update

775f0acf · Alfredo Chissotti · d140eace · 775f0acf · 775f0acf · 775f0acf
Commit 775f0acf authored 2 years ago by Alfredo Chissotti
--- a/CloudAppManagerSimple/cloudappman-1662561565181-pub-tcplocalhost/.lck
+++ b/CloudAppManagerSimple/cloudappman-1662561565181-pub-tcplocalhost/.lck
--- a/domainManager/Domain/DBPissirDomain.db
+++ b/domainManager/Domain/DBPissirDomain.db
--- a/domainManager/Domain/bin/code/DeleteHandler.class
+++ b/domainManager/Domain/bin/code/DeleteHandler.class
--- a/domainManager/Domain/bin/code/InstallHandler.class
+++ b/domainManager/Domain/bin/code/InstallHandler.class
--- a/domainManager/Domain/bin/code/StartHandler.class
+++ b/domainManager/Domain/bin/code/StartHandler.class
--- a/domainManager/Domain/bin/code/TokenHandler.class
+++ b/domainManager/Domain/bin/code/TokenHandler.class
--- a/domainManager/Domain/bin/db/DBC.class
+++ b/domainManager/Domain/bin/db/DBC.class
--- a/domainManager/Domain/src/code/DeleteHandler.java
+++ b/domainManager/Domain/src/code/DeleteHandler.java
@@ -39,8 +39,6 @@ public class DeleteHandler implements HttpHandler{

 	@Override
 	public void handle(HttpExchange he) throws IOException {
-
-		URI requestedUri = he.getRequestURI();
 		String requestMethod = he.getRequestMethod();

 		if (requestMethod.compareToIgnoreCase("options") == 0) {
@@ -52,9 +50,6 @@ public class DeleteHandler implements HttpHandler{
 			return;
 		}

-		String response = "";
-
-
 		// String query = requestedUri.getRawQuery();
 		String body = readBody(he.getRequestBody());

@@ -91,7 +86,7 @@ public class DeleteHandler implements HttpHandler{
 				String dominio = new JSONObject(body).getString("domain");

 				Dominio d = DBC.getDom(dominio);
-				String s = user + "-A";
+				// String s = user + "-A";
 				/*
 				 * for(Dominio d : doms){ if( (d.getDomain() == dominio) &&
 				 * d.getUsers().contains(s)) //something here
@@ -144,9 +139,7 @@ public class DeleteHandler implements HttpHandler{
 				}

 				DBC.delDom(dominio);
-				//return;//per comunicare al cloudAppMng togliere il return e modificare opportunamente
-
-
+				System.out.println("Dominio eliminato");
 			} catch (SQLException | JSONException e) {
 				e.printStackTrace();
 				return;
@@ -176,50 +169,52 @@ public class DeleteHandler implements HttpHandler{



-			URL url = new URL("http://127.0.0.1:3002");//maybe, se CloudAppe è in localhost porta 8080
+
+
+			URL url = new URL("http://127.0.0.1:3002/delete");//maybe, se CloudAppe è in localhost porta 8080
 			//aggiungere 3000/delete
 			HttpURLConnection con = (HttpURLConnection) url.openConnection();
 			con.setRequestMethod("POST");
 			con.setRequestProperty("Content-Type", "application/json");
 			con.setRequestProperty("Accept", "application/json");
-
-
-
-			Map<String, String> parameters = new HashMap<>();
-
-			parameters.put("param1", "val");//FIXME parametri da mandare
-			//leggo da DB domini e riempio (magari famo .DAO??)
-
 			con.setDoOutput(true);
+			con.setConnectTimeout(5000);
+			con.setReadTimeout(5000);
+
 			DataOutputStream out = new DataOutputStream(con.getOutputStream());//inserimento param in call
-			out.writeBytes(ParameterStringBuilder.getParamsString(parameters));
+			out.writeBytes(body);
 			out.flush();
 			out.close();

 			//con.setRequestProperty("Content-Type", "application/json");
 			//String contentType = con.getHeaderField("Content-Type");

-			con.setConnectTimeout(5000);
-			con.setReadTimeout(5000);

+			System.out.println("ready to read response");
 			//leggo risposta
-			int status = con.getResponseCode();
-
-			BufferedReader in = new BufferedReader(
-					  new InputStreamReader(con.getInputStream()));
-			String inputLine;
-			StringBuffer content = new StringBuffer();
-			while ((inputLine = in.readLine()) != null) {
-					content.append(inputLine);
-					}
-			in.close();
+			try {

-			con.disconnect();
+				int status = con.getResponseCode();
+				
+				BufferedReader in = new BufferedReader(
+						  new InputStreamReader(con.getInputStream()));
+				String inputLine;
+				StringBuffer content = new StringBuffer();
+				while ((inputLine = in.readLine()) != null) {
+						content.append(inputLine);
+						}
+				in.close();
+
+				con.disconnect();
+			} catch (Exception e) {
+				//HERE remove this test
+				e.printStackTrace();
+				return;
+			}


 			//finita chiamata a CloudApp
-
-			//f.close();
+			System.out.println("finito");
 			OutputStream os = he.getResponseBody();

 			he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
@@ -229,7 +224,7 @@ public class DeleteHandler implements HttpHandler{
 			he.sendResponseHeaders(status, -1);//response.getBytes().length);//status
 			// os.write(response.getBytes());
 			os.close();
-
+			System.out.println("delted");
 		}

 	}

--- a/domainManager/Domain/src/code/InstallHandler.java
+++ b/domainManager/Domain/src/code/InstallHandler.java
 package code;

+import java.io.BufferedReader;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
 import java.net.HttpURLConnection;
-
-import java.net.InetSocketAddress;
-
-import com.sun.net.httpserver.HttpServer;
-import db.DBC;
-import db.Dominio;
-
-import java.nio.file.Files;
-import java.nio.file.Path;
+import java.net.URL;
 import java.security.NoSuchAlgorithmException;
 import java.sql.SQLException;

-import com.sun.net.httpserver.HttpExchange;
-import com.sun.net.httpserver.HttpHandler;
-import com.sun.net.httpserver.HttpContext;
-import com.sun.net.httpserver.Headers;
-import com.sun.net.httpserver.HttpPrincipal;
-
-import java.io.*;
-import java.lang.reflect.Array;
-import java.util.*;
-
 import org.json.JSONArray;
 import org.json.JSONException;
 import org.json.JSONObject;

-import java.net.URI;
-import java.net.URL;
-import java.net.URLDecoder;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+
+import db.DBC;
+import db.Dominio;

 public class InstallHandler implements HttpHandler {

@@ -40,7 +30,6 @@ public class InstallHandler implements HttpHandler {
 		String requestMethod = he.getRequestMethod();

 		if (requestMethod.compareToIgnoreCase("options") == 0) {
-			System.out.println("OPTIONS");
 			he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");// se non mettiamo *, viene errore CORS //http://localhost:3001/secured/domains
 			he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
 			he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
@@ -48,19 +37,19 @@ public class InstallHandler implements HttpHandler {
 			return;
 		}

-		String response = "";
+		// String response = "";

 		// String query = requestedUri.getRawQuery();
 		String body = readBody(he.getRequestBody());

 		 //he.getRequestHeaders().get("user").get(0);

-		String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
 		String user;



 		try {
+			String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
 			//JSONObject tok=new JSONObject(token);
 			//String accessToken=tok.getString("access_token");
 			String[] tokSplit=token.split("[.]");
@@ -88,8 +77,8 @@ public class InstallHandler implements HttpHandler {

 		//verifica user

-		if (requestMethod.compareToIgnoreCase("POST") == 0) {// || requestMethod.compareTo("post") == 0) {
-			System.out.println("POST");
+		if (requestMethod.compareToIgnoreCase("POST") == 0) {
+
 			JSONObject j = null;
 			try {
 				j = new JSONObject(body);
@@ -99,24 +88,24 @@ public class InstallHandler implements HttpHandler {

 					Dominio d = DBC.getDom(dm);
 					if (d != null) {
-						System.out.println("DOMINIO GIA' IN USO");
-						response = "DOMINIO GIA' IN USO";
+
+						// String response = "DOMINIO GIA' IN USO";
 						OutputStream os = he.getResponseBody();
 						he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
 						he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
 						he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
 						// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
-						he.sendResponseHeaders(403, response.getBytes().length);
-						os.write(response.getBytes());
+						he.sendResponseHeaders(403, -1);// response.getBytes().length);
+						// os.write(response.getBytes());
 						os.close();
 						return;
 					}
-					System.out.println("DOMINIO NON IN USO");
+


 			} catch (JSONException | SQLException e) {
-				// TODO Auto-generated catch block
 				e.printStackTrace();
+				return;
 			}

 			// effettuo chiamata a CloudAppManager
@@ -148,12 +137,8 @@ public class InstallHandler implements HttpHandler {
 			con.setConnectTimeout(5000);
 			con.setReadTimeout(5000);
 			DataOutputStream outForCloudApp = new DataOutputStream(con.getOutputStream());// inserimento param in call
-			outForCloudApp.writeBytes(j.toString());// ParameterStringBuilder.getParamsString(parameters));
+			outForCloudApp.writeBytes(j.toString());
 			outForCloudApp.flush();
-			// he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
-			// he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
-			// he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
-			// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
 			outForCloudApp.close();

 			// con.setRequestProperty("Content-Type", "application/json");
@@ -173,17 +158,20 @@ public class InstallHandler implements HttpHandler {

 			// f.close();
 			OutputStream os = he.getResponseBody();
-			he.sendResponseHeaders(status, content.length());
-			os.write(content.toString().getBytes());
 			he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
 			he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
 	        he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
 			// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
+			String response = content.toString();//{"result":"done"}
+			he.sendResponseHeaders(status, -1);//response.getBytes().length);
+			// os.write(response.getBytes());
+
 			// he.sendResponseHeaders(status, response.length());//status
 			// os.write(response.getBytes());
 			os.close();

-			System.out.println("status: "+status);
+
+			// inserisco i dati nel DB
 			if (status==200) {
 				//String s = user + "-A";
 				try {
@@ -194,20 +182,22 @@ public class InstallHandler implements HttpHandler {

 					String domain=j.getString("domain");
 					DBC.insertDom(domain);
-					// DBC.insertAmministra(user, domain);
+					// questa chiamata serve ad assicurarsi che l'utente che ha effettuato la chiamata sia anche amministratore del dominio
+					DBC.insertAmministra(user, domain);

 					JSONArray arrUsers = j.getJSONArray("users");
 					for(int i=0;i<arrUsers.length();i++) {
-						if(((JSONObject) arrUsers.get(i)).getString("role").equals("A")) {
-							String usr=((JSONObject) arrUsers.get(i)).getString("user");
+						JSONObject userObj = arrUsers.getJSONObject(i);
+						String usr=userObj.getString("user");
+						if(user.equals(usr)) continue;
+						if(userObj.getString("role").equals("A")) {
 							DBC.insertAmministra(usr, domain);
 						}
-						else if(((JSONObject) arrUsers.get(i)).getString("role").equals("U")) {
-							String usr=((JSONObject) arrUsers.get(i)).getString("user");
+						else if(userObj.getString("role").equals("U")) {
 							DBC.insertUsa(usr, domain);
-						}
+						} else System.err.println(userObj.toString());
 					}
-					System.out.println("Using JSON: "+j.toString());
+
 					JSONArray arrServ = j.getJSONArray("services");
 					for(int i=0;i<arrServ.length();i++) {

@@ -215,7 +205,7 @@ public class InstallHandler implements HttpHandler {
 						// String host=((JSONObject) arrUsers.get(i)).getString("host");
 						// DBC.insertService(domain,host,modul);
 						String modul = arrServ.get(i).toString();
-						DBC.insertService(domain,modul);
+						DBC.insertService(domain,modul);//FIXME da questo ricavare gli host
 					}

 					//non ci sono controlli!!!!

--- a/domainManager/Domain/src/code/StartHandler.java
+++ b/domainManager/Domain/src/code/StartHandler.java
@@ -58,7 +58,7 @@ public class StartHandler implements HttpHandler {
 		}
 		// String query = requestedUri.getRawQuery();
 		String body = readBody(he.getRequestBody());
-		String response = "";
+		
 		//String user = he.getRequestHeaders().get("user").get(0);
 		String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
 		String user;

--- a/domainManager/Domain/src/code/TokenHandler.java
+++ b/domainManager/Domain/src/code/TokenHandler.java
@@ -62,7 +62,6 @@ public class TokenHandler implements HttpHandler {
 			return;
 		}

-		String response = "";

 		// String query = requestedUri.getRawQuery();
 		// String body = readBody(he.getRequestBody());
@@ -74,13 +73,13 @@ public class TokenHandler implements HttpHandler {
 		// System.out.println("Headers: "+he.getRequestHeaders());
 		// System.out.println("Auth: "+he.getRequestHeaders().get("Authorization"));

-		String token = he.getRequestHeaders().get("Authorization").get(0).substring(7);// taglio bearer
 		// System.out.println("token: " + token);

 		try {
+			String token = he.getRequestHeaders().get("Authorization").get(0).substring(7);// taglio bearer
 			//JSONObject tok=new JSONObject(token);
 			//String accessToken=tok.getString("access_token");
-			String[] tokSplit=token.split("[.]");//Ale qui la regex non e' ".", perche' questo carattere significa qualsiasi carattere, quindi ti eliminirebbe tutta la stringa
+			String[] tokSplit=token.split("[.]");
 			if(tokSplit.length!=3)return;//controllo che il token abbia header,body e signature(abbia 2 punti :s)
 			//int scnddot=accessToken.lastIndexOf(".");//dopo questo indice è tutta signature
 			String signature=tokSplit[2];
@@ -88,11 +87,11 @@ public class TokenHandler implements HttpHandler {
 			user=verificaToken(token,signature);
 			// System.out.println("user: "+user);
 			if(user == null){
-				he.sendResponseHeaders(401, -1);
 				he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
 				he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
 				he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
 				// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
+				he.sendResponseHeaders(401, -1);
 				return;
 			}

@@ -220,20 +219,11 @@ public class TokenHandler implements HttpHandler {

 				}

-			} catch (SQLException | JSONException e) {
-				// TODO Auto-generated catch block
-				e.printStackTrace();
-			}
-
-			try {
 				res.put("response", rs);
-			} catch (JSONException e) {
-				// TODO Auto-generated catch block
+			} catch (SQLException | JSONException e) {
 				e.printStackTrace();
+				return;
 			}
-			int status = 200;
-
-
 			//			Map<String, Object> parameters = new HashMap<String, Object>();
 			//			Headers h=he.getResponseHeaders();
 			//			ArrayList<String> s=new ArrayList<String>();
@@ -254,14 +244,11 @@ public class TokenHandler implements HttpHandler {
 				//		          //  return;
 				//		        }

-			response = res.toString();
-			he.sendResponseHeaders(status, response.getBytes().length);
+			String response = res.toString();
+			he.sendResponseHeaders(200, response.getBytes().length);
 			OutputStream os = he.getResponseBody();
 			os.write(response.getBytes());
-			// he.sendResponseHeaders(status, response.length());//status
-			// os.write(response.getBytes());
 			os.close();
-			System.out.println(response);

 			// JSONObject j=new JSONObject();
 			// j.append("User", DBC.getDomainsUser(user));
@@ -272,9 +259,13 @@ public class TokenHandler implements HttpHandler {
 			// send Method not allowed
 			System.out.println("Method not allowed!");
 			// exchange.getResponseHeaders().remove("content-type");
-			response = "{\"message\":\"Method not allowed!\"}";
-			he.sendResponseHeaders(405, response.getBytes().length);
+			String response = "{\"message\":\"Method not allowed!\"}";
 			OutputStream os = he.getResponseBody();
+			he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
+			he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
+	        he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
+			// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
+			he.sendResponseHeaders(405, response.getBytes().length);
 			os.write(response.getBytes());
 			os.close();
 		}
@@ -339,24 +330,19 @@ public class TokenHandler implements HttpHandler {
 		String chiave = ogg.getJSONArray("x5c").get(0).toString();
 		String cert = "-----BEGIN CERTIFICATE-----\n" + chiave +"\n-----END CERTIFICATE-----";

-		Verifier verifier = RSAVerifier.newVerifier(cert);//ECVerifier.newVerifier(cert);
-		//Verifier verifier = ECVerifier.newVerifier(Paths.get("public_key.pem"));
+		Verifier verifier = RSAVerifier.newVerifier(cert);
 		try {
 			int index = encodedJWT.lastIndexOf('.');
 			byte[] message = encodedJWT.substring(0, index).getBytes(StandardCharsets.UTF_8);
-
-			byte[] signatureBytes = Base64.getUrlDecoder().decode(signature);
-			verifier.verify(Algorithm.RS256,message, signatureBytes);
+			// message = token.header + token.body (tokSplit[0]+"."+tokSplit[1])
+			byte[] signatureBytes = Base64.getUrlDecoder().decode(signature);//signature = tokSplit[2]
+			verifier.verify(Algorithm.RS256, message, signatureBytes);
 		} catch (InvalidJWTSignatureException e) {
 			System.out.println("ERRORE TOKEN");
 			return null;
 		}
-		// System.out.println("verified");
-
-
 		// Verify and decode the encoded string JWT to a rich object
 		JWT jwt = JWT.getDecoder().decode(encodedJWT, verifier);
-		// System.out.println("jwt:\n" + jwt);
 		/*
 		{
 			"aud" : "account",
@@ -390,8 +376,6 @@ public class TokenHandler implements HttpHandler {
 			"email" : "mario@gmail.com"
 		}
 		*/
-
-
 		return jwt.getString("preferred_username");
 	}


--- a/domainManager/Domain/src/db/DBC.java
+++ b/domainManager/Domain/src/db/DBC.java
@@ -648,18 +648,18 @@ public class DBC {
 			//prepared.setString(4, j.getString("resources").toString().trim());
 			prepared.setString(3, module);
 			//prepared.setString(6, j.getString("services").toString().trim());
-			int result = prepared.executeUpdate();
-
+			prepared.executeUpdate();
+			System.out.println("insertService is done");

 		} catch (SQLException e) {
-			System.out.println(e.getMessage());
+			e.printStackTrace();
 		} finally {
 			try {
 				if (conn != null) {
 					conn.close();
 				}
 			} catch (SQLException ex) {
-				System.out.println(ex.getMessage());
+				ex.printStackTrace();
 			}
 		}
 		//return null;
@@ -668,7 +668,6 @@ public class DBC {

 	/**
 	 * finds the host from the database and calls insertService(domain,host,service) to insert the data into the database
-	 * @param module
 	 */
 	public static void insertService(String domain, String module) throws JSONException {//FIXME aspettare Alessandro
 		// find the host from the database
@@ -681,27 +680,45 @@ public class DBC {

 			System.out.println("Connection to SQLite has been established: ---insertServiceLow---");

-			PreparedStatement prepared = conn.prepareStatement("SELECT Requirements FROM Moduli WHERE Module = ?1");
+			PreparedStatement first = conn.prepareStatement("SELECT Requirements FROM Moduli WHERE Module = ?1");
+			first.setString(1, module);

-			prepared.setString(1, domain);
-			ResultSet res = prepared.executeQuery();
+			ResultSet res = first.executeQuery();
+
+			ArrayList<String> requirements = new ArrayList<String>();
 			while (res.next()) {
-				System.out.println(res.toString());
-				String[] hosts = res.getString("Requirements").split(",");//also works if there is only one host
-				for (String h : hosts) {
-					insertService(domain, h, module);
+				// System.out.println(res.toString());
+				String[] requirementsArr = res.getString("Requirements").split(",");//also works if there is only one host
+
+				// add the requirementsArr to requirements
+				requirements.addAll(Arrays.asList(requirementsArr));
+			}
+
+			ArrayList<String> hosts = new ArrayList<String>();
+			for(String reqs : requirements){
+				PreparedStatement second = conn.prepareStatement("SELECT Host FROM Risorse WHERE Platform = ?1");// and Domain = ?2");
+				second.setString(1, reqs);
+				// second.setString(2, domain);
+
+				ResultSet res2 = second.executeQuery();
+				while (res2.next()) {
+					hosts.add(res2.getString("Host"));
 				}
 			}
+			conn.close();
+			for (String host : hosts) {
+				insertService(domain, host, module);
+			}

 		} catch (SQLException e) {
-			System.out.println(e.getMessage());
+			e.printStackTrace();
 		} finally {
 			try {
 				if (conn != null) {
 					conn.close();
 				}
 			} catch (SQLException ex) {
-				System.out.println(ex.getMessage());
+				ex.printStackTrace();
 			}
 		}
 	}

--- a/keycloak-19.0.1/data/h2/keycloakdb.lock.db
+++ b/keycloak-19.0.1/data/h2/keycloakdb.lock.db
+#FileLock
+#Wed Sep 07 17:45:10 CEST 2022
+hostName=192.168.1.160
+id=183189b76e938565937d0f025f159d9dc0225ed3dcc
+method=file
+server=192.168.1.160\:65424
--- a/webapp/public/js/authentication/app.js
+++ b/webapp/public/js/authentication/app.js
@@ -229,7 +229,7 @@ class App {
            if(resultInstall) {
                const domainCreated = {
                    nome: domainName,
-                    stato: "off",
+                    stato: 0,
                    admin: true
                };
                this.showSingleDomain(domainCreated);