Merge pull request #109 from delphi-hub/feature/Authorization

WIP: Authorization of Delphi Management at Instance Registry

Author: bhermann

app/authorization/AuthProvider.scala

@@ -0,0 +1,46 @@
+// Copyright (C) 2018 The Delphi Team.
+// See the LICENCE file distributed with this work for additional
+// information regarding copyright ownership.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package authorization
+
+
+import pdi.jwt.{Jwt, JwtAlgorithm, JwtClaim}
+import play.api.Configuration
+
+  object AuthProvider {
+
+    var Token = "" // scalastyle:ignore
+
+    /** This method generates JWT token for registering Delphi-Management at the Instance-Registry
+      *
+      * @param validFor
+      * @return
+      */
+
+    def generateJwt(validFor: Long = 1)(implicit configuration: Configuration): String = {
+      val jwtSecretKey = configuration.get[String]("play.http.secret.JWTkey")
+      if (Token == "" || !Jwt.isValid(Token, jwtSecretKey, Seq(JwtAlgorithm.HS256))) {
+        val claim = JwtClaim()
+          .issuedNow
+          .expiresIn(validFor * 300)
+          .startsNow
+          . +("user_id",  configuration.get[String]("play.http.instance"))
+          . +("user_type", "Admin")
+
+        Token = Jwt.encode(claim, jwtSecretKey, JwtAlgorithm.HS256)
+      }
+      Token
+    }
+  }

app/controllers/InstanceRegistryController.scala

@@ -22,14 +22,15 @@ import akka.actor.{ActorRef, ActorSystem}
 import javax.inject.Inject
 import play.api.{Configuration, Logger}
 import play.api.libs.concurrent.CustomExecutionContext
-import play.api.libs.json._
 import play.api.libs.ws.WSClient
 import akka.stream.Materializer
 import play.api.libs.streams.ActorFlow
 import actors.{ClientSocketActor, PublishSocketMessageActor}
 import play.api.mvc._
-
 import scala.concurrent.ExecutionContext
+import authorization.AuthProvider
+import play.api.libs.json.Json
+
 
 
 trait MyExecutionContext extends ExecutionContext
@@ -63,9 +64,15 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
   val instanceRegistryUri = config.get[String]("app.instanceRegistryUri")
   val instanceRegistryBasePath = config.get[String]("app.instanceRegistryBasePath")
 
+  /**This method maps list of instances with specific componentType.
+    *
+    * @param componentType
+    * @return
+    */
   def instances(componentType: String): Action[AnyContent] = Action.async {
-
-    ws.url(instanceRegistryUri + "/instances").addQueryStringParameters("ComponentType" -> componentType).get().map { response =>
+    ws.url(instanceRegistryUri).addQueryStringParameters("ComponentType" -> componentType)
+      .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+      .get().map { response =>
       // TODO: possible handling of parsing the data can be done here
 
       Ok(response.body)
@@ -80,8 +87,15 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     }
   }
 
+  /**Called to fetch network graph of current registry. Contains a list of all instances and all links
+    * currently registered.
+    *
+    * @return
+    */
+
   def getNetwork(): Action[AnyContent] = Action.async {
-    ws.url(instanceRegistryUri + "/network").get().map { response =>
+    ws.url(instanceRegistryUri + "/instances/network").withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+      .get().map { response =>
       // TODO: possible handling of parsing the data can be done here
       Logger.debug(response.body)
       if (response.status == 200) {
@@ -92,10 +106,20 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     }(myExecutionContext)
   }
 
-  def numberOfInstances(componentType: String) : Action[AnyContent] = Action.async {
+  /**
+    * Fetches the number of instances for the specified ComponentType. The ComponentType is an optional parameter which is passed as an query
+    * argument named 'ComponentType'
+    *
+    * @param componentType
+    * @return
+    */
+
+  def numberOfInstances(componentType: String): Action[AnyContent] = Action.async {
     // TODO: handle what should happen if the instance registry is not reachable.
     // TODO: create constants for the urls
-    ws.url(instanceRegistryUri + "/numberOfInstances").addQueryStringParameters("ComponentType" -> componentType).get().map { response =>
+    ws.url(instanceRegistryUri + "/count").addQueryStringParameters("ComponentType" -> componentType)
+      .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+      .get().map { response =>
       // TODO: possible handling of parsing the data can be done here
       if (response.status == 200) {
         Ok(response.body)
@@ -106,31 +130,36 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
   }
 
   /**
-  * This function is for handling all(start, stop, play, pause, resume) POST request.
-  * To control the instance State
-  * @param componentId
-  */
+    * This function is for handling all(start, stop, play, pause, resume) POST request.
+    * To control the instance State (E.g. /instances/42/stop )
+    *
+    * @param componentId
+    */
 
 
   def handleRequest(action: String, instanceID: String): Action[AnyContent] = Action.async { request =>
-    ws.url(instanceRegistryUri + action)
-      .addQueryStringParameters("Id" -> instanceID)
+    ws.url(instanceRegistryUri + "/instances/" + instanceID + action)
+      .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
       .post("")
       .map { response =>
         new Status(response.status)
       }(myExecutionContext)
   }
 
   /**
-  * This function is for handling an POST request for adding an instance to the Scala web server
-  *
-  * @param componentType
-  * @param name
-  */
-  def postInstance(compType: String, name: String): Action[AnyContent] = Action.async { request =>
-    ws.url(instanceRegistryUri + "/deploy")
-      .addQueryStringParameters("ComponentType" -> compType, "InstanceName" -> name)
-      .post("")
+    * This function is for handling an POST request for adding an instance to the Scala web server
+    * (E.g. .../instances/deploy
+    *
+    * @param componentType
+    * @param name
+    */
+
+  def postInstance(compType: String, name: String): Action[AnyContent] = Action.async
+  {
+    request =>
+    ws.url(instanceRegistryUri + "/instances/deploy")
+      .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+      .post(Json.obj("ComponentType" -> compType, "InstanceName" -> name))
       .map { response =>
         response.status match {
           // scalastyle:off magic.number
@@ -142,5 +171,4 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
         }
       }(myExecutionContext)
   }
-
 }

build.sbt

@@ -60,3 +60,5 @@ libraryDependencies ++= Seq(
   "com.google.guava" % "guava" % "25.1-jre",
   "org.apache.commons" % "commons-compress" % "1.16"
 )
+
+libraryDependencies += "com.pauldijou" %% "jwt-core" % "1.0.0"