Skip to content
Snippets Groups Projects
Commit 775f0acf authored by Alfredo Chissotti's avatar Alfredo Chissotti
Browse files

update

parent d140eace
No related branches found
No related tags found
No related merge requests found
Showing
with 125 additions and 133 deletions
No preview for this file type
No preview for this file type
No preview for this file type
No preview for this file type
No preview for this file type
No preview for this file type
......@@ -39,8 +39,6 @@ public class DeleteHandler implements HttpHandler{
@Override
public void handle(HttpExchange he) throws IOException {
URI requestedUri = he.getRequestURI();
String requestMethod = he.getRequestMethod();
if (requestMethod.compareToIgnoreCase("options") == 0) {
......@@ -52,9 +50,6 @@ public class DeleteHandler implements HttpHandler{
return;
}
String response = "";
// String query = requestedUri.getRawQuery();
String body = readBody(he.getRequestBody());
......@@ -91,7 +86,7 @@ public class DeleteHandler implements HttpHandler{
String dominio = new JSONObject(body).getString("domain");
Dominio d = DBC.getDom(dominio);
String s = user + "-A";
// String s = user + "-A";
/*
* for(Dominio d : doms){ if( (d.getDomain() == dominio) &&
* d.getUsers().contains(s)) //something here
......@@ -144,9 +139,7 @@ public class DeleteHandler implements HttpHandler{
}
DBC.delDom(dominio);
//return;//per comunicare al cloudAppMng togliere il return e modificare opportunamente
System.out.println("Dominio eliminato");
} catch (SQLException | JSONException e) {
e.printStackTrace();
return;
......@@ -176,50 +169,52 @@ public class DeleteHandler implements HttpHandler{
URL url = new URL("http://127.0.0.1:3002");//maybe, se CloudAppe è in localhost porta 8080
URL url = new URL("http://127.0.0.1:3002/delete");//maybe, se CloudAppe è in localhost porta 8080
//aggiungere 3000/delete
HttpURLConnection con = (HttpURLConnection) url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
Map<String, String> parameters = new HashMap<>();
parameters.put("param1", "val");//FIXME parametri da mandare
//leggo da DB domini e riempio (magari famo .DAO??)
con.setDoOutput(true);
con.setConnectTimeout(5000);
con.setReadTimeout(5000);
DataOutputStream out = new DataOutputStream(con.getOutputStream());//inserimento param in call
out.writeBytes(ParameterStringBuilder.getParamsString(parameters));
out.writeBytes(body);
out.flush();
out.close();
//con.setRequestProperty("Content-Type", "application/json");
//String contentType = con.getHeaderField("Content-Type");
con.setConnectTimeout(5000);
con.setReadTimeout(5000);
System.out.println("ready to read response");
//leggo risposta
int status = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer content = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
content.append(inputLine);
}
in.close();
try {
con.disconnect();
int status = con.getResponseCode();
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer content = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
content.append(inputLine);
}
in.close();
con.disconnect();
} catch (Exception e) {
//HERE remove this test
e.printStackTrace();
return;
}
//finita chiamata a CloudApp
//f.close();
System.out.println("finito");
OutputStream os = he.getResponseBody();
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
......@@ -229,7 +224,7 @@ public class DeleteHandler implements HttpHandler{
he.sendResponseHeaders(status, -1);//response.getBytes().length);//status
// os.write(response.getBytes());
os.close();
System.out.println("delted");
}
}
......
package code;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import com.sun.net.httpserver.HttpServer;
import db.DBC;
import db.Dominio;
import java.nio.file.Files;
import java.nio.file.Path;
import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.sql.SQLException;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpContext;
import com.sun.net.httpserver.Headers;
import com.sun.net.httpserver.HttpPrincipal;
import java.io.*;
import java.lang.reflect.Array;
import java.util.*;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import java.net.URI;
import java.net.URL;
import java.net.URLDecoder;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import db.DBC;
import db.Dominio;
public class InstallHandler implements HttpHandler {
......@@ -40,7 +30,6 @@ public class InstallHandler implements HttpHandler {
String requestMethod = he.getRequestMethod();
if (requestMethod.compareToIgnoreCase("options") == 0) {
System.out.println("OPTIONS");
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");// se non mettiamo *, viene errore CORS //http://localhost:3001/secured/domains
he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
......@@ -48,19 +37,19 @@ public class InstallHandler implements HttpHandler {
return;
}
String response = "";
// String response = "";
// String query = requestedUri.getRawQuery();
String body = readBody(he.getRequestBody());
//he.getRequestHeaders().get("user").get(0);
String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
String user;
try {
String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
//JSONObject tok=new JSONObject(token);
//String accessToken=tok.getString("access_token");
String[] tokSplit=token.split("[.]");
......@@ -88,8 +77,8 @@ public class InstallHandler implements HttpHandler {
//verifica user
if (requestMethod.compareToIgnoreCase("POST") == 0) {// || requestMethod.compareTo("post") == 0) {
System.out.println("POST");
if (requestMethod.compareToIgnoreCase("POST") == 0) {
JSONObject j = null;
try {
j = new JSONObject(body);
......@@ -99,24 +88,24 @@ public class InstallHandler implements HttpHandler {
Dominio d = DBC.getDom(dm);
if (d != null) {
System.out.println("DOMINIO GIA' IN USO");
response = "DOMINIO GIA' IN USO";
// String response = "DOMINIO GIA' IN USO";
OutputStream os = he.getResponseBody();
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
he.sendResponseHeaders(403, response.getBytes().length);
os.write(response.getBytes());
he.sendResponseHeaders(403, -1);// response.getBytes().length);
// os.write(response.getBytes());
os.close();
return;
}
System.out.println("DOMINIO NON IN USO");
} catch (JSONException | SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return;
}
// effettuo chiamata a CloudAppManager
......@@ -148,12 +137,8 @@ public class InstallHandler implements HttpHandler {
con.setConnectTimeout(5000);
con.setReadTimeout(5000);
DataOutputStream outForCloudApp = new DataOutputStream(con.getOutputStream());// inserimento param in call
outForCloudApp.writeBytes(j.toString());// ParameterStringBuilder.getParamsString(parameters));
outForCloudApp.writeBytes(j.toString());
outForCloudApp.flush();
// he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
// he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
// he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
outForCloudApp.close();
// con.setRequestProperty("Content-Type", "application/json");
......@@ -173,17 +158,20 @@ public class InstallHandler implements HttpHandler {
// f.close();
OutputStream os = he.getResponseBody();
he.sendResponseHeaders(status, content.length());
os.write(content.toString().getBytes());
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
String response = content.toString();//{"result":"done"}
he.sendResponseHeaders(status, -1);//response.getBytes().length);
// os.write(response.getBytes());
// he.sendResponseHeaders(status, response.length());//status
// os.write(response.getBytes());
os.close();
System.out.println("status: "+status);
// inserisco i dati nel DB
if (status==200) {
//String s = user + "-A";
try {
......@@ -194,20 +182,22 @@ public class InstallHandler implements HttpHandler {
String domain=j.getString("domain");
DBC.insertDom(domain);
// DBC.insertAmministra(user, domain);
// questa chiamata serve ad assicurarsi che l'utente che ha effettuato la chiamata sia anche amministratore del dominio
DBC.insertAmministra(user, domain);
JSONArray arrUsers = j.getJSONArray("users");
for(int i=0;i<arrUsers.length();i++) {
if(((JSONObject) arrUsers.get(i)).getString("role").equals("A")) {
String usr=((JSONObject) arrUsers.get(i)).getString("user");
JSONObject userObj = arrUsers.getJSONObject(i);
String usr=userObj.getString("user");
if(user.equals(usr)) continue;
if(userObj.getString("role").equals("A")) {
DBC.insertAmministra(usr, domain);
}
else if(((JSONObject) arrUsers.get(i)).getString("role").equals("U")) {
String usr=((JSONObject) arrUsers.get(i)).getString("user");
else if(userObj.getString("role").equals("U")) {
DBC.insertUsa(usr, domain);
}
} else System.err.println(userObj.toString());
}
System.out.println("Using JSON: "+j.toString());
JSONArray arrServ = j.getJSONArray("services");
for(int i=0;i<arrServ.length();i++) {
......@@ -215,7 +205,7 @@ public class InstallHandler implements HttpHandler {
// String host=((JSONObject) arrUsers.get(i)).getString("host");
// DBC.insertService(domain,host,modul);
String modul = arrServ.get(i).toString();
DBC.insertService(domain,modul);
DBC.insertService(domain,modul);//FIXME da questo ricavare gli host
}
//non ci sono controlli!!!!
......
......@@ -58,7 +58,7 @@ public class StartHandler implements HttpHandler {
}
// String query = requestedUri.getRawQuery();
String body = readBody(he.getRequestBody());
String response = "";
//String user = he.getRequestHeaders().get("user").get(0);
String token=he.getRequestHeaders().get("Authorization").get(0).substring(7);
String user;
......
......@@ -62,7 +62,6 @@ public class TokenHandler implements HttpHandler {
return;
}
String response = "";
// String query = requestedUri.getRawQuery();
// String body = readBody(he.getRequestBody());
......@@ -74,13 +73,13 @@ public class TokenHandler implements HttpHandler {
// System.out.println("Headers: "+he.getRequestHeaders());
// System.out.println("Auth: "+he.getRequestHeaders().get("Authorization"));
String token = he.getRequestHeaders().get("Authorization").get(0).substring(7);// taglio bearer
// System.out.println("token: " + token);
try {
String token = he.getRequestHeaders().get("Authorization").get(0).substring(7);// taglio bearer
//JSONObject tok=new JSONObject(token);
//String accessToken=tok.getString("access_token");
String[] tokSplit=token.split("[.]");//Ale qui la regex non e' ".", perche' questo carattere significa qualsiasi carattere, quindi ti eliminirebbe tutta la stringa
String[] tokSplit=token.split("[.]");
if(tokSplit.length!=3)return;//controllo che il token abbia header,body e signature(abbia 2 punti :s)
//int scnddot=accessToken.lastIndexOf(".");//dopo questo indice è tutta signature
String signature=tokSplit[2];
......@@ -88,11 +87,11 @@ public class TokenHandler implements HttpHandler {
user=verificaToken(token,signature);
// System.out.println("user: "+user);
if(user == null){
he.sendResponseHeaders(401, -1);
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
he.sendResponseHeaders(401, -1);
return;
}
......@@ -220,20 +219,11 @@ public class TokenHandler implements HttpHandler {
}
} catch (SQLException | JSONException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
res.put("response", rs);
} catch (JSONException e) {
// TODO Auto-generated catch block
} catch (SQLException | JSONException e) {
e.printStackTrace();
return;
}
int status = 200;
// Map<String, Object> parameters = new HashMap<String, Object>();
// Headers h=he.getResponseHeaders();
// ArrayList<String> s=new ArrayList<String>();
......@@ -254,14 +244,11 @@ public class TokenHandler implements HttpHandler {
// // return;
// }
response = res.toString();
he.sendResponseHeaders(status, response.getBytes().length);
String response = res.toString();
he.sendResponseHeaders(200, response.getBytes().length);
OutputStream os = he.getResponseBody();
os.write(response.getBytes());
// he.sendResponseHeaders(status, response.length());//status
// os.write(response.getBytes());
os.close();
System.out.println(response);
// JSONObject j=new JSONObject();
// j.append("User", DBC.getDomainsUser(user));
......@@ -272,9 +259,13 @@ public class TokenHandler implements HttpHandler {
// send Method not allowed
System.out.println("Method not allowed!");
// exchange.getResponseHeaders().remove("content-type");
response = "{\"message\":\"Method not allowed!\"}";
he.sendResponseHeaders(405, response.getBytes().length);
String response = "{\"message\":\"Method not allowed!\"}";
OutputStream os = he.getResponseBody();
he.getResponseHeaders().add("Access-Control-Allow-Origin", "*");//http://localhost:3001/secured/domains
he.getResponseHeaders().add("Access-Control-Allow-Methods", "GET, POST, OPTIONS");//non c'era POST
he.getResponseHeaders().add("Access-Control-Allow-Headers", "Content-Type,Authorization");
// questa parte sopra serve anche qui, non solo quando si chiama con OPTIONS
he.sendResponseHeaders(405, response.getBytes().length);
os.write(response.getBytes());
os.close();
}
......@@ -339,24 +330,19 @@ public class TokenHandler implements HttpHandler {
String chiave = ogg.getJSONArray("x5c").get(0).toString();
String cert = "-----BEGIN CERTIFICATE-----\n" + chiave +"\n-----END CERTIFICATE-----";
Verifier verifier = RSAVerifier.newVerifier(cert);//ECVerifier.newVerifier(cert);
//Verifier verifier = ECVerifier.newVerifier(Paths.get("public_key.pem"));
Verifier verifier = RSAVerifier.newVerifier(cert);
try {
int index = encodedJWT.lastIndexOf('.');
byte[] message = encodedJWT.substring(0, index).getBytes(StandardCharsets.UTF_8);
byte[] signatureBytes = Base64.getUrlDecoder().decode(signature);
verifier.verify(Algorithm.RS256,message, signatureBytes);
// message = token.header + token.body (tokSplit[0]+"."+tokSplit[1])
byte[] signatureBytes = Base64.getUrlDecoder().decode(signature);//signature = tokSplit[2]
verifier.verify(Algorithm.RS256, message, signatureBytes);
} catch (InvalidJWTSignatureException e) {
System.out.println("ERRORE TOKEN");
return null;
}
// System.out.println("verified");
// Verify and decode the encoded string JWT to a rich object
JWT jwt = JWT.getDecoder().decode(encodedJWT, verifier);
// System.out.println("jwt:\n" + jwt);
/*
{
"aud" : "account",
......@@ -390,8 +376,6 @@ public class TokenHandler implements HttpHandler {
"email" : "mario@gmail.com"
}
*/
return jwt.getString("preferred_username");
}
......
......@@ -648,18 +648,18 @@ public class DBC {
//prepared.setString(4, j.getString("resources").toString().trim());
prepared.setString(3, module);
//prepared.setString(6, j.getString("services").toString().trim());
int result = prepared.executeUpdate();
prepared.executeUpdate();
System.out.println("insertService is done");
} catch (SQLException e) {
System.out.println(e.getMessage());
e.printStackTrace();
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException ex) {
System.out.println(ex.getMessage());
ex.printStackTrace();
}
}
//return null;
......@@ -668,7 +668,6 @@ public class DBC {
/**
* finds the host from the database and calls insertService(domain,host,service) to insert the data into the database
* @param module
*/
public static void insertService(String domain, String module) throws JSONException {//FIXME aspettare Alessandro
// find the host from the database
......@@ -681,27 +680,45 @@ public class DBC {
System.out.println("Connection to SQLite has been established: ---insertServiceLow---");
PreparedStatement prepared = conn.prepareStatement("SELECT Requirements FROM Moduli WHERE Module = ?1");
PreparedStatement first = conn.prepareStatement("SELECT Requirements FROM Moduli WHERE Module = ?1");
first.setString(1, module);
prepared.setString(1, domain);
ResultSet res = prepared.executeQuery();
ResultSet res = first.executeQuery();
ArrayList<String> requirements = new ArrayList<String>();
while (res.next()) {
System.out.println(res.toString());
String[] hosts = res.getString("Requirements").split(",");//also works if there is only one host
for (String h : hosts) {
insertService(domain, h, module);
// System.out.println(res.toString());
String[] requirementsArr = res.getString("Requirements").split(",");//also works if there is only one host
// add the requirementsArr to requirements
requirements.addAll(Arrays.asList(requirementsArr));
}
ArrayList<String> hosts = new ArrayList<String>();
for(String reqs : requirements){
PreparedStatement second = conn.prepareStatement("SELECT Host FROM Risorse WHERE Platform = ?1");// and Domain = ?2");
second.setString(1, reqs);
// second.setString(2, domain);
ResultSet res2 = second.executeQuery();
while (res2.next()) {
hosts.add(res2.getString("Host"));
}
}
conn.close();
for (String host : hosts) {
insertService(domain, host, module);
}
} catch (SQLException e) {
System.out.println(e.getMessage());
e.printStackTrace();
} finally {
try {
if (conn != null) {
conn.close();
}
} catch (SQLException ex) {
System.out.println(ex.getMessage());
ex.printStackTrace();
}
}
}
......
#FileLock
#Wed Sep 07 17:45:10 CEST 2022
hostName=192.168.1.160
id=183189b76e938565937d0f025f159d9dc0225ed3dcc
method=file
server=192.168.1.160\:65424
......@@ -229,7 +229,7 @@ class App {
if(resultInstall) {
const domainCreated = {
nome: domainName,
stato: "off",
stato: 0,
admin: true
};
this.showSingleDomain(domainCreated);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment