2 // ========================LICENSE_START=================================
5 // Copyright (C) 2022-2023: Nordix Foundation
6 // Copyright (C) 2024: OpenInfra Foundation Europe
8 // Licensed under the Apache License, Version 2.0 (the "License");
9 // you may not use this file except in compliance with the License.
10 // You may obtain a copy of the License at
12 // http://www.apache.org/licenses/LICENSE-2.0
14 // Unless required by applicable law or agreed to in writing, software
15 // distributed under the License is distributed on an "AS IS" BASIS,
16 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 // See the License for the specific language governing permissions and
18 // limitations under the License.
19 // ========================LICENSE_END===================================
22 package invokermanagement
30 "oransc.org/nonrtric/capifcore/internal/eventsapi"
31 "oransc.org/nonrtric/capifcore/internal/keycloak"
33 "oransc.org/nonrtric/capifcore/internal/common29122"
34 invokerapi "oransc.org/nonrtric/capifcore/internal/invokermanagementapi"
35 "oransc.org/nonrtric/capifcore/internal/publishservice"
37 echo "github.com/labstack/echo/v4"
40 //go:generate mockery --name InvokerRegister
41 type InvokerRegister interface {
42 // Checks if the invoker is registered.
43 // Returns true of the provided invoker is registered, false otherwise.
44 IsInvokerRegistered(invokerId string) bool
45 // Verifies that the provided secret is the invoker's registered secret.
46 // Returns true if the provided secret is the registered invoker's secret, false otherwise.
47 VerifyInvokerSecret(invokerId, secret string) bool
48 // Gets the provided invoker's registered APIs.
49 // Returns a list of all the invoker's registered APIs.
50 GetInvokerApiList(invokerId string) *invokerapi.APIList
53 type InvokerManager struct {
54 onboardedInvokers map[string]invokerapi.APIInvokerEnrolmentDetails
55 publishRegister publishservice.PublishRegister
57 keycloak keycloak.AccessManagement
58 eventChannel chan<- eventsapi.EventNotification
62 // Creates a manager that implements both the InvokerRegister and the invokermanagementapi.ServerInterface interfaces.
63 func NewInvokerManager(publishRegister publishservice.PublishRegister, km keycloak.AccessManagement, eventChannel chan<- eventsapi.EventNotification) *InvokerManager {
64 return &InvokerManager{
65 onboardedInvokers: make(map[string]invokerapi.APIInvokerEnrolmentDetails),
66 publishRegister: publishRegister,
69 eventChannel: eventChannel,
73 func (im *InvokerManager) IsInvokerRegistered(invokerId string) bool {
75 defer im.lock.Unlock()
77 _, registered := im.onboardedInvokers[invokerId]
81 func (im *InvokerManager) VerifyInvokerSecret(invokerId, secret string) bool {
83 defer im.lock.Unlock()
86 if invoker, registered := im.onboardedInvokers[invokerId]; registered {
87 verified = *invoker.OnboardingInformation.OnboardingSecret == secret
92 func (im *InvokerManager) GetInvokerApiList(invokerId string) *invokerapi.APIList {
93 var apiList invokerapi.APIList = im.publishRegister.GetAllPublishedServices()
95 defer im.lock.Unlock()
96 invoker, ok := im.onboardedInvokers[invokerId]
98 invoker.ApiList = &apiList
104 // Creates a new individual API Invoker profile.
105 func (im *InvokerManager) PostOnboardedInvokers(ctx echo.Context) error {
106 errMsg := "Unable to onboard invoker due to %s"
108 newInvoker, err := getInvokerFromRequest(ctx)
110 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
113 if err = im.isInvokerOnboarded(newInvoker); err != nil {
114 return sendCoreError(ctx, http.StatusForbidden, fmt.Sprintf(errMsg, err))
117 if err = im.validateInvoker(newInvoker); err != nil {
118 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
121 im.prepareNewInvoker(&newInvoker)
123 go im.sendEvent(*newInvoker.ApiInvokerId, eventsapi.CAPIFEventAPIINVOKERONBOARDED)
125 uri := ctx.Request().Host + ctx.Request().URL.String()
126 ctx.Response().Header().Set(echo.HeaderLocation, ctx.Scheme()+`://`+path.Join(uri, *newInvoker.ApiInvokerId))
128 err = ctx.JSON(http.StatusCreated, newInvoker)
130 // Something really bad happened, tell Echo that our handler failed
137 func (im *InvokerManager) isInvokerOnboarded(newInvoker invokerapi.APIInvokerEnrolmentDetails) error {
138 for _, invoker := range im.onboardedInvokers {
139 if err := invoker.ValidateAlreadyOnboarded(newInvoker); err != nil {
146 func (im *InvokerManager) prepareNewInvoker(newInvoker *invokerapi.APIInvokerEnrolmentDetails) {
147 var apiListRequestedServices invokerapi.APIList = nil
148 if newInvoker.ApiList != nil {
149 apiListRequestedServices = *newInvoker.ApiList
151 var allowedPublishedServices invokerapi.APIList = im.publishRegister.GetAllowedPublishedServices(apiListRequestedServices)
152 newInvoker.ApiList = &allowedPublishedServices
155 defer im.lock.Unlock()
157 newInvoker.PrepareNewInvoker()
158 im.addClientInKeycloak(newInvoker)
159 im.onboardedInvokers[*newInvoker.ApiInvokerId] = *newInvoker
162 func (im *InvokerManager) addClientInKeycloak(newInvoker *invokerapi.APIInvokerEnrolmentDetails) error {
163 if err := im.keycloak.AddClient(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil {
167 if body, err := im.keycloak.GetClientRepresentation(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil {
170 newInvoker.OnboardingInformation.OnboardingSecret = body.Secret
175 // Deletes an individual API Invoker.
176 func (im *InvokerManager) DeleteOnboardedInvokersOnboardingId(ctx echo.Context, onboardingId string) error {
177 if _, ok := im.onboardedInvokers[onboardingId]; ok {
178 im.deleteInvoker(onboardingId)
181 go im.sendEvent(onboardingId, eventsapi.CAPIFEventAPIINVOKEROFFBOARDED)
183 return ctx.NoContent(http.StatusNoContent)
186 func (im *InvokerManager) deleteInvoker(onboardingId string) {
188 defer im.lock.Unlock()
189 delete(im.onboardedInvokers, onboardingId)
192 func getInvokerFromRequest(ctx echo.Context) (invokerapi.APIInvokerEnrolmentDetails, error) {
193 var invoker invokerapi.APIInvokerEnrolmentDetails
194 if err := ctx.Bind(&invoker); err != nil {
195 return invokerapi.APIInvokerEnrolmentDetails{}, fmt.Errorf("invalid format for invoker")
200 // Updates an individual API invoker details.
201 func (im *InvokerManager) PutOnboardedInvokersOnboardingId(ctx echo.Context, onboardingId string) error {
202 errMsg := "Unable to update invoker due to %s"
204 newInvoker, err := getInvokerFromRequest(ctx)
206 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
209 // Additional validation for PUT
210 if (newInvoker.ApiInvokerId == nil) || (*newInvoker.ApiInvokerId != onboardingId) {
211 errMismatch := "APIInvokerEnrolmentDetails ApiInvokerId doesn't match path parameter"
212 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, errMismatch))
215 if err := im.validateInvoker(newInvoker); err != nil {
216 return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err))
219 if _, ok := im.onboardedInvokers[onboardingId]; ok {
220 im.updateInvoker(newInvoker)
222 return sendCoreError(ctx, http.StatusNotFound, "The invoker to update has not been onboarded")
225 err = ctx.JSON(http.StatusOK, newInvoker)
227 // Something really bad happened, tell Echo that our handler failed
234 func (im *InvokerManager) updateInvoker(invoker invokerapi.APIInvokerEnrolmentDetails) {
236 defer im.lock.Unlock()
237 im.onboardedInvokers[*invoker.ApiInvokerId] = invoker
240 func (im *InvokerManager) ModifyIndApiInvokeEnrolment(ctx echo.Context, onboardingId string) error {
241 return ctx.NoContent(http.StatusNotImplemented)
244 func (im *InvokerManager) validateInvoker(invoker invokerapi.APIInvokerEnrolmentDetails) error {
245 if err := invoker.Validate(); err != nil {
252 func (im *InvokerManager) sendEvent(invokerId string, eventType eventsapi.CAPIFEvent) {
253 invokerIds := []string{invokerId}
254 event := eventsapi.EventNotification{
255 EventDetail: &eventsapi.CAPIFEventDetail{
256 ApiInvokerIds: &invokerIds,
260 im.eventChannel <- event
263 // This function wraps sending of an error in the Error format, and
264 // handling the failure to marshal that.
265 func sendCoreError(ctx echo.Context, code int, message string) error {
266 pd := common29122.ProblemDetails{
270 err := ctx.JSON(code, pd)