bundles/org.eclipse.equinox.ip/src/org/eclipse/equinox/internal/ip/provider/http/HttpProvider.java - equinox/rt.equinox.bundles - Git at Google

 /*******************************************************************************
  * Copyright (c) 1997, 2008 by ProSyst Software GmbH
  * http://www.prosyst.com
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v1.0
  * which accompanies this distribution, and is available at
  * http://www.eclipse.org/legal/epl-v10.html
  *
  * Contributors:
  *    ProSyst Software GmbH - initial API and implementation
  *******************************************************************************/
 package org.eclipse.equinox.internal.ip.provider.http;

 import java.util.*;
 import javax.servlet.http.*;
 import org.eclipse.equinox.internal.ip.ProvisioningInfoProvider;
 import org.eclipse.equinox.internal.ip.impl.Log;
 import org.eclipse.equinox.internal.ip.impl.ProvisioningAgent;
 import org.eclipse.equinox.internal.ip.provider.BaseProvider;
 import org.osgi.framework.*;
 import org.osgi.service.http.HttpService;
 import org.osgi.service.provisioning.ProvisioningService;
 import org.osgi.service.useradmin.*;

 /**
  * Implements ProvisioningInfoProvider. Allows remote data loading through HTTP.
  * Acts as dynamic provider. On <I>load(Dictionary)</I> it just get reference
  * to provisioning data.
  *
  * @author Avgustin Marinov
  * @author Pavlin Dobrev
  * @version 1.0
  */
 public class HttpProvider extends BaseProvider implements ProvisioningInfoProvider, ServiceListener {

 	/** Alias this servlet will be registered if remote configuration is allowed. */
 	public static final String ALIAS = "/rminit";
 	/**
 	 * This is a key for property that points if remote setting of info is
 	 * allowed.
 	 */
 	public static final String HTTP_SUPPORT = "equinox.provisioning.http.provider.allowed";
 	/**
 	 * This system property is used to be determined if to accepts only
 	 * HttpServletRequest-s with scheme "https".
 	 */
 	public static final String SECURE = "equinox.provisioning.http.provider.secure";
 	/** This system property determines if to requires authentication. */
 	public static final String REQUIRE_AUTH = "equinox.provisioning.require.auth";

 	/** If to accepts only HttpServletRequests with scheme "https". */
 	static boolean secure;
 	/** Reference to provisioning service. */
 	ProvisioningService prvSrv;
 	/** Bundle context reference. */
 	private BundleContext bc;
 	/** HTTP service that is used for registration of servlet. */
 	private HttpService http;
 	/** Servlet that is registered. */
 	private HttpServlet servlet = new HttpServletImpl();

 	/**
 	 * @see org.eclipse.equinox.internal.ip.impl.provider.BaseProvider#start(org.osgi.framework.BundleContext)
 	 */
 	public void start(BundleContext bc) throws Exception {
 		boolean httpsupport = true;
 		if (bc.getProperty(HTTP_SUPPORT) != null)
 			if (bc.getProperty(HTTP_SUPPORT).equals("false"))
 				httpsupport = false;
 		if (!httpsupport) {
 			Log.debug(this + " is not an allowed provider.");
 			return;
 		}

 		this.bc = bc;
 		super.start(bc);
 	}

 	/**
 	 * Stops provider. Unregister servlet.
 	 *
 	 * @see org.eclipse.equinox.internal.ip.impl.provider.BaseProvider#stop(org.osgi.framework.BundleContext)
 	 */
 	public void stop(BundleContext bc) {
 		super.stop(bc);
 		if (http != null) {
 			try {
 				http.unregister(ALIAS);
 			} catch (Exception e) {
 				// Not fatal
 			}
 			http = null;
 		}
 	}

 	/**
 	 * @see org.eclipse.equinox.internal.ip.ProvisioningInfoProvider#init(org.osgi.service.provisioning.ProvisioningService)
 	 */
 	public Dictionary init(ProvisioningService prvSrv) {
 		this.prvSrv = prvSrv;
 		secure = false;
 		if (ProvisioningAgent.bc.getProperty(SECURE) != null)
 			if (ProvisioningAgent.bc.getProperty(SECURE).equals("true"))
 				secure = true;
 		try {
 			bc.addServiceListener(this, '(' + "objectClass" + '=' + HttpService.class.getName() + ')');
 		} catch (Exception e) {
 			Log.debug(e);
 		}

 		synchronized (this) {
 			if (http == null) {
 				ServiceReference sref = bc.getServiceReference(HttpService.class.getName());
 				if (sref != null) {
 					http = (HttpService) bc.getService(sref);
 					registerServlet();
 				}
 			}
 		}
 		return null; // Do not loads
 	}

 	/**
 	 * @see org.eclipse.equinox.internal.ip.ProvisioningInfoProvider#get(java.lang.Object)
 	 */
 	public Object get(Object key) {
 		return null;
 	}

 	/**
 	 * Manages servlet (un)registration.
 	 *
 	 * @see org.osgi.framework.ServiceListener#serviceChanged(org.osgi.framework.ServiceEvent)
 	 */
 	public synchronized void serviceChanged(ServiceEvent se) {
 		if (se.getType() == ServiceEvent.REGISTERED) {
 			if (http == null) {
 				http = (HttpService) bc.getService(se.getServiceReference());
 				registerServlet();
 			}
 		} else if (se.getType() == ServiceEvent.UNREGISTERING) {
 			if (http != null) {
 				try {
 					http.unregister(ALIAS);
 				} catch (Exception e) {
 					// Not fatal
 				}
 				http = null;
 				ServiceReference sref = bc.getServiceReference(HttpService.class.getName());
 				if (sref != null) {
 					http = (HttpService) bc.getService(sref);
 					registerServlet();
 				}
 			}
 		}
 	}

 	// Registers servlet with ALIAS.
 	private void registerServlet() {
 		try {
 			http.registerServlet(ALIAS, servlet, null, Context.getInstance());
 			Log.debug("Servlet \"" + ALIAS + "\" registered.");
 		} catch (Exception e) {
 			// Servlet won't be registered
 			Log.debug("Error registering HTTP provider servlet!", e);
 		}
 	}

 	/**
 	 * Return name of provider.
 	 *
 	 * @return name.
 	 */
 	public String toString() {
 		return "Http";
 	}

 	/**
 	 * Class implements servlet which enables (un)secure remote configuration.
 	 */
 	class HttpServletImpl extends HttpServlet {

 		private static final long serialVersionUID = 1L;

 		// If supports remote configuration
 		/**
 		 * @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest,
 		 *      javax.servlet.http.HttpServletResponse)
 		 */
 		public void doGet(HttpServletRequest request, HttpServletResponse response) {
 			Log.debug("doGet ...");
 			if (request.getHeader("Get-Id") == null) {
 				Log.debug("Redirect to doPost.");
 				doPost(request, response);
 			} else {
 				Log.debug("Request for spid.");
 				if (secure && !request.getScheme().equals("https")) {
 					Log.debug("Request to secure HttpLoader must be via https!");
 					response.setHeader("error", "Request to secure HttpLoader must be via https!");
 					response.setStatus(HttpServletResponse.SC_OK);
 					return;
 				}
 				String spid = (String) prvSrv.getInformation().get(ProvisioningService.PROVISIONING_SPID);
 				if (spid != null && spid.length() != 0) {
 					response.setHeader("Gw-Id", spid);
 				}
 				response.setStatus(HttpServletResponse.SC_OK);
 			}
 		}

 		// If supports remote configuration
 		/**
 		 * @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
 		 *      javax.servlet.http.HttpServletResponse)
 		 */
 		public void doPost(HttpServletRequest request, HttpServletResponse response) {
 			Log.debug("doPost ...");
 			if (secure && !request.getScheme().equals("https")) {
 				Log.debug("Request to secure HttpLoader must be via https!");
 				response.setHeader("error", "Request to secure HttpLoader must be via https!");
 				response.setStatus(HttpServletResponse.SC_OK);
 				return;
 			}

 			String user = request.getParameter("user");
 			String pass = request.getParameter("pass");

 			boolean req_auth = false;
 			if (ProvisioningAgent.bc.getProperty(REQUIRE_AUTH) != null)
 				if (ProvisioningAgent.bc.getProperty(REQUIRE_AUTH).equals("true"))
 					req_auth = true;

 			if (!req_auth && !checkAccount(user, pass)) {
 				Log.debug("Incorrect Account!");
 				response.setHeader("error", "Incorrect account!");
 				return;
 			}

 			Dictionary info = new Hashtable();
 			Log.debug("HttpLoader loads:");
 			for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) {
 				String name = (String) e.nextElement();
 				if (!"user".equals(name) && !"pass".equals(name)) {
 					String param = request.getParameter(name);
 					if (ProvisioningInfoProvider.GM_HOST.equals(name) && "no".equals(param)) {
 						continue;
 					}
 					Log.debug("  " + name + '=' + param);
 					info.put(name, param);
 				}
 			}

 			prvSrv.addInformation(info);
 			response.setStatus(HttpServletResponse.SC_OK);
 		}
 	}

 	/*
 	 * Returns if account is correct.
 	 *
 	 * TODO: add user admin to tracked services
 	 */
 	boolean checkAccount(String user, String pass) {
 		if (user == null || pass == null) {
 			return false;
 		}

 		ServiceReference sref = bc.getServiceReference(UserAdmin.class.getName());
 		if (sref == null) {
 			return false;
 		}
 		UserAdmin userAdmin = (UserAdmin) bc.getService(sref);
 		if (userAdmin != null) {
 			try {
 				User userRole = (User) userAdmin.getRole(user);
 				if (userRole != null && userRole.hasCredential("password", pass)) {
 					Authorization authorization = userAdmin.getAuthorization(userRole);
 					return authorization.hasRole("administration");
 				}
 			} catch (Exception e) {
 				Log.debug(e);
 			}
 		}
 		return false;
 	}

 }
	/*******************************************************************************
	* Copyright (c) 1997, 2008 by ProSyst Software GmbH
	* http://www.prosyst.com
	* All rights reserved. This program and the accompanying materials
	* are made available under the terms of the Eclipse Public License v1.0
	* which accompanies this distribution, and is available at
	* http://www.eclipse.org/legal/epl-v10.html
	*
	* Contributors:
	* ProSyst Software GmbH - initial API and implementation
	*******************************************************************************/
	package org.eclipse.equinox.internal.ip.provider.http;

	import java.util.*;
	import javax.servlet.http.*;
	import org.eclipse.equinox.internal.ip.ProvisioningInfoProvider;
	import org.eclipse.equinox.internal.ip.impl.Log;
	import org.eclipse.equinox.internal.ip.impl.ProvisioningAgent;
	import org.eclipse.equinox.internal.ip.provider.BaseProvider;
	import org.osgi.framework.*;
	import org.osgi.service.http.HttpService;
	import org.osgi.service.provisioning.ProvisioningService;
	import org.osgi.service.useradmin.*;

	/**
	* Implements ProvisioningInfoProvider. Allows remote data loading through HTTP.
	* Acts as dynamic provider. On <I>load(Dictionary)</I> it just get reference
	* to provisioning data.
	*
	* @author Avgustin Marinov
	* @author Pavlin Dobrev
	* @version 1.0
	*/
	public class HttpProvider extends BaseProvider implements ProvisioningInfoProvider, ServiceListener {

	/** Alias this servlet will be registered if remote configuration is allowed. */
	public static final String ALIAS = "/rminit";
	/**
	* This is a key for property that points if remote setting of info is
	* allowed.
	*/
	public static final String HTTP_SUPPORT = "equinox.provisioning.http.provider.allowed";
	/**
	* This system property is used to be determined if to accepts only
	* HttpServletRequest-s with scheme "https".
	*/
	public static final String SECURE = "equinox.provisioning.http.provider.secure";
	/** This system property determines if to requires authentication. */
	public static final String REQUIRE_AUTH = "equinox.provisioning.require.auth";

	/** If to accepts only HttpServletRequests with scheme "https". */
	static boolean secure;
	/** Reference to provisioning service. */
	ProvisioningService prvSrv;
	/** Bundle context reference. */
	private BundleContext bc;
	/** HTTP service that is used for registration of servlet. */
	private HttpService http;
	/** Servlet that is registered. */
	private HttpServlet servlet = new HttpServletImpl();

	/**
	* @see org.eclipse.equinox.internal.ip.impl.provider.BaseProvider#start(org.osgi.framework.BundleContext)
	*/
	public void start(BundleContext bc) throws Exception {
	boolean httpsupport = true;
	if (bc.getProperty(HTTP_SUPPORT) != null)
	if (bc.getProperty(HTTP_SUPPORT).equals("false"))
	httpsupport = false;
	if (!httpsupport) {
	Log.debug(this + " is not an allowed provider.");
	return;
	}

	this.bc = bc;
	super.start(bc);
	}

	/**
	* Stops provider. Unregister servlet.
	*
	* @see org.eclipse.equinox.internal.ip.impl.provider.BaseProvider#stop(org.osgi.framework.BundleContext)
	*/
	public void stop(BundleContext bc) {
	super.stop(bc);
	if (http != null) {
	try {
	http.unregister(ALIAS);
	} catch (Exception e) {
	// Not fatal
	}
	http = null;
	}
	}

	/**
	* @see org.eclipse.equinox.internal.ip.ProvisioningInfoProvider#init(org.osgi.service.provisioning.ProvisioningService)
	*/
	public Dictionary init(ProvisioningService prvSrv) {
	this.prvSrv = prvSrv;
	secure = false;
	if (ProvisioningAgent.bc.getProperty(SECURE) != null)
	if (ProvisioningAgent.bc.getProperty(SECURE).equals("true"))
	secure = true;
	try {
	bc.addServiceListener(this, '(' + "objectClass" + '=' + HttpService.class.getName() + ')');
	} catch (Exception e) {
	Log.debug(e);
	}

	synchronized (this) {
	if (http == null) {
	ServiceReference sref = bc.getServiceReference(HttpService.class.getName());
	if (sref != null) {
	http = (HttpService) bc.getService(sref);
	registerServlet();
	}
	}
	}
	return null; // Do not loads
	}

	/**
	* @see org.eclipse.equinox.internal.ip.ProvisioningInfoProvider#get(java.lang.Object)
	*/
	public Object get(Object key) {
	return null;
	}

	/**
	* Manages servlet (un)registration.
	*
	* @see org.osgi.framework.ServiceListener#serviceChanged(org.osgi.framework.ServiceEvent)
	*/
	public synchronized void serviceChanged(ServiceEvent se) {
	if (se.getType() == ServiceEvent.REGISTERED) {
	if (http == null) {
	http = (HttpService) bc.getService(se.getServiceReference());
	registerServlet();
	}
	} else if (se.getType() == ServiceEvent.UNREGISTERING) {
	if (http != null) {
	try {
	http.unregister(ALIAS);
	} catch (Exception e) {
	// Not fatal
	}
	http = null;
	ServiceReference sref = bc.getServiceReference(HttpService.class.getName());
	if (sref != null) {
	http = (HttpService) bc.getService(sref);
	registerServlet();
	}
	}
	}
	}

	// Registers servlet with ALIAS.
	private void registerServlet() {
	try {
	http.registerServlet(ALIAS, servlet, null, Context.getInstance());
	Log.debug("Servlet \"" + ALIAS + "\" registered.");
	} catch (Exception e) {
	// Servlet won't be registered
	Log.debug("Error registering HTTP provider servlet!", e);
	}
	}

	/**
	* Return name of provider.
	*
	* @return name.
	*/
	public String toString() {
	return "Http";
	}

	/**
	* Class implements servlet which enables (un)secure remote configuration.
	*/
	class HttpServletImpl extends HttpServlet {

	private static final long serialVersionUID = 1L;

	// If supports remote configuration
	/**
	* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest,
	* javax.servlet.http.HttpServletResponse)
	*/
	public void doGet(HttpServletRequest request, HttpServletResponse response) {
	Log.debug("doGet ...");
	if (request.getHeader("Get-Id") == null) {
	Log.debug("Redirect to doPost.");
	doPost(request, response);
	} else {
	Log.debug("Request for spid.");
	if (secure && !request.getScheme().equals("https")) {
	Log.debug("Request to secure HttpLoader must be via https!");
	response.setHeader("error", "Request to secure HttpLoader must be via https!");
	response.setStatus(HttpServletResponse.SC_OK);
	return;
	}
	String spid = (String) prvSrv.getInformation().get(ProvisioningService.PROVISIONING_SPID);
	if (spid != null && spid.length() != 0) {
	response.setHeader("Gw-Id", spid);
	}
	response.setStatus(HttpServletResponse.SC_OK);
	}
	}

	// If supports remote configuration
	/**
	* @see javax.servlet.http.HttpServlet#doPost(javax.servlet.http.HttpServletRequest,
	* javax.servlet.http.HttpServletResponse)
	*/
	public void doPost(HttpServletRequest request, HttpServletResponse response) {
	Log.debug("doPost ...");
	if (secure && !request.getScheme().equals("https")) {
	Log.debug("Request to secure HttpLoader must be via https!");
	response.setHeader("error", "Request to secure HttpLoader must be via https!");
	response.setStatus(HttpServletResponse.SC_OK);
	return;
	}

	String user = request.getParameter("user");
	String pass = request.getParameter("pass");

	boolean req_auth = false;
	if (ProvisioningAgent.bc.getProperty(REQUIRE_AUTH) != null)
	if (ProvisioningAgent.bc.getProperty(REQUIRE_AUTH).equals("true"))
	req_auth = true;

	if (!req_auth && !checkAccount(user, pass)) {
	Log.debug("Incorrect Account!");
	response.setHeader("error", "Incorrect account!");
	return;
	}

	Dictionary info = new Hashtable();
	Log.debug("HttpLoader loads:");
	for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) {
	String name = (String) e.nextElement();
	if (!"user".equals(name) && !"pass".equals(name)) {
	String param = request.getParameter(name);
	if (ProvisioningInfoProvider.GM_HOST.equals(name) && "no".equals(param)) {
	continue;
	}
	Log.debug(" " + name + '=' + param);
	info.put(name, param);
	}
	}

	prvSrv.addInformation(info);
	response.setStatus(HttpServletResponse.SC_OK);
	}
	}

	/*
	* Returns if account is correct.
	*
	* TODO: add user admin to tracked services
	*/
	boolean checkAccount(String user, String pass) {
	if (user == null \|\| pass == null) {
	return false;
	}

	ServiceReference sref = bc.getServiceReference(UserAdmin.class.getName());
	if (sref == null) {
	return false;
	}
	UserAdmin userAdmin = (UserAdmin) bc.getService(sref);
	if (userAdmin != null) {
	try {
	User userRole = (User) userAdmin.getRole(user);
	if (userRole != null && userRole.hasCredential("password", pass)) {
	Authorization authorization = userAdmin.getAuthorization(userRole);
	return authorization.hasRole("administration");
	}
	} catch (Exception e) {
	Log.debug(e);
	}
	}
	return false;
	}

	}