2 // ========================LICENSE_START=================================
5 // Copyright (C) 2022: Nordix Foundation
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
18 // ========================LICENSE_END===================================
21 package invokermanagement
29 "oransc.org/nonrtric/capifcore/internal/eventsapi"
30 "oransc.org/nonrtric/capifcore/internal/keycloak"
32 "oransc.org/nonrtric/capifcore/internal/common29122"
33 invokerapi "oransc.org/nonrtric/capifcore/internal/invokermanagementapi"
34 "oransc.org/nonrtric/capifcore/internal/publishservice"
36 echo "github.com/labstack/echo/v4"
39 //go:generate mockery --name InvokerRegister
40 type InvokerRegister interface {
41 // Checks if the invoker is registered.
42 // Returns true of the provided invoker is registered, false otherwise.
43 IsInvokerRegistered(invokerId string) bool
44 // Verifies that the provided secret is the invoker's registered secret.
45 // Returns true if the provided secret is the registered invoker's secret, false otherwise.
46 VerifyInvokerSecret(invokerId, secret string) bool
47 // Gets the provided invoker's registered APIs.
48 // Returns a list of all the invoker's registered APIs.
49 GetInvokerApiList(invokerId string) *invokerapi.APIList
52 type InvokerManager struct {
53 onboardedInvokers map[string]invokerapi.APIInvokerEnrolmentDetails
54 publishRegister publishservice.PublishRegister
56 keycloak keycloak.AccessManagement
57 eventChannel chan<- eventsapi.EventNotification
61 // Creates a manager that implements both the InvokerRegister and the invokermanagementapi.ServerInterface interfaces.
62 func NewInvokerManager(publishRegister publishservice.PublishRegister, km keycloak.AccessManagement, eventChannel chan<- eventsapi.EventNotification) *InvokerManager {
63 return &InvokerManager{
64 onboardedInvokers: make(map[string]invokerapi.APIInvokerEnrolmentDetails),
65 publishRegister: publishRegister,
68 eventChannel: eventChannel,
72 func (im *InvokerManager) IsInvokerRegistered(invokerId string) bool {
74 defer im.lock.Unlock()
76 _, registered := im.onboardedInvokers[invokerId]
80 func (im *InvokerManager) VerifyInvokerSecret(invokerId, secret string) bool {
82 defer im.lock.Unlock()
85 if invoker, registered := im.onboardedInvokers[invokerId]; registered {
86 verified = *invoker.OnboardingInformation.OnboardingSecret == secret
91 func (im *InvokerManager) GetInvokerApiList(invokerId string) *invokerapi.APIList {
92 var apiList invokerapi.APIList = im.publishRegister.GetAllPublishedServices()
94 defer im.lock.Unlock()
95 invoker, ok := im.onboardedInvokers[invokerId]
97 invoker.ApiList = &apiList
103 // Creates a new individual API Invoker profile.
104 func (im *InvokerManager) PostOnboardedInvokers(ctx echo.Context) error {
105 errMsg := "Unable to onboard invoker due to %s"
107 newInvoker, err := getInvokerFromRequest(ctx)
109 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
112 if err = im.isInvokerOnboarded(newInvoker); err != nil {
113 return sendCoreError(ctx, http.StatusForbidden, fmt.Sprintf(errMsg, err))
116 if err = im.validateInvoker(newInvoker, ctx); err != nil {
117 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
120 im.prepareNewInvoker(&newInvoker)
122 go im.sendEvent(*newInvoker.ApiInvokerId, eventsapi.CAPIFEventAPIINVOKERONBOARDED)
124 uri := ctx.Request().Host + ctx.Request().URL.String()
125 ctx.Response().Header().Set(echo.HeaderLocation, ctx.Scheme()+`://`+path.Join(uri, *newInvoker.ApiInvokerId))
127 err = ctx.JSON(http.StatusCreated, newInvoker)
129 // Something really bad happened, tell Echo that our handler failed
136 func (im *InvokerManager) isInvokerOnboarded(newInvoker invokerapi.APIInvokerEnrolmentDetails) error {
137 for _, invoker := range im.onboardedInvokers {
138 if err := invoker.ValidateAlreadyOnboarded(newInvoker); err != nil {
145 func (im *InvokerManager) prepareNewInvoker(newInvoker *invokerapi.APIInvokerEnrolmentDetails) {
146 var apiList invokerapi.APIList = im.publishRegister.GetAllPublishedServices()
147 newInvoker.ApiList = &apiList
150 defer im.lock.Unlock()
152 newInvoker.PrepareNewInvoker()
154 im.addClientInKeycloak(newInvoker)
156 im.onboardedInvokers[*newInvoker.ApiInvokerId] = *newInvoker
159 func (im *InvokerManager) addClientInKeycloak(newInvoker *invokerapi.APIInvokerEnrolmentDetails) error {
160 if err := im.keycloak.AddClient(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil {
164 if body, err := im.keycloak.GetClientRepresentation(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil {
167 newInvoker.OnboardingInformation.OnboardingSecret = body.Secret
172 // Deletes an individual API Invoker.
173 func (im *InvokerManager) DeleteOnboardedInvokersOnboardingId(ctx echo.Context, onboardingId string) error {
174 if _, ok := im.onboardedInvokers[onboardingId]; ok {
175 im.deleteInvoker(onboardingId)
178 go im.sendEvent(onboardingId, eventsapi.CAPIFEventAPIINVOKEROFFBOARDED)
180 return ctx.NoContent(http.StatusNoContent)
183 func (im *InvokerManager) deleteInvoker(onboardingId string) {
185 defer im.lock.Unlock()
186 delete(im.onboardedInvokers, onboardingId)
189 func getInvokerFromRequest(ctx echo.Context) (invokerapi.APIInvokerEnrolmentDetails, error) {
190 var invoker invokerapi.APIInvokerEnrolmentDetails
191 if err := ctx.Bind(&invoker); err != nil {
192 return invokerapi.APIInvokerEnrolmentDetails{}, fmt.Errorf("invalid format for invoker")
197 // Updates an individual API invoker details.
198 func (im *InvokerManager) PutOnboardedInvokersOnboardingId(ctx echo.Context, onboardingId string) error {
199 errMsg := "Unable to update invoker due to %s"
201 newInvoker, err := getInvokerFromRequest(ctx)
203 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
206 // Additional validation for PUT
207 if (newInvoker.ApiInvokerId == nil) || (*newInvoker.ApiInvokerId != onboardingId) {
208 errMismatch := "APIInvokerEnrolmentDetails ApiInvokerId doesn't match path parameter"
209 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, errMismatch))
212 if err := im.validateInvoker(newInvoker, ctx); err != nil {
213 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
216 if _, ok := im.onboardedInvokers[onboardingId]; ok {
217 im.updateInvoker(newInvoker)
219 return sendCoreError(ctx, http.StatusNotFound, "The invoker to update has not been onboarded")
222 err = ctx.JSON(http.StatusOK, newInvoker)
224 // Something really bad happened, tell Echo that our handler failed
231 func (im *InvokerManager) updateInvoker(invoker invokerapi.APIInvokerEnrolmentDetails) {
233 defer im.lock.Unlock()
234 im.onboardedInvokers[*invoker.ApiInvokerId] = invoker
237 func (im *InvokerManager) ModifyIndApiInvokeEnrolment(ctx echo.Context, onboardingId string) error {
238 return ctx.NoContent(http.StatusNotImplemented)
241 func (im *InvokerManager) validateInvoker(invoker invokerapi.APIInvokerEnrolmentDetails, ctx echo.Context) error {
242 if err := invoker.Validate(); err != nil {
249 func (im *InvokerManager) sendEvent(invokerId string, eventType eventsapi.CAPIFEvent) {
250 invokerIds := []string{invokerId}
251 event := eventsapi.EventNotification{
252 EventDetail: &eventsapi.CAPIFEventDetail{
253 ApiInvokerIds: &invokerIds,
257 im.eventChannel <- event
260 // This function wraps sending of an error in the Error format, and
261 // handling the failure to marshal that.
262 func sendCoreError(ctx echo.Context, code int, message string) error {
263 pd := common29122.ProblemDetails{
267 err := ctx.JSON(code, pd)