X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=capifcore%2Finternal%2Finvokermanagement%2Finvokermanagement.go;h=ee7030a41c3fd9a1397e28aa551df08d4b3b3f32;hb=c4121cc21b3b088df1ee22a9bf7645e5dddb1f6a;hp=5fa5ce65cf618362e45c5c3ea136778795ac1120;hpb=b8e717a8c264a8b3f73626fc28c81ae65283ae80;p=nonrtric%2Fplt%2Fsme.git diff --git a/capifcore/internal/invokermanagement/invokermanagement.go b/capifcore/internal/invokermanagement/invokermanagement.go index 5fa5ce6..ee7030a 100644 --- a/capifcore/internal/invokermanagement/invokermanagement.go +++ b/capifcore/internal/invokermanagement/invokermanagement.go @@ -21,14 +21,13 @@ package invokermanagement import ( - "errors" "fmt" "net/http" "path" "sync" "oransc.org/nonrtric/capifcore/internal/eventsapi" - publishapi "oransc.org/nonrtric/capifcore/internal/publishserviceapi" + "oransc.org/nonrtric/capifcore/internal/keycloak" "oransc.org/nonrtric/capifcore/internal/common29122" invokerapi "oransc.org/nonrtric/capifcore/internal/invokermanagementapi" @@ -55,16 +54,18 @@ type InvokerManager struct { onboardedInvokers map[string]invokerapi.APIInvokerEnrolmentDetails publishRegister publishservice.PublishRegister nextId int64 + keycloak keycloak.AccessManagement eventChannel chan<- eventsapi.EventNotification lock sync.Mutex } // Creates a manager that implements both the InvokerRegister and the invokermanagementapi.ServerInterface interfaces. -func NewInvokerManager(publishRegister publishservice.PublishRegister, eventChannel chan<- eventsapi.EventNotification) *InvokerManager { +func NewInvokerManager(publishRegister publishservice.PublishRegister, km keycloak.AccessManagement, eventChannel chan<- eventsapi.EventNotification) *InvokerManager { return &InvokerManager{ onboardedInvokers: make(map[string]invokerapi.APIInvokerEnrolmentDetails), publishRegister: publishRegister, nextId: 1000, + keycloak: km, eventChannel: eventChannel, } } @@ -108,6 +109,10 @@ func (im *InvokerManager) PostOnboardedInvokers(ctx echo.Context) error { return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, "invalid format for invoker")) } + if err := im.isInvokerOnboarded(newInvoker); err != nil { + return sendCoreError(ctx, http.StatusForbidden, fmt.Sprintf(errMsg, err)) + } + if err := im.validateInvoker(newInvoker, ctx); err != nil { return sendCoreError(ctx, http.StatusBadRequest, fmt.Sprintf(errMsg, err)) } @@ -127,6 +132,15 @@ func (im *InvokerManager) PostOnboardedInvokers(ctx echo.Context) error { return nil } +func (im *InvokerManager) isInvokerOnboarded(newInvoker invokerapi.APIInvokerEnrolmentDetails) error { + for _, invoker := range im.onboardedInvokers { + if err := invoker.ValidateAlreadyOnboarded(newInvoker); err != nil { + return err + } + } + return nil +} + func (im *InvokerManager) prepareNewInvoker(newInvoker *invokerapi.APIInvokerEnrolmentDetails) { var apiList invokerapi.APIList = im.publishRegister.GetAllPublishedServices() newInvoker.ApiList = &apiList @@ -136,9 +150,24 @@ func (im *InvokerManager) prepareNewInvoker(newInvoker *invokerapi.APIInvokerEnr newInvoker.PrepareNewInvoker() + im.addClientInKeycloak(newInvoker) + im.onboardedInvokers[*newInvoker.ApiInvokerId] = *newInvoker } +func (im *InvokerManager) addClientInKeycloak(newInvoker *invokerapi.APIInvokerEnrolmentDetails) error { + if err := im.keycloak.AddClient(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil { + return err + } + + if body, err := im.keycloak.GetClientRepresentation(*newInvoker.ApiInvokerId, "invokerrealm"); err != nil { + return err + } else { + newInvoker.OnboardingInformation.OnboardingSecret = body.Secret + } + return nil +} + // Deletes an individual API Invoker. func (im *InvokerManager) DeleteOnboardedInvokersOnboardingId(ctx echo.Context, onboardingId string) error { if _, ok := im.onboardedInvokers[onboardingId]; ok { @@ -201,20 +230,10 @@ func (im *InvokerManager) validateInvoker(invoker invokerapi.APIInvokerEnrolment if err := invoker.Validate(); err != nil { return err } - if !im.areAPIsPublished(invoker.ApiList) { - return errors.New("some APIs needed by invoker are not registered") - } return nil } -func (im *InvokerManager) areAPIsPublished(apis *invokerapi.APIList) bool { - if apis == nil { - return true - } - return im.publishRegister.AreAPIsPublished((*[]publishapi.ServiceAPIDescription)(apis)) -} - func (im *InvokerManager) sendEvent(invokerId string, eventType eventsapi.CAPIFEvent) { invokerIds := []string{invokerId} event := eventsapi.EventNotification{