Merge pull request #127 from delphi-hub/feature/userAuth

Feature/user auth

Author: Ayybeeshafi

app/authorization/AuthAction.scala

@@ -0,0 +1,58 @@
+// Copyright (C) 2018 The Delphi Team.
+// See the LICENCE file distributed with this work for additional
+// information regarding copyright ownership.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package authorization
+
+import javax.inject.Inject
+import pdi.jwt._
+import play.api.http.HeaderNames
+import play.api.mvc._
+import authorization.AuthProvider
+import play.api.Configuration
+
+import scala.concurrent.{ExecutionContext, Future}
+import scala.util.{Failure, Success}
+
+// A custom request type to hold our JWT claims, we can pass these on to the
+// handling action
+//case class UserRequest[A](jwt: JwtClaim, token: String, request: Request[A]) extends WrappedRequest[A](request)
+
+// Our custom action implementation
+class AuthAction @Inject()(bodyParser: BodyParsers.Default)(implicit ec: ExecutionContext, config: Configuration)
+  extends ActionBuilder[Request, AnyContent] {
+
+  override def parser: BodyParser[AnyContent] = bodyParser
+  override protected def executionContext: ExecutionContext = ec
+
+  // A regex for parsing the Authorization header value
+  private val headerTokenRegex = """Bearer (.+?)""".r
+
+  // Called when a request is invoked. We should validate the bearer token here
+  // and allow the request to proceed if it is valid.
+  override def invokeBlock[A](request: Request[A], block: Request[A] => Future[Result]): Future[Result] =
+    extractBearerToken(request) map { token =>
+      if(AuthProvider.validateJwt(token)) {
+        block(request)   // token was valid - proceed!
+      } else {
+        Future.successful(Results.Unauthorized("Invalid"))  // token was invalid - return 401
+      }
+    } getOrElse Future.successful(Results.Unauthorized)     // no token was sent - return 401
+
+  // Helper for extracting the token value
+  private def extractBearerToken[A](request: Request[A]): Option[String] =
+    request.headers.get(HeaderNames.AUTHORIZATION) collect {
+      case headerTokenRegex(token) => token
+    }
+}

app/authorization/AuthProvider.scala

@@ -16,31 +16,47 @@
 package authorization
 
 
+
 import pdi.jwt.{Jwt, JwtAlgorithm, JwtClaim}
 import play.api.Configuration
 
-  object AuthProvider {
 
-    var Token = "" // scalastyle:ignore
 
-    /** This method generates JWT token for registering Delphi-Management at the Instance-Registry
-      *
-      * @param validFor
+  object AuthProvider  {
+
+      var Token = "" // scalastyle:ignore
+
+      /** This method generates JWT token for registering Delphi-Management at the Instance-Registry
+        *
+        * @param validFor
+        * @return
+        */
+
+      def generateJwt(validFor: Long = 1)(implicit configuration: Configuration): String = {
+        val jwtSecretKey = configuration.get[String]("play.http.secret.JWTkey")
+        if (Token == "" || !Jwt.isValid(Token, jwtSecretKey, Seq(JwtAlgorithm.HS256))) {
+          val claim = JwtClaim()
+            .issuedNow
+            .expiresIn(validFor * 300)
+            .startsNow
+            . +("user_id", configuration.get[String]("play.http.instance"))
+            . +("user_type", "Admin")
+
+          Token = Jwt.encode(claim, jwtSecretKey, JwtAlgorithm.HS256)
+        }
+        Token
+      }
+
+    /**
+      *  This method receives a token and validates if it is valid
+      * @param token
+      * @param configuration
       * @return
       */
 
-    def generateJwt(validFor: Long = 1)(implicit configuration: Configuration): String = {
+    def validateJwt(token: String)(implicit configuration: Configuration): Boolean = {
       val jwtSecretKey = configuration.get[String]("play.http.secret.JWTkey")
-      if (Token == "" || !Jwt.isValid(Token, jwtSecretKey, Seq(JwtAlgorithm.HS256))) {
-        val claim = JwtClaim()
-          .issuedNow
-          .expiresIn(validFor * 300)
-          .startsNow
-          . +("user_id",  configuration.get[String]("play.http.instance"))
-          . +("user_type", "Admin")
-
-        Token = Jwt.encode(claim, jwtSecretKey, JwtAlgorithm.HS256)
-      }
-      Token
+      Jwt.isValid(token, jwtSecretKey, Seq(JwtAlgorithm.HS256)) // Decode the token using the secret key
     }
+
   }

app/controllers/ApiRouter.scala

@@ -44,6 +44,7 @@ class ApiRouter @Inject()(irController: InstanceRegistryController, sysControlle
     case POST(p"/resumeInstance" ? q"instanceID=$instanceID") => irController.handleRequest(action="/resume", instanceID)
     case POST(p"/deleteInstance" ? q"instanceID=$instanceID") => irController.handleRequest(action="/delete", instanceID)
     case POST(p"/reconnectInstance" ? q"from=$from"& q"to=$to") => irController.reconnect(from.toInt, to.toInt)
+    case POST(p"/authenticate") => irController.authentication()
     case POST(p"/labelInstance" ? q"instanceID=$instanceID"& q"label=$label") => irController.labelInstance(instanceID, label)
   }
 }

app/controllers/InstanceRegistryController.scala

@@ -22,15 +22,14 @@ import akka.actor.{ActorRef, ActorSystem}
 import javax.inject.Inject
 import play.api.{Configuration, Logger}
 import play.api.libs.concurrent.CustomExecutionContext
-import play.api.libs.ws.WSClient
+import play.api.libs.ws.{WSAuthScheme, WSClient}
 import akka.stream.Materializer
 import play.api.libs.streams.ActorFlow
 import actors.{ClientSocketActor, PublishSocketMessageActor}
 import play.api.mvc._
-import scala.concurrent.ExecutionContext
-import authorization.AuthProvider
-import play.api.libs.json.Json
-
+import scala.concurrent.{Future, ExecutionContext}
+import authorization.{AuthProvider, AuthAction}
+import play.api.libs.json.{Json, JsValue}
 
 
 trait MyExecutionContext extends ExecutionContext
@@ -55,7 +54,7 @@ class MyExecutionContextImpl @Inject()(implicit system: ActorSystem)
 
 class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Materializer, myExecutionContext: MyExecutionContext,
                                            val controllerComponents: ControllerComponents,
-                                           ws: WSClient, config: Configuration)
+                                           ws: WSClient, config: Configuration, authAction: AuthAction)
   extends BaseController {
 
 
@@ -64,12 +63,13 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
   val instanceRegistryUri = config.get[String]("app.instanceRegistryUri")
   val instanceRegistryBasePath = config.get[String]("app.instanceRegistryBasePath")
 
-  /**This method maps list of instances with specific componentType.
+
+  /** This method maps list of instances with specific componentType.
     *
     * @param componentType
     * @return
     */
-  def instances(componentType: String): Action[AnyContent] = Action.async {
+  def instances(componentType: String): Action[AnyContent] = authAction.async {
     ws.url(instanceRegistryUri).addQueryStringParameters("ComponentType" -> componentType)
       .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
       .get().map { response =>
@@ -87,13 +87,13 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     }
   }
 
-  /**Called to fetch network graph of current registry. Contains a list of all instances and all links
+  /** Called to fetch network graph of current registry. Contains a list of all instances and all links
     * currently registered.
     *
     * @return
     */
 
-  def getNetwork(): Action[AnyContent] = Action.async {
+  def getNetwork(): Action[AnyContent] = authAction.async {
     ws.url(instanceRegistryUri + "/instances/network").withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
       .get().map { response =>
       // TODO: possible handling of parsing the data can be done here
@@ -114,7 +114,7 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     * @return
     */
 
-  def numberOfInstances(componentType: String): Action[AnyContent] = Action.async {
+  def numberOfInstances(componentType: String): Action[AnyContent] = authAction.async {
     // TODO: handle what should happen if the instance registry is not reachable.
     // TODO: create constants for the urls
     ws.url(instanceRegistryUri + "/count").addQueryStringParameters("ComponentType" -> componentType)
@@ -137,7 +137,7 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     */
 
 
-  def handleRequest(action: String, instanceID: String): Action[AnyContent] = Action.async { request =>
+  def handleRequest(action: String, instanceID: String): Action[AnyContent] = authAction.async { request =>
     ws.url(instanceRegistryUri + "/instances/" + instanceID + action)
       .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
       .post("")
@@ -146,7 +146,14 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
       }(myExecutionContext)
   }
 
-  def reconnect(from: Int, to: Int): Action[AnyContent] = Action.async { request =>
+  /**
+    *  This method is called to assign a new instance to the instance with specified ID.
+    * @param from
+    * @param to
+    * @return
+    */
+
+  def reconnect(from: Int, to: Int): Action[AnyContent] = authAction.async { request =>
 
     ws.url(instanceRegistryUri + "/instances/" + from + "/assignInstance"
     )
@@ -161,6 +168,7 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
         }
       }(myExecutionContext)
   }
+
   /**
     * This function is for handling an POST request for adding an instance to the Scala web server
     * (E.g. .../instances/deploy
@@ -169,25 +177,65 @@ class InstanceRegistryController @Inject()(implicit system: ActorSystem, mat: Ma
     * @param name
     */
 
-  def postInstance(compType: String, name: String): Action[AnyContent] = Action.async
-  {
+  def postInstance(compType: String, name: String): Action[AnyContent] = authAction.async {
     request =>
-    ws.url(instanceRegistryUri + "/instances/deploy")
-      .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
-      .post(Json.obj("ComponentType" -> compType, "InstanceName" -> name))
-      .map { response =>
-        response.status match {
-          // scalastyle:off magic.number
-          case 202 =>
-          // scalastyle:on magic.number
-            Ok(response.body)
-          case x: Any =>
-            new Status(x)
-        }
-      }(myExecutionContext)
+      ws.url(instanceRegistryUri + "/instances/deploy")
+        .withHttpHeaders(("Authorization", s"Bearer ${AuthProvider.generateJwt()}"))
+        .post(Json.obj("ComponentType" -> compType, "InstanceName" -> name))
+        .map { response =>
+          response.status match {
+            // scalastyle:off magic.number
+            case 202 =>
+              // scalastyle:on magic.number
+              Ok(response.body)
+            case x: Any =>
+              new Status(x)
+          }
+        }(myExecutionContext)
   }
 
-  def labelInstance(instanceID: String, label: String): Action[AnyContent] = Action.async
+  /**
+    * This function sends JWT token and Username:Password encoded into the headers to Instance Registry
+    * Instance registry returns a valid JWT token.
+    *
+    * @return
+    */
+
+  def authentication(): Action[AnyContent] = Action.async {
+    request =>
+      //val json = request.body.asJson.get
+
+
+      val jsonBody: Option[JsValue] = request.body.asJson
+
+      jsonBody.map { json =>
+
+        val username = (json \ "username").as[String]
+        val password = (json \ "password").as[String]
+
+        ws.url(instanceRegistryUri + "/users" + "/authenticate")
+          .withAuth(username, password, WSAuthScheme.BASIC)
+          .withHttpHeaders(("Delphi-Authorization", s"${AuthProvider.generateJwt()}"))
+          .post("")
+          .map { response =>
+            if (response.status == 200) {
+              Ok(Json.obj("token" -> response.body, "refreshToken" -> ""))
+            } else {
+              new Status(response.status)
+            }
+          }
+      }.getOrElse{ Future(BadRequest("Invalid body"))}
+
+    }
+
+  /**
+    * This function is used to add a label to specific instance.
+    * @param instanceID ID of the instance on which label is to be added
+    * @param label
+    * @return
+    */
+
+  def labelInstance(instanceID: String, label: String): Action[AnyContent] = authAction.async
   {
     request =>
     ws.url(instanceRegistryUri + "/instances/" + instanceID + "/label")

app/controllers/SystemInfoController.scala

@@ -25,13 +25,14 @@
  import play.api.libs.json.Json
  import play.api.mvc.{Action, AnyContent, BaseController, ControllerComponents}
  import play.core.PlayVersion
+ import authorization.AuthAction
+ import play.api.Configuration
 
-
- class SystemInfoController @Inject()(val controllerComponents: ControllerComponents) extends BaseController {
+ class SystemInfoController @Inject()(val controllerComponents: ControllerComponents, config: Configuration, authAction: AuthAction) extends BaseController {
    implicit val systemInfoWrites = Json.writes[SystemInfo]
    implicit val systemInfoReads = Json.reads[SystemInfo]
 
-  def getInfo: Action[AnyContent] = Action {
+  def getInfo: Action[AnyContent] = authAction {
 
     val info = SystemInfo(hostName = getHostName(), javaVersion = getJvmVersion(), platformName = getPlatformName(), scalaVersion = getScalaVersion())
     val infoJson = Json.toJson(info)
@@ -44,13 +45,10 @@
      }
    }
 
-
-
-   private def getHostName(): String = {
+    private def getHostName(): String = {
        InetAddress.getLocalHost().getHostName()
    }
 
-
    private def getPlatformName(): String = {
        val os = "os.name";
        val version = "os.version";

build.sbt

@@ -5,7 +5,7 @@ name := "delphi-management"
 organization := "de.upb"
 
 
-version := "0.9.0"
+version := "0.9.5-SNAPSHOT"
 
 
 scalaVersion := "2.12.4"