mirror of
https://github.com/Telecominfraproject/wlan-cloud-owprov.git
synced 2025-10-29 17:52:28 +00:00
Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
This commit is contained in:
stephb9959
@@ -4,6 +4,7 @@
|
|||||||
|
|
||||||
#include "RESTAPI_radius_endpoint_handler.h"
|
#include "RESTAPI_radius_endpoint_handler.h"
|
||||||
#include <storage/storage_orion_accounts.h>
|
#include <storage/storage_orion_accounts.h>
|
||||||
|
#include <RESTObjects/RESTAPI_GWobjects.h>
|
||||||
|
|
||||||
namespace OpenWifi {
|
namespace OpenWifi {
|
||||||
|
|
||||||
@@ -61,27 +62,27 @@ namespace OpenWifi {
|
|||||||
return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
|
return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(RadiusEndpointDB::EndpointType(NewRecord.Type)==RadiusEndpointDB::EndpointType::unknown) {
|
if(GWObjects::RadiusEndpointType(NewRecord.Type)==GWObjects::RadiusEndpointType::unknown) {
|
||||||
return BadRequest(RESTAPI::Errors::InvalidRadiusTypeEndpoint);
|
return BadRequest(RESTAPI::Errors::InvalidRadiusTypeEndpoint);
|
||||||
}
|
}
|
||||||
if(RadiusEndpointDB::PoolStrategy(NewRecord.PoolStrategy)==RadiusEndpointDB::PoolStrategy::unknown) {
|
if(GWObjects::RadiusPoolStrategy(NewRecord.PoolStrategy)==GWObjects::RadiusPoolStrategy::unknown) {
|
||||||
return BadRequest(RESTAPI::Errors::InvalidRadiusEndpointPoolStrategy);
|
return BadRequest(RESTAPI::Errors::InvalidRadiusEndpointPoolStrategy);
|
||||||
}
|
}
|
||||||
if(!NewRecord.RadiusServers.empty() && !NewRecord.RadsecServers.empty()) {
|
if(!NewRecord.RadiusServers.empty() && !NewRecord.RadsecServers.empty()) {
|
||||||
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
||||||
}
|
}
|
||||||
|
|
||||||
auto EndPointType = RadiusEndpointDB::EndpointType(NewRecord.Type);
|
auto EndPointType = GWObjects::RadiusEndpointType(NewRecord.Type);
|
||||||
switch(EndPointType) {
|
switch(EndPointType) {
|
||||||
case RadiusEndpointDB::EndpointType::radsec:
|
case GWObjects::RadiusEndpointType::radsec:
|
||||||
case RadiusEndpointDB::EndpointType::orion:
|
case GWObjects::RadiusEndpointType::orion:
|
||||||
case RadiusEndpointDB::EndpointType::globalreach:
|
case GWObjects::RadiusEndpointType::globalreach:
|
||||||
{
|
{
|
||||||
if(NewRecord.RadsecServers.empty()) {
|
if(NewRecord.RadsecServers.empty()) {
|
||||||
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
||||||
}
|
}
|
||||||
} break;
|
} break;
|
||||||
case RadiusEndpointDB::EndpointType::generic: {
|
case GWObjects::RadiusEndpointType::generic: {
|
||||||
if(NewRecord.RadiusServers.empty()) {
|
if(NewRecord.RadiusServers.empty()) {
|
||||||
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
return BadRequest(RESTAPI::Errors::EndpointMustHaveOneTypeOfServers);
|
||||||
}
|
}
|
||||||
@@ -100,7 +101,7 @@ namespace OpenWifi {
|
|||||||
return BadRequest(RESTAPI::Errors::RadiusEndpointIndexInvalid);
|
return BadRequest(RESTAPI::Errors::RadiusEndpointIndexInvalid);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(EndPointType==RadiusEndpointDB::EndpointType::generic) {
|
if(EndPointType==GWObjects::RadiusEndpointType::generic) {
|
||||||
for(const auto &Server:NewRecord.RadiusServers) {
|
for(const auto &Server:NewRecord.RadiusServers) {
|
||||||
if(!ValidRadiusServer(Server.Authentication) ||
|
if(!ValidRadiusServer(Server.Authentication) ||
|
||||||
!ValidRadiusServer(Server.Accounting) ||
|
!ValidRadiusServer(Server.Accounting) ||
|
||||||
@@ -110,21 +111,21 @@ namespace OpenWifi {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
switch(EndPointType) {
|
switch(EndPointType) {
|
||||||
case RadiusEndpointDB::EndpointType::orion: {
|
case GWObjects::RadiusEndpointType::orion: {
|
||||||
for(const auto &Server:NewRecord.RadsecServers) {
|
for(const auto &Server:NewRecord.RadsecServers) {
|
||||||
if(!StorageService()->OrionAccountsDB().Exists("id",Server.UseOpenRoamingAccount)) {
|
if(!StorageService()->OrionAccountsDB().Exists("id",Server.UseOpenRoamingAccount)) {
|
||||||
return BadRequest(RESTAPI::Errors::OrionAccountMustExist);
|
return BadRequest(RESTAPI::Errors::OrionAccountMustExist);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} break;
|
} break;
|
||||||
case RadiusEndpointDB::EndpointType::globalreach: {
|
case GWObjects::RadiusEndpointType::globalreach: {
|
||||||
for(const auto &Server:NewRecord.RadsecServers) {
|
for(const auto &Server:NewRecord.RadsecServers) {
|
||||||
if(!StorageService()->GLBLRCertsDB().Exists("id",Server.UseOpenRoamingAccount)) {
|
if(!StorageService()->GLBLRCertsDB().Exists("id",Server.UseOpenRoamingAccount)) {
|
||||||
return BadRequest(RESTAPI::Errors::GlobalReachCertMustExist);
|
return BadRequest(RESTAPI::Errors::GlobalReachCertMustExist);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} break;
|
} break;
|
||||||
case RadiusEndpointDB::EndpointType::radsec: {
|
case GWObjects::RadiusEndpointType::radsec: {
|
||||||
for(const auto &Server:NewRecord.RadsecServers) {
|
for(const auto &Server:NewRecord.RadsecServers) {
|
||||||
if(Server.Certificate.empty() || !Utils::ValidX509Certificate(Server.Certificate)) {
|
if(Server.Certificate.empty() || !Utils::ValidX509Certificate(Server.Certificate)) {
|
||||||
return BadRequest(RESTAPI::Errors::InvalidRadsecMainCertificate);
|
return BadRequest(RESTAPI::Errors::InvalidRadsecMainCertificate);
|
||||||
|
|||||||
@@ -452,4 +452,48 @@ namespace OpenWifi::GWObjects {
|
|||||||
void to_json(Poco::JSON::Object &Obj) const;
|
void to_json(Poco::JSON::Object &Obj) const;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
enum class RadiusPoolStrategy {
|
||||||
|
round_robbin, random, weighted, unknown
|
||||||
|
};
|
||||||
|
|
||||||
|
enum class RadiusEndpointType {
|
||||||
|
generic, radsec, globalreach, orion, unknown
|
||||||
|
};
|
||||||
|
|
||||||
|
static inline RadiusEndpointType RadiusEndpointType(const std::string &T) {
|
||||||
|
if(T=="generic") return RadiusEndpointType::generic;
|
||||||
|
if(T=="radsec") return RadiusEndpointType::radsec;
|
||||||
|
if(T=="globalreach") return RadiusEndpointType::globalreach;
|
||||||
|
if(T=="orion") return RadiusEndpointType::orion;
|
||||||
|
return RadiusEndpointType::unknown;
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline RadiusPoolStrategy RadiusPoolStrategy(const std::string &T) {
|
||||||
|
if(T=="round_robbin") return RadiusPoolStrategy::round_robbin;
|
||||||
|
if(T=="random") return RadiusPoolStrategy::random;
|
||||||
|
if(T=="weighted") return RadiusPoolStrategy::weighted;
|
||||||
|
return RadiusPoolStrategy::unknown;
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline std::string to_string(enum RadiusEndpointType T) {
|
||||||
|
switch(T) {
|
||||||
|
case RadiusEndpointType::generic: return "generic";
|
||||||
|
case RadiusEndpointType::radsec: return "radsec";
|
||||||
|
case RadiusEndpointType::globalreach: return "globalreach";
|
||||||
|
case RadiusEndpointType::orion: return "orion";
|
||||||
|
default:
|
||||||
|
return "unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
static inline std::string to_string(enum RadiusPoolStrategy T) {
|
||||||
|
switch(T) {
|
||||||
|
case RadiusPoolStrategy::round_robbin: return "round_robbin";
|
||||||
|
case RadiusPoolStrategy::random: return "random";
|
||||||
|
case RadiusPoolStrategy::weighted: return "weighted";
|
||||||
|
default:
|
||||||
|
return "unknown";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
} // namespace OpenWifi::GWObjects
|
} // namespace OpenWifi::GWObjects
|
||||||
|
|||||||
@@ -3,6 +3,8 @@
|
|||||||
//
|
//
|
||||||
|
|
||||||
#pragma once
|
#pragma once
|
||||||
|
#include <vector>
|
||||||
|
#include <utility>
|
||||||
#include <framework/AppServiceRegistry.h>
|
#include <framework/AppServiceRegistry.h>
|
||||||
#include <framework/utils.h>
|
#include <framework/utils.h>
|
||||||
#include <StorageService.h>
|
#include <StorageService.h>
|
||||||
@@ -41,6 +43,27 @@ namespace OpenWifi {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void UpdateRadiusServerEntry( GWObjects::RadiusProxyServerConfig &Config,
|
||||||
|
const ProvObjects::RADIUSEndPoint &Endpoint,
|
||||||
|
const std::vector<ProvObjects::RADIUSServer> &Servers) {
|
||||||
|
Config.monitor = false;
|
||||||
|
Config.strategy = Endpoint.PoolStrategy;
|
||||||
|
Config.monitorMethod = "none";
|
||||||
|
Config.strategy = "random";
|
||||||
|
for (const auto &Server: Servers) {
|
||||||
|
GWObjects::RadiusProxyServerEntry PE;
|
||||||
|
PE.radsec = false;
|
||||||
|
PE.name = Server.Hostname;
|
||||||
|
PE.ignore = false;
|
||||||
|
PE.ip = Server.IP;
|
||||||
|
PE.port = PE.radsecPort = Server.Port;
|
||||||
|
PE.allowSelfSigned = false;
|
||||||
|
PE.weight = 10;
|
||||||
|
PE.secret = PE.radsecSecret = "radsec";
|
||||||
|
Config.servers.emplace_back(PE);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
inline bool UpdateEndpoints( RESTAPIHandler *Client, std::uint64_t & ErrorCode,
|
inline bool UpdateEndpoints( RESTAPIHandler *Client, std::uint64_t & ErrorCode,
|
||||||
std::string & ErrorDetails,
|
std::string & ErrorDetails,
|
||||||
std::string & ErrorDescription) {
|
std::string & ErrorDescription) {
|
||||||
@@ -156,28 +179,11 @@ namespace OpenWifi {
|
|||||||
Pools.pools.emplace_back(PP);
|
Pools.pools.emplace_back(PP);
|
||||||
} else if(Endpoint.Type=="generic" && !Endpoint.RadiusServers.empty()) {
|
} else if(Endpoint.Type=="generic" && !Endpoint.RadiusServers.empty()) {
|
||||||
PP.radsecPoolType="generic";
|
PP.radsecPoolType="generic";
|
||||||
/* const auto &server = Endpoint.RadiusServers[0];
|
UpdateRadiusServerEntry(PP.authConfig, Endpoint, Endpoint.RadiusServers[0].Authentication);
|
||||||
for(auto &[ServerType,ServerInfo] : {
|
UpdateRadiusServerEntry(PP.acctConfig, Endpoint, Endpoint.RadiusServers[0].Accounting);
|
||||||
{}AUTH, Endpoint.RadiusServers[0].Authentication[0]) ,
|
UpdateRadiusServerEntry(PP.coaConfig, Endpoint, Endpoint.RadiusServers[0].CoA);
|
||||||
std::pair(ACCT, Endpoint.RadiusServers[0].Accounting[0] ),
|
|
||||||
std::pair(COA, Endpoint.RadiusServers[0].Accounting[0]) }
|
|
||||||
) {
|
|
||||||
ServerType.
|
|
||||||
ServerType.monitor = false;
|
|
||||||
ServerType.strategy = Endpoint.PoolStrategy;
|
|
||||||
GWObjects::RadiusProxyServerEntry PE;
|
|
||||||
PE.radsec = false;
|
|
||||||
PE.name = ServerInfo.Hostname;
|
|
||||||
PE.ignore = false;
|
|
||||||
PE.ip = ServerInfo.IP;
|
|
||||||
PE.port = PE.radsecPort = ServerInfo.Port;
|
|
||||||
PE.allowSelfSigned = false;
|
|
||||||
PE.weight = 10;
|
|
||||||
PE.secret = PE.radsecSecret = "radsec";
|
|
||||||
ServerType.servers.emplace_back(PE);
|
|
||||||
}
|
|
||||||
Pools.pools.emplace_back(PP);
|
Pools.pools.emplace_back(PP);
|
||||||
*/ }
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -33,50 +33,6 @@ namespace OpenWifi {
|
|||||||
virtual ~RadiusEndpointDB(){};
|
virtual ~RadiusEndpointDB(){};
|
||||||
bool Upgrade(uint32_t from, uint32_t &to) override;
|
bool Upgrade(uint32_t from, uint32_t &to) override;
|
||||||
|
|
||||||
enum class PoolStrategy {
|
|
||||||
round_robbin, random, weighted, unknown
|
|
||||||
};
|
|
||||||
|
|
||||||
enum class EndpointType {
|
|
||||||
generic, radsec, globalreach, orion, unknown
|
|
||||||
};
|
|
||||||
|
|
||||||
static inline EndpointType EndpointType(const std::string &T) {
|
|
||||||
if(T=="generic") return EndpointType::generic;
|
|
||||||
if(T=="radsec") return EndpointType::radsec;
|
|
||||||
if(T=="globalreach") return EndpointType::globalreach;
|
|
||||||
if(T=="orion") return EndpointType::orion;
|
|
||||||
return EndpointType::unknown;
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline PoolStrategy PoolStrategy(const std::string &T) {
|
|
||||||
if(T=="round_robbin") return PoolStrategy::round_robbin;
|
|
||||||
if(T=="random") return PoolStrategy::random;
|
|
||||||
if(T=="weighted") return PoolStrategy::weighted;
|
|
||||||
return PoolStrategy::unknown;
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline std::string to_string(enum EndpointType T) {
|
|
||||||
switch(T) {
|
|
||||||
case EndpointType::generic: return "generic";
|
|
||||||
case EndpointType::radsec: return "radsec";
|
|
||||||
case EndpointType::globalreach: return "globalreach";
|
|
||||||
case EndpointType::orion: return "orion";
|
|
||||||
default:
|
|
||||||
return "unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline std::string to_string(enum PoolStrategy T) {
|
|
||||||
switch(T) {
|
|
||||||
case PoolStrategy::round_robbin: return "round_robbin";
|
|
||||||
case PoolStrategy::random: return "random";
|
|
||||||
case PoolStrategy::weighted: return "weighted";
|
|
||||||
default:
|
|
||||||
return "unknown";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static inline bool ValidIndex(const std::string &I) {
|
static inline bool ValidIndex(const std::string &I) {
|
||||||
static uint32_t Low = Utils::IPtoInt("0.0.1.1");
|
static uint32_t Low = Utils::IPtoInt("0.0.1.1");
|
||||||
static uint32_t High = Utils::IPtoInt("0.0.2.254");
|
static uint32_t High = Utils::IPtoInt("0.0.2.254");
|
||||||
|
|||||||
Reference in New Issue
Block a user