added skeleton of data import/export API
parent
0d01cf6381
commit
88b4bfcae5
|
@ -0,0 +1,50 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2014 The MITRE Corporation
|
||||
* and the MIT Kerberos and Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
******************************************************************************/
|
||||
package org.mitre.openid.connect.service;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import com.google.gson.stream.JsonReader;
|
||||
import com.google.gson.stream.JsonWriter;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
public interface MITREidDataService {
|
||||
|
||||
/**
|
||||
* Data member for 1.0 configuration
|
||||
*/
|
||||
public static final String MITREID_CONNECT_1_0 = "mitreid-connect-1.0";
|
||||
|
||||
/**
|
||||
* Write out the current server state to the given JSON writer as a JSON object
|
||||
*
|
||||
* @param writer
|
||||
* @throws IOException
|
||||
*/
|
||||
void exportData(JsonWriter writer) throws IOException;
|
||||
|
||||
/**
|
||||
* Read in the current server state from the given JSON reader as a JSON object
|
||||
*
|
||||
* @param reader
|
||||
*/
|
||||
void importData(JsonReader reader) throws IOException;
|
||||
|
||||
}
|
|
@ -0,0 +1,216 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2014 The MITRE Corporation
|
||||
* and the MIT Kerberos and Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
******************************************************************************/
|
||||
package org.mitre.openid.connect.service.impl;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.google.gson.stream.JsonReader;
|
||||
import com.google.gson.stream.JsonToken;
|
||||
import com.google.gson.stream.JsonWriter;
|
||||
|
||||
/**
|
||||
*
|
||||
* Data service to import and export MITREid 1.0 configuration.
|
||||
*
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
public class MITREidDataService_1_0 implements MITREidDataService {
|
||||
|
||||
private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class);
|
||||
|
||||
// member names
|
||||
private static final String REFRESHTOKENS = "refreshtokens";
|
||||
private static final String ACCESSTOKENS = "accesstokens";
|
||||
private static final String AUTHENTICATIONHOLDERS = "authenticationholders";
|
||||
private static final String GRANTS = "grants";
|
||||
private static final String CLIENTS = "clients";
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
|
||||
*/
|
||||
@Override
|
||||
public void exportData(JsonWriter writer) throws IOException {
|
||||
|
||||
// version tag at the root
|
||||
writer.name(MITREID_CONNECT_1_0);
|
||||
|
||||
writer.beginObject();
|
||||
|
||||
// clients list
|
||||
writer.name(CLIENTS);
|
||||
writer.beginArray();
|
||||
writeClients(writer);
|
||||
writer.endArray();
|
||||
|
||||
|
||||
writer.name(GRANTS);
|
||||
writer.beginArray();
|
||||
writeGrants(writer);
|
||||
writer.endArray();
|
||||
|
||||
writer.name(AUTHENTICATIONHOLDERS);
|
||||
writer.beginArray();
|
||||
writeAuthenticationHolders(writer);
|
||||
writer.endArray();
|
||||
|
||||
writer.name(ACCESSTOKENS);
|
||||
writer.beginArray();
|
||||
writeAccessTokens(writer);
|
||||
writer.endArray();
|
||||
|
||||
|
||||
writer.name(REFRESHTOKENS);
|
||||
writer.beginArray();
|
||||
writeRefreshTokens(writer);
|
||||
writer.endArray();
|
||||
|
||||
writer.endObject(); // end mitreid-connect-1.0
|
||||
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeRefreshTokens(JsonWriter writer) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeAccessTokens(JsonWriter writer) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeAuthenticationHolders(JsonWriter writer) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeGrants(JsonWriter writer) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @param writer
|
||||
*/
|
||||
private void writeClients(JsonWriter writer) {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.mitre.openid.connect.service.MITREidDataService#importData(com.google.gson.stream.JsonReader)
|
||||
*/
|
||||
@Override
|
||||
public void importData(JsonReader reader) throws IOException {
|
||||
|
||||
logger.info("Reading configuration for 1.0");
|
||||
|
||||
// this *HAS* to start as an object
|
||||
reader.beginObject();
|
||||
|
||||
while (reader.hasNext()) {
|
||||
JsonToken tok = reader.peek();
|
||||
switch(tok) {
|
||||
case NAME:
|
||||
String name = reader.nextName();
|
||||
|
||||
// find out which member it is
|
||||
if (name.equals(CLIENTS)) {
|
||||
readClients(reader);
|
||||
} else if (name.equals(GRANTS)) {
|
||||
readGrants(reader);
|
||||
} else if (name.equals(AUTHENTICATIONHOLDERS)) {
|
||||
readAuthenticationHolders(reader);
|
||||
} else if (name.equals(ACCESSTOKENS)) {
|
||||
readAccessTokens(reader);
|
||||
} else if (name.equals(REFRESHTOKENS)) {
|
||||
readRefreshTokens(reader);
|
||||
} else {
|
||||
// unknown token, skip it
|
||||
reader.skipValue();
|
||||
}
|
||||
break;
|
||||
case END_OBJECT:
|
||||
// the object ended, we're done here
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
private void readRefreshTokens(JsonReader reader) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
reader.skipValue();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
private void readAccessTokens(JsonReader reader) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
reader.skipValue();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
private void readAuthenticationHolders(JsonReader reader) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
reader.skipValue();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
private void readGrants(JsonReader reader) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
reader.skipValue();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param reader
|
||||
* @throws IOException
|
||||
*/
|
||||
private void readClients(JsonReader reader) throws IOException {
|
||||
// TODO Auto-generated method stub
|
||||
reader.skipValue();
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,133 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2014 The MITRE Corporation
|
||||
* and the MIT Kerberos and Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
******************************************************************************/
|
||||
package org.mitre.openid.connect.web;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.Reader;
|
||||
import java.io.Writer;
|
||||
import java.security.Principal;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
|
||||
import org.mitre.openid.connect.service.MITREidDataService;
|
||||
import org.mitre.openid.connect.service.impl.MITREidDataService_1_0;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
import com.google.gson.stream.JsonReader;
|
||||
import com.google.gson.stream.JsonToken;
|
||||
import com.google.gson.stream.JsonWriter;
|
||||
|
||||
/**
|
||||
* API endpoint for importing and exporting the current state of a server.
|
||||
* Includes all tokens, grants, whitelists, blacklists, and clients.
|
||||
*
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
@Controller
|
||||
@RequestMapping("/api/data")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')") // you need to be an admin to even think about this -- this is a potentially dangerous API!!
|
||||
public class DataAPI {
|
||||
|
||||
private static Logger logger = LoggerFactory.getLogger(DataAPI.class);
|
||||
|
||||
private SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
|
||||
|
||||
@Autowired
|
||||
private ConfigurationPropertiesBean config;
|
||||
|
||||
private MITREidDataService dataService_1_0 = new MITREidDataService_1_0();
|
||||
|
||||
@RequestMapping(method = RequestMethod.POST, consumes = "application/json")
|
||||
public String importData(Reader in, Model m) throws IOException {
|
||||
|
||||
JsonReader reader = new JsonReader(in);
|
||||
|
||||
reader.beginObject();
|
||||
|
||||
while (reader.hasNext()) {
|
||||
JsonToken tok = reader.peek();
|
||||
switch (tok) {
|
||||
case NAME:
|
||||
String name = reader.nextName();
|
||||
if (name.equals(MITREidDataService.MITREID_CONNECT_1_0)) {
|
||||
// this will consume the beginObject and endObject of the configuration value
|
||||
dataService_1_0.importData(reader);
|
||||
} else {
|
||||
// consume the next bit silently for now
|
||||
logger.debug("Skipping value for " + name); // TODO: write these out?
|
||||
reader.skipValue();
|
||||
}
|
||||
break;
|
||||
case END_OBJECT:
|
||||
reader.endObject();
|
||||
break;
|
||||
case END_DOCUMENT:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return "httpCodeView";
|
||||
}
|
||||
|
||||
@RequestMapping(method = RequestMethod.GET, produces = "application/json")
|
||||
public void exportData(HttpServletResponse resp, Principal prin) throws IOException {
|
||||
|
||||
resp.setContentType("application/json");
|
||||
|
||||
// this writer puts things out onto the wire
|
||||
JsonWriter writer = new JsonWriter(resp.getWriter());
|
||||
writer.setIndent(" ");
|
||||
|
||||
try {
|
||||
|
||||
writer.beginObject();
|
||||
|
||||
writer.name("exported-at");
|
||||
writer.value(dateFormat.format(new Date()));
|
||||
|
||||
writer.name("exported-from");
|
||||
writer.value(config.getIssuer());
|
||||
|
||||
writer.name("exported-by");
|
||||
writer.value(prin.getName());
|
||||
|
||||
// delegate to the service to do the actual export
|
||||
dataService_1_0.exportData(writer);
|
||||
|
||||
writer.endObject(); // end root
|
||||
writer.close();
|
||||
|
||||
} catch (IOException e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
Loading…
Reference in New Issue