directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [4/4] directory-kerby git commit: Add get CA file REST API.
Date Wed, 01 Aug 2018 02:57:31 GMT
Add get CA file REST API.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/1cde8948
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/1cde8948
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/1cde8948

Branch: refs/heads/kerby-2.0.0
Commit: 1cde8948c0b24633392c7b7e80fa63c5100b325d
Parents: 0ed0647
Author: plusplusjiajia <jiajia.li@intel.com>
Authored: Wed Aug 1 10:38:54 2018 +0800
Committer: plusplusjiajia <jiajia.li@intel.com>
Committed: Wed Aug 1 10:54:26 2018 +0800

----------------------------------------------------------------------
 .../org/apache/kerby/has/client/HasClient.java  | 26 ++++++++------
 .../kerby/has/server/web/rest/ConfigApi.java    | 38 ++++++++++++++++++++
 2 files changed, 53 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/1cde8948/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
----------------------------------------------------------------------
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
index c59e70d..f208033 100755
--- a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasClient.java
@@ -382,7 +382,7 @@ public class HasClient {
             try {
                 kdcRep = KrbCodec.decodeMessage(byteBuffer);
             } catch (IOException e) {
-                throw new HasException("Krb decoding message failed", e);
+                throw new HasException("Krb decoding message failed. " + e.getMessage());
             }
             return kdcRep;
         } else {
@@ -433,7 +433,7 @@ public class HasClient {
         try {
             encKdcRepPart.decode(decryptedData);
         } catch (IOException e) {
-            throw new HasException("Failed to decode EncAsRepPart", e);
+            throw new HasException("Failed to decode EncAsRepPart. " + e.getMessage());
         }
         kdcRep.setEncPart(encKdcRepPart);
 
@@ -458,7 +458,7 @@ public class HasClient {
             try {
                 cCache.store(ccacheFile);
             } catch (IOException e) {
-                throw new HasException("Failed to store tgt", e);
+                throw new HasException("Failed to store tgt. " + e.getMessage());
             }
         } else {
             throw new IllegalArgumentException("Invalid ccache file, "
@@ -482,7 +482,7 @@ public class HasClient {
             }
         } catch (IOException e) {
             throw new HasException("Failed to create ccache file "
-                    + ccacheFile.getAbsolutePath(), e);
+                    + ccacheFile.getAbsolutePath() + ". " + e.getMessage());
         }
     }
 
@@ -554,7 +554,7 @@ public class HasClient {
         try {
             url = new URL("http://" + host + ":" + port + "/has/v1/getcert");
         } catch (MalformedURLException e) {
-            throw new HasException("Failed to create a URL object.", e);
+            throw new HasException("Failed to create a URL object." + e.getMessage());
         }
         try {
             httpConn = (HttpURLConnection) url.openConnection();
@@ -566,7 +566,7 @@ public class HasClient {
             httpConn.setRequestMethod("GET");
         } catch (ProtocolException e) {
             LOG.error("Fail to add principal. " + e);
-            throw new HasException("Failed to set the method for URL request.", e);
+            throw new HasException("Failed to set the method for URL request. " + e.getMessage());
         }
 
         try {
@@ -579,11 +579,12 @@ public class HasClient {
                 InputStream in = HasClientUtil.getInputStream(httpConn);
                 certificate = (X509Certificate) factory.generateCertificate(in);
             } catch (CertificateException e) {
-                throw new HasException("Failed to get certificate from HAS server", e);
+                throw new HasException("Failed to get certificate from HAS server. "
+                    + e.getMessage());
             }
 
         } catch (IOException e) {
-            throw new HasException("IO error occurred.", e);
+            throw new HasException("IO error occurred. " + e.getMessage());
         }
 
         return certificate;
@@ -624,7 +625,8 @@ public class HasClient {
                 caRoot = (X509Certificate) factory.generateCertificate(in);
             }
         } catch (CertificateException | IOException e) {
-            throw new HasException("Failed to get certificate from ca root file", e);
+            throw new HasException("Failed to get certificate from ca root file. "
+                + e.getMessage());
         }
 
         // Verify certificate with root certificate
@@ -661,7 +663,8 @@ public class HasClient {
             trustStore.store(out, password.toCharArray());
             out.close();
         } catch (IOException | GeneralSecurityException e) {
-            throw new HasException("Failed to create and save truststore file", e);
+            throw new HasException("Failed to create and save truststore file. "
+                + e.getMessage());
         }
         return password;
     }
@@ -681,7 +684,8 @@ public class HasClient {
 
             IOUtil.writeFile(content, new File(clientConfigFolder + "/ssl-client.conf"));
         } catch (IOException e) {
-            throw new HasException("Failed to create client ssl configuration file", e);
+            throw new HasException("Failed to create client ssl configuration file. "
+                + e.getMessage());
         }
     }
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/1cde8948/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/ConfigApi.java
----------------------------------------------------------------------
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/ConfigApi.java
b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/ConfigApi.java
index 2a70a34..262ad77 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/ConfigApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/ConfigApi.java
@@ -275,4 +275,42 @@ public class ConfigApi {
         }
         return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
     }
+
+    /**
+     * Get CA file.
+     *
+     * @return Response
+     */
+    @GET
+    @Path("/getcert")
+    @Produces(MediaType.TEXT_PLAIN)
+    public Response getCert() {
+        final HasServer hasServer = WebServer.getHasServerFromContext(context);
+        String errMessage = null;
+        File cert = null;
+        try {
+            HasConfig hasConfig = HasUtil.getHasConfig(
+                new File(hasServer.getConfDir(), "has-server.conf"));
+            if (hasConfig != null) {
+                String certPath = hasConfig.getSslClientCert();
+                cert = new File(certPath);
+                if (!cert.exists()) {
+                    errMessage = "Cert file not found in HAS server.";
+                    WebServer.LOG.error("Cert file not found in HAS server.");
+                }
+            } else {
+                errMessage = "has-server.conf not found.";
+                WebServer.LOG.error("has-server.conf not found.");
+            }
+        } catch (HasException e) {
+            errMessage = "Failed to get cert file" + e.getMessage();
+            WebServer.LOG.error("Failed to get cert file" + e.getMessage());
+        }
+        if (errMessage == null) {
+            return Response.ok(cert).header("Content-Disposition",
+                "attachment;filename=" + cert.getName()).build();
+        } else {
+            return Response.status(Response.Status.NOT_FOUND).entity(errMessage).build();
+        }
+    }
 }


Mime
View raw message