@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("/binary/read/{id}")
@Override
public Record getWithBinaryBy(@PathParam("id") long id) {
this.LOGGER.info("getWithBinaryBy()");
final Record record = this.recordService.getById(id);
final String filePath = record.getPath().concat(record.getName());
this.LOGGER.info("filePath: " + filePath);
final File file = new File(filePath);
this.LOGGER.info("" + file.exists());
if (file.exists()) {
try {
byte[] fileBuffer = Files.toByteArray(file);
record.setBinary(new String(Base64.encode(fileBuffer), "UTF-8"));
return record;
} catch (IOException ioe) {
return null;
}
}
return null;
}
@Override
public ResponseVO isUserAuthenticated(String authString, ResponseVO response) throws IOException {
String decodedAuth = "";
// Header is in the format "Basic 5tyc0uiDat4"
// We need to extract data before decoding it back to original string
// Decode the data back to original string
byte[] bytes = null;
new Base64();
bytes = Base64.decode(authString);
decodedAuth = new String(bytes);
String[] decodedAuths = decodedAuth.split(":");
User user = getUserDetail(decodedAuths[0], decodedAuths[1]);
if (user == null) {
response.setSuccess(false);
response.setError(new Error(222, "Invalid credentials!!"));
} else {
String accessToken = ApplicationUtilities.generateAccessToken(user);
CachedObject newCachedObject = new CachedObject(user.getUuid(), accessToken, 0);
CacheManager.putCache(newCachedObject);
response.setSuccess(true);
// response.setData(new LoggedInUserVO(accessToken,user.getEmailAddress()));
}
return response;
}
public ClientResponse handle(ClientRequest cr) {
cr.getHeaders()
.add(
HttpHeaders.AUTHORIZATION,
"Basic " + new String(Base64.encode(user + ":" + pass), Charset.forName("ASCII")));
ClientResponse resp = getNext().handle(cr);
return resp;
}
public static Token create(String username, String password) {
String value =
String.format("%s%s%s", username, password, String.valueOf(new Date().getTime()));
String result = "";
try {
result = new String(Base64.encode(value), "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return new Token(result);
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
final HttpServletRequest httpRequest = (HttpServletRequest) request;
final HttpServletResponse httpResponse = (HttpServletResponse) response;
// OPTIONS methods is used for CORS, no auth is required with this
// method
if (!"OPTIONS".equals(httpRequest.getMethod())) {
final String authHeader = httpRequest.getHeader("authorization");
if (authHeader == null) {
log.warn("Login failed : no auth header!");
httpResponse.setContentType("text/html");
httpResponse.sendError(
HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, no authorization header.");
return;
}
final String encodedValue = authHeader.split(" ")[1];
final String[] decodedValue = Base64.base64Decode(encodedValue).split(":");
if (decodedValue.length != 2) {
log.warn("Login failed : malformed auth header!");
httpResponse.setContentType("text/html");
httpResponse.sendError(
HttpServletResponse.SC_FORBIDDEN,
"Unauthorized access, malformed authorization header.");
return;
}
final String login = decodedValue[0];
final String password = decodedValue[1];
if (!USR.equals(login)) {
log.info("Login failed for " + login);
httpResponse.setContentType("text/html");
httpResponse.sendError(
HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, unknown user.");
return;
}
if (!PWD.equals(password)) {
log.info("Login failed for " + login);
httpResponse.setContentType("text/html");
httpResponse.sendError(
HttpServletResponse.SC_FORBIDDEN, "Unauthorized access, wrong password.");
return;
}
log.info("Login success for " + login);
}
chain.doFilter(request, response);
}
@Override
public void map(LongWritable ikey, Text ivalue, Context context)
throws IOException, InterruptedException {
// TODO Auto-generated method stub
String line = ivalue.toString();
int index = line.indexOf('\t');
if (index < 0) return;
int bIndex = line.indexOf(':');
if (bIndex < 0) return;
double val = Double.parseDouble(line.substring(0, bIndex));
try {
int pIndex = model.cIndex(val);
if (pIndex < li || pIndex > ri) return;
String cb = line.substring(bIndex + 1, index);
String b = new String(util.Dec(SecurityUtility.K, Base64.decode(cb.getBytes())));
if (pIndex == li) {
if (b.equals(bl) && val < left) return;
if (bl.equals("0") && b.equals("1")) return;
}
if (pIndex == ri) {
if (b.equals(bl) && val > right) return;
if (br.equals("1") && b.equals("0")) return;
}
long p = model.decRng(val, b);
String cextra = line.substring(index + 1);
String pextra = new String(util.Dec(SecurityUtility.K, Base64.decode(cextra.getBytes())));
context.write(new LongWritable(p), new Text(pextra));
} catch (Exception e) {
// TODO: handle exception
System.err.println(StringUtils.stringifyException(e));
}
}
public static CacheRequestContext build(
ContainerRequest request, Set<String> vary, boolean includeBody) {
try {
MessageDigest digest = MessageDigest.getInstance("SHA-1");
for (String header : vary) {
List<String> headerValues = request.getRequestHeader(header);
if (headerValues != null && headerValues.size() > 0) {
digest.update(header.getBytes(Charsets.UTF_8));
digest.update((byte) 0xFD);
for (String value : headerValues) {
digest.update(value.getBytes(Charsets.UTF_8));
digest.update((byte) 0xFE);
}
digest.update((byte) 0xFF);
}
}
if (includeBody) {
byte[] requestBody = request.getEntity(byte[].class);
if (requestBody == null) {
requestBody = new byte[0];
}
if (requestBody.length > 0) {
digest.update("Body".getBytes(Charsets.UTF_8));
digest.update((byte) 0xFD);
digest.update(requestBody);
digest.update((byte) 0xFF);
}
request.setEntityInputStream(new ByteArrayInputStream(requestBody));
}
String hash = new String(Base64.encode(digest.digest()), Charsets.US_ASCII);
return new CacheRequestContext(
request.getMethod(), request.getRequestUri(), request.getRequestHeaders(), hash);
} catch (NoSuchAlgorithmException ex) {
// This error should not occur since SHA-1 must be included with every java distribution
throw Throwables.propagate(ex);
}
}
/* This function performs the decoding of the authentication header */
public void decodeAuthorizationHeader() {
// check if this request has basic authentication
if (!authHeader.contains("Basic ")) {
throw new WebApplicationException(Response.Status.BAD_REQUEST);
}
authHeader = authHeader.substring("Basic ".length());
String[] decodedHeader;
decodedHeader = Base64.base64Decode(authHeader).split(":");
if (decodedHeader == null) {
throw new WebApplicationException(Response.Status.BAD_REQUEST);
}
oAuthenticationAccount.setusername(decodedHeader[0]);
oAuthenticationAccount.setpassword(decodedHeader[1]);
}
protected boolean authenticate(HttpServletRequest request) {
if (provider.isAuthenticated(request.getSession())) return true;
String user = null, pass = null;
String authorization = request.getHeader("Authorization");
if (authorization != null) {
String userpass = Base64.base64Decode(authorization.substring(6));
user = userpass.substring(0, userpass.indexOf(":"));
pass = userpass.substring(userpass.indexOf(":") + 1);
}
if (provider.authenticate(request.getSession(), user, pass)) {
log.info("Web API authenticated " + request.getSession() + " for user " + user);
if (user != null) {
request.getSession().setAttribute(AUTHENTICATED_USER_SESSION_ATTRIBUTE, user);
}
return true;
}
return false;
}
@Override
protected void configure() {
// If we want to add an auth header :
// http://blogs.oracle.com/enterprisetechtips/entry/consuming_restful_web_services_with
// webResource.header("authorization", Base64.encode("tomcat:tomcat"));
// Init http auth header
final byte[] pwd = Base64.encode("cloud-rest-user:niancat");
final String value = new String(pwd);
final String authorization = "Basic " + value;
bindConstant().annotatedWith(AuthorizationHeader.class).to(authorization);
// Init client
final ClientConfig clientConfig = new DefaultClientConfig();
clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
final Client client = Client.create(clientConfig);
client.addFilter(
new ClientFilter() {
@Override
public ClientResponse handle(final ClientRequest cr) throws ClientHandlerException {
final ClientResponse response = getNext().handle(cr);
return response;
}
});
final Properties properties = new Properties();
try {
properties.load(getClass().getResourceAsStream("/client.properties"));
} catch (final IOException e) {
e.printStackTrace();
}
final String serverUrl = properties.getProperty("server.http.url");
System.out.println("HTTPClientModule.configure() " + serverUrl);
// Init web resource
final WebResource webResource = client.resource(serverUrl);
bind(WebResource.class).toInstance(webResource);
}
// Code to add comments for Jira Issue
public static void RestAddComment(String strComment, String strIssueID) {
try {
String auth = new String(Base64.encode("admin:admin"));
String createCommentData = "{\"body\": \"" + strComment + "\"}\"";
String comment =
invokePostMethod(
auth, BASE_URL + "/rest/api/2/issue/" + strIssueID + "/comment", createCommentData);
System.out.println(comment);
JSONObject issueObj = new JSONObject(comment);
String newKey = issueObj.getString("id");
System.out.println("id:" + newKey);
} catch (AuthenticationException e) {
System.out.println("Username or Password wrong!");
e.printStackTrace();
} catch (ClientHandlerException e) {
System.out.println("Error invoking REST method");
e.printStackTrace();
} catch (JSONException e) {
System.out.println("Invalid JSON output");
e.printStackTrace();
}
}
@POST
@Path("/update")
@Consumes(value = "application/json")
@Override
public void update(Record record) {
this.LOGGER.debug("update(), record: {}", record);
if (record == null) return;
if (record.getName() == null) return;
if (record.getPath() == null) return;
if (record.getBinary() != null && !record.getBinary().isEmpty()) {
final String encodedString = record.getBinary();
byte[] decodedBuffer = Base64.decode(encodedString);
File file = new File(record.getPath());
if (!file.exists()) {
file.mkdirs();
}
try {
FileOutputStream outstream =
new FileOutputStream(record.getPath().concat(record.getName()));
outstream.write(decodedBuffer);
outstream.flush();
outstream.close();
} catch (FileNotFoundException fnfe) {
this.LOGGER.error(fnfe.getMessage());
Response.status(Status.INTERNAL_SERVER_ERROR).build();
} catch (IOException ioe) {
this.LOGGER.error(ioe.getMessage());
Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
}
final Record updatedRecord = this.recordService.update(record);
}
public Response authAdmin(HttpHeaders header) {
try {
String authorization = header.getRequestHeader(HttpHeaders.AUTHORIZATION).get(0);
byte[] authorizationArr = Base64.decode(authorization);
authorization = new String(authorizationArr, "UTF-8");
String[] authArr = authorization.split(":");
if (authArr.length == 2) {
String username = authArr[0];
String password = authArr[1];
logger.info("Trying login of admin {}", username);
try {
AuthorizationHandler auth = new AuthorizationHandler();
AuthTransfer type = auth.authAdmin(username, password);
return Response.status(Status.OK).entity(type).build();
} catch (WrongPasswordException e) {
logger.error("", e);
return Response.status(Status.UNAUTHORIZED).build();
} catch (NoUserFoundException e) {
logger.error("", e);
return Response.status(Status.NOT_FOUND).build();
} catch (Exception e) {
logger.error("", e);
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
}
} catch (UnsupportedEncodingException e) {
logger.error("", e);
}
return Response.status(Status.BAD_REQUEST).build();
}
@Override
public String encode(final String value) {
return new String(com.sun.jersey.core.util.Base64.encode(value));
}
@Override
public String decode(final String value) {
return com.sun.jersey.core.util.Base64.base64Decode(value);
}
@GET
@Path("flowStats/{cluster}/{user}/{appId}")
@Produces(MediaType.APPLICATION_JSON)
public PaginatedResult<Flow> getJobFlowStats(
@PathParam("cluster") String cluster,
@PathParam("user") String user,
@PathParam("appId") String appId,
@QueryParam("version") String version,
@QueryParam("startRow") String startRowParam,
@QueryParam("startTime") long startTime,
@QueryParam("endTime") long endTime,
@QueryParam("limit") @DefaultValue("100") int limit,
@QueryParam("includeJobs") boolean includeJobs)
throws IOException {
LOG.info(
"Fetching flowStats for flowStats/{cluster}/{user}/{appId} with input query: "
+ "flowStats/"
+ cluster
+ SLASH // + user /{appId} cluster + " user " + user
+ appId
+ "?version="
+ version
+ "&limit="
+ limit
+ "&startRow="
+ startRowParam
+ "&startTime="
+ startTime
+ "&endTime="
+ endTime
+ "&includeJobs="
+ includeJobs);
Stopwatch timer = new Stopwatch().start();
byte[] startRow = null;
if (startRowParam != null) {
startRow = Base64.decode(startRowParam);
}
if (includeJobs) {
serializationContext.set(
new SerializationContext(
SerializationContext.DetailLevel.FLOW_SUMMARY_STATS_WITH_JOB_STATS));
} else {
serializationContext.set(
new SerializationContext(SerializationContext.DetailLevel.FLOW_SUMMARY_STATS_ONLY));
}
if (endTime == 0) {
endTime = Long.MAX_VALUE;
}
if ((limit == 0) || (limit == Integer.MAX_VALUE)) {
limit = Integer.MAX_VALUE - 1;
}
List<Flow> flows =
getJobHistoryService()
.getFlowTimeSeriesStats(
cluster, user, appId, version, startTime, endTime, limit + 1, startRow);
PaginatedResult<Flow> flowStatsPage = new PaginatedResult<Flow>(limit);
// add request parameters
flowStatsPage.addRequestParameter("user", user);
flowStatsPage.addRequestParameter("appId", appId);
if (StringUtils.isNotBlank(version)) {
flowStatsPage.addRequestParameter("version", version);
} else {
flowStatsPage.addRequestParameter("version", "all");
}
flowStatsPage.addRequestParameter("startTime", Long.toString(startTime));
flowStatsPage.addRequestParameter("endTime", Long.toString(endTime));
flowStatsPage.addRequestParameter("limit", Integer.toString(limit));
if (startRow != null) {
flowStatsPage.addRequestParameter("startRow", startRowParam);
}
if (includeJobs) {
flowStatsPage.addRequestParameter("includeJobs", "true");
} else {
flowStatsPage.addRequestParameter("includeJobs", "false");
}
if (flows.size() > limit) {
// copy over the last excluding the last element
// the last element is the start row for next page
flowStatsPage.setValues(flows.subList(0, limit));
flowStatsPage.setNextStartRow(new FlowKeyConverter().toBytes(flows.get(limit).getFlowKey()));
} else {
flowStatsPage.setNextStartRow(null);
flowStatsPage.setValues(flows);
}
timer.stop();
LOG.info(
"For flowStats/{cluster}/{user}/{appId} with input query: "
+ "flowStats/"
+ cluster
+ SLASH // + user /{appId} cluster + " user " + user
+ appId
+ "?version="
+ version
+ "&limit="
+ limit
+ "&startRow="
+ startRow
+ "&startTime="
+ startTime
+ "&endTime="
+ endTime
+ "&includeJobs="
+ includeJobs
+ " fetched "
+ flows.size()
+ " in "
+ timer);
return flowStatsPage;
}
private String base64(String value) {
return new String(Base64.encode(value), Charset.forName("UTF-8"));
}
@GET
@Produces({MediaType.TEXT_XML, MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
// Browser XML response, XML application response and JSON application response all in the same
// method automatically.
public Device getDevice() {
logger.debug("URL .../rest/devices/<device_name> called.");
javax.naming.Context context = null; // JDBC
DataSource dataSource = null;
Connection connection = null;
Device device = null;
// Check access rights and filters
// Get login credentials for HTTP basic authentication (over HTTPS):
String header = headers.getRequestHeader("authorization").get(0);
header = header.substring("Basic ".length());
String[] creds = new String(Base64.base64Decode(header)).split(":");
String username = creds[0];
String password = creds[1];
System.out.println(
"["
+ this.getClass()
+ "] Basic HTTP authentication ('username','password'): '"
+ username
+ "','"
+ password
+ "'.");
// Debug print. DO NOT LEAVE HERE BECAUSE EXPOSES THE CREDENTIALS TO CONSOLE/LOGS.
// Check authorization in the case this service is accidentally installed on a non-secure Tomcat
// server:
if (username == null || username.length() == 0)
throw new javax.ws.rs.WebApplicationException(
javax.ws.rs.core.Response.Status
.UNAUTHORIZED); // Proper HTTP 401 response when invalid user.
/* No need to have the method introduce RuntimeExceptions in its signature, see inheritance:
java.lang.Object
extended by java.lang.Throwable
extended by java.lang.Exception
extended by java.lang.RuntimeException
extended by javax.ws.rs.WebApplicationException */
// Parse request parameters from a HttpServletRequest (not the Jersey way of doing things but
// needed here because we lack context information):
device_name = req.getParameter("device_name");
logger_application_name = req.getParameter("logger_application_name");
timestamp = req.getParameter("timestamp");
start_time = req.getParameter("start_time");
end_time = req.getParameter("end_time");
// Test print of request parameters in different ways:
System.out.println(
"[" + this.getClass() + "] Full request URL: " + uriInfo.getRequestUri().toString());
System.out.println("[" + this.getClass() + "] URL request parameters ('name','value'):");
System.out.println("'device_name','" + device_name + "'");
System.out.println("'logger_application_name','" + logger_application_name + "'");
System.out.println("'timestamp','" + timestamp + "'");
System.out.println("'start_time','" + start_time + "'");
System.out.println("'end_time','" + end_time + "'");
// Check access restrictions: NOT NEEDED HERE BECAUSE THE URL IDENTIFIES & VERIFIES THE USER.
// if ( ( device_name == null || device_name.length() == 0 ) &&
// !ConditionalAccess.NAME_DB_ADMINISTRATOR.equals(username) )
// throw new javax.ws.rs.WebApplicationException(javax.ws.rs.core.Response.Status.FORBIDDEN);
// A proper HTTP 403 response when an authenticated user has insufficient rights to the
// resource.
// Wikipedia (http://en.wikipedia.org/wiki/List_of_HTTP_status_codes):
// "The request was a valid request, but the server is refusing to respond to it.[2] Unlike a
// 401 Unauthorized response, authenticating will
// make no difference.[2] On servers where authentication is required, this commonly means that
// the provided credentials were successfully
// authenticated but that the credentials still do not grant the client permission to access the
// resource (e.g. a recognized user attempting
// to access restricted content)."
// Run a database request and create a REST response
try {
logger.debug("intializing JDBC connection.");
context = new InitialContext();
dataSource = (DataSource) context.lookup("java:comp/env/jdbc/postgres");
connection = dataSource.getConnection();
logger.debug("Got connection..");
// Get named device from the database:
device =
Queries.findDevice(
connection, deviceName); // Returns first match only or null if no device.
logger.debug("Fetching device '" + deviceName + "' done.");
} catch (Exception e) {
e.printStackTrace();
logger.warn(e.getMessage());
} finally {
if (context != null) {
try {
connection.close();
context.close();
} catch (Exception e) {
System.out.print(e.toString());
}
context = null;
}
}
if (device == null)
// throw new RuntimeException("GET: Device (user) with the name '" + deviceName + "' not
// found!");
throw new javax.ws.rs.WebApplicationException(
javax.ws.rs.core.Response.Status
.NOT_FOUND); // Proper HTTP 404 response if resource was not found.
/* No need to have the method introduce RuntimeExceptions in its signature, see inheritance:
java.lang.Object
extended by java.lang.Throwable
extended by java.lang.Exception
extended by java.lang.RuntimeException
extended by javax.ws.rs.WebApplicationException */
return device;
}
