path: root/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java
diff options
Diffstat (limited to 'odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java')
1 files changed, 99 insertions, 0 deletions
diff --git a/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java b/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java
new file mode 100644
index 00000000..9ebbb4d7
--- /dev/null
+++ b/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java
@@ -0,0 +1,99 @@
+ * Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v1.0 which accompanies this distribution,
+ * and is available at http://www.eclipse.org/legal/epl-v10.html
+ */
+package org.opendaylight.aaa.shiro.realm;
+import com.sun.jersey.api.client.Client;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.api.client.WebResource;
+import com.sun.jersey.api.client.config.ClientConfig;
+import com.sun.jersey.api.client.config.DefaultClientConfig;
+import java.util.LinkedHashSet;
+import java.util.Set;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.json.JSONException;
+import org.json.JSONObject;
+import org.json.JSONTokener;
+import org.opendaylight.aaa.shiro.moon.MoonPrincipal;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+ * MoonRealm is a Shiro Realm that authenticates users from OPNFV/moon platform
+ * @author Alioune BA alioune.ba@orange.com
+ *
+ */
+public class MoonRealm extends AuthorizingRealm{
+ private static final Logger LOG = LoggerFactory.getLogger(MoonRealm.class);
+ @Override
+ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ @Override
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
+ // TODO Auto-generated method stub
+ String username = "";
+ String password = "";
+ String domain = "sdn";
+ username = (String) authenticationToken.getPrincipal();
+ final UsernamePasswordToken upt = (UsernamePasswordToken) authenticationToken;
+ password = new String(upt.getPassword());
+ final MoonPrincipal moonPrincipal = moonAuthenticate(username,password,domain);
+ if (moonPrincipal!=null){
+ return new SimpleAuthenticationInfo(moonPrincipal, password.toCharArray(),getName());
+ }else{
+ return null;
+ }
+ }
+ public MoonPrincipal moonAuthenticate(String username, String password, String domain){
+ String output = "";
+ ClientConfig config = new DefaultClientConfig();
+ Client client = Client.create(config);
+ JSONTokener tokener;
+ JSONObject object =null;
+ Set<String> UserRoles = new LinkedHashSet<>();
+ String server = System.getenv("MOON_SERVER_ADDR");
+ String port = System.getenv("MOON_SERVER_PORT");
+ String URL = "http://" +server+ ":" +port+ "/moon/auth/tokens";
+ LOG.debug("Moon server is at: {} ", server);
+ WebResource webResource = client.resource(URL);
+ String input = "{\"username\": \""+ username + "\"," + "\"password\":" + "\"" + password + "\"," + "\"project\":" + "\"" + domain + "\"" + "}";;
+ ClientResponse response = webResource.type("application/json").post(ClientResponse.class, input);
+ output = response.getEntity(String.class);
+ tokener = new JSONTokener(output);
+ object = new JSONObject(tokener);
+ try {
+ if (object.getString("token")!=null){
+ String token = object.getString("token");
+ String userID = username+"@"+domain;
+ for (int i=0; i< object.getJSONArray("roles").length(); i++){
+ UserRoles.add((String) object.getJSONArray("roles").get(i));
+ }
+ MoonPrincipal principal = new MoonPrincipal(username,domain,userID,UserRoles,token);
+ return principal;
+ }
+ }catch (JSONException e){
+ throw new IllegalStateException("Authentication Error : "+ object.getJSONObject("error").getString("title"));
+ }
+ return null;
+ }