From e8ffed284bf53a47cfb5b0d53a16c876e18d6487 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <adellam@isti.cnr.it>
Date: Tue, 27 Sep 2016 15:31:23 +0200
Subject: [PATCH] library/roles/smartgears/smartgears: The new smartgears
 distributions are going to use the new authorization service. The container
 configuration changes heavily.

---
 .../smartgears/files/TokenGenerator.class     | Bin 0 -> 2464 bytes
 .../smartgears/files/TokenGenerator.java      |  53 ++++++++++++++++++
 .../smartgears/tasks/smartgears-app.yml       |  43 ++++++++++++--
 .../smartgears/templates/container-end.xml.j2 |   1 +
 .../smartgears/templates/container.xml.j2     |  20 ++++---
 smartgears/smartgears/templates/get-scopes.j2 |  20 +++++++
 6 files changed, 124 insertions(+), 13 deletions(-)
 create mode 100644 smartgears/smartgears/files/TokenGenerator.class
 create mode 100644 smartgears/smartgears/files/TokenGenerator.java
 create mode 100644 smartgears/smartgears/templates/container-end.xml.j2
 create mode 100644 smartgears/smartgears/templates/get-scopes.j2

diff --git a/smartgears/smartgears/files/TokenGenerator.class b/smartgears/smartgears/files/TokenGenerator.class
new file mode 100644
index 0000000000000000000000000000000000000000..56247ca295c8272ea5f12265763f78585c3c021a
GIT binary patch
literal 2464
zcmb_d%TrTV9R3a@oaE;6l!vKOL9}9gq@uNLKw3ZrEDAO#Mcdj-IK->Tz47LThkY(O
z{U5sRI77SWLKnf78C}&yU3b%&{t<4SPU&|NKoA_dC=<@}_xyg}@7&-2`SlTillaC!
z2TmJ!8}CTGYoHPdJ#<U-gmDJF67LxZ;dBV^>$y)~_UqMvfwMSgpbF>17{rjlVOZjV
zfd+hFU<4N>E*WUTXar-p9KweoB=vq=;z|ft^>RYuBLlBvGK6ae_Taq4b%~D!s(Nh4
z_Im{?I}cwK2n@K>N}zVccGRUpc1n5U)>MWkfvjaa0?nP*M{ZfORy<=l>3GujY$x5V
z6|0lJmAZY=%9Z3LK9Ts8X)-xRDsh7$G6V)BU?kmwms00#ZFkqWds{h!%2A%>yWVka
z+{6JKl=#eqg((5E<j{8GT0`HZOiV-Tu3Zd|o|{jpoNv31#EgkFZVI%#9A|&Q&P*#$
zpiz0A>$RmkW%-Q1ZH9K+OxU<(;x;lSvdBm{CS2_*r(?Ne!b9GKkCea}*GtFKslt?s
zr`&ATb>ddRzv+7RUE1R=V^4XOw-C>H?yOCZ@d4NI37_(Yof%hWP>`54F^749hP5Pg
zb`zfMD^E)-5Hk~Z@wtHP@ij)QQK%<gUYhtq2T}&0REl)~1Uky;rOTM=1WQV7GdgER
zqUL>O`y~!;GBAGAbLVueO?-u~c~!PD$B5Q35~$f+E`hoiD34CvQYoLB+fZbaV3{@o
zy*uET%Gk>BHH`BM@xF}^kLe?U`WMcJnO9mDH<Yuyyy8}%sdF2y4!`1DbGXC^bxF;Y
zxyhEewmI;HysxtC6}O<xm#veSV{8MTSt%>q&6cuqIps_X9NW(SmXKCyNyXZ<^82Rp
zZl>U?G0P{18#@ngk*8qDch@jn?|}_5kTN+PQHBj$TUwQxbKJ91?3!~spuUB@NtG&)
z1q-Fp6ZsOS8HDZReaq1%2S@%Fo6M{-uZV2(Hoy(*S0=uLpH;@N-*jkxo(OJg&7|^X
zZ5?qxf&Fi`Ud28JTfZ9S>eEzu2kSj`r=aqFU&^;<OV5FT>fFiK7R)!j7~NYruq`cu
zx>=cAFqLuhoU5(r>0}|7^He^s$j99qVO{TchK+XY=f_F^RY2(1m*X4UwQ?4mgRv!u
z`&<Yd;#gHWj3A6o9Ojy$6+a_@Y6@J4Rd$WU0$mql!LEm>=v_wTWUQ)d34uf)8Ym(-
zv4}&7-~-5IgeI2|ZZL|7=o^!B5!FT1M1w`tK0w`(BI=jXFnP3f3A+-(hiFVxEu(2N
z8dySeLW)F4o(?yKV~>8oM6@azj5US3enE@=vPRd<@7CtEkA~=)gVz?(o-j6qu$MPl
zc}<|^+pt(%`7tV=;7T;~1T9fnMC&4k65(hl8ZKhrB6?QOPVp?9;OXN;L@Ts!RA@|?
zRA6RQ2$d9~k;fVUxxsrI-M$0>-L>E6w|@^ybAWiy;T{&b`vZUCFMh|fc#3DM^K+tJ
zB_g7R`)BwY+~bDWFAh?^qEs&rdwEvN3f0kOJy#99YohHatv9oNEf~OV4Doc7MZbo9
zxWU^jX)#BM??{Myto0%#f1<_Tc>WYIdTXb*nAneF^cE9`a73KNQ8A1Yyam2T-3rx%
z5=SJC@+TyYfy42R6`C<NolC?e-jp~Y(M8V9N}Ozcj^Jf(BZC}<_`iZ(Fkh(!P(+*W
YiUd}ey4*$*=%?WhlJ*n>tiW6U0yUg?;Q#;t

literal 0
HcmV?d00001

diff --git a/smartgears/smartgears/files/TokenGenerator.java b/smartgears/smartgears/files/TokenGenerator.java
new file mode 100644
index 00000000..ba92ce10
--- /dev/null
+++ b/smartgears/smartgears/files/TokenGenerator.java
@@ -0,0 +1,53 @@
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+ 
+import org.gcube.common.authorization.client.proxy.AuthorizationProxy;
+import org.gcube.common.authorization.library.provider.ContainerInfo;
+import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
+ 
+import static org.gcube.common.authorization.client.Constants.authorizationService;
+ 
+public class TokenGenerator {
+ 
+    public static void main(String[] args) {
+ 
+        String adminToken = args[0];
+        String host = args[1];
+        int port = Integer.parseInt(args[2]);
+        File file = new File(args[3]);
+ 
+        try {
+            file.createNewFile();
+        } catch (IOException e1) {
+            System.out.println("error creating file "+file.getAbsolutePath());
+            e1.printStackTrace();
+        }
+ 
+        SecurityTokenProvider.instance.set(adminToken);
+ 
+        ContainerInfo containerInfo =  new ContainerInfo(host, port);
+ 
+        AuthorizationProxy proxy = authorizationService();
+ 
+        try(FileWriter fw = new FileWriter(file)){
+            for (int index =4; index<args.length; index++ ){
+                try {
+                    String token = proxy.requestActivation(containerInfo, args[index]);
+                    fw.write("<token>"+token+"</token>");
+                } catch (Exception e) {
+                    System.out.println("error generating token for context "+args[index]);
+                }
+            }
+        } catch (Exception e) {
+            System.out.println("error writing file "+file.getAbsolutePath());
+            e.printStackTrace();
+        }
+ 
+ 
+ 
+    }
+ 
+}
+ 
+
diff --git a/smartgears/smartgears/tasks/smartgears-app.yml b/smartgears/smartgears/tasks/smartgears-app.yml
index 0e62b7a6..ec0eb05a 100644
--- a/smartgears/smartgears/tasks/smartgears-app.yml
+++ b/smartgears/smartgears/tasks/smartgears-app.yml
@@ -47,15 +47,48 @@
   notify: Restart smartgears
   tags: [ 'smartgears', 'tomcat' ]
 
-- name: Install the smartgears configuration file
+- name: Create the directory where we put the smartgears configuration snippets
   become: True
   become_user: '{{ smartgears_user }}'
-  template: src=container.xml.j2 dest={{ smartgears_install_path }}/container.xml
-  with_items: '{{ tomcat_m_instances }}'
-  register: containerxml_state
-  notify: Restart smartgears 
+  file: dest={{ smartgears_user_home }}/.containerxml
   tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
 
+- name: Install the token generator class
+  file: src=TokenGeneartor.class dest=/usr/local/lib/TokenGenerator.class owner=root group=root mode=0644
+
+- name: Install the script that fetches the scope tokens
+  template: src=get-scopes.j2 dest=/usr/local/bin/get-scopes owner=root group={{ smartgears_user }} mode=0750
+  when: gcube_admin_token is defined
+  tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
+
+- name: Get the scope tokens from the authorization service
+  become: True
+  become_user: '{{ smartgears_user }}'
+  shell: 
+  when: gcube_admin_token is defined
+  tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
+
+- name: Install the smartgears template configuration. First part
+  become: True
+  become_user: '{{ smartgears_user }}'
+  template: src=container.xml.j2 dest={{ smartgears_user_home }}/.containerxml/1-container.xml
+  with_items: '{{ tomcat_m_instances }}'
+  tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
+
+- name: Install the smartgears template configuration file. Third part
+  become: True
+  become_user: '{{ smartgears_user }}'
+  template: src=container-end.xml.j2 dest={{ smartgears_user_home }}/.containerxml/3-container.xml
+  with_items: '{{ tomcat_m_instances }}'
+  tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
+
+- name: Assemble the smartgears container.xml
+  become: True
+  become_user: '{{ smartgears_user }}'
+  assemble: src={{ smartgears_user_home }}/.containerxml dest={{ smartgears_install_path }}/container.xml
+  register: containerxml_state
+  tags: [ 'smartgears', 'smartgears_conf', 'tomcat' ]
+  
 - name: Remove the smartgears application state if the configuration changed
   file: dest={{ smartgears_install_path }}/state state=absent
   when: ( containerxml_state | changed )
diff --git a/smartgears/smartgears/templates/container-end.xml.j2 b/smartgears/smartgears/templates/container-end.xml.j2
new file mode 100644
index 00000000..41e32629
--- /dev/null
+++ b/smartgears/smartgears/templates/container-end.xml.j2
@@ -0,0 +1 @@
+</container>
diff --git a/smartgears/smartgears/templates/container.xml.j2 b/smartgears/smartgears/templates/container.xml.j2
index ee1649e6..74a863fc 100644
--- a/smartgears/smartgears/templates/container.xml.j2
+++ b/smartgears/smartgears/templates/container.xml.j2
@@ -10,13 +10,7 @@
   {% else %}
   <port>{{ item.http_port }}</port>
   {% endif %}
-  <infrastructure>{{ smartgears_infrastructure_name }}</infrastructure>
-  {% if smartgears_vo %}
-  {% for vo_n in smartgears_vo_name %}
-  <vo>{{ vo_n }}</vo>
-  {% endfor %}
-  {% endif %}
-    
+
   <site>
 	<country>{{ smartgears_country }}</country>
 	<location>{{ smartgears_location }}</location>
@@ -27,6 +21,15 @@
   <property name='SmartGearsDistributionBundle' value='UnBundled' />
   <property name='SmartGearsDistribution' value='{{ smartgears_distribution_version }}' />
   <publication-frequency>60</publication-frequency>
+  <infrastructure>{{ smartgears_infrastructure_name }}</infrastructure>
+
+  {% if smartgears_distribution_version | version_compare('2.0.0', '<') %}
+  {% if smartgears_vo %}
+  {% for vo_n in smartgears_vo_name %}
+  <vo>{{ vo_n }}</vo>
+  {% endfor %}
+  {% endif %}
+    
   {% if smartgears_define_context_vo %}
   {% for context in smartgears_context %}
 
@@ -42,4 +45,5 @@
   </application>
   {% endfor %}
   {% endif %}
-</container>
+  
+{% endif %}
diff --git a/smartgears/smartgears/templates/get-scopes.j2 b/smartgears/smartgears/templates/get-scopes.j2
new file mode 100644
index 00000000..cd149d2a
--- /dev/null
+++ b/smartgears/smartgears/templates/get-scopes.j2
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+DESTFILE={{ smartgears_user_home }}/.containerxml/2-container.xml
+TOKEN=
+
+{%if setup_nginx %}
+{%if https_port is defined %}
+HTTP_PORT={{ https_port }}
+{% else %}
+HTTP_PORT={{ http_port }}
+{% endif %}
+{% else %}
+HTTP_PORT={{ item.http_port }}
+{% endif %}
+
+export CLASSPATH="/usr/local/lib:{{ smartgears_install_path }}/lib:$CLASSPATH"
+
+java TokenGenerator {{ gcube_admin_token }} {{ smartgears_hostname }} $HTTP_PORT $DESTFILE {% for scope in smartgears_scopes %}{{ scope }} {% endfor %}
+
+exit 0