scottk/wlan-cloud-owprov
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-owprov.git synced 2025-10-29 17:52:28 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Merge pull request #91 from Telecominfraproject/main

Browse Source 
Updating 2.11
This commit is contained in:
Stephane Bourque
2023-09-24 12:01:44 -07:00
committed by GitHub
parent e3d63cc90d e71b83ced7
commit 25dc25c6e9
46 changed files with 2723 additions and 541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CMakeLists.txt
View File

@@ -37,7 +37,7 @@ if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git")
string(REGEX REPLACE "\n$" "" GIT_HASH "${GIT_HASH}")
endif()
add_definitions(-DAWS_CUSTOM_MEMORY_MANAGEMENT)
add_definitions(-DAWS_CUSTOM_MEMORY_MANAGEMENT -DBOOST_NO_CXX98_FUNCTION_BASE=1)
find_package(OpenSSL REQUIRED)
find_package(ZLIB REQUIRED)
@@ -209,7 +209,7 @@ add_executable(owprov
src/ProvWebSocketClient.cpp src/ProvWebSocketClient.h
src/Tasks/VenueRebooter.h src/Tasks/VenueUpgrade.h
src/sdks/SDK_fms.cpp src/sdks/SDK_fms.h
src/RESTAPI/RESTAPI_overrides_handler.cpp src/RESTAPI/RESTAPI_overrides_handler.h)
src/RESTAPI/RESTAPI_overrides_handler.cpp src/RESTAPI/RESTAPI_overrides_handler.h src/OpenRoamin_GlobalReach.cpp src/OpenRoamin_GlobalReach.h src/storage/storage_glblraccounts.cpp src/storage/storage_glblraccounts.h src/storage/storage_glblrcerts.cpp src/storage/storage_glblrcerts.h src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.h src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.h src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.h src/storage/storage_orion_accounts.cpp src/storage/storage_orion_accounts.h)
target_link_libraries(owprov PUBLIC
${Poco_LIBRARIES}

2
build
View File

@@ -1 +1 @@
4
32

84
config-samples/OpenRo.am Test.mobileconfig Normal file
View File

@@ -0,0 +1,84 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>AutoJoin</key>
<true/>
<key>CaptiveBypass</key>
<false/>
<key>DisableAssociationMACRandomization</key>
<false/>
<key>DisplayedOperatorName</key>
<string>OpenRo.am</string>
<key>DomainName</key>
<string>openro.am</string>
<key>EAPClientConfiguration</key>
<dict>
<key>AcceptEAPTypes</key>
<array>
<integer>21</integer>
</array>
<key>OuterIdentity</key>
<string>anonymous@openro.am</string>
<key>TLSMaximumVersion</key>
<string>1.2</string>
<key>TLSMinimumVersion</key>
<string>1.2</string>
<key>TTLSInnerAuthentication</key>
<string>MSCHAPv2</string>
<key>UserName</key>
<string>420a5371-47d4-4d1d-b234-d17be4e54bb3@openro.am</string>
<key>UserPassword</key>
<string>XaHBCFhgGxi-mCK9XXdQ8</string>
</dict>
<key>EncryptionType</key>
<string>WPA2</string>
<key>HIDDEN_NETWORK</key>
<false/>
<key>IsHotspot</key>
<true/>
<key>NAIRealmNames</key>
<array>
<string>openro.am</string>
</array>
<key>PayloadDescription</key>
<string>Configures Wi-Fi settings</string>
<key>PayloadDisplayName</key>
<string>Wi-Fi</string>
<key>PayloadIdentifier</key>
<string>com.apple.wifi.managed.12788EED-2E0C-4370-9411-4EEFC8D9ABB0</string>
<key>PayloadType</key>
<string>com.apple.wifi.managed</string>
<key>PayloadUUID</key>
<string>12788EED-2E0C-4370-9411-4EEFC8D9ABB0</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>ProxyType</key>
<string>None</string>
<key>RoamingConsortiumOIs</key>
<array>
<string>5A03BA0000</string>
</array>
<key>ServiceProviderRoamingEnabled</key>
<true/>
</dict>
</array>
<key>PayloadDisplayName</key>
<string>OpenRo.am Test</string>
<key>PayloadIdentifier</key>
<string>openroam.44A21054-2F3F-437F-822A-C2F6766A2A23</string>
<key>PayloadOrganization</key>
<string>OpenRo.am</string>
<key>PayloadRemovalDisallowed</key>
<false/>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>1D460B0F-9311-4FD2-A75D-BADA866BC31C</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>

372
openapi/openroaming_globalreach.yaml Normal file
View File

@@ -0,0 +1,372 @@
openapi: 3.0.1
info:
title: OpenWiFi OpenRoaming Provisioning Model for Global Reach
description: Definitions and APIs to Open Roaming WiFi.
version: 2.5.0
license:
name: BSD3
url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/LICENSE
servers:
- url: 'https://localhost:16005/api/v1'
security:
- bearerAuth: []
- ApiKeyAuth: []
components:
securitySchemes:
ApiKeyAuth:
type: apiKey
in: header
name: X-API-KEY
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
responses:
NotFound:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/NotFound'
Unauthorized:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Unauthorized'
Success:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Success'
BadRequest:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/BadRequest'
schemas:
GLBLRAccountInfo:
type: object
properties:
allOf:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-owprov/blob/main/openpapi/owprov.yaml#/components/schemas/ObjectInfo'
privateKey:
type: string
country:
type: string
province:
type: string
city:
type: string
organization:
type: string
commonName:
type: string
CSR:
type: string
CSRPrivateKey:
type: string
CSRPublicKey:
type: string
GlobalReachAcctId:
type: string
GLBLRCertificateInfo:
type: object
properties:
id:
type: string
format: uuid
name:
type: string
accountId:
type: string
format: uuid
csr:
type: string
certificate:
type: string
certificateChain:
type: string
certificateId:
type: string
expiresAt:
type: integer
format: int64
created:
type: integer
format: int64
paths:
/openroaming/globalreach/accounts:
get:
tags:
- OpenRoaming-Global Reach
operationId: getOpenRoamingGlobalReachAccountList
summary: Retrieve account list.
parameters:
- in: query
description: Pagination start (starts at 1. If not specified, 1 is assumed)
name: offset
schema:
type: integer
required: false
- in: query
description: Maximum number of entries to return (if absent, no limit is assumed)
name: limit
schema:
type: integer
required: false
- in: query
description: return the number of accounts
name: countOnly
schema:
type: boolean
required: false
responses:
200:
description: The list of accounts
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/GLBLRAccountInfo'
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
/openroaming/globalreach/account/{name}:
get:
tags:
- OpenRoaming-Global Reach
operationId: getOpenRoamingGlobalReachAccount
summary: Retrieve account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/GLBLRAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
tags:
- OpenRoaming-Global Reach
operationId: deleteOpenRoamingGlobalReachAccount
summary: Delete account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
responses:
200:
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
post:
tags:
- OpenRoaming-Global Reach
operationId: createOpenRoamingGlobalReachAccount
summary: Create account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GLBLRAccountInfo'
responses:
200:
$ref: '#/components/schemas/GLBLRAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
put:
tags:
- OpenRoaming-Global Reach
operationId: modifyOpenRoamingGlobalReachAccount
summary: Modify account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GLBLRAccountInfo'
responses:
200:
$ref: '#/components/schemas/GLBLRAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
/openroaming/globalreach/certificates/{account}:
get:
tags:
- OpenRoaming-Global Reach Certificate
operationId: getOpenRoamingGlobalReachCertificateList
summary: Retrieve certificate list.
parameters:
- in: path
description: The account name
name: account
schema:
type: string
required: true
- in: query
description: Pagination start (starts at 1. If not specified, 1 is assumed)
name: offset
schema:
type: integer
required: false
- in: query
description: Maximum number of entries to return (if absent, no limit is assumed)
name: limit
schema:
type: integer
required: false
- in: query
description: return the number of certificates
name: countOnly
schema:
type: boolean
required: false
responses:
200:
description: The list of certificates
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/GLBLRCertificateInfo'
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
/openroaming/globalreach/certificate/{account}/{id}:
get:
tags:
- OpenRoaming-Global Reach Certificate
operationId: getOpenRoamingGlobalReachCertificate
summary: Retrieve certificate information.
parameters:
- in: path
description: The account name - this is the provisioning ID for the account. Not the GlobalReach ID.
name: account
schema:
type: string
required: true
- in: path
description: The certificate id in provisioning - not the certificate_id from GlobalReach
name: id
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/GLBLRCertificateInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
tags:
- OpenRoaming-Global Reach Certificate
operationId: deleteOpenRoamingGlobalReachCertificate
summary: Delete certificate information.
parameters:
- in: path
description: The account name - this is the provisioning ID for the account. Not the GlobalReach ID.
name: account
schema:
type: string
required: true
- in: path
description: The certificate id in provisioning - not the certificate_id from GlobalReach
name: id
schema:
type: string
required: true
responses:
200:
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
post:
tags:
- OpenRoaming-Global Reach Certificate
operationId: createOpenRoamingGlobalReachCertificate
summary: Create certificate information.
parameters:
- in: path
description: The account name - this is the provisioning ID for the account. Not the GlobalReach ID.
name: account
schema:
type: string
required: true
- in: path
description: Must be set to "0"
name: id
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GLBLRCertificateInfo'
responses:
200:
$ref: '#/components/schemas/GLBLRCertificateInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'

195
openapi/openroaming_orion.yaml Normal file
View File

@@ -0,0 +1,195 @@
openapi: 3.0.1
info:
title: OpenWiFi OpenRoaming Provisioning Model for Google Orion
description: Definitions and APIs to Open Roaming WiFi.
version: 2.5.0
license:
name: BSD3
url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/LICENSE
servers:
- url: 'https://localhost:16005/api/v1'
security:
- bearerAuth: []
- ApiKeyAuth: []
components:
securitySchemes:
ApiKeyAuth:
type: apiKey
in: header
name: X-API-KEY
bearerAuth:
type: http
scheme: bearer
bearerFormat: JWT
responses:
NotFound:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/NotFound'
Unauthorized:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Unauthorized'
Success:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Success'
BadRequest:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/BadRequest'
schemas:
GooglOrionAccountInfo:
type: object
properties:
allOf:
$ref: 'https://github.com/Telecominfraproject/wlan-cloud-owprov/blob/main/openpapi/owprov.yaml#/components/schemas/ObjectInfo'
privateKey:
type: string
certificate:
type: string
cacerts:
type: array
items:
type: string
paths:
/openroaming/orion/accounts:
get:
tags:
- OpenRoaming-Google Orion
operationId: getOpenRoamingGlobalReachAccountList
summary: Retrieve account list.
parameters:
- in: query
description: Pagination start (starts at 1. If not specified, 1 is assumed)
name: offset
schema:
type: integer
required: false
- in: query
description: Maximum number of entries to return (if absent, no limit is assumed)
name: limit
schema:
type: integer
required: false
- in: query
description: return the number of accounts
name: countOnly
schema:
type: boolean
required: false
responses:
200:
description: The list of accounts
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/GooglOrionAccountInfo'
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
/openroaming/orion/account/{id}:
get:
tags:
- OpenRoaming-Google Orion
operationId: getOpenRoamingGlobalReachAccount
summary: Retrieve account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/GooglOrionAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
tags:
- OpenRoaming-Google Orion
operationId: deleteOpenRoamingGlobalReachAccount
summary: Delete account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
responses:
200:
$ref: '#/components/responses/Success'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
post:
tags:
- OpenRoaming-Google Orion
operationId: createOpenRoamingGlobalReachAccount
summary: Create account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GooglOrionAccountInfo'
responses:
200:
$ref: '#/components/schemas/GooglOrionAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
put:
tags:
- OpenRoaming-Google Orion
operationId: modifyOpenRoamingGlobalReachAccount
summary: Modify account information.
parameters:
- in: path
description: The account name
name: name
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/GooglOrionAccountInfo'
responses:
200:
$ref: '#/components/schemas/GooglOrionAccountInfo'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'

268
openapi/ow_or_ameriband.yaml
View File

@@ -1,268 +0,0 @@
openapi: 3.0.1
info:
title: OpenWiFi Open roaming Ameriband Provisioning Model
description: Registration of an OpenRoaming profile with Ameriband for TIP OpenWifi.
version: 1.0.0
license:
name: BSD3
url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/LICENSE
servers:
- url: 'https://tip.regiatration.ameriband.com:8001/api/v1'
security:
- bearerAuth: []
components:
securitySchemes:
bearerAuth:
type: http
scheme: bearer
responses:
NotFound:
description: The specified resource was not found.
content:
application/json:
schema:
properties:
ErrorCode:
type: integer
ErrorDetails:
type: string
ErrorDescription:
type: string
Unauthorized:
description: The requested does not have sufficient rights to perform the operation.
content:
application/json:
schema:
properties:
ErrorCode:
type: integer
enum:
- 0 # Success
- 8 # INVALID_TOKEN
- 9 # EXPIRED_TOKEN
ErrorDetails:
type: string
ErrorDescription:
type: string
Success:
description: The requested operation was performed.
content:
application/json:
schema:
properties:
Operation:
type: string
Details:
type: string
Code:
type: integer
BadRequest:
description: The requested operation failed.
content:
application/json:
schema:
properties:
ErrorCode:
type: integer
ErrorDetails:
type: string
ErrorDescription:
type: integer
schemas:
RegistrationRequest:
type: object
properties:
orgRequestId:
type: string
format: uuid
minLength: 36
maxLength: 36
example:
Client will generate a UUID that must be returned in the response.
orgAcceptedTermsAndConditions:
type: boolean
default: false
orgLegalName:
type: string
minLength: 1
orgWebSite:
type: string
format: url
minLength: 1
orgContact:
type: string
minLength: 1
example:
John Smith
orgEmail:
type: string
format: email
minLength: 1
orgPhone:
type: string
example:
(607)555-1234 or +1(223)555-1222
orgLocation:
type: string
example:
Boston, NH - LA, CA
orgCertificate:
type: string
minLength: 1
example:
This must be the entire PEM file content of the certificate, encoded using base64
RegistrationResponse:
type: object
properties:
orgRequestId:
type: string
format: uuid
minLength: 36
maxLength: 36
example:
This should be the same orgRequestId passed during registration.
orgNASID:
type: string
minLength: 10
description:
This is the NASID generated by Ameriband. It will be used by the operator as NASID when contacting Ameriband.
ameribandCertificate:
type: string
minLength: 1
example:
This must be the entire PEM file content of the certificate, encoded using base64
RegistrationInformationRequest:
type: object
properties:
link:
description: This should be the link where a potential registrant can read the terms and conditions of registering with Ameriband.
type: string
format: url
minLength: 1
example:
https://ameriband.com/romain-registration.html
paths:
/termsAndConditions:
get:
summary: The registrant must be given a chance to view the terms and conditions of the relationship they are entering into
operationId: getTermsAndConditions
responses:
200:
description: Sucessfully retrieved Terms and Conditions
content:
application/json:
schema:
$ref: '#/components/schemas/RegistrationInformationRequest'
404:
$ref: '#/components/responses/Unauthorized'
/registration:
get:
tags:
- Registration
operationId: getRegistrationInformation
summary: This should return the information from a registration based on the NASID
parameters:
- in: query
name: orgNASID
schema:
type: string
required: true
example:
This is the orgNASID returned during registration.
responses:
200:
$ref: '#/components/schemas/RegistrationResponse'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
post:
summary: Called when the registrant ahs read the T&Cs and iw willing to submit their information to enter in a partnership
tags:
- Registration
operationId: createRegistration
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/RegistrationRequest'
responses:
200:
description: Succesfully registered
content:
application/json:
schema:
$ref: '#/components/schemas/RegistrationResponse'
400:
description: Registration failed due to missing or incomplete information
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
put:
summary: Called when the registrant needs to update its information with Ameriband. The does not generate a new NASID.
tags:
- Registration
operationId: updateRegistration
parameters:
- in: query
name: orgNASID
schema:
type: string
required: true
example:
This is the orgNASID returned during registration.
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/RegistrationRequest'
responses:
200:
description: Succesfully found the information based on the orgNASID
content:
application/json:
schema:
$ref: '#/components/schemas/RegistrationResponse'
400:
$ref: '#/components/responses/BadRequest'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
tags:
- Registration
summary: When a registrant wants to terminate a relationship with Ameriband. Ameriband should also delete all information from the registrant
operationId: deleteRegistration
parameters:
- in: query
name: orgNASID
schema:
type: string
required: true
example:
This is the orgNASID returned during registration.
responses:
204:
$ref: '#/components/responses/Success'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'

98
src/AutoDiscovery.cpp
View File

@@ -31,7 +31,49 @@ namespace OpenWifi {
poco_information(Logger(), "Stopped...");
};
void AutoDiscovery::run() {
void AutoDiscovery::ProcessPing(const Poco::JSON::Object::Ptr & P, std::string &FW, std::string &SN,
std::string &Compat, std::string &Conn, std::string &locale) {
if (P->has(uCentralProtocol::CONNECTIONIP))
Conn = P->get(uCentralProtocol::CONNECTIONIP).toString();
if (P->has(uCentralProtocol::FIRMWARE))
FW = P->get(uCentralProtocol::FIRMWARE).toString();
if (P->has(uCentralProtocol::SERIALNUMBER))
SN = P->get(uCentralProtocol::SERIALNUMBER).toString();
if (P->has(uCentralProtocol::COMPATIBLE))
Compat = P->get(uCentralProtocol::COMPATIBLE).toString();
if (P->has("locale")) {
locale = P->get("locale").toString();
}
}
void AutoDiscovery::ProcessConnect(const Poco::JSON::Object::Ptr &P, std::string &FW, std::string &SN,
std::string &Compat, std::string &Conn, std::string &locale) {
if (P->has(uCentralProtocol::CONNECTIONIP))
Conn = P->get(uCentralProtocol::CONNECTIONIP).toString();
if (P->has(uCentralProtocol::FIRMWARE))
FW = P->get(uCentralProtocol::FIRMWARE).toString();
if (P->has(uCentralProtocol::SERIALNUMBER))
SN = P->get(uCentralProtocol::SERIALNUMBER).toString();
if (P->has("locale")) {
locale = P->get("locale").toString();
}
if(P->has(uCentralProtocol::CAPABILITIES)) {
auto CapObj = P->getObject(uCentralProtocol::CAPABILITIES);
if (CapObj->has(uCentralProtocol::COMPATIBLE))
Compat = CapObj->get(uCentralProtocol::COMPATIBLE).toString();
}
}
void AutoDiscovery::ProcessDisconnect(const Poco::JSON::Object::Ptr &P, [[maybe_unused]] std::string &FW,
std::string &SN,
[[maybe_unused]] std::string &Compat,
[[maybe_unused]] std::string &Conn,
[[maybe_unused]] std::string &locale) {
if (P->has(uCentralProtocol::SERIALNUMBER))
SN = P->get(uCentralProtocol::SERIALNUMBER).toString();
}
void AutoDiscovery::run() {
Poco::AutoPtr<Poco::Notification> Note(Queue_.waitDequeueNotification());
Utils::SetThreadName("auto-discovery");
while (Note && Running_) {
@@ -40,43 +82,31 @@ namespace OpenWifi {
try {
Poco::JSON::Parser Parser;
auto Object = Parser.parse(Msg->Payload()).extract<Poco::JSON::Object::Ptr>();
bool Connected=true;
if (Object->has(uCentralProtocol::PAYLOAD)) {
auto PayloadObj = Object->getObject(uCentralProtocol::PAYLOAD);
std::string ConnectedIP, SerialNumber, DeviceType;
if (PayloadObj->has(uCentralProtocol::CONNECTIONIP))
ConnectedIP =
PayloadObj->get(uCentralProtocol::CONNECTIONIP).toString();
if (PayloadObj->has(uCentralProtocol::CAPABILITIES)) {
auto CapObj = PayloadObj->getObject(uCentralProtocol::CAPABILITIES);
if (CapObj->has(uCentralProtocol::COMPATIBLE)) {
DeviceType = CapObj->get(uCentralProtocol::COMPATIBLE).toString();
SerialNumber = PayloadObj->get(uCentralProtocol::SERIAL).toString();
}
} else if (PayloadObj->has(uCentralProtocol::PING)) {
auto PingMessage = PayloadObj->getObject(uCentralProtocol::PING);
if (PingMessage->has(uCentralProtocol::FIRMWARE) &&
PingMessage->has(uCentralProtocol::SERIALNUMBER) &&
PingMessage->has(uCentralProtocol::COMPATIBLE)) {
if (PingMessage->has(uCentralProtocol::CONNECTIONIP))
ConnectedIP =
PingMessage->get(uCentralProtocol::CONNECTIONIP).toString();
SerialNumber =
PingMessage->get(uCentralProtocol::SERIALNUMBER).toString();
DeviceType =
PingMessage->get(uCentralProtocol::COMPATIBLE).toString();
}
}
std::string Locale;
if (PayloadObj->has("locale"))
Locale = PayloadObj->get("locale").toString();
auto PayloadObj = Object->getObject(uCentralProtocol::PAYLOAD);
std::string ConnectedIP, SerialNumber, Compatible, Firmware, Locale ;
if (PayloadObj->has(uCentralProtocol::PING)) {
auto PingObj = PayloadObj->getObject("ping");
ProcessPing(PingObj, Firmware, SerialNumber, Compatible, ConnectedIP, Locale);
} else if(PayloadObj->has("capabilities")) {
ProcessConnect(PayloadObj, Firmware, SerialNumber, Compatible, ConnectedIP, Locale);
} else if(PayloadObj->has("disconnection")) {
// we ignore disconnection in provisioning
Connected=false;
ProcessConnect(PayloadObj, Firmware, SerialNumber, Compatible, ConnectedIP, Locale);
} else {
poco_debug(Logger(),fmt::format("Unknown message on 'connection' topic: {}",Msg->Payload()));
}
if (!SerialNumber.empty()) {
StorageService()->InventoryDB().CreateFromConnection(
SerialNumber, ConnectedIP, DeviceType, Locale);
}
}
if (!SerialNumber.empty() && Connected) {
StorageService()->InventoryDB().CreateFromConnection(
SerialNumber, ConnectedIP, Compatible, Locale);
}
}
} catch (const Poco::Exception &E) {
std::cout << "EX:" << Msg->Payload() << std::endl;
Logger().log(E);
} catch (...) {
}

10
src/AutoDiscovery.h
View File

@@ -9,6 +9,7 @@
#include "Poco/Notification.h"
#include "Poco/NotificationQueue.h"
#include "Poco/JSON/Object.h"
namespace OpenWifi {
@@ -46,7 +47,14 @@ namespace OpenWifi {
Poco::Thread Worker_;
std::atomic_bool Running_ = false;
AutoDiscovery() noexcept
void ProcessPing(const Poco::JSON::Object::Ptr & P, std::string &FW, std::string &SN,
std::string &Compat, std::string &Conn, std::string &locale) ;
void ProcessConnect(const Poco::JSON::Object::Ptr & P, std::string &FW, std::string &SN,
std::string &Compat, std::string &Conn, std::string &locale) ;
void ProcessDisconnect(const Poco::JSON::Object::Ptr & P, std::string &FW, std::string &SN,
std::string &Compat, std::string &Conn, std::string &locale) ;
AutoDiscovery() noexcept
: SubSystemServer("AutoDiscovery", "AUTO-DISCOVERY", "discovery") {}
};

5
src/Daemon.cpp
View File

@@ -23,6 +23,7 @@
#include "UI_Prov_WebSocketNotifications.h"
#include "framework/ConfigurationValidator.h"
#include "framework/UI_WebSocketClientServer.h"
#include "OpenRoamin_GlobalReach.h"
namespace OpenWifi {
class Daemon *Daemon::instance_ = nullptr;
@@ -35,7 +36,9 @@ namespace OpenWifi {
ConfigurationValidator(), SerialNumberCache(),
AutoDiscovery(), JobController(),
UI_WebSocketClientServer(), FindCountryFromIP(),
Signup(), FileDownloader()});
Signup(), FileDownloader(),
OpenRoaming_GlobalReach()
});
}
return instance_;
}

5
src/FileDownloader.cpp
View File

@@ -24,9 +24,8 @@ namespace OpenWifi {
void FileDownloader::onTimer([[maybe_unused]] Poco::Timer &timer) {
const static std::vector<std::pair<std::string, std::string>> Files{
{"https://raw.githubusercontent.com/blogic/ucentral-schema/main/ucentral.schema.json",
"ucentral.schema.json"},
{"https://ucentral.io/ucentral.schema.pretty.json", "ucentral.schema.pretty.json"}};
{ "https://raw.githubusercontent.com/Telecominfraproject/wlan-ucentral-schema/main/ucentral.schema.json",
"ucentral.schema.json"} };
Utils::SetThreadName("file-dmnldr");

4
src/Kafka_ProvUpdater.h
View File

@@ -39,9 +39,7 @@ namespace OpenWifi {
Poco::JSON::Object Payload;
obj.to_json(Payload);
Payload.set("ObjectType", OT);
std::ostringstream OS;
Payload.stringify(OS);
KafkaManager()->PostMessage(KafkaTopics::PROVISIONING_CHANGE, Ops[op], std::make_shared<std::string>(OS.str()));
KafkaManager()->PostMessage(KafkaTopics::PROVISIONING_CHANGE, Ops[op], Payload);
return true;
}

196
src/OpenRoamin_GlobalReach.cpp Normal file
View File

@@ -0,0 +1,196 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "OpenRoamin_GlobalReach.h"
#include <Poco/JWT/Token.h>
#include <Poco/JWT/Signer.h>
#include <Poco/Net/HTTPSClientSession.h>
#include <Poco/URI.h>
#include <Poco/TemporaryFile.h>
#include <Poco/JSON/Object.h>
#include <Poco/JSON/Parser.h>
#include <framework/RESTAPI_Handler.h>
#include <framework/MicroServiceFuncs.h>
#include <StorageService.h>
namespace OpenWifi {
int OpenRoaming_GlobalReach::Start() {
poco_information(Logger(), "Starting...");
InitCache();
return 0;
}
void OpenRoaming_GlobalReach::Stop() {
poco_information(Logger(), "Stopping...");
poco_information(Logger(), "Stopped...");
}
void OpenRoaming_GlobalReach::InitCache() {
auto F=[&](const ProvObjects::GLBLRAccountInfo &Info) {
poco_information(Logger(),fmt::format("Adding {} to cache.",Info.info.name));
if(!Info.privateKey.empty() && !Info.GlobalReachAcctId.empty() ) {
MakeToken(Info.GlobalReachAcctId, Info.privateKey);
}
return true;
};
StorageService()->GLBLRAccountInfoDB().Iterate(F);
}
bool OpenRoaming_GlobalReach::CreateRADSECCertificate(
const std::string &GlobalReachAccountId,
const std::string &Name,
const std::string &CSR,
ProvObjects::GLBLRCertificateInfo &NewCertificate) {
try {
std::cout << __LINE__ << ":" << GlobalReachAccountId << std::endl;
auto BearerToken = MakeToken(GlobalReachAccountId);
Poco::URI URI{"https://config.openro.am/v1/radsec/issue"};
std::string Path(URI.getPathAndQuery());
Poco::Net::HTTPRequest Request(Poco::Net::HTTPRequest::HTTP_POST, Path,
Poco::Net::HTTPMessage::HTTP_1_1);
Request.add("Authorization", "Bearer " + BearerToken);
Poco::Net::HTTPSClientSession Session(URI.getHost(), URI.getPort());
Session.setTimeout(Poco::Timespan(10000, 10000));
Poco::JSON::Object CertRequestBody;
CertRequestBody.set("name", Name);
CertRequestBody.set("csr", CSR);
std::ostringstream os;
CertRequestBody.stringify(os);
Request.setContentType("application/json");
Request.setContentLength((long) os.str().size());
auto &Body = Session.sendRequest(Request);
Body << os.str();
Poco::Net::HTTPResponse Response;
std::istream &is = Session.receiveResponse(Response);
if (Response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK) {
Poco::JSON::Parser P;
auto Result = P.parse(is).extract<Poco::JSON::Object::Ptr>();
RESTAPIHandler::AssignIfPresent(Result,"certificate",NewCertificate.certificate);
RESTAPIHandler::AssignIfPresent(Result,"certificate_chain",NewCertificate.certificateChain);
RESTAPIHandler::AssignIfPresent(Result,"certificate_id",NewCertificate.certificateId);
RESTAPIHandler::AssignIfPresent(Result,"expires_at",NewCertificate.expiresAt);
return true;
}
Poco::JSON::Parser P;
std::ostringstream oos;
auto Result = P.parse(is).extract<Poco::JSON::Object::Ptr>();
Result->stringify(oos);
} catch( const Poco::Exception &E) {
poco_error(Logger(),fmt::format("Could not create a new RADSEC certificate: {},{}",E.name(),E.displayText()));
}
return false;
}
bool OpenRoaming_GlobalReach::GetRADSECCertificate(
const std::string &GlobalReachAccountId,
std::string &CertificateId,
ProvObjects::GLBLRCertificateInfo &NewCertificate) {
try {
Poco::URI URI{fmt::format("https://config.openro.am/v1/radsec/cert/{}", CertificateId)};
std::string Path(URI.getPathAndQuery());
Poco::Net::HTTPRequest Request(Poco::Net::HTTPRequest::HTTP_GET, Path,
Poco::Net::HTTPMessage::HTTP_1_1);
auto BearerToken = MakeToken(GlobalReachAccountId);
Request.add("Authorization", "Bearer " + BearerToken);
Poco::Net::HTTPSClientSession Session(URI.getHost(), URI.getPort());
Session.setTimeout(Poco::Timespan(10000, 10000));
Session.sendRequest(Request);
Poco::Net::HTTPResponse Response;
std::istream &is = Session.receiveResponse(Response);
if (Response.getStatus() == Poco::Net::HTTPResponse::HTTP_OK) {
Poco::JSON::Parser P;
auto Result = P.parse(is).extract<Poco::JSON::Object::Ptr>();
RESTAPIHandler::AssignIfPresent(Result,"certificate",NewCertificate.certificate);
RESTAPIHandler::AssignIfPresent(Result,"certificate_chain",NewCertificate.certificateChain);
RESTAPIHandler::AssignIfPresent(Result,"certificate_id",NewCertificate.certificateId);
RESTAPIHandler::AssignIfPresent(Result,"expires_at",NewCertificate.expiresAt);
return true;
}
} catch( const Poco::Exception &E) {
poco_error(Logger(),fmt::format("Could not retrieve the certificate from GlobalReach: {},{}",E.name(),E.displayText()));
}
return false;
}
std::string OpenRoaming_GlobalReach::MakeToken(const std::string &GlobalReachAccountId, const std::string &PrivateKey) {
try {
Poco::JWT::Token token;
token.setType("JWT");
token.setAlgorithm("ES256");
token.setIssuedAt(std::time(nullptr));
token.payload().set("iss", GlobalReachAccountId);
token.payload().set("iat", (unsigned long) std::time(nullptr));
Poco::SharedPtr<Poco::Crypto::ECKey> Key;
auto KeyHash = Utils::ComputeHash(PrivateKey);
auto KeyHint = PrivateKeys_.find(GlobalReachAccountId);
if (KeyHint != PrivateKeys_.end() && PrivateKey.empty() ) {
Key = KeyHint->second.second;
} else {
if (PrivateKey.empty()) {
return "";
}
Poco::TemporaryFile F;
std::ofstream ofs(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary);
ofs << PrivateKey;
ofs.close();
auto NewKey = Poco::SharedPtr<Poco::Crypto::ECKey>(
new Poco::Crypto::ECKey("", F.path(), ""));
Key = NewKey;
PrivateKeys_[GlobalReachAccountId] = std::make_pair(KeyHash, NewKey);
}
Poco::JWT::Signer Signer;
Signer.setECKey(Key);
Signer.addAllAlgorithms();
return Signer.sign(token, Poco::JWT::Signer::ALGO_ES256);
} catch (const Poco::Exception &E) {
poco_error(Logger(),fmt::format("Cannot create a Global Reach token: {},{}",E.name(),E.displayText()));
}
return "";
}
bool OpenRoaming_GlobalReach::VerifyAccount(const std::string &GlobalReachAccountId, const std::string &PrivateKey, std::string &Name) {
auto BearerToken = MakeToken(GlobalReachAccountId, PrivateKey);
Poco::URI URI{"https://config.openro.am/v1/config"};
std::string Path(URI.getPathAndQuery());
Poco::Net::HTTPRequest Request(Poco::Net::HTTPRequest::HTTP_GET, Path,
Poco::Net::HTTPMessage::HTTP_1_1);
Request.add("Authorization", "Bearer " + BearerToken);
Poco::Net::HTTPSClientSession Session(URI.getHost(), URI.getPort());
Session.setTimeout(Poco::Timespan(10000, 10000));
Session.sendRequest(Request);
Poco::Net::HTTPResponse Response;
std::istream &is = Session.receiveResponse(Response);
if(Response.getStatus()==Poco::Net::HTTPResponse::HTTP_OK) {
Poco::JSON::Parser P;
auto Result = P.parse(is).extract<Poco::JSON::Object::Ptr>();
if(Result->has("name")) {
Name = Result->get("name").toString();
}
return true;
}
return false;
}
} // OpenWifi

43
src/OpenRoamin_GlobalReach.h Normal file
View File

@@ -0,0 +1,43 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "framework/SubSystemServer.h"
#include "Poco/JSON/Object.h"
#include "RESTObjects/RESTAPI_ProvObjects.h"
namespace OpenWifi {
class OpenRoaming_GlobalReach : public SubSystemServer {
public:
static auto instance() {
static auto instance_ = new OpenRoaming_GlobalReach;
return instance_;
}
int Start() override;
void Stop() override;
bool CreateRADSECCertificate(const std::string &AccountName,
const std::string &Name,
const std::string &CSR,
ProvObjects::GLBLRCertificateInfo &NewCertificate);
bool GetRADSECCertificate(const std::string &AccountName, std::string & CertificateId, ProvObjects::GLBLRCertificateInfo &NewCertificate);
bool VerifyAccount(const std::string &GlobalReachAccountId, const std::string &PrivateKey, std::string &Name);
void InitCache();
private:
std::string MakeToken(const std::string &GlobalReachAccountId, const std::string &PrivateKey="");
std::map<std::string,std::pair<std::string,Poco::SharedPtr<Poco::Crypto::ECKey>>> PrivateKeys_;
OpenRoaming_GlobalReach() noexcept
: SubSystemServer("OpenRoaming_GlobalReach", "GLBL-REACH", "globalreach") {
}
};
inline auto OpenRoaming_GlobalReach() { return OpenRoaming_GlobalReach::instance(); }
} // OpenWifi

125
src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.cpp Normal file
View File

@@ -0,0 +1,125 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "RESTAPI_openroaming_gr_acct_handler.h"
#include "OpenRoamin_GlobalReach.h"
namespace OpenWifi {
void RESTAPI_openroaming_gr_acct_handler::DoGet() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
ProvObjects::GLBLRAccountInfo Record;
if(DB_.GetRecord("id",Account,Record)) {
return ReturnObject(Record);
}
return NotFound();
}
void RESTAPI_openroaming_gr_acct_handler::DoDelete() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
ProvObjects::GLBLRAccountInfo Record;
if(!DB_.GetRecord("id",Account,Record)) {
return NotFound();
}
StorageService()->GLBLRCertsDB().DeleteRecords(fmt::format(" accountId='{}' ", Account));
DB_.DeleteRecord("id", Account);
return OK();
}
void RESTAPI_openroaming_gr_acct_handler::DoPost() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
const auto &RawObject = ParsedBody_;
ProvObjects::GLBLRAccountInfo NewObject;
if( !NewObject.from_json(RawObject)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
if(NewObject.privateKey.empty() || NewObject.GlobalReachAcctId.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(!NewObject.privateKey.empty() && !Utils::VerifyECKey(NewObject.privateKey)) {
return BadRequest(RESTAPI::Errors::NotAValidECKey);
}
std::string GlobalReachName;
if(!OpenRoaming_GlobalReach()->VerifyAccount(NewObject.GlobalReachAcctId,NewObject.privateKey,GlobalReachName)) {
return BadRequest(RESTAPI::Errors::InvalidGlobalReachAccount);
}
if( NewObject.commonName.empty() || NewObject.organization.empty() ||
NewObject.city.empty() || NewObject.province.empty() || NewObject.country.empty() ) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
Utils::CSRCreationParameters P;
P.Country = NewObject.country;
P.CommonName = NewObject.commonName;
P.Province = NewObject.province;
P.City = NewObject.city;
P.Organization = NewObject.organization;
Utils::CSRCreationResults R;
if(!Utils::CreateX509CSR(P,R)) {
return BadRequest(RESTAPI::Errors::CannotCreateCSR);
}
NewObject.CSR = R.CSR;
NewObject.CSRPublicKey = R.PublicKey;
NewObject.CSRPrivateKey = R.PrivateKey;
ProvObjects::CreateObjectInfo(RawObject,UserInfo_.userinfo,NewObject.info);
if(DB_.CreateRecord(NewObject)) {
ProvObjects::GLBLRAccountInfo StoredObject;
DB_.GetRecord("id",NewObject.info.id,StoredObject);
return ReturnObject(StoredObject);
}
return BadRequest(RESTAPI::Errors::RecordNotCreated);
}
void RESTAPI_openroaming_gr_acct_handler::DoPut() {
auto Account = GetBinding("account","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
const auto &RawObject = ParsedBody_;
ProvObjects::GLBLRAccountInfo Modify;
if(!Modify.from_json(RawObject)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
ProvObjects::GLBLRAccountInfo Existing;
if(!DB_.GetRecord("id",Account,Existing)) {
return NotFound();
}
if(!ProvObjects::UpdateObjectInfo(RawObject,UserInfo_.userinfo,Existing.info)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
if(DB_.UpdateRecord("id",Existing.info.id,Existing)) {
ProvObjects::GLBLRAccountInfo StoredObject;
DB_.GetRecord("id",Existing.info.id,StoredObject);
return ReturnObject(StoredObject);
}
return BadRequest(RESTAPI::Errors::RecordNotUpdated);
}
} // OpenWifi

31
src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.h Normal file
View File

@@ -0,0 +1,31 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_gr_acct_handler : public RESTAPIHandler {
public:
RESTAPI_openroaming_gr_acct_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/globalreach/account/{id}"}; };
private:
GLBLRAccountInfoDB &DB_ = StorageService()->GLBLRAccountInfoDB();
void DoGet() final;
void DoPost() final;
void DoPut() final;
void DoDelete() final;
};
} // namespace OpenWifi

82
src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.cpp Normal file
View File

@@ -0,0 +1,82 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "RESTAPI_openroaming_gr_cert_handler.h"
#include <OpenRoamin_GlobalReach.h>
namespace OpenWifi {
void RESTAPI_openroaming_gr_cert_handler::DoGet() {
auto Account = GetBinding("account","");
auto Id = GetBinding("id","");
if(Account.empty() || Id.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(!StorageService()->GLBLRAccountInfoDB().Exists("id",Account)) {
return NotFound();
}
std::vector<ProvObjects::GLBLRCertificateInfo> Certificates;
DB_.GetRecords(0,1,Certificates,fmt::format(" accountId='{}' and id='{}' ", Account, Id));
if(Certificates.empty()) {
return NotFound();
}
return ReturnObject(Certificates[0]);
}
void RESTAPI_openroaming_gr_cert_handler::DoDelete() {
auto Account = GetBinding("account","");
auto Id = GetBinding("id","");
if(Account.empty() || Id.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(!StorageService()->GLBLRAccountInfoDB().Exists("id",Account)) {
return NotFound();
}
DB_.DeleteRecords(fmt::format(" accountId='{}' and id='{}' ", Account, Id));
return OK();
}
void RESTAPI_openroaming_gr_cert_handler::DoPost() {
auto Account = GetBinding("account","");
auto Id = GetBinding("id","");
if(Account.empty() || Id.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
const auto &RawObject = ParsedBody_;
ProvObjects::GLBLRCertificateInfo NewObject;
if( !NewObject.from_json(RawObject)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
if(NewObject.name.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
ProvObjects::GLBLRAccountInfo AccountInfo;
if(!StorageService()->GLBLRAccountInfoDB().GetRecord("id",Account, AccountInfo)) {
return BadRequest(RESTAPI::Errors::InvalidGlobalReachAccount);
}
if(OpenRoaming_GlobalReach()->CreateRADSECCertificate(AccountInfo.GlobalReachAcctId,NewObject.name,AccountInfo.CSR, NewObject)) {
NewObject.id = MicroServiceCreateUUID();
NewObject.accountId = Account;
NewObject.created = Utils::Now();
NewObject.csr = AccountInfo.CSR;
DB_.CreateRecord(NewObject);
ProvObjects::GLBLRCertificateInfo CreatedObject;
DB_.GetRecord("id",NewObject.id,CreatedObject);
return ReturnObject(CreatedObject);
}
return BadRequest(RESTAPI::Errors::RecordNotCreated);
}
} // OpenWifi

30
src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.h Normal file
View File

@@ -0,0 +1,30 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_gr_cert_handler : public RESTAPIHandler {
public:
RESTAPI_openroaming_gr_cert_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/globalreach/certificate/{account}/{id}"}; };
private:
GLBLRCertsDB &DB_ = StorageService()->GLBLRCertsDB();
void DoGet() final;
void DoPost() final;
void DoPut() final {};
void DoDelete() final;
};
} // namespace OpenWifi

20
src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.cpp Normal file
View File

@@ -0,0 +1,20 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "RESTAPI_openroaming_gr_list_acct_handler.h"
namespace OpenWifi {
void RESTAPI_openroaming_gr_list_acct_handler::DoGet() {
if(GetBoolParameter("countOnly")) {
return ReturnCountOnly(DB_.Count());
}
std::vector<ProvObjects::GLBLRAccountInfo> Accounts;
DB_.GetRecords(QB_.Offset,QB_.Limit,Accounts);
return ReturnObject(Accounts);
}
} // OpenWifi

29
src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.h Normal file
View File

@@ -0,0 +1,29 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_gr_list_acct_handler : public RESTAPIHandler {
public:
RESTAPI_openroaming_gr_list_acct_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/globalreach/accounts"}; };
private:
GLBLRAccountInfoDB &DB_ = StorageService()->GLBLRAccountInfoDB();
void DoGet() final;
void DoPost() final{};
void DoPut() final{};
void DoDelete() final{};
};
} // namespace OpenWifi

27
src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.cpp Normal file
View File

@@ -0,0 +1,27 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "RESTAPI_openroaming_gr_list_certificates.h"
namespace OpenWifi {
void RESTAPI_openroaming_gr_list_certificates::DoGet() {
auto Account = GetBinding("account","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
auto Where = fmt::format(" accountId='{}'", Account);
if(GetBoolParameter("countOnly")) {
return ReturnCountOnly(DB_.Count(Where));
}
std::vector<ProvObjects::GLBLRCertificateInfo> Certificates;
DB_.GetRecords(QB_.Offset,QB_.Limit,Certificates, Where);
return ReturnObject(Certificates);
}
} // OpenWifi

29
src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.h Normal file
View File

@@ -0,0 +1,29 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_gr_list_certificates : public RESTAPIHandler {
public:
RESTAPI_openroaming_gr_list_certificates(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/globalreach/certificates/{account}"}; };
private:
GLBLRCertsDB &DB_ = StorageService()->GLBLRCertsDB();
void DoGet() final;
void DoPost() final{};
void DoPut() final{};
void DoDelete() final{};
};
} // namespace OpenWifi

100
src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.cpp Normal file
View File

@@ -0,0 +1,100 @@
//
// Created by stephane bourque on 2023-09-15.
//
#include "RESTAPI_openroaming_orion_acct_handler.h"
#include "OpenRoamin_GlobalReach.h"
namespace OpenWifi {
void RESTAPI_openroaming_orion_acct_handler::DoGet() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
ProvObjects::GooglOrionAccountInfo Record;
if(DB_.GetRecord("id",Account,Record)) {
return ReturnObject(Record);
}
return NotFound();
}
void RESTAPI_openroaming_orion_acct_handler::DoDelete() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
ProvObjects::GooglOrionAccountInfo Record;
if(!DB_.GetRecord("id",Account,Record)) {
return NotFound();
}
DB_.DeleteRecord("id", Account);
return OK();
}
void RESTAPI_openroaming_orion_acct_handler::DoPost() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
const auto &RawObject = ParsedBody_;
ProvObjects::GooglOrionAccountInfo NewObject;
if( !NewObject.from_json(RawObject)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
if( NewObject.privateKey.empty() ||
NewObject.certificate.empty() ||
NewObject.cacerts.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if( !Utils::VerifyECKey(NewObject.privateKey) ||
!Utils::ValidX509Certificate(NewObject.certificate) ||
!Utils::ValidX509Certificate(NewObject.cacerts)) {
return BadRequest(RESTAPI::Errors::NotAValidECKey);
}
ProvObjects::CreateObjectInfo(RawObject,UserInfo_.userinfo,NewObject.info);
if(DB_.CreateRecord(NewObject)) {
ProvObjects::GooglOrionAccountInfo StoredObject;
DB_.GetRecord("id",NewObject.info.id,StoredObject);
return ReturnObject(StoredObject);
}
return BadRequest(RESTAPI::Errors::RecordNotCreated);
}
void RESTAPI_openroaming_orion_acct_handler::DoPut() {
auto Account = GetBinding("id","");
if(Account.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
const auto &RawObject = ParsedBody_;
ProvObjects::GLBLRAccountInfo Modify;
if(!Modify.from_json(RawObject)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
ProvObjects::GooglOrionAccountInfo Existing;
if(!DB_.GetRecord("id",Account,Existing)) {
return NotFound();
}
if(!ProvObjects::UpdateObjectInfo(RawObject,UserInfo_.userinfo,Existing.info)) {
return BadRequest(OpenWifi::RESTAPI::Errors::InvalidJSONDocument);
}
if(DB_.UpdateRecord("id",Existing.info.id,Existing)) {
ProvObjects::GooglOrionAccountInfo StoredObject;
DB_.GetRecord("id",Existing.info.id,StoredObject);
return ReturnObject(StoredObject);
}
return BadRequest(RESTAPI::Errors::RecordNotUpdated);
}
} // OpenWifi

31
src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.h Normal file
View File

@@ -0,0 +1,31 @@
//
// Created by stephane bourque on 2023-09-15.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_orion_acct_handler : public RESTAPIHandler {
public:
RESTAPI_openroaming_orion_acct_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/orion/account/{id}"}; };
private:
OrionAccountsDB &DB_ = StorageService()->OrionAccountsDB();
void DoGet() final;
void DoPost() final;
void DoPut() final;
void DoDelete() final;
};
} // namespace OpenWifi

21
src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.cpp Normal file
View File

@@ -0,0 +1,21 @@
//
// Created by stephane bourque on 2023-09-15.
//
#include "RESTAPI_openroaming_orion_list_acct_handler.h"
namespace OpenWifi {
void RESTAPI_openroaming_orion_list_acct_handler::DoGet() {
if(GetBoolParameter("countOnly")) {
return ReturnCountOnly(DB_.Count());
}
std::vector<ProvObjects::GooglOrionAccountInfo> Accounts;
DB_.GetRecords(QB_.Offset,QB_.Limit,Accounts);
return ReturnObject(Accounts);
}
} // OpenWifi

29
src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h Normal file
View File

@@ -0,0 +1,29 @@
//
// Created by stephane bourque on 2023-09-15.
//
#pragma once
#include "StorageService.h"
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_openroaming_orion_list_acct_handler : public RESTAPIHandler {
public:
RESTAPI_openroaming_orion_list_acct_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server, TransactionId, Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/openroaming/orion/accounts"}; };
private:
OrionAccountsDB &DB_ = StorageService()->OrionAccountsDB();
void DoGet() final;
void DoPost() final{};
void DoPut() final{};
void DoDelete() final{};
};
} // namespace OpenWifi

16
src/RESTAPI/RESTAPI_routers.cpp
View File

@@ -35,6 +35,12 @@
#include "RESTAPI/RESTAPI_variables_list_handler.h"
#include "RESTAPI/RESTAPI_venue_handler.h"
#include "RESTAPI/RESTAPI_venue_list_handler.h"
#include "RESTAPI/RESTAPI_openroaming_gr_acct_handler.h"
#include "RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.h"
#include "RESTAPI/RESTAPI_openroaming_gr_cert_handler.h"
#include "RESTAPI/RESTAPI_openroaming_gr_list_certificates.h"
#include "RESTAPI/RESTAPI_openroaming_orion_acct_handler.h"
#include "RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h"
#include "framework/RESTAPI_SystemCommand.h"
#include "framework/RESTAPI_WebSocketServer.h"
@@ -60,7 +66,10 @@ namespace OpenWifi {
RESTAPI_operators_list_handler, RESTAPI_service_class_handler,
RESTAPI_service_class_list_handler, RESTAPI_op_contact_handler,
RESTAPI_op_contact_list_handler, RESTAPI_op_location_handler,
RESTAPI_op_location_list_handler, RESTAPI_asset_server, RESTAPI_overrides_handler>(
RESTAPI_op_location_list_handler, RESTAPI_asset_server, RESTAPI_overrides_handler,
RESTAPI_openroaming_gr_acct_handler, RESTAPI_openroaming_gr_list_acct_handler,
RESTAPI_openroaming_gr_cert_handler, RESTAPI_openroaming_gr_list_certificates,
RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler>(
Path, Bindings, L, S, TransactionId);
}
@@ -82,7 +91,10 @@ namespace OpenWifi {
RESTAPI_operators_list_handler, RESTAPI_service_class_handler,
RESTAPI_service_class_list_handler, RESTAPI_op_contact_handler,
RESTAPI_op_contact_list_handler, RESTAPI_op_location_handler,
RESTAPI_op_location_list_handler, RESTAPI_overrides_handler>(Path, Bindings, L, S,
RESTAPI_op_location_list_handler, RESTAPI_overrides_handler,
RESTAPI_openroaming_gr_acct_handler, RESTAPI_openroaming_gr_list_acct_handler,
RESTAPI_openroaming_gr_cert_handler, RESTAPI_openroaming_gr_list_certificates,
RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler>(Path, Bindings, L, S,
TransactionId);
}
} // namespace OpenWifi

85
src/RESTObjects/RESTAPI_ProvObjects.cpp
View File

@@ -1194,4 +1194,89 @@ namespace OpenWifi::ProvObjects {
return false;
}
void GLBLRAccountInfo::to_json(Poco::JSON::Object &Obj) const {
info.to_json(Obj);
field_to_json(Obj, "privateKey", privateKey);
field_to_json(Obj, "country", country);
field_to_json(Obj, "province", province);
field_to_json(Obj, "city", city);
field_to_json(Obj, "organization", organization);
field_to_json(Obj, "commonName", commonName);
field_to_json(Obj, "CSR", CSR);
field_to_json(Obj, "CSRPrivateKey", CSRPrivateKey);
field_to_json(Obj, "CSRPublicKey", CSRPublicKey);
field_to_json(Obj, "GlobalReachAcctId", GlobalReachAcctId);
}
bool GLBLRAccountInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
info.from_json(Obj);
field_from_json(Obj, "privateKey", privateKey);
field_from_json(Obj, "country", country);
field_from_json(Obj, "province", province);
field_from_json(Obj, "city", city);
field_from_json(Obj, "organization", organization);
field_from_json(Obj, "commonName", commonName);
field_from_json(Obj, "CSR", CSR);
field_from_json(Obj, "CSRPrivateKey", CSRPrivateKey);
field_from_json(Obj, "CSRPublicKey", CSRPublicKey);
field_from_json(Obj, "GlobalReachAcctId", GlobalReachAcctId);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void GLBLRCertificateInfo::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj, "id", id);
field_to_json(Obj, "name", name);
field_to_json(Obj, "accountId", accountId);
field_to_json(Obj, "csr", csr);
field_to_json(Obj, "certificate", certificate);
field_to_json(Obj, "certificateChain", certificateChain);
field_to_json(Obj, "certificateId", certificateId);
field_to_json(Obj, "expiresAt", expiresAt);
field_to_json(Obj, "created", created);
}
bool GLBLRCertificateInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj, "id", id);
field_from_json(Obj, "name", name);
field_from_json(Obj, "accountId", accountId);
field_from_json(Obj, "csr", csr);
field_from_json(Obj, "certificate", certificate);
field_from_json(Obj, "certificateChain", certificateChain);
field_from_json(Obj, "certificateId", certificateId);
field_from_json(Obj, "expiresAt", expiresAt);
field_from_json(Obj, "created", created);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void GooglOrionAccountInfo::to_json(Poco::JSON::Object &Obj) const {
info.to_json(Obj);
field_to_json(Obj, "privateKey", privateKey);
field_to_json(Obj, "certificate", certificate);
field_to_json(Obj, "cacerts", cacerts);
}
bool GooglOrionAccountInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
info.from_json(Obj);
field_from_json(Obj, "privateKey", privateKey);
field_from_json(Obj, "certificate", certificate);
field_from_json(Obj, "cacerts", cacerts);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
} // namespace OpenWifi::ProvObjects

37
src/RESTObjects/RESTAPI_ProvObjects.h
View File

@@ -746,4 +746,41 @@ namespace OpenWifi::ProvObjects {
bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
ObjectInfo &I);
bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);
struct GLBLRAccountInfo {
ObjectInfo info;
std::string privateKey;
std::string country, province, city, organization, commonName;
std::string CSR, CSRPrivateKey, CSRPublicKey;
std::string GlobalReachAcctId;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct GLBLRCertificateInfo {
std::string id;
std::string name;
std::string accountId;
std::string csr;
std::string certificate;
std::string certificateChain;
std::string certificateId;
std::uint64_t expiresAt=0;
std::uint64_t created=0;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct GooglOrionAccountInfo {
ObjectInfo info;
std::string privateKey;
std::string certificate;
std::vector<std::string> cacerts;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
}; // namespace OpenWifi::ProvObjects

38
src/StorageService.cpp
View File

@@ -39,6 +39,9 @@ namespace OpenWifi {
OpLocationDB_ = std::make_unique<OpenWifi::OpLocationDB>(dbType_, *Pool_, Logger());
OpContactDB_ = std::make_unique<OpenWifi::OpContactDB>(dbType_, *Pool_, Logger());
OverridesDB_ = std::make_unique<OpenWifi::OverridesDB>(dbType_, *Pool_, Logger());
GLBLRAccountInfoDB_ = std::make_unique<OpenWifi::GLBLRAccountInfoDB>(dbType_, *Pool_, Logger());
GLBLRCertsDB_ = std::make_unique<OpenWifi::GLBLRCertsDB>(dbType_, *Pool_, Logger());
OrionAccountsDB_ = std::make_unique<OpenWifi::OrionAccountsDB>(dbType_, *Pool_, Logger());
EntityDB_->Create();
PolicyDB_->Create();
@@ -59,6 +62,9 @@ namespace OpenWifi {
OpLocationDB_->Create();
OpContactDB_->Create();
OverridesDB_->Create();
GLBLRAccountInfoDB_->Create();
GLBLRCertsDB_->Create();
OrionAccountsDB_->Create();
ExistFunc_[EntityDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
return EntityDB_->Exists(F, V);
@@ -117,8 +123,19 @@ namespace OpenWifi {
ExistFunc_[OverridesDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
return OverridesDB_->Exists(F, V);
};
ExistFunc_[GLBLRAccountInfoDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
return GLBLRAccountInfoDB_->Exists(F, V);
};
ExistFunc_[GLBLRCertsDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
return GLBLRCertsDB_->Exists(F, V);
};
ExistFunc_[GLBLRCertsDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
return OrionAccountsDB_->Exists(F, V);
};
ExpandFunc_[EntityDB_->Prefix()] = [=](const char *F, std::string &V, std::string &Name,
ExpandFunc_[EntityDB_->Prefix()] = [=](const char *F, std::string &V, std::string &Name,
std::string &Description) -> bool {
return EntityDB_->GetNameAndDescription(F, V, Name, Description);
};
@@ -206,9 +223,24 @@ namespace OpenWifi {
[=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
[[maybe_unused]] std::string &Name,
[[maybe_unused]] std::string &Description) -> bool { return false; };
ExpandFunc_[GLBLRAccountInfoDB_->Prefix()] =
[=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
[[maybe_unused]] std::string &Name,
[[maybe_unused]] std::string &Description) -> bool { return false; };
ExpandFunc_[OverridesDB_->Prefix()] =
[=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
[[maybe_unused]] std::string &Name,
[[maybe_unused]] std::string &Description) -> bool { return false; };
ExpandFunc_[GLBLRCertsDB_->Prefix()] =
[=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
[[maybe_unused]] std::string &Name,
[[maybe_unused]] std::string &Description) -> bool { return false; };
ExpandFunc_[OrionAccountsDB_->Prefix()] =
[=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
[[maybe_unused]] std::string &Name,
[[maybe_unused]] std::string &Description) -> bool { return false; };
InventoryDB_->InitializeSerialCache();
InventoryDB_->InitializeSerialCache();
ConsistencyCheck();
InitializeSystemDBs();

47
src/StorageService.h
View File

@@ -28,6 +28,9 @@
#include "storage/storage_tags.h"
#include "storage/storage_variables.h"
#include "storage/storage_venue.h"
#include "storage/storage_glblraccounts.h"
#include "storage/storage_glblrcerts.h"
#include "storage/storage_orion_accounts.h"
#include "Poco/URI.h"
#include "framework/ow_constants.h"
@@ -47,25 +50,28 @@ namespace OpenWifi {
typedef std::list<ProvObjects::ExpandedUseEntry> ExpandedInUseList;
typedef std::map<std::string, ProvObjects::ExpandedUseEntryList> ExpandedListMap;
OpenWifi::EntityDB &EntityDB() { return *EntityDB_; };
OpenWifi::PolicyDB &PolicyDB() { return *PolicyDB_; };
OpenWifi::VenueDB &VenueDB() { return *VenueDB_; };
OpenWifi::LocationDB &LocationDB() { return *LocationDB_; };
OpenWifi::ContactDB &ContactDB() { return *ContactDB_; };
OpenWifi::InventoryDB &InventoryDB() { return *InventoryDB_; };
OpenWifi::ManagementRoleDB &RolesDB() { return *RolesDB_; };
OpenWifi::ConfigurationDB &ConfigurationDB() { return *ConfigurationDB_; };
OpenWifi::TagsDictionaryDB &TagsDictionaryDB() { return *TagsDictionaryDB_; };
OpenWifi::TagsObjectDB &TagsObjectDB() { return *TagsObjectDB_; };
OpenWifi::MapDB &MapDB() { return *MapDB_; };
OpenWifi::SignupDB &SignupDB() { return *SignupDB_; };
OpenWifi::VariablesDB &VariablesDB() { return *VariablesDB_; };
OpenWifi::OperatorDB &OperatorDB() { return *OperatorDB_; };
OpenWifi::ServiceClassDB &ServiceClassDB() { return *ServiceClassDB_; };
OpenWifi::SubscriberDeviceDB &SubscriberDeviceDB() { return *SubscriberDeviceDB_; };
OpenWifi::OpLocationDB &OpLocationDB() { return *OpLocationDB_; };
OpenWifi::OpContactDB &OpContactDB() { return *OpContactDB_; };
OpenWifi::OverridesDB &OverridesDB() { return *OverridesDB_; };
inline OpenWifi::EntityDB &EntityDB() { return *EntityDB_; };
inline OpenWifi::PolicyDB &PolicyDB() { return *PolicyDB_; };
inline OpenWifi::VenueDB &VenueDB() { return *VenueDB_; };
inline OpenWifi::LocationDB &LocationDB() { return *LocationDB_; };
inline OpenWifi::ContactDB &ContactDB() { return *ContactDB_; };
inline OpenWifi::InventoryDB &InventoryDB() { return *InventoryDB_; };
inline OpenWifi::ManagementRoleDB &RolesDB() { return *RolesDB_; };
inline OpenWifi::ConfigurationDB &ConfigurationDB() { return *ConfigurationDB_; };
inline OpenWifi::TagsDictionaryDB &TagsDictionaryDB() { return *TagsDictionaryDB_; };
inline OpenWifi::TagsObjectDB &TagsObjectDB() { return *TagsObjectDB_; };
inline OpenWifi::MapDB &MapDB() { return *MapDB_; };
inline OpenWifi::SignupDB &SignupDB() { return *SignupDB_; };
inline OpenWifi::VariablesDB &VariablesDB() { return *VariablesDB_; };
inline OpenWifi::OperatorDB &OperatorDB() { return *OperatorDB_; };
inline OpenWifi::ServiceClassDB &ServiceClassDB() { return *ServiceClassDB_; };
inline OpenWifi::SubscriberDeviceDB &SubscriberDeviceDB() { return *SubscriberDeviceDB_; };
inline OpenWifi::OpLocationDB &OpLocationDB() { return *OpLocationDB_; };
inline OpenWifi::OpContactDB &OpContactDB() { return *OpContactDB_; };
inline OpenWifi::OverridesDB &OverridesDB() { return *OverridesDB_; };
inline OpenWifi::GLBLRAccountInfoDB &GLBLRAccountInfoDB() { return *GLBLRAccountInfoDB_; }
inline OpenWifi::GLBLRCertsDB &GLBLRCertsDB() { return *GLBLRCertsDB_; }
inline OpenWifi::OrionAccountsDB &OrionAccountsDB() { return *OrionAccountsDB_; }
bool Validate(const Poco::URI::QueryParameters &P, RESTAPI::Errors::msg &Error);
bool Validate(const Types::StringVec &P, std::string &Error);
@@ -125,6 +131,9 @@ namespace OpenWifi {
std::unique_ptr<OpenWifi::OpLocationDB> OpLocationDB_;
std::unique_ptr<OpenWifi::OpContactDB> OpContactDB_;
std::unique_ptr<OpenWifi::OverridesDB> OverridesDB_;
std::unique_ptr<OpenWifi::GLBLRAccountInfoDB> GLBLRAccountInfoDB_;
std::unique_ptr<OpenWifi::GLBLRCertsDB> GLBLRCertsDB_;
std::unique_ptr<OpenWifi::OrionAccountsDB> OrionAccountsDB_;
std::string DefaultOperator_;
typedef std::function<bool(const char *FieldName, std::string &Value)> exist_func;

231
src/framework/ConfigurationValidator.cpp
View File

@@ -34,6 +34,10 @@ static std::string DefaultUCentralSchema = R"foo(
"$schema": "http://json-schema.org/draft-07/schema#",
"type": "object",
"properties": {
"strict": {
"type": "boolean",
"default": false
},
"uuid": {
"type": "integer"
},
@@ -114,6 +118,20 @@ static std::string DefaultUCentralSchema = R"foo(
"random-password": {
"type": "boolean",
"default": false
},
"beacon-advertisement": {
"type": "object",
"properties": {
"device-name": {
"type": "boolean"
},
"device-serial": {
"type": "boolean"
},
"network-id": {
"type": "integer"
}
}
}
}
},
@@ -222,6 +240,52 @@ static std::string DefaultUCentralSchema = R"foo(
}
}
},
"interface.ssid.encryption": {
"type": "object",
"properties": {
"proto": {
"type": "string",
"enum": [
"none",
"owe",
"owe-transition",
"psk",
"psk2",
"psk-mixed",
"psk2-radius",
"wpa",
"wpa2",
"wpa-mixed",
"sae",
"sae-mixed",
"wpa3",
"wpa3-192",
"wpa3-mixed"
],
"examples": [
"psk2"
]
},
"key": {
"type": "string",
"maxLength": 63,
"minLength": 8
},
"ieee80211w": {
"type": "string",
"enum": [
"disabled",
"optional",
"required"
],
"default": "disabled"
},
"key-caching": {
"type": "boolean",
"default": true
}
}
},
"definitions": {
"type": "object",
"properties": {
@@ -716,7 +780,8 @@ static std::string DefaultUCentralSchema = R"foo(
"type": "string",
"enum": [
"dynamic",
"static"
"static",
"none"
],
"examples": [
"static"
@@ -1006,52 +1071,6 @@ static std::string DefaultUCentralSchema = R"foo(
}
]
},
"interface.ssid.encryption": {
"type": "object",
"properties": {
"proto": {
"type": "string",
"enum": [
"none",
"owe",
"owe-transition",
"psk",
"psk2",
"psk-mixed",
"psk2-radius",
"wpa",
"wpa2",
"wpa-mixed",
"sae",
"sae-mixed",
"wpa3",
"wpa3-192",
"wpa3-mixed"
],
"examples": [
"psk2"
]
},
"key": {
"type": "string",
"maxLength": 63,
"minLength": 8
},
"ieee80211w": {
"type": "string",
"enum": [
"disabled",
"optional",
"required"
],
"default": "disabled"
},
"key-caching": {
"type": "boolean",
"default": true
}
}
},
"interface.ssid.multi-psk": {
"type": "object",
"properties": {
@@ -2020,6 +2039,11 @@ static std::string DefaultUCentralSchema = R"foo(
"decription": "This option allows embedding custom vendor specific IEs inside the beacons of a BSS in AP mode.",
"type": "string"
},
"tip-information-element": {
"decription": "The device will broadcast the TIP vendor IE inside its beacons if this option is enabled.",
"type": "boolean",
"default": true
},
"fils-discovery-interval": {
"type": "integer",
"default": 20,
@@ -2443,6 +2467,24 @@ static std::string DefaultUCentralSchema = R"foo(
"type": "boolean",
"default": false
},
"mode": {
"type": "string",
"enum": [
"radius",
"user"
]
},
"port-filter": {
"type": "array",
"items": {
"type": "string",
"examples": [
{
"LAN1": null
}
]
}
},
"server-certificate": {
"type": "string"
},
@@ -2454,6 +2496,77 @@ static std::string DefaultUCentralSchema = R"foo(
"items": {
"$ref": "#/$defs/interface.ssid.radius.local-user"
}
},
"radius": {
"type": "object",
"properties": {
"nas-identifier": {
"type": "string"
},
"auth-server-addr": {
"type": "string",
"format": "uc-host",
"examples": [
"192.168.1.10"
]
},
"auth-server-port": {
"type": "integer",
"maximum": 65535,
"minimum": 1024,
"examples": [
1812
]
},
"auth-server-secret": {
"type": "string",
"examples": [
"secret"
]
},
"acct-server-addr": {
"type": "string",
"format": "uc-host",
"examples": [
"192.168.1.10"
]
},
"acct-server-port": {
"type": "integer",
"maximum": 65535,
"minimum": 1024,
"examples": [
1813
]
},
"acct-server-secret": {
"type": "string",
"examples": [
"secret"
]
},
"coa-server-addr": {
"type": "string",
"format": "uc-host",
"examples": [
"192.168.1.10"
]
},
"coa-server-port": {
"type": "integer",
"maximum": 65535,
"minimum": 1024,
"examples": [
1814
]
},
"coa-server-secret": {
"type": "string",
"examples": [
"secret"
]
}
}
}
}
},
@@ -2777,6 +2890,12 @@ static std::string DefaultUCentralSchema = R"foo(
}
}
},
"services": {
"type": "array",
"items": {
"type": "string"
}
},
"classifier": {
"type": "array",
"items": {
@@ -3019,6 +3138,24 @@ static std::string DefaultUCentralSchema = R"foo(
"relay-server": {
"type": "string",
"format": "uc-ip"
},
"circuit-id-format": {
"type": "string",
"enum": [
"vlan-id",
"ap-mac",
"ssid"
],
"default": "vlan-id"
},
"remote-id-format": {
"type": "string",
"enum": [
"vlan-id",
"ap-mac",
"ssid"
],
"default": "ap-mac"
}
}
}

6
src/framework/EventBusManager.cpp
View File

@@ -14,18 +14,18 @@ namespace OpenWifi {
void EventBusManager::run() {
Running_ = true;
Utils::SetThreadName("fmwk:EventMgr");
auto Msg = std::make_shared<std::string>(MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_JOIN));
auto Msg = (MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_JOIN));
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(), Msg,
false);
while (Running_) {
Poco::Thread::trySleep((unsigned long)MicroServiceDaemonBusTimer());
if (!Running_)
break;
Msg = std::make_shared<std::string>(MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_KEEP_ALIVE));
Msg = (MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_KEEP_ALIVE));
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(),
Msg, false);
}
Msg = std::make_shared<std::string>(MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_LEAVE));
Msg = (MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_LEAVE));
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(), Msg,
false);
};

175
src/framework/KafkaManager.cpp
View File

@@ -6,6 +6,7 @@
#include "fmt/format.h"
#include "framework/MicroServiceFuncs.h"
#include "cppkafka/utils/consumer_dispatcher.h"
namespace OpenWifi {
@@ -99,9 +100,12 @@ namespace OpenWifi {
try {
auto Msg = dynamic_cast<KafkaMessage *>(Note.get());
if (Msg != nullptr) {
Producer.produce(cppkafka::MessageBuilder(Msg->Topic())
.key(Msg->Key())
.payload(Msg->Payload()));
auto NewMessage = cppkafka::MessageBuilder(Msg->Topic());
NewMessage.key(Msg->Key());
NewMessage.partition(0);
NewMessage.payload(Msg->Payload());
Producer.produce(NewMessage);
Producer.flush();
}
} catch (const cppkafka::HandleException &E) {
poco_warning(Logger_,
@@ -156,43 +160,49 @@ namespace OpenWifi {
}
});
bool AutoCommit = MicroServiceConfigGetBool("openwifi.kafka.auto.commit", false);
auto BatchSize = MicroServiceConfigGetInt("openwifi.kafka.consumer.batchsize", 20);
// bool AutoCommit = MicroServiceConfigGetBool("openwifi.kafka.auto.commit", false);
// auto BatchSize = MicroServiceConfigGetInt("openwifi.kafka.consumer.batchsize", 100);
Types::StringVec Topics;
KafkaManager()->Topics(Topics);
std::for_each(Topics_.begin(),Topics_.end(),
[&](const std::string & T) { Topics.emplace_back(T); });
Consumer.subscribe(Topics);
Running_ = true;
while (Running_) {
try {
std::vector<cppkafka::Message> MsgVec =
Consumer.poll_batch(BatchSize, std::chrono::milliseconds(100));
for (auto const &Msg : MsgVec) {
if (!Msg)
continue;
if (Msg.get_error()) {
if (!Msg.is_eof()) {
poco_error(Logger_,
fmt::format("Error: {}", Msg.get_error().to_string()));
std::vector<cppkafka::Message> MsgVec;
Dispatcher_ = std::make_unique<cppkafka::ConsumerDispatcher>(Consumer);
Dispatcher_->run(
// Callback executed whenever a new message is consumed
[&](cppkafka::Message msg) {
// Print the key (if any)
std::lock_guard G(ConsumerMutex_);
auto It = Notifiers_.find(msg.get_topic());
if (It != Notifiers_.end()) {
const auto &FL = It->second;
for (const auto &[CallbackFunc, _] : FL) {
try {
CallbackFunc(msg.get_key(), msg.get_payload());
} catch(const Poco::Exception &E) {
} catch(...) {
}
if (!AutoCommit)
Consumer.async_commit(Msg);
continue;
}
KafkaManager()->Dispatch(Msg.get_topic().c_str(), Msg.get_key(), std::make_shared<std::string>(Msg.get_payload()));
if (!AutoCommit)
Consumer.async_commit(Msg);
}
} catch (const cppkafka::HandleException &E) {
poco_warning(Logger_,
fmt::format("Caught a Kafka exception (consumer): {}", E.what()));
} catch (const Poco::Exception &E) {
Logger_.log(E);
} catch (...) {
poco_error(Logger_, "std::exception");
Consumer.commit(msg);
},
// Whenever there's an error (other than the EOF soft error)
[&Logger_](cppkafka::Error error) {
poco_warning(Logger_,fmt::format("Error: {}", error.to_string()));
},
// Whenever EOF is reached on a partition, print this
[&Logger_](cppkafka::ConsumerDispatcher::EndOfFile, const cppkafka::TopicPartition& topic_partition) {
poco_debug(Logger_,fmt::format("Partition {} EOF", topic_partition.get_partition()));
}
}
);
Consumer.unsubscribe();
poco_information(Logger_, "Stopped...");
}
@@ -213,14 +223,13 @@ namespace OpenWifi {
}
void KafkaProducer::Produce(const char *Topic, const std::string &Key,
std::shared_ptr<std::string> Payload) {
const std::string &Payload) {
std::lock_guard G(Mutex_);
Queue_.enqueueNotification(new KafkaMessage(Topic, Key, Payload));
}
void KafkaConsumer::Start() {
if (!Running_) {
Running_ = true;
Worker_.start(*this);
}
}
@@ -228,29 +237,16 @@ namespace OpenWifi {
void KafkaConsumer::Stop() {
if (Running_) {
Running_ = false;
Worker_.wakeUp();
if(Dispatcher_) {
Dispatcher_->stop();
}
Worker_.join();
}
}
void KafkaDispatcher::Start() {
if (!Running_) {
Running_ = true;
Worker_.start(*this);
}
}
void KafkaDispatcher::Stop() {
if (Running_) {
Running_ = false;
Queue_.wakeUpAll();
Worker_.join();
}
}
auto KafkaDispatcher::RegisterTopicWatcher(const std::string &Topic,
std::uint64_t KafkaConsumer::RegisterTopicWatcher(const std::string &Topic,
Types::TopicNotifyFunction &F) {
std::lock_guard G(Mutex_);
std::lock_guard G(ConsumerMutex_);
auto It = Notifiers_.find(Topic);
if (It == Notifiers_.end()) {
Types::TopicNotifyFunctionList L;
@@ -259,11 +255,12 @@ namespace OpenWifi {
} else {
It->second.emplace(It->second.end(), std::make_pair(F, FunctionId_));
}
Topics_.insert(Topic);
return FunctionId_++;
}
void KafkaDispatcher::UnregisterTopicWatcher(const std::string &Topic, int Id) {
std::lock_guard G(Mutex_);
void KafkaConsumer::UnregisterTopicWatcher(const std::string &Topic, int Id) {
std::lock_guard G(ConsumerMutex_);
auto It = Notifiers_.find(Topic);
if (It != Notifiers_.end()) {
Types::TopicNotifyFunctionList &L = It->second;
@@ -275,56 +272,17 @@ namespace OpenWifi {
}
}
void KafkaDispatcher::Dispatch(const char *Topic, const std::string &Key,
const std::shared_ptr<std::string> Payload) {
std::lock_guard G(Mutex_);
auto It = Notifiers_.find(Topic);
if (It != Notifiers_.end()) {
Queue_.enqueueNotification(new KafkaMessage(Topic, Key, Payload));
}
}
void KafkaDispatcher::run() {
Poco::Logger &Logger_ =
Poco::Logger::create("KAFKA-DISPATCHER", KafkaManager()->Logger().getChannel());
poco_information(Logger_, "Starting...");
Poco::AutoPtr<Poco::Notification> Note(Queue_.waitDequeueNotification());
Utils::SetThreadName("kafka:dispatch");
while (Note && Running_) {
auto Msg = dynamic_cast<KafkaMessage *>(Note.get());
if (Msg != nullptr) {
auto It = Notifiers_.find(Msg->Topic());
if (It != Notifiers_.end()) {
const auto &FL = It->second;
for (const auto &[CallbackFunc, _] : FL) {
CallbackFunc(Msg->Key(), Msg->Payload());
}
}
}
Note = Queue_.waitDequeueNotification();
}
poco_information(Logger_, "Stopped...");
}
void KafkaDispatcher::Topics(std::vector<std::string> &T) {
T.clear();
for (const auto &[TopicName, _] : Notifiers_)
T.push_back(TopicName);
}
int KafkaManager::Start() {
if (!KafkaEnabled_)
return 0;
ConsumerThr_.Start();
ProducerThr_.Start();
Dispatcher_.Start();
return 0;
}
void KafkaManager::Stop() {
if (KafkaEnabled_) {
poco_information(Logger(), "Stopping...");
Dispatcher_.Stop();
ProducerThr_.Stop();
ConsumerThr_.Stop();
poco_information(Logger(), "Stopped...");
@@ -333,39 +291,28 @@ namespace OpenWifi {
}
void KafkaManager::PostMessage(const char *topic, const std::string &key,
const std::shared_ptr<std::string> PayLoad, bool WrapMessage) {
const std::string & PayLoad, bool WrapMessage) {
if (KafkaEnabled_) {
ProducerThr_.Produce(topic, key, WrapMessage ? WrapSystemId(PayLoad) : PayLoad);
}
}
void KafkaManager::Dispatch(const char *Topic, const std::string &Key,
const std::shared_ptr<std::string> Payload) {
Dispatcher_.Dispatch(Topic, Key, Payload);
}
[[nodiscard]] const std::shared_ptr<std::string> KafkaManager::WrapSystemId(const std::shared_ptr<std::string> PayLoad) {
*PayLoad = SystemInfoWrapper_ + *PayLoad + "}";
return PayLoad;
}
uint64_t KafkaManager::RegisterTopicWatcher(const std::string &Topic,
Types::TopicNotifyFunction &F) {
void KafkaManager::PostMessage(const char *topic, const std::string &key,
const Poco::JSON::Object &Object, bool WrapMessage) {
if (KafkaEnabled_) {
return Dispatcher_.RegisterTopicWatcher(Topic, F);
} else {
return 0;
std::ostringstream ObjectStr;
Object.stringify(ObjectStr);
ProducerThr_.Produce(topic, key, WrapMessage ? WrapSystemId(ObjectStr.str()) : ObjectStr.str());
}
}
void KafkaManager::UnregisterTopicWatcher(const std::string &Topic, uint64_t Id) {
if (KafkaEnabled_) {
Dispatcher_.UnregisterTopicWatcher(Topic, Id);
}
[[nodiscard]] std::string KafkaManager::WrapSystemId(const std::string & PayLoad) {
return fmt::format( R"lit({{ "system" : {{ "id" : {},
"host" : "{}" }},
"payload" : {} }})lit", MicroServiceID(),
MicroServicePrivateEndPoint(), PayLoad ) ;
}
void KafkaManager::Topics(std::vector<std::string> &T) { Dispatcher_.Topics(T); }
void KafkaManager::PartitionAssignment(const cppkafka::TopicPartitionList &partitions) {
poco_information(
Logger(), fmt::format("Partition assigned: {}...", partitions.front().get_partition()));

59
src/framework/KafkaManager.h
View File

@@ -6,7 +6,7 @@
#include "Poco/Notification.h"
#include "Poco/NotificationQueue.h"
#include "Poco/JSON/Object.h"
#include "framework/KafkaTopics.h"
#include "framework/OpenWifiTypes.h"
#include "framework/SubSystemServer.h"
@@ -18,17 +18,17 @@ namespace OpenWifi {
class KafkaMessage : public Poco::Notification {
public:
KafkaMessage(const char * Topic, const std::string &Key, std::shared_ptr<std::string> Payload)
KafkaMessage(const char * Topic, const std::string &Key, const std::string &Payload)
: Topic_(Topic), Key_(Key), Payload_(Payload) {}
inline const char * Topic() { return Topic_; }
inline const std::string &Key() { return Key_; }
inline const std::string &Payload() { return *Payload_; }
inline const std::string &Payload() { return Payload_; }
private:
const char *Topic_;
std::string Key_;
std::shared_ptr<std::string> Payload_;
std::string Payload_;
};
class KafkaProducer : public Poco::Runnable {
@@ -36,10 +36,10 @@ namespace OpenWifi {
void run() override;
void Start();
void Stop();
void Produce(const char *Topic, const std::string &Key, std::shared_ptr<std::string> Payload);
void Produce(const char *Topic, const std::string &Key, const std::string & Payload);
private:
std::recursive_mutex Mutex_;
std::mutex Mutex_;
Poco::Thread Worker_;
mutable std::atomic_bool Running_ = false;
Poco::NotificationQueue Queue_;
@@ -47,33 +47,22 @@ namespace OpenWifi {
class KafkaConsumer : public Poco::Runnable {
public:
void run() override;
void Start();
void Stop();
private:
std::recursive_mutex Mutex_;
Poco::Thread Worker_;
std::mutex ConsumerMutex_;
Types::NotifyTable Notifiers_;
Poco::Thread Worker_;
mutable std::atomic_bool Running_ = false;
};
uint64_t FunctionId_ = 1;
std::unique_ptr<cppkafka::ConsumerDispatcher> Dispatcher_;
std::set<std::string> Topics_;
class KafkaDispatcher : public Poco::Runnable {
public:
void Start();
void Stop();
auto RegisterTopicWatcher(const std::string &Topic, Types::TopicNotifyFunction &F);
void run() override;
friend class KafkaManager;
std::uint64_t RegisterTopicWatcher(const std::string &Topic, Types::TopicNotifyFunction &F);
void UnregisterTopicWatcher(const std::string &Topic, int Id);
void Dispatch(const char *Topic, const std::string &Key, const std::shared_ptr<std::string> Payload);
void run() override;
void Topics(std::vector<std::string> &T);
private:
std::recursive_mutex Mutex_;
Types::NotifyTable Notifiers_;
Poco::Thread Worker_;
mutable std::atomic_bool Running_ = false;
uint64_t FunctionId_ = 1;
Poco::NotificationQueue Queue_;
};
class KafkaManager : public SubSystemServer {
@@ -92,20 +81,24 @@ namespace OpenWifi {
void Stop() override;
void PostMessage(const char *topic, const std::string &key,
std::shared_ptr<std::string> PayLoad, bool WrapMessage = true);
void Dispatch(const char *Topic, const std::string &Key, std::shared_ptr<std::string> Payload);
[[nodiscard]] const std::shared_ptr<std::string> WrapSystemId(std::shared_ptr<std::string> PayLoad);
const std::string &PayLoad, bool WrapMessage = true);
void PostMessage(const char *topic, const std::string &key,
const Poco::JSON::Object &Object, bool WrapMessage = true);
[[nodiscard]] std::string WrapSystemId(const std::string & PayLoad);
[[nodiscard]] inline bool Enabled() const { return KafkaEnabled_; }
uint64_t RegisterTopicWatcher(const std::string &Topic, Types::TopicNotifyFunction &F);
void UnregisterTopicWatcher(const std::string &Topic, uint64_t Id);
void Topics(std::vector<std::string> &T);
inline std::uint64_t RegisterTopicWatcher(const std::string &Topic, Types::TopicNotifyFunction &F) {
return ConsumerThr_.RegisterTopicWatcher(Topic,F);
}
inline void UnregisterTopicWatcher(const std::string &Topic, uint64_t Id) {
return ConsumerThr_.UnregisterTopicWatcher(Topic,Id);
}
private:
bool KafkaEnabled_ = false;
std::string SystemInfoWrapper_;
KafkaProducer ProducerThr_;
KafkaConsumer ConsumerThr_;
KafkaDispatcher Dispatcher_;
void PartitionAssignment(const cppkafka::TopicPartitionList &partitions);
void PartitionRevocation(const cppkafka::TopicPartitionList &partitions);

32
src/framework/RESTAPI_Handler.h
View File

@@ -574,7 +574,37 @@ namespace OpenWifi {
Poco::JSON::Stringifier::stringify(Object, Answer);
}
inline void ReturnRawJSON(const std::string &json_doc) {
inline void ReturnObject(const std::vector<std::string> &Strings) {
Poco::JSON::Array Arr;
for(const auto &String:Strings) {
Arr.add(String);
}
std::ostringstream os;
Arr.stringify(os);
return ReturnRawJSON(os.str());
}
template<class T> void ReturnObject(const std::vector<T> &Objects) {
Poco::JSON::Array Arr;
for(const auto &Object:Objects) {
Poco::JSON::Object O;
Object.to_json(O);
Arr.add(O);
}
std::ostringstream os;
Arr.stringify(os);
return ReturnRawJSON(os.str());
}
template<class T> void ReturnObject(const T &Object) {
Poco::JSON::Object O;
Object.to_json(O);
std::ostringstream os;
O.stringify(os);
return ReturnRawJSON(os.str());
}
inline void ReturnRawJSON(const std::string &json_doc) {
PrepareResponse();
if (Request != nullptr) {
// can we compress ???

8
src/framework/SubSystemServer.cpp
View File

@@ -37,6 +37,7 @@ namespace OpenWifi {
P.cipherList = "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH";
P.dhUse2048Bits = true;
P.caLocation = cas_;
// P.securityLevel =
auto Context = Poco::AutoPtr<Poco::Net::Context>(
new Poco::Net::Context(Poco::Net::Context::TLS_SERVER_USE, P));
@@ -53,7 +54,6 @@ namespace OpenWifi {
Context->useCertificate(Cert);
Context->addChainCertificate(Root);
Context->addCertificateAuthority(Root);
if (level_ == Poco::Net::Context::VERIFY_STRICT) {
@@ -76,18 +76,18 @@ namespace OpenWifi {
L.fatal(fmt::format("Wrong Certificate({}) for Key({})", cert_file_, key_file_));
}
SSL_CTX_set_verify(SSLCtx, SSL_VERIFY_PEER, nullptr);
SSL_CTX_set_verify(SSLCtx, level_==Poco::Net::Context::VERIFY_NONE ? SSL_VERIFY_NONE : SSL_VERIFY_PEER, nullptr);
if (level_ == Poco::Net::Context::VERIFY_STRICT) {
SSL_CTX_set_client_CA_list(SSLCtx, SSL_load_client_CA_file(client_cas_.c_str()));
SSL_CTX_enable_ct(SSLCtx, SSL_CT_VALIDATION_STRICT);
}
SSL_CTX_enable_ct(SSLCtx, SSL_CT_VALIDATION_STRICT);
SSL_CTX_dane_enable(SSLCtx);
Context->enableSessionCache();
Context->setSessionCacheSize(0);
Context->setSessionTimeout(60);
Context->enableExtendedCertificateVerification(true);
Context->enableExtendedCertificateVerification( level_!= Poco::Net::Context::VERIFY_NONE );
Context->disableStatelessSessionResumption();
}

14
src/framework/ow_constants.h
View File

@@ -40,6 +40,7 @@ namespace OpenWifi {
};
}
#define DBGLINE std::cout << __LINE__ << ":" << __FILE__ << ", " << __func__ << std::endl;
namespace OpenWifi::RESTAPI::Errors {
struct msg {
uint64_t err_num;
@@ -405,7 +406,18 @@ namespace OpenWifi::RESTAPI::Errors {
1172, "The venue name already exists."
};
static const struct msg DefFirmwareNameExists { 1172, "Firmware name already exists." };
static const struct msg InvalidGlobalReachAccount {
1173, "Invalid Global Reach account information."
};
static const struct msg CannotCreateCSR {
1174, "Cannot create a CSR certificate."
};
static const struct msg DefFirmwareNameExists { 1175, "Firmware name already exists." };
static const struct msg NotAValidECKey { 1176, "Not a valid Signing Key." };
static const struct msg NotAValidRadiusPoolType { 1177, "Not a valid RADIUS pool type." };
static const struct msg SimulationDoesNotExist {
7000, "Simulation Instance ID does not exist."

256
src/framework/utils.cpp
View File

@@ -3,10 +3,17 @@
//
#include "Poco/Path.h"
#include "Poco/TemporaryFile.h"
#include "Poco/Crypto/ECKey.h"
#include "framework/AppServiceRegistry.h"
#include "framework/utils.h"
#include <iostream>
#include <cstdlib>
#include <ctime>
#include <string>
#include <algorithm>
namespace OpenWifi::Utils {
bool NormalizeMac(std::string &Mac) {
@@ -608,4 +615,251 @@ namespace OpenWifi::Utils {
return DT.timestamp().epochTime();
}
static std::string FileToString(const std::string &Filename) {
std::ifstream ifs(Filename.c_str(),std::ios_base::in|std::ios_base::binary);
std::ostringstream os;
Poco::StreamCopier::copyStream(ifs,os);
return os.str();
}
bool CreateX509CSR(const CSRCreationParameters & Parameters, CSRCreationResults & Results) {
int ret = 0;
RSA *r = nullptr;
BIGNUM *bne = nullptr;
int nVersion = 0;
unsigned long e = RSA_F4;
X509_REQ *x509_req = nullptr;
X509_NAME *x509_name = nullptr;
EVP_PKEY *pKey = nullptr;
// RSA *tem = nullptr;
// BIO *bio_err = nullptr;
const char *szCountry = Parameters.Country.c_str();
const char *szProvince = Parameters.Province.c_str();
const char *szCity = Parameters.City.c_str();
const char *szOrganization = Parameters.Organization.c_str();
const char *szCommon = Parameters.CommonName.c_str();
Poco::TemporaryFile CsrPath, PubKey, PrivateKey;
std::string Result;
std::ifstream ifs;
std::ostringstream ss;
BIO *bp_public = nullptr,
*bp_private = nullptr,
*bp_csr = nullptr;
// 1. generate rsa key
bne = BN_new();
ret = BN_set_word(bne,e);
if(ret != 1){
goto free_all;
}
r = RSA_new();
ret = RSA_generate_key_ex(r, Parameters.bits, bne, nullptr);
if(ret != 1){
goto free_all;
}
bp_public = BIO_new_file(PubKey.path().c_str(), "w+");
ret = PEM_write_bio_RSAPublicKey(bp_public, r);
if(ret != 1) {
goto free_all;
}
bp_private = BIO_new_file(PrivateKey.path().c_str(), "w+");
ret = PEM_write_bio_RSAPrivateKey(bp_private, r, NULL, NULL, 0, NULL, NULL);
if(ret != 1) {
goto free_all;
}
// 2. set version of x509 req
x509_req = X509_REQ_new();
ret = X509_REQ_set_version(x509_req, nVersion);
if (ret != 1){
goto free_all;
}
// 3. set subject of x509 req
x509_name = X509_REQ_get_subject_name(x509_req);
ret = X509_NAME_add_entry_by_txt(x509_name,"C", MBSTRING_ASC, (const unsigned char*)szCountry, -1, -1, 0);
if (ret != 1){
goto free_all;
}
ret = X509_NAME_add_entry_by_txt(x509_name,"ST", MBSTRING_ASC, (const unsigned char*)szProvince, -1, -1, 0);
if (ret != 1){
goto free_all;
}
ret = X509_NAME_add_entry_by_txt(x509_name,"L", MBSTRING_ASC, (const unsigned char*)szCity, -1, -1, 0);
if (ret != 1){
goto free_all;
}
ret = X509_NAME_add_entry_by_txt(x509_name,"O", MBSTRING_ASC, (const unsigned char*)szOrganization, -1, -1, 0);
if (ret != 1){
goto free_all;
}
ret = X509_NAME_add_entry_by_txt(x509_name,"CN", MBSTRING_ASC, (const unsigned char*)szCommon, -1, -1, 0);
if (ret != 1){
goto free_all;
}
// 4. set public key of x509 req
pKey = EVP_PKEY_new();
EVP_PKEY_assign_RSA(pKey, r);
r = nullptr; // will be free rsa when EVP_PKEY_free(pKey)
ret = X509_REQ_set_pubkey(x509_req, pKey);
if (ret != 1){
goto free_all;
}
// 5. set sign key of x509 req
ret = X509_REQ_sign(x509_req, pKey, EVP_sha1()); // return x509_req->signature->length
if (ret <= 0){
goto free_all;
}
bp_csr = BIO_new_file(CsrPath.path().c_str(),"w");
ret = PEM_write_bio_X509_REQ(bp_csr, x509_req);
// 6. free
free_all:
X509_REQ_free(x509_req);
BIO_free_all(bp_csr);
BIO_free_all(bp_public);
BIO_free_all(bp_private);
EVP_PKEY_free(pKey);
BN_free(bne);
if(ret==1) {
Results.CSR = FileToString(CsrPath.path());
Results.PrivateKey = FileToString(PrivateKey.path());
Results.PublicKey = FileToString(PubKey.path());
}
return ret;
}
bool VerifyECKey(const std::string &key) {
try {
Poco::TemporaryFile F;
std::ofstream of(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary);
of << key;
of.close();
auto Key = Poco::SharedPtr<Poco::Crypto::ECKey>(
new Poco::Crypto::ECKey("", F.path(),""));
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
bool VerifyRSAKey([[
maybe_unused]] const std::string &key) {
try {
Poco::TemporaryFile F;
std::ofstream of(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary);
of << key;
of.close();
auto Key = Poco::SharedPtr<Poco::Crypto::RSAKey>(
new Poco::Crypto::RSAKey("", F.path(),""));
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
bool ValidX509Certificate([[
maybe_unused]] const std::string &Cert) {
try {
Poco::TemporaryFile F;
std::ofstream of(F.path().c_str(), std::ios_base::trunc | std::ios_base::out | std::ios_base::binary);
of << Cert;
of.close();
auto Key = Poco::SharedPtr<Poco::Crypto::X509Certificate>(
new Poco::Crypto::X509Certificate(F.path()));
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
bool ValidX509Certificate([[
maybe_unused]] const std::vector<std::string> &Certs) {
auto F = [](const std::string &C) -> bool { return ValidX509Certificate(C); };
return std::all_of(Certs.begin(),Certs.end(), F);
}
std::string generateStrongPassword(int minLength, int maxLength, int numDigits, int minLowercase, int minSpecial, int minUppercase) {
// Define character sets for each category
const std::string lowercaseChars = "abcdefghijklmnopqrstuvwxyz";
const std::string uppercaseChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
const std::string digitChars = "0123456789";
const std::string specialChars = "!@#$%^&*()_+[]{}|;:,.<>?";
// Check if parameters are valid
if (minLength < 1 || minLength > maxLength || minLowercase + minUppercase + numDigits + minSpecial > maxLength) {
return "Invalid parameters";
}
// Initialize random seed
std::random_device rd;
std::mt19937 g(rd());
// Initialize the password string
std::string password;
// Generate the required number of each character type
for (int i = 0; i < minLowercase; ++i) {
password += lowercaseChars[g() % lowercaseChars.length()];
}
for (int i = 0; i < minUppercase; ++i) {
password += uppercaseChars[g() % uppercaseChars.length()];
}
for (int i = 0; i < numDigits; ++i) {
password += digitChars[g() % digitChars.length()];
}
for (int i = 0; i < minSpecial; ++i) {
password += specialChars[g() % specialChars.length()];
}
// Calculate how many more characters are needed
int remainingLength = maxLength - (int)password.length();
// Generate random characters to fill the remaining length
for (int i = 0; i < remainingLength; ++i) {
int category = g() % 4; // Randomly select a category
if (category == 0) {
password += lowercaseChars[g() % lowercaseChars.length()];
} else if (category == 1) {
password += uppercaseChars[g() % uppercaseChars.length()];
} else if (category == 2) {
password += digitChars[g() % digitChars.length()];
} else {
password += specialChars[g() % specialChars.length()];
}
}
// Shuffle the password to randomize the character order
std::shuffle(password.begin(), password.end(),g);
return password;
}
} // namespace OpenWifi::Utils

17
src/framework/utils.h
View File

@@ -247,4 +247,21 @@ namespace OpenWifi::Utils {
return count;
}
struct CSRCreationParameters {
std::string Country, Province, City,
Organization, CommonName;
int bits=2048;
};
struct CSRCreationResults {
std::string CSR, PublicKey, PrivateKey;
};
bool CreateX509CSR(const CSRCreationParameters & Parameters, CSRCreationResults & Results);
std::string generateStrongPassword(int minLength, int maxLength, int numDigits, int minLowercase, int minSpecial, int minUppercase);
bool VerifyECKey(const std::string &key);
bool VerifyRSAKey(const std::string &key);
bool ValidX509Certificate(const std::string &Cert);
bool ValidX509Certificate(const std::vector<std::string> &Certs);
} // namespace OpenWifi::Utils

97
src/storage/storage_glblraccounts.cpp Normal file
View File

@@ -0,0 +1,97 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "storage_glblraccounts.h"
#include <framework/orm.h>
#include "framework/OpenWifiTypes.h"
#include "framework/RESTAPI_utils.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h"
namespace OpenWifi {
static ORM::FieldVec GLBLRAccountInfoDB_Fields{
ORM::Field{"id", 64, true},
ORM::Field{"name", ORM::FieldType::FT_TEXT},
ORM::Field{"description", ORM::FieldType::FT_TEXT},
ORM::Field{"notes", ORM::FieldType::FT_TEXT},
ORM::Field{"created", ORM::FieldType::FT_BIGINT},
ORM::Field{"modified", ORM::FieldType::FT_BIGINT},
ORM::Field{"privateKey", ORM::FieldType::FT_TEXT},
ORM::Field{"country", ORM::FieldType::FT_TEXT},
ORM::Field{"province", ORM::FieldType::FT_TEXT},
ORM::Field{"city", ORM::FieldType::FT_TEXT},
ORM::Field{"organization", ORM::FieldType::FT_TEXT},
ORM::Field{"commonName", ORM::FieldType::FT_TEXT},
ORM::Field{"CSR", ORM::FieldType::FT_TEXT},
ORM::Field{"CSRPrivateKey", ORM::FieldType::FT_TEXT},
ORM::Field{"CSRPublicKey", ORM::FieldType::FT_TEXT},
ORM::Field{"GlobalReachAcctId", ORM::FieldType::FT_TEXT}
};
static ORM::IndexVec GLBLRAccountInfoDB_Indexes{
{std::string("glblr_name_index"),
ORM::IndexEntryVec{{std::string("name"), ORM::Indextype::ASC}}}};
GLBLRAccountInfoDB::GLBLRAccountInfoDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L)
: DB(T, "glblr_accts", GLBLRAccountInfoDB_Fields, GLBLRAccountInfoDB_Indexes, P, L, "glr") {}
bool GLBLRAccountInfoDB::Upgrade([[maybe_unused]] uint32_t from, uint32_t &to) {
to = Version();
std::vector<std::string> Script{};
for (const auto &i : Script) {
try {
auto Session = Pool_.get();
Session << i, Poco::Data::Keywords::now;
} catch (...) {
}
}
return true;
}
} // namespace OpenWifi
template <>
void ORM::DB<OpenWifi::GLBLRAccountsDBRecordType, OpenWifi::ProvObjects::GLBLRAccountInfo>::Convert(
const OpenWifi::GLBLRAccountsDBRecordType &In, OpenWifi::ProvObjects::GLBLRAccountInfo &Out) {
Out.info.id = In.get<0>();
Out.info.name = In.get<1>();
Out.info.description = In.get<2>();
Out.info.notes =
OpenWifi::RESTAPI_utils::to_object_array<OpenWifi::SecurityObjects::NoteInfo>(In.get<3>());
Out.info.created = In.get<4>();
Out.info.modified = In.get<5>();
Out.privateKey =In.get<6>();
Out.country = In.get<7>();
Out.province = In.get<8>();
Out.city = In.get<9>();
Out.organization = In.get<10>();
Out.commonName = In.get<11>();
Out.CSR = In.get<12>();
Out.CSRPrivateKey = In.get<13>();
Out.CSRPublicKey = In.get<14>();
Out.GlobalReachAcctId = In.get<15>();
}
template <>
void ORM::DB<OpenWifi::GLBLRAccountsDBRecordType, OpenWifi::ProvObjects::GLBLRAccountInfo>::Convert(
const OpenWifi::ProvObjects::GLBLRAccountInfo &In, OpenWifi::GLBLRAccountsDBRecordType &Out) {
Out.set<0>(In.info.id);
Out.set<1>(In.info.name);
Out.set<2>(In.info.description);
Out.set<3>(OpenWifi::RESTAPI_utils::to_string(In.info.notes));
Out.set<4>(In.info.created);
Out.set<5>(In.info.modified);
Out.set<6>(In.privateKey);
Out.set<7>(In.country);
Out.set<8>(In.province);
Out.set<9>(In.city);
Out.set<10>(In.organization);
Out.set<11>(In.commonName);
Out.set<12>(In.CSR);
Out.set<13>(In.CSRPrivateKey);
Out.set<14>(In.CSRPublicKey);
Out.set<15>(In.GlobalReachAcctId);
}

35
src/storage/storage_glblraccounts.h Normal file
View File

@@ -0,0 +1,35 @@
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "RESTObjects/RESTAPI_ProvObjects.h"
#include "framework/orm.h"
namespace OpenWifi {
typedef Poco::Tuple<std::string,
std::string, std::string, std::string, uint64_t, uint64_t,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string>
GLBLRAccountsDBRecordType;
class GLBLRAccountInfoDB : public ORM::DB<GLBLRAccountsDBRecordType, ProvObjects::GLBLRAccountInfo> {
public:
GLBLRAccountInfoDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L);
virtual ~GLBLRAccountInfoDB(){};
bool Upgrade(uint32_t from, uint32_t &to) override;
private:
};
} // namespace OpenWifi

76
src/storage/storage_glblrcerts.cpp Normal file
View File

@@ -0,0 +1,76 @@
//
// Created by stephane bourque on 2023-09-11.
//
#include "storage_glblrcerts.h"
#include <framework/orm.h>
#include "framework/OpenWifiTypes.h"
#include "framework/RESTAPI_utils.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h"
namespace OpenWifi {
static ORM::FieldVec GLBLRCertsDB_Fields{// object info
ORM::Field{"id", 64, true},
ORM::Field{"name", ORM::FieldType::FT_TEXT},
ORM::Field{"accountId", ORM::FieldType::FT_TEXT},
ORM::Field{"csr", ORM::FieldType::FT_TEXT},
ORM::Field{"certificate", ORM::FieldType::FT_TEXT},
ORM::Field{"certificateChain", ORM::FieldType::FT_TEXT},
ORM::Field{"certificateId", ORM::FieldType::FT_TEXT},
ORM::Field{"expiresAt", ORM::FieldType::FT_BIGINT},
ORM::Field{"created", ORM::FieldType::FT_BIGINT}
};
static ORM::IndexVec GLBLRCertsDB_Indexes{
{std::string("glblr_cert_id_index"),
ORM::IndexEntryVec{{std::string("name"), ORM::Indextype::ASC}}}};
GLBLRCertsDB::GLBLRCertsDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L)
: DB(T, "glblr_certs", GLBLRCertsDB_Fields, GLBLRCertsDB_Indexes, P, L, "glc") {}
bool GLBLRCertsDB::Upgrade([[maybe_unused]] uint32_t from, uint32_t &to) {
to = Version();
std::vector<std::string> Script{};
for (const auto &i : Script) {
try {
auto Session = Pool_.get();
Session << i, Poco::Data::Keywords::now;
} catch (...) {
}
}
return true;
}
} // namespace OpenWifi
template <>
void ORM::DB<OpenWifi::GLBLRCertsDBRecordType, OpenWifi::ProvObjects::GLBLRCertificateInfo>::Convert(
const OpenWifi::GLBLRCertsDBRecordType &In, OpenWifi::ProvObjects::GLBLRCertificateInfo &Out) {
Out.id = In.get<0>();
Out.name = In.get<1>();
Out.accountId = In.get<2>();
Out.csr = In.get<3>();
Out.certificate = In.get<4>();
Out.certificateChain = In.get<5>();
Out.certificateId = In.get<6>();
Out.expiresAt = In.get<7>();
Out.created = In.get<8>();
}
template <>
void ORM::DB<OpenWifi::GLBLRCertsDBRecordType, OpenWifi::ProvObjects::GLBLRCertificateInfo>::Convert(
const OpenWifi::ProvObjects::GLBLRCertificateInfo &In, OpenWifi::GLBLRCertsDBRecordType &Out) {
Out.set<0>(In.id);
Out.set<1>(In.name);
Out.set<2>(In.accountId);
Out.set<3>(In.csr);
Out.set<4>(In.certificate);
Out.set<5>(In.certificateChain);
Out.set<6>(In.certificateId);
Out.set<7>(In.expiresAt);
Out.set<8>(In.created);
}

37
src/storage/storage_glblrcerts.h Normal file
View File

@@ -0,0 +1,37 @@
//
// Created by stephane bourque on 2023-09-11.
//
//
// Created by stephane bourque on 2023-09-11.
//
#pragma once
#include "RESTObjects/RESTAPI_ProvObjects.h"
#include "framework/orm.h"
namespace OpenWifi {
typedef Poco::Tuple<
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
std::string,
uint64_t,
uint64_t>
GLBLRCertsDBRecordType;
class GLBLRCertsDB : public ORM::DB<GLBLRCertsDBRecordType, ProvObjects::GLBLRCertificateInfo> {
public:
GLBLRCertsDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L);
virtual ~GLBLRCertsDB(){};
bool Upgrade(uint32_t from, uint32_t &to) override;
private:
};
} // namespace OpenWifi

76
src/storage/storage_orion_accounts.cpp Normal file
View File

@@ -0,0 +1,76 @@
//
// Created by stephane bourque on 2023-09-17.
//
#include "storage_orion_accounts.h"
#include <framework/orm.h>
#include "framework/OpenWifiTypes.h"
#include "framework/RESTAPI_utils.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h"
namespace OpenWifi {
static ORM::FieldVec OrionAccountsDB_Fields{
ORM::Field{"id", 64, true},
ORM::Field{"name", ORM::FieldType::FT_TEXT},
ORM::Field{"description", ORM::FieldType::FT_TEXT},
ORM::Field{"notes", ORM::FieldType::FT_TEXT},
ORM::Field{"created", ORM::FieldType::FT_BIGINT},
ORM::Field{"modified", ORM::FieldType::FT_BIGINT},
ORM::Field{"privateKey", ORM::FieldType::FT_TEXT},
ORM::Field{"certificate", ORM::FieldType::FT_TEXT},
ORM::Field{"cacerts", ORM::FieldType::FT_TEXT}
};
static ORM::IndexVec OrionAccountsDB_Indexes{
{std::string("orion_name_index"),
ORM::IndexEntryVec{{std::string("name"), ORM::Indextype::ASC}}}};
OrionAccountsDB::OrionAccountsDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L)
: DB(T, "orion_accts", OrionAccountsDB_Fields, OrionAccountsDB_Indexes, P, L, "oat") {}
bool OrionAccountsDB::Upgrade([[maybe_unused]] uint32_t from, uint32_t &to) {
to = Version();
std::vector<std::string> Script{};
for (const auto &i : Script) {
try {
auto Session = Pool_.get();
Session << i, Poco::Data::Keywords::now;
} catch (...) {
}
}
return true;
}
} // namespace OpenWifi
template <>
void ORM::DB<OpenWifi::OrionAccountsDBRecordType, OpenWifi::ProvObjects::GooglOrionAccountInfo>::Convert(
const OpenWifi::OrionAccountsDBRecordType &In, OpenWifi::ProvObjects::GooglOrionAccountInfo &Out) {
Out.info.id = In.get<0>();
Out.info.name = In.get<1>();
Out.info.description = In.get<2>();
Out.info.notes =
OpenWifi::RESTAPI_utils::to_object_array<OpenWifi::SecurityObjects::NoteInfo>(In.get<3>());
Out.info.created = In.get<4>();
Out.info.modified = In.get<5>();
Out.privateKey =In.get<6>();
Out.certificate = In.get<7>();
Out.cacerts = OpenWifi::RESTAPI_utils::to_object_array(In.get<8>());
}
template <>
void ORM::DB<OpenWifi::OrionAccountsDBRecordType, OpenWifi::ProvObjects::GooglOrionAccountInfo>::Convert(
const OpenWifi::ProvObjects::GooglOrionAccountInfo &In, OpenWifi::OrionAccountsDBRecordType &Out) {
Out.set<0>(In.info.id);
Out.set<1>(In.info.name);
Out.set<2>(In.info.description);
Out.set<3>(OpenWifi::RESTAPI_utils::to_string(In.info.notes));
Out.set<4>(In.info.created);
Out.set<5>(In.info.modified);
Out.set<6>(In.privateKey);
Out.set<7>(In.certificate);
Out.set<8>(OpenWifi::RESTAPI_utils::to_string(In.cacerts));
}

32
src/storage/storage_orion_accounts.h Normal file
View File

@@ -0,0 +1,32 @@
//
// Created by stephane bourque on 2023-09-17.
//
#pragma once
#include "RESTObjects/RESTAPI_ProvObjects.h"
#include "framework/orm.h"
namespace OpenWifi {
typedef Poco::Tuple<std::string,
std::string,
std::string,
std::string,
uint64_t,
uint64_t,
std::string,
std::string,
std::string>
OrionAccountsDBRecordType;
class OrionAccountsDB : public ORM::DB<OrionAccountsDBRecordType, ProvObjects::GooglOrionAccountInfo> {
public:
OrionAccountsDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L);
virtual ~OrionAccountsDB(){};
bool Upgrade(uint32_t from, uint32_t &to) override;
private:
};
} // namespace OpenWifi

50
test_scripts/curl/cli
View File

@@ -617,6 +617,51 @@ getsystemconfiguration() {
jq < ${result_file}
}
creategraccount() {
payload="{ \"name\" : \"Test account\" , \"country\" : \"CA\", \"province\" : \"BC\" , \"city\" : \"Vancouver\", \"organization\" : \"Arilia Wireless Inc.\", \"commonName\" : \"arilia.com\", \"GlobalReachAcctId\" : \"bd63aaa7-b14d-4cdb-85ae-8de6cf2cfa31\", \"privateKey\" : \"-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgl1FpARtuOtw1F9sR2DD82jh6sZFGRn619IY0rmNIFEuhRANCAATB7ji6OF/+heGRCocgVNhw4QGvaL9Kp8F6ZqqZ3aMewRMOfzi3TQaXN12FNBsvXnptx5vk8GAzZk6UAzzvMBVK\n-----END PRIVATE KEY-----\" }"
curl ${FLAGS} -X POST "https://${OWPROV}/api/v1/openroaming/globalreach/account/0" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/json" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
getgraccount() {
curl ${FLAGS} -X GET "https://${OWPROV}/api/v1/openroaming/globalreach/account/$1" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/json" > ${result_file}
jq < ${result_file}
}
deletegraccount() {
curl ${FLAGS} -X DELETE "https://${OWPROV}/api/v1/openroaming/globalreach/account/$1" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/json" > ${result_file}
jq < ${result_file}
}
getgraccounts() {
curl ${FLAGS} -X GET "https://${OWPROV}/api/v1/openroaming/globalreach/accounts" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/json" > ${result_file}
jq < ${result_file}
}
creategrcert() {
payload="{ \"name\" : \"$2\" }"
curl ${FLAGS} -X POST "https://${OWPROV}/api/v1/openroaming/globalreach/certificate/$1/0" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer ${token}" \
-H "Accept: application/json" \
-d "$payload" > ${result_file}
jq < ${result_file}
}
shopt -s nocasematch
case "$1" in
"login") login; echo "You are logged in..." ; logout ;;
@@ -673,6 +718,11 @@ case "$1" in
"deleteoverride") login; deleteoverride "$2"; logout;;
"venueupgraderevisions") login; venueupgraderevisions "$2"; logout;;
"getsystemconfiguration") login; getsystemconfiguration "$2"; logout;;
"creategraccount") login; creategraccount ; logout;;
"getgraccount") login; getgraccount "$2"; logout;;
"getgraccounts") login; getgraccounts ; logout;;
"creategrcert") login; creategrcert "$2" "$3"; logout;;
"deletegraccount") login; deletegraccount "$2"; logout;;
"getvenuesperrrm") login; getvenuesperrrm "$2"; logout;;
*) help ;;
esac