summaryrefslogtreecommitdiff
path: root/server/core/LibOverride
diff options
context:
space:
mode:
Diffstat (limited to 'server/core/LibOverride')
-rwxr-xr-xserver/core/LibOverride/genTokenOptions.php314
-rwxr-xr-x[-rw-r--r--]server/core/LibOverride/projectTokenData/demo0
2 files changed, 238 insertions, 76 deletions
diff --git a/server/core/LibOverride/genTokenOptions.php b/server/core/LibOverride/genTokenOptions.php
index bdae8a6..7134887 100755
--- a/server/core/LibOverride/genTokenOptions.php
+++ b/server/core/LibOverride/genTokenOptions.php
@@ -1,4 +1,14 @@
<?php
+/**
+* File containing the override of the authentication for the Library.
+*
+* @version 1.0 Initialisation of this file
+* @since 1.0 Core application's file
+*
+* @author Eole 'eoledev at outlook . fr'
+*
+* @todo Check with the API, the condition and test the revoke token implementation
+*/
use GuzzleHttp\Client;
use OpenCloud\Common\Transport\HandlerStack;
@@ -9,47 +19,83 @@ use OpenCloud\Common\Auth\Token;
use OpenCloud\Common\Transport\Utils;
use OpenStack\Identity\v3\Models;
+/**
+* genTokenOptions Class
+*
+* This class allow the generation of tokens for openstack, and to inject
+* those tokens into the library. Which allow to do a proper login only once
+* and not for each request
+*
+*/
class genTokenOptions
{
+ /** @var Array $optionsGlobal private, contains the options common for the different tokens */
private $optionsGlobal;
-
- private $stack;
+ /** @var Array $backup private, contains all the informations about the different tokens. It contains the information send to the clients */
private $backup = [];
+ /** @var GuzzleHttp\Client $httpClient private, contains a default Client to construct some OpenStack library object */
private $httpClient;
+ /**
+ * genTokenOptions constructor
+ *
+ * @param Array $options Options to create the objects in the library
+ * AuthUrl is the main options required
+ *
+ * @return genTokenOptions Object
+ */
public function __construct($options){
- $this->stack = HandlerStack::create();
+ $stack = HandlerStack::create();
$httpClient = new Client([
- 'base_uri' => Utils::normalizeUrl($options['authUrl']),
- 'handler' => $this->stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($options['authUrl']),
+ 'handler' => $stack,
+ ]);
$this->httpClient = $httpClient;
- $options['identityService'] = Service::factory($httpClient);
+ $options['identityService'] = Service::factory($httpClient);
$options['authHandler'] = function () use ($options) {
return $options['identityService']->generateToken($options);
- };
+ };
$this->optionsGlobal['Common'] = $options;
}
-
- /**
- * @codeCoverageIgnore
- */
- private function addDebugMiddleware(array $options, HandlerStack &$stack)
- {
- if (!empty($options['debugLog'])
- && !empty($options['logger'])
- && !empty($options['messageFormatter'])
- ) {
- $stack->push(GuzzleMiddleware::log($options['logger'], $options['messageFormatter']));
- }
- }
+
+ /**
+ * Add a debug for the library
+ *
+ * @param array $options Debug options, cf library
+ * @param HandlerStack $stack pointer to a HandlerStack object
+ *
+ * @return void
+ */
+ private function addDebugMiddleware(array $options, HandlerStack &$stack)
+ {
+ if (!empty($options['debugLog'])
+ && !empty($options['logger'])
+ && !empty($options['messageFormatter'])
+ ) {
+ $stack->push(GuzzleMiddleware::log($options['logger'], $options['messageFormatter']));
+ }
+ }
+
+ /**
+ * Check the expiration time of a token
+ *
+ * @return boolean if the token is not expired
+ */
+ public function checkToken(){
+ return $this->backup['time'] > time();
+ }
+ /**
+ * Generate a new token for the Identity service
+ *
+ * @return void
+ */
public function genIdentityToken(){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'false';
@@ -67,20 +113,32 @@ class genTokenOptions
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Identity', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Identity'] = $options;
}
+ /**
+ * Revoke the token for the Identity Service
+ *
+ * @return void
+ */
public function revokeIdentityToken(){
$token = $this->unserializeToken($this->backup['Identity']['token']);
$this->optionsGlobal['Common']['identityService']->revokeToken($token->id);
}
+ /**
+ * Load a token for the Identity Service
+ *
+ * @param String $opt serialized token
+ *
+ * @return void
+ */
public function loadIdentityBackup($opt){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'false';
@@ -92,20 +150,25 @@ class genTokenOptions
$baseUrl = $this->backup['Identity']['baseUrl'];
$stack = HandlerStack::create();
-
+
$stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Identity', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Identity'] = $options;
}
+ /**
+ * Generate a new token for the Image service
+ *
+ * @return void
+ */
public function genImageToken(){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'glance';
@@ -116,25 +179,37 @@ class genTokenOptions
$stack = HandlerStack::create();
- $stack->push(Middleware::authHandler($options['authHandler'], $token));
+ $stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Image', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Image'] = $options;
}
+ /**
+ * Revoke the token for the Image Service
+ *
+ * @return void
+ */
public function revokeImageToken(){
$token = $this->unserializeToken($this->backup['Image']['token']);
$this->optionsGlobal['Common']['identityService']->revokeToken($token->id);
}
+ /**
+ * Load a token for the Image Service
+ *
+ * @param String $opt serialized token
+ *
+ * @return void
+ */
public function loadImageBackup($opt){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'glance';
@@ -144,7 +219,7 @@ class genTokenOptions
$this->backup['Image'] = $opt;
$token = $this->unserializeToken($this->backup['Image']['token']);
$baseUrl = $this->backup['Image']['baseUrl'];
-
+
$stack = HandlerStack::create();
$stack->push(Middleware::authHandler($options['authHandler'], $token));
@@ -152,13 +227,18 @@ class genTokenOptions
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Image', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Image'] = $options;
}
+ /**
+ * Generate a new token for the Metwork service
+ *
+ * @return void
+ */
public function genNetworkToken(){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'neutron';
@@ -169,25 +249,37 @@ class genTokenOptions
$stack = HandlerStack::create();
- $stack->push(Middleware::authHandler($options['authHandler'], $token));
+ $stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Network', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Network'] = $options;
}
+ /**
+ * Revoke the token for the Network Service
+ *
+ * @return void
+ */
public function revokeNetworkToken(){
$token = $this->unserializeToken($this->backup['Network']['token']);
$this->optionsGlobal['Common']['identityService']->revokeToken($token->id);
}
+ /**
+ * Load a token for the Network Service
+ *
+ * @param String $opt serialized token
+ *
+ * @return void
+ */
public function loadNetworkBackup($opt){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'neutron';
@@ -197,21 +289,26 @@ class genTokenOptions
$this->backup['Network'] = $opt;
$token = $this->unserializeToken($this->backup['Network']['token']);
$baseUrl = $this->backup['Network']['baseUrl'];
-
+
$stack = HandlerStack::create();
-
+
$stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Network', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Network'] = $options;
}
+ /**
+ * Generate a new token for the Compute service
+ *
+ * @return void
+ */
public function genComputeToken(){
$options = $this->optionsGlobal['Common'];
$options['catalogName'] = 'nova';
@@ -222,25 +319,37 @@ class genTokenOptions
$stack = HandlerStack::create();
- $stack->push(Middleware::authHandler($options['authHandler'], $token));
+ $stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Compute', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Compute'] = $options;
}
+ /**
+ * Revoke the token for the Compute Service
+ *
+ * @return void
+ */
public function revokeComputeToken(){
$token = $this->unserializeToken($this->backup['Compute']['token']);
$this->optionsGlobal['Common']['identityService']->revokeToken($token->id);
}
+ /**
+ * Load a token for the Compute Service
+ *
+ * @param String $opt serialized token
+ *
+ * @return void
+ */
public function loadComputeBackup($opt){
$options = $this->optionsGlobal['Common'];
@@ -251,40 +360,61 @@ class genTokenOptions
$this->backup['Compute'] = $opt;
$token = $this->unserializeToken($this->backup['Compute']['token']);
$baseUrl = $this->backup['Compute']['baseUrl'];
-
+
$stack = HandlerStack::create();
-
+
$stack->push(Middleware::authHandler($options['authHandler'], $token));
$this->addDebugMiddleware($options, $stack);
$options['httpClient'] = new Client([
- 'base_uri' => Utils::normalizeUrl($baseUrl),
- 'handler' => $stack,
- ]);
+ 'base_uri' => Utils::normalizeUrl($baseUrl),
+ 'handler' => $stack,
+ ]);
$this->saveBackup('Compute', array('token' => $token, 'baseUrl' => $baseUrl ));
$this->optionsGlobal['Compute'] = $options;
}
+ /**
+ * Save the token given a service name
+ *
+ * @param String $name name of the service to save
+ * @param Array $data token and baseUrl for the service
+ *
+ * @return void
+ */
private function saveBackup($name, $data){
$token = $this->serializeToken($data["token"]);
- $path = "core/LibOverride/projectTokenData/".$token['saved']["project"]["name"];
- //error_log(print_r($path, true), 0);
- file_put_contents("core/LibOverride/projectTokenData/".$token['saved']["project"]["name"], serialize($token['saved']));
+ $ret = file_put_contents("core/LibOverride/projectTokenData/".$token['saved']["project"]["name"], serialize($token['saved']));
+ if($ret === FALSE)
+ die("Internal Server Error : File Rights");
+ $this->backup['time'] = $token['time'];
$this->backup["roles"] = $token["roles"];
$this->backup["project"] = $token['saved']["project"]["name"];
$this->backup["user"] = $token["user"];
$this->backup[$name] = array('token' => $token["token"], 'baseUrl' => $data["baseUrl"] );
}
+ /**
+ * Retrieve the tokens saved
+ *
+ * @return String tokens serialized
+ */
public function getBackup(){
return serialize($this->backup);
}
+ /**
+ * Load tokens into the library
+ *
+ * @param String $back tokens serialized
+ *
+ * @return void
+ */
public function loadBackup($back){
$backup = unserialize($back);
-
+ $this->backup['time'] = $backup['time'];
$this->backup["roles"] = $backup["roles"];
$this->backup["project"] = $backup["project"];
$this->backup["user"] = $backup["user"];
@@ -295,18 +425,33 @@ class genTokenOptions
}
+ /**
+ * Retrieve the common options for a service
+ *
+ * @param String $service name of the service
+ *
+ * @return array Options to create the library class corresponding to this service
+ */
public function getOptions($service){
return $this->optionsGlobal[$service];
}
+ /**
+ * Serialize a given token
+ *
+ * @param Array $token token to be serialized
+ *
+ * @return String token serialized
+ */
private function serializeToken($token){
+ global $config;
$tokenSerialized = [];
$tokenSerialized["token"]["methods"] = serialize($token->methods);
$tokenSerialized["roles"] = [];
-
+
foreach($token->roles as $role){
- $tokenSerialized["roles"][serialize($role->id)]["links"] = serialize($role->links);
- $tokenSerialized["roles"][serialize($role->id)]["name"] = serialize($role->name);
+ $tokenSerialized["roles"][$role->id]["links"] = serialize($role->links);
+ $tokenSerialized["roles"][$role->id]["name"] = serialize($role->name);
}
$tokenSerialized["token"]["expires"] = serialize($token->expires);
@@ -318,19 +463,21 @@ class genTokenOptions
$tokenSerialized['saved']["project"]["links"] = serialize($token->project->links);
$tokenSerialized['saved']["project"]["name"] = $token->project->name;
+ $tokenSerialized['saved']["catalog"] = array();
foreach($token->catalog->services as $service){
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["name"] = serialize($service->name);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["description"] = serialize($service->description);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["type"] = serialize($service->type);
+ $tokenSerialized['saved']["catalog"][$service->id]["name"] = serialize($service->name);
+ $tokenSerialized['saved']["catalog"][$service->id]["description"] = serialize($service->description);
+ $tokenSerialized['saved']["catalog"][$service->id]["type"] = serialize($service->type);
+
foreach($service->endpoints as $end){
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["interface"] = serialize($end->interface);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["name"] = serialize($end->name);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["serviceId"] = serialize($end->serviceId);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["region"] = serialize($end->region);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["links"] = serialize($end->links);
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["endpoints"][serialize($end->id)]["url"] = serialize($end->url);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["interface"] = serialize($end->interface);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["name"] = serialize($end->name);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["serviceId"] = serialize($end->serviceId);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["region"] = serialize($end->region);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["links"] = serialize($end->links);
+ $tokenSerialized['saved']["catalog"][$service->id]["endpoints"][$end->id]["url"] = serialize($end->url);
}
- $tokenSerialized['saved']["catalog"][serialize($service->id)]["links"] = serialize($service->links);
+ $tokenSerialized['saved']["catalog"][$service->id]["links"] = serialize($service->links);
}
$tokenSerialized["token"]["extras"] = serialize($token->extras);
$tokenSerialized["user"]["domainId"] = serialize($token->user->domainId);
@@ -343,22 +490,35 @@ class genTokenOptions
$tokenSerialized["user"]["name"] = serialize($token->user->name);
$tokenSerialized["token"]["issued"] = serialize($token->issued);
$tokenSerialized["token"]["id"] = serialize($token->id);
+ $tokenSerialized['time'] = time()+$config['tokenTime']*60;
return $tokenSerialized;
}
+ /**
+ * Unserialize a token
+ *
+ * Unserialize a token and recreate the architecture of the library token
+ *
+ * @param String $tokenSerialized the token to be unserialized
+ *
+ * @return OpenCloud\Common\Auth\Token the token unserialized
+ */
private function unserializeToken($tokenSerialized){
$Saved = file_get_contents("core/LibOverride/projectTokenData/".$this->backup["project"]);
+ if($Saved === FALSE)
+ die("Internal Server Error : File Access");
$Saved = unserialize($Saved);
+
$api = new Api();
$token = new Models\Token($this->httpClient, $api);
$token->methods = unserialize($tokenSerialized["methods"]);
$token->roles = [];
-
+
foreach($this->backup["roles"] as $key => $role){
$tmp = new Models\Role($this->httpClient, $api);
- $tmp->id = unserialize($key);
+ $tmp->id = $key;
$tmp->links = unserialize($role["links"]);
$tmp->name = unserialize($role["name"]);
@@ -377,17 +537,19 @@ class genTokenOptions
$token->catalog = new Models\Catalog($this->httpClient, $api);
$token->catalog->services = [];
+
foreach($Saved["catalog"] as $key => $service){
$tmp = new Models\Service($this->httpClient, $api);
- $tmp->id = unserialize($key);
+ $tmp->id = $key;
$tmp->name = unserialize($service["name"]);
$tmp->description = unserialize($service["description"]);
$tmp->type = unserialize($service["type"]);
$tmp->endpoints = [];
+
foreach($service["endpoints"] as $key => $end){
$tmpEnd = new Models\Endpoint($this->httpClient, $api);
- $tmpEnd->id = unserialize($key);
+ $tmpEnd->id = $key;
$tmpEnd->interface = unserialize($end["interface"]);
$tmpEnd->name = unserialize($end["name"]);
$tmpEnd->serviceId = unserialize($end["serviceId"]);
@@ -412,7 +574,7 @@ class genTokenOptions
$token->user->description = unserialize($this->backup["user"]["description"]);
$token->issued = unserialize($tokenSerialized["issued"]);
$token->id = unserialize($tokenSerialized["id"]);
-
+
return $token;
}
}
diff --git a/server/core/LibOverride/projectTokenData/demo b/server/core/LibOverride/projectTokenData/demo
index 95d1e10..95d1e10 100644..100755
--- a/server/core/LibOverride/projectTokenData/demo
+++ b/server/core/LibOverride/projectTokenData/demo
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-16 18:28:07 +0000