Commit a2b078f2 authored by Ondrej's avatar Ondrej Committed by Ondrej Tomcik

Merge branch 'iotivity-cloud' reverify

Change-Id: Iacf81170fac09e4f7e9b7f6f4f51eb0182db1ce3
Signed-off-by: default avatarOndrej Tomcik <ondrej.tomcik@kistler.com>
parents 34ed55ce 08ef99e6
FROM openjdk:8-jre-alpine
RUN apk add --update \
curl \
&& rm -rf /var/cache/apk/*
ADD ./target/CloudAccount-0.0.1-SNAPSHOT.jar iotivity/AccountServer.jar
ADD ./target/lib/* iotivity/lib/
ADD ./properties/* iotivity/properties/
......@@ -7,8 +11,24 @@ ADD ./properties/* iotivity/properties/
WORKDIR iotivity/
ENV COAP_PORT 5685
ENV HEALTH_CHECK_ENABLED 1
ENV TLS_MODE 0
ENV MONGODB_ADDRESS mongodb
ENV MONGODB_PORT 27017
ENTRYPOINT ["java", "-jar", "AccountServer.jar"]
\ No newline at end of file
ENV JMX_PORT 9002
ENV JAVA_JMX_OPTS "-Dcom.sun.management.jmxremote \
-Dcom.sun.management.jmxremote.port=${JMX_PORT} \
-Dcom.sun.management.jmxremote.rmi.port=${JMX_PORT} \
-Dcom.sun.management.jmxremote.local.only=false \
-Dcom.sun.management.jmxremote.authenticate=false \
-Dcom.sun.management.jmxremote.ssl=false \
-Djava.rmi.server.hostname= \
-XX:MetaspaceSize=30m -XX:MaxMetaspaceSize=40m \
-XX:+UseG1GC -XX:MaxGCPauseMillis=100 -server "
EXPOSE 9002
ENTRYPOINT exec java $JAVA_JMX_OPTS $JAVA_MEMORY_OPTS -jar AccountServer.jar
HEALTHCHECK --interval=30s --timeout=2s --retries=3 CMD curl -f http://localhost/api/healthcheck || exit 1
......@@ -10,6 +10,10 @@
<groupId>org.iotivity.cloud</groupId>
<artifactId>CloudAccount</artifactId>
<properties>
<docker.image.name>iotivity/accountserver</docker.image.name>
</properties>
<dependencies>
<!-- Local -->
<dependency>
......@@ -111,7 +115,24 @@
<overWriteIfNewer>true</overWriteIfNewer>
</configuration>
</plugin>
<plugin>
<groupId>io.fabric8</groupId>
<artifactId>docker-maven-plugin</artifactId>
<version>0.26.0</version>
<configuration>
<images>
<image>
<name>${docker.image.name}</name>
<build>
<dockerFileDir>${project.basedir}</dockerFileDir>
<tags>
<tag>${docker.image.version}</tag>
</tags>
</build>
</image>
</images>
</configuration>
</plugin>
</plugins>
</build>
</project>
\ No newline at end of file
#New Serial number
#Fri Dec 22 15:54:31 CET 2017
#Wed Oct 31 14:15:38 CET 2018
keyGeneratorAlgorithm=ECDSA
notAfterInterval=20
securityProvider=BC
ellipticCurve=secp256r1
keystoreDir=keystore
keyStoreLocation=keystore{0}certificateStorage.jks
keystoreType=BKS
nextUpdateInterval=1
signatureAlgorithm=SHA256withECDSA
nextUpdateInterval=1
keystoreType=BKS
rootOU=OCF Sub CA
serialNumber=20
serialNumber=75
rootO=Samsung
subjectName=uuid\:31313131-3131-3131-3131-313131313131
caAlias=uuid\:31313131-3131-3131-3131-313131313131
subjectName=uuid\:31313131-3131-3131-3131-313131313131
password=PASSWORD
rootC=KR
......@@ -23,7 +23,16 @@ package org.iotivity.cloud.accountserver;
import java.net.InetSocketAddress;
import java.util.Scanner;
import java.util.concurrent.TimeUnit;
import org.iotivity.cloud.accountserver.resources.account.SecAccountResource;
import org.iotivity.cloud.accountserver.resources.account.session.SecSessionResource;
import org.iotivity.cloud.accountserver.resources.account.tokenrefresh.SecTokenRefreshResource;
import org.iotivity.cloud.base.healthcheck.HealthHolder;
import org.iotivity.cloud.base.healthcheck.SimpleHealthHolder;
import org.iotivity.cloud.base.server.SimpleHttpServer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.iotivity.cloud.accountserver.db.AccountDBManager;
import org.iotivity.cloud.accountserver.resources.account.AccountResource;
import org.iotivity.cloud.accountserver.resources.account.session.SessionResource;
......@@ -37,7 +46,6 @@ import org.iotivity.cloud.accountserver.resources.credprov.crl.CrlResource;
import org.iotivity.cloud.base.ServerSystem;
import org.iotivity.cloud.base.resource.CloudPingResource;
import org.iotivity.cloud.base.server.CoapServer;
import org.iotivity.cloud.util.Log;
/**
*
......@@ -45,31 +53,27 @@ import org.iotivity.cloud.util.Log;
*
*/
public class AccountServer {
private static int coapServerPort;
private static boolean tlsMode;
private static String databaseHost;
private static String webLogHost;
private final static Logger Log = LoggerFactory.getLogger(AccountServer.class);
private static int coapServerPort;
private static boolean tlsMode;
private static String databaseHost;
private static String webLogHost;
private static boolean healthCheckEnabled;
public static void main(String[] args) throws Exception {
System.out.println("-----Account SERVER-----");
Log.Init();
Log.info("Starting Account Server");
if (!parseConfiguration(args)) {
Log.e("\nCoAP-server <Port> Database <Address> <Port> TLS-mode <0|1> are required. WebSocketLog-Server <Addres> <Port> is optional.\n"
Log.error("\nCoAP-server <Port> Database <Address> <Port> TLS-mode <0|1> are required.\n"
+ "ex) " + Constants.DEFAULT_COAP_PORT
+ " 127.0.0.1 27017 0\n");
return;
}
if (webLogHost != null)
Log.InitWebLog(webLogHost,
AccountServer.class.getSimpleName().toString());
AccountDBManager.createInstance(databaseHost);
HealthHolder healthHolder = new SimpleHealthHolder(TimeUnit.SECONDS,100);
ServerSystem serverSystem = new ServerSystem();
serverSystem.addResource(new CloudPingResource());
serverSystem.addResource(new CloudPingResource(healthHolder));
serverSystem.addResource(new AccountResource());
serverSystem.addResource(new SessionResource());
serverSystem.addResource(new TokenRefreshResource());
......@@ -81,9 +85,18 @@ public class AccountServer {
serverSystem.addResource(new AclResource());
serverSystem.addResource(new InviteResource());
//change in version 2.0.0
serverSystem.addResource(new SecAccountResource());
serverSystem.addResource(new SecTokenRefreshResource());
serverSystem.addResource(new SecSessionResource());
serverSystem.addServer(
new CoapServer(new InetSocketAddress(coapServerPort)));
if(healthCheckEnabled){
serverSystem.addServer(new SimpleHttpServer(new InetSocketAddress(80),healthHolder));
}
serverSystem.startSystem(tlsMode);
Scanner in = new Scanner(System.in, "UTF-8");
......@@ -103,22 +116,21 @@ public class AccountServer {
private static boolean parseConfiguration(String[] args) {
// configuration provided by arguments
if (args.length == 4 || args.length == 6) {
if (args.length == 4) {
coapServerPort = Integer.parseInt(args[0]);
databaseHost = args[1] + ":" + args[2];
tlsMode = Integer.parseInt(args[3]) == 1;
if (args.length == 6)
webLogHost = args[4] + ":" + args[5];
healthCheckEnabled = false;
return true;
}
// configuration provided by docker env
String tlsModeEnv = System.getenv("TLS_MODE");
if (tlsModeEnv != null) {
coapServerPort = Integer.parseInt(System.getenv("COAP_PORT"));
databaseHost = System.getenv("MONGODB_ADDRESS") + ":"
+ System.getenv("MONGODB_PORT");
tlsMode = Integer.parseInt(tlsModeEnv) == 1;
healthCheckEnabled = Integer.parseInt(System.getenv("HEALTH_CHECK_ENABLED")) == 1;
return true;
}
return false;
......
......@@ -29,8 +29,9 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.bson.Document;
import org.iotivity.cloud.util.Log;
import com.mongodb.MongoClient;
import com.mongodb.client.MongoCollection;
......@@ -45,9 +46,9 @@ import com.mongodb.client.result.DeleteResult;
*
*/
public class MongoDB {
private MongoClient mongoClient = null;
private MongoDatabase db = null;
private final static Logger Log = LoggerFactory.getLogger(MongoDB.class);
private MongoClient mongoClient = null;
private MongoDatabase db = null;
/**
* API creating MongoClient and initializing MongoDatabase
......@@ -60,7 +61,6 @@ public class MongoDB {
*/
public MongoDB(String host, String dbname) throws Exception {
mongoClient = new MongoClient(host);
mongoClient.dropDatabase(dbname);
db = mongoClient.getDatabase(dbname);
}
......@@ -71,8 +71,23 @@ public class MongoDB {
* collection name
*/
public void createTable(String tableName) {
if (!collectionExists(tableName))
db.createCollection(tableName);
}
private boolean collectionExists(String tableName ) {
return db.listCollectionNames().into(new ArrayList<>()).contains(tableName);
}
db.createCollection(tableName);
/**
* API for dropping collection
*
* @param tableName
* collection name
*/
public void dropTable(String tableName) {
if (collectionExists(tableName))
db.getCollection(tableName).drop();
}
/**
......@@ -142,7 +157,7 @@ public class MongoDB {
} else {
Log.w("DB insert failed due to duplecated one.");
Log.warn("DB insert failed due to duplecated one.");
return false;
}
......@@ -152,8 +167,6 @@ public class MongoDB {
return false;
}
showRecord(tableName);
return true;
}
......@@ -191,8 +204,6 @@ public class MongoDB {
return false;
}
showRecord(tableName);
return true;
}
......@@ -218,12 +229,10 @@ public class MongoDB {
if (collection.findOneAndReplace(filter, record) == null) {
Log.w("DB updateX509CRL failed due to no matched record!");
Log.warn("DB updateX509CRL failed due to no matched record!");
return false;
}
showRecord(tableName);
return true;
}
......@@ -249,7 +258,7 @@ public class MongoDB {
DeleteResult result = collection.deleteMany(record);
if (result.getDeletedCount() == 0) {
Log.w("DB delete failed due to no mached record!");
Log.warn("DB delete failed due to no mached record!");
return false;
}
......@@ -259,8 +268,6 @@ public class MongoDB {
return false;
}
showRecord(tableName);
return true;
}
......@@ -336,25 +343,4 @@ public class MongoDB {
return resourceMap;
}
private void showRecord(String tableName) {
MongoCollection<Document> collection = db.getCollection(tableName);
MongoCursor<Document> cursor = collection.find().iterator();
Log.i("<" + tableName + ">");
HashMap<String, Object> records = null;
int index = 0;
while (cursor.hasNext()) {
Document doc = cursor.next();
records = convertDocumentToHashMap(doc);
Log.i("[" + index + "] " + records.toString());
index++;
}
cursor.close();
}
}
......@@ -23,6 +23,8 @@ package org.iotivity.cloud.accountserver.oauth;
import java.util.HashMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
......@@ -38,7 +40,6 @@ import org.iotivity.cloud.accountserver.db.TokenTable;
import org.iotivity.cloud.accountserver.db.UserTable;
import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
import org.iotivity.cloud.util.JSONUtil;
import org.iotivity.cloud.util.Log;;
/**
*
......@@ -48,6 +49,7 @@ import org.iotivity.cloud.util.Log;;
*/
public class Github implements OAuthProvider {
private final static Logger Log = LoggerFactory.getLogger(Github.class);
// do not use 'client_id' and 'secret' variables.
// should use values that are obtained from github.
final static private String client_id = "ea9c18f540323b0213d0";
......@@ -102,7 +104,7 @@ public class Github implements OAuthProvider {
UserTable userInfo = new UserTable();
if (accessToken == null) {
Log.w("accessToken is null!");
Log.warn("accessToken is null!");
return null;
}
......@@ -118,7 +120,7 @@ public class Github implements OAuthProvider {
request, OAuth.HttpMethod.GET, OAuthResourceResponse.class);
response = resourceResponse.getBody();
Log.d("response: " + response);
Log.debug("response: " + response);
} catch (OAuthSystemException | OAuthProblemException e) {
e.printStackTrace();
......@@ -132,7 +134,7 @@ public class Github implements OAuthProvider {
HashMap.class);
if (parsedData == null) {
Log.d("parsedData is null!");
Log.debug("parsedData is null!");
return null;
}
......
......@@ -23,6 +23,8 @@ package org.iotivity.cloud.accountserver.oauth;
import java.util.HashMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
......@@ -39,7 +41,6 @@ import org.iotivity.cloud.accountserver.db.TokenTable;
import org.iotivity.cloud.accountserver.db.UserTable;
import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
import org.iotivity.cloud.util.JSONUtil;
import org.iotivity.cloud.util.Log;;
/**
*
......@@ -49,6 +50,7 @@ import org.iotivity.cloud.util.Log;;
*/
public class Google implements OAuthProvider {
private final static Logger Log = LoggerFactory.getLogger(Google.class);
// do not use 'client_id' and 'secret' variables.
// should use values that are obtained from github.
final static private String client_id = "447649044559-f9r5sl6op3kkk0312u384o4g6hhucje1.apps.googleusercontent.com";
......@@ -63,7 +65,7 @@ public class Google implements OAuthProvider {
if (authCode == null) {
Log.w("authCode is null!");
Log.warn("authCode is null!");
return tokenInfo;
}
......@@ -84,7 +86,7 @@ public class Google implements OAuthProvider {
oauthResponse = oauthClient.accessToken(request, cl);
Log.d("OAuth response: " + oauthResponse.getBody());
Log.debug("OAuth response: " + oauthResponse.getBody());
tokenInfo.setAccesstoken(oauthResponse.getAccessToken());
tokenInfo.setRefreshtoken(oauthResponse.getRefreshToken());
......@@ -107,7 +109,7 @@ public class Google implements OAuthProvider {
if (refreshToken == null) {
Log.w("refreshToken is null!");
Log.warn("refreshToken is null!");
return tokenInfo;
}
......@@ -127,7 +129,7 @@ public class Google implements OAuthProvider {
oauthResponse = oauthClient.accessToken(request, cl);
Log.d("OAuth response: " + oauthResponse.getBody());
Log.debug("OAuth response: " + oauthResponse.getBody());
tokenInfo.setAccesstoken(oauthResponse.getAccessToken());
// Google provides refreshToken in one time.
......@@ -150,7 +152,7 @@ public class Google implements OAuthProvider {
UserTable userInfo = new UserTable();
if (accessToken == null) {
Log.w("accessToken is null!");
Log.warn("accessToken is null!");
return userInfo;
}
......@@ -168,7 +170,7 @@ public class Google implements OAuthProvider {
request, OAuth.HttpMethod.GET, OAuthResourceResponse.class);
response = resourceResponse.getBody();
Log.d("response: " + response);
Log.debug("response: " + response);
} catch (OAuthSystemException | OAuthProblemException e) {
e.printStackTrace();
......@@ -183,7 +185,7 @@ public class Google implements OAuthProvider {
HashMap.class);
if (parsedData == null) {
Log.d("parsedData is null!");
Log.debug("parsedData is null!");
return userInfo;
}
......
......@@ -26,13 +26,11 @@ import java.io.IOException;
import java.lang.reflect.Method;
import java.net.URL;
import java.net.URLClassLoader;
import java.util.Set;
import org.iotivity.cloud.accountserver.Constants;
import org.iotivity.cloud.accountserver.db.TokenTable;
import org.iotivity.cloud.accountserver.db.UserTable;
import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
import org.iotivity.cloud.util.Log;
import org.reflections.Reflections;
import org.reflections.scanners.SubTypesScanner;
import org.reflections.util.ClasspathHelper;
......
......@@ -38,6 +38,8 @@ import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.iotivity.cloud.accountserver.Constants;
import org.iotivity.cloud.accountserver.db.AccountDBManager;
import org.iotivity.cloud.accountserver.db.TokenTable;
......@@ -51,7 +53,6 @@ import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
import org.iotivity.cloud.base.exception.ServerException.InternalServerErrorException;
import org.iotivity.cloud.base.exception.ServerException.NotFoundException;
import org.iotivity.cloud.base.exception.ServerException.UnAuthorizedException;
import org.iotivity.cloud.util.Log;
/**
*
......@@ -60,7 +61,7 @@ import org.iotivity.cloud.util.Log;
*
*/
public class AccountManager {
private final static Logger Log = LoggerFactory.getLogger(AccountManager.class);
private OAuthProviderFactory mFactory = null;
private TypeCastingManager<UserTable> mUserTableCastingManager = new TypeCastingManager<>();
private TypeCastingManager<TokenTable> mTokenTableCastingManager = new TypeCastingManager<>();
......@@ -241,7 +242,7 @@ public class AccountManager {
private String checkAuthProviderName(String authProviderName) {
String libraryFileName = getValidFileName(Constants.OAUTH_LIBRARIES_PATH, authProviderName + ".jar");
if (libraryFileName == null) {
Log.w("OAuth 3rd party library " + authProviderName + " does not exist.");
Log.warn("OAuth 3rd party library " + authProviderName + " does not exist.");
return authProviderName;
}
return libraryFileName.substring(0, libraryFileName.length() - 4);
......@@ -349,16 +350,16 @@ public class AccountManager {
private TokenTable requestAccessToken(String authCode, Object options) {
TokenTable tokenInfo = mFactory.requestAccessTokenInfo(authCode,
options);
Log.d("access token : " + tokenInfo.getAccesstoken());
Log.d("refresh token : " + tokenInfo.getRefreshtoken());
Log.d("expired time : " + tokenInfo.getExpiredtime());
Log.debug("access token : " + tokenInfo.getAccesstoken());
Log.debug("refresh token : " + tokenInfo.getRefreshtoken());
Log.debug("expired time : " + tokenInfo.getExpiredtime());
return tokenInfo;
}
private UserTable requestUserInfo(String accessToken, Object options) {
UserTable userInfo = mFactory.requestGetUserInfo(accessToken, options);
Log.d("user id : " + userInfo.getUserid());
Log.debug("user id : " + userInfo.getUserid());
return userInfo;
}
......@@ -366,7 +367,7 @@ public class AccountManager {
private String generateUuid() {
UUID uuid = UUID.randomUUID();
String userUuid = uuid.toString();
Log.d("generated uuid : " + userUuid);
Log.debug("generated uuid : " + userUuid);
return userUuid;
}
......@@ -415,10 +416,10 @@ public class AccountManager {
private boolean checkRefreshTokenInDB(TokenTable tokenInfo, String token) {
if (tokenInfo.getRefreshtoken() == null) {
Log.w("Refreshtoken doesn't exist");
Log.warn("Refreshtoken doesn't exist");
return false;
} else if (!tokenInfo.getRefreshtoken().equals(token)) {
Log.w("Refreshtoken is not correct");
Log.warn("Refreshtoken is not correct");
return false;
}
return true;
......@@ -426,10 +427,10 @@ public class AccountManager {
private boolean checkAccessTokenInDB(TokenTable tokenInfo, String token) {
if (tokenInfo.getAccesstoken() == null) {
Log.w("AccessToken doesn't exist");
Log.warn("AccessToken doesn't exist");