From fb444de0bcb53917086c724444d7f8df25e8e806 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jos=C3=A9=20Bollo?= Date: Thu, 15 Feb 2018 17:17:37 +0100 Subject: [PATCH] afb-monitor: Add session and rework permissions MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The new verb session is available to get session info and to renew the token. See examples below. The permission required is now just to being check meaning having the token. Example: afb-client-demo -H localhost:5555/api?token=456 monitor session ON-REPLY 1:monitor/session: OK { "response":{ "uuid":"5a30c118-319c-43a2-82d5-fc2198d01938", "token":"", "timeout":32000000, "remain":31999985 }, "jtype":"afb-reply", "request":{ "status":"success", "uuid":"5a30c118-319c-43a2-82d5-fc2198d01938" } } monitor session {"refresh-token":true} ON-REPLY 5:monitor/session: OK { "response":{ "uuid":"5a30c118-319c-43a2-82d5-fc2198d01938", "token":"2f60faf8-ad04-457e-9f56-5c0c20b5f1fc", "timeout":32000000, "remain":32000000 }, "jtype":"afb-reply", "request":{ "status":"success", "token":"2f60faf8-ad04-457e-9f56-5c0c20b5f1fc" } } Change-Id: Ic93bae80616e5dad1640e73ac9f472b7b385104f Signed-off-by: José Bollo --- src/afb-monitor.c | 29 ++++++++++++++++ src/devtools/monitor-api.json | 55 +++++++++++++++-------------- src/monitor-api.inc | 81 ++++++++++++++++++++++--------------------- 3 files changed, 99 insertions(+), 66 deletions(-) diff --git a/src/afb-monitor.c b/src/afb-monitor.c index e34b5989..8876f4c6 100644 --- a/src/afb-monitor.c +++ b/src/afb-monitor.c @@ -30,6 +30,7 @@ #include "afb-evt.h" #include "afb-xreq.h" #include "afb-trace.h" +#include "afb-session.h" #include "verbose.h" #include "wrap-json.h" @@ -295,6 +296,7 @@ static struct json_object *get_apis(struct json_object *spec) static const char _verbosity_[] = "verbosity"; static const char _apis_[] = "apis"; +static const char _refresh_token_[] = "refresh-token"; static void f_get(struct afb_req req) { @@ -359,3 +361,30 @@ end: afb_evt_update_hooks(); } +static void f_session(struct afb_req req) +{ + struct json_object *r = NULL; + int refresh = 0; + struct afb_xreq *xreq = xreq_from_request(req.closure); + + /* check right to call it */ + if (xreq->context.super) { + afb_req_fail(req, "invalid", "reserved to direct clients"); + return; + } + + /* renew the token if required */ + wrap_json_unpack(afb_req_json(req), "{s?:b}", _refresh_token_, &refresh); + if (refresh) + afb_context_refresh(&xreq->context); + + /* make the result */ + wrap_json_pack(&r, "{s:s,s:s,s:i,s:i}", + "uuid", afb_session_uuid(xreq->context.session), + "token", afb_session_token(xreq->context.session), + "timeout", afb_session_timeout(xreq->context.session), + "remain", afb_session_what_remains(xreq->context.session)); + afb_req_success(req, r, NULL); +} + + diff --git a/src/devtools/monitor-api.json b/src/devtools/monitor-api.json index 81d1028a..3c8867cd 100644 --- a/src/devtools/monitor-api.json +++ b/src/devtools/monitor-api.json @@ -301,32 +301,13 @@ } ] } - }, - "x-permissions": { - "trace": { - "permission": "urn:AGL:permission:monitor:public:trace" - }, - "set": { - "permission": "urn:AGL:permission:monitor:public:set" - }, - "get": { - "permission": "urn:AGL:permission:monitor:public:get" - }, - "get-or-set": { - "anyOf": [ - { "$ref": "#/components/x-permissions/get" }, - { "$ref": "#/components/x-permissions/set" } - ] - } } }, "paths": { "/get": { "description": "Get monitoring data.", "get": { - "x-permissions": { - "$ref": "#/components/x-permissions/get-or-set" - }, + "x-permissions": { "session": "check" }, "parameters": [ { "in": "query", @@ -358,9 +339,7 @@ "/set": { "description": "Set monitoring actions.", "get": { - "x-permissions": { - "$ref": "#/components/x-permissions/set" - }, + "x-permissions": { "session": "check" }, "parameters": [ { "in": "query", @@ -386,9 +365,7 @@ "/trace": { "description": "Set monitoring actions.", "get": { - "x-permissions": { - "$ref": "#/components/x-permissions/trace" - }, + "x-permissions": { "session": "check" }, "parameters": [ { "in": "query", @@ -416,6 +393,32 @@ } } } + }, + "/session": { + "description": "describes the session.", + "get": { + "x-permissions": { "session": "check" }, + "parameters": [ + { + "in": "query", + "name": "refresh-token", + "required": false, + "schema": { "type": "boolean" } + } + ], + "responses": { + "200": { + "description": "A complex object array response", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/afb-reply" + } + } + } + } + } + } } } } diff --git a/src/monitor-api.inc b/src/monitor-api.inc index 8daaafa5..cbc1187f 100644 --- a/src/monitor-api.inc +++ b/src/monitor-api.inc @@ -89,67 +89,68 @@ static const char _afb_description_v2_monitor[] = "type\":\"array\",\"items\":\"string\"}]},\"tag\":{\"anyOf\":[{\"type\":\"" "string\"},{\"type\":\"array\",\"items\":\"string\"}]},\"uuid\":{\"anyOf\"" ":[{\"type\":\"string\"},{\"type\":\"array\",\"items\":\"string\"}]}}}]}}" - ",\"x-permissions\":{\"trace\":{\"permission\":\"urn:AGL:permission:monit" - "or:public:trace\"},\"set\":{\"permission\":\"urn:AGL:permission:monitor:" - "public:set\"},\"get\":{\"permission\":\"urn:AGL:permission:monitor:publi" - "c:get\"},\"get-or-set\":{\"anyOf\":[{\"$ref\":\"#/components/x-permissio" - "ns/get\"},{\"$ref\":\"#/components/x-permissions/set\"}]}}},\"paths\":{\"" - "/get\":{\"description\":\"Get monitoring data.\",\"get\":{\"x-permission" - "s\":{\"$ref\":\"#/components/x-permissions/get-or-set\"},\"parameters\":" - "[{\"in\":\"query\",\"name\":\"verbosity\",\"required\":false,\"schema\":" - "{\"$ref\":\"#/components/schemas/get-verbosity\"}},{\"in\":\"query\",\"n" - "ame\":\"apis\",\"required\":false,\"schema\":{\"$ref\":\"#/components/sc" - "hemas/get-apis\"}}],\"responses\":{\"200\":{\"description\":\"A complex " - "object array response\",\"content\":{\"application/json\":{\"schema\":{\"" - "$ref\":\"#/components/schemas/afb-reply\"}}}}}}},\"/set\":{\"description" - "\":\"Set monitoring actions.\",\"get\":{\"x-permissions\":{\"$ref\":\"#/" - "components/x-permissions/set\"},\"parameters\":[{\"in\":\"query\",\"name" - "\":\"verbosity\",\"required\":false,\"schema\":{\"$ref\":\"#/components/" - "schemas/set-verbosity\"}}],\"responses\":{\"200\":{\"description\":\"A c" - "omplex object array response\",\"content\":{\"application/json\":{\"sche" - "ma\":{\"$ref\":\"#/components/schemas/afb-reply\"}}}}}}},\"/trace\":{\"d" - "escription\":\"Set monitoring actions.\",\"get\":{\"x-permissions\":{\"$" - "ref\":\"#/components/x-permissions/trace\"},\"parameters\":[{\"in\":\"qu" - "ery\",\"name\":\"add\",\"required\":false,\"schema\":{\"$ref\":\"#/compo" - "nents/schemas/trace-add\"}},{\"in\":\"query\",\"name\":\"drop\",\"requir" - "ed\":false,\"schema\":{\"$ref\":\"#/components/schemas/trace-drop\"}}],\"" - "responses\":{\"200\":{\"description\":\"A complex object array response\"" - ",\"content\":{\"application/json\":{\"schema\":{\"$ref\":\"#/components/" - "schemas/afb-reply\"}}}}}}}}}" + "},\"paths\":{\"/get\":{\"description\":\"Get monitoring data.\",\"get\":" + "{\"x-permissions\":{\"session\":\"check\"},\"parameters\":[{\"in\":\"que" + "ry\",\"name\":\"verbosity\",\"required\":false,\"schema\":{\"$ref\":\"#/" + "components/schemas/get-verbosity\"}},{\"in\":\"query\",\"name\":\"apis\"" + ",\"required\":false,\"schema\":{\"$ref\":\"#/components/schemas/get-apis" + "\"}}],\"responses\":{\"200\":{\"description\":\"A complex object array r" + "esponse\",\"content\":{\"application/json\":{\"schema\":{\"$ref\":\"#/co" + "mponents/schemas/afb-reply\"}}}}}}},\"/set\":{\"description\":\"Set moni" + "toring actions.\",\"get\":{\"x-permissions\":{\"session\":\"check\"},\"p" + "arameters\":[{\"in\":\"query\",\"name\":\"verbosity\",\"required\":false" + ",\"schema\":{\"$ref\":\"#/components/schemas/set-verbosity\"}}],\"respon" + "ses\":{\"200\":{\"description\":\"A complex object array response\",\"co" + "ntent\":{\"application/json\":{\"schema\":{\"$ref\":\"#/components/schem" + "as/afb-reply\"}}}}}}},\"/trace\":{\"description\":\"Set monitoring actio" + "ns.\",\"get\":{\"x-permissions\":{\"session\":\"check\"},\"parameters\":" + "[{\"in\":\"query\",\"name\":\"add\",\"required\":false,\"schema\":{\"$re" + "f\":\"#/components/schemas/trace-add\"}},{\"in\":\"query\",\"name\":\"dr" + "op\",\"required\":false,\"schema\":{\"$ref\":\"#/components/schemas/trac" + "e-drop\"}}],\"responses\":{\"200\":{\"description\":\"A complex object a" + "rray response\",\"content\":{\"application/json\":{\"schema\":{\"$ref\":" + "\"#/components/schemas/afb-reply\"}}}}}}},\"/session\":{\"description\":" + "\"describes the session.\",\"get\":{\"x-permissions\":{\"session\":\"che" + "ck\"},\"parameters\":[{\"in\":\"query\",\"name\":\"refresh-token\",\"req" + "uired\":false,\"schema\":{\"type\":\"boolean\"}}],\"responses\":{\"200\"" + ":{\"description\":\"A complex object array response\",\"content\":{\"app" + "lication/json\":{\"schema\":{\"$ref\":\"#/components/schemas/afb-reply\"" + "}}}}}}}}}" ; -static const struct afb_auth _afb_auths_v2_monitor[] = { - { .type = afb_auth_Permission, .text = "urn:AGL:permission:monitor:public:set" }, - { .type = afb_auth_Permission, .text = "urn:AGL:permission:monitor:public:get" }, - { .type = afb_auth_Or, .first = &_afb_auths_v2_monitor[1], .next = &_afb_auths_v2_monitor[0] }, - { .type = afb_auth_Permission, .text = "urn:AGL:permission:monitor:public:trace" } -}; - static void f_get(struct afb_req req); static void f_set(struct afb_req req); static void f_trace(struct afb_req req); +static void f_session(struct afb_req req); static const struct afb_verb_v2 _afb_verbs_v2_monitor[] = { { .verb = "get", .callback = f_get, - .auth = &_afb_auths_v2_monitor[2], + .auth = NULL, .info = "Get monitoring data.", - .session = AFB_SESSION_NONE_V2 + .session = AFB_SESSION_CHECK_V2 }, { .verb = "set", .callback = f_set, - .auth = &_afb_auths_v2_monitor[0], + .auth = NULL, .info = "Set monitoring actions.", - .session = AFB_SESSION_NONE_V2 + .session = AFB_SESSION_CHECK_V2 }, { .verb = "trace", .callback = f_trace, - .auth = &_afb_auths_v2_monitor[3], + .auth = NULL, .info = "Set monitoring actions.", - .session = AFB_SESSION_NONE_V2 + .session = AFB_SESSION_CHECK_V2 + }, + { + .verb = "session", + .callback = f_session, + .auth = NULL, + .info = "describes the session.", + .session = AFB_SESSION_CHECK_V2 }, { .verb = NULL, -- 2.16.6