internal/security/security.go - oransc/nonrtric/plt/sme - Gitiles

 // -
 //   ========================LICENSE_START=================================
 //   O-RAN-SC
 //   %%
 //   Copyright (C) 2022: Nordix Foundation
 //   %%
 //   Licensed under the Apache License, Version 2.0 (the "License");
 //   you may not use this file except in compliance with the License.
 //   You may obtain a copy of the License at
 //
 //        http://www.apache.org/licenses/LICENSE-2.0
 //
 //   Unless required by applicable law or agreed to in writing, software
 //   distributed under the License is distributed on an "AS IS" BASIS,
 //   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 //   See the License for the specific language governing permissions and
 //   limitations under the License.
 //   ========================LICENSE_END===================================
 //

 package security

 import (
 	"net/http"
 	"strings"

 	"github.com/labstack/echo/v4"

 	"oransc.org/nonrtric/sme/internal/common29122"
 	securityapi "oransc.org/nonrtric/sme/internal/securityapi"

 	"oransc.org/nonrtric/sme/internal/invokermanagement"
 	"oransc.org/nonrtric/sme/internal/providermanagement"
 	"oransc.org/nonrtric/sme/internal/publishservice"
 )

 type Security struct {
 	serviceRegister providermanagement.ServiceRegister
 	apiRegister     publishservice.APIRegister
 	invokerRegister invokermanagement.InvokerRegister
 }

 func NewSecurity(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *Security {
 	return &Security{
 		serviceRegister: serviceRegister,
 		apiRegister:     apiRegister,
 		invokerRegister: invokerRegister,
 	}
 }

 func (s *Security) PostSecuritiesSecurityIdToken(ctx echo.Context, securityId string) error {
 	clientId := ctx.FormValue("client_id")
 	clientSecret := ctx.FormValue("client_secret")
 	// grantType := ctx.FormValue("grant_type")
 	scope := ctx.FormValue("scope")

 	if !s.invokerRegister.IsInvokerRegistered(clientId) {
 		return sendCoreError(ctx, http.StatusBadRequest, "Invoker not registered")
 	}
 	if !s.invokerRegister.VerifyInvokerSecret(clientId, clientSecret) {
 		return sendCoreError(ctx, http.StatusBadRequest, "Invoker secret not valid")
 	}
 	if scope != "" {
 		scopeData := strings.Split(strings.Split(scope, "#")[1], ":")
 		if !s.serviceRegister.IsFunctionRegistered(scopeData[0]) {
 			return sendCoreError(ctx, http.StatusBadRequest, "Function not registered")
 		}
 		if !s.apiRegister.IsAPIRegistered(scopeData[0], scopeData[1]) {
 			return sendCoreError(ctx, http.StatusBadRequest, "API not published")
 		}
 	}

 	accessTokenResp := securityapi.AccessTokenRsp{
 		AccessToken: "asdadfsrt dsr t5",
 		ExpiresIn:   0,
 		Scope:       &scope,
 		TokenType:   "Bearer",
 	}

 	err := ctx.JSON(http.StatusCreated, accessTokenResp)
 	if err != nil {
 		// Something really bad happened, tell Echo that our handler failed
 		return err
 	}

 	return nil
 }

 func (s *Security) DeleteTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string) error {
 	return ctx.NoContent(http.StatusNotImplemented)
 }

 func (s *Security) GetTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string, params securityapi.GetTrustedInvokersApiInvokerIdParams) error {
 	return ctx.NoContent(http.StatusNotImplemented)
 }

 func (s *Security) PutTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string) error {
 	return ctx.NoContent(http.StatusNotImplemented)
 }

 func (s *Security) PostTrustedInvokersApiInvokerIdDelete(ctx echo.Context, apiInvokerId string) error {
 	return ctx.NoContent(http.StatusNotImplemented)
 }

 func (s *Security) PostTrustedInvokersApiInvokerIdUpdate(ctx echo.Context, apiInvokerId string) error {
 	return ctx.NoContent(http.StatusNotImplemented)
 }

 func sendCoreError(ctx echo.Context, code int, message string) error {
 	pd := common29122.ProblemDetails{
 		Cause:  &message,
 		Status: &code,
 	}
 	err := ctx.JSON(code, pd)
 	return err
 }
	// -
	// ========================LICENSE_START=================================
	// O-RAN-SC
	// %%
	// Copyright (C) 2022: Nordix Foundation
	// %%
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	// ========================LICENSE_END===================================
	//

	package security

	import (
	"net/http"
	"strings"

	"github.com/labstack/echo/v4"

	"oransc.org/nonrtric/sme/internal/common29122"
	securityapi "oransc.org/nonrtric/sme/internal/securityapi"

	"oransc.org/nonrtric/sme/internal/invokermanagement"
	"oransc.org/nonrtric/sme/internal/providermanagement"
	"oransc.org/nonrtric/sme/internal/publishservice"
	)

	type Security struct {
	serviceRegister providermanagement.ServiceRegister
	apiRegister publishservice.APIRegister
	invokerRegister invokermanagement.InvokerRegister
	}

	func NewSecurity(serviceRegister providermanagement.ServiceRegister, apiRegister publishservice.APIRegister, invokerRegister invokermanagement.InvokerRegister) *Security {
	return &Security{
	serviceRegister: serviceRegister,
	apiRegister: apiRegister,
	invokerRegister: invokerRegister,
	}
	}

	func (s *Security) PostSecuritiesSecurityIdToken(ctx echo.Context, securityId string) error {
	clientId := ctx.FormValue("client_id")
	clientSecret := ctx.FormValue("client_secret")
	// grantType := ctx.FormValue("grant_type")
	scope := ctx.FormValue("scope")

	if !s.invokerRegister.IsInvokerRegistered(clientId) {
	return sendCoreError(ctx, http.StatusBadRequest, "Invoker not registered")
	}
	if !s.invokerRegister.VerifyInvokerSecret(clientId, clientSecret) {
	return sendCoreError(ctx, http.StatusBadRequest, "Invoker secret not valid")
	}
	if scope != "" {
	scopeData := strings.Split(strings.Split(scope, "#")[1], ":")
	if !s.serviceRegister.IsFunctionRegistered(scopeData[0]) {
	return sendCoreError(ctx, http.StatusBadRequest, "Function not registered")
	}
	if !s.apiRegister.IsAPIRegistered(scopeData[0], scopeData[1]) {
	return sendCoreError(ctx, http.StatusBadRequest, "API not published")
	}
	}

	accessTokenResp := securityapi.AccessTokenRsp{
	AccessToken: "asdadfsrt dsr t5",
	ExpiresIn: 0,
	Scope: &scope,
	TokenType: "Bearer",
	}

	err := ctx.JSON(http.StatusCreated, accessTokenResp)
	if err != nil {
	// Something really bad happened, tell Echo that our handler failed
	return err
	}

	return nil
	}

	func (s *Security) DeleteTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string) error {
	return ctx.NoContent(http.StatusNotImplemented)
	}

	func (s *Security) GetTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string, params securityapi.GetTrustedInvokersApiInvokerIdParams) error {
	return ctx.NoContent(http.StatusNotImplemented)
	}

	func (s *Security) PutTrustedInvokersApiInvokerId(ctx echo.Context, apiInvokerId string) error {
	return ctx.NoContent(http.StatusNotImplemented)
	}

	func (s *Security) PostTrustedInvokersApiInvokerIdDelete(ctx echo.Context, apiInvokerId string) error {
	return ctx.NoContent(http.StatusNotImplemented)
	}

	func (s *Security) PostTrustedInvokersApiInvokerIdUpdate(ctx echo.Context, apiInvokerId string) error {
	return ctx.NoContent(http.StatusNotImplemented)
	}

	func sendCoreError(ctx echo.Context, code int, message string) error {
	pd := common29122.ProblemDetails{
	Cause: &message,
	Status: &code,
	}
	err := ctx.JSON(code, pd)
	return err
	}