From bba5008753bcd99447bab9b976d9b536e465612f Mon Sep 17 00:00:00 2001 From: Mike Hansen Date: Mon, 25 Jan 2021 11:06:27 -0500 Subject: [PATCH] Radius Profile Provisioning -- change name authPort on RadiusServer to port --- .../src/main/resources/ProfileRadius.json | 12 +--- .../src/main/resources/ProfileSsid.json | 1 - .../app/opensync/ProfileRadius.json | 12 +--- .../app/opensync/ProfileSsid.json | 1 - .../docker/app/opensync/ProfileRadius.json | 12 +--- .../main/docker/app/opensync/ProfileSsid.json | 1 - .../resources/app/opensync/ProfileRadius.json | 12 +--- .../resources/app/opensync/ProfileSsid.json | 1 - .../wlan/opensync/ovsdb/dao/OvsdbDao.java | 64 +++++++++---------- .../wlan/opensync/ovsdb/dao/OvsdbDaoTest.java | 30 ++++++--- .../ovsdb/dao/OvsdbDaoTestUtilities.java | 32 ++++++---- 11 files changed, 79 insertions(+), 99 deletions(-) diff --git a/opensync-ext-static/src/main/resources/ProfileRadius.json b/opensync-ext-static/src/main/resources/ProfileRadius.json index 0a49b4d..9846495 100644 --- a/opensync-ext-static/src/main/resources/ProfileRadius.json +++ b/opensync-ext-static/src/main/resources/ProfileRadius.json @@ -7,21 +7,13 @@ "name": "Radius-Profile", "details": { "model_type": "RadiusProfile", - "primaryRadiusServer": { + "primaryRadiusAuthServer": { "model_type": "RadiusServer", "ipAddress": "192.168.0.1", "secret": "testing123", - "authPort": 1812, + "port": 1812, "timeout": null }, - "secondaryRadiusServer": { - "model_type": "RadiusServer", - "ipAddress": "192.168.0.2", - "secret": "testing123", - "authPort": 1812, - "timeout": null - }, - "radiusSubnetConfiguration": null, "profileType": "radius" }, "createdTimestamp": 1611262628767, diff --git a/opensync-ext-static/src/main/resources/ProfileSsid.json b/opensync-ext-static/src/main/resources/ProfileSsid.json index 27f36f6..7ddccf3 100644 --- a/opensync-ext-static/src/main/resources/ProfileSsid.json +++ b/opensync-ext-static/src/main/resources/ProfileSsid.json @@ -21,7 +21,6 @@ "keyRefresh": 0, "noLocalSubnets": false, "radiusServiceId": 0, - "radiusAccountingServiceId": 0, "radiusAcountingServiceInterval": 60, "captivePortalId": null, "bandwidthLimitDown": 0, diff --git a/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileRadius.json b/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileRadius.json index 0a49b4d..9846495 100644 --- a/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileRadius.json +++ b/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileRadius.json @@ -7,21 +7,13 @@ "name": "Radius-Profile", "details": { "model_type": "RadiusProfile", - "primaryRadiusServer": { + "primaryRadiusAuthServer": { "model_type": "RadiusServer", "ipAddress": "192.168.0.1", "secret": "testing123", - "authPort": 1812, + "port": 1812, "timeout": null }, - "secondaryRadiusServer": { - "model_type": "RadiusServer", - "ipAddress": "192.168.0.2", - "secret": "testing123", - "authPort": 1812, - "timeout": null - }, - "radiusSubnetConfiguration": null, "profileType": "radius" }, "createdTimestamp": 1611262628767, diff --git a/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileSsid.json b/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileSsid.json index 27f36f6..7ddccf3 100644 --- a/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileSsid.json +++ b/opensync-gateway-static-docker/src/main/docker-opensync-gateway-and-mqtt/app/opensync/ProfileSsid.json @@ -21,7 +21,6 @@ "keyRefresh": 0, "noLocalSubnets": false, "radiusServiceId": 0, - "radiusAccountingServiceId": 0, "radiusAcountingServiceInterval": 60, "captivePortalId": null, "bandwidthLimitDown": 0, diff --git a/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileRadius.json b/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileRadius.json index 0a49b4d..9846495 100644 --- a/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileRadius.json +++ b/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileRadius.json @@ -7,21 +7,13 @@ "name": "Radius-Profile", "details": { "model_type": "RadiusProfile", - "primaryRadiusServer": { + "primaryRadiusAuthServer": { "model_type": "RadiusServer", "ipAddress": "192.168.0.1", "secret": "testing123", - "authPort": 1812, + "port": 1812, "timeout": null }, - "secondaryRadiusServer": { - "model_type": "RadiusServer", - "ipAddress": "192.168.0.2", - "secret": "testing123", - "authPort": 1812, - "timeout": null - }, - "radiusSubnetConfiguration": null, "profileType": "radius" }, "createdTimestamp": 1611262628767, diff --git a/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileSsid.json b/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileSsid.json index 27f36f6..7ddccf3 100644 --- a/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileSsid.json +++ b/opensync-gateway-static-docker/src/main/docker/app/opensync/ProfileSsid.json @@ -21,7 +21,6 @@ "keyRefresh": 0, "noLocalSubnets": false, "radiusServiceId": 0, - "radiusAccountingServiceId": 0, "radiusAcountingServiceInterval": 60, "captivePortalId": null, "bandwidthLimitDown": 0, diff --git a/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileRadius.json b/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileRadius.json index 0a49b4d..9846495 100644 --- a/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileRadius.json +++ b/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileRadius.json @@ -7,21 +7,13 @@ "name": "Radius-Profile", "details": { "model_type": "RadiusProfile", - "primaryRadiusServer": { + "primaryRadiusAuthServer": { "model_type": "RadiusServer", "ipAddress": "192.168.0.1", "secret": "testing123", - "authPort": 1812, + "port": 1812, "timeout": null }, - "secondaryRadiusServer": { - "model_type": "RadiusServer", - "ipAddress": "192.168.0.2", - "secret": "testing123", - "authPort": 1812, - "timeout": null - }, - "radiusSubnetConfiguration": null, "profileType": "radius" }, "createdTimestamp": 1611262628767, diff --git a/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileSsid.json b/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileSsid.json index 27f36f6..7ddccf3 100644 --- a/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileSsid.json +++ b/opensync-gateway-static-process/src/main/resources/app/opensync/ProfileSsid.json @@ -21,7 +21,6 @@ "keyRefresh": 0, "noLocalSubnets": false, "radiusServiceId": 0, - "radiusAccountingServiceId": 0, "radiusAcountingServiceInterval": 60, "captivePortalId": null, "bandwidthLimitDown": 0, diff --git a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java index b497d73..da4c937 100644 --- a/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java +++ b/opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java @@ -3384,28 +3384,23 @@ public class OvsdbDao { } else if (ssidSecurityMode.equals("wpa2OnlyEAP") || ssidSecurityMode.equals("wpa2OnlyRadius")) { security.put("mode", "2"); getRadiusConfiguration(opensyncApConfig, ssidConfig, security); - if (ssidConfig.getRadiusAccountingServiceId() > 0) { - getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); - } + getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); } else if (ssidSecurityMode.equals("wpa3OnlyEAP")) { security.put("mode", "3"); getRadiusConfiguration(opensyncApConfig, ssidConfig, security); - if (ssidConfig.getRadiusAccountingServiceId() > 0) { - getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); - } + getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); + } else if (ssidSecurityMode.equals("wpa2EAP") || ssidSecurityMode.equals("wpa2Radius") || ssidSecurityMode.equals("wpa3MixedEAP")) { security.put("mode", "mixed"); getRadiusConfiguration(opensyncApConfig, ssidConfig, security); - if (ssidConfig.getRadiusAccountingServiceId() > 0) { - getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); - } + getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); + } else if (ssidSecurityMode.equals("wpaEAP") || ssidSecurityMode.equals("wpaRadius")) { security.put("mode", "1"); getRadiusConfiguration(opensyncApConfig, ssidConfig, security); - if (ssidConfig.getRadiusAccountingServiceId() > 0) { - getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); - } + getRadiusAccountingConfiguration(opensyncApConfig, ssidConfig, security); + } else if (ssidSecurityMode.equals("wep")) { security.put("key", ssidConfig.getKeyStr()); security.put("mode", "1"); @@ -3744,7 +3739,7 @@ public class OvsdbDao { @Override public boolean test(Profile t) { - return t.getId() == ssidConfig.getRadiusAccountingServiceId(); + return t.getId() == ssidConfig.getRadiusServiceId(); } }).collect(Collectors.toList()); @@ -3752,28 +3747,29 @@ public class OvsdbDao { if (radiusProfileList != null && radiusProfileList.size() > 0) { Profile profileRadius = radiusProfileList.get(0); RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails()); - RadiusServer rServer = profileDetails.getPrimaryRadiusServer(); - security.put("radius_acct_ip", - rServer.getIpAddress() != null ? rServer.getIpAddress().getHostAddress() : null); - security.put("radius_acct_port", - rServer.getAuthPort() != null ? String.valueOf(rServer.getAuthPort()) : null); - security.put("radius_acct_secret", rServer.getSecret()); - if (ssidConfig.getRadiusAcountingServiceInterval() != null) { - // if the value is present, use the - // radius_acct_interval - security.put("radius_acct_interval", - ssidConfig.getRadiusAcountingServiceInterval().toString()); + RadiusServer rServer = profileDetails.getPrimaryRadiusAccountingServer(); + if (rServer != null) { + security.put("radius_acct_ip", + rServer.getIpAddress() != null ? rServer.getIpAddress().getHostAddress() : null); + security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null); + security.put("radius_acct_secret", rServer.getSecret()); + if (ssidConfig.getRadiusAcountingServiceInterval() != null) { + // if the value is present, use the + // radius_acct_interval + security.put("radius_acct_interval", ssidConfig.getRadiusAcountingServiceInterval().toString()); + } else { + LOG.info("No radius_acct_interval defined for ssid {}, Setting radius_acct_interval to 0", + ssidConfig.getSsid(), rServer); + security.put("radius_acct_interval", "0"); + } + LOG.info( + "set Radius Accounting server attributes radius_acct_ip {} radius_acct_port {} radius_acct_secret {} radius_acct_interval {}", + security.get("radius_acct_ip"), security.get("radius_acct_port"), + security.get("radius_acct_secret"), security.get("radius_acct_interval")); } else { - LOG.info("No radius_acct_interval defined for ssid {}, Setting radius_acct_interval to 0", - ssidConfig.getSsid(), rServer); - security.put("radius_acct_interval", "0"); + LOG.info("No Radius Accounting Server defined in Radius Profile"); } - LOG.info( - "set Radius Accounting server attributes radius_acct_ip {} radius_acct_port {} radius_acct_secret {} radius_acct_interval {}", - security.get("radius_acct_ip"), security.get("radius_acct_port"), - security.get("radius_acct_secret"), security.get("radius_acct_interval")); - } else { LOG.warn("Could not find radius profile {} in {}", ssidConfig.getRadiusServiceId(), @@ -3803,11 +3799,11 @@ public class OvsdbDao { if (radiusProfileList != null && radiusProfileList.size() > 0) { Profile profileRadius = radiusProfileList.get(0); RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails()); - RadiusServer radiusServer = profileDetails.getPrimaryRadiusServer(); + RadiusServer radiusServer = profileDetails.getPrimaryRadiusAuthServer(); security.put("radius_server_ip", radiusServer.getIpAddress() != null ? radiusServer.getIpAddress().getHostAddress() : null); security.put("radius_server_port", - radiusServer.getAuthPort() != null ? String.valueOf(radiusServer.getAuthPort()) : null); + radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null); security.put("radius_server_secret", radiusServer.getSecret()); LOG.info("set Radius server attributes radius_server_ip {} radius_server_port {} radius_server_secret {}", security.get("radius_server_ip"), security.get("radius_server_port"), diff --git a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java index 0e7a9bd..5788232 100644 --- a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java +++ b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java @@ -44,6 +44,7 @@ import com.telecominfraproject.wlan.profile.models.Profile; import com.telecominfraproject.wlan.profile.models.ProfileType; import com.telecominfraproject.wlan.profile.network.models.ApNetworkConfiguration; import com.telecominfraproject.wlan.profile.network.models.GreTunnelConfiguration; +import com.telecominfraproject.wlan.profile.radius.models.RadiusProfile; import com.telecominfraproject.wlan.profile.ssid.models.SsidConfiguration; import com.vmware.ovsdb.exception.OvsdbClientException; import com.vmware.ovsdb.protocol.operation.notation.Atom; @@ -177,16 +178,21 @@ public class OvsdbDaoTest { OpensyncAPConfig apConfig = new OpensyncAPConfig(); Profile profileRadius = OvsdbDaoTestUtilities.createRadiusProfile(DEFAULT_CUSTOMER_ID); apConfig.setRadiusProfiles(List.of(profileRadius)); + Profile ssidProfile = new Profile(); SsidConfiguration ssidConfig = SsidConfiguration.createWithDefaults(); ssidConfig.setRadiusServiceId(profileRadius.getId()); + ssidConfig.setRadiusServiceId(profileRadius.getId()); + ssidConfig.setRadiusAcountingServiceInterval(60); + ssidProfile.setDetails(ssidConfig); + apConfig.setSsidProfile(List.of(ssidProfile)); Map security = new HashMap<>(); Location location = new Location(); location.setName("Ottawa"); apConfig.setEquipmentLocation(location); ovsdbDao.getRadiusConfiguration(apConfig, ssidConfig, security); assert (security.get("radius_server_ip").equals("192.168.0.1")); - assert (security.get("radius_server_port").equals("1812")); - assert (security.get("radius_server_secret").equals("testing123")); + assert (security.get("radius_server_port").equals(String.valueOf(RadiusProfile.DEFAULT_RADIUS_AUTH_PORT))); + assert (security.get("radius_server_secret").equals(RadiusProfile.DEFAULT_RADIUS_SECRET)); } @Test @@ -194,9 +200,16 @@ public class OvsdbDaoTest { OpensyncAPConfig apConfig = new OpensyncAPConfig(); Profile profileRadius = OvsdbDaoTestUtilities.createRadiusProfile(DEFAULT_CUSTOMER_ID); apConfig.setRadiusProfiles(List.of(profileRadius)); + Profile ssidProfile = new Profile(); + ssidProfile.setCustomerId(DEFAULT_CUSTOMER_ID); + ssidProfile.setName("SsidProfile"); + ssidProfile.setProfileType(ProfileType.ssid); SsidConfiguration ssidConfig = SsidConfiguration.createWithDefaults(); - ssidConfig.setRadiusAccountingServiceId(profileRadius.getId()); + + ssidConfig.setRadiusServiceId(OvsdbDaoTestUtilities.RADIUS_PROFILE_ID); ssidConfig.setRadiusAcountingServiceInterval(60); + ssidProfile.setDetails(ssidConfig); + apConfig.setSsidProfile(List.of(ssidProfile)); Map security = new HashMap<>(); Location location = new Location(); location.setName("Ottawa"); @@ -205,8 +218,8 @@ public class OvsdbDaoTest { assert (Integer.valueOf(security.get("radius_acct_interval")) .equals(ssidConfig.getRadiusAcountingServiceInterval())); assert (security.get("radius_acct_ip").equals("192.168.0.1")); - assert (security.get("radius_acct_port").equals("1812")); - assert (security.get("radius_acct_secret").equals("testing123")); + assert (security.get("radius_acct_port").equals("1813")); + assert (security.get("radius_acct_secret").equals("secret")); } @Test @@ -215,16 +228,17 @@ public class OvsdbDaoTest { Profile profileRadius = OvsdbDaoTestUtilities.createRadiusProfile(DEFAULT_CUSTOMER_ID); apConfig.setRadiusProfiles(List.of(profileRadius)); SsidConfiguration ssidConfig = SsidConfiguration.createWithDefaults(); - ssidConfig.setRadiusAccountingServiceId(profileRadius.getId()); + ssidConfig.setRadiusServiceId(OvsdbDaoTestUtilities.RADIUS_PROFILE_ID); Map security = new HashMap<>(); Location location = new Location(); location.setName("Ottawa"); apConfig.setEquipmentLocation(location); ovsdbDao.getRadiusAccountingConfiguration(apConfig, ssidConfig, security); + assert (security.get("radius_acct_interval").equals("60")); assert (security.get("radius_acct_ip").equals("192.168.0.1")); - assert (security.get("radius_acct_port").equals("1812")); - assert (security.get("radius_acct_secret").equals("testing123")); + assert (security.get("radius_acct_port").equals("1813")); + assert (security.get("radius_acct_secret").equals("secret")); } @Ignore diff --git a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTestUtilities.java b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTestUtilities.java index 7aedc25..0ffbdfb 100644 --- a/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTestUtilities.java +++ b/opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTestUtilities.java @@ -557,28 +557,34 @@ public class OvsdbDaoTestUtilities { profileRadius.setProfileType(ProfileType.radius); profileRadius.setName("Radius-Profile"); - RadiusProfile radiusDetails = new RadiusProfile(); - RadiusServer primaryRadiusServer = new RadiusServer(); - primaryRadiusServer.setAuthPort(1812); + RadiusProfile radiusProfileDetails = new RadiusProfile(); + RadiusServer primaryRadiusAuthServer = new RadiusServer(); + primaryRadiusAuthServer.setPort(1812); try { - primaryRadiusServer.setIpAddress(InetAddress.getByName("192.168.0.1")); + primaryRadiusAuthServer.setIpAddress(InetAddress.getByName("192.168.0.1")); + primaryRadiusAuthServer.setPort(RadiusProfile.DEFAULT_RADIUS_AUTH_PORT); + primaryRadiusAuthServer.setSecret("secret"); + primaryRadiusAuthServer.setTimeout(RadiusProfile.DEFAULT_RADIUS_TIMEOUT); } catch (UnknownHostException e) { throw new IllegalArgumentException(e); } - primaryRadiusServer.setSecret("testing123"); - radiusDetails.setPrimaryRadiusServer(primaryRadiusServer); - - RadiusServer secondaryRadiusServer = new RadiusServer(); - secondaryRadiusServer.setAuthPort(1812); + radiusProfileDetails.setPrimaryRadiusAuthServer(primaryRadiusAuthServer); + + RadiusServer primaryRadiusAccountingServer = new RadiusServer(); + primaryRadiusAccountingServer.setPort(1812); try { - secondaryRadiusServer.setIpAddress(InetAddress.getByName("192.168.0.2")); + primaryRadiusAccountingServer.setIpAddress(InetAddress.getByName("192.168.0.1")); + primaryRadiusAccountingServer.setPort(RadiusProfile.DEFAULT_RADIUS_ACCOUNTING_PORT); + primaryRadiusAccountingServer.setSecret("secret"); + primaryRadiusAccountingServer.setTimeout(RadiusProfile.DEFAULT_RADIUS_TIMEOUT); } catch (UnknownHostException e) { throw new IllegalArgumentException(e); } - secondaryRadiusServer.setSecret("testing123"); - radiusDetails.setSecondaryRadiusServer(secondaryRadiusServer); + radiusProfileDetails.setPrimaryRadiusAccountingServer(primaryRadiusAccountingServer); - profileRadius.setDetails(radiusDetails); + + + profileRadius.setDetails(radiusProfileDetails); profileRadius.setId(RADIUS_PROFILE_ID); return profileRadius;