Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 Open Networking Laboratory |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package org.onosproject.protocol.rest.ctl; |
| 18 | |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 19 | import com.google.common.collect.ImmutableMap; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 20 | import org.apache.commons.io.IOUtils; |
| 21 | import org.apache.felix.scr.annotations.Activate; |
| 22 | import org.apache.felix.scr.annotations.Component; |
| 23 | import org.apache.felix.scr.annotations.Deactivate; |
| 24 | import org.apache.felix.scr.annotations.Service; |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 25 | import org.apache.http.client.methods.HttpPatch; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 26 | import org.apache.http.conn.ssl.AllowAllHostnameVerifier; |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 27 | import org.apache.http.entity.StringEntity; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 28 | import org.apache.http.impl.client.CloseableHttpClient; |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 29 | import org.apache.http.impl.client.HttpClients; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 30 | import org.apache.http.ssl.SSLContextBuilder; |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 31 | import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 32 | import org.onlab.packet.IpAddress; |
| 33 | import org.onosproject.net.DeviceId; |
| 34 | import org.onosproject.protocol.rest.RestSBController; |
| 35 | import org.onosproject.protocol.rest.RestSBDevice; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 36 | import org.slf4j.Logger; |
| 37 | import org.slf4j.LoggerFactory; |
| 38 | |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 39 | import javax.net.ssl.SSLContext; |
| 40 | import javax.net.ssl.TrustManager; |
| 41 | import javax.net.ssl.X509TrustManager; |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 42 | import javax.ws.rs.client.Client; |
| 43 | import javax.ws.rs.client.ClientBuilder; |
| 44 | import javax.ws.rs.client.Entity; |
| 45 | import javax.ws.rs.client.WebTarget; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 46 | import javax.ws.rs.core.MediaType; |
| 47 | import javax.ws.rs.core.Response; |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 48 | import java.io.ByteArrayInputStream; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 49 | import java.io.IOException; |
| 50 | import java.io.InputStream; |
| 51 | import java.nio.charset.StandardCharsets; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 52 | import java.security.KeyManagementException; |
| 53 | import java.security.KeyStoreException; |
| 54 | import java.security.NoSuchAlgorithmException; |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 55 | import java.security.cert.CertificateException; |
| 56 | import java.security.cert.X509Certificate; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 57 | import java.util.Base64; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 58 | import java.util.Map; |
| 59 | import java.util.concurrent.ConcurrentHashMap; |
| 60 | |
| 61 | /** |
| 62 | * The implementation of RestSBController. |
| 63 | */ |
| 64 | @Component(immediate = true) |
| 65 | @Service |
| 66 | public class RestSBControllerImpl implements RestSBController { |
| 67 | |
| 68 | private static final Logger log = |
| 69 | LoggerFactory.getLogger(RestSBControllerImpl.class); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 70 | private static final String XML = "xml"; |
| 71 | private static final String JSON = "json"; |
| 72 | private static final String DOUBLESLASH = "//"; |
| 73 | private static final String COLON = ":"; |
| 74 | private static final int STATUS_OK = Response.Status.OK.getStatusCode(); |
| 75 | private static final int STATUS_CREATED = Response.Status.CREATED.getStatusCode(); |
| 76 | private static final int STATUS_ACCEPTED = Response.Status.ACCEPTED.getStatusCode(); |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 77 | private static final String HTTPS = "https"; |
| 78 | private static final String AUTHORIZATION_PROPERTY = "authorization"; |
| 79 | private static final String BASIC_AUTH_PREFIX = "Basic "; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 80 | |
| 81 | private final Map<DeviceId, RestSBDevice> deviceMap = new ConcurrentHashMap<>(); |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 82 | private final Map<DeviceId, Client> clientMap = new ConcurrentHashMap<>(); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 83 | |
| 84 | @Activate |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 85 | public void activate() { |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 86 | log.info("Started"); |
| 87 | } |
| 88 | |
| 89 | @Deactivate |
| 90 | public void deactivate() { |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 91 | clientMap.clear(); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 92 | deviceMap.clear(); |
| 93 | log.info("Stopped"); |
| 94 | } |
| 95 | |
| 96 | @Override |
| 97 | public Map<DeviceId, RestSBDevice> getDevices() { |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 98 | return ImmutableMap.copyOf(deviceMap); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 99 | } |
| 100 | |
| 101 | @Override |
| 102 | public RestSBDevice getDevice(DeviceId deviceInfo) { |
| 103 | return deviceMap.get(deviceInfo); |
| 104 | } |
| 105 | |
| 106 | @Override |
| 107 | public RestSBDevice getDevice(IpAddress ip, int port) { |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 108 | return deviceMap.values().stream().filter(v -> v.ip().equals(ip) |
| 109 | && v.port() == port).findFirst().get(); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 110 | } |
| 111 | |
| 112 | @Override |
| 113 | public void addDevice(RestSBDevice device) { |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 114 | if (!deviceMap.containsKey(device.deviceId())) { |
| 115 | Client client = ignoreSslClient(); |
| 116 | if (device.username() != null) { |
| 117 | String username = device.username(); |
| 118 | String password = device.password() == null ? "" : device.password(); |
| 119 | authenticate(client, username, password); |
| 120 | } |
| 121 | clientMap.put(device.deviceId(), client); |
| 122 | deviceMap.put(device.deviceId(), device); |
| 123 | } else { |
| 124 | log.warn("Trying to add a device that is already existing {}", device.deviceId()); |
| 125 | } |
| 126 | |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 127 | } |
| 128 | |
| 129 | @Override |
Andrea Campanella | 86294db | 2016-03-07 11:42:49 -0800 | [diff] [blame] | 130 | public void removeDevice(DeviceId deviceId) { |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 131 | clientMap.remove(deviceId); |
Andrea Campanella | 86294db | 2016-03-07 11:42:49 -0800 | [diff] [blame] | 132 | deviceMap.remove(deviceId); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 133 | } |
| 134 | |
| 135 | @Override |
| 136 | public boolean post(DeviceId device, String request, InputStream payload, String mediaType) { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 137 | WebTarget wt = getWebTarget(device, request); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 138 | |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 139 | Response response = null; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 140 | if (payload != null) { |
| 141 | try { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 142 | response = wt.request(mediaType) |
| 143 | .post(Entity.entity(IOUtils.toString(payload, StandardCharsets.UTF_8), mediaType)); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 144 | } catch (IOException e) { |
| 145 | log.error("Cannot do POST {} request on device {} because can't read payload", |
| 146 | request, device); |
| 147 | } |
| 148 | } else { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 149 | response = wt.request(mediaType).post(Entity.entity(null, mediaType)); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 150 | } |
| 151 | return checkReply(response); |
| 152 | } |
| 153 | |
| 154 | @Override |
| 155 | public boolean put(DeviceId device, String request, InputStream payload, String mediaType) { |
Andrea Campanella | d8d92db | 2016-01-14 16:24:41 -0800 | [diff] [blame] | 156 | |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 157 | WebTarget wt = getWebTarget(device, request); |
| 158 | Response response = null; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 159 | if (payload != null) { |
| 160 | try { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 161 | response = wt.request(mediaType) |
| 162 | .put(Entity.entity(IOUtils.toString(payload, StandardCharsets.UTF_8), mediaType)); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 163 | } catch (IOException e) { |
| 164 | log.error("Cannot do PUT {} request on device {} because can't read payload", |
| 165 | request, device); |
| 166 | } |
| 167 | } else { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 168 | response = wt.request(mediaType).put(Entity.entity(null, mediaType)); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 169 | } |
| 170 | return checkReply(response); |
| 171 | } |
| 172 | |
| 173 | @Override |
| 174 | public InputStream get(DeviceId device, String request, String mediaType) { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 175 | WebTarget wt = getWebTarget(device, request); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 176 | String type; |
| 177 | switch (mediaType) { |
| 178 | case XML: |
| 179 | type = MediaType.APPLICATION_XML; |
| 180 | break; |
| 181 | case JSON: |
| 182 | type = MediaType.APPLICATION_JSON; |
| 183 | break; |
| 184 | default: |
| 185 | throw new IllegalArgumentException("Unsupported media type " + mediaType); |
| 186 | |
| 187 | } |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 188 | |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 189 | Response s = wt.request(type).get(); |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 190 | if (checkReply(s)) { |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 191 | return new ByteArrayInputStream(wt.request(type) |
| 192 | .get(String.class).getBytes(StandardCharsets.UTF_8)); |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 193 | } |
| 194 | return null; |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 195 | } |
| 196 | |
| 197 | @Override |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 198 | public boolean patch(DeviceId device, String request, InputStream payload, String mediaType) { |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 199 | try { |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 200 | log.debug("Url request {} ", getUrlString(device, request)); |
| 201 | HttpPatch httprequest = new HttpPatch(getUrlString(device, request)); |
Andrea Campanella | 784ee0f | 2016-02-17 15:50:59 -0800 | [diff] [blame] | 202 | if (deviceMap.get(device).username() != null) { |
| 203 | String pwd = deviceMap.get(device).password() == null ? "" : COLON + deviceMap.get(device).password(); |
| 204 | String userPassword = deviceMap.get(device).username() + pwd; |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 205 | String base64string = Base64.getEncoder().encodeToString(userPassword.getBytes(StandardCharsets.UTF_8)); |
| 206 | httprequest.addHeader(AUTHORIZATION_PROPERTY, BASIC_AUTH_PREFIX + base64string); |
| 207 | } |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 208 | if (payload != null) { |
| 209 | StringEntity input = new StringEntity(IOUtils.toString(payload, StandardCharsets.UTF_8)); |
| 210 | input.setContentType(mediaType); |
| 211 | httprequest.setEntity(input); |
| 212 | } |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 213 | CloseableHttpClient httpClient; |
| 214 | if (deviceMap.containsKey(device) && deviceMap.get(device).protocol().equals(HTTPS)) { |
| 215 | httpClient = getApacheSslBypassClient(); |
| 216 | } else { |
| 217 | httpClient = HttpClients.createDefault(); |
| 218 | } |
| 219 | int responseStatusCode = httpClient |
| 220 | .execute(httprequest) |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 221 | .getStatusLine() |
| 222 | .getStatusCode(); |
| 223 | return checkStatusCode(responseStatusCode); |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 224 | } catch (IOException | NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) { |
| 225 | log.error("Cannot do PATCH {} request on device {}", |
| 226 | request, device, e); |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 227 | } |
| 228 | return false; |
| 229 | } |
| 230 | |
| 231 | @Override |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 232 | public boolean delete(DeviceId device, String request, InputStream payload, String mediaType) { |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 233 | WebTarget wt = getWebTarget(device, request); |
| 234 | |
| 235 | // FIXME: do we need to delete an entry by enclosing data in DELETE request? |
| 236 | // wouldn't it be nice to use PUT to implement the similar concept? |
| 237 | Response response = wt.request(mediaType).delete(); |
| 238 | |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 239 | return checkReply(response); |
| 240 | } |
| 241 | |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 242 | private void authenticate(Client client, String username, String password) { |
| 243 | client.register(HttpAuthenticationFeature.basic(username, password)); |
| 244 | } |
| 245 | |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 246 | private WebTarget getWebTarget(DeviceId device, String request) { |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 247 | log.debug("Sending request to URL {} ", getUrlString(device, request)); |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 248 | return clientMap.get(device).target(getUrlString(device, request)); |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 249 | } |
| 250 | |
| 251 | //FIXME security issue: this trusts every SSL certificate, even if is self-signed. Also deprecated methods. |
| 252 | private CloseableHttpClient getApacheSslBypassClient() throws NoSuchAlgorithmException, |
| 253 | KeyManagementException, KeyStoreException { |
| 254 | return HttpClients.custom(). |
| 255 | setHostnameVerifier(new AllowAllHostnameVerifier()). |
| 256 | setSslcontext(new SSLContextBuilder() |
| 257 | .loadTrustMaterial(null, (arg0, arg1) -> true) |
| 258 | .build()).build(); |
| 259 | } |
| 260 | |
| 261 | private String getUrlString(DeviceId device, String request) { |
| 262 | if (deviceMap.get(device).url() != null) { |
| 263 | return deviceMap.get(device).protocol() + COLON + DOUBLESLASH |
| 264 | + deviceMap.get(device).url() + request; |
| 265 | } else { |
| 266 | return deviceMap.get(device).protocol() + COLON + |
| 267 | DOUBLESLASH + |
| 268 | deviceMap.get(device).ip().toString() + |
| 269 | COLON + deviceMap.get(device).port() + request; |
| 270 | } |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 271 | } |
| 272 | |
Jian Li | 9d61649 | 2016-03-09 10:52:49 -0800 | [diff] [blame] | 273 | private boolean checkReply(Response response) { |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 274 | if (response != null) { |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 275 | return checkStatusCode(response.getStatus()); |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 276 | } |
| 277 | log.error("Null reply from device"); |
| 278 | return false; |
| 279 | } |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 280 | |
| 281 | private boolean checkStatusCode(int statusCode) { |
| 282 | if (statusCode == STATUS_OK || |
| 283 | statusCode == STATUS_CREATED || |
| 284 | statusCode == STATUS_ACCEPTED) { |
| 285 | return true; |
| 286 | } else { |
Andrea Campanella | 2947e62 | 2016-01-27 09:23:46 -0800 | [diff] [blame] | 287 | log.error("Failed request, HTTP error code : " |
Andrea Campanella | ce279ee | 2016-01-25 10:21:45 -0800 | [diff] [blame] | 288 | + statusCode); |
| 289 | return false; |
| 290 | } |
| 291 | } |
Andrea Campanella | c6ecc63 | 2016-03-10 17:57:06 -0800 | [diff] [blame^] | 292 | |
| 293 | private Client ignoreSslClient() { |
| 294 | SSLContext sslcontext = null; |
| 295 | |
| 296 | try { |
| 297 | sslcontext = SSLContext.getInstance("TLS"); |
| 298 | sslcontext.init(null, new TrustManager[]{new X509TrustManager() { |
| 299 | public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { |
| 300 | } |
| 301 | |
| 302 | public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { |
| 303 | } |
| 304 | |
| 305 | public X509Certificate[] getAcceptedIssuers() { |
| 306 | return new X509Certificate[0]; |
| 307 | } |
| 308 | |
| 309 | } }, new java.security.SecureRandom()); |
| 310 | } catch (NoSuchAlgorithmException | KeyManagementException e) { |
| 311 | e.printStackTrace(); |
| 312 | } |
| 313 | |
| 314 | return ClientBuilder.newBuilder().sslContext(sslcontext).hostnameVerifier((s1, s2) -> true).build(); |
| 315 | } |
Andrea Campanella | 945ded2 | 2016-01-07 13:17:43 -0800 | [diff] [blame] | 316 | } |