occisession.cpp 4.84 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
// Copyright 2017 Budapest University of Technology and Economics (BME IK)
//
// This file is part of CIRCLE Cloud.
//
// CIRCLE is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free
// Software Foundation, either version 3 of the License, or (at your option)
// any later version.
//
// CIRCLE is distributed in the hope that it will be useful, but WITHOUT ANY
// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along
// with CIRCLE.  If not, see <http://www.gnu.org/licenses/>.

#include <string>
#include <exception>
#include <stdexcept>
#include "restclient-cpp/connection.h"
#include "restclient-cpp/restclient.h"
#include "json.hpp"

#include "occisession.h"
26
#include "saml2_ecp.h"
27

Czémán Arnold committed
28 29 30
#include <gq/Document.h>
#include <gq/Node.h>

31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
using std::string;
using nlohmann::json;
using namespace OcciClient;

void OcciSession::setCsrfTokenHeader(){
    auto resp = this->connection->getLastResponse();
    string csrftoken;
    try {
        csrftoken = resp.cookies.at("csrftoken");
    }
    catch (const std::out_of_range& e) {
        return;
    }
    this->connection->AppendHeader("X-CSRFToken", csrftoken);
}

Czémán Arnold committed
47
OcciSession::OcciSession(const char* url, bool insecure, bool csrf):url(url){
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117
    RestClient::init();
    this->connection = new RestClient::Connection(url);
    if (insecure) {
        this->connection->SetHostVerify(false);
        this->connection->SetPeerVerify(false);
    }
    this->csrftokenRequired = csrf;
    RestClient::HeaderFields headers;
    headers["Accept"] = "application/json";
    headers["Content-type"] = "application/json";
    headers["Referer"] = url;
    this->connection->SetHeaders(headers);
}

OcciSession::~OcciSession(){
    RestClient::disable();
}

json OcciSession::doRequest(string uri, RequestType type, json body){
    RestClient::Response r;

    if (this->csrftokenRequired)
        this->setCsrfTokenHeader();

    if (type == RequestType::Post)
        r = connection->post(uri, body.dump());
    else if (type == RequestType::Put)
        r = connection->put(uri, body.dump());
    else if (type == RequestType::Delete)
        r = connection->del(uri);
    else
        r = connection->get(uri);
    json result;
    try {
        result = json::parse(r.body);
    }
    catch (std::invalid_argument& e) {
        result = "{}"_json;
        throw std::domain_error("Didn't get a json response from the OCCI server.");
    }
    try {
        throw std::logic_error(result["error"].get<string>());
    }
    catch (std::domain_error e) {
        return result;
    }
}

json OcciSession::get(string uri) {
    return doRequest(uri, RequestType::Get);
}

json OcciSession::post(string uri, json body) {
    return doRequest(uri, RequestType::Post, body);
}

json OcciSession::put(string uri, json body) {
    return doRequest(uri, RequestType::Put, body);
}

json OcciSession::del(string uri) {
    return doRequest(uri, RequestType::Delete);
}

void OcciSession::circleOcciLogin(string username, string password){
    get("login/");
    string body = "{\"username\": \"" + username + "\", \"password\": \"" + password + "\"}";
    post("login/", json::parse(body));
}

Czémán Arnold committed
118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146
void OcciSession::BMELogin(string username, string password,  bool insecure){
    std::string& sp_url = url;
    auto con = new RestClient::Connection("");
    if (insecure) {
        con->SetHostVerify(false);
        con->SetPeerVerify(false);
    }
    con->FollowRedirects(true);
    auto r = con->get(sp_url + "/saml2/login/");
    auto idp_auth_url = con->GetInfo().lastRequest.effectiveUrl;
    std::string body = "j_username=" + username +
                       "&j_password=" + password;
    con->setCookies(r.cookies);
    r = con->post(idp_auth_url, body);
    CDocument doc;
    doc.parse(r.body.c_str());

    CSelection c = doc.find("input[name=RelayState]");
    auto RelayState = c.nodeAt(0).attribute("value");
    c = doc.find("input[name=SAMLResponse]");
    auto SAMLResponse = c.nodeAt(0).attribute("value");
    RestClient::PostData data;
    data["RelayState"] = RelayState;
    data["SAMLResponse"] = SAMLResponse;
    con->clearCookies();
    r = con->post(sp_url + "/saml2/acs/", data);
    this->connection->setCookies(r.cookies);
}

147 148 149 150 151 152 153 154 155 156 157 158 159 160

void OcciSession::saml2EcpLogin(std::string username,
                                std::string password,
                                std::string metadata,
                                bool insecure){

    auto r = saml2_ecp_login(username, password,
                             url + "/saml2/login/",
                             metadata,
                             insecure);
    this->connection->setCookies(r.cookies);

}

161 162 163
json OcciSession::queryInterface(){
    return get("-/");
}