WIFI-453: CloudSDK : Support for APC / Radius Proxy (Back End)

WIFI-1695: Gateway: SSID configuration populate radsecproxy when using APC
WIFI-1693: Gateway: Update EquipmentProtocolStatusData for APC/RadSEC
WIFI-1717: Gateway: Handle table state changes for APC_State

opensync-ext-cloud/src/main/java/com/telecominfraproject/wlan/opensync/external/integration/OpensyncExternalIntegrationCloud.java

@@ -1222,8 +1222,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
                 LOG.debug("Could not get radio configuration for AP {}", apId);
                 continue;
             }
-            configStateMismatch = updateEquipmentConfigFromState(apId, apElementConfiguration,
+            configStateMismatch = updateEquipmentConfigFromState(apId, apElementConfiguration, radioState);
-                    radioState);
 
             protocolStatus = updateProtocolStatus(customerId, equipmentId, radioState);
 
@@ -1235,8 +1234,8 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
         }
 
         if (channelStatus != null && !Objects.equals(channelStatus, channelStatusClone)) {
-        	LOG.debug("wifiRadioStatusDbTableUpdate update Channel Status before {} after {}",
+            LOG.debug("wifiRadioStatusDbTableUpdate update Channel Status before {} after {}", channelStatusClone,
-        			channelStatusClone, channelStatus);
+                    channelStatus);
             statusServiceInterface.update(channelStatus);
         }
 
@@ -1253,12 +1252,12 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
 
     }
 
-    private boolean updateEquipmentConfigFromState(String apId, ApElementConfiguration apElementConfiguration,OpensyncAPRadioState radioState) {
+    private boolean updateEquipmentConfigFromState(String apId, ApElementConfiguration apElementConfiguration,
+            OpensyncAPRadioState radioState) {
         if (apElementConfiguration.getRadioMap().containsKey(radioState.getFreqBand())
                 && apElementConfiguration.getRadioMap().get(radioState.getFreqBand()) != null) {
             if (radioState.getChannels() != null) {
-                return updateChannelPowerLevels(apId, apElementConfiguration,
+                return updateChannelPowerLevels(apId, apElementConfiguration, radioState);
-                        radioState);
             }
 
         }
@@ -1276,8 +1275,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
             protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails();
             if (!protocolStatusData.getReportedCC().equals(CountryCode.getByName((radioState.getCountry())))) {
 
-                LOG.debug(
+                LOG.debug("Protocol Status reportedCC {} radioStatus.getCountry {} radioStatus CountryCode fromName {}",
-                        "Protocol Status reportedCC {} radioStatus.getCountry {} radioStatus CountryCode fromName {}",
                         protocolStatusData.getReportedCC(), radioState.getCountry(),
                         CountryCode.getByName((radioState.getCountry())));
                 protocolStatusData.setReportedCC(CountryCode.getByName((radioState.getCountry())));
@@ -1291,7 +1289,8 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
         return protocolStatus;
     }
 
-    private Status updateChannelStatus(int customerId, long equipmentId, Status channelStatus, OpensyncAPRadioState radioState) {
+    private Status updateChannelStatus(int customerId, long equipmentId, Status channelStatus,
+            OpensyncAPRadioState radioState) {
         if (channelStatus == null) {
             channelStatus = new Status();
             channelStatus.setCustomerId(customerId);
@@ -1300,8 +1299,8 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
             EquipmentChannelStatusData channelStatusData = new EquipmentChannelStatusData();
             channelStatus.setDetails(channelStatusData);
         }
-    	((EquipmentChannelStatusData) channelStatus.getDetails()).getChannelNumberStatusDataMap().put(
+        ((EquipmentChannelStatusData) channelStatus.getDetails()).getChannelNumberStatusDataMap()
-    			radioState.getFreqBand(), radioState.getChannel());
+                .put(radioState.getFreqBand(), radioState.getChannel());
         return channelStatus;
     }
 
@@ -1320,8 +1319,7 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
                         ChannelPowerLevel cpl = new ChannelPowerLevel();
                         cpl.setChannelNumber(Integer.parseInt(channel));
                         cpl.setDfs(k.getKey().equals("radar_detection"));
-                        if (radioState.getChannelMode() != null
+                        if (radioState.getChannelMode() != null && radioState.getChannelMode().equals("auto")) {
-                                && radioState.getChannelMode().equals("auto")) {
                             cpl.setChannelWidth(-1);
                         } else {
                             switch (radioState.getHtMode()) {
@@ -1351,8 +1349,9 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
             }
         });
 
-        if (!Objects.deepEquals(apElementConfiguration.getRadioMap().get(radioState.getFreqBand())
+        if (!Objects.deepEquals(
-                .getAllowedChannelsPowerLevels(), channelPowerLevels)) {
+                apElementConfiguration.getRadioMap().get(radioState.getFreqBand()).getAllowedChannelsPowerLevels(),
+                channelPowerLevels)) {
             configStateMismatch = true;
             apElementConfiguration.getRadioMap().get(radioState.getFreqBand())
                     .setAllowedChannelsPowerLevels(channelPowerLevels);
@@ -2393,11 +2392,84 @@ public class OpensyncExternalIntegrationCloud implements OpensyncExternalIntegra
     @Override
     public void apcStateDbTableUpdate(Map<String, String> apcStateAttributes, String apId,
             RowUpdateOperation rowUpdateOperation) {
-        if (rowUpdateOperation.equals(RowUpdateOperation.DELETE)) {
+
-            // TODO: clear protocol Status apcProxy info, send event
+        LOG.info("apcStateDbTableUpdate {} operations on AP {} with values {} ", rowUpdateOperation, apId, apcStateAttributes);
-        } else {
+
-            // TODO: Update protocol status for apcProxy, send event
+        OvsdbSession ovsdbSession = ovsdbSessionMapInterface.getSession(apId);
+
+        if (ovsdbSession == null) {
+            LOG.info("apcStateDbTableUpdate::Cannot get Session for AP {}", apId);
+            return;
         }
 
+        int customerId = ovsdbSession.getCustomerId();
+        long equipmentId = ovsdbSession.getEquipmentId();
+
+        if ((customerId < 0) || (equipmentId < 0)) {
+            LOG.info("apcStateDbTableUpdate::Cannot get valid CustomerId {} or EquipmentId {} for AP {}", customerId,
+                    equipmentId, apId);
+            return;
+        }
+
+        Equipment ce = equipmentServiceInterface.getByInventoryIdOrNull(apId);
+
+        if (ce == null) {
+            LOG.info("apcStateDbTableUpdate::Cannot get Equipment for AP {}", apId);
+            return;
+        }
+
+        if (rowUpdateOperation.equals(RowUpdateOperation.DELETE)) {
+            Status protocolStatus;
+            EquipmentProtocolStatusData protocolStatusData;
+            protocolStatus = statusServiceInterface.getOrNull(customerId, equipmentId, StatusDataType.PROTOCOL);
+            if (protocolStatus != null) {
+                protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails();
+                protocolStatusData.setLastApcUpdate(System.currentTimeMillis());
+                protocolStatusData.setIsApcConnected(false);
+                protocolStatusData.setReportedApcAddress(null);
+                protocolStatusData.setRadiusProxyAddress(null);
+
+                protocolStatus.setDetails(protocolStatusData);
+                protocolStatus = statusServiceInterface.update(protocolStatus);
+
+                LOG.info("apcStateDbTableUpdate for {} protocolStatus {}", rowUpdateOperation, protocolStatus);
+            }
+        } else {
+            try {
+                Status protocolStatus;
+                EquipmentProtocolStatusData protocolStatusData;
+                protocolStatus = statusServiceInterface.getOrNull(customerId, equipmentId, StatusDataType.PROTOCOL);
+                if (protocolStatus != null) {
+                    protocolStatusData = (EquipmentProtocolStatusData) protocolStatus.getDetails();
+                    protocolStatusData.setLastApcUpdate(System.currentTimeMillis());
+                    
+                    if (apcStateAttributes.containsKey("mode")) {
+                        String mode = apcStateAttributes.get("mode");
+                        if (mode.equals("DR")) {
+                            String drAddr = apcStateAttributes.get("designatedRouterIp");
+                            protocolStatusData.setReportedApcAddress(InetAddress.getByName(drAddr));
+                            protocolStatusData.setRadiusProxyAddress(InetAddress.getByName(drAddr));
+                            protocolStatusData
+                                    .setIsApcConnected((drAddr == null || drAddr.equals("0.0.0.0")) ? false : true);
+                        } else if (mode.equals("BDR")) {
+                            String bdrAddr = apcStateAttributes.get("backupDesignatedRouterIp");
+                            protocolStatusData.setReportedApcAddress(InetAddress.getByName(bdrAddr));
+                            protocolStatusData.setRadiusProxyAddress(InetAddress.getByName(bdrAddr));
+                            protocolStatusData
+                                    .setIsApcConnected((bdrAddr == null || bdrAddr.equals("0.0.0.0")) ? false : true);
+                        } else if (mode.equals("SR")) {
+                            // TODO: do we set for this scenario?
+                        } else if (mode.equals("NC")) {
+                            protocolStatusData.setIsApcConnected(false);
+                        }
+                    }
+                    protocolStatus.setDetails(protocolStatusData);
+                    protocolStatus = statusServiceInterface.update(protocolStatus);
+                    LOG.info("apcStateDbTableUpdate for {} protocolStatus {}", rowUpdateOperation, protocolStatus);
+                }
+            } catch (UnknownHostException e) {
+                LOG.error("Unknown host for radius proxy.", e);
+            }
+        }
     }
 }

opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/TipWlanOvsdbClient.java

@@ -39,6 +39,7 @@ import javax.annotation.PostConstruct;
 import java.security.cert.X509Certificate;
 import java.util.*;
 import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ExecutionException;
 
 @Profile("ovsdb_manager")
 @Component
@@ -239,6 +240,7 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface {
         ovsdbDao.removeAllSsids(ovsdbClient); // always
         ovsdbDao.removeAllInetConfigs(ovsdbClient);
         ovsdbDao.removeWifiRrm(ovsdbClient);
+        ovsdbDao.removeRadsecRadiusAndRealmConfigs(ovsdbClient);
         ovsdbDao.removeAllStatsConfigs(ovsdbClient); // always
 
         extIntegrationInterface.clearEquipmentStatus(apId);
@@ -250,6 +252,7 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface {
             ovsdbDao.configureWifiRrm(ovsdbClient, opensyncAPConfig);
             ovsdbDao.configureGreTunnels(ovsdbClient, opensyncAPConfig);
             ovsdbDao.createVlanNetworkInterfaces(ovsdbClient, opensyncAPConfig);
+            ovsdbDao.configureRadsecRadiusAndRealm(ovsdbClient, opensyncAPConfig);
             ovsdbDao.configureSsids(ovsdbClient, opensyncAPConfig);
             if (opensyncAPConfig.getHotspotConfig() != null) {
                 ovsdbDao.configureHotspots(ovsdbClient, opensyncAPConfig);
@@ -312,13 +315,15 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface {
         ovsdbDao.removeAllSsids(ovsdbClient); // always
         ovsdbDao.removeAllInetConfigs(ovsdbClient);
         ovsdbDao.removeWifiRrm(ovsdbClient);
+        ovsdbDao.removeRadsecRadiusAndRealmConfigs(ovsdbClient);
 
         extIntegrationInterface.clearEquipmentStatus(apId);
+        
         ovsdbDao.configureNtpServer(ovsdbClient, opensyncAPConfig);
         ovsdbDao.configureWifiRrm(ovsdbClient, opensyncAPConfig);
         ovsdbDao.configureGreTunnels(ovsdbClient, opensyncAPConfig);
         ovsdbDao.createVlanNetworkInterfaces(ovsdbClient, opensyncAPConfig);
-
+        ovsdbDao.configureRadsecRadiusAndRealm(ovsdbClient, opensyncAPConfig);
         ovsdbDao.configureSsids(ovsdbClient, opensyncAPConfig);
         if (opensyncAPConfig.getHotspotConfig() != null) {
             ovsdbDao.configureHotspots(ovsdbClient, opensyncAPConfig);
@@ -407,6 +412,14 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface {
         } catch (OvsdbClientException e) {
             LOG.debug("Could not enable monitor for Node_State table. {}", e.getMessage());
         }
+        
+        try {
+            if (ovsdbClient.getSchema(OvsdbDao.ovsdbName).get().getTables().containsKey("APC_State")) {
+                monitorAPCStateTable(ovsdbClient, key);
+            }
+        } catch (InterruptedException | ExecutionException | OvsdbClientException e) {
+           LOG.debug("Could not enable monitor for APC_State table. {}", e);
+        }
         LOG.debug("Finished (re)setting monitors for AP {}", key);
     }
 
@@ -780,7 +793,28 @@ public class TipWlanOvsdbClient implements OvsdbClientInterface {
 
                     });
                 });
-        nsCf.join();
+        
+        
+        nsCf.join().getTableUpdates().forEach((key1, value) -> {
+            LOG.info("TableUpdate for {}", key1);
+            value.getRowUpdates().values().forEach(r -> {
+
+                Map<String, String> apcStateAttributes = ovsdbDao.getAPCState(r, key);
+                if (apcStateAttributes.isEmpty()) {
+                    extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key,
+                            RowUpdateOperation.DELETE);
+                } else if (r.getOld() == null) {
+                    extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key,
+                            RowUpdateOperation.INSERT);
+                } else {
+                    extIntegrationInterface.apcStateDbTableUpdate(apcStateAttributes, key,
+                            RowUpdateOperation.MODIFY);
+                }
+
+            });
+
+        });
+
     }
 
     @Override

opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDao.java

@@ -46,6 +46,8 @@ public class OvsdbDao extends OvsdbDaoBase {
     OvsdbCommandConfig ovsdbCommand;
     @Autowired
     OvsdbNodeConfig ovsdbNodeConfig;
+    @Autowired
+    OvsdbRadSecConfig ovsdbRadSecConfig;
 
     public String changeRedirectorAddress(OvsdbClient ovsdbClient, String apId, String newRedirectorAddress) {
         return ovsdbNode.changeRedirectorAddress(ovsdbClient, apId, newRedirectorAddress);
@@ -86,6 +88,10 @@ public class OvsdbDao extends OvsdbDaoBase {
         ovsdbNodeConfig.configureNtpServer(ovsdbClient, opensyncAPConfig);
     }
 
+    public void configureRadsecRadiusAndRealm(OvsdbClient ovsdbClient, OpensyncAPConfig opensyncAPConfig) {
+        ovsdbRadSecConfig.configureRadiusAndRealm(ovsdbClient, opensyncAPConfig);
+    }
+
     public void configureSsids(OvsdbClient ovsdbClient, OpensyncAPConfig opensyncAPConfig) {
         ovsdbSsid.configureSsids(ovsdbClient, opensyncAPConfig);
     }
@@ -195,6 +201,10 @@ public class OvsdbDao extends OvsdbDaoBase {
         ovsdbStats.removeAllStatsConfigs(ovsdbClient);
     }
     
+    public void removeRadsecRadiusAndRealmConfigs(OvsdbClient ovsdbClient) {
+        ovsdbRadSecConfig.removeRadiusAndRealmConfigurations(ovsdbClient);
+    }
+
     public void removeWifiRrm(OvsdbClient ovsdbClient) {
         ovsdbRrm.removeWifiRrm(ovsdbClient);
     }

opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbMonitor.java

@@ -176,9 +176,9 @@ public class OvsdbMonitor extends OvsdbDaoBase {
         Map<String, String> ret = new HashMap<>();
         if (rowUpdate.getNew() != null) {
             Row row = rowUpdate.getNew();
-            ret.put("baseRouterIp", getSingleValueFromSet(row, "base_addr"));
+            ret.put("designatedRouterIp", getSingleValueFromSet(row, "dr_addr"));
-            ret.put("deputyRouterIp", getSingleValueFromSet(row, "dbr_addr"));
+            ret.put("backupDesignatedRouterIp", getSingleValueFromSet(row, "bdr_addr"));
-            ret.put("enabled", getSingleValueFromSet(row, "enabled"));
+            ret.put("enabled", getSingleValueFromSet(row, "enabled").toString());
             ret.put("mode", getSingleValueFromSet(row, "mode"));
         }
         return ret;

opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbRadSecConfig.java

@@ -20,6 +20,7 @@ import com.vmware.ovsdb.exception.OvsdbClientException;
 import com.vmware.ovsdb.protocol.operation.Delete;
 import com.vmware.ovsdb.protocol.operation.Insert;
 import com.vmware.ovsdb.protocol.operation.Operation;
+import com.vmware.ovsdb.protocol.operation.Update;
 import com.vmware.ovsdb.protocol.operation.notation.Atom;
 import com.vmware.ovsdb.protocol.operation.notation.Row;
 import com.vmware.ovsdb.protocol.operation.notation.Value;
@@ -34,11 +35,32 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase {
     @Autowired
     OvsdbGet getProvisionedData;
 
+    void configureApc(OvsdbClient ovsdbClient, Boolean enable, List<Operation> operations) {
+        try {
+            if (ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(apcConfigDbTable)) {
+                Map<String, Value> updateColumns = new HashMap<>();
+                updateColumns.put("enabled", new Atom<>(enable));
+                Row row = new Row(updateColumns);
+                Update update = new Update(apcConfigDbTable, row);
+                if (!operations.contains(update)) {
+                    // only need to do 1 update of this kind
+                    operations.add(new Update(apcConfigDbTable, row));
+                }
+            }
+        } catch (InterruptedException | ExecutionException | OvsdbClientException e) {
+            LOG.error("Exception getting schema for ovsdb.", e);
+            throw new RuntimeException(e);
+        }
+    }
+
     void configureRadiusAndRealm(OvsdbClient ovsdbClient, OpensyncAPConfig apConfig) {
         List<Operation> operations = new ArrayList<>();
         try {
+            if ((ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(realmConfigDbTable)
+                    && ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(radiusConfigDbTable))) {
                 configureRadiusServers(ovsdbClient, apConfig, operations);
                 configureRealmForRadiusServers(ovsdbClient, apConfig);
+            }
         } catch (OvsdbClientException | InterruptedException | ExecutionException | TimeoutException e) {
             LOG.error("Exception provisioning RadSecConfiguraitons.", e);
             throw new RuntimeException(e);
@@ -51,13 +73,11 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase {
                 .getRadSecConfigurations()) {
             Map<String, Value> updateColumns = new HashMap<>();
             updateColumns.put("server", new Atom<>(rsc.getServer().getHostAddress()));
-            updateColumns.put("client_cert",
+            updateColumns.put("client_cert", new Atom<>(externalFileStoreURL + rsc.getClientCert().getApExportUrl()));
-                    new Atom<>(externalFileStoreURL + rsc.getClientCert().getApExportUrl()));
+            updateColumns.put("radius_config_name", new Atom<>(rsc.getName()));
-            updateColumns.put("radius_config_name",
-                    new Atom<>(apConfig.getApProfile().getName() + "-" + rsc.getName()));
             updateColumns.put("client_key", new Atom<>(externalFileStoreURL + rsc.getClientKey().getApExportUrl()));
             updateColumns.put("ca_cert", new Atom<>(externalFileStoreURL + rsc.getCaCert().getApExportUrl()));
-            updateColumns.put("passphrase", new Atom<>(rsc.getPassphrase()));
+            updateColumns.put("passpharase", new Atom<>(rsc.getPassphrase()));
             Row row = new Row(updateColumns);
             operations.add(new Insert(radiusConfigDbTable, row));
         }
@@ -84,11 +104,9 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase {
         for (RadSecConfiguration rsc : ((ApNetworkConfiguration) apConfig.getApProfile().getDetails())
                 .getRadSecConfigurations()) {
             Map<String, Value> updateColumns = new HashMap<>();
-            updateColumns.put("server",
+            updateColumns.put("server", new Atom<>(radiusConfigs.get(rsc.getName()).uuid));
-                    new Atom<>(radiusConfigs.get(apConfig.getApProfile().getName() + "-" + rsc.getName()).uuid));
             updateColumns.put("realm", new Atom<>(rsc.getRealm()));
-            updateColumns.put("realm_config_name",
+            updateColumns.put("realm_config_name", new Atom<>(rsc.getName() + "_" + rsc.getRealm()));
-                    new Atom<>(apConfig.getApProfile().getName() + "-" + rsc.getRealm()));
             Row row = new Row(updateColumns);
             operations.add(new Insert(realmConfigDbTable, row));
         }
@@ -106,6 +124,8 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase {
     void removeRadiusAndRealmConfigurations(OvsdbClient ovsdbClient) {
         LOG.info("removeRadiusAndRealmConfigurations from {} {}", radiusConfigDbTable, realmConfigDbTable);
         try {
+            if ((ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(realmConfigDbTable)
+                    && ovsdbClient.getSchema(ovsdbName).get().getTables().containsKey(radiusConfigDbTable))) {
                 List<Operation> operations = new ArrayList<>();
                 operations.add(new Delete(realmConfigDbTable));
                 operations.add(new Delete(radiusConfigDbTable));
@@ -117,14 +137,16 @@ public class OvsdbRadSecConfig extends OvsdbDaoBase {
                         LOG.info("removeRadiusAndRealmConfigurations {}", res.toString());
                     } else if (res instanceof ErrorResult) {
                         LOG.error("removeRadiusAndRealmConfigurations error {}", (res));
-                    throw new RuntimeException("removeRadiusAndRealmConfigurations " + ((ErrorResult) res).getError()
+                        throw new RuntimeException("removeRadiusAndRealmConfigurations "
-                            + " " + ((ErrorResult) res).getDetails());
+                                + ((ErrorResult) res).getError() + " " + ((ErrorResult) res).getDetails());
                     }
                 }
                 LOG.info("Removed all radius and realm configurations");
+            }
         } catch (OvsdbClientException | TimeoutException | ExecutionException | InterruptedException e) {
             LOG.error("Error in removeRadiusAndRealmConfigurations", e);
             throw new RuntimeException(e);
         }
     }
+
 }

opensync-gateway/src/main/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfig.java

@@ -58,6 +58,8 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
     OvsdbNetworkConfig networkConfig;
     @Autowired
     OvsdbNode ovsdbNode;
+    @Autowired
+    OvsdbRadSecConfig radsecConfig;
 
     protected void getEnabledRadios(OvsdbClient ovsdbClient, List<RadioType> radios) {
         try {
@@ -218,6 +220,10 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
         customOptions.put("rts_threshold", String.valueOf(rtsCtsThreshold));
     }
     
+    void configureCustomOptionsForUseRadSecProxy(boolean useradsec, Map<String, String> customOptions) {
+        customOptions.put("radsecproxy", useradsec ? "1" : "0");
+    }
+
     /**
      * Populate the various <K,V> fields in the custom_options column of the
      * Wifi_VIF_Config ovsdb table.
@@ -236,12 +242,16 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
      * @param radiusOperatorName
      * @param updateColumns
      * @param dynamicVlan
+     * @param radsecproxy TODO
      */
     void configureCustomOptionsForSsid(OvsdbClient ovsdbClient, boolean enable80211k, boolean rateLimitEnable,
             int ssidDlLimit, int ssidUlLimit, int clientDlLimit, int clientUlLimit, int rtsCtsThreshold, int dtimPeriod,
             String radiusNasId, String radiusNasIp, String radiusOperatorName, Map<String, Value> updateColumns,
-            int dynamicVlan) {
+            int dynamicVlan, Boolean radsecproxy) {
         Map<String, String> customOptions = new HashMap<>();
+        
+        configureCustomOptionsForUseRadSecProxy(radsecproxy, customOptions);
+        
         configureCustomOptionsForRatesAndLimits(rateLimitEnable, ssidDlLimit, ssidUlLimit, clientDlLimit, clientUlLimit,
                 rtsCtsThreshold, customOptions);
 
@@ -264,7 +274,7 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
             List<MacAddress> macBlockList, boolean rateLimitEnable, int ssidDlLimit, int ssidUlLimit, int clientDlLimit,
             int clientUlLimit, int rtsCtsThreshold, int dtimPeriod, Map<String, String> captiveMap,
             List<String> walledGardenAllowlist, String radiusNasId, String radiusNasIp, String radiusOperatorName,
-            String greTunnelName, int dynamicVlan, List<Operation> operations) {
+            String greTunnelName, int dynamicVlan, Boolean useradsec, Boolean useRadiusProxy, List<Operation> operations) {
 
         Map<String, Value> updateColumns = new HashMap<>();
         // If we are doing a NAT SSID, no bridge, else yes
@@ -325,7 +335,7 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
         updateColumns.put("security", securityMap);
         configureCustomOptionsForSsid(ovsdbClient, enable80211k, rateLimitEnable, ssidDlLimit, ssidUlLimit,
                 clientDlLimit, clientUlLimit, rtsCtsThreshold, dtimPeriod, radiusNasId, radiusNasIp, radiusOperatorName,
-                updateColumns, dynamicVlan);
+                updateColumns, dynamicVlan, useRadiusProxy);
         updateBlockList(updateColumns, macBlockList);
         Row row = new Row(updateColumns);
         operations.add(new Insert(wifiVifConfigDbTable, row));
@@ -546,16 +556,30 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
                     interfacesPerFreqBand.put(freqBand, 1);
                 }
 
+                boolean useradsec = false;
+                if (ssidConfig.getUseRadSec() != null) {
+                    useradsec = ssidConfig.getUseRadSec();
+                }
+                boolean useRadiusProxy = false;
+                if (ssidConfig.getUseRadiusProxy() != null) {
+                    useRadiusProxy = ssidConfig.getUseRadiusProxy();
+                }
                 try {
                     configureSingleSsid(ovsdbClient, ifName, ssidConfig.getSsid(), ssidBroadcast, security, vlanId,
                             rrmEnabled, enable80211r, mobilityDomain, enable80211v, enable80211k, minHwMode, enabled,
                             keyRefresh, uapsdEnabled, apBridge, ssidConfig.getForwardMode(), macBlockList,
                             rateLimitEnable, ssidDlLimit, ssidUlLimit, clientDlLimit, clientUlLimit, rtsCtsThreshold,
                             dtimPeriod, captiveMap, walledGardenAllowlist, radiusNasId, radiusNasIp, radiusOperName,
-                            greTunnelName, dynamicVlan, operations);
+                            greTunnelName, dynamicVlan, useradsec, useRadiusProxy, operations);
 
                     networkConfig.configureInetVifInterface(ovsdbClient, ifName, enabled, ssidConfig.getForwardMode(),
                             operations);
+                    
+                    if (useRadiusProxy) {
+                        // make sure it's enabled if we are going to use it
+                        radsecConfig.configureApc(ovsdbClient, useRadiusProxy,operations);
+                    }
+                        
                 } catch (IllegalStateException e) {
                     // could not provision this SSID, but still can go on
                     LOG.warn("could not provision SSID {} on {}", ssidConfig.getSsid(), freqBand);
@@ -678,19 +702,20 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
                     if (!externalFileStoreURL.endsWith("/filestore/")) {
                         externalFileStoreURL = externalFileStoreURL + "/filestore/";
                     }
-                    if (captiveProfileDetails.getAuthenticationType().equals(CaptivePortalAuthenticationType.username)) {
+                    if (captiveProfileDetails.getAuthenticationType()
+                            .equals(CaptivePortalAuthenticationType.username)) {
                         // create a user/password file for the AP to pull
-                        Path userFilepath = createCaptivePortalUserFile(captiveProfileDetails.getUserList(),profileCaptive.getId());
+                        Path userFilepath = createCaptivePortalUserFile(captiveProfileDetails.getUserList(),
+                                profileCaptive.getId());
                         ManagedFileInfo mfi = new ManagedFileInfo();
                         mfi.setFileCategory(FileCategory.UsernamePasswordList);
                         mfi.setFileType(FileType.TEXT);
                         mfi.setApExportUrl(userFilepath.getFileName().toString());
-                        captiveMap
+                        captiveMap.put("username_password_file", externalFileStoreURL + mfi.getApExportUrl());
-                                .put("username_password_file", externalFileStoreURL + mfi.getApExportUrl());
                     }
                     if (captiveProfileDetails.getLogoFile() != null) {
-                        captiveMap.put("splash_page_logo", externalFileStoreURL +
+                        captiveMap.put("splash_page_logo",
-                                captiveProfileDetails.getLogoFile().getApExportUrl());
+                                externalFileStoreURL + captiveProfileDetails.getLogoFile().getApExportUrl());
                     }
                     if (captiveProfileDetails.getBackgroundFile() != null) {
                         captiveMap.put("splash_page_background_logo",
@@ -787,10 +812,17 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
             RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails());
             RadiusServer rServer = profileDetails.getPrimaryRadiusAccountingServer();
             if (rServer != null) {
+                if (ssidConfig.getUseRadSec()) {
+                    security.put("radius_acct_ip",
+                            "127.0.0.1");
+                    security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null);
+                    security.put("radius_acct_secret", "secret");
+                } else {
                     security.put("radius_acct_ip",
                             rServer.getIpAddress() != null ? rServer.getIpAddress().getHostAddress() : null);
                     security.put("radius_acct_port", rServer.getPort() != null ? String.valueOf(rServer.getPort()) : null);
                     security.put("radius_acct_secret", rServer.getSecret());
+                }
                 if (ssidConfig.getRadiusAcountingServiceInterval() != null) {
                     // if the value is present, use the
                     // radius_acct_interval
@@ -831,11 +863,19 @@ public class OvsdbSsidConfig extends OvsdbDaoBase {
             Profile profileRadius = radiusProfileList.get(0);
             RadiusProfile profileDetails = ((RadiusProfile) profileRadius.getDetails());
             RadiusServer radiusServer = profileDetails.getPrimaryRadiusAuthServer();
+            if (ssidConfig.getUseRadSec()) {
+                security.put("radius_server_ip",
+                        "127.0.0.1");
+                security.put("radius_server_port",
+                        radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null);
+                security.put("radius_server_secret", "secret");
+            } else {
                 security.put("radius_server_ip",
                         radiusServer.getIpAddress() != null ? radiusServer.getIpAddress().getHostAddress() : null);
                 security.put("radius_server_port",
                         radiusServer.getPort() != null ? String.valueOf(radiusServer.getPort()) : null);
                 security.put("radius_server_secret", radiusServer.getSecret());
+            }
             LOG.info("set Radius server attributes radius_server_ip {} radius_server_port {} radius_server_secret {}",
                     security.get("radius_server_ip"), security.get("radius_server_port"),
                     security.get("radius_server_secret"));

opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbDaoTest.java

@@ -67,7 +67,7 @@ import com.vmware.ovsdb.service.OvsdbClient;
 @Import(value = { OvsdbDao.class, OvsdbDaoTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class,
         OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class,
         OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class,
-        OvsdbNodeConfig.class
+        OvsdbNodeConfig.class,OvsdbRadSecConfig.class
 
 })
 public class OvsdbDaoTest {
@@ -147,6 +147,8 @@ public class OvsdbDaoTest {
     OvsdbCommandConfig ovsdbCommand;
     @Autowired
     OvsdbNodeConfig ovsdbNodeConfig;
+    @Autowired
+    OvsdbRadSecConfig ovsdbRadSecConfig;
 
     @MockBean(answer = Answers.RETURNS_MOCKS)
     OvsdbGet ovsdbGet;

opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbNodeTest.java

@@ -36,7 +36,7 @@ import com.vmware.ovsdb.service.OvsdbClient;
 @Import(value = { OvsdbDao.class, OvsdbNodeTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class,
         OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class,
         OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class,
-        OvsdbNodeConfig.class
+        OvsdbNodeConfig.class,OvsdbRadSecConfig.class
 
 })
 public class OvsdbNodeTest {
@@ -77,6 +77,8 @@ public class OvsdbNodeTest {
     OvsdbCommandConfig ovsdbCommand;
     @Autowired
     OvsdbNodeConfig ovsdbNodeConfig;
+    @Autowired
+    OvsdbRadSecConfig ovsdbRadSecConfig;
     @MockBean(answer = Answers.RETURNS_MOCKS)
     OvsdbGet ovsdbGet;
 

opensync-gateway/src/test/java/com/telecominfraproject/wlan/opensync/ovsdb/dao/OvsdbSsidConfigTest.java

@@ -41,7 +41,7 @@ import com.vmware.ovsdb.service.OvsdbClient;
 @Import(value = { OvsdbDao.class, OvsdbSsidConfigTest.Config.class, OvsdbNode.class, OvsdbRadioConfig.class,
         OvsdbHotspotConfig.class, OvsdbCommandConfig.class, OvsdbMonitor.class, OvsdbFirmwareConfig.class,
         OvsdbStatsConfig.class, OvsdbSsidConfig.class, OvsdbRrmConfig.class, OvsdbNetworkConfig.class,
-        OvsdbNodeConfig.class
+        OvsdbNodeConfig.class,OvsdbRadSecConfig.class
 
 })
 public class OvsdbSsidConfigTest {
@@ -82,7 +82,8 @@ public class OvsdbSsidConfigTest {
     OvsdbCommandConfig ovsdbCommand;
     @Autowired
     OvsdbNodeConfig ovsdbNodeConfig;
-
+    @Autowired
+    OvsdbRadSecConfig ovsdbRadSecConfig;
     @MockBean(answer = Answers.RETURNS_MOCKS)
     OvsdbGet ovsdbGet;