diff options
Diffstat (limited to 'upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java')
-rw-r--r-- | upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java b/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java new file mode 100644 index 00000000..9ebbb4d7 --- /dev/null +++ b/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/MoonRealm.java @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ +package org.opendaylight.aaa.shiro.realm; + +import com.sun.jersey.api.client.Client; +import com.sun.jersey.api.client.ClientResponse; +import com.sun.jersey.api.client.WebResource; +import com.sun.jersey.api.client.config.ClientConfig; +import com.sun.jersey.api.client.config.DefaultClientConfig; + +import java.util.LinkedHashSet; +import java.util.Set; + +import org.apache.shiro.authc.AuthenticationException; +import org.apache.shiro.authc.AuthenticationInfo; +import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.authc.SimpleAuthenticationInfo; +import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.authz.AuthorizationInfo; +import org.apache.shiro.realm.AuthorizingRealm; +import org.apache.shiro.subject.PrincipalCollection; +import org.json.JSONException; +import org.json.JSONObject; +import org.json.JSONTokener; +import org.opendaylight.aaa.shiro.moon.MoonPrincipal; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +/** + * MoonRealm is a Shiro Realm that authenticates users from OPNFV/moon platform + * @author Alioune BA alioune.ba@orange.com + * + */ +public class MoonRealm extends AuthorizingRealm{ + + private static final Logger LOG = LoggerFactory.getLogger(MoonRealm.class); + @Override + protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection arg0) { + // TODO Auto-generated method stub + return null; + } + + @Override + protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { + // TODO Auto-generated method stub + String username = ""; + String password = ""; + String domain = "sdn"; + username = (String) authenticationToken.getPrincipal(); + final UsernamePasswordToken upt = (UsernamePasswordToken) authenticationToken; + password = new String(upt.getPassword()); + final MoonPrincipal moonPrincipal = moonAuthenticate(username,password,domain); + if (moonPrincipal!=null){ + return new SimpleAuthenticationInfo(moonPrincipal, password.toCharArray(),getName()); + }else{ + return null; + } + } + + public MoonPrincipal moonAuthenticate(String username, String password, String domain){ + + String output = ""; + ClientConfig config = new DefaultClientConfig(); + Client client = Client.create(config); + JSONTokener tokener; + JSONObject object =null; + Set<String> UserRoles = new LinkedHashSet<>(); + + String server = System.getenv("MOON_SERVER_ADDR"); + String port = System.getenv("MOON_SERVER_PORT"); + String URL = "http://" +server+ ":" +port+ "/moon/auth/tokens"; + LOG.debug("Moon server is at: {} ", server); + WebResource webResource = client.resource(URL); + String input = "{\"username\": \""+ username + "\"," + "\"password\":" + "\"" + password + "\"," + "\"project\":" + "\"" + domain + "\"" + "}";; + ClientResponse response = webResource.type("application/json").post(ClientResponse.class, input); + output = response.getEntity(String.class); + tokener = new JSONTokener(output); + object = new JSONObject(tokener); + try { + if (object.getString("token")!=null){ + String token = object.getString("token"); + String userID = username+"@"+domain; + for (int i=0; i< object.getJSONArray("roles").length(); i++){ + UserRoles.add((String) object.getJSONArray("roles").get(i)); + } + MoonPrincipal principal = new MoonPrincipal(username,domain,userID,UserRoles,token); + return principal; + } + }catch (JSONException e){ + throw new IllegalStateException("Authentication Error : "+ object.getJSONObject("error").getString("title")); + } + return null; + } + +} |