.inc();
-
- } catch (Exception e) {
- // user not found 404
- tokensRejectedCounter.inc();
- String msg = "Cannot find Admin User associated with " + extAccessToken;
- throw new EntityNotFoundException(msg, e);
- }
-
- return accessInfoNode;
- }
-
- private Client getJerseyClient() {
-
- if (jerseyClient == null) {
-
- synchronized (this) {
-
- // create HTTPClient and with configured connection pool
-
- int poolSize = 100; // connections
- final String poolSizeStr = properties.getProperty(CENTRAL_CONNECTION_POOL_SIZE);
- if (poolSizeStr != null) {
- poolSize = Integer.parseInt(poolSizeStr);
- }
-
- PoolingClientConnectionManager connectionManager = new PoolingClientConnectionManager();
- connectionManager.setMaxTotal(poolSize);
-
- int timeout = 20000; // ms
- final String timeoutStr = properties.getProperty(CENTRAL_CONNECTION_TIMEOUT);
- if (timeoutStr != null) {
- timeout = Integer.parseInt(timeoutStr);
- }
-
- int readTimeout = 20000; // ms
- final String readTimeoutStr = properties.getProperty(CENTRAL_READ_TIMEOUT);
- if (readTimeoutStr != null) {
- readTimeout = Integer.parseInt(readTimeoutStr);
- }
-
- ClientConfig clientConfig = new ClientConfig();
- clientConfig.register(new JacksonFeature());
- clientConfig.property(ApacheClientProperties.CONNECTION_MANAGER, connectionManager);
- clientConfig.connectorProvider(new ApacheConnectorProvider());
-
- jerseyClient = ClientBuilder.newClient(clientConfig);
- jerseyClient.property(ClientProperties.CONNECT_TIMEOUT, timeout);
- jerseyClient.property(ClientProperties.READ_TIMEOUT, readTimeout);
- }
- }
-
- return jerseyClient;
-
- }
-}