scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-30 18:27:49 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Compare commits

base: scottk:release/v2.8.0
Branches Tags
scottk:main scottk:release/v4.1.0 scottk:WIFI-13821-bump-versions scottk:release/v4.0.0 scottk:fix_improve_exeception_handling scottk:fix_ci scottk:release/v3.2.0 scottk:version_update scottk:release/v3.1.0 scottk:WIFI-13857-fix-svc-kafka-startup scottk:WIFI-13597-fix-kafka-producer-using-poll scottk:release/v3.0.0 scottk:release/v2.11.0 scottk:release/v2.10.0 scottk:release/v2.9.0 scottk:release/v2.8.0 scottk:gh-pages scottk:release/v2.7.0 scottk:WIFI-10942 scottk:WIFI-10581-switch-images-to-debian-slim scottk:release/v2.4.0 scottk:WIFI-10345 scottk:release/v2.5.0 scottk:release/v2.6.0 scottk:feature/test-jira-key-without-key scottk:feature/wifi-5702--add-change-password-cli-command-on-startup scottk:release/v2.3.0 scottk:release/v2.2.0 scottk:release/v2.1.0 scottk:release/v2.0.0
scottk:v4.1.0 scottk:v4.1.0-RC1 scottk:v4.0.0 scottk:v3.2.0 scottk:v3.2.0-RC2 scottk:v3.2.0-RC1 scottk:v3.1.0 scottk:v3.1.0-RC1 scottk:v3.0.2-RC1 scottk:v3.0.0 scottk:v3.0.0-RC2 scottk:v3.0.0-RC1 scottk:v2.11.0 scottk:v2.11.0-RC2 scottk:v2.11.0-RC1 scottk:v2.10.0 scottk:v2.10.0-RC1 scottk:v2.9.0 scottk:v2.9.0-RC2 scottk:v2.9.0-RC1 scottk:v2.8.0 scottk:v2.8.0-RC2 scottk:v2.8.0-RC1 scottk:v2.7.0 scottk:v2.7.0-RC5 scottk:v2.7.0-RC4 scottk:v2.7.0-RC3 scottk:v2.7.0-RC2 scottk:v2.7.0-RC1 scottk:v2.5.2 scottk:v2.4.2 scottk:v2.4.1 scottk:v2.6.0 scottk:v2.6.0-RC3 scottk:v2.6.0-RC2 scottk:v2.6.0-RC1 scottk:v2.5.0 scottk:v2.5.0-RC1 scottk:v2.4.0 scottk:v2.4.0-RC5 scottk:v2.4.0-RC4 scottk:v2.4.0-RC3 scottk:v2.4.0-RC2 scottk:v2.4.0-RC1 scottk:v2.3.0-RC2 scottk:v2.3.0-RC1 scottk:v2.2.0-RC1 scottk:v2.1.0-RC1 scottk:v2.0.0-RC1 scottk:v2.0.0
..
compare: scottk:v2.6.0-RC3
Branches Tags
scottk:release/v4.1.0 scottk:main scottk:WIFI-13821-bump-versions scottk:release/v4.0.0 scottk:fix_improve_exeception_handling scottk:fix_ci scottk:release/v3.2.0 scottk:version_update scottk:release/v3.1.0 scottk:WIFI-13857-fix-svc-kafka-startup scottk:WIFI-13597-fix-kafka-producer-using-poll scottk:release/v3.0.0 scottk:release/v2.11.0 scottk:release/v2.10.0 scottk:release/v2.9.0 scottk:release/v2.8.0 scottk:gh-pages scottk:release/v2.7.0 scottk:WIFI-10942 scottk:WIFI-10581-switch-images-to-debian-slim scottk:release/v2.4.0 scottk:WIFI-10345 scottk:release/v2.5.0 scottk:release/v2.6.0 scottk:feature/test-jira-key-without-key scottk:feature/wifi-5702--add-change-password-cli-command-on-startup scottk:release/v2.3.0 scottk:release/v2.2.0 scottk:release/v2.1.0 scottk:release/v2.0.0
scottk:v4.1.0 scottk:v4.1.0-RC1 scottk:v4.0.0 scottk:v3.2.0 scottk:v3.2.0-RC2 scottk:v3.2.0-RC1 scottk:v3.1.0 scottk:v3.1.0-RC1 scottk:v3.0.2-RC1 scottk:v3.0.0 scottk:v3.0.0-RC2 scottk:v3.0.0-RC1 scottk:v2.11.0 scottk:v2.11.0-RC2 scottk:v2.11.0-RC1 scottk:v2.10.0 scottk:v2.10.0-RC1 scottk:v2.9.0 scottk:v2.9.0-RC2 scottk:v2.9.0-RC1 scottk:v2.8.0 scottk:v2.8.0-RC2 scottk:v2.8.0-RC1 scottk:v2.7.0 scottk:v2.7.0-RC5 scottk:v2.7.0-RC4 scottk:v2.7.0-RC3 scottk:v2.7.0-RC2 scottk:v2.7.0-RC1 scottk:v2.5.2 scottk:v2.4.2 scottk:v2.4.1 scottk:v2.6.0 scottk:v2.6.0-RC3 scottk:v2.6.0-RC2 scottk:v2.6.0-RC1 scottk:v2.5.0 scottk:v2.5.0-RC1 scottk:v2.4.0 scottk:v2.4.0-RC5 scottk:v2.4.0-RC4 scottk:v2.4.0-RC3 scottk:v2.4.0-RC2 scottk:v2.4.0-RC1 scottk:v2.3.0-RC2 scottk:v2.3.0-RC1 scottk:v2.2.0-RC1 scottk:v2.1.0-RC1 scottk:v2.0.0-RC1 scottk:v2.0.0

9 Commits
release/v2 ... v2.6.0-RC3

Author SHA1 Message Date
TIP Automation User
f8d3079f44 Chg: update image tag in helm values to v2.6.0-RC3 2022-07-09 12:17:34 +00:00
Stephane Bourque
81cec762f7 Merge pull request #60 from Telecominfraproject/main 
Fix: https://telecominfraproject.atlassian.net/browse/WIFI-10079
 2022-07-08 21:51:22 -07:00
Stephane Bourque
f43198f874 Merge pull request #56 from Telecominfraproject/main 
https://telecominfraproject.atlassian.net/browse/WIFI-10040
 2022-07-01 12:31:50 -07:00
Johann Hoffmann
3134947b57 Always re-generate config file if TEMPLATE_CONFIG is set to true (#54) 
Signed-off-by: Johann Hoffmann <johann.hoffmann@mailbox.org>
 2022-06-24 18:48:51 +02:00
TIP Automation User
8e8656a6ae Chg: update image tag in helm values to v2.6.0-RC2 2022-06-17 13:39:12 +00:00
jaspreetsachdev
8863d2ecc9 Merge branch 'main' into release/v2.6.0 2022-06-14 16:29:49 -04:00
Dmitry Dunaev
70ddeaf3c1 Merge pull request #49 from Telecominfraproject/fix/wifi-9174--dep-charts-2.6 
[WIFI-9174] Fix: switch from deprecated bitnami charts to mirrored ones
 2022-06-03 19:33:51 +03:00
Dmitry Dunaev
56d7c7c767 [WIFI-9174] Fix: switch from deprecated bitnami charts to mirrored ones 
Signed-off-by: Dmitry Dunaev <dmitry@opsfleet.com>
 2022-06-03 19:33:27 +03:00
TIP Automation User
7e3fb701a0 Chg: update image tag in helm values to v2.6.0-RC1 2022-05-23 12:17:26 +00:00
215 changed files with 10720 additions and 17553 deletions
Expand all files Collapse all files

10
.github/workflows/ci.yml vendored
View File

@@ -27,7 +27,7 @@ jobs:
DOCKER_REGISTRY_USERNAME: ucentral DOCKER_REGISTRY_USERNAME: ucentral
steps: steps:
- name: Checkout actions repo - name: Checkout actions repo
uses: actions/checkout@v3 uses: actions/checkout@v2
with: with:
repository: Telecominfraproject/.github repository: Telecominfraproject/.github
path: github path: github
@@ -58,11 +58,11 @@ jobs:
- name: Get base branch name and set as output - name: Get base branch name and set as output
id: get_base_branch id: get_base_branch
run: | run: |
echo "branch=$(echo ${GITHUB_BASE_REF##*/})" >> $GITHUB_OUTPUT echo ::set-output name=branch::$(echo ${GITHUB_BASE_REF##*/})
echo "owgw_branch=$(echo ${GITHUB_BASE_REF##*/} | sed 's/main/master/g')" >> $GITHUB_OUTPUT echo ::set-output name=owgw_branch::$(echo ${GITHUB_BASE_REF##*/} | sed 's/main/master/g')
- name: Checkout actions repo - name: Checkout actions repo
uses: actions/checkout@v3 uses: actions/checkout@v2
with: with:
repository: Telecominfraproject/.github repository: Telecominfraproject/.github
path: github path: github
@@ -87,7 +87,7 @@ jobs:
- docker - docker
steps: steps:
- name: Checkout actions repo - name: Checkout actions repo
uses: actions/checkout@v3 uses: actions/checkout@v2
with: with:
repository: Telecominfraproject/.github repository: Telecominfraproject/.github
path: github path: github

2
.github/workflows/enforce-jira-issue-key.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout actions repo - name: Checkout actions repo
uses: actions/checkout@v3 uses: actions/checkout@v2
with: with:
repository: Telecominfraproject/.github repository: Telecominfraproject/.github
path: github path: github

38
.github/workflows/openapi-pages.yml vendored
View File

@@ -1,38 +0,0 @@
name: Update OpenAPI docs on GitHub Pages
on:
push:
paths:
- 'openapi/**'
branches:
- main
workflow_dispatch:
defaults:
run:
shell: bash
jobs:
docsgen:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Generate static HTML page with docs from OpenAPI definition
run: |
docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli:v6.2.1 generate -i https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentralsec/main/openpapi/owsec.yaml -g html2 --skip-validate-spec -o /local/
- name: Update OpenAPI docs
run: |
mkdir -p ~/.ssh
ssh-keyscan -H github.com >> ~/.ssh/known_hosts
echo https://tip-automation:${{ secrets.GIT_PUSH_PAT }}@github.com > ~/.git-credentials
git config --global credential.helper store
git config --global user.email "tip-automation@telecominfraproject.com"
git config --global user.name "TIP Automation User"
git pull
git checkout gh-pages || git checkout -b gh-pages
mv index.html docs/index.html
git add docs
git commit -m'Update OpenAPI docs for GitHub pages'
git push --set-upstream origin gh-pages

2
.github/workflows/release.yml vendored
View File

@@ -17,7 +17,7 @@ jobs:
HELM_REPO_USERNAME: ucentral HELM_REPO_USERNAME: ucentral
steps: steps:
- name: Checkout uCentral assembly chart repo - name: Checkout uCentral assembly chart repo
uses: actions/checkout@v3 uses: actions/checkout@v2
with: with:
path: wlan-cloud-ucentralsec path: wlan-cloud-ucentralsec

21
.idea/.gitignore generated vendored Normal file
View File

@@ -0,0 +1,21 @@
# Default ignored files
/shelf/
/workspace.xml
# Datasource local storage ignored files
/dataSources/
/dataSources.local.xml
# Editor-based HTTP Client requests
/httpRequests/
/certs/
/logs/
*.csr
*.db
/docker-compose/certs/
/docker-compose/*-data/data/
/docker-compose/*-data/uploads/
/docker-compose/.env
/docker-compose/.env_*
/cmake-build/
*.pem
result.json
token.json

75
CMakeLists.txt
View File

@@ -1,5 +1,5 @@
cmake_minimum_required(VERSION 3.13) cmake_minimum_required(VERSION 3.13)
project(owsec VERSION 2.8.0) project(owsec VERSION 2.6.0)
set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD 17)
@@ -32,12 +32,12 @@ endif()
find_package(Git QUIET) find_package(Git QUIET)
if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git") if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git")
execute_process(COMMAND ${GIT_EXECUTABLE} rev-parse --short HEAD execute_process(COMMAND ${GIT_EXECUTABLE} describe --always --tags
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
RESULT_VARIABLE GIT_RESULT RESULT_VARIABLE GIT_RESULT
OUTPUT_VARIABLE GIT_HASH) OUTPUT_VARIABLE GIT_HASH)
if(NOT GIT_RESULT EQUAL "0") if(NOT GIT_RESULT EQUAL "0")
message(FATAL_ERROR "git rev-parse --short HEAD failed with ${GIT_RESULT}") message(FATAL_ERROR "git describe --always --tags failed with ${GIT_RESULT}")
endif() endif()
string(REGEX REPLACE "\n$" "" GIT_HASH "${GIT_HASH}") string(REGEX REPLACE "\n$" "" GIT_HASH "${GIT_HASH}")
endif() endif()
@@ -47,7 +47,6 @@ add_definitions(-DAWS_CUSTOM_MEMORY_MANAGEMENT)
set(BUILD_SHARED_LIBS 1) set(BUILD_SHARED_LIBS 1)
add_definitions(-DTIP_SECURITY_SERVICE="1") add_definitions(-DTIP_SECURITY_SERVICE="1")
add_definitions(-DPOCO_LOG_DEBUG="1")
add_compile_options(-Wall -Wextra) add_compile_options(-Wall -Wextra)
if(ASAN) if(ASAN)
@@ -75,63 +74,18 @@ add_executable( owsec
src/framework/CountryCodes.h src/framework/CountryCodes.h
src/framework/KafkaTopics.h src/framework/KafkaTopics.h
src/framework/MicroService.h src/framework/MicroService.h
src/framework/OpenWifiTypes.h
src/framework/orm.h src/framework/orm.h
src/framework/StorageClass.h src/framework/StorageClass.h
src/framework/MicroServiceErrorHandler.h src/framework/ow_constants.h
src/framework/UI_WebSocketClientServer.cpp src/framework/WebSocketClientNotifications.h
src/framework/UI_WebSocketClientServer.h
src/framework/UI_WebSocketClientNotifications.cpp
src/framework/UI_WebSocketClientNotifications.h
src/framework/utils.h
src/framework/utils.cpp
src/framework/AppServiceRegistry.h
src/framework/SubSystemServer.cpp
src/framework/SubSystemServer.h
src/framework/RESTAPI_utils.h
src/framework/AuthClient.cpp
src/framework/AuthClient.h
src/framework/MicroServiceNames.h
src/framework/MicroServiceFuncs.h
src/framework/OpenAPIRequests.cpp
src/framework/OpenAPIRequests.h
src/framework/MicroServiceFuncs.cpp
src/framework/ALBserver.cpp
src/framework/ALBserver.h
src/framework/KafkaManager.cpp
src/framework/KafkaManager.h
src/framework/RESTAPI_RateLimiter.h
src/framework/WebSocketLogger.h
src/framework/RESTAPI_GenericServerAccounting.h
src/framework/RESTAPI_SystemConfiguration.h
src/framework/CIDR.h
src/framework/RESTAPI_Handler.cpp
src/framework/RESTAPI_Handler.h
src/framework/RESTAPI_ExtServer.h
src/framework/RESTAPI_ExtServer.cpp
src/framework/RESTAPI_IntServer.cpp
src/framework/RESTAPI_IntServer.h
src/framework/RESTAPI_SystemCommand.h
src/framework/RESTAPI_WebSocketServer.h
src/framework/EventBusManager.cpp
src/framework/EventBusManager.h
src/framework/RESTAPI_PartHandler.h
src/framework/MicroService.cpp
src/framework/MicroServiceExtra.h
src/RESTObjects/RESTAPI_SecurityObjects.h src/RESTObjects/RESTAPI_SecurityObjects.cpp
src/RESTObjects/RESTAPI_GWobjects.h src/RESTObjects/RESTAPI_GWobjects.cpp
src/RESTObjects/RESTAPI_FMSObjects.h src/RESTObjects/RESTAPI_FMSObjects.cpp
src/RESTObjects/RESTAPI_CertObjects.cpp src/RESTObjects/RESTAPI_CertObjects.h
src/RESTObjects/RESTAPI_OWLSobjects.cpp src/RESTObjects/RESTAPI_OWLSobjects.h
src/RESTObjects/RESTAPI_ProvObjects.cpp src/RESTObjects/RESTAPI_ProvObjects.h
src/RESTObjects/RESTAPI_AnalyticsObjects.cpp src/RESTObjects/RESTAPI_AnalyticsObjects.h
src/RESTObjects/RESTAPI_SubObjects.cpp src/RESTObjects/RESTAPI_SubObjects.h
src/seclibs/qrcode/qrcodegen.hpp src/seclibs/qrcode/qrcodegen.cpp src/seclibs/qrcode/qrcodegen.hpp src/seclibs/qrcode/qrcodegen.cpp
src/seclibs/cpptotp/bytes.cpp src/seclibs/cpptotp/bytes.h src/seclibs/cpptotp/bytes.cpp src/seclibs/cpptotp/bytes.h
src/seclibs/cpptotp/otp.cpp src/seclibs/cpptotp/otp.h src/seclibs/cpptotp/otp.cpp src/seclibs/cpptotp/otp.h
src/seclibs/cpptotp/sha1.cpp src/seclibs/cpptotp/sha1.h src/seclibs/cpptotp/sha1.cpp src/seclibs/cpptotp/sha1.h
src/RESTObjects/RESTAPI_SecurityObjects.h src/RESTObjects/RESTAPI_SecurityObjects.cpp
src/RESTObjects/RESTAPI_ProvObjects.cpp src/RESTObjects/RESTAPI_ProvObjects.h
src/RESTObjects/RESTAPI_GWobjects.h src/RESTObjects/RESTAPI_GWobjects.cpp
src/RESTObjects/RESTAPI_FMSObjects.h src/RESTObjects/RESTAPI_FMSObjects.cpp
src/RESTAPI/RESTAPI_oauth2_handler.h src/RESTAPI/RESTAPI_oauth2_handler.cpp src/RESTAPI/RESTAPI_oauth2_handler.h src/RESTAPI/RESTAPI_oauth2_handler.cpp
src/RESTAPI/RESTAPI_users_handler.cpp src/RESTAPI/RESTAPI_users_handler.h src/RESTAPI/RESTAPI_users_handler.cpp src/RESTAPI/RESTAPI_users_handler.h
src/RESTAPI/RESTAPI_user_handler.cpp src/RESTAPI/RESTAPI_user_handler.h src/RESTAPI/RESTAPI_user_handler.cpp src/RESTAPI/RESTAPI_user_handler.h
@@ -163,19 +117,14 @@ add_executable( owsec
src/SMS_provider_twilio.cpp src/SMS_provider_twilio.h src/SMS_provider_twilio.cpp src/SMS_provider_twilio.h
src/ActionLinkManager.cpp src/ActionLinkManager.h src/ActionLinkManager.cpp src/ActionLinkManager.h
src/ACLProcessor.h src/ACLProcessor.h
src/framework/OpenWifiTypes.h
src/storage/orm_users.cpp src/storage/orm_users.h src/storage/orm_users.cpp src/storage/orm_users.h
src/storage/orm_tokens.cpp src/storage/orm_tokens.h src/storage/orm_tokens.cpp src/storage/orm_tokens.h
src/storage/orm_preferences.cpp src/storage/orm_preferences.h src/storage/orm_preferences.cpp src/storage/orm_preferences.h
src/storage/orm_actionLinks.cpp src/storage/orm_actionLinks.h src/storage/orm_actionLinks.cpp src/storage/orm_actionLinks.h
src/storage/orm_avatar.cpp src/storage/orm_avatar.h src/storage/orm_avatar.cpp src/storage/orm_avatar.h
src/SpecialUserHelpers.h src/SpecialUserHelpers.h
src/RESTAPI/RESTAPI_db_helpers.h src/storage/orm_logins.cpp src/storage/orm_logins.h src/RESTAPI/RESTAPI_db_helpers.h src/storage/orm_logins.cpp src/storage/orm_logins.h src/RESTAPI/RESTAPI_totp_handler.cpp src/RESTAPI/RESTAPI_totp_handler.h src/TotpCache.h src/RESTAPI/RESTAPI_subtotp_handler.cpp src/RESTAPI/RESTAPI_subtotp_handler.h src/RESTAPI/RESTAPI_signup_handler.cpp src/RESTAPI/RESTAPI_signup_handler.h)
src/RESTAPI/RESTAPI_totp_handler.cpp
src/RESTAPI/RESTAPI_totp_handler.h
src/TotpCache.h
src/RESTAPI/RESTAPI_subtotp_handler.cpp src/RESTAPI/RESTAPI_subtotp_handler.h
src/RESTAPI/RESTAPI_signup_handler.cpp src/RESTAPI/RESTAPI_signup_handler.h
src/MessagingTemplates.cpp src/MessagingTemplates.h src/RESTAPI/RESTAPI_apiKey_handler.cpp src/RESTAPI/RESTAPI_apiKey_handler.h src/storage/orm_apikeys.cpp src/storage/orm_apikeys.h src/RESTAPI/RESTAPI_validate_apikey.cpp src/RESTAPI/RESTAPI_validate_apikey.h)
if(NOT SMALL_BUILD) if(NOT SMALL_BUILD)
target_link_libraries(owsec PUBLIC target_link_libraries(owsec PUBLIC
@@ -189,4 +138,4 @@ if(NOT SMALL_BUILD)
if(UNIX AND NOT APPLE) if(UNIX AND NOT APPLE)
target_link_libraries(owsec PUBLIC PocoJSON) target_link_libraries(owsec PUBLIC PocoJSON)
endif() endif()
endif() endif()

109
Dockerfile
View File

@@ -1,21 +1,16 @@
ARG DEBIAN_VERSION=11.5-slim FROM alpine:3.15 AS build-base
ARG POCO_VERSION=poco-tip-v2
ARG CPPKAFKA_VERSION=tip-v1
FROM debian:$DEBIAN_VERSION AS build-base RUN apk add --update --no-cache \
make cmake g++ git \
RUN apt-get update && apt-get install --no-install-recommends -y \ unixodbc-dev postgresql-dev mariadb-dev \
make cmake g++ git curl zip unzip pkg-config \ librdkafka-dev boost-dev openssl-dev \
libpq-dev libmariadb-dev libmariadbclient-dev-compat \ zlib-dev nlohmann-json \
librdkafka-dev libboost-all-dev libssl-dev \ curl-dev
zlib1g-dev ca-certificates libcurl4-openssl-dev libfmt-dev
FROM build-base AS poco-build FROM build-base AS poco-build
ARG POCO_VERSION ADD https://api.github.com/repos/stephb9959/poco/git/refs/heads/master version.json
RUN git clone https://github.com/stephb9959/poco /poco
ADD https://api.github.com/repos/AriliaWireless/poco/git/refs/tags/${POCO_VERSION} version.json
RUN git clone https://github.com/AriliaWireless/poco --branch ${POCO_VERSION} /poco
WORKDIR /poco WORKDIR /poco
RUN mkdir cmake-build RUN mkdir cmake-build
@@ -24,12 +19,22 @@ RUN cmake ..
RUN cmake --build . --config Release -j8 RUN cmake --build . --config Release -j8
RUN cmake --build . --target install RUN cmake --build . --target install
FROM build-base AS fmtlib-build
ADD https://api.github.com/repos/fmtlib/fmt/git/refs/heads/master version.json
RUN git clone https://github.com/fmtlib/fmt /fmtlib
WORKDIR /fmtlib
RUN mkdir cmake-build
WORKDIR cmake-build
RUN cmake ..
RUN make
RUN make install
FROM build-base AS cppkafka-build FROM build-base AS cppkafka-build
ARG CPPKAFKA_VERSION ADD https://api.github.com/repos/stephb9959/cppkafka/git/refs/heads/master version.json
RUN git clone https://github.com/stephb9959/cppkafka /cppkafka
ADD https://api.github.com/repos/AriliaWireless/cppkafka/git/refs/tags/${CPPKAFKA_VERSION} version.json
RUN git clone https://github.com/AriliaWireless/cppkafka --branch ${CPPKAFKA_VERSION} /cppkafka
WORKDIR /cppkafka WORKDIR /cppkafka
RUN mkdir cmake-build RUN mkdir cmake-build
@@ -38,47 +43,75 @@ RUN cmake ..
RUN cmake --build . --config Release -j8 RUN cmake --build . --config Release -j8
RUN cmake --build . --target install RUN cmake --build . --target install
FROM build-base AS json-schema-validator-build
ADD https://api.github.com/repos/pboettch/json-schema-validator/git/refs/heads/master version.json
RUN git clone https://github.com/pboettch/json-schema-validator /json-schema-validator
WORKDIR /json-schema-validator
RUN mkdir cmake-build
WORKDIR cmake-build
RUN cmake ..
RUN make
RUN make install
FROM build-base AS aws-sdk-cpp-build
ADD https://api.github.com/repos/aws/aws-sdk-cpp/git/refs/heads/main version.json
RUN git clone --recurse-submodules https://github.com/aws/aws-sdk-cpp /aws-sdk-cpp
WORKDIR /aws-sdk-cpp
RUN mkdir cmake-build
WORKDIR cmake-build
RUN cmake .. -DBUILD_ONLY="sns;s3" \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_CXX_FLAGS="-Wno-error=stringop-overflow -Wno-error=uninitialized" \
-DAUTORUN_UNIT_TESTS=OFF
RUN cmake --build . --config Release -j8
RUN cmake --build . --target install
FROM build-base AS owsec-build FROM build-base AS owsec-build
ADD CMakeLists.txt build /owsec/ ADD CMakeLists.txt build /owsec/
ADD overlays /owsec/overlays
ADD cmake /owsec/cmake ADD cmake /owsec/cmake
ADD src /owsec/src ADD src /owsec/src
ADD .git /owsec/.git ADD .git /owsec/.git
ARG VCPKG_VERSION=2022.11.14
RUN git clone --depth 1 --branch ${VCPKG_VERSION} https://github.com/microsoft/vcpkg && \
./vcpkg/bootstrap-vcpkg.sh && \
mkdir /vcpkg/custom-triplets && \
cp /vcpkg/triplets/x64-linux.cmake /vcpkg/custom-triplets/x64-linux.cmake && \
sed -i 's/set(VCPKG_LIBRARY.*/set(VCPKG_LIBRARY_LINKAGE dynamic)/g' /vcpkg/custom-triplets/x64-linux.cmake && \
./vcpkg/vcpkg install aws-sdk-cpp[sns]:x64-linux json-schema-validator:x64-linux --overlay-triplets=/vcpkg/custom-triplets --overlay-ports=/owsec/overlays
COPY --from=poco-build /usr/local/include /usr/local/include COPY --from=poco-build /usr/local/include /usr/local/include
COPY --from=poco-build /usr/local/lib /usr/local/lib COPY --from=poco-build /usr/local/lib /usr/local/lib
COPY --from=cppkafka-build /usr/local/include /usr/local/include COPY --from=cppkafka-build /usr/local/include /usr/local/include
COPY --from=cppkafka-build /usr/local/lib /usr/local/lib COPY --from=cppkafka-build /usr/local/lib /usr/local/lib
COPY --from=json-schema-validator-build /usr/local/include /usr/local/include
COPY --from=json-schema-validator-build /usr/local/lib /usr/local/lib
COPY --from=aws-sdk-cpp-build /usr/local/include /usr/local/include
COPY --from=aws-sdk-cpp-build /usr/local/lib /usr/local/lib
COPY --from=fmtlib-build /usr/local/include /usr/local/include
COPY --from=fmtlib-build /usr/local/lib /usr/local/lib
WORKDIR /owsec WORKDIR /owsec
RUN mkdir cmake-build RUN mkdir cmake-build
WORKDIR /owsec/cmake-build WORKDIR /owsec/cmake-build
RUN cmake -DCMAKE_TOOLCHAIN_FILE=/vcpkg/scripts/buildsystems/vcpkg.cmake .. RUN cmake .. \
-Dcrypto_LIBRARY=/usr/lib/libcrypto.so \
-DBUILD_SHARED_LIBS=ON
RUN cmake --build . --config Release -j8 RUN cmake --build . --config Release -j8
FROM debian:$DEBIAN_VERSION FROM alpine:3.15
ENV OWSEC_USER=owsec \ ENV OWSEC_USER=owsec \
OWSEC_ROOT=/owsec-data \ OWSEC_ROOT=/owsec-data \
OWSEC_CONFIG=/owsec-data OWSEC_CONFIG=/owsec-data
RUN useradd "$OWSEC_USER" RUN addgroup -S "$OWSEC_USER" && \
adduser -S -G "$OWSEC_USER" "$OWSEC_USER"
RUN mkdir /openwifi RUN mkdir /openwifi
RUN mkdir -p "$OWSEC_ROOT" "$OWSEC_CONFIG" && \ RUN mkdir -p "$OWSEC_ROOT" "$OWSEC_CONFIG" && \
chown "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG" chown "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG"
RUN apt-get update && apt-get install --no-install-recommends -y \ RUN apk add --update --no-cache librdkafka su-exec gettext ca-certificates bash jq curl \
librdkafka++1 gosu gettext ca-certificates bash jq curl wget \ mariadb-connector-c libpq unixodbc postgresql-client
libmariadb-dev-compat libpq5 postgresql-client libfmt7
COPY readiness_check /readiness_check COPY readiness_check /readiness_check
COPY test_scripts/curl/cli /cli COPY test_scripts/curl/cli /cli
@@ -89,14 +122,14 @@ COPY templates /dist/templates
COPY docker-entrypoint.sh / COPY docker-entrypoint.sh /
COPY wait-for-postgres.sh / COPY wait-for-postgres.sh /
RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \ RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \
-O /usr/local/share/ca-certificates/restapi-ca-selfsigned.crt -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem
COPY --from=owsec-build /owsec/cmake-build/owsec /openwifi/owsec COPY --from=owsec-build /owsec/cmake-build/owsec /openwifi/owsec
COPY --from=owsec-build /vcpkg/installed/x64-linux/lib/ /usr/local/lib/ COPY --from=cppkafka-build /cppkafka/cmake-build/src/lib/* /usr/local/lib
COPY --from=cppkafka-build /cppkafka/cmake-build/src/lib/ /usr/local/lib/ COPY --from=poco-build /poco/cmake-build/lib/* /usr/local/lib
COPY --from=poco-build /poco/cmake-build/lib/ /usr/local/lib/ COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-core/libaws-cpp-sdk-core.so /usr/local/lib
COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-s3/libaws-cpp-sdk-s3.so /usr/local/lib
RUN ldconfig COPY --from=aws-sdk-cpp-build /aws-sdk-cpp/cmake-build/aws-cpp-sdk-sns/libaws-cpp-sdk-sns.so /usr/local/lib
EXPOSE 16001 17001 16101 EXPOSE 16001 17001 16101

37
OPERATOR.md
View File

@@ -1,37 +0,0 @@
# Operator Support
In order to support multiple tenants and operators, you must prepare the security service to serve
customized e-mails and messages.
## Structure for `templates`
Any file in the root of the directory will be used as defaults. The following files must be present:
- email_invitation.html/txt : This email message will be sent to a newly added user.
- email_verification.html/txt : This email is sent when an email verification is required.
- password_reset.html/txt : This is sent when a pasword reset is requested.
- verification_code.html/txt : This is used during MFA when email based.
- signup_verification.html/txt : This email is send to a new subscriber who signed up for service.
- sub_email_verification.html/txt : This is sent to a subscriber requiring an email verification.
- sub_verification_code.html/txt : This is used during MFA when email based for a subscriber.
- logo.jpg : The default logo to use in any of these emails.
## Structure for `wwwassets`
Any file in the root of the directory will be used as defaults. The following files must be present:
- email_verification_error.html : Used when email verification has failed.
- email_verification_success.html : Used when emil verification has succeeded.
- invitation_error.html :
- invitation_success.html :
- password_policy.html :
- password_reset.html :
- password_reset_success.html :
- password_reset_error.html :
- signup_verification.html :
- signup_verification_error.html :
- signup_verification_success.html :
- favicon.ico : icon for the application
- 404_error.html : your customized 404 page
- the_logo : the logo to use.
## For tenants
When creating a tenant/operator, you must create a subdirectory inside each `wwwassets` and `templates` and replicate
all the files that appear at the root level. You need to use the short Operator name (also known as RegistrantId in the API). This means
no spaces, all lowercase characters and numbers. No special characters: 0-9 and a-z.

6
README.md
View File

@@ -16,10 +16,6 @@ into your own systems. If all you need it to access the uCentralGW for example (
The CLI for the [uCentralGW](https://github.com/telecominfraproject/wlan-cloud-ucentralgw/blob/main/test_scripts/curl/cli) has a very good example of this. The CLI for the [uCentralGW](https://github.com/telecominfraproject/wlan-cloud-ucentralgw/blob/main/test_scripts/curl/cli) has a very good example of this.
Look for the `setgateway` function. Look for the `setgateway` function.
You may get static page with OpenAPI docs generated from the definition on [GitHub Page](https://telecominfraproject.github.io/wlan-cloud-ucentralsec/).
Also you may use [Swagger UI](https://petstore.swagger.io/#/) with OpenAPI definition file raw link (i.e. [latest version file](https://validator.swagger.io/validator?url=https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentralsec/main/openpapi/owsec.yaml)) to get interactive docs page.
## Firewall Considerations ## Firewall Considerations
The entire uCentral systems uses several MicroServices. In order for the whole system to work, you should provide the following port The entire uCentral systems uses several MicroServices. In order for the whole system to work, you should provide the following port
access: access:
@@ -268,4 +264,4 @@ on any other app that support the TOTP protocol. You should include the followin
totp.issuer = OrgName totp.issuer = OrgName
``` ```
It is very important that you not use spaces in your OrgName. It is very important that you not use spaces in your OrgName.

2
build
View File

@@ -1 +1 @@
41 60

5
docker-entrypoint.sh
View File

@@ -1,4 +1,4 @@
#!/bin/bash #!/bin/sh
set -e set -e
if [ "$SELFSIGNED_CERTS" = 'true' ]; then if [ "$SELFSIGNED_CERTS" = 'true' ]; then
@@ -23,7 +23,6 @@ if [[ "$TEMPLATE_CONFIG" = 'true' ]]; then
SYSTEM_URI_PRIVATE=${SYSTEM_URI_PRIVATE:-"https://localhost:17001"} \ SYSTEM_URI_PRIVATE=${SYSTEM_URI_PRIVATE:-"https://localhost:17001"} \
SYSTEM_URI_PUBLIC=${SYSTEM_URI_PUBLIC:-"https://localhost:16001"} \ SYSTEM_URI_PUBLIC=${SYSTEM_URI_PUBLIC:-"https://localhost:16001"} \
SYSTEM_URI_UI=${SYSTEM_URI_UI:-"http://localhost"} \ SYSTEM_URI_UI=${SYSTEM_URI_UI:-"http://localhost"} \
SECURITY_RESTAPI_DISABLE=${SECURITY_RESTAPI_DISABLE:-"false"} \
SERVICE_KEY=${SERVICE_KEY:-"\$OWSEC_ROOT/certs/restapi-key.pem"} \ SERVICE_KEY=${SERVICE_KEY:-"\$OWSEC_ROOT/certs/restapi-key.pem"} \
SERVICE_KEY_PASSWORD=${SERVICE_KEY_PASSWORD:-"mypassword"} \ SERVICE_KEY_PASSWORD=${SERVICE_KEY_PASSWORD:-"mypassword"} \
SMSSENDER_ENABLED=${SMSSENDER_ENABLED:-"false"} \ SMSSENDER_ENABLED=${SMSSENDER_ENABLED:-"false"} \
@@ -85,7 +84,7 @@ if [ "$1" = '/openwifi/owsec' -a "$(id -u)" = '0' ]; then
if [ "$RUN_CHOWN" = 'true' ]; then if [ "$RUN_CHOWN" = 'true' ]; then
chown -R "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG" chown -R "$OWSEC_USER": "$OWSEC_ROOT" "$OWSEC_CONFIG"
fi fi
exec gosu "$OWSEC_USER" "$@" exec su-exec "$OWSEC_USER" "$@"
fi fi
exec "$@" exec "$@"

2
helm/.gitignore vendored
View File

@@ -1,3 +1 @@
*.swp *.swp
Chart.lock
charts/

4
helm/README.md
View File

@@ -70,8 +70,8 @@ The following table lists the configurable parameters of the chart and their def
| persistence.size | string | Defines PV size | `'10Gi'` | | persistence.size | string | Defines PV size | `'10Gi'` |
| public_env_variables | hash | Defines list of environment variables to be passed to the Security | | | public_env_variables | hash | Defines list of environment variables to be passed to the Security | |
| configProperties | hash | Configuration properties that should be passed to the application in `owsec.properties`. May be passed by key in set (i.e. `configProperties."rtty\.token"`) | | | configProperties | hash | Configuration properties that should be passed to the application in `owsec.properties`. May be passed by key in set (i.e. `configProperties."rtty\.token"`) | |
| existingCertsSecret | string | Existing Kubernetes secret containing all required certificates and private keys for microservice operation. If set, certificates from `certs` key are ignored | `""` | | certs | hash | Defines files (keys and certificates) that should be passed to the Security (PEM format is adviced to be used) (see `volumes.owsec` on where it is mounted) | |
| certs | hash | Defines files (keys and certificates) that should be passed to the Gateway (PEM format is adviced to be used) (see `volumes.owsec` on where it is mounted). If `existingCertsSecret` is set, certificates passed this way will not be used. | |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

34
helm/templates/deployment.yaml
View File

@@ -1,5 +1,4 @@
{{- $root := . -}} {{- $root := . -}}
{{- $storageType := index .Values.configProperties "storage.type" -}}
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@@ -47,39 +46,6 @@ spec:
- -timeout - -timeout
- 600s - 600s
{{- if eq $storageType "postgresql" }}
- name: wait-postgres
image: "{{ .Values.images.owsec.repository }}:{{ .Values.images.owsec.tag }}"
imagePullPolicy: {{ .Values.images.owsec.pullPolicy }}
command:
- /wait-for-postgres.sh
- {{ index .Values.configProperties "storage.type.postgresql.host" }}
- echo
- "PostgreSQL is ready"
env:
- name: KUBERNETES_DEPLOYED
value: "{{ now }}"
{{- range $key, $value := .Values.public_env_variables }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- range $key, $value := .Values.secret_env_variables }}
- name: {{ $key }}
valueFrom:
secretKeyRef:
name: {{ include "owsec.fullname" $root }}-env
key: {{ $key }}
{{- end }}
volumeMounts:
{{- range .Values.volumes.owsec }}
- name: {{ .name }}
mountPath: {{ .mountPath }}
{{- if .subPath }}
subPath: {{ .subPath }}
{{- end }}
{{- end }}
{{- end }}
containers: containers:
- name: owsec - name: owsec

9
helm/values.yaml
View File

@@ -9,7 +9,7 @@ fullnameOverride: ""
images: images:
owsec: owsec:
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owsec repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owsec
tag: v2.8.0 tag: v2.6.0-RC3
pullPolicy: Always pullPolicy: Always
# regcred: # regcred:
# registry: tip-tip-wlan-cloud-ucentral.jfrog.io # registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -71,7 +71,7 @@ volumes:
mountPath: /owsec-data/certs mountPath: /owsec-data/certs
volumeDefinition: | volumeDefinition: |
secret: secret:
secretName: {{ if .Values.existingCertsSecret }}{{ .Values.existingCertsSecret }}{{ else }}{{ include "owsec.fullname" . }}-certs{{ end }} secretName: {{ include "owsec.fullname" . }}-certs
# Change this if you want to use another volume type # Change this if you want to use another volume type
- name: persist - name: persist
mountPath: /owsec-data/persist mountPath: /owsec-data/persist
@@ -92,7 +92,7 @@ resources: {}
# memory: 128Mi # memory: 128Mi
securityContext: securityContext:
fsGroup: 1000 fsGroup: 101
nodeSelector: {} nodeSelector: {}
@@ -228,9 +228,6 @@ configProperties:
storage.type.mysql.username: stephb storage.type.mysql.username: stephb
storage.type.mysql.password: snoopy99 storage.type.mysql.password: snoopy99
# NOTE: List of required certificates may be found in "certs" key. Alternative way to pass required certificates is to create external secret with all required certificates and set secret name in "existingCertsSecret" key. Details may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/main/chart#tldr
existingCertsSecret: ""
certs: certs:
# restapi-ca.pem: "" # restapi-ca.pem: ""
# restapi-cert.pem: "" # restapi-cert.pem: ""

178
openpapi/owsec.yaml
View File

@@ -17,7 +17,6 @@ servers:
security: security:
- bearerAuth: [] - bearerAuth: []
- ApiKeyAuth: [] - ApiKeyAuth: []
- ApiToken: []
components: components:
securitySchemes: securitySchemes:
@@ -29,10 +28,6 @@ components:
type: http type: http
scheme: bearer scheme: bearer
bearerFormat: JWT bearerFormat: JWT
ApiToken:
type: apiKey
in: header
name: X-API-TOKEN
responses: responses:
NotFound: NotFound:
@@ -169,61 +164,18 @@ components:
aclTemplate: aclTemplate:
$ref: '#/components/schemas/AclTemplate' $ref: '#/components/schemas/AclTemplate'
ApiKeyAccessRight: ApiKeyCreationRequest:
type: object type: object
properties: properties:
service:
type: string
access:
type: string
enum:
- read
- modify
- create
- delete
- noaccess
ApiKeyAccessRightList:
type: object
properties:
acls:
type: array
items:
$ref: '#/components/schemas/ApiKeyAccessRight'
ApiKeyEntry:
type: object
properties:
id:
type: string
format: uuid
userUuid:
type: string
format: uuid
name: name:
type: string type: string
description: description:
type: string type: string
apiKey:
type: string
salt:
type: string
expiresOn: expiresOn:
type: integer type: integer
format: int64 format: int64
lastUse:
type: integer
format: int64
rights: rights:
$ref: '#/components/schemas/ApiKeyAccessRightList' $ref: '#/components/schemas/AclTemplate'
ApiKeyEntryList:
type: object
properties:
apiKeys:
type: array
items:
$ref: '#/components/schemas/ApiKeyEntry'
ApiKeyCreationAnswer: ApiKeyCreationAnswer:
type: object type: object
@@ -242,7 +194,7 @@ components:
apiKey: apiKey:
type: string type: string
rights: rights:
$ref: '#/components/schemas/ApiKeyAccessRights' $ref: '#/components/schemas/AclTemplate'
AclTemplate: AclTemplate:
type: object type: object
@@ -942,7 +894,7 @@ paths:
/systemEndpoints: /systemEndpoints:
get: get:
tags: tags:
- System Commands - Authentication
summary: Retrieve the system layout. summary: Retrieve the system layout.
operationId: getSystemInfo operationId: getSystemInfo
responses: responses:
@@ -1396,7 +1348,7 @@ paths:
/email: /email:
post: post:
tags: tags:
- Messaging - Email
summary: Send test email with the system. summary: Send test email with the system.
operationId: Send a test email operationId: Send a test email
requestBody: requestBody:
@@ -1427,7 +1379,7 @@ paths:
/sms: /sms:
post: post:
tags: tags:
- Messaging - Email
summary: Send test email with the system. summary: Send test email with the system.
operationId: Send a test SMS operationId: Send a test SMS
parameters: parameters:
@@ -1682,103 +1634,7 @@ paths:
404: 404:
$ref: '#/components/responses/NotFound' $ref: '#/components/responses/NotFound'
/apiKey/{uuid}:
get:
tags:
- API Tokens
summary: Retrieve all the APIKeys for a given user UUID
operationId: getApiKeyList
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
responses:
200:
$ref: '#/components/schemas/ApiKeyEntryList'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
delete:
tags:
- API Tokens
summary: Retrieve all the APIKeys for a given user UUID
operationId: deleteApiKey
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
- in: query
name: keyUuid
schema:
type: string
required: true
responses:
200:
$ref: '#/components/responses/Success'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
post:
tags:
- API Tokens
summary: Retrieve all the APIKeys for a given user UUID
operationId: createApiKey
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApiKeyEntry'
responses:
200:
$ref: '#/components/schemas/ApiKeyEntry'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
put:
tags:
- API Tokens
summary: Retrieve all the APIKeys for a given user UUID
operationId: modifyApiKey
parameters:
- in: path
name: uuid
schema:
type: string
format: uuid
required: true
- in: query
name: name
schema:
type: string
required: true
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ApiKeyEntry'
responses:
200:
$ref: '#/components/schemas/ApiKeyEntry'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
######################################################################################### #########################################################################################
## ##
@@ -1876,26 +1732,6 @@ paths:
404: 404:
$ref: '#/components/responses/NotFound' $ref: '#/components/responses/NotFound'
/validateApiKey:
get:
tags:
- Security
summary: Allows an application to validate an API Key.
operationId: validateApiKey
parameters:
- in: query
name: token
schema:
type: string
required: true
responses:
200:
$ref: '#/components/schemas/TokenValidationResult'
403:
$ref: '#/components/responses/Unauthorized'
404:
$ref: '#/components/responses/NotFound'
/system: /system:
post: post:
tags: tags:

1
overlays/curl/portfile.cmake
View File

@@ -1 +0,0 @@
set(VCPKG_POLICY_EMPTY_PACKAGE enabled)

4
overlays/curl/vcpkg.json
View File

@@ -1,4 +0,0 @@
{
"name": "curl",
"version-string": "7.74.0-1.3+deb11u3"
}

1
overlays/openssl/portfile.cmake
View File

@@ -1 +0,0 @@
set(VCPKG_POLICY_EMPTY_PACKAGE enabled)

4
overlays/openssl/vcpkg.json
View File

@@ -1,4 +0,0 @@
{
"name": "openssl",
"version-string": "1.1.1n-0+deb11u3"
}

1
overlays/zlib/portfile.cmake
View File

@@ -1 +0,0 @@
set(VCPKG_POLICY_EMPTY_PACKAGE enabled)

4
overlays/zlib/vcpkg.json
View File

@@ -1,4 +0,0 @@
{
"name": "zlib",
"version-string": "1:1.2.11.dfsg-2+deb11u2"
}

3
owsec.properties
View File

@@ -36,7 +36,6 @@ openwifi.system.data = $OWSEC_ROOT/data
openwifi.system.uri.private = https://localhost:17001 openwifi.system.uri.private = https://localhost:17001
openwifi.system.uri.public = https://local.dpaas.arilia.com:16001 openwifi.system.uri.public = https://local.dpaas.arilia.com:16001
openwifi.system.uri.ui = https://ucentral-ui.arilia.com openwifi.system.uri.ui = https://ucentral-ui.arilia.com
openwifi.security.restapi.disable = false
openwifi.system.commandchannel = /tmp/app.ucentralsec openwifi.system.commandchannel = /tmp/app.ucentralsec
openwifi.service.key = $OWSEC_ROOT/certs/restapi-key.pem openwifi.service.key = $OWSEC_ROOT/certs/restapi-key.pem
openwifi.service.key.password = mypassword openwifi.service.key.password = mypassword
@@ -133,4 +132,4 @@ storage.type.mysql.connectiontimeout = 60
######################################################################## ########################################################################
logging.type = file logging.type = file
logging.path = $OWSEC_ROOT/logs logging.path = $OWSEC_ROOT/logs
logging.level = debug logging.level = debug

1
owsec.properties.tmpl
View File

@@ -36,7 +36,6 @@ openwifi.system.data = ${SYSTEM_DATA}
openwifi.system.uri.private = ${SYSTEM_URI_PRIVATE} openwifi.system.uri.private = ${SYSTEM_URI_PRIVATE}
openwifi.system.uri.public = ${SYSTEM_URI_PUBLIC} openwifi.system.uri.public = ${SYSTEM_URI_PUBLIC}
openwifi.system.uri.ui = ${SYSTEM_URI_UI} openwifi.system.uri.ui = ${SYSTEM_URI_UI}
openwifi.security.restapi.disable = ${SECURITY_RESTAPI_DISABLE}
openwifi.system.commandchannel = /tmp/app.ucentralsec openwifi.system.commandchannel = /tmp/app.ucentralsec
openwifi.service.key = ${SERVICE_KEY} openwifi.service.key = ${SERVICE_KEY}
openwifi.service.key.password = ${SERVICE_KEY_PASSWORD} openwifi.service.key.password = ${SERVICE_KEY_PASSWORD}

135
src/ACLProcessor.h
View File

@@ -32,102 +32,53 @@ namespace OpenWifi {
*/ */
static inline bool Can( const SecurityObjects::UserInfo & User, const SecurityObjects::UserInfo & Target, ACL_OPS Op) { static inline bool Can( const SecurityObjects::UserInfo & User, const SecurityObjects::UserInfo & Target, ACL_OPS Op) {
switch(Op) { // rule 0
case DELETE: { if(User.id == Target.id && User.userRole == SecurityObjects::SUBSCRIBER && Op == DELETE)
// can a user delete themselves - yes - only if not root. We do not want a system to end up rootless return true;
if(User.id==Target.id) {
return User.userRole != SecurityObjects::ROOT;
}
// Root can delete anyone
switch (User.userRole) {
case SecurityObjects::ROOT:
return true;
case SecurityObjects::ADMIN:
return Target.userRole!=SecurityObjects::ROOT && Target.userRole!=SecurityObjects::PARTNER;
case SecurityObjects::SUBSCRIBER:
return User.id==Target.id;
case SecurityObjects::CSR:
return false;
case SecurityObjects::SYSTEM:
return Target.userRole!=SecurityObjects::ROOT && Target.userRole!=SecurityObjects::PARTNER;
case SecurityObjects::INSTALLER:
return User.id==Target.id;
case SecurityObjects::NOC:
return Target.userRole==SecurityObjects::NOC;
case SecurityObjects::ACCOUNTING:
return Target.userRole==SecurityObjects::ACCOUNTING;
case SecurityObjects::PARTNER:
return Target.userRole!=SecurityObjects::ROOT;
default:
return false;
}
}
break;
case READ: { // rule 1
return User.userRole == SecurityObjects::ROOT || if(User.id == Target.id && Op==DELETE)
User.userRole == SecurityObjects::ADMIN || return false;
User.userRole == SecurityObjects::PARTNER;
}
break;
case CREATE: { // rule 2
switch(User.userRole) { if(User.userRole==SecurityObjects::ROOT)
case SecurityObjects::ROOT: return true;
return true;
case SecurityObjects::ADMIN:
return Target.userRole!=SecurityObjects::ROOT &&
Target.userRole!=SecurityObjects::PARTNER;
case SecurityObjects::SUBSCRIBER:
return false;
case SecurityObjects::CSR:
return Target.userRole==SecurityObjects::CSR;
case SecurityObjects::SYSTEM:
return Target.userRole!=SecurityObjects::ROOT && Target.userRole!=SecurityObjects::PARTNER;
case SecurityObjects::INSTALLER:
return Target.userRole==SecurityObjects::INSTALLER;
case SecurityObjects::NOC:
return Target.userRole==SecurityObjects::NOC;
case SecurityObjects::ACCOUNTING:
return Target.userRole==SecurityObjects::ACCOUNTING;
case SecurityObjects::PARTNER:
return Target.userRole!=SecurityObjects::ROOT;
default:
return false;
}
}
break;
case MODIFY: { // rule 3
switch(User.userRole) { if(User.id == Target.id)
case SecurityObjects::ROOT: return true;
return true;
case SecurityObjects::ADMIN: // rule 4
return Target.userRole!=SecurityObjects::ROOT && if(Target.userRole==SecurityObjects::ROOT && Op!=READ)
Target.userRole!=SecurityObjects::PARTNER; return false;
case SecurityObjects::SUBSCRIBER:
return User.id==Target.id; if(Op==CREATE) {
case SecurityObjects::CSR: if(User.userRole==SecurityObjects::ROOT)
return Target.userRole==SecurityObjects::CSR; return true;
case SecurityObjects::SYSTEM: if(User.userRole==SecurityObjects::PARTNER && (Target.userRole==SecurityObjects::ADMIN ||
return Target.userRole!=SecurityObjects::ROOT && Target.userRole==SecurityObjects::SUBSCRIBER ||
Target.userRole!=SecurityObjects::PARTNER; Target.userRole==SecurityObjects::CSR ||
case SecurityObjects::INSTALLER: Target.userRole==SecurityObjects::INSTALLER ||
return Target.userRole==SecurityObjects::INSTALLER; Target.userRole==SecurityObjects::NOC ||
case SecurityObjects::NOC: Target.userRole==SecurityObjects::ACCOUNTING))
return Target.userRole==SecurityObjects::NOC; return true;
case SecurityObjects::ACCOUNTING: if(User.userRole==SecurityObjects::ADMIN &&
return Target.userRole==SecurityObjects::ACCOUNTING; (Target.userRole==SecurityObjects::ADMIN ||
case SecurityObjects::PARTNER: Target.userRole==SecurityObjects::SUBSCRIBER ||
return Target.userRole!=SecurityObjects::ROOT; Target.userRole==SecurityObjects::CSR ||
default: Target.userRole==SecurityObjects::INSTALLER ||
return false; Target.userRole==SecurityObjects::NOC ||
} Target.userRole==SecurityObjects::ACCOUNTING))
} return true;
break; if(User.userRole==SecurityObjects::ACCOUNTING &&
default: (Target.userRole==SecurityObjects::SUBSCRIBER ||
return false; Target.userRole==SecurityObjects::INSTALLER ||
Target.userRole==SecurityObjects::CSR))
return true;
return false;
} }
return true;
} }
private: private:

41
src/ActionLinkManager.cpp
View File

@@ -5,27 +5,21 @@
#include "ActionLinkManager.h" #include "ActionLinkManager.h"
#include "StorageService.h" #include "StorageService.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include "RESTObjects/RESTAPI_SecurityObjects.h"
#include "MessagingTemplates.h"
#include "framework/utils.h"
#include "fmt/format.h"
namespace OpenWifi { namespace OpenWifi {
int ActionLinkManager::Start() { int ActionLinkManager::Start() {
poco_information(Logger(),"Starting...");
if(!Running_) if(!Running_)
Thr_.start(*this); Thr_.start(*this);
return 0; return 0;
} }
void ActionLinkManager::Stop() { void ActionLinkManager::Stop() {
poco_information(Logger(),"Stopping...");
if(Running_) { if(Running_) {
Running_ = false; Running_ = false;
Thr_.wakeUp(); Thr_.wakeUp();
Thr_.join(); Thr_.join();
} }
poco_information(Logger(),"Stopped...");
} }
void ActionLinkManager::run() { void ActionLinkManager::run() {
@@ -59,59 +53,44 @@ namespace OpenWifi {
i.action==OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP ) && !StorageService()->SubDB().GetUserById(i.userId,UInfo)) { i.action==OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP ) && !StorageService()->SubDB().GetUserById(i.userId,UInfo)) {
StorageService()->ActionLinksDB().CancelAction(i.id); StorageService()->ActionLinksDB().CancelAction(i.id);
continue; continue;
} else if((i.action==OpenWifi::SecurityObjects::LinkActions::EMAIL_INVITATION) &&
(OpenWifi::Now()-i.created)>(24*60*60)) {
StorageService()->ActionLinksDB().CancelAction(i.id);
continue;
} }
switch(i.action) { switch(i.action) {
case OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD: { case OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD: {
if(AuthService::SendEmailToUser(i.id, UInfo.email, MessagingTemplates::FORGOT_PASSWORD)) { if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::FORGOT_PASSWORD)) {
poco_information(Logger(),fmt::format("Send password reset link to {}",UInfo.email)); Logger().information(fmt::format("Send password reset link to {}",UInfo.email));
} }
StorageService()->ActionLinksDB().SentAction(i.id); StorageService()->ActionLinksDB().SentAction(i.id);
} }
break; break;
case OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL: { case OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL: {
if(AuthService::SendEmailToUser(i.id, UInfo.email, MessagingTemplates::EMAIL_VERIFICATION)) { if(AuthService::SendEmailToUser(i.id, UInfo.email, AuthService::EMAIL_VERIFICATION)) {
poco_information(Logger(),fmt::format("Send email verification link to {}",UInfo.email)); Logger().information(fmt::format("Send email verification link to {}",UInfo.email));
}
StorageService()->ActionLinksDB().SentAction(i.id);
}
break;
case OpenWifi::SecurityObjects::LinkActions::EMAIL_INVITATION: {
if(AuthService::SendEmailToUser(i.id, UInfo.email, MessagingTemplates::EMAIL_INVITATION)) {
poco_information(Logger(),fmt::format("Send new subscriber email invitation link to {}",UInfo.email));
} }
StorageService()->ActionLinksDB().SentAction(i.id); StorageService()->ActionLinksDB().SentAction(i.id);
} }
break; break;
case OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD: { case OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD: {
auto Signup = Poco::StringTokenizer(UInfo.signingUp,":"); if(AuthService::SendEmailToSubUser(i.id, UInfo.email, AuthService::FORGOT_PASSWORD)) {
if(AuthService::SendEmailToSubUser(i.id, UInfo.email,MessagingTemplates::SUB_FORGOT_PASSWORD, Signup.count()==1 ? "" : Signup[0])) { Logger().information(fmt::format("Send subscriber password reset link to {}",UInfo.email));
poco_information(Logger(),fmt::format("Send subscriber password reset link to {}",UInfo.email));
} }
StorageService()->ActionLinksDB().SentAction(i.id); StorageService()->ActionLinksDB().SentAction(i.id);
} }
break; break;
case OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL: { case OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL: {
auto Signup = Poco::StringTokenizer(UInfo.signingUp,":"); if(AuthService::SendEmailToSubUser(i.id, UInfo.email, AuthService::EMAIL_VERIFICATION)) {
if(AuthService::SendEmailToSubUser(i.id, UInfo.email, MessagingTemplates::SUB_EMAIL_VERIFICATION, Signup.count()==1 ? "" : Signup[0])) { Logger().information(fmt::format("Send subscriber email verification link to {}",UInfo.email));
poco_information(Logger(),fmt::format("Send subscriber email verification link to {}",UInfo.email));
} }
StorageService()->ActionLinksDB().SentAction(i.id); StorageService()->ActionLinksDB().SentAction(i.id);
} }
break; break;
case OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP: { case OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP: {
auto Signup = Poco::StringTokenizer(UInfo.signingUp,":"); if(AuthService::SendEmailToSubUser(i.id, UInfo.email, AuthService::SIGNUP_VERIFICATION)) {
if(AuthService::SendEmailToSubUser(i.id, UInfo.email, MessagingTemplates::SUB_SIGNUP_VERIFICATION, Signup.count()==1 ? "" : Signup[0])) { Logger().information(fmt::format("Send new subscriber email verification link to {}",UInfo.email));
poco_information(Logger(),fmt::format("Send new subscriber email verification link to {}",UInfo.email));
} }
StorageService()->ActionLinksDB().SentAction(i.id); StorageService()->ActionLinksDB().SentAction(i.id);
} }

14
src/ActionLinkManager.h
View File

@@ -2,15 +2,24 @@
// Created by stephane bourque on 2021-11-08. // Created by stephane bourque on 2021-11-08.
// //
#pragma once #ifndef OWSEC_ACTIONLINKMANAGER_H
#define OWSEC_ACTIONLINKMANAGER_H
#include "framework/SubSystemServer.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class ActionLinkManager : public SubSystemServer, Poco::Runnable { class ActionLinkManager : public SubSystemServer, Poco::Runnable {
public: public:
/* enum Actions {
FORGOT_PASSWORD,
VERIFY_EMAIL,
SUB_FORGOT_PASSWORD,
SUB_VERIFY_EMAIL,
SUB_SIGNUP
};
*/
static ActionLinkManager * instance() { static ActionLinkManager * instance() {
static auto instance_ = new ActionLinkManager; static auto instance_ = new ActionLinkManager;
return instance_; return instance_;
@@ -32,3 +41,4 @@ namespace OpenWifi {
inline ActionLinkManager * ActionLinkManager() { return ActionLinkManager::instance(); } inline ActionLinkManager * ActionLinkManager() { return ActionLinkManager::instance(); }
} }
#endif //OWSEC_ACTIONLINKMANAGER_H

255
src/AuthService.cpp
View File

@@ -8,21 +8,18 @@
#include <ctime> #include <ctime>
#include "framework/KafkaManager.h"
#include "framework/KafkaTopics.h"
#include "Poco/Net/OAuth20Credentials.h" #include "Poco/Net/OAuth20Credentials.h"
#include "Poco/JWT/Token.h" #include "Poco/JWT/Token.h"
#include "Poco/JWT/Signer.h" #include "Poco/JWT/Signer.h"
#include "Poco/StringTokenizer.h" #include "Poco/StringTokenizer.h"
#include "framework/MicroService.h"
#include "StorageService.h" #include "StorageService.h"
#include "AuthService.h" #include "AuthService.h"
#include "framework/MicroServiceFuncs.h" #include "framework/KafkaTopics.h"
#include "SMTPMailerService.h" #include "SMTPMailerService.h"
#include "MFAServer.h" #include "MFAServer.h"
#include "MessagingTemplates.h"
namespace OpenWifi { namespace OpenWifi {
@@ -36,6 +33,7 @@ namespace OpenWifi {
} }
} }
int AuthService::AccessTypeToInt(ACCESS_TYPE T) { int AuthService::AccessTypeToInt(ACCESS_TYPE T) {
switch (T) { switch (T) {
case USERNAME: return 1; case USERNAME: return 1;
@@ -45,32 +43,27 @@ namespace OpenWifi {
return 1; // some compilers complain... return 1; // some compilers complain...
} }
#if defined(TIP_CERT_SERVICE) static const std::string DefaultPassword_8_u_l_n_1{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{8,}$"};
static const std::string DefaultPasswordRule{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{12,}$"};
#else
static const std::string DefaultPasswordRule{"^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[\\{\\}\\(\\)~_\\+\\|\\\\\\[\\]\\;\\:\\<\\>\\.\\,\\/\\?\\\"\\'\\`\\=#?!@$%^&*-]).{8,}$"};
#endif
int AuthService::Start() { int AuthService::Start() {
poco_information(Logger(),"Starting..."); Logger().notice("Starting...");
TokenAging_ = (uint64_t) MicroServiceConfigGetInt("authentication.token.ageing", 30 * 24 * 60 * 60); TokenAging_ = (uint64_t) MicroService::instance().ConfigGetInt("authentication.token.ageing", 30 * 24 * 60 * 60);
RefreshTokenLifeSpan_ = (uint64_t) MicroServiceConfigGetInt("authentication.refresh_token.lifespan", 90 * 24 * 60 * 600); RefreshTokenLifeSpan_ = (uint64_t) MicroService::instance().ConfigGetInt("authentication.refresh_token.lifespan", 90 * 24 * 60 * 600);
HowManyOldPassword_ = MicroServiceConfigGetInt("authentication.oldpasswords", 5); HowManyOldPassword_ = MicroService::instance().ConfigGetInt("authentication.oldpasswords", 5);
AccessPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.access", "/wwwassets/access_policy.html"); AccessPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.access", "/wwwassets/access_policy.html");
PasswordPolicy_ = MicroServiceConfigGetString("openwifi.document.policy.password", "/wwwassets/password_policy.html"); PasswordPolicy_ = MicroService::instance().ConfigPath("openwifi.document.policy.password", "/wwwassets/password_policy.html");
PasswordValidation_ = PasswordValidationStr_ = MicroServiceConfigGetString("authentication.validation.expression",DefaultPasswordRule); PasswordValidation_ = PasswordValidationStr_ = MicroService::instance().ConfigGetString("authentication.validation.expression",DefaultPassword_8_u_l_n_1);
SubPasswordValidation_ = SubPasswordValidationStr_ = MicroServiceConfigGetString("subscriber.validation.expression",DefaultPasswordRule); SubPasswordValidation_ = SubPasswordValidationStr_ = MicroService::instance().ConfigGetString("subscriber.validation.expression",DefaultPassword_8_u_l_n_1);
SubAccessPolicy_ = MicroServiceConfigGetString("subscriber.policy.access", "/wwwassets/access_policy.html"); SubAccessPolicy_ = MicroService::instance().ConfigPath("subscriber.policy.access", "/wwwassets/access_policy.html");
SubPasswordPolicy_ = MicroServiceConfigGetString("subscriber.policy.password", "/wwwassets/password_policy.html"); SubPasswordPolicy_ = MicroService::instance().ConfigPath("subscriber.policy.password", "/wwwassets/password_policy.html");
return 0; return 0;
} }
void AuthService::Stop() { void AuthService::Stop() {
poco_information(Logger(),"Stopping..."); Logger().notice("Stopping...");
poco_information(Logger(),"Stopped...");
} }
bool AuthService::RefreshUserToken(Poco::Net::HTTPServerRequest & Request, const std::string & RefreshToken, SecurityObjects::UserInfoAndPolicy & UI) { bool AuthService::RefreshUserToken(Poco::Net::HTTPServerRequest & Request, const std::string & RefreshToken, SecurityObjects::UserInfoAndPolicy & UI) {
@@ -88,7 +81,7 @@ namespace OpenWifi {
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
std::string UserId; std::string UserId;
if(StorageService()->UserTokenDB().GetToken(CallToken, UI.webtoken, UserId, RevocationDate) && UI.webtoken.refresh_token_==RefreshToken) { if(StorageService()->UserTokenDB().GetToken(CallToken, UI.webtoken, UserId, RevocationDate) && UI.webtoken.refresh_token_==RefreshToken) {
auto now = Utils::Now(); auto now = OpenWifi::Now();
// Create a new token // Create a new token
auto NewToken = GenerateTokenHMAC( UI.webtoken.access_token_, CUSTOM); auto NewToken = GenerateTokenHMAC( UI.webtoken.access_token_, CUSTOM);
@@ -126,7 +119,7 @@ namespace OpenWifi {
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
std::string UserId; std::string UserId;
if(StorageService()->SubTokenDB().GetToken(CallToken, UI.webtoken, UserId, RevocationDate) && UI.webtoken.refresh_token_==RefreshToken) { if(StorageService()->SubTokenDB().GetToken(CallToken, UI.webtoken, UserId, RevocationDate) && UI.webtoken.refresh_token_==RefreshToken) {
auto now = Utils::Now(); auto now = OpenWifi::Now();
// Create a new token // Create a new token
auto NewToken = GenerateTokenHMAC( UI.webtoken.access_token_, CUSTOM); auto NewToken = GenerateTokenHMAC( UI.webtoken.access_token_, CUSTOM);
@@ -149,73 +142,54 @@ namespace OpenWifi {
return false; return false;
} }
[[nodiscard]] bool AuthService::IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired) { bool AuthService::IsAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired )
// std::lock_guard Guard(Mutex_); {
std::string CallToken{SessionToken}; std::lock_guard Guard(Mutex_);
Expired = false; Expired = false;
try { try {
std::string CallToken;
Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") {
CallToken = Auth.getBearerToken();
}
if(CallToken.empty()) {
return false;
}
SecurityObjects::WebToken WT; SecurityObjects::WebToken WT;
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
std::string UserId; std::string UserId;
if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) { if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) { if(RevocationDate!=0)
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} auto now=OpenWifi::Now();
auto now=Utils::Now();
Expired = (WT.created_ + WT.expires_in_) < now; Expired = (WT.created_ + WT.expires_in_) < now;
if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) { if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT; UInfo.webtoken = WT;
poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, Utils::SanitizeToken(CallToken))); SessionToken = CallToken;
return true; return true;
} }
} }
} catch(const Poco::Exception &E) { return false;
Logger().log(E); } catch(const Poco::Exception &E) {
} Logger().log(E);
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken))); }
return false; return false;
} }
bool AuthService::IsAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired ) bool AuthService::IsSubAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired )
{ {
// std::lock_guard Guard(Mutex_); std::lock_guard Guard(Mutex_);
std::string CallToken;
Expired = false;
try {
Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") {
CallToken = Auth.getBearerToken();
}
if (CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false;
}
SessionToken = CallToken;
return IsAuthorized(SessionToken, UInfo, TID, Expired);
} catch(const Poco::Exception &E) {
Logger().log(E);
}
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false;
}
bool AuthService::IsSubAuthorized(Poco::Net::HTTPServerRequest & Request, std::string & SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired )
{
// std::lock_guard Guard(Mutex_);
std::string CallToken;
Expired = false; Expired = false;
try { try {
std::string CallToken;
Poco::Net::OAuth20Credentials Auth(Request); Poco::Net::OAuth20Credentials Auth(Request);
if (Auth.getScheme() == "Bearer") { if (Auth.getScheme() == "Bearer") {
CallToken = Auth.getBearerToken(); CallToken = Auth.getBearerToken();
} }
if(CallToken.empty()) { if(CallToken.empty()) {
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
@@ -223,23 +197,20 @@ namespace OpenWifi {
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
std::string UserId; std::string UserId;
if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) { if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) { if(RevocationDate!=0)
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} auto now=OpenWifi::Now();
auto now=Utils::Now();
Expired = (WT.created_ + WT.expires_in_) < now; Expired = (WT.created_ + WT.expires_in_) < now;
if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) { if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT; UInfo.webtoken = WT;
SessionToken = CallToken; SessionToken = CallToken;
poco_debug(Logger(), fmt::format("TokenValidation success for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return true; return true;
} }
} }
return false;
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
poco_debug(Logger(), fmt::format("TokenValidation failed for TID={} Token={}", TID, Utils::SanitizeToken(CallToken)));
return false; return false;
} }
@@ -276,11 +247,11 @@ namespace OpenWifi {
if(KafkaManager()->Enabled()) { if(KafkaManager()->Enabled()) {
Poco::JSON::Object Obj; Poco::JSON::Object Obj;
Obj.set("event", "remove-token"); Obj.set("event", "remove-token");
Obj.set("id", MicroServiceID()); Obj.set("id", MicroService::instance().ID());
Obj.set("token", token); Obj.set("token", token);
std::stringstream ResultText; std::stringstream ResultText;
Poco::JSON::Stringifier::stringify(Obj, ResultText); Poco::JSON::Stringifier::stringify(Obj, ResultText);
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(), KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroService::instance().PrivateEndPoint(),
ResultText.str(), ResultText.str(),
false); false);
} }
@@ -314,7 +285,7 @@ namespace OpenWifi {
} }
[[nodiscard]] std::string AuthService::GenerateTokenHMAC(const std::string & UserName, [[maybe_unused]] ACCESS_TYPE Type) { [[nodiscard]] std::string AuthService::GenerateTokenHMAC(const std::string & UserName, [[maybe_unused]] ACCESS_TYPE Type) {
std::string Identity(UserName + ":" + fmt::format("{}",Utils::Now()) + ":" + std::to_string(rand())); std::string Identity(UserName + ":" + fmt::format("{}",OpenWifi::Now()) + ":" + std::to_string(rand()));
HMAC_.update(Identity); HMAC_.update(Identity);
return Poco::DigestEngine::digestToHex(HMAC_.digest()); return Poco::DigestEngine::digestToHex(HMAC_.digest());
} }
@@ -334,7 +305,7 @@ namespace OpenWifi {
T.payload().set("identity", Identity); T.payload().set("identity", Identity);
T.setIssuedAt(Poco::Timestamp()); T.setIssuedAt(Poco::Timestamp());
T.setExpiration(Poco::Timestamp() + (long long)TokenAging_); T.setExpiration(Poco::Timestamp() + (long long)TokenAging_);
std::string JWT = MicroServiceSign(T,Poco::JWT::Signer::ALGO_RS256); std::string JWT = MicroService::instance().Sign(T,Poco::JWT::Signer::ALGO_RS256);
return JWT; return JWT;
} }
@@ -530,19 +501,20 @@ namespace OpenWifi {
UInfo.webtoken.errorCode = 1; UInfo.webtoken.errorCode = 1;
return PASSWORD_ALREADY_USED; return PASSWORD_ALREADY_USED;
} }
UInfo.userinfo.lastPasswordChange = Utils::Now(); UInfo.userinfo.lastPasswordChange = OpenWifi::Now();
UInfo.userinfo.changePassword = false; UInfo.userinfo.changePassword = false;
UInfo.userinfo.modified = Utils::Now(); UInfo.userinfo.modified = OpenWifi::Now();
StorageService()->UserDB().UpdateUserInfo(AUTHENTICATION_SYSTEM, UInfo.userinfo.id,UInfo.userinfo); StorageService()->UserDB().UpdateUserInfo(AUTHENTICATION_SYSTEM, UInfo.userinfo.id,UInfo.userinfo);
} }
// so we have a good password, password up date has taken place if need be, now generate the token. // so we have a good password, password up date has taken place if need be, now generate the token.
UInfo.userinfo.lastLogin=Utils::Now(); UInfo.userinfo.lastLogin=OpenWifi::Now();
StorageService()->UserDB().SetLastLogin(UInfo.userinfo.id); StorageService()->UserDB().SetLastLogin(UInfo.userinfo.id);
CreateToken(UserName, UInfo ); CreateToken(UserName, UInfo );
return SUCCESS; return SUCCESS;
} }
return INVALID_CREDENTIALS; return INVALID_CREDENTIALS;
} }
@@ -575,14 +547,14 @@ namespace OpenWifi {
UInfo.webtoken.errorCode = 1; UInfo.webtoken.errorCode = 1;
return PASSWORD_ALREADY_USED; return PASSWORD_ALREADY_USED;
} }
UInfo.userinfo.lastPasswordChange = Utils::Now(); UInfo.userinfo.lastPasswordChange = OpenWifi::Now();
UInfo.userinfo.changePassword = false; UInfo.userinfo.changePassword = false;
UInfo.userinfo.modified = Utils::Now(); UInfo.userinfo.modified = OpenWifi::Now();
StorageService()->SubDB().UpdateUserInfo(AUTHENTICATION_SYSTEM, UInfo.userinfo.id,UInfo.userinfo); StorageService()->SubDB().UpdateUserInfo(AUTHENTICATION_SYSTEM, UInfo.userinfo.id,UInfo.userinfo);
} }
// so we have a good password, password update has taken place if need be, now generate the token. // so we have a good password, password update has taken place if need be, now generate the token.
UInfo.userinfo.lastLogin=Utils::Now(); UInfo.userinfo.lastLogin=OpenWifi::Now();
StorageService()->SubDB().SetLastLogin(UInfo.userinfo.id); StorageService()->SubDB().SetLastLogin(UInfo.userinfo.id);
CreateSubToken(UserName, UInfo ); CreateSubToken(UserName, UInfo );
@@ -592,66 +564,33 @@ namespace OpenWifi {
return INVALID_CREDENTIALS; return INVALID_CREDENTIALS;
} }
bool AuthService::SendEmailChallengeCode(const SecurityObjects::UserInfoAndPolicy &UInfo, const std::string &Challenge) { bool AuthService::SendEmailToUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason) {
auto OperatorParts = Poco::StringTokenizer(UInfo.userinfo.signingUp,":");
if(UInfo.userinfo.signingUp.empty() || OperatorParts.count()!=2) {
MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.userinfo.email;
Attrs[LOGO] = AuthService::GetLogoAssetURI();
Attrs[SUBJECT] = "Login validation code";
Attrs[CHALLENGE_CODE] = Challenge;
return SMTPMailerService()->SendMessage(UInfo.userinfo.email, MessagingTemplates::TemplateName(MessagingTemplates::VERIFICATION_CODE), Attrs, false);
} else {
MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.userinfo.email;
Attrs[LOGO] = AuthService::GetSubLogoAssetURI();
Attrs[SUBJECT] = "Login validation code";
Attrs[CHALLENGE_CODE] = Challenge;
return SMTPMailerService()->SendMessage(UInfo.userinfo.email, MessagingTemplates::TemplateName(MessagingTemplates::SUB_VERIFICATION_CODE,OperatorParts[0]), Attrs, true );
}
}
bool AuthService::SendEmailToUser(const std::string &LinkId, std::string &Email, MessagingTemplates::EMAIL_REASON Reason) {
SecurityObjects::UserInfo UInfo; SecurityObjects::UserInfo UInfo;
if(StorageService()->UserDB().GetUserByEmail(Email,UInfo)) { if(StorageService()->UserDB().GetUserByEmail(Email,UInfo)) {
switch (Reason) { switch (Reason) {
case MessagingTemplates::FORGOT_PASSWORD: { case FORGOT_PASSWORD: {
MessageAttributes Attrs; MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email; Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetLogoAssetURI(); Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "Password reset link"; Attrs[SUBJECT] = "Password reset link";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=password_reset&id=" + LinkId ; Attrs[ACTION_LINK] = MicroService::instance().GetPublicAPIEndPoint() + "/actionLink?action=password_reset&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=password_reset&id=" + LinkId ; SMTPMailerService()->SendMessage(UInfo.email, "password_reset.txt", Attrs);
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::FORGOT_PASSWORD), Attrs, false);
} }
break; break;
case MessagingTemplates::EMAIL_VERIFICATION: { case EMAIL_VERIFICATION: {
MessageAttributes Attrs; MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email; Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetLogoAssetURI(); Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "e-mail Address Verification"; Attrs[SUBJECT] = "e-mail Address Verification";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=email_verification&id=" + LinkId ; Attrs[ACTION_LINK] = MicroService::instance().GetPublicAPIEndPoint() + "/actionLink?action=email_verification&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=email_verification&id=" + LinkId ; SMTPMailerService()->SendMessage(UInfo.email, "email_verification.txt", Attrs);
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::EMAIL_VERIFICATION), Attrs, false);
UInfo.waitingForEmailCheck = true; UInfo.waitingForEmailCheck = true;
} }
break; break;
case MessagingTemplates::EMAIL_INVITATION: {
MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "e-mail Invitation";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=email_invitation&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=email_invitation&id=" + LinkId ;
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::EMAIL_INVITATION), Attrs, false);
UInfo.waitingForEmailCheck = true;
}
break;
default: default:
break; break;
} }
@@ -660,43 +599,40 @@ namespace OpenWifi {
return false; return false;
} }
bool AuthService::SendEmailToSubUser(const std::string &LinkId, std::string &Email, MessagingTemplates::EMAIL_REASON Reason, const std::string &OperatorName ) { bool AuthService::SendEmailToSubUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason) {
SecurityObjects::UserInfo UInfo; SecurityObjects::UserInfo UInfo;
if(StorageService()->SubDB().GetUserByEmail(Email,UInfo)) { if(StorageService()->SubDB().GetUserByEmail(Email,UInfo)) {
switch (Reason) { switch (Reason) {
case MessagingTemplates::SUB_FORGOT_PASSWORD: { case FORGOT_PASSWORD: {
MessageAttributes Attrs; MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email; Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetSubLogoAssetURI(); Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "Password reset link"; Attrs[SUBJECT] = "Password reset link";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=sub_password_reset&id=" + LinkId ; Attrs[ACTION_LINK] = MicroService::instance().GetPublicAPIEndPoint() + "/actionLink?action=password_reset&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=sub_password_reset&id=" + LinkId ; SMTPMailerService()->SendMessage(UInfo.email, "password_reset.txt", Attrs);
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::SUB_FORGOT_PASSWORD, OperatorName), Attrs, true);
} }
break; break;
case MessagingTemplates::SUB_EMAIL_VERIFICATION: { case EMAIL_VERIFICATION: {
MessageAttributes Attrs; MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email; Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetSubLogoAssetURI(); Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "e-mail Address Verification"; Attrs[SUBJECT] = "e-mail Address Verification";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=sub_email_verification&id=" + LinkId ; Attrs[ACTION_LINK] = MicroService::instance().GetPublicAPIEndPoint() + "/actionLink?action=email_verification&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=sub_email_verification&id=" + LinkId ; SMTPMailerService()->SendMessage(UInfo.email, "email_verification.txt", Attrs);
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::SUB_EMAIL_VERIFICATION, OperatorName), Attrs, true);
UInfo.waitingForEmailCheck = true; UInfo.waitingForEmailCheck = true;
} }
break; break;
case MessagingTemplates::SUB_SIGNUP_VERIFICATION: { case SIGNUP_VERIFICATION: {
MessageAttributes Attrs; MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.email; Attrs[RECIPIENT_EMAIL] = UInfo.email;
Attrs[LOGO] = GetSubLogoAssetURI(); Attrs[LOGO] = GetLogoAssetURI();
Attrs[SUBJECT] = "Signup e-mail Address Verification"; Attrs[SUBJECT] = "Signup e-mail Address Verification";
Attrs[ACTION_LINK] = MicroServiceGetPublicAPIEndPoint() + "/actionLink?action=signup_verification&id=" + LinkId ; Attrs[ACTION_LINK] = MicroService::instance().GetPublicAPIEndPoint() + "/actionLink?action=signup_verification&id=" + LinkId ;
Attrs[ACTION_LINK_HTML] = "/api/v1/actionLink?action=signup_verification&id=" + LinkId ; SMTPMailerService()->SendMessage(UInfo.email, "signup_verification.txt", Attrs);
SMTPMailerService()->SendMessage(UInfo.email, MessagingTemplates::TemplateName(MessagingTemplates::SUB_SIGNUP_VERIFICATION, OperatorName), Attrs, true);
UInfo.waitingForEmailCheck = true; UInfo.waitingForEmailCheck = true;
} }
break; break;
@@ -714,8 +650,8 @@ namespace OpenWifi {
A.action = OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL; A.action = OpenWifi::SecurityObjects::LinkActions::VERIFY_EMAIL;
A.userId = UInfo.id; A.userId = UInfo.id;
A.id = MicroServiceCreateUUID(); A.id = MicroService::CreateUUID();
A.created = Utils::Now(); A.created = OpenWifi::Now();
A.expires = A.created + 24*60*60; A.expires = A.created + 24*60*60;
A.userAction = true; A.userAction = true;
StorageService()->ActionLinksDB().CreateAction(A); StorageService()->ActionLinksDB().CreateAction(A);
@@ -729,8 +665,8 @@ namespace OpenWifi {
A.action = OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL; A.action = OpenWifi::SecurityObjects::LinkActions::SUB_VERIFY_EMAIL;
A.userId = UInfo.id; A.userId = UInfo.id;
A.id = MicroServiceCreateUUID(); A.id = MicroService::CreateUUID();
A.created = Utils::Now(); A.created = OpenWifi::Now();
A.expires = A.created + 24*60*60; A.expires = A.created + 24*60*60;
A.userAction = false; A.userAction = false;
StorageService()->ActionLinksDB().CreateAction(A); StorageService()->ActionLinksDB().CreateAction(A);
@@ -750,13 +686,14 @@ namespace OpenWifi {
if(StorageService()->UserTokenDB().GetToken(TToken, WT, UserId, RevocationDate)) { if(StorageService()->UserTokenDB().GetToken(TToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) if(RevocationDate!=0)
return false; return false;
Expired = (WT.created_ + WT.expires_in_) < Utils::Now(); Expired = (WT.created_ + WT.expires_in_) < OpenWifi::Now();
if(StorageService()->UserDB().GetUserById(UserId,UserInfo)) { if(StorageService()->UserDB().GetUserById(UserId,UserInfo)) {
WebToken = WT; WebToken = WT;
return true; return true;
} }
return false;
} }
return false; return IsValidSubToken(Token, WebToken, UserInfo, Expired);
} }
bool AuthService::IsValidSubToken(const std::string &Token, SecurityObjects::WebToken &WebToken, SecurityObjects::UserInfo &UserInfo, bool & Expired) { bool AuthService::IsValidSubToken(const std::string &Token, SecurityObjects::WebToken &WebToken, SecurityObjects::UserInfo &UserInfo, bool & Expired) {
@@ -769,34 +706,12 @@ namespace OpenWifi {
if(StorageService()->SubTokenDB().GetToken(TToken, WT, UserId, RevocationDate)) { if(StorageService()->SubTokenDB().GetToken(TToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0) if(RevocationDate!=0)
return false; return false;
Expired = (WT.created_ + WT.expires_in_) < Utils::Now(); Expired = (WT.created_ + WT.expires_in_) < OpenWifi::Now();
if(StorageService()->SubDB().GetUserById(UserId,UserInfo)) { if(StorageService()->SubDB().GetUserById(UserId,UserInfo)) {
WebToken = WT; WebToken = WT;
return true; return true;
} }
} return false;
return false;
}
bool AuthService::IsValidApiKey(const std::string &ApiKey, SecurityObjects::WebToken &WebToken,
SecurityObjects::UserInfo &UserInfo, bool &Expired, std::uint64_t &expiresOn) {
std::lock_guard G(Mutex_);
std::string UserId;
SecurityObjects::WebToken WT;
SecurityObjects::ApiKeyEntry ApiKeyEntry;
if(StorageService()->ApiKeyDB().GetRecord("apiKey", ApiKey, ApiKeyEntry)) {
expiresOn = ApiKeyEntry.expiresOn;
Expired = ApiKeyEntry.expiresOn < Utils::Now();
if(Expired)
return false;
if(StorageService()->UserDB().GetUserById(ApiKeyEntry.userUuid,UserInfo)) {
WebToken = WT;
ApiKeyEntry.lastUse = Utils::Now();
StorageService()->ApiKeyDB().UpdateRecord("id", ApiKeyEntry.id, ApiKeyEntry);
return true;
}
} }
return false; return false;
} }

48
src/AuthService.h
View File

@@ -6,11 +6,11 @@
// Arilia Wireless Inc. // Arilia Wireless Inc.
// //
#pragma once #ifndef UCENTRAL_UAUTHSERVICE_H
#define UCENTRAL_UAUTHSERVICE_H
#include <regex> #include <regex>
#include "framework/SubSystemServer.h"
#include "Poco/JSON/Object.h" #include "Poco/JSON/Object.h"
#include "Poco/Net/HTTPServerRequest.h" #include "Poco/Net/HTTPServerRequest.h"
#include "Poco/Net/HTTPServerResponse.h" #include "Poco/Net/HTTPServerResponse.h"
@@ -20,11 +20,8 @@
#include "Poco/HMACEngine.h" #include "Poco/HMACEngine.h"
#include "Poco/ExpireLRUCache.h" #include "Poco/ExpireLRUCache.h"
#include "framework/MicroServiceFuncs.h" #include "framework/MicroService.h"
#include "framework/ow_constants.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include "RESTObjects/RESTAPI_SecurityObjects.h"
#include "MessagingTemplates.h"
namespace OpenWifi{ namespace OpenWifi{
@@ -39,6 +36,12 @@ namespace OpenWifi{
CUSTOM CUSTOM
}; };
enum EMAIL_REASON {
FORGOT_PASSWORD,
EMAIL_VERIFICATION,
SIGNUP_VERIFICATION
};
static ACCESS_TYPE IntToAccessType(int C); static ACCESS_TYPE IntToAccessType(int C);
static int AccessTypeToInt(ACCESS_TYPE T); static int AccessTypeToInt(ACCESS_TYPE T);
@@ -50,18 +53,15 @@ namespace OpenWifi{
int Start() override; int Start() override;
void Stop() override; void Stop() override;
[[nodiscard]] bool IsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired); [[nodiscard]] bool IsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired);
[[nodiscard]] bool IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired);
[[nodiscard]] UNAUTHORIZED_REASON Authorize( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired ); [[nodiscard]] UNAUTHORIZED_REASON Authorize( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired );
void CreateToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo); void CreateToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo);
[[nodiscard]] bool SetPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo); [[nodiscard]] bool SetPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo);
[[nodiscard]] const std:: string & PasswordValidationExpression() const { return PasswordValidationStr_;}; [[nodiscard]] const std:: string & PasswordValidationExpression() const { return PasswordValidationStr_;};
void Logout(const std::string &token, bool EraseFromCache=true); void Logout(const std::string &token, bool EraseFromCache=true);
[[nodiscard]] bool IsSubAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, std::uint64_t TID, bool & Expired); [[nodiscard]] bool IsSubAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired);
[[nodiscard]] UNAUTHORIZED_REASON AuthorizeSub( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired ); [[nodiscard]] UNAUTHORIZED_REASON AuthorizeSub( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired );
void CreateSubToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo); void CreateSubToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo);
[[nodiscard]] bool SetSubPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo); [[nodiscard]] bool SetSubPassword(const std::string &Password, SecurityObjects::UserInfo & UInfo);
[[nodiscard]] const std:: string & SubPasswordValidationExpression() const { return PasswordValidationStr_;}; [[nodiscard]] const std:: string & SubPasswordValidationExpression() const { return PasswordValidationStr_;};
@@ -77,7 +77,6 @@ namespace OpenWifi{
[[nodiscard]] std::string GenerateTokenJWT(const std::string & UserName, ACCESS_TYPE Type); [[nodiscard]] std::string GenerateTokenJWT(const std::string & UserName, ACCESS_TYPE Type);
[[nodiscard]] std::string GenerateTokenHMAC(const std::string & UserName, ACCESS_TYPE Type); [[nodiscard]] std::string GenerateTokenHMAC(const std::string & UserName, ACCESS_TYPE Type);
[[nodiscard]] bool IsValidApiKey(const std::string &ApiKey, SecurityObjects::WebToken &WebToken, SecurityObjects::UserInfo &UserInfo, bool & Expired, std::uint64_t & expiresOn);
[[nodiscard]] std::string ComputeNewPasswordHash(const std::string &UserName, const std::string &Password); [[nodiscard]] std::string ComputeNewPasswordHash(const std::string &UserName, const std::string &Password);
[[nodiscard]] bool ValidatePasswordHash(const std::string & UserName, const std::string & Password, const std::string &StoredPassword); [[nodiscard]] bool ValidatePasswordHash(const std::string & UserName, const std::string & Password, const std::string &StoredPassword);
[[nodiscard]] bool ValidateSubPasswordHash(const std::string & UserName, const std::string & Password, const std::string &StoredPassword); [[nodiscard]] bool ValidateSubPasswordHash(const std::string & UserName, const std::string & Password, const std::string &StoredPassword);
@@ -91,31 +90,21 @@ namespace OpenWifi{
[[nodiscard]] static bool VerifyEmail(SecurityObjects::UserInfo &UInfo); [[nodiscard]] static bool VerifyEmail(SecurityObjects::UserInfo &UInfo);
[[nodiscard]] static bool VerifySubEmail(SecurityObjects::UserInfo &UInfo); [[nodiscard]] static bool VerifySubEmail(SecurityObjects::UserInfo &UInfo);
[[nodiscard]] static bool SendEmailToUser(const std::string &LinkId, std::string &Email, MessagingTemplates::EMAIL_REASON Reason); [[nodiscard]] static bool SendEmailToUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason);
[[nodiscard]] static bool SendEmailToSubUser(const std::string &LinkId, std::string &Email, MessagingTemplates::EMAIL_REASON Reason, const std::string &OperatorName); [[nodiscard]] static bool SendEmailToSubUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason);
[[nodiscard]] bool RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo); [[nodiscard]] bool RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo);
[[nodiscard]] bool SendEmailChallengeCode(const SecurityObjects::UserInfoAndPolicy &UInfo, const std::string &code);
bool DeleteUserFromCache(const std::string &UserName); bool DeleteUserFromCache(const std::string &UserName);
bool DeleteSubUserFromCache(const std::string &UserName); bool DeleteSubUserFromCache(const std::string &UserName);
void RevokeToken(std::string & Token); void RevokeToken(std::string & Token);
void RevokeSubToken(std::string & Token); void RevokeSubToken(std::string & Token);
[[nodiscard]] static inline const std::string GetLogoAssetURI() { [[nodiscard]] static inline const std::string GetLogoAssetURI() {
return MicroServicePublicEndPoint() + "/wwwassets/logo.png"; return MicroService::instance().PublicEndPoint() + "/wwwassets/the_logo.png";
} }
[[nodiscard]] static inline const std::string GetLogoAssetFileName() { [[nodiscard]] static inline const std::string GetLogoAssetFileName() {
return MicroServiceWWWAssetsDir() + "/logo.png"; return MicroService::instance().WWWAssetsDir() + "/the_logo.png";
}
[[nodiscard]] static inline const std::string GetSubLogoAssetURI() {
return MicroServicePublicEndPoint() + "/wwwassets/sub_logo.png";
}
[[nodiscard]] static inline const std::string GetSubLogoAssetFileName() {
return MicroServiceWWWAssetsDir() + "/sub_logo.png";
} }
inline const std::string & GetPasswordPolicy() const { return PasswordPolicy_; } inline const std::string & GetPasswordPolicy() const { return PasswordPolicy_; }
@@ -169,12 +158,13 @@ namespace OpenWifi{
inline auto AuthService() { return AuthService::instance(); } inline auto AuthService() { return AuthService::instance(); }
[[nodiscard]] inline bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo , std::uint64_t TID, bool & Expired, bool Sub ) { [[nodiscard]] inline bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo , bool & Expired, bool Sub ) {
if(Sub) if(Sub)
return AuthService()->IsSubAuthorized(Request, SessionToken, UInfo, TID, Expired ); return AuthService()->IsSubAuthorized(Request, SessionToken, UInfo, Expired );
else else
return AuthService()->IsAuthorized(Request, SessionToken, UInfo, TID, Expired ); return AuthService()->IsAuthorized(Request, SessionToken, UInfo, Expired );
} }
} // end of namespace } // end of namespace
#endif //UCENTRAL_UAUTHSERVICE_H

9
src/Daemon.cpp
View File

@@ -26,8 +26,6 @@
#include "SMSSender.h" #include "SMSSender.h"
#include "ActionLinkManager.h" #include "ActionLinkManager.h"
#include "TotpCache.h" #include "TotpCache.h"
#include "framework/RESTAPI_RateLimiter.h"
#include "framework/UI_WebSocketClientServer.h"
namespace OpenWifi { namespace OpenWifi {
class Daemon *Daemon::instance_ = nullptr; class Daemon *Daemon::instance_ = nullptr;
@@ -46,8 +44,7 @@ namespace OpenWifi {
SMTPMailerService(), SMTPMailerService(),
RESTAPI_RateLimiter(), RESTAPI_RateLimiter(),
TotpCache(), TotpCache(),
AuthService(), AuthService()
UI_WebSocketClientServer()
}); });
} }
return instance_; return instance_;
@@ -56,10 +53,6 @@ namespace OpenWifi {
void Daemon::PostInitialization([[maybe_unused]] Poco::Util::Application &self) { void Daemon::PostInitialization([[maybe_unused]] Poco::Util::Application &self) {
AssetDir_ = MicroService::instance().ConfigPath("openwifi.restapi.wwwassets"); AssetDir_ = MicroService::instance().ConfigPath("openwifi.restapi.wwwassets");
} }
void DaemonPostInitialization(Poco::Util::Application &self) {
Daemon()->PostInitialization(self);
}
} }
int main(int argc, char **argv) { int main(int argc, char **argv) {

12
src/Daemon.h
View File

@@ -2,16 +2,14 @@
// Created by stephane bourque on 2021-06-10. // Created by stephane bourque on 2021-06-10.
// //
#pragma once #ifndef UCENTRALSEC_DAEMON_H
#define UCENTRALSEC_DAEMON_H
#include <iostream> #include <iostream>
#include <cstdlib> #include <cstdlib>
#include <vector> #include <vector>
#include <set> #include <set>
#include "framework/MicroServiceNames.h"
#include "framework/MicroService.h"
#include "Poco/Util/Application.h" #include "Poco/Util/Application.h"
#include "Poco/Util/ServerApplication.h" #include "Poco/Util/ServerApplication.h"
#include "Poco/Util/Option.h" #include "Poco/Util/Option.h"
@@ -22,6 +20,7 @@
#include "Poco/Crypto/CipherFactory.h" #include "Poco/Crypto/CipherFactory.h"
#include "Poco/Crypto/Cipher.h" #include "Poco/Crypto/Cipher.h"
#include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
@@ -50,6 +49,9 @@ namespace OpenWifi {
}; };
inline Daemon * Daemon() { return Daemon::instance(); } inline Daemon * Daemon() { return Daemon::instance(); }
void DaemonPostInitialization(Poco::Util::Application &self); inline void DaemonPostInitialization(Poco::Util::Application &self) {
Daemon()->PostInitialization(self);
}
} }
#endif //UCENTRALSEC_DAEMON_H

17
src/MFAServer.cpp
View File

@@ -5,12 +5,10 @@
#include "MFAServer.h" #include "MFAServer.h"
#include "SMSSender.h" #include "SMSSender.h"
#include "SMTPMailerService.h" #include "SMTPMailerService.h"
#include "framework/MicroService.h"
#include "AuthService.h" #include "AuthService.h"
#include "TotpCache.h" #include "TotpCache.h"
#include "framework/MicroServiceFuncs.h"
#include "framework/utils.h"
namespace OpenWifi { namespace OpenWifi {
int MFAServer::Start() { int MFAServer::Start() {
@@ -29,8 +27,8 @@ namespace OpenWifi {
return false; return false;
std::string Challenge = MakeChallenge(); std::string Challenge = MakeChallenge();
std::string uuid = MicroServiceCreateUUID(); std::string uuid = MicroService::CreateUUID();
uint64_t Created = Utils::Now(); uint64_t Created = OpenWifi::Now();
ChallengeStart.set("uuid",uuid); ChallengeStart.set("uuid",uuid);
ChallengeStart.set("created", Created); ChallengeStart.set("created", Created);
@@ -46,7 +44,12 @@ namespace OpenWifi {
std::string Message = "This is your login code: " + Challenge + " Please enter this in your login screen."; std::string Message = "This is your login code: " + Challenge + " Please enter this in your login screen.";
return SMSSender()->Send(UInfo.userinfo.userTypeProprietaryInfo.mobiles[0].number, Message); return SMSSender()->Send(UInfo.userinfo.userTypeProprietaryInfo.mobiles[0].number, Message);
} else if(Method==MFAMETHODS::EMAIL && SMTPMailerService()->Enabled() && !UInfo.userinfo.email.empty()) { } else if(Method==MFAMETHODS::EMAIL && SMTPMailerService()->Enabled() && !UInfo.userinfo.email.empty()) {
return AuthService()->SendEmailChallengeCode(UInfo,Challenge); MessageAttributes Attrs;
Attrs[RECIPIENT_EMAIL] = UInfo.userinfo.email;
Attrs[LOGO] = AuthService::GetLogoAssetURI();
Attrs[SUBJECT] = "Login validation code";
Attrs[CHALLENGE_CODE] = Challenge;
return SMTPMailerService()->SendMessage(UInfo.userinfo.email, "verification_code.txt", Attrs);
} else if(Method==MFAMETHODS::AUTHENTICATOR && !UInfo.userinfo.userTypeProprietaryInfo.authenticatorSecret.empty()) { } else if(Method==MFAMETHODS::AUTHENTICATOR && !UInfo.userinfo.userTypeProprietaryInfo.authenticatorSecret.empty()) {
return true; return true;
} }
@@ -104,7 +107,7 @@ namespace OpenWifi {
void MFAServer::CleanCache() { void MFAServer::CleanCache() {
// it is assumed that you have locked Cache_ at this point. // it is assumed that you have locked Cache_ at this point.
uint64_t Now = Utils::Now(); uint64_t Now = OpenWifi::Now();
for(auto i=begin(Cache_);i!=end(Cache_);) { for(auto i=begin(Cache_);i!=end(Cache_);) {
if((Now-i->second.Created)>300) { if((Now-i->second.Created)>300) {
i = Cache_.erase(i); i = Cache_.erase(i);

7
src/MFAServer.h
View File

@@ -4,12 +4,9 @@
#pragma once #pragma once
#include "framework/MicroService.h"
#include "Poco/JSON/Object.h" #include "Poco/JSON/Object.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include "RESTObjects/RESTAPI_SecurityObjects.h"
#include "framework/SubSystemServer.h"
#include "framework/MicroServiceFuncs.h"
#include "fmt/format.h"
namespace OpenWifi { namespace OpenWifi {
@@ -49,7 +46,7 @@ namespace OpenWifi {
static bool SendChallenge(const SecurityObjects::UserInfoAndPolicy &UInfo, const std::string &Method, const std::string &Challenge); static bool SendChallenge(const SecurityObjects::UserInfoAndPolicy &UInfo, const std::string &Method, const std::string &Challenge);
static inline std::string MakeChallenge() { static inline std::string MakeChallenge() {
return fmt::format("{0:06}" , MicroServiceRandom(1,999999) ); return fmt::format("{0:06}" , MicroService::instance().Random(1,999999) );
} }
private: private:

8
src/MessagingTemplates.cpp
View File

@@ -1,8 +0,0 @@
//
// Created by stephane bourque on 2022-07-25.
//
#include "MessagingTemplates.h"
namespace OpenWifi {
} // OpenWifi

75
src/MessagingTemplates.h
View File

@@ -1,75 +0,0 @@
//
// Created by stephane bourque on 2022-07-25.
//
#pragma once
#include <string>
#include <vector>
namespace OpenWifi {
class MessagingTemplates {
public:
static MessagingTemplates & instance() {
static auto instance = new MessagingTemplates;
return *instance;
}
enum EMAIL_REASON {
FORGOT_PASSWORD = 0,
EMAIL_VERIFICATION,
SUB_SIGNUP_VERIFICATION,
EMAIL_INVITATION,
VERIFICATION_CODE,
SUB_FORGOT_PASSWORD,
SUB_EMAIL_VERIFICATION,
SUB_VERIFICATION_CODE
};
static std::string AddOperator(const std::string & filename, const std::string &OperatorName) {
if(OperatorName.empty())
return "/" + filename;
return "/" + OperatorName + "/" + filename;
}
static std::string TemplateName( EMAIL_REASON r , const std::string &OperatorName="") {
switch (r) {
case FORGOT_PASSWORD: return AddOperator(EmailTemplateNames[FORGOT_PASSWORD],OperatorName);
case EMAIL_VERIFICATION: return AddOperator(EmailTemplateNames[EMAIL_VERIFICATION],OperatorName);
case SUB_SIGNUP_VERIFICATION: return AddOperator(EmailTemplateNames[SUB_SIGNUP_VERIFICATION],OperatorName);
case EMAIL_INVITATION: return AddOperator(EmailTemplateNames[EMAIL_INVITATION],OperatorName);
case VERIFICATION_CODE: return AddOperator(EmailTemplateNames[VERIFICATION_CODE],OperatorName);
case SUB_FORGOT_PASSWORD: return AddOperator(EmailTemplateNames[SUB_FORGOT_PASSWORD],OperatorName);
case SUB_EMAIL_VERIFICATION: return AddOperator(EmailTemplateNames[SUB_EMAIL_VERIFICATION],OperatorName);
case SUB_VERIFICATION_CODE: return AddOperator(EmailTemplateNames[SUB_VERIFICATION_CODE],OperatorName);
default:
return "";
}
}
static std::string Logo(const std::string &OperatorName = "" ) {
return AddOperator("logo.png", OperatorName);
}
static std::string SubLogo(const std::string &OperatorName = "" ) {
return AddOperator("sub_logo.png", OperatorName);
}
private:
inline const static std::vector<std::string> EmailTemplateNames = {
"password_reset",
"email_verification",
"sub_signup_verification",
"email_invitation",
"verification_code",
"sub_password_reset",
"sub_email_verification",
"sub_verification_code"
};
};
inline MessagingTemplates & MessagingTemplates() { return MessagingTemplates::instance(); }
} // OpenWifi

44
src/RESTAPI/RESTAPI_action_links.cpp
View File

@@ -7,9 +7,7 @@
#include "RESTAPI_action_links.h" #include "RESTAPI_action_links.h"
#include "StorageService.h" #include "StorageService.h"
#include "framework/RESTAPI_PartHandler.h" #include "framework/MicroService.h"
#include "framework/OpenAPIRequests.h"
#include "Daemon.h" #include "Daemon.h"
namespace OpenWifi { namespace OpenWifi {
@@ -25,12 +23,8 @@ namespace OpenWifi {
if(Action=="password_reset") if(Action=="password_reset")
return RequestResetPassword(Link); return RequestResetPassword(Link);
else if(Action=="sub_password_reset")
return RequestSubResetPassword(Link);
else if(Action=="email_verification") else if(Action=="email_verification")
return DoEmailVerification(Link); return DoEmailVerification(Link);
else if(Action=="sub_email_verification")
return DoSubEmailVerification(Link);
else if(Action=="signup_verification") else if(Action=="signup_verification")
return DoNewSubVerification(Link); return DoNewSubVerification(Link);
else else
@@ -42,12 +36,8 @@ namespace OpenWifi {
if(Action=="password_reset") if(Action=="password_reset")
return CompleteResetPassword(); return CompleteResetPassword();
else if(Action=="sub_password_reset")
return CompleteResetPassword();
else if(Action=="signup_completion") else if(Action=="signup_completion")
return CompleteSubVerification(); return CompleteSubVerification();
else if(Action=="email_invitation")
return CompleteEmailInvitation();
else else
return DoReturnA404(); return DoReturnA404();
} }
@@ -62,7 +52,7 @@ namespace OpenWifi {
void RESTAPI_action_links::DoNewSubVerification(SecurityObjects::ActionLink &Link) { void RESTAPI_action_links::DoNewSubVerification(SecurityObjects::ActionLink &Link) {
Logger_.information(fmt::format("REQUEST-SUB-SIGNUP({}): For ID={}", Request->clientAddress().toString(), Link.userId)); Logger_.information(fmt::format("REQUEST-SUB-SIGNUP({}): For ID={}", Request->clientAddress().toString(), Link.userId));
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_signup_verification.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/signup_verification.html"};
Types::StringPairVec FormVars{ {"UUID", Link.id}, Types::StringPairVec FormVars{ {"UUID", Link.id},
{"PASSWORD_VALIDATION", AuthService()->PasswordValidationExpression()}}; {"PASSWORD_VALIDATION", AuthService()->PasswordValidationExpression()}};
SendHTMLFileBack(FormFile,FormVars); SendHTMLFileBack(FormFile,FormVars);
@@ -161,7 +151,7 @@ namespace OpenWifi {
} }
if(Password1!=Password2 || !AuthService()->ValidateSubPassword(Password1)) { if(Password1!=Password2 || !AuthService()->ValidateSubPassword(Password1)) {
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_password_reset_error.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/password_reset_error.html"};
Types::StringPairVec FormVars{ {"UUID", Id}, Types::StringPairVec FormVars{ {"UUID", Id},
{"ERROR_TEXT", "For some reason, the passwords entered do not match or they do not comply with" {"ERROR_TEXT", "For some reason, the passwords entered do not match or they do not comply with"
" accepted password creation restrictions. Please consult our on-line help" " accepted password creation restrictions. Please consult our on-line help"
@@ -173,14 +163,14 @@ namespace OpenWifi {
SecurityObjects::UserInfo UInfo; SecurityObjects::UserInfo UInfo;
bool Found = StorageService()->SubDB().GetUserById(Link.userId,UInfo); bool Found = StorageService()->SubDB().GetUserById(Link.userId,UInfo);
if(!Found) { if(!Found) {
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_signup_verification_error.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/signup_verification_error.html"};
Types::StringPairVec FormVars{ {"UUID", Id}, Types::StringPairVec FormVars{ {"UUID", Id},
{"ERROR_TEXT", "This request does not contain a valid user ID. Please contact your system administrator."}}; {"ERROR_TEXT", "This request does not contain a valid user ID. Please contact your system administrator."}};
return SendHTMLFileBack(FormFile,FormVars); return SendHTMLFileBack(FormFile,FormVars);
} }
if(UInfo.blackListed || UInfo.suspended) { if(UInfo.blackListed || UInfo.suspended) {
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_signup_verification_error.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/signup_verification_error.html"};
Types::StringPairVec FormVars{ {"UUID", Id}, Types::StringPairVec FormVars{ {"UUID", Id},
{"ERROR_TEXT", "Please contact our system administrators. We have identified an error in your account that must be resolved first."}}; {"ERROR_TEXT", "Please contact our system administrators. We have identified an error in your account that must be resolved first."}};
return SendHTMLFileBack(FormFile,FormVars); return SendHTMLFileBack(FormFile,FormVars);
@@ -188,7 +178,7 @@ namespace OpenWifi {
bool GoodPassword = AuthService()->SetSubPassword(Password1,UInfo); bool GoodPassword = AuthService()->SetSubPassword(Password1,UInfo);
if(!GoodPassword) { if(!GoodPassword) {
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_signup_verification_error.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/signup_verification_error.html"};
Types::StringPairVec FormVars{ {"UUID", Id}, Types::StringPairVec FormVars{ {"UUID", Id},
{"ERROR_TEXT", "You cannot reuse one of your recent passwords."}}; {"ERROR_TEXT", "You cannot reuse one of your recent passwords."}};
return SendHTMLFileBack(FormFile,FormVars); return SendHTMLFileBack(FormFile,FormVars);
@@ -202,18 +192,17 @@ namespace OpenWifi {
StorageService()->SubDB().UpdateUserInfo(UInfo.email,Link.userId,UInfo); StorageService()->SubDB().UpdateUserInfo(UInfo.email,Link.userId,UInfo);
Poco::File FormFile{ Daemon()->AssetDir() + "/sub_signup_verification_success.html"}; Poco::File FormFile{ Daemon()->AssetDir() + "/signup_verification_success.html"};
Types::StringPairVec FormVars{ {"UUID", Id}, Types::StringPairVec FormVars{ {"UUID", Id},
{"USERNAME", UInfo.email} }; {"USERNAME", UInfo.email} };
StorageService()->ActionLinksDB().CompleteAction(Id); StorageService()->ActionLinksDB().CompleteAction(Id);
// Send the update to the provisioning service // Send the update to the provisioning service
Poco::JSON::Object Body; Poco::JSON::Object Body;
auto RawSignup = Poco::StringTokenizer(UInfo.signingUp,":"); Body.set("signupUUID", UInfo.signingUp);
Body.set("signupUUID", RawSignup.count()==1 ? UInfo.signingUp : RawSignup[1]);
OpenAPIRequestPut ProvRequest(uSERVICE_PROVISIONING,"/api/v1/signup", OpenAPIRequestPut ProvRequest(uSERVICE_PROVISIONING,"/api/v1/signup",
{ {
{"signupUUID", RawSignup.count()==1 ? UInfo.signingUp : RawSignup[1]} , {"signupUUID", UInfo.signingUp} ,
{"operation", "emailVerified"} {"operation", "emailVerified"}
}, },
Body,30000); Body,30000);
@@ -249,8 +238,7 @@ namespace OpenWifi {
return SendHTMLFileBack(FormFile, FormVars); return SendHTMLFileBack(FormFile, FormVars);
} }
Logger_.information(fmt::format("EMAIL-VERIFICATION(%s): For ID={}", Request->clientAddress().toString(), Logger_.information(fmt::format("EMAIL-VERIFICATION(%s): For ID={}", Request->clientAddress().toString(), UInfo.email));
UInfo.email));
UInfo.waitingForEmailCheck = false; UInfo.waitingForEmailCheck = false;
UInfo.validated = true; UInfo.validated = true;
UInfo.lastEmailCheck = OpenWifi::Now(); UInfo.lastEmailCheck = OpenWifi::Now();
@@ -274,16 +262,4 @@ namespace OpenWifi {
SendHTMLFileBack(FormFile, FormVars); SendHTMLFileBack(FormFile, FormVars);
} }
void RESTAPI_action_links::CompleteEmailInvitation() {
/// TODO:
}
void RESTAPI_action_links::RequestSubResetPassword([[maybe_unused]] SecurityObjects::ActionLink &Link) {
}
void RESTAPI_action_links::DoSubEmailVerification([[maybe_unused]] SecurityObjects::ActionLink &Link) {
}
} }

7
src/RESTAPI/RESTAPI_action_links.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_action_links : public RESTAPIHandler { class RESTAPI_action_links : public RESTAPIHandler {
public: public:
RESTAPI_action_links(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_action_links(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
@@ -22,14 +22,11 @@ namespace OpenWifi {
true, RateLimit{.Interval=1000,.MaxCalls=10}) {} true, RateLimit{.Interval=1000,.MaxCalls=10}) {}
static auto PathName() { return std::list<std::string>{"/api/v1/actionLink"}; }; static auto PathName() { return std::list<std::string>{"/api/v1/actionLink"}; };
void RequestResetPassword(SecurityObjects::ActionLink &Link); void RequestResetPassword(SecurityObjects::ActionLink &Link);
void RequestSubResetPassword(SecurityObjects::ActionLink &Link);
void CompleteResetPassword(); void CompleteResetPassword();
void CompleteSubVerification(); void CompleteSubVerification();
void DoEmailVerification(SecurityObjects::ActionLink &Link); void DoEmailVerification(SecurityObjects::ActionLink &Link);
void DoSubEmailVerification(SecurityObjects::ActionLink &Link);
void DoReturnA404(); void DoReturnA404();
void DoNewSubVerification(SecurityObjects::ActionLink &Link); void DoNewSubVerification(SecurityObjects::ActionLink &Link);
void CompleteEmailInvitation();
void DoGet() final; void DoGet() final;
void DoPost() final; void DoPost() final;

158
src/RESTAPI/RESTAPI_apiKey_handler.cpp
View File

@@ -1,158 +0,0 @@
//
// Created by stephane bourque on 2022-11-04.
//
#include "RESTAPI_apiKey_handler.h"
#include "RESTAPI/RESTAPI_db_helpers.h"
namespace OpenWifi {
void RESTAPI_apiKey_handler::DoGet() {
std::string user_uuid = GetBinding("uuid","");
if(user_uuid.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(user_uuid!=UserInfo_.userinfo.id && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
SecurityObjects::ApiKeyEntryList List;
if(DB_.GetRecords(0,500, List.apiKeys, fmt::format(" userUuid='{}' ", user_uuid))) {
for(auto &key:List.apiKeys) {
Sanitize(UserInfo_, key);
}
Poco::JSON::Object Answer;
List.to_json(Answer);
return ReturnObject(Answer);
}
return NotFound();
}
void RESTAPI_apiKey_handler::DoDelete() {
std::string user_uuid = GetBinding("uuid","");
if(user_uuid.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(user_uuid!=UserInfo_.userinfo.id && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
if(user_uuid!=UserInfo_.userinfo.id) {
if(!StorageService()->UserDB().Exists("id",user_uuid)) {
return NotFound();
}
}
std::string ApiKeyId= GetParameter("keyUuid","");
if(ApiKeyId.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
SecurityObjects::ApiKeyEntry ApiKey;
if(StorageService()->ApiKeyDB().GetRecord("id",ApiKeyId,ApiKey)) {
if(ApiKey.userUuid==user_uuid) {
AuthService()->RemoveTokenSystemWide(ApiKey.apiKey);
DB_.DeleteRecord("id", ApiKeyId);
return OK();
}
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
return NotFound();
}
void RESTAPI_apiKey_handler::DoPost() {
std::string user_uuid = GetBinding("uuid","");
if(user_uuid.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(user_uuid!=UserInfo_.userinfo.id && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
if(user_uuid!=UserInfo_.userinfo.id) {
// Must verify if the user exists
if(!StorageService()->UserDB().Exists("id",user_uuid)) {
return BadRequest(RESTAPI::Errors::UserMustExist);
}
}
SecurityObjects::ApiKeyEntry NewKey;
if(!NewKey.from_json(ParsedBody_)) {
return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
}
NewKey.lastUse = 0 ;
if(!Utils::IsAlphaNumeric(NewKey.name) || NewKey.name.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
Poco::toLowerInPlace(NewKey.name);
NewKey.userUuid = user_uuid;
if(NewKey.expiresOn < Utils::Now()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
// does a key of that name already exit for this user?
SecurityObjects::ApiKeyEntryList ExistingList;
if(DB_.GetRecords(0,500, ExistingList.apiKeys, fmt::format(" userUuid='{}' ", user_uuid))) {
if(std::find_if(ExistingList.apiKeys.begin(),ExistingList.apiKeys.end(), [NewKey](const SecurityObjects::ApiKeyEntry &E) -> bool {
return E.name==NewKey.name;
})!=ExistingList.apiKeys.end()) {
return BadRequest(RESTAPI::Errors::ApiKeyNameAlreadyExists);
}
}
if(ExistingList.apiKeys.size()>=10) {
return BadRequest(RESTAPI::Errors::TooManyApiKeys);
}
NewKey.id = MicroServiceCreateUUID();
NewKey.userUuid = user_uuid;
NewKey.salt = std::to_string(Utils::Now());
NewKey.apiKey = Utils::ComputeHash(NewKey.salt, UserInfo_.userinfo.id, UserInfo_.webtoken.access_token_ );
NewKey.created = Utils::Now();
if(DB_.CreateRecord(NewKey)) {
Poco::JSON::Object Answer;
NewKey.to_json(Answer);
return ReturnObject(Answer);
}
return BadRequest(RESTAPI::Errors::RecordNotCreated);
}
void RESTAPI_apiKey_handler::DoPut() {
std::string user_uuid = GetBinding("uuid","");
if(user_uuid.empty()) {
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
}
if(user_uuid!=UserInfo_.userinfo.id && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
SecurityObjects::ApiKeyEntry NewKey;
if(!NewKey.from_json(ParsedBody_)) {
return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
}
SecurityObjects::ApiKeyEntry ExistingKey;
if(!DB_.GetRecord("id",NewKey.id,ExistingKey)) {
return BadRequest(RESTAPI::Errors::ApiKeyDoesNotExist);
}
if(ExistingKey.userUuid!=user_uuid) {
return BadRequest(RESTAPI::Errors::MissingUserID);
}
AssignIfPresent(ParsedBody_,"description",ExistingKey.description);
if(DB_.UpdateRecord("id",ExistingKey.id,ExistingKey)) {
Poco::JSON::Object Answer;
ExistingKey.to_json(Answer);
return ReturnObject(Answer);
}
BadRequest(RESTAPI::Errors::RecordNotUpdated);
}
}

34
src/RESTAPI/RESTAPI_apiKey_handler.h
View File

@@ -1,34 +0,0 @@
//
// Created by stephane bourque on 2022-11-04.
//
#pragma once
#include "framework/RESTAPI_Handler.h"
#include "StorageService.h"
namespace OpenWifi {
class RESTAPI_apiKey_handler : public RESTAPIHandler {
public:
RESTAPI_apiKey_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_DELETE,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server,
TransactionId,
Internal) {}
static auto PathName() { return std::list<std::string>{"/api/v1/apiKey/{uuid}"}; };
private:
ApiKeyDB &DB_=StorageService()->ApiKeyDB();
void DoGet() final;
void DoPut() final;
void DoPost() final;
void DoDelete() final;
};
}

4
src/RESTAPI/RESTAPI_asset_server.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "../framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_asset_server : public RESTAPIHandler { class RESTAPI_asset_server : public RESTAPIHandler {
public: public:
RESTAPI_asset_server(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_asset_server(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_POST, {Poco::Net::HTTPRequest::HTTP_POST,

5
src/RESTAPI/RESTAPI_avatar_handler.cpp
View File

@@ -8,8 +8,7 @@
#include "RESTAPI_avatar_handler.h" #include "RESTAPI_avatar_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "Poco/Net/HTMLForm.h" #include "Poco/Net/HTMLForm.h"
#include "Poco/CountingStream.h" #include "framework/MicroService.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
@@ -35,7 +34,7 @@ namespace OpenWifi {
Poco::Net::HTMLForm form(*Request, Request->stream(), partHandler); Poco::Net::HTMLForm form(*Request, Request->stream(), partHandler);
Poco::JSON::Object Answer; Poco::JSON::Object Answer;
if (!partHandler.Name().empty() && partHandler.Length()< MicroServiceConfigGetInt("openwifi.avatar.maxsize",2000000)) { if (!partHandler.Name().empty() && partHandler.Length()< MicroService::instance().ConfigGetInt("openwifi.avatar.maxsize",2000000)) {
Answer.set(RESTAPI::Protocol::AVATARID, Id); Answer.set(RESTAPI::Protocol::AVATARID, Id);
Answer.set(RESTAPI::Protocol::ERRORCODE, 0); Answer.set(RESTAPI::Protocol::ERRORCODE, 0);
Logger_.information(fmt::format("Uploaded avatar: {} Type: {}", partHandler.Name(), partHandler.ContentType())); Logger_.information(fmt::format("Uploaded avatar: {} Type: {}", partHandler.Name(), partHandler.ContentType()));

6
src/RESTAPI/RESTAPI_avatar_handler.h
View File

@@ -3,8 +3,7 @@
// //
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
#include "Poco/Net/PartHandler.h"
namespace OpenWifi { namespace OpenWifi {
@@ -33,7 +32,7 @@ namespace OpenWifi {
class RESTAPI_avatar_handler : public RESTAPIHandler { class RESTAPI_avatar_handler : public RESTAPIHandler {
public: public:
RESTAPI_avatar_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_avatar_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,
@@ -49,5 +48,6 @@ namespace OpenWifi {
void DoPost() final; void DoPost() final;
void DoDelete() final; void DoDelete() final;
void DoPut() final {}; void DoPut() final {};
}; };
} }

3
src/RESTAPI/RESTAPI_db_helpers.h
View File

@@ -14,7 +14,4 @@ namespace OpenWifi {
U.oauthType.clear(); U.oauthType.clear();
} }
inline void Sanitize([[maybe_unused]] const SecurityObjects::UserInfoAndPolicy &User, SecurityObjects::ApiKeyEntry & U) {
U.salt.clear();
}
} }

6
src/RESTAPI/RESTAPI_email_handler.cpp
View File

@@ -3,10 +3,14 @@
// //
#include "RESTAPI_email_handler.h" #include "RESTAPI_email_handler.h"
#include "Poco/Exception.h"
#include "Poco/JSON/Parser.h" #include "Poco/JSON/Parser.h"
#include "SMTPMailerService.h" #include "SMTPMailerService.h"
#include "framework/ow_constants.h" #include "framework/ow_constants.h"
#include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
void RESTAPI_email_handler::DoPost() { void RESTAPI_email_handler::DoPost() {
@@ -24,7 +28,7 @@ namespace OpenWifi {
Attrs[SUBJECT] = Obj->get("subject").toString(); Attrs[SUBJECT] = Obj->get("subject").toString();
Attrs[TEXT] = Obj->get("text").toString(); Attrs[TEXT] = Obj->get("text").toString();
Attrs[SENDER] = Obj->get("from").toString(); Attrs[SENDER] = Obj->get("from").toString();
if(SMTPMailerService()->SendMessage(Recipient, "password_reset.txt", Attrs, false)) { if(SMTPMailerService()->SendMessage(Recipient, "password_reset.txt", Attrs)) {
return OK(); return OK();
} }
return ReturnStatus(Poco::Net::HTTPResponse::HTTP_SERVICE_UNAVAILABLE); return ReturnStatus(Poco::Net::HTTPResponse::HTTP_SERVICE_UNAVAILABLE);

4
src/RESTAPI/RESTAPI_email_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_email_handler : public RESTAPIHandler { class RESTAPI_email_handler : public RESTAPIHandler {
public: public:
RESTAPI_email_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_email_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS}, Poco::Net::HTTPRequest::HTTP_OPTIONS},

5
src/RESTAPI/RESTAPI_oauth2_handler.cpp
View File

@@ -12,11 +12,10 @@
#include "RESTAPI_oauth2_handler.h" #include "RESTAPI_oauth2_handler.h"
#include "MFAServer.h" #include "MFAServer.h"
#include "framework/ow_constants.h" #include "framework/ow_constants.h"
#include "framework/MicroService.h"
#include "StorageService.h" #include "StorageService.h"
#include "RESTAPI_db_helpers.h" #include "RESTAPI_db_helpers.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
void RESTAPI_oauth2_handler::DoGet() { void RESTAPI_oauth2_handler::DoGet() {
@@ -100,7 +99,7 @@ namespace OpenWifi {
SecurityObjects::ActionLink NewLink; SecurityObjects::ActionLink NewLink;
NewLink.action = OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD; NewLink.action = OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD;
NewLink.id = MicroServiceCreateUUID(); NewLink.id = MicroService::CreateUUID();
NewLink.userId = UInfo1.id; NewLink.userId = UInfo1.id;
NewLink.created = OpenWifi::Now(); NewLink.created = OpenWifi::Now();
NewLink.expires = NewLink.created + (24*60*60); NewLink.expires = NewLink.created + (24*60*60);

4
src/RESTAPI/RESTAPI_oauth2_handler.h
View File

@@ -7,12 +7,12 @@
// //
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_oauth2_handler : public RESTAPIHandler { class RESTAPI_oauth2_handler : public RESTAPIHandler {
public: public:
RESTAPI_oauth2_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_oauth2_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,

4
src/RESTAPI/RESTAPI_preferences.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_preferences : public RESTAPIHandler { class RESTAPI_preferences : public RESTAPIHandler {
public: public:
RESTAPI_preferences(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_preferences(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,

18
src/RESTAPI/RESTAPI_routers.cpp
View File

@@ -2,6 +2,8 @@
// Created by stephane bourque on 2021-10-23. // Created by stephane bourque on 2021-10-23.
// //
#include "framework/MicroService.h"
#include "RESTAPI/RESTAPI_oauth2_handler.h" #include "RESTAPI/RESTAPI_oauth2_handler.h"
#include "RESTAPI/RESTAPI_user_handler.h" #include "RESTAPI/RESTAPI_user_handler.h"
#include "RESTAPI/RESTAPI_users_handler.h" #include "RESTAPI/RESTAPI_users_handler.h"
@@ -23,17 +25,11 @@
#include "RESTAPI/RESTAPI_totp_handler.h" #include "RESTAPI/RESTAPI_totp_handler.h"
#include "RESTAPI/RESTAPI_subtotp_handler.h" #include "RESTAPI/RESTAPI_subtotp_handler.h"
#include "RESTAPI/RESTAPI_signup_handler.h" #include "RESTAPI/RESTAPI_signup_handler.h"
#include "RESTAPI/RESTAPI_apiKey_handler.h"
#include "RESTAPI/RESTAPI_validate_apikey.h"
#include "framework/RESTAPI_SystemCommand.h"
#include "framework/RESTAPI_WebSocketServer.h"
namespace OpenWifi { namespace OpenWifi {
Poco::Net::HTTPRequestHandler * RESTAPI_ExtRouter(const std::string &Path, RESTAPIHandler::BindingMap &Bindings, Poco::Net::HTTPRequestHandler * RESTAPI_ExtRouter(const std::string &Path, RESTAPIHandler::BindingMap &Bindings,
Poco::Logger & L, RESTAPI_GenericServerAccounting & S, Poco::Logger & L, RESTAPI_GenericServer & S, uint64_t TransactionId) {
uint64_t TransactionId) {
return RESTAPI_Router< return RESTAPI_Router<
RESTAPI_oauth2_handler, RESTAPI_oauth2_handler,
RESTAPI_user_handler, RESTAPI_user_handler,
@@ -56,15 +52,12 @@ namespace OpenWifi {
RESTAPI_subtotp_handler, RESTAPI_subtotp_handler,
RESTAPI_signup_handler, RESTAPI_signup_handler,
RESTAPI_validate_sub_token_handler, RESTAPI_validate_sub_token_handler,
RESTAPI_validate_token_handler, RESTAPI_validate_token_handler
RESTAPI_validate_apikey,
RESTAPI_webSocketServer,
RESTAPI_apiKey_handler
>(Path, Bindings, L, S,TransactionId); >(Path, Bindings, L, S,TransactionId);
} }
Poco::Net::HTTPRequestHandler * RESTAPI_IntRouter(const std::string &Path, RESTAPIHandler::BindingMap &Bindings, Poco::Net::HTTPRequestHandler * RESTAPI_IntRouter(const std::string &Path, RESTAPIHandler::BindingMap &Bindings,
Poco::Logger & L, RESTAPI_GenericServerAccounting & S, uint64_t TransactionId) { Poco::Logger & L, RESTAPI_GenericServer & S, uint64_t TransactionId) {
return RESTAPI_Router_I< return RESTAPI_Router_I<
RESTAPI_oauth2_handler, RESTAPI_oauth2_handler,
@@ -88,7 +81,6 @@ namespace OpenWifi {
RESTAPI_subtotp_handler, RESTAPI_subtotp_handler,
RESTAPI_validate_sub_token_handler, RESTAPI_validate_sub_token_handler,
RESTAPI_validate_token_handler, RESTAPI_validate_token_handler,
RESTAPI_validate_apikey,
RESTAPI_signup_handler RESTAPI_signup_handler
>(Path, Bindings, L, S, TransactionId); >(Path, Bindings, L, S, TransactionId);
} }

12
src/RESTAPI/RESTAPI_signup_handler.cpp
View File

@@ -5,7 +5,6 @@
#include "RESTAPI_signup_handler.h" #include "RESTAPI_signup_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include "RESTObjects/RESTAPI_SecurityObjects.h"
#include "framework/MicroServiceFuncs.h"
#define __DBG__ std::cout << __LINE__ << std::endl; #define __DBG__ std::cout << __LINE__ << std::endl;
namespace OpenWifi { namespace OpenWifi {
@@ -14,9 +13,8 @@ namespace OpenWifi {
auto UserName = GetParameter("email"); auto UserName = GetParameter("email");
auto signupUUID = GetParameter("signupUUID"); auto signupUUID = GetParameter("signupUUID");
auto owner = GetParameter("owner"); auto owner = GetParameter("owner");
auto operatorName = GetParameter("operatorName"); if(UserName.empty() || signupUUID.empty() || owner.empty()) {
if(UserName.empty() || signupUUID.empty() || owner.empty() || operatorName.empty()) { Logger().error("Signup requires: email, signupUUID, and owner.");
Logger().error("Signup requires: email, signupUUID, operatorName, and owner.");
return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters); return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
} }
@@ -39,12 +37,12 @@ namespace OpenWifi {
} }
SecurityObjects::UserInfo NewSub; SecurityObjects::UserInfo NewSub;
NewSub.signingUp = operatorName + ":" + signupUUID; NewSub.signingUp = signupUUID;
NewSub.waitingForEmailCheck = true; NewSub.waitingForEmailCheck = true;
NewSub.name = UserName; NewSub.name = UserName;
NewSub.modified = OpenWifi::Now(); NewSub.modified = OpenWifi::Now();
NewSub.creationDate = OpenWifi::Now(); NewSub.creationDate = OpenWifi::Now();
NewSub.id = MicroServiceCreateUUID(); NewSub.id = MicroService::instance().CreateUUID();
NewSub.email = UserName; NewSub.email = UserName;
NewSub.userRole = SecurityObjects::SUBSCRIBER; NewSub.userRole = SecurityObjects::SUBSCRIBER;
NewSub.changePassword = true; NewSub.changePassword = true;
@@ -56,7 +54,7 @@ namespace OpenWifi {
SecurityObjects::ActionLink NewLink; SecurityObjects::ActionLink NewLink;
NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP; NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_SIGNUP;
NewLink.id = MicroServiceCreateUUID(); NewLink.id = MicroService::CreateUUID();
NewLink.userId = NewSub.id; NewLink.userId = NewSub.id;
NewLink.created = OpenWifi::Now(); NewLink.created = OpenWifi::Now();
NewLink.expires = NewLink.created + (1*60*60); // 1 hour NewLink.expires = NewLink.created + (1*60*60); // 1 hour

4
src/RESTAPI/RESTAPI_signup_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_signup_handler : public RESTAPIHandler { class RESTAPI_signup_handler : public RESTAPIHandler {
public: public:
RESTAPI_signup_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting & Server, uint64_t TransactionId, bool Internal) RESTAPI_signup_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer & Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_POST, Poco::Net::HTTPRequest::HTTP_POST,

1
src/RESTAPI/RESTAPI_sms_handler.cpp
View File

@@ -5,6 +5,7 @@
#include "RESTAPI_sms_handler.h" #include "RESTAPI_sms_handler.h"
#include "SMSSender.h" #include "SMSSender.h"
#include "framework/ow_constants.h" #include "framework/ow_constants.h"
#include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {

4
src/RESTAPI/RESTAPI_sms_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_sms_handler : public RESTAPIHandler { class RESTAPI_sms_handler : public RESTAPIHandler {
public: public:
RESTAPI_sms_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_sms_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_OPTIONS}, Poco::Net::HTTPRequest::HTTP_OPTIONS},

5
src/RESTAPI/RESTAPI_subavatar_handler.cpp
View File

@@ -8,8 +8,7 @@
#include "RESTAPI_subavatar_handler.h" #include "RESTAPI_subavatar_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "Poco/Net/HTMLForm.h" #include "Poco/Net/HTMLForm.h"
#include "Poco/CountingStream.h" #include "framework/MicroService.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
@@ -35,7 +34,7 @@ namespace OpenWifi {
Poco::Net::HTMLForm form(*Request, Request->stream(), partHandler); Poco::Net::HTMLForm form(*Request, Request->stream(), partHandler);
Poco::JSON::Object Answer; Poco::JSON::Object Answer;
if (!partHandler.Name().empty() && partHandler.Length()< MicroServiceConfigGetInt("openwifi.avatar.maxsize",2000000)) { if (!partHandler.Name().empty() && partHandler.Length()< MicroService::instance().ConfigGetInt("openwifi.avatar.maxsize",2000000)) {
Answer.set(RESTAPI::Protocol::AVATARID, Id); Answer.set(RESTAPI::Protocol::AVATARID, Id);
Answer.set(RESTAPI::Protocol::ERRORCODE, 0); Answer.set(RESTAPI::Protocol::ERRORCODE, 0);
Logger_.information(fmt::format("Uploaded avatar: {} Type: {}", partHandler.Name(), partHandler.ContentType())); Logger_.information(fmt::format("Uploaded avatar: {} Type: {}", partHandler.Name(), partHandler.ContentType()));

5
src/RESTAPI/RESTAPI_subavatar_handler.h
View File

@@ -3,8 +3,7 @@
// //
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
#include "Poco/Net/PartHandler.h"
namespace OpenWifi { namespace OpenWifi {
@@ -33,7 +32,7 @@ namespace OpenWifi {
class RESTAPI_subavatar_handler : public RESTAPIHandler { class RESTAPI_subavatar_handler : public RESTAPIHandler {
public: public:
RESTAPI_subavatar_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_subavatar_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,

5
src/RESTAPI/RESTAPI_submfa_handler.cpp
View File

@@ -5,7 +5,6 @@
#include "RESTAPI_submfa_handler.h" #include "RESTAPI_submfa_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "SMSSender.h" #include "SMSSender.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
@@ -65,7 +64,7 @@ namespace OpenWifi {
MFC.sms = MFC.sms; MFC.sms = MFC.sms;
MFC.type = "email"; MFC.type = "email";
MFC.email = UserInfo_.userinfo.email; MFC.email = UserInfo_.userinfo.email;
MFC.id = MicroServiceCreateUUID(); MFC.id = MicroService::instance().CreateUUID();
Poco::JSON::Object Answer; Poco::JSON::Object Answer;
MFC.to_json(Answer); MFC.to_json(Answer);
@@ -117,7 +116,7 @@ namespace OpenWifi {
MFC.sms = MFC.sms; MFC.sms = MFC.sms;
MFC.type = "sms"; MFC.type = "sms";
MFC.email = UserInfo_.userinfo.email; MFC.email = UserInfo_.userinfo.email;
MFC.id = MicroServiceCreateUUID(); MFC.id = MicroService::instance().CreateUUID();
Poco::JSON::Object Answer; Poco::JSON::Object Answer;
MFC.to_json(Answer); MFC.to_json(Answer);

4
src/RESTAPI/RESTAPI_submfa_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_submfa_handler : public RESTAPIHandler { class RESTAPI_submfa_handler : public RESTAPIHandler {
public: public:
RESTAPI_submfa_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_submfa_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_PUT, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_PUT,
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,

3
src/RESTAPI/RESTAPI_suboauth2_handler.cpp
View File

@@ -5,6 +5,7 @@
#include "RESTAPI_suboauth2_handler.h" #include "RESTAPI_suboauth2_handler.h"
#include "AuthService.h" #include "AuthService.h"
#include "MFAServer.h" #include "MFAServer.h"
#include "framework/MicroService.h"
#include "StorageService.h" #include "StorageService.h"
#include "RESTAPI/RESTAPI_db_helpers.h" #include "RESTAPI/RESTAPI_db_helpers.h"
@@ -86,7 +87,7 @@ namespace OpenWifi {
SecurityObjects::ActionLink NewLink; SecurityObjects::ActionLink NewLink;
NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD; NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD;
NewLink.id = MicroServiceCreateUUID(); NewLink.id = MicroService::CreateUUID();
NewLink.userId = UInfo1.id; NewLink.userId = UInfo1.id;
NewLink.created = OpenWifi::Now(); NewLink.created = OpenWifi::Now();
NewLink.expires = NewLink.created + (24*60*60); NewLink.expires = NewLink.created + (24*60*60);

4
src/RESTAPI/RESTAPI_suboauth2_handler.h
View File

@@ -3,12 +3,12 @@
// //
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_suboauth2_handler : public RESTAPIHandler { class RESTAPI_suboauth2_handler : public RESTAPIHandler {
public: public:
RESTAPI_suboauth2_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_suboauth2_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
Poco::Net::HTTPRequest::HTTP_DELETE, Poco::Net::HTTPRequest::HTTP_DELETE,

4
src/RESTAPI/RESTAPI_subpreferences.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_subpreferences : public RESTAPIHandler { class RESTAPI_subpreferences : public RESTAPIHandler {
public: public:
RESTAPI_subpreferences(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_subpreferences(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{ std::vector<std::string>{
Poco::Net::HTTPRequest::HTTP_GET, Poco::Net::HTTPRequest::HTTP_GET,

1
src/RESTAPI/RESTAPI_subtotp_handler.cpp
View File

@@ -5,7 +5,6 @@
#include "RESTAPI_subtotp_handler.h" #include "RESTAPI_subtotp_handler.h"
#include "TotpCache.h" #include "TotpCache.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {

4
src/RESTAPI/RESTAPI_subtotp_handler.h
View File

@@ -2,12 +2,12 @@
// Created by stephane bourque on 2022-01-31. // Created by stephane bourque on 2022-01-31.
// //
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_subtotp_handler : public RESTAPIHandler { class RESTAPI_subtotp_handler : public RESTAPIHandler {
public: public:
RESTAPI_subtotp_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_subtotp_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{ {

4
src/RESTAPI/RESTAPI_subuser_handler.cpp
View File

@@ -13,8 +13,6 @@
#include "MFAServer.h" #include "MFAServer.h"
#include "TotpCache.h" #include "TotpCache.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
void RESTAPI_subuser_handler::DoGet() { void RESTAPI_subuser_handler::DoGet() {
@@ -185,7 +183,7 @@ namespace OpenWifi {
SecurityObjects::ActionLink NewLink; SecurityObjects::ActionLink NewLink;
NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD; NewLink.action = OpenWifi::SecurityObjects::LinkActions::SUB_FORGOT_PASSWORD;
NewLink.id = MicroServiceCreateUUID(); NewLink.id = MicroService::CreateUUID();
NewLink.userId = Existing.id; NewLink.userId = Existing.id;
NewLink.created = OpenWifi::Now(); NewLink.created = OpenWifi::Now();
NewLink.expires = NewLink.created + (24*60*60); NewLink.expires = NewLink.created + (24*60*60);

4
src/RESTAPI/RESTAPI_subuser_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_subuser_handler : public RESTAPIHandler { class RESTAPI_subuser_handler : public RESTAPIHandler {
public: public:
RESTAPI_subuser_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_subuser_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_POST, {Poco::Net::HTTPRequest::HTTP_POST,

1
src/RESTAPI/RESTAPI_subusers_handler.cpp
View File

@@ -4,6 +4,7 @@
#include "RESTAPI_subusers_handler.h" #include "RESTAPI_subusers_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "framework/MicroService.h"
#include "RESTAPI/RESTAPI_db_helpers.h" #include "RESTAPI/RESTAPI_db_helpers.h"
namespace OpenWifi { namespace OpenWifi {

4
src/RESTAPI/RESTAPI_subusers_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_subusers_handler : public RESTAPIHandler { class RESTAPI_subusers_handler : public RESTAPIHandler {
public: public:
RESTAPI_subusers_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_subusers_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,

3
src/RESTAPI/RESTAPI_system_endpoints_handler.cpp
View File

@@ -4,12 +4,11 @@
#include "RESTAPI_system_endpoints_handler.h" #include "RESTAPI_system_endpoints_handler.h"
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include "RESTObjects/RESTAPI_SecurityObjects.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
void RESTAPI_system_endpoints_handler::DoGet() { void RESTAPI_system_endpoints_handler::DoGet() {
auto Services = MicroServiceGetServices(); auto Services = MicroService::instance().GetServices();
SecurityObjects::SystemEndpointList L; SecurityObjects::SystemEndpointList L;
for(const auto &i:Services) { for(const auto &i:Services) {
SecurityObjects::SystemEndpoint S{ SecurityObjects::SystemEndpoint S{

4
src/RESTAPI/RESTAPI_system_endpoints_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "../framework/RESTAPI_Handler.h" #include "../framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_system_endpoints_handler : public RESTAPIHandler { class RESTAPI_system_endpoints_handler : public RESTAPIHandler {
public: public:
RESTAPI_system_endpoints_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_system_endpoints_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET, std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS}, Poco::Net::HTTPRequest::HTTP_OPTIONS},

4
src/RESTAPI/RESTAPI_totp_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_totp_handler : public RESTAPIHandler { class RESTAPI_totp_handler : public RESTAPIHandler {
public: public:
RESTAPI_totp_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_totp_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{ {

4
src/RESTAPI/RESTAPI_user_handler.cpp
View File

@@ -12,7 +12,6 @@
#include "RESTAPI/RESTAPI_db_helpers.h" #include "RESTAPI/RESTAPI_db_helpers.h"
#include "MFAServer.h" #include "MFAServer.h"
#include "TotpCache.h" #include "TotpCache.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
@@ -66,7 +65,6 @@ namespace OpenWifi {
StorageService()->AvatarDB().DeleteAvatar(UserInfo_.userinfo.email,Id); StorageService()->AvatarDB().DeleteAvatar(UserInfo_.userinfo.email,Id);
StorageService()->PreferencesDB().DeletePreferences(UserInfo_.userinfo.email,Id); StorageService()->PreferencesDB().DeletePreferences(UserInfo_.userinfo.email,Id);
StorageService()->UserTokenDB().RevokeAllTokens(Id); StorageService()->UserTokenDB().RevokeAllTokens(Id);
StorageService()->ApiKeyDB().RemoveAllApiKeys(Id);
Logger_.information(fmt::format("User '{}' deleted by '{}'.",Id,UserInfo_.userinfo.email)); Logger_.information(fmt::format("User '{}' deleted by '{}'.",Id,UserInfo_.userinfo.email));
OK(); OK();
} }
@@ -193,7 +191,7 @@ namespace OpenWifi {
SecurityObjects::ActionLink NewLink; SecurityObjects::ActionLink NewLink;
NewLink.action = OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD; NewLink.action = OpenWifi::SecurityObjects::LinkActions::FORGOT_PASSWORD;
NewLink.id = MicroServiceCreateUUID(); NewLink.id = MicroService::CreateUUID();
NewLink.userId = Existing.id; NewLink.userId = Existing.id;
NewLink.created = OpenWifi::Now(); NewLink.created = OpenWifi::Now();
NewLink.expires = NewLink.created + (24*60*60); NewLink.expires = NewLink.created + (24*60*60);

4
src/RESTAPI/RESTAPI_user_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_user_handler : public RESTAPIHandler { class RESTAPI_user_handler : public RESTAPIHandler {
public: public:
RESTAPI_user_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_user_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_POST, {Poco::Net::HTTPRequest::HTTP_POST,

1
src/RESTAPI/RESTAPI_users_handler.cpp
View File

@@ -4,6 +4,7 @@
#include "RESTAPI_users_handler.h" #include "RESTAPI_users_handler.h"
#include "StorageService.h" #include "StorageService.h"
#include "framework/MicroService.h"
#include "RESTAPI/RESTAPI_db_helpers.h" #include "RESTAPI/RESTAPI_db_helpers.h"
namespace OpenWifi { namespace OpenWifi {

4
src/RESTAPI/RESTAPI_users_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_users_handler : public RESTAPIHandler { class RESTAPI_users_handler : public RESTAPIHandler {
public: public:
RESTAPI_users_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_users_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,

31
src/RESTAPI/RESTAPI_validate_apikey.cpp
View File

@@ -1,31 +0,0 @@
//
// Created by stephane bourque on 2022-11-07.
//
#include "RESTAPI_validate_apikey.h"
#include "AuthService.h"
namespace OpenWifi {
void RESTAPI_validate_apikey::DoGet() {
Poco::URI URI(Request->getURI());
auto Parameters = URI.getQueryParameters();
for(auto const &i:Parameters) {
if (i.first == "apikey") {
// can we find this token?
SecurityObjects::UserInfoAndPolicy SecObj;
bool Expired = false;
std::uint64_t expiresOn=0;
if (AuthService()->IsValidApiKey(i.second, SecObj.webtoken, SecObj.userinfo, Expired, expiresOn)) {
Poco::JSON::Object Answer;
SecObj.to_json(Answer);
Answer.set("expiresOn", expiresOn);
return ReturnObject(Answer);
}
return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
}
}
return NotFound();
}
} // OpenWifi

27
src/RESTAPI/RESTAPI_validate_apikey.h
View File

@@ -1,27 +0,0 @@
//
// Created by stephane bourque on 2022-11-07.
//
#pragma once
#include "framework/RESTAPI_Handler.h"
namespace OpenWifi {
class RESTAPI_validate_apikey : public RESTAPIHandler {
public:
RESTAPI_validate_apikey(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L,
std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET,
Poco::Net::HTTPRequest::HTTP_OPTIONS},
Server,
TransactionId,
Internal) {};
static auto PathName() { return std::list<std::string>{"/api/v1/validateApiKey"}; };
void DoGet() final;
void DoPost() final {};
void DoDelete() final {};
void DoPut() final {};
};
}

4
src/RESTAPI/RESTAPI_validate_sub_token_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_validate_sub_token_handler : public RESTAPIHandler { class RESTAPI_validate_sub_token_handler : public RESTAPIHandler {
public: public:
RESTAPI_validate_sub_token_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_validate_sub_token_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,

4
src/RESTAPI/RESTAPI_validate_token_handler.h
View File

@@ -4,12 +4,12 @@
#pragma once #pragma once
#include "framework/RESTAPI_Handler.h" #include "framework/MicroService.h"
namespace OpenWifi { namespace OpenWifi {
class RESTAPI_validate_token_handler : public RESTAPIHandler { class RESTAPI_validate_token_handler : public RESTAPIHandler {
public: public:
RESTAPI_validate_token_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId, bool Internal) RESTAPI_validate_token_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L, RESTAPI_GenericServer &Server, uint64_t TransactionId, bool Internal)
: RESTAPIHandler(bindings, L, : RESTAPIHandler(bindings, L,
std::vector<std::string> std::vector<std::string>
{Poco::Net::HTTPRequest::HTTP_GET, {Poco::Net::HTTPRequest::HTTP_GET,

2
src/RESTObjects/RESTAPI_AnalyticsObjects.cpp
View File

@@ -4,7 +4,7 @@
#include "RESTAPI_AnalyticsObjects.h" #include "RESTAPI_AnalyticsObjects.h"
#include "RESTAPI_ProvObjects.h" #include "RESTAPI_ProvObjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;

3
src/RESTObjects/RESTAPI_AnalyticsObjects.h
View File

@@ -5,7 +5,6 @@
#pragma once #pragma once
#include "RESTAPI_ProvObjects.h" #include "RESTAPI_ProvObjects.h"
#include "framework/utils.h"
#include <vector> #include <vector>
namespace OpenWifi { namespace OpenWifi {
@@ -376,7 +375,7 @@ namespace OpenWifi {
}; };
struct WifiClientHistory { struct WifiClientHistory {
uint64_t timestamp=Utils::Now(); uint64_t timestamp=OpenWifi::Now();
std::string station_id; std::string station_id;
std::string bssid; std::string bssid;
std::string ssid; std::string ssid;

4
src/RESTObjects/RESTAPI_CertObjects.cpp
View File

@@ -3,7 +3,7 @@
// //
#include "RESTAPI_CertObjects.h" #include "RESTAPI_CertObjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;
@@ -154,7 +154,6 @@ namespace OpenWifi::CertObjects {
field_to_json(Obj,"submitted", submitted); field_to_json(Obj,"submitted", submitted);
field_to_json(Obj,"started", started); field_to_json(Obj,"started", started);
field_to_json(Obj,"completed", completed); field_to_json(Obj,"completed", completed);
field_to_json(Obj,"requesterUsername", requesterUsername);
} }
bool JobEntry::from_json(const Poco::JSON::Object::Ptr &Obj) { bool JobEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -172,7 +171,6 @@ namespace OpenWifi::CertObjects {
field_from_json(Obj,"submitted", submitted); field_from_json(Obj,"submitted", submitted);
field_from_json(Obj,"started", started); field_from_json(Obj,"started", started);
field_from_json(Obj,"completed", completed); field_from_json(Obj,"completed", completed);
field_from_json(Obj,"requesterUsername", requesterUsername);
return true; return true;
} catch (...) { } catch (...) {
} }

1
src/RESTObjects/RESTAPI_CertObjects.h
View File

@@ -91,7 +91,6 @@ namespace OpenWifi::CertObjects {
uint64_t submitted=0; uint64_t submitted=0;
uint64_t started=0; uint64_t started=0;
uint64_t completed=0; uint64_t completed=0;
std::string requesterUsername;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);

5
src/RESTObjects/RESTAPI_FMSObjects.cpp
View File

@@ -3,8 +3,7 @@
// //
#include "RESTAPI_FMSObjects.h" #include "RESTAPI_FMSObjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
#include "framework/utils.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;
@@ -234,7 +233,7 @@ namespace OpenWifi::FMSObjects {
UnknownFirmwares_.clear(); UnknownFirmwares_.clear();
totalSecondsOld_.clear(); totalSecondsOld_.clear();
numberOfDevices = 0 ; numberOfDevices = 0 ;
snapshot = Utils::Now(); snapshot = OpenWifi::Now();
} }
bool DeviceReport::from_json([[maybe_unused]] const Poco::JSON::Object::Ptr &Obj) { bool DeviceReport::from_json([[maybe_unused]] const Poco::JSON::Object::Ptr &Obj) {

192
src/RESTObjects/RESTAPI_GWobjects.cpp
View File

@@ -11,13 +11,12 @@
#include "Daemon.h" #include "Daemon.h"
#ifdef TIP_GATEWAY_SERVICE #ifdef TIP_GATEWAY_SERVICE
#include "AP_WS_Server.h" #include "DeviceRegistry.h"
#include "CapabilitiesCache.h" #include "CapabilitiesCache.h"
#endif #endif
#include "RESTAPI_GWobjects.h" #include "RESTAPI_GWobjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
#include "framework/utils.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;
@@ -50,10 +49,6 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"entity", entity); field_to_json(Obj,"entity", entity);
field_to_json(Obj,"modified", modified); field_to_json(Obj,"modified", modified);
field_to_json(Obj,"locale", locale); field_to_json(Obj,"locale", locale);
field_to_json(Obj,"restrictedDevice", restrictedDevice);
field_to_json(Obj,"pendingConfiguration", pendingConfiguration);
field_to_json(Obj,"pendingConfigurationCmd", pendingConfigurationCmd);
field_to_json(Obj,"restrictionDetails", restrictionDetails);
} }
void Device::to_json_with_status(Poco::JSON::Object &Obj) const { void Device::to_json_with_status(Poco::JSON::Object &Obj) const {
@@ -62,7 +57,7 @@ namespace OpenWifi::GWObjects {
#ifdef TIP_GATEWAY_SERVICE #ifdef TIP_GATEWAY_SERVICE
ConnectionState ConState; ConnectionState ConState;
if (AP_WS_Server()->GetState(SerialNumber, ConState)) { if (DeviceRegistry()->GetState(SerialNumber, ConState)) {
ConState.to_json(Obj); ConState.to_json(Obj);
} else { } else {
field_to_json(Obj,"ipAddress", ""); field_to_json(Obj,"ipAddress", "");
@@ -74,7 +69,6 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"verifiedCertificate", "NO_CERTIFICATE"); field_to_json(Obj,"verifiedCertificate", "NO_CERTIFICATE");
field_to_json(Obj,"associations_2G", (uint64_t) 0); field_to_json(Obj,"associations_2G", (uint64_t) 0);
field_to_json(Obj,"associations_5G", (uint64_t) 0); field_to_json(Obj,"associations_5G", (uint64_t) 0);
field_to_json(Obj,"associations_6G", (uint64_t) 0);
} }
#endif #endif
} }
@@ -94,10 +88,6 @@ namespace OpenWifi::GWObjects {
field_from_json(Obj,"subscriber", subscriber); field_from_json(Obj,"subscriber", subscriber);
field_from_json(Obj,"entity", entity); field_from_json(Obj,"entity", entity);
field_from_json(Obj,"locale", locale); field_from_json(Obj,"locale", locale);
field_from_json(Obj,"restrictedDevice", restrictedDevice);
field_from_json(Obj,"pendingConfiguration", pendingConfiguration);
field_from_json(Obj,"pendingConfigurationCmd", pendingConfigurationCmd);
field_from_json(Obj,"restrictionDetails", restrictionDetails);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
} }
@@ -208,17 +198,11 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"lastContact", LastContact); field_to_json(Obj,"lastContact", LastContact);
field_to_json(Obj,"associations_2G", Associations_2G); field_to_json(Obj,"associations_2G", Associations_2G);
field_to_json(Obj,"associations_5G", Associations_5G); field_to_json(Obj,"associations_5G", Associations_5G);
field_to_json(Obj,"associations_6G", Associations_6G);
field_to_json(Obj,"webSocketClients", webSocketClients); field_to_json(Obj,"webSocketClients", webSocketClients);
field_to_json(Obj,"websocketPackets", websocketPackets); field_to_json(Obj,"websocketPackets", websocketPackets);
field_to_json(Obj,"kafkaClients", kafkaClients); field_to_json(Obj,"kafkaClients", kafkaClients);
field_to_json(Obj,"kafkaPackets", kafkaPackets); field_to_json(Obj,"kafkaPackets", kafkaPackets);
field_to_json(Obj,"locale", locale); field_to_json(Obj,"locale", locale);
field_to_json(Obj,"started", started);
field_to_json(Obj,"sessionId", sessionId);
field_to_json(Obj,"connectionCompletionTime", connectionCompletionTime);
field_to_json(Obj,"totalConnectionTime", Utils::Now() - started);
field_to_json(Obj,"certificateExpiryDate", certificateExpiryDate);
switch(VerifiedCertificate) { switch(VerifiedCertificate) {
case NO_CERTIFICATE: case NO_CERTIFICATE:
@@ -234,23 +218,6 @@ namespace OpenWifi::GWObjects {
} }
} }
void DeviceConnectionStatistics::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"averageConnectionTime", averageConnectionTime);
field_to_json(Obj,"connectedDevices", connectedDevices );
field_to_json(Obj,"connectingDevices", connectingDevices );
}
bool DeviceConnectionStatistics::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"averageConnectionTime", averageConnectionTime);
field_from_json(Obj,"connectedDevices", connectedDevices );
field_from_json(Obj,"connectingDevices", connectingDevices );
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void RttySessionDetails::to_json(Poco::JSON::Object &Obj) const { void RttySessionDetails::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"serialNumber", SerialNumber); field_to_json(Obj,"serialNumber", SerialNumber);
field_to_json(Obj,"server", Server); field_to_json(Obj,"server", Server);
@@ -297,7 +264,7 @@ namespace OpenWifi::GWObjects {
lastContact.clear(); lastContact.clear();
associations.clear(); associations.clear();
numberOfDevices = 0 ; numberOfDevices = 0 ;
snapshot = Utils::Now(); snapshot = OpenWifi::Now();
} }
void CapabilitiesModel::to_json(Poco::JSON::Object &Obj) const{ void CapabilitiesModel::to_json(Poco::JSON::Object &Obj) const{
@@ -309,12 +276,9 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"serialNumber",serialNumber); field_to_json(Obj,"serialNumber",serialNumber);
field_to_json(Obj,"timeout",timeout); field_to_json(Obj,"timeout",timeout);
field_to_json(Obj,"type",type); field_to_json(Obj,"type",type);
field_to_json(Obj,"scriptId",scriptId);
field_to_json(Obj,"script",script); field_to_json(Obj,"script",script);
field_to_json(Obj,"scriptId",scriptId);
field_to_json(Obj,"when",when); field_to_json(Obj,"when",when);
field_to_json(Obj,"signature", signature);
field_to_json(Obj,"deferred", deferred);
field_to_json(Obj,"uri", uri);
} }
bool ScriptRequest::from_json(const Poco::JSON::Object::Ptr &Obj) { bool ScriptRequest::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -325,13 +289,11 @@ namespace OpenWifi::GWObjects {
field_from_json(Obj,"script",script); field_from_json(Obj,"script",script);
field_from_json(Obj,"scriptId",scriptId); field_from_json(Obj,"scriptId",scriptId);
field_from_json(Obj,"when",when); field_from_json(Obj,"when",when);
field_from_json(Obj,"signature", signature);
field_from_json(Obj,"deferred", deferred);
field_from_json(Obj,"uri", uri);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
} }
return false; return false;
} }
void RadiusProxyPoolList::to_json(Poco::JSON::Object &Obj) const { void RadiusProxyPoolList::to_json(Poco::JSON::Object &Obj) const {
@@ -352,8 +314,6 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"description",description); field_to_json(Obj,"description",description);
field_to_json(Obj,"authConfig",authConfig); field_to_json(Obj,"authConfig",authConfig);
field_to_json(Obj,"acctConfig",acctConfig); field_to_json(Obj,"acctConfig",acctConfig);
field_to_json(Obj,"coaConfig",coaConfig);
field_to_json(Obj,"useByDefault",useByDefault);
} }
bool RadiusProxyPool::from_json(const Poco::JSON::Object::Ptr &Obj) { bool RadiusProxyPool::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -362,8 +322,6 @@ namespace OpenWifi::GWObjects {
field_from_json(Obj,"description",description); field_from_json(Obj,"description",description);
field_from_json(Obj,"authConfig",authConfig); field_from_json(Obj,"authConfig",authConfig);
field_from_json(Obj,"acctConfig",acctConfig); field_from_json(Obj,"acctConfig",acctConfig);
field_from_json(Obj,"coaConfig",coaConfig);
field_from_json(Obj,"useByDefault",useByDefault);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
} }
@@ -371,7 +329,7 @@ namespace OpenWifi::GWObjects {
} }
void RadiusProxyServerConfig::to_json(Poco::JSON::Object &Obj) const { void RadiusProxyServerConfig::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"strategy",strategy); field_to_json(Obj,"policy",strategy);
field_to_json(Obj,"monitor",monitor); field_to_json(Obj,"monitor",monitor);
field_to_json(Obj,"monitorMethod",monitorMethod); field_to_json(Obj,"monitorMethod",monitorMethod);
field_to_json(Obj,"methodParameters",methodParameters); field_to_json(Obj,"methodParameters",methodParameters);
@@ -380,7 +338,7 @@ namespace OpenWifi::GWObjects {
bool RadiusProxyServerConfig::from_json(const Poco::JSON::Object::Ptr &Obj) { bool RadiusProxyServerConfig::from_json(const Poco::JSON::Object::Ptr &Obj) {
try { try {
field_from_json(Obj,"strategy",strategy); field_from_json(Obj,"policy",strategy);
field_from_json(Obj,"monitor",monitor); field_from_json(Obj,"monitor",monitor);
field_from_json(Obj,"monitorMethod",monitorMethod); field_from_json(Obj,"monitorMethod",monitorMethod);
field_from_json(Obj,"methodParameters",methodParameters); field_from_json(Obj,"methodParameters",methodParameters);
@@ -396,17 +354,6 @@ namespace OpenWifi::GWObjects {
field_to_json(Obj,"ip",ip); field_to_json(Obj,"ip",ip);
field_to_json(Obj,"port",port); field_to_json(Obj,"port",port);
field_to_json(Obj,"weight",weight); field_to_json(Obj,"weight",weight);
field_to_json(Obj,"secret",secret);
field_to_json(Obj,"certificate",certificate);
field_to_json(Obj,"radsec",radsec);
field_to_json(Obj,"allowSelfSigned",allowSelfSigned);
field_to_json(Obj,"radsecPort",radsecPort);
field_to_json(Obj,"radsecSecret",radsecSecret);
field_to_json(Obj,"radsecCacerts",radsecCacerts);
field_to_json(Obj,"radsecCert",radsecCert);
field_to_json(Obj,"radsecKey",radsecKey);
field_to_json(Obj,"radsecRealms",radsecRealms);
field_to_json(Obj,"ignore",ignore);
} }
bool RadiusProxyServerEntry::from_json(const Poco::JSON::Object::Ptr &Obj) { bool RadiusProxyServerEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -415,133 +362,10 @@ namespace OpenWifi::GWObjects {
field_from_json(Obj,"ip",ip); field_from_json(Obj,"ip",ip);
field_from_json(Obj,"port",port); field_from_json(Obj,"port",port);
field_from_json(Obj,"weight",weight); field_from_json(Obj,"weight",weight);
field_from_json(Obj,"secret",secret);
field_from_json(Obj,"certificate",certificate);
field_from_json(Obj,"radsec",radsec);
field_from_json(Obj,"allowSelfSigned",allowSelfSigned);
field_from_json(Obj,"radsecSecret",radsecSecret);
field_from_json(Obj,"radsecPort",radsecPort);
field_from_json(Obj,"radsecCacerts",radsecCacerts);
field_from_json(Obj,"radsecCert",radsecCert);
field_from_json(Obj,"radsecKey",radsecKey);
field_from_json(Obj,"radsecRealms",radsecRealms);
field_from_json(Obj,"ignore",ignore);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
} }
return false; return false;
} }
void ScriptEntry::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"id", id);
field_to_json(Obj,"name", name);
field_to_json(Obj,"description", description);
field_to_json(Obj,"uri", uri);
field_to_json(Obj,"content", content);
field_to_json(Obj,"version", version);
field_to_json(Obj,"type", type);
field_to_json(Obj,"created", created);
field_to_json(Obj,"modified", modified);
field_to_json(Obj,"author", author);
field_to_json(Obj,"restricted", restricted);
field_to_json(Obj,"deferred", deferred);
field_to_json(Obj,"timeout", timeout);
field_to_json(Obj,"defaultUploadURI", defaultUploadURI);
}
bool ScriptEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"id", id);
field_from_json(Obj,"name", name);
field_from_json(Obj,"description", description);
field_from_json(Obj,"uri", uri);
field_from_json(Obj,"content", content);
field_from_json(Obj,"version", version);
field_from_json(Obj,"type", type);
field_from_json(Obj,"created", created);
field_from_json(Obj,"modified", modified);
field_from_json(Obj,"author", author);
field_from_json(Obj,"restricted", restricted);
field_from_json(Obj,"deferred", deferred);
field_from_json(Obj,"timeout", timeout);
field_from_json(Obj,"defaultUploadURI", defaultUploadURI);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void ScriptEntryList::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"scripts",scripts);
}
bool ScriptEntryList::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"scripts",scripts);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void DeviceRestrictionsKeyInfo::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"vendor", vendor);
field_to_json(Obj,"algo", algo);
}
bool DeviceRestrictionsKeyInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"vendor", vendor);
field_from_json(Obj,"algo", algo);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
void DeviceRestrictions::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"dfs", dfs);
field_to_json(Obj,"ssh", ssh);
field_to_json(Obj,"rtty", rtty);
field_to_json(Obj,"tty", tty);
field_to_json(Obj,"developer", developer);
field_to_json(Obj,"upgrade", upgrade);
field_to_json(Obj,"commands", commands);
field_to_json(Obj,"country", country);
field_to_json(Obj,"key_info", key_info);
}
bool DeviceRestrictions::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"dfs", dfs);
field_from_json(Obj,"ssh", ssh);
field_from_json(Obj,"rtty", rtty);
field_from_json(Obj,"tty", tty);
field_from_json(Obj,"developer", developer);
field_from_json(Obj,"upgrade", upgrade);
field_from_json(Obj,"commands", commands);
field_from_json(Obj,"country", country);
field_from_json(Obj,"key_info", key_info);
return true;
} catch (const Poco::Exception &E) {
}
return false;
}
bool DeviceRestrictionsKeyInfo::operator!=(const OpenWifi::GWObjects::DeviceRestrictionsKeyInfo &T) const {
return (T.algo!=algo) || (T.vendor!=vendor);
}
bool DeviceRestrictions::operator!=(const OpenWifi::GWObjects::DeviceRestrictions &T) const {
return ( (T.dfs!=dfs) ||
(T.rtty!=rtty) ||
(T.upgrade!=upgrade) ||
(T.commands != commands) ||
(T.developer != developer) ||
(T.ssh !=ssh) ||
(T.key_info != key_info) ||
(T.country != country) );
}
} }

107
src/RESTObjects/RESTAPI_GWobjects.h
View File

@@ -28,52 +28,19 @@ namespace OpenWifi::GWObjects {
uint64_t TX = 0, RX = 0; uint64_t TX = 0, RX = 0;
uint64_t Associations_2G=0; uint64_t Associations_2G=0;
uint64_t Associations_5G=0; uint64_t Associations_5G=0;
uint64_t Associations_6G=0;
bool Connected = false; bool Connected = false;
uint64_t LastContact=0; uint64_t LastContact=0;
std::string Firmware; std::string Firmware;
CertificateValidation VerifiedCertificate = NO_CERTIFICATE; CertificateValidation VerifiedCertificate = NO_CERTIFICATE;
std::string Compatible; std::string Compatible;
uint64_t kafkaClients=0; uint64_t kafkaClients=0;
uint64_t webSocketClients=0; uint64_t webSocketClients=0;
uint64_t kafkaPackets=0; uint64_t kafkaPackets=0;
uint64_t websocketPackets=0; uint64_t websocketPackets=0;
std::string locale; std::string locale;
uint64_t started=0;
uint64_t sessionId=0;
double connectionCompletionTime=0.0;
std::uint64_t certificateExpiryDate=0;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
}; };
struct DeviceRestrictionsKeyInfo {
std::string vendor;
std::string algo;
bool operator !=(const DeviceRestrictionsKeyInfo &b) const;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct DeviceRestrictions {
bool dfs = false;
bool ssh = false;
bool rtty = false;
bool tty = false;
bool developer = false;
bool upgrade = false;
bool commands = false;
std::vector<std::string> country;
DeviceRestrictionsKeyInfo key_info;
bool operator !=(const DeviceRestrictions &D) const;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct Device { struct Device {
std::string SerialNumber; std::string SerialNumber;
std::string DeviceType; std::string DeviceType;
@@ -97,10 +64,6 @@ namespace OpenWifi::GWObjects {
std::string entity; std::string entity;
uint64_t modified=0; uint64_t modified=0;
std::string locale; std::string locale;
bool restrictedDevice=false;
std::string pendingConfiguration;
std::string pendingConfigurationCmd;
DeviceRestrictions restrictionDetails;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
void to_json_with_status(Poco::JSON::Object &Obj) const; void to_json_with_status(Poco::JSON::Object &Obj) const;
@@ -108,15 +71,6 @@ namespace OpenWifi::GWObjects {
void Print() const; void Print() const;
}; };
struct DeviceConnectionStatistics {
std::uint64_t connectedDevices = 0;
std::uint64_t averageConnectionTime = 0;
std::uint64_t connectingDevices = 0;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct Statistics { struct Statistics {
std::string SerialNumber; std::string SerialNumber;
uint64_t UUID = 0 ; uint64_t UUID = 0 ;
@@ -246,44 +200,13 @@ namespace OpenWifi::GWObjects {
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
}; };
struct ScriptEntry {
std::string id;
std::string name;
std::string description;
std::string uri;
std::string content;
std::string version;
std::string type;
std::uint64_t created;
std::uint64_t modified;
std::string author;
Types::StringVec restricted;
bool deferred=false;
std::uint64_t timeout=30;
std::string defaultUploadURI;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ScriptEntryList {
std::vector<ScriptEntry> scripts;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ScriptRequest { struct ScriptRequest {
std::string serialNumber;
uint64_t timeout=30; uint64_t timeout=30;
std::string serialNumber;
std::string type; std::string type;
std::string script; std::string script;
std::string scriptId; std::string scriptId;
std::uint64_t when; uint64_t when=0;
std::string signature;
bool deferred;
std::string uri;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
}; };
@@ -293,17 +216,6 @@ namespace OpenWifi::GWObjects {
std::string ip; std::string ip;
uint16_t port=0; uint16_t port=0;
uint64_t weight=0; uint64_t weight=0;
std::string secret;
std::string certificate;
bool radsec=false;
bool allowSelfSigned=false;
uint16_t radsecPort=2083;
std::string radsecSecret;
std::string radsecKey;
std::string radsecCert;
std::vector<std::string> radsecCacerts;
std::vector<std::string> radsecRealms;
bool ignore=false;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -325,8 +237,6 @@ namespace OpenWifi::GWObjects {
std::string description; std::string description;
RadiusProxyServerConfig authConfig; RadiusProxyServerConfig authConfig;
RadiusProxyServerConfig acctConfig; RadiusProxyServerConfig acctConfig;
RadiusProxyServerConfig coaConfig;
bool useByDefault=false;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -338,5 +248,4 @@ namespace OpenWifi::GWObjects {
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
}; };
} }

110
src/RESTObjects/RESTAPI_OWLSobjects.cpp
View File

@@ -1,110 +0,0 @@
//
// Created by stephane bourque on 2021-08-31.
//
#include "framework/RESTAPI_utils.h"
using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json;
using OpenWifi::RESTAPI_utils::EmbedDocument;
#include "RESTAPI_OWLSobjects.h"
// SIM -> 0x53/0x073, 0x49/0x69, 0x4d/0x6d
namespace OpenWifi::OWLSObjects {
void SimulationDetails::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"id", id);
field_to_json(Obj,"name", name);
field_to_json(Obj,"gateway", gateway);
field_to_json(Obj,"certificate", certificate);
field_to_json(Obj,"key", key);
field_to_json(Obj,"macPrefix", macPrefix);
field_to_json(Obj,"deviceType", deviceType);
field_to_json(Obj,"devices", devices);
field_to_json(Obj,"healthCheckInterval", healthCheckInterval);
field_to_json(Obj,"stateInterval", stateInterval);
field_to_json(Obj,"minAssociations", minAssociations);
field_to_json(Obj,"maxAssociations", maxAssociations);
field_to_json(Obj,"minClients", minClients);
field_to_json(Obj,"maxClients", maxClients);
field_to_json(Obj,"simulationLength", simulationLength);
field_to_json(Obj,"threads", threads);
field_to_json(Obj,"clientInterval", clientInterval);
field_to_json(Obj,"keepAlive", keepAlive);
field_to_json(Obj,"reconnectInterval", reconnectInterval);
field_to_json(Obj,"concurrentDevices", concurrentDevices);
}
bool SimulationDetails::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"id", id);
field_from_json(Obj,"name", name);
field_from_json(Obj,"gateway", gateway);
field_from_json(Obj,"certificate", certificate);
field_from_json(Obj,"key", key);
field_from_json(Obj,"macPrefix", macPrefix);
field_from_json(Obj,"deviceType", deviceType);
field_from_json(Obj,"devices", devices);
field_from_json(Obj,"healthCheckInterval", healthCheckInterval);
field_from_json(Obj,"stateInterval", stateInterval);
field_from_json(Obj,"minAssociations", minAssociations);
field_from_json(Obj,"maxAssociations", maxAssociations);
field_from_json(Obj,"minClients", minClients);
field_from_json(Obj,"maxClients", maxClients);
field_from_json(Obj,"simulationLength", simulationLength);
field_from_json(Obj,"threads", threads);
field_from_json(Obj,"clientInterval", clientInterval);
field_from_json(Obj,"keepAlive", keepAlive);
field_from_json(Obj,"reconnectInterval", reconnectInterval);
field_from_json(Obj,"concurrentDevices", concurrentDevices);
return true;
} catch(...) {
}
return false;
}
void SimulationDetailsList::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"list", list);
}
bool SimulationDetailsList::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"list", list);
return true;
} catch(...) {
}
return false;
}
void SimulationStatus::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"id", id);
field_to_json(Obj,"simulationId", simulationId);
field_to_json(Obj,"state", state);
field_to_json(Obj,"tx", tx);
field_to_json(Obj,"rx", rx);
field_to_json(Obj,"msgsTx", msgsTx);
field_to_json(Obj,"msgsRx", msgsRx);
field_to_json(Obj,"liveDevices", liveDevices);
field_to_json(Obj,"timeToFullDevices", timeToFullDevices);
field_to_json(Obj,"startTime", startTime);
field_to_json(Obj,"endTime", endTime);
field_to_json(Obj,"errorDevices", errorDevices);
field_to_json(Obj,"owner", owner);
}
void Dashboard::to_json([[maybe_unused]] Poco::JSON::Object &Obj) const {
}
bool Dashboard::from_json([[maybe_unused]] const Poco::JSON::Object::Ptr &Obj) {
return true;
}
void Dashboard::reset() {
}
}

77
src/RESTObjects/RESTAPI_OWLSobjects.h
View File

@@ -1,77 +0,0 @@
//
// Created by stephane bourque on 2021-08-31.
//
#ifndef UCENTRALSIM_RESTAPI_OWLSOBJECTS_H
#define UCENTRALSIM_RESTAPI_OWLSOBJECTS_H
#include <vector>
#include "Poco/JSON/Object.h"
namespace OpenWifi::OWLSObjects {
struct SimulationDetails {
std::string id;
std::string name;
std::string gateway;
std::string certificate;
std::string key;
std::string macPrefix;
std::string deviceType;
uint64_t devices = 5;
uint64_t healthCheckInterval = 60;
uint64_t stateInterval = 60 ;
uint64_t minAssociations = 1;
uint64_t maxAssociations = 3;
uint64_t minClients = 1 ;
uint64_t maxClients = 3;
uint64_t simulationLength = 60 * 60;
uint64_t threads = 16;
uint64_t clientInterval = 1;
uint64_t keepAlive = 300;
uint64_t reconnectInterval = 30 ;
uint64_t concurrentDevices = 5;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct SimulationDetailsList {
std::vector<SimulationDetails> list;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct SimulationStatus {
std::string id;
std::string simulationId;
std::string state;
uint64_t tx;
uint64_t rx;
uint64_t msgsTx;
uint64_t msgsRx;
uint64_t liveDevices;
uint64_t timeToFullDevices;
uint64_t startTime;
uint64_t endTime;
uint64_t errorDevices;
std::string owner;
void to_json(Poco::JSON::Object &Obj) const;
};
struct Dashboard {
int O;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
void reset();
};
}
#endif //UCENTRALSIM_RESTAPI_OWLSOBJECTS_H

93
src/RESTObjects/RESTAPI_ProvObjects.cpp
View File

@@ -8,9 +8,7 @@
#include "RESTAPI_ProvObjects.h" #include "RESTAPI_ProvObjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
#include "framework/MicroServiceFuncs.h"
#include "framework/utils.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;
@@ -602,7 +600,6 @@ namespace OpenWifi::ProvObjects {
field_to_json( Obj, "devClass",devClass); field_to_json( Obj, "devClass",devClass);
field_to_json( Obj, "locale",locale); field_to_json( Obj, "locale",locale);
field_to_json( Obj, "realMacAddress",realMacAddress); field_to_json( Obj, "realMacAddress",realMacAddress);
field_to_json( Obj, "doNotAllowOverrides",doNotAllowOverrides);
} }
bool InventoryTag::from_json(const Poco::JSON::Object::Ptr &Obj) { bool InventoryTag::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -624,7 +621,6 @@ namespace OpenWifi::ProvObjects {
field_from_json( Obj,"devClass",devClass); field_from_json( Obj,"devClass",devClass);
field_from_json( Obj,"locale",locale); field_from_json( Obj,"locale",locale);
field_from_json( Obj,"realMacAddress",realMacAddress); field_from_json( Obj,"realMacAddress",realMacAddress);
field_from_json( Obj, "doNotAllowOverrides",doNotAllowOverrides);
return true; return true;
} catch(...) { } catch(...) {
@@ -1095,7 +1091,7 @@ namespace OpenWifi::ProvObjects {
} }
bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I) { bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I) {
uint64_t Now = Utils::Now(); uint64_t Now = OpenWifi::Now();
if(O->has("name")) if(O->has("name"))
I.name = O->get("name").toString(); I.name = O->get("name").toString();
@@ -1116,7 +1112,7 @@ namespace OpenWifi::ProvObjects {
} }
bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I) { bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I) {
uint64_t Now = Utils::Now(); uint64_t Now = OpenWifi::Now();
if(O->has("name")) if(O->has("name"))
I.name = O->get("name").toString(); I.name = O->get("name").toString();
@@ -1134,14 +1130,14 @@ namespace OpenWifi::ProvObjects {
} }
I.notes = N; I.notes = N;
I.modified = I.created = Now; I.modified = I.created = Now;
I.id = MicroServiceCreateUUID(); I.id = MicroService::CreateUUID();
return true; return true;
} }
bool CreateObjectInfo([[maybe_unused]] const SecurityObjects::UserInfo &U, ObjectInfo &I) { bool CreateObjectInfo([[maybe_unused]] const SecurityObjects::UserInfo &U, ObjectInfo &I) {
I.modified = I.created = Utils::Now(); I.modified = I.created = OpenWifi::Now();
I.id = MicroServiceCreateUUID(); I.id = MicroService::CreateUUID();
return true; return true;
} }
@@ -1163,82 +1159,5 @@ namespace OpenWifi::ProvObjects {
return false; return false;
} }
void RRMAlgorithmDetails::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"name",name);
field_to_json(Obj,"parameters",parameters);
}
bool RRMAlgorithmDetails::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"name",name);
field_from_json(Obj,"parameters",parameters);
return true;
} catch(...) {
}
return false;
}
void RRMDetails::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"vendor",vendor);
field_to_json(Obj,"schedule",schedule);
field_to_json(Obj,"algorithms",algorithms);
}
bool RRMDetails::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"vendor",vendor);
field_from_json(Obj,"schedule",schedule);
field_from_json(Obj,"algorithms",algorithms);
return true;
} catch(...) {
}
return false;
}
void ConfigurationOverride::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"source",source);
field_to_json(Obj,"reason",reason);
field_to_json(Obj,"parameterName",parameterName);
field_to_json(Obj,"parameterType",parameterType);
field_to_json(Obj,"parameterValue",parameterValue);
field_to_json(Obj,"modified",modified);
}
bool ConfigurationOverride::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"source",source);
field_from_json(Obj,"reason",reason);
field_from_json(Obj,"parameterName",parameterName);
field_from_json(Obj,"parameterType",parameterType);
field_from_json(Obj,"parameterValue",parameterValue);
field_from_json(Obj,"modified",modified);
return true;
} catch(...) {
}
return false;
}
void ConfigurationOverrideList::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj,"serialNumber",serialNumber);
field_to_json(Obj,"managementPolicy",managementPolicy);
field_to_json(Obj,"overrides",overrides);
}
bool ConfigurationOverrideList::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj,"serialNumber",serialNumber);
field_from_json(Obj,"managementPolicy",managementPolicy);
field_from_json(Obj,"overrides",overrides);
return true;
} catch(...) {
}
return false;
}
} }

40
src/RESTObjects/RESTAPI_ProvObjects.h
View File

@@ -8,7 +8,8 @@
#pragma once #pragma once
#include "RESTObjects/RESTAPI_SecurityObjects.h" #include <string>
#include "RESTAPI_SecurityObjects.h"
namespace OpenWifi::ProvObjects { namespace OpenWifi::ProvObjects {
@@ -61,21 +62,6 @@ namespace OpenWifi::ProvObjects {
}; };
typedef std::vector<ManagementPolicy> ManagementPolicyVec; typedef std::vector<ManagementPolicy> ManagementPolicyVec;
struct RRMAlgorithmDetails {
std::string name;
std::string parameters;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct RRMDetails {
std::string vendor;
std::string schedule;
std::vector<RRMAlgorithmDetails> algorithms;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct DeviceRules { struct DeviceRules {
std::string rcOnly{"inherit"}; std::string rcOnly{"inherit"};
std::string rrm{"inherit"}; std::string rrm{"inherit"};
@@ -428,7 +414,6 @@ namespace OpenWifi::ProvObjects {
std::string devClass; std::string devClass;
std::string locale; std::string locale;
std::string realMacAddress; std::string realMacAddress;
bool doNotAllowOverrides=false;
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -694,27 +679,6 @@ namespace OpenWifi::ProvObjects {
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
}; };
struct ConfigurationOverride {
std::string source;
std::string reason;
std::string parameterName;
std::string parameterType;
std::string parameterValue;
std::uint64_t modified;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ConfigurationOverrideList {
std::string serialNumber;
Types::UUID_t managementPolicy;
std::vector<ConfigurationOverride> overrides;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I); bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I);
bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I); bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I);
bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I); bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);

81
src/RESTObjects/RESTAPI_SecurityObjects.cpp
View File

@@ -9,7 +9,7 @@
#include "Poco/JSON/Parser.h" #include "Poco/JSON/Parser.h"
#include "Poco/JSON/Stringifier.h" #include "Poco/JSON/Stringifier.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
#include "RESTAPI_SecurityObjects.h" #include "RESTAPI_SecurityObjects.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
@@ -433,7 +433,7 @@ namespace OpenWifi::SecurityObjects {
SecurityObjects::NoteInfoVec NIV; SecurityObjects::NoteInfoVec NIV;
NIV = RESTAPI_utils::to_object_array<SecurityObjects::NoteInfo>(Obj->get("notes").toString()); NIV = RESTAPI_utils::to_object_array<SecurityObjects::NoteInfo>(Obj->get("notes").toString());
for(auto const &i:NIV) { for(auto const &i:NIV) {
SecurityObjects::NoteInfo ii{.created=(uint64_t)Utils::Now(), .createdBy=UInfo.email, .note=i.note}; SecurityObjects::NoteInfo ii{.created=(uint64_t)OpenWifi::Now(), .createdBy=UInfo.email, .note=i.note};
Notes.push_back(ii); Notes.push_back(ii);
} }
} }
@@ -446,7 +446,7 @@ namespace OpenWifi::SecurityObjects {
bool MergeNotes(const NoteInfoVec & NewNotes, const UserInfo &UInfo, NoteInfoVec & ExistingNotes) { bool MergeNotes(const NoteInfoVec & NewNotes, const UserInfo &UInfo, NoteInfoVec & ExistingNotes) {
for(auto const &i:NewNotes) { for(auto const &i:NewNotes) {
SecurityObjects::NoteInfo ii{.created=(uint64_t)Utils::Now(), .createdBy=UInfo.email, .note=i.note}; SecurityObjects::NoteInfo ii{.created=(uint64_t)OpenWifi::Now(), .createdBy=UInfo.email, .note=i.note};
ExistingNotes.push_back(ii); ExistingNotes.push_back(ii);
} }
return true; return true;
@@ -619,80 +619,5 @@ namespace OpenWifi::SecurityObjects {
field_to_json(Obj,"login",login); field_to_json(Obj,"login",login);
field_to_json(Obj,"logout",logout); field_to_json(Obj,"logout",logout);
} }
void ApiKeyAccessRight::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj, "service", service);
field_to_json(Obj, "access", access);
}
bool ApiKeyAccessRight::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj, "service", service);
field_from_json(Obj, "access", access);
return true;
} catch(...) {
std::cout << "Cannot parse: Token" << std::endl;
}
return false;
}
void ApiKeyAccessRightList::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj, "acls", acls);
}
bool ApiKeyAccessRightList::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj, "acls", acls);
return true;
} catch(...) {
std::cout << "Cannot parse: Token" << std::endl;
}
return false;
}
void ApiKeyEntry::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj, "id", id);
field_to_json(Obj, "userUuid", userUuid);
field_to_json(Obj, "name", name);
field_to_json(Obj, "apiKey", apiKey);
field_to_json(Obj, "salt", salt);
field_to_json(Obj, "description", description);
field_to_json(Obj, "expiresOn", expiresOn);
field_to_json(Obj, "rights", rights);
field_to_json(Obj, "lastUse", lastUse);
}
bool ApiKeyEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj, "id", id);
field_from_json(Obj, "userUuid", userUuid);
field_from_json(Obj, "name", name);
field_from_json(Obj, "apiKey", apiKey);
field_from_json(Obj, "salt", salt);
field_from_json(Obj, "description", description);
field_from_json(Obj, "expiresOn", expiresOn);
field_from_json(Obj, "rights", rights);
field_from_json(Obj, "lastUse", lastUse);
return true;
} catch(...) {
std::cout << "Cannot parse: Token" << std::endl;
}
return false;
}
void ApiKeyEntryList::to_json(Poco::JSON::Object &Obj) const {
field_to_json(Obj, "apiKeys", apiKeys);
}
bool ApiKeyEntryList::from_json(const Poco::JSON::Object::Ptr &Obj) {
try {
field_from_json(Obj, "apiKeys", apiKeys);
return true;
} catch(...) {
std::cout << "Cannot parse: Token" << std::endl;
}
return false;
}
} }

49
src/RESTObjects/RESTAPI_SecurityObjects.h
View File

@@ -14,7 +14,6 @@
#include "Poco/JSON/Object.h" #include "Poco/JSON/Object.h"
#include "Poco/Data/LOB.h" #include "Poco/Data/LOB.h"
#include "Poco/Data/LOBStream.h" #include "Poco/Data/LOBStream.h"
#include "framework/utils.h"
namespace OpenWifi { namespace OpenWifi {
uint64_t Now(); uint64_t Now();
@@ -63,7 +62,7 @@ namespace OpenWifi {
std::string UserTypeToString(USER_ROLE U); std::string UserTypeToString(USER_ROLE U);
struct NoteInfo { struct NoteInfo {
uint64_t created=0; // = Utils::Now(); uint64_t created=0; // = OpenWifi::Now();
std::string createdBy; std::string createdBy;
std::string note; std::string note;
@@ -102,7 +101,7 @@ namespace OpenWifi {
std::string uuid; std::string uuid;
std::string question; std::string question;
std::string method; std::string method;
uint64_t created = Utils::Now(); uint64_t created = OpenWifi::Now();
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj); bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -252,8 +251,7 @@ namespace OpenWifi {
VERIFY_EMAIL, VERIFY_EMAIL,
SUB_FORGOT_PASSWORD, SUB_FORGOT_PASSWORD,
SUB_VERIFY_EMAIL, SUB_VERIFY_EMAIL,
SUB_SIGNUP, SUB_SIGNUP
EMAIL_INVITATION
}; };
struct ActionLink { struct ActionLink {
@@ -265,7 +263,7 @@ namespace OpenWifi {
std::string locale; std::string locale;
std::string message; std::string message;
uint64_t sent=0; uint64_t sent=0;
uint64_t created=Utils::Now(); uint64_t created=OpenWifi::Now();
uint64_t expires=0; uint64_t expires=0;
uint64_t completed=0; uint64_t completed=0;
uint64_t canceled=0; uint64_t canceled=0;
@@ -325,44 +323,5 @@ namespace OpenWifi {
void to_json(Poco::JSON::Object &Obj) const; void to_json(Poco::JSON::Object &Obj) const;
}; };
struct ApiKeyAccessRight {
std::string service;
std::string access;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ApiKeyAccessRightList {
std::vector<ApiKeyAccessRight> acls;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ApiKeyEntry {
Types::UUID_t id;
Types::UUID_t userUuid;
std::string name;
std::string description;
std::string apiKey;
std::string salt;
std::uint64_t created;
std::uint64_t expiresOn=0;
ApiKeyAccessRightList rights;
std::uint64_t lastUse=0;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
struct ApiKeyEntryList {
std::vector<ApiKeyEntry> apiKeys;
void to_json(Poco::JSON::Object &Obj) const;
bool from_json(const Poco::JSON::Object::Ptr &Obj);
};
} }
} }

3
src/RESTObjects/RESTAPI_SubObjects.cpp
View File

@@ -3,11 +3,12 @@
// //
#include "RESTAPI_SubObjects.h" #include "RESTAPI_SubObjects.h"
#include "framework/RESTAPI_utils.h" #include "framework/MicroService.h"
using OpenWifi::RESTAPI_utils::field_to_json; using OpenWifi::RESTAPI_utils::field_to_json;
using OpenWifi::RESTAPI_utils::field_from_json; using OpenWifi::RESTAPI_utils::field_from_json;
namespace OpenWifi::SubObjects { namespace OpenWifi::SubObjects {
void HomeDeviceMode::to_json(Poco::JSON::Object &Obj) const { void HomeDeviceMode::to_json(Poco::JSON::Object &Obj) const {

13
src/SMSSender.cpp
View File

@@ -2,18 +2,23 @@
// Created by stephane bourque on 2021-10-09. // Created by stephane bourque on 2021-10-09.
// //
#include <aws/sns/SNSClient.h>
#include <aws/sns/model/PublishRequest.h>
#include <aws/sns/model/PublishResult.h>
#include <aws/sns/model/GetSMSAttributesRequest.h>
#include "MFAServer.h" #include "MFAServer.h"
#include "SMS_provider_aws.h" #include "SMS_provider_aws.h"
#include "SMS_provider_twilio.h" #include "SMS_provider_twilio.h"
#include "SMSSender.h" #include "SMSSender.h"
#include "framework/MicroService.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
int SMSSender::Start() { int SMSSender::Start() {
Enabled_ = MicroServiceConfigGetBool("smssender.enabled",false); Enabled_ = MicroService::instance().ConfigGetBool("smssender.enabled",false);
if(Enabled_) { if(Enabled_) {
Provider_ = MicroServiceConfigGetString("smssender.provider","aws"); Provider_ = MicroService::instance().ConfigGetString("smssender.provider","aws");
if(Provider_=="aws") { if(Provider_=="aws") {
ProviderImpl_ = std::make_unique<SMS_provider_aws>(Logger()); ProviderImpl_ = std::make_unique<SMS_provider_aws>(Logger());
} else if(Provider_=="twilio") { } else if(Provider_=="twilio") {
@@ -80,7 +85,7 @@ namespace OpenWifi {
bool SMSSender::Send(const std::string &PhoneNumber, const std::string &Message) { bool SMSSender::Send(const std::string &PhoneNumber, const std::string &Message) {
if(!Enabled_) { if(!Enabled_) {
poco_information(Logger(),"SMS has not been enabled. Messages cannot be sent."); Logger().information("SMS has not been enabled. Messages cannot be sent.");
return false; return false;
} }
return ProviderImpl_->Send(PhoneNumber,Message); return ProviderImpl_->Send(PhoneNumber,Message);

8
src/SMSSender.h
View File

@@ -2,13 +2,14 @@
// Created by stephane bourque on 2021-10-09. // Created by stephane bourque on 2021-10-09.
// //
#pragma once #ifndef OWSEC_SMSSENDER_H
#define OWSEC_SMSSENDER_H
#include <aws/core/Aws.h> #include <aws/core/Aws.h>
#include <aws/s3/S3Client.h> #include <aws/s3/S3Client.h>
#include <aws/core/auth/AWSCredentials.h> #include <aws/core/auth/AWSCredentials.h>
#include "framework/SubSystemServer.h" #include "framework/MicroService.h"
#include "SMS_provider.h" #include "SMS_provider.h"
namespace OpenWifi { namespace OpenWifi {
@@ -53,3 +54,6 @@ namespace OpenWifi {
inline SMSSender * SMSSender() { return SMSSender::instance(); } inline SMSSender * SMSSender() { return SMSSender::instance(); }
} }
#endif //OWSEC_SMSSENDER_H

19
src/SMS_provider_aws.cpp
View File

@@ -2,23 +2,22 @@
// Created by stephane bourque on 2021-10-15. // Created by stephane bourque on 2021-10-15.
// //
#include "SMS_provider_aws.h"
#include <aws/sns/SNSClient.h> #include <aws/sns/SNSClient.h>
#include <aws/sns/model/PublishRequest.h> #include <aws/sns/model/PublishRequest.h>
#include <aws/sns/model/PublishResult.h> #include <aws/sns/model/PublishResult.h>
#include "framework/MicroServiceFuncs.h" #include "framework/MicroService.h"
#include "fmt/format.h" #include "SMS_provider_aws.h"
namespace OpenWifi { namespace OpenWifi {
bool SMS_provider_aws::Initialize() { bool SMS_provider_aws::Initialize() {
SecretKey_ = MicroServiceConfigGetString("smssender.aws.secretkey",""); SecretKey_ = MicroService::instance().ConfigGetString("smssender.aws.secretkey","");
AccessKey_ = MicroServiceConfigGetString("smssender.aws.accesskey",""); AccessKey_ = MicroService::instance().ConfigGetString("smssender.aws.accesskey","");
Region_ = MicroServiceConfigGetString("smssender.aws.region",""); Region_ = MicroService::instance().ConfigGetString("smssender.aws.region","");
if(SecretKey_.empty() || AccessKey_.empty() || Region_.empty()) { if(SecretKey_.empty() || AccessKey_.empty() || Region_.empty()) {
poco_debug(Logger(),"SMSSender is disabled. Please provide key, secret, and region."); Logger().debug("SMSSender is disabled. Please provide key, secret, and region.");
return false; return false;
} }
Running_=true; Running_=true;
@@ -52,16 +51,16 @@ namespace OpenWifi {
auto psms_out = sns.Publish(psms_req); auto psms_out = sns.Publish(psms_req);
if (psms_out.IsSuccess()) { if (psms_out.IsSuccess()) {
poco_debug(Logger(),fmt::format("SMS sent to {}",PhoneNumber)); Logger().debug(fmt::format("SMS sent to {}",PhoneNumber));
return true; return true;
} }
std::string ErrMsg{psms_out.GetError().GetMessage()}; std::string ErrMsg{psms_out.GetError().GetMessage()};
poco_debug(Logger(),fmt::format("SMS NOT sent to {}: {}",PhoneNumber, ErrMsg)); Logger().debug(fmt::format("SMS NOT sent to {}: {}",PhoneNumber, ErrMsg));
return false; return false;
} catch (...) { } catch (...) {
} }
poco_debug(Logger(),fmt::format("SMS NOT sent to {}: failure in SMS service",PhoneNumber)); Logger().debug(fmt::format("SMS NOT sent to {}: failure in SMS service",PhoneNumber));
return false; return false;
} }

5
src/SMS_provider_aws.h
View File

@@ -2,7 +2,8 @@
// Created by stephane bourque on 2021-10-15. // Created by stephane bourque on 2021-10-15.
// //
#pragma once #ifndef OWSEC_SMS_PROVIDER_AWS_H
#define OWSEC_SMS_PROVIDER_AWS_H
#include <aws/core/Aws.h> #include <aws/core/Aws.h>
#include <aws/s3/S3Client.h> #include <aws/s3/S3Client.h>
@@ -31,3 +32,5 @@ namespace OpenWifi {
Aws::Auth::AWSCredentials AwsCreds_; Aws::Auth::AWSCredentials AwsCreds_;
}; };
} }
#endif //OWSEC_SMS_PROVIDER_AWS_H

16
src/SMS_provider_twilio.cpp
View File

@@ -9,18 +9,16 @@
#include "Poco/Net/HTMLForm.h" #include "Poco/Net/HTMLForm.h"
#include "Poco/Net/HTTPSClientSession.h" #include "Poco/Net/HTTPSClientSession.h"
#include "Poco/Net/HTTPResponse.h" #include "Poco/Net/HTTPResponse.h"
#include "framework/MicroService.h"
#include "framework/MicroServiceFuncs.h"
#include "fmt/format.h"
namespace OpenWifi { namespace OpenWifi {
bool SMS_provider_twilio::Initialize() { bool SMS_provider_twilio::Initialize() {
Sid_ = MicroServiceConfigGetString("smssender.twilio.sid",""); Sid_ = MicroService::instance().ConfigGetString("smssender.twilio.sid","");
Token_ = MicroServiceConfigGetString("smssender.twilio.token",""); Token_ = MicroService::instance().ConfigGetString("smssender.twilio.token","");
PhoneNumber_ = MicroServiceConfigGetString("smssender.twilio.phonenumber",""); PhoneNumber_ = MicroService::instance().ConfigGetString("smssender.twilio.phonenumber","");
if(Sid_.empty() || Token_.empty() || PhoneNumber_.empty()) { if(Sid_.empty() || Token_.empty() || PhoneNumber_.empty()) {
poco_debug(Logger(),"SMSSender is disabled. Please provide SID, TOKEN, and PHONE NUMBER."); Logger().debug("SMSSender is disabled. Please provide SID, TOKEN, and PHONE NUMBER.");
return false; return false;
} }
Running_=true; Running_=true;
@@ -66,12 +64,12 @@ namespace OpenWifi {
std::istream& rs = session.receiveResponse(res); std::istream& rs = session.receiveResponse(res);
if(res.getStatus()==Poco::Net::HTTPResponse::HTTP_OK) { if(res.getStatus()==Poco::Net::HTTPResponse::HTTP_OK) {
poco_information(Logger(),fmt::format("Message sent to {}", PhoneNumber)); Logger().information(fmt::format("Message sent to {}", PhoneNumber));
return true; return true;
} else { } else {
std::ostringstream os; std::ostringstream os;
Poco::StreamCopier::copyStream(rs,os); Poco::StreamCopier::copyStream(rs,os);
poco_information(Logger(),fmt::format("Message was not to {}: Error:{}", PhoneNumber, os.str())); Logger().information(fmt::format("Message was not to {}: Error:{}", PhoneNumber, os.str()));
return false; return false;
} }
} }

118
src/SMTPMailerService.cpp
View File

@@ -1,6 +1,8 @@
// //
// Created by stephane bourque on 2021-06-17. // Created by stephane bourque on 2021-06-17.
// //
#include <iostream>
#include <fstream>
#include "Poco/Net/MailMessage.h" #include "Poco/Net/MailMessage.h"
#include "Poco/Net/MailRecipient.h" #include "Poco/Net/MailRecipient.h"
@@ -10,32 +12,26 @@
#include "Poco/Exception.h" #include "Poco/Exception.h"
#include "Poco/Net/SSLManager.h" #include "Poco/Net/SSLManager.h"
#include "Poco/Net/Context.h" #include "Poco/Net/Context.h"
#include "Poco/Net/NetException.h"
#include "SMTPMailerService.h" #include "SMTPMailerService.h"
#include "framework/MicroService.h"
#include "AuthService.h" #include "AuthService.h"
#include "framework/MicroServiceFuncs.h"
#include "framework/utils.h"
#include "fmt/format.h"
namespace OpenWifi { namespace OpenWifi {
void SMTPMailerService::LoadMyConfig() { void SMTPMailerService::LoadMyConfig() {
Enabled_ = MicroServiceConfigGetBool("mailer.enabled",false); Enabled_ = MicroService::instance().ConfigGetBool("mailer.enabled",false);
if(Enabled_) { if(Enabled_) {
MailHost_ = MicroServiceConfigGetString("mailer.hostname",""); MailHost_ = MicroService::instance().ConfigGetString("mailer.hostname");
SenderLoginUserName_ = MicroServiceConfigGetString("mailer.username",""); SenderLoginUserName_ = MicroService::instance().ConfigGetString("mailer.username");
SenderLoginPassword_ = MicroServiceConfigGetString("mailer.password",""); SenderLoginPassword_ = MicroService::instance().ConfigGetString("mailer.password");
Sender_ = MicroServiceConfigGetString("mailer.sender",""); Sender_ = MicroService::instance().ConfigGetString("mailer.sender");
LoginMethod_ = MicroServiceConfigGetString("mailer.loginmethod",""); LoginMethod_ = MicroService::instance().ConfigGetString("mailer.loginmethod");
MailHostPort_ = MicroServiceConfigGetInt("mailer.port", 587); MailHostPort_ = MicroService::instance().ConfigGetInt("mailer.port");
TemplateDir_ = MicroServiceConfigPath("mailer.templates", MicroServiceDataDirectory()); TemplateDir_ = MicroService::instance().ConfigPath("mailer.templates", MicroService::instance().DataDir());
MailRetry_ = MicroServiceConfigGetInt("mailer.retry",2*60); MailRetry_ = MicroService::instance().ConfigGetInt("mailer.retry",2*60);
MailAbandon_ = MicroServiceConfigGetInt("mailer.abandon",2*60*60); MailAbandon_ = MicroService::instance().ConfigGetInt("mailer.abandon",2*60*60);
UseHTML_ = MicroServiceConfigGetBool("mailer.html",false);
Enabled_ = (!MailHost_.empty() && !SenderLoginPassword_.empty() && !SenderLoginUserName_.empty()); Enabled_ = (!MailHost_.empty() && !SenderLoginPassword_.empty() && !SenderLoginUserName_.empty());
EmailLogo_ = TemplateDir_ + "/" + MicroServiceConfigGetString("mailer.logo","logo.png");
} }
} }
@@ -52,19 +48,18 @@ namespace OpenWifi {
} }
void SMTPMailerService::reinitialize([[maybe_unused]] Poco::Util::Application &self) { void SMTPMailerService::reinitialize([[maybe_unused]] Poco::Util::Application &self) {
MicroServiceLoadConfigurationFile(); MicroService::instance().LoadConfigurationFile();
poco_information(Logger(),"Reinitializing."); Logger().information("Reinitializing.");
LoadMyConfig(); LoadMyConfig();
} }
bool SMTPMailerService::SendMessage([[maybe_unused]] const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs, bool Subscriber) { bool SMTPMailerService::SendMessage([[maybe_unused]] const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs) {
std::lock_guard G(Mutex_); std::lock_guard G(Mutex_);
PendingMessages_.push_back(MessageEvent{.Posted= OpenWifi::Now(), PendingMessages_.push_back(MessageEvent{.Posted= OpenWifi::Now(),
.LastTry=0, .LastTry=0,
.Sent=0, .Sent=0,
.TemplateName=Name, .File=Poco::File(TemplateDir_ + "/" +Name),
.Attrs=Attrs, .Attrs=Attrs});
.Subscriber=Subscriber});
return true; return true;
} }
@@ -88,23 +83,15 @@ namespace OpenWifi {
auto Recipient = i->Attrs.find(RECIPIENT_EMAIL)->second; auto Recipient = i->Attrs.find(RECIPIENT_EMAIL)->second;
uint64_t now = OpenWifi::Now(); uint64_t now = OpenWifi::Now();
if((i->LastTry==0 || (now-i->LastTry)>MailRetry_)) { if((i->LastTry==0 || (now-i->LastTry)>MailRetry_)) {
switch(SendIt(*i)) { if (SendIt(*i)) {
case MessageSendStatus::msg_sent: { Logger().information(fmt::format("Attempting to deliver for mail '{}'.", Recipient));
poco_information(Logger(),fmt::format("Attempting to deliver for mail '{}'.", Recipient)); i = Messages_.erase(i);
i = Messages_.erase(i); } else {
} break; i->LastTry = now;
case MessageSendStatus::msg_not_sent_but_resend: { ++i;
poco_information(Logger(),fmt::format("Mail for '{}' was not. We will retry later.", Recipient));
i->LastTry = now;
++i;
} break;
case MessageSendStatus::msg_not_sent_but_do_not_resend: {
poco_information(Logger(),fmt::format("Mail for '{}' will not be sent. Check email address", Recipient));
i = Messages_.erase(i);
} break;
} }
} else if ((now-i->Posted)>MailAbandon_) { } else if ((now-i->Posted)>MailAbandon_) {
poco_information(Logger(),fmt::format("Mail for '{}' has timed out and will not be sent.", Recipient)); Logger().information(fmt::format("Mail for '{}' has timed out and will not be sent.", Recipient));
i = Messages_.erase(i); i = Messages_.erase(i);
} else { } else {
++i; ++i;
@@ -119,12 +106,14 @@ namespace OpenWifi {
} }
} }
MessageSendStatus SMTPMailerService::SendIt(const MessageEvent &Msg) { bool SMTPMailerService::SendIt(const MessageEvent &Msg) {
std::string Recipient; std::string Recipient;
try try
{ {
Poco::Net::MailMessage Message;
Recipient = Msg.Attrs.find(RECIPIENT_EMAIL)->second;
auto H1 = Msg.Attrs.find(SENDER); auto H1 = Msg.Attrs.find(SENDER);
std::string TheSender; std::string TheSender;
if(H1!=Msg.Attrs.end()) { if(H1!=Msg.Attrs.end()) {
@@ -132,40 +121,34 @@ namespace OpenWifi {
} else { } else {
TheSender = Sender_ ; TheSender = Sender_ ;
} }
Message.setSender( TheSender );
auto Message = std::make_unique<Poco::Net::MailMessage>(); Logger().information(fmt::format("Sending message to:{} from {}",Recipient,TheSender));
Message.addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, Recipient));
Recipient = Msg.Attrs.find(RECIPIENT_EMAIL)->second; Message.setSubject(Msg.Attrs.find(SUBJECT)->second);
Message->setSender( TheSender );
Message->addRecipient(Poco::Net::MailRecipient(Poco::Net::MailRecipient::PRIMARY_RECIPIENT, Recipient));
Message->setSubject(Msg.Attrs.find(SUBJECT)->second);
poco_information(Logger(),fmt::format("Sending message to:{} from {}",Recipient,TheSender));
if(Msg.Attrs.find(TEXT) != Msg.Attrs.end()) { if(Msg.Attrs.find(TEXT) != Msg.Attrs.end()) {
std::string Content = Msg.Attrs.find(TEXT)->second; std::string Content = Msg.Attrs.find(TEXT)->second;
Message->addContent(new Poco::Net::StringPartSource(Content)); Message.addContent(new Poco::Net::StringPartSource(Content));
} else { } else {
for(const auto &format:{"html","txt"}) { std::string Content = Utils::LoadFile(Msg.File);
std::string Content = Utils::LoadFile(TemplateDir_ + Msg.TemplateName + "." + format ); // std::cout << "Mailing " << Content << std::endl;
Types::StringPairVec Variables; Types::StringPairVec Variables;
FillVariables(Msg.Attrs, Variables); FillVariables(Msg.Attrs, Variables);
Utils::ReplaceVariables(Content, Variables); Utils::ReplaceVariables(Content, Variables);
Message->addContent( // std::cout << "Mailing " << Content << std::endl;
new Poco::Net::StringPartSource(Content, (strcmp(format,"html") == 0 ? "text/html" : "text/plain") )); Message.addContent(new Poco::Net::StringPartSource(Content));
}
} }
auto Logo = Msg.Attrs.find(LOGO); auto Logo = Msg.Attrs.find(LOGO);
if(Logo!=Msg.Attrs.end()) { if(Logo!=Msg.Attrs.end()) {
try { try {
Poco::File LogoFile( Msg.Subscriber ? AuthService::GetSubLogoAssetFileName() : AuthService::GetLogoAssetFileName ()); Poco::File LogoFile(AuthService::GetLogoAssetFileName());
std::ifstream IF(LogoFile.path()); std::ifstream IF(LogoFile.path());
std::ostringstream OS; std::ostringstream OS;
Poco::StreamCopier::copyStream(IF, OS); Poco::StreamCopier::copyStream(IF, OS);
Message->addAttachment("logo", new Poco::Net::StringPartSource(OS.str(), "image/png")); Message.addAttachment("logo", new Poco::Net::StringPartSource(OS.str(), "image/png"));
} catch (...) { } catch (...) {
poco_warning(Logger(),fmt::format("Cannot add '{}' logo in email",AuthService::GetLogoAssetFileName())); Logger().warning(fmt::format("Cannot add '{}' logo in email",AuthService::GetLogoAssetFileName()));
} }
} }
@@ -186,23 +169,18 @@ namespace OpenWifi {
SenderLoginUserName_, SenderLoginUserName_,
SenderLoginPassword_ SenderLoginPassword_
); );
session.sendMessage(*Message); session.sendMessage(Message);
session.close(); session.close();
return MessageSendStatus::msg_sent; return true;
}
catch (const Poco::Net::SMTPException &S) {
Logger().log(S);
return MessageSendStatus::msg_not_sent_but_do_not_resend;
} }
catch (const Poco::Exception& E) catch (const Poco::Exception& E)
{ {
Logger().log(E); Logger().log(E);
return MessageSendStatus::msg_not_sent_but_resend;
} }
catch (const std::exception &E) { catch (const std::exception &E) {
poco_warning(Logger(),fmt::format("Cannot send message to:{}, error: {}",Recipient, E.what())); Logger().warning(fmt::format("Cannot send message to:{}, error: {}",Recipient, E.what()));
return MessageSendStatus::msg_not_sent_but_do_not_resend;
} }
return false;
} }
} }

29
src/SMTPMailerService.h
View File

@@ -2,14 +2,15 @@
// Created by stephane bourque on 2021-06-17. // Created by stephane bourque on 2021-06-17.
// //
#pragma once #ifndef UCENTRALSEC_SMTPMAILERSERVICE_H
#define UCENTRALSEC_SMTPMAILERSERVICE_H
#include "framework/MicroService.h"
#include "Poco/File.h" #include "Poco/File.h"
#include "Poco/Net/InvalidCertificateHandler.h" #include "Poco/Net/InvalidCertificateHandler.h"
#include "Poco/Net/AcceptCertificateHandler.h" #include "Poco/Net/AcceptCertificateHandler.h"
#include "framework/SubSystemServer.h"
namespace OpenWifi { namespace OpenWifi {
enum MESSAGE_ATTRIBUTES { enum MESSAGE_ATTRIBUTES {
@@ -26,8 +27,7 @@ namespace OpenWifi {
LOGO, LOGO,
TEXT, TEXT,
CHALLENGE_CODE, CHALLENGE_CODE,
SENDER, SENDER
ACTION_LINK_HTML
}; };
static const std::map<MESSAGE_ATTRIBUTES,const std::string> static const std::map<MESSAGE_ATTRIBUTES,const std::string>
@@ -44,8 +44,7 @@ namespace OpenWifi {
{ LOGO, "LOGO"}, { LOGO, "LOGO"},
{ TEXT, "TEXT"}, { TEXT, "TEXT"},
{ CHALLENGE_CODE, "CHALLENGE_CODE"}, { CHALLENGE_CODE, "CHALLENGE_CODE"},
{ SENDER, "SENDER"}, { SENDER, "SENDER"}
{ ACTION_LINK_HTML, "ACTION_LINK_HTML"},
}; };
inline const std::string & MessageAttributeToVar(MESSAGE_ATTRIBUTES Attr) { inline const std::string & MessageAttributeToVar(MESSAGE_ATTRIBUTES Attr) {
@@ -57,12 +56,6 @@ namespace OpenWifi {
} }
typedef std::map<MESSAGE_ATTRIBUTES, std::string> MessageAttributes; typedef std::map<MESSAGE_ATTRIBUTES, std::string> MessageAttributes;
enum class MessageSendStatus {
msg_sent,
msg_not_sent_but_resend,
msg_not_sent_but_do_not_resend
};
class SMTPMailerService : public SubSystemServer, Poco::Runnable { class SMTPMailerService : public SubSystemServer, Poco::Runnable {
public: public:
static SMTPMailerService *instance() { static SMTPMailerService *instance() {
@@ -74,17 +67,16 @@ namespace OpenWifi {
uint64_t Posted=0; uint64_t Posted=0;
uint64_t LastTry=0; uint64_t LastTry=0;
uint64_t Sent=0; uint64_t Sent=0;
std::string TemplateName; Poco::File File;
MessageAttributes Attrs; MessageAttributes Attrs;
bool Subscriber=false;
}; };
void run() override; void run() override;
int Start() override; int Start() override;
void Stop() override; void Stop() override;
bool SendMessage(const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs, bool Subscriber); bool SendMessage(const std::string &Recipient, const std::string &Name, const MessageAttributes &Attrs);
MessageSendStatus SendIt(const MessageEvent &Msg); bool SendIt(const MessageEvent &Msg);
void LoadMyConfig(); void LoadMyConfig();
void reinitialize(Poco::Util::Application &self) override; void reinitialize(Poco::Util::Application &self) override;
bool Enabled() const { return Enabled_; } bool Enabled() const { return Enabled_; }
@@ -104,8 +96,6 @@ namespace OpenWifi {
Poco::Thread SenderThr_; Poco::Thread SenderThr_;
std::atomic_bool Running_=false; std::atomic_bool Running_=false;
bool Enabled_=false; bool Enabled_=false;
bool UseHTML_=false;
std::string EmailLogo_{"logo.png"};
SMTPMailerService() noexcept: SMTPMailerService() noexcept:
SubSystemServer("SMTPMailer", "MAILER-SVR", "smtpmailer") SubSystemServer("SMTPMailer", "MAILER-SVR", "smtpmailer")
@@ -116,3 +106,4 @@ namespace OpenWifi {
inline SMTPMailerService * SMTPMailerService() { return SMTPMailerService::instance(); } inline SMTPMailerService * SMTPMailerService() { return SMTPMailerService::instance(); }
} }
#endif //UCENTRALSEC_SMTPMAILERSERVICE_H

6
src/SpecialUserHelpers.h
View File

@@ -5,8 +5,6 @@
#pragma once #pragma once
#include "StorageService.h" #include "StorageService.h"
#include "framework/AppServiceRegistry.h"
#include "framework/MicroServiceFuncs.h"
namespace OpenWifi { namespace OpenWifi {
@@ -19,9 +17,9 @@ namespace OpenWifi {
AppServiceRegistry().Get("defaultusercreated", DefaultUserCreated); AppServiceRegistry().Get("defaultusercreated", DefaultUserCreated);
if (!StorageService()->UserDB().GetUserById(NewDefaultUseridStockUUID, U) && !DefaultUserCreated) { if (!StorageService()->UserDB().GetUserById(NewDefaultUseridStockUUID, U) && !DefaultUserCreated) {
U.currentPassword = MicroServiceConfigGetString("authentication.default.password", ""); U.currentPassword = MicroService::instance().ConfigGetString("authentication.default.password", "");
U.lastPasswords.push_back(U.currentPassword); U.lastPasswords.push_back(U.currentPassword);
U.email = MicroServiceConfigGetString("authentication.default.username", ""); U.email = MicroService::instance().ConfigGetString("authentication.default.username", "");
U.id = NewDefaultUseridStockUUID; U.id = NewDefaultUseridStockUUID;
U.userRole = SecurityObjects::ROOT; U.userRole = SecurityObjects::ROOT;
U.creationDate = OpenWifi::Now(); U.creationDate = OpenWifi::Now();

14
src/StorageService.cpp
View File

@@ -8,14 +8,11 @@
#include "StorageService.h" #include "StorageService.h"
#include "SpecialUserHelpers.h" #include "SpecialUserHelpers.h"
#include "framework/MicroServiceFuncs.h"
#include "framework/utils.h"
namespace OpenWifi { namespace OpenWifi {
int StorageService::Start() { int StorageService::Start() {
std::lock_guard Guard(Mutex_); std::lock_guard Guard(Mutex_);
poco_information(Logger(),"Starting...");
StorageClass::Start(); StorageClass::Start();
@@ -36,7 +33,6 @@ namespace OpenWifi {
SubAvatarDB_ = std::make_unique<OpenWifi::AvatarDB>("SubAvatars", "avs", dbType_,*Pool_, Logger()); SubAvatarDB_ = std::make_unique<OpenWifi::AvatarDB>("SubAvatars", "avs", dbType_,*Pool_, Logger());
LoginDB_ = std::make_unique<OpenWifi::LoginDB>("Logins", "lin", dbType_,*Pool_, Logger()); LoginDB_ = std::make_unique<OpenWifi::LoginDB>("Logins", "lin", dbType_,*Pool_, Logger());
SubLoginDB_ = std::make_unique<OpenWifi::LoginDB>("SubLogins", "lis", dbType_,*Pool_, Logger()); SubLoginDB_ = std::make_unique<OpenWifi::LoginDB>("SubLogins", "lis", dbType_,*Pool_, Logger());
ApiKeyDB_ = std::make_unique<OpenWifi::ApiKeyDB>("ApiKeys", "api", dbType_,*Pool_, Logger());
UserDB_->Create(); UserDB_->Create();
SubDB_->Create(); SubDB_->Create();
@@ -48,7 +44,6 @@ namespace OpenWifi {
AvatarDB_->Create(); AvatarDB_->Create();
SubAvatarDB_->Create(); SubAvatarDB_->Create();
LoginDB_->Create(); LoginDB_->Create();
ApiKeyDB_->Create();
SubLoginDB_->Create(); SubLoginDB_->Create();
OpenWifi::SpecialUserHelpers::InitializeDefaultUser(); OpenWifi::SpecialUserHelpers::InitializeDefaultUser();
@@ -56,28 +51,25 @@ namespace OpenWifi {
Archivercallback_ = std::make_unique<Poco::TimerCallback<Archiver>>(Archiver_,&Archiver::onTimer); Archivercallback_ = std::make_unique<Poco::TimerCallback<Archiver>>(Archiver_,&Archiver::onTimer);
Timer_.setStartInterval( 5 * 60 * 1000); // first run in 5 minutes Timer_.setStartInterval( 5 * 60 * 1000); // first run in 5 minutes
Timer_.setPeriodicInterval(1 * 60 * 60 * 1000); // 1 hours Timer_.setPeriodicInterval(1 * 60 * 60 * 1000); // 1 hours
Timer_.start(*Archivercallback_, MicroServiceTimerPool()); Timer_.start(*Archivercallback_);
return 0; return 0;
} }
void StorageService::Stop() { void StorageService::Stop() {
poco_information(Logger(),"Stopping..."); Logger().notice("Stopping.");
Timer_.stop(); Timer_.stop();
StorageClass::Stop(); StorageClass::Stop();
poco_information(Logger(),"Stopped...");
} }
void Archiver::onTimer([[maybe_unused]] Poco::Timer &timer) { void Archiver::onTimer([[maybe_unused]] Poco::Timer &timer) {
Utils::SetThreadName("strg-arch"); Utils::SetThreadName("archiver");
Poco::Logger &logger = Poco::Logger::get("STORAGE-ARCHIVER"); Poco::Logger &logger = Poco::Logger::get("STORAGE-ARCHIVER");
logger.information("Squiggy the DB: removing old tokens."); logger.information("Squiggy the DB: removing old tokens.");
StorageService()->SubTokenDB().CleanExpiredTokens(); StorageService()->SubTokenDB().CleanExpiredTokens();
StorageService()->UserTokenDB().CleanExpiredTokens(); StorageService()->UserTokenDB().CleanExpiredTokens();
logger.information("Squiggy the DB: removing old actionLinks."); logger.information("Squiggy the DB: removing old actionLinks.");
StorageService()->ActionLinksDB().CleanOldActionLinks(); StorageService()->ActionLinksDB().CleanOldActionLinks();
logger.information("Squiggy the DB: removing old expired API Keys.");
StorageService()->ActionLinksDB().CleanOldActionLinks();
} }
} }

Some files were not shown because too many files have changed in this diff Show More