@Override public FilterReturnCode processRequest(Operation op, OperationProcessingContext context) { Utils.log(context.getService().getClass(), context.getService().getClass().getName(), Level.INFO, "Operation: %s", op); return FilterReturnCode.CONTINUE_PROCESSING; } }
@Override public FilterReturnCode processRequest(Operation op, OperationProcessingContext context) { if (!context.getHost().isAuthorizationEnabled()) { URI authServiceUri = context.getHost().getAuthenticationServiceUri(); if (authServiceUri != null && authServiceUri.getPath().equals(op.getUri().getPath())) { URI basicAuthServiceUri = context.getHost().getBasicAuthenticationServiceUri(); if (basicAuthServiceUri != null && basicAuthServiceUri.getPath().equals(op.getUri().getPath())) { Service authnService = context.getHost().getAuthenticationService(); long dispatchTime = System.nanoTime(); op.nestCompletion((o, e) -> { context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, e); op.setBodyNoCloning(o.getBodyRaw()) .setStatusCode(o.getStatusCode()).fail(e); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, new SecurityException()); op.setBodyNoCloning(o.getBodyRaw()) .setStatusCode(o.getStatusCode()).complete(); context.resumeProcessingRequest(op, FilterReturnCode.CONTINUE_PROCESSING, null); }); context.setSuspendConsumer(o -> { context.getHost().queueOrScheduleRequest(authnService, op); });
Service service = context.getHost().findService(servicePath, false); Service parent = null; EnumSet<ServiceOption> options = null; if (service != null) { context.setService(service); options = service.getOptions(); parent = context.getHost().findService(servicePath, true); if (parent != null) { options = parent.getOptions(); parent = context.getHost().findService(factoryPath, true); if (parent != null) { options = parent.getOptions(); context.setSuspendConsumer(o -> { selectAndForwardRequestToOwner(service, finalServicePath, op, finalParent, context); });
private void startServiceOnDemand(Operation op, String servicePath, FactoryService factoryService, OperationProcessingContext context) { ServiceHost host = context.getHost(); Operation onDemandPost = Operation.createPost(host, servicePath); context.resumeProcessingRequest(op, FilterReturnCode.SUCCESS_STOP_PROCESSING, null); op.complete(); } else if (a == Action.POST) { context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, new ServiceAlreadyStartedException(servicePath)); host.failRequestServiceAlreadyStarted(servicePath, null, context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, new ServiceNotFoundException(servicePath)); Operation.failServiceNotFound(op, context.resumeProcessingRequest(op, FilterReturnCode.SUCCESS_STOP_PROCESSING, null); op.complete(); return; host.log(Level.WARNING, "Failed to start service %s with 404 status code.", servicePath); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, new ServiceNotFoundException(servicePath)); Operation.failServiceNotFound(op); "Failed to start service %s with statusCode %d", servicePath, o.getStatusCode()); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING,
if (opProcessingChain != null) { OperationProcessingContext context = opProcessingChain.createContext(getHost()); context.setService(this); opProcessingChain.processRequest(op, context, o -> { handleRequest(op, OperationProcessingStage.EXECUTING_SERVICE_HANDLER);
Service service = context.getService(); if (service == null) { service = context.getHost().findService(servicePath, false); context.setService(service); return FilterReturnCode.CONTINUE_PROCESSING; context.getHost().getServiceResourceTracker().updateCacheMissStats(); TimeoutException te = new TimeoutException(); op.fail(te); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, te); return; context.setService(null); context.resumeProcessingRequest(op, FilterReturnCode.RESUME_PROCESSING, null); return; context.setService(finalService); context.resumeProcessingRequest(op, FilterReturnCode.CONTINUE_PROCESSING, null); }); context.setSuspendConsumer(o -> { if (queueForServiceAvailability) { context.getHost().registerForServiceAvailability(op, finalServicePath); } else { context.getHost().getOperationTracker().trackServiceStartCompletion(finalServicePath, op); context.setService(null);
private void verifyTokenInternal(Operation parentOp, OperationProcessingContext context, URI tokenVerificationUri, Consumer<AuthorizationContext> authorizationContextHandler, boolean shouldRetry) { ServiceHost host = context.getHost(); Operation verifyOp = Operation .createPost(tokenVerificationUri) == ServiceErrorResponse.ERROR_CODE_EXTERNAL_AUTH_FAILED) { host.log(Level.FINE, () -> "Skipping basic auth."); context.resumeProcessingRequest(parentOp, FilterReturnCode.FAILED_STOP_PROCESSING, ex); parentOp.transferResponseHeadersFrom(resultOp);
private void checkAndOnDemandStartService(Operation op, String servicePath, FactoryService factoryService, OperationProcessingContext context) { ServiceHost host = context.getHost(); .setCompletion((o, e) -> { if (e != null) { context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, e); op.fail(e); return; context.resumeProcessingRequest(op, FilterReturnCode.SUCCESS_STOP_PROCESSING, null); op.complete(); return; context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, new ServiceNotFoundException(op.getUri().getPath())); Operation.failServiceNotFound(op); if (indexService == null) { CancellationException e = new CancellationException("Index service is null"); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, e); op.fail(e); return;
if (opProcessingChain != null) { OperationProcessingContext context = opProcessingChain.createContext(getHost()); context.setService(this); opProcessingChain.processRequest(request, context, o -> { handleRequest(request, OperationProcessingStage.EXECUTING_SERVICE_HANDLER);
.setCompletion((o, e) -> { if (e != null) { context.resumeProcessingRequest(request, FilterReturnCode.FAILED_STOP_PROCESSING, e); request.fail(e); return; previousState.documentTransactionId = null; this.service.setState(request, previousState); context.resumeProcessingRequest(request, FilterReturnCode.SUCCESS_STOP_PROCESSING, null); request.complete(); }); context.setSuspendConsumer(o -> { this.service.sendRequest(previousStateGet); });
(o, e) -> { if (e != null) { context.resumeProcessingRequest(request, FilterReturnCode.FAILED_STOP_PROCESSING, e); request.fail(e); return; context.resumeProcessingRequest(request, FilterReturnCode.CONTINUE_PROCESSING, null); }); this.service.sendRequest(enrollRequest);
context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, fe); Operation.failForwardedRequest(op, fo, fe); return; context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, fe); context.getHost().getOperationTracker().trackOperationForRetry(Utils.getNowMicrosUtc(), fe, op);
private void checkAndPopulateAuthzContext(Operation op, OperationProcessingContext context) { Service authzService = context.getHost().getAuthorizationService(); // We only authorize kryo requests for System users. if (Utils.isContentTypeKryoBinary(op.getContentType()) && !op.getAuthorizationContext().isSystemUser()) { String msg = String.format( "%s requests are only authorized for System Users", op.getContentType()); IllegalAccessException ex = new IllegalAccessException(msg); context.resumeProcessingRequest(op, OperationProcessingChain.FilterReturnCode.FAILED_STOP_PROCESSING, ex); ServiceErrorResponse response = new ServiceErrorResponse(); response.message = msg; response.statusCode = Operation.STATUS_CODE_UNAUTHORIZED; op.fail(Operation.STATUS_CODE_UNAUTHORIZED, ex, response); return; } long dispatchTime = System.nanoTime(); op.nestCompletion(o -> { if (authzService.hasOption(ServiceOption.INSTRUMENTATION)) { long dispatchDuration = System.nanoTime() - dispatchTime; AuthUtils.setAuthDurationStat(authzService, AuthorizationConstants.STAT_NAME_DURATION_MICROS_PREFIX, TimeUnit.NANOSECONDS.toMicros(dispatchDuration)); } context.resumeProcessingRequest(op, FilterReturnCode.CONTINUE_PROCESSING, null); }); // TODO: fix AuthenticationContextService and just send it a POST context.getHost().queueOrScheduleRequest(authzService, op); }
private AuthorizationContext checkAndGetAuthorizationContext(AuthorizationContext ctx, Claims claims, String token, Operation op, OperationProcessingContext context) { ServiceHost host = context.getHost(); if (claims == null) { host.log(Level.INFO, "Request to %s has no claims found with token: %s", op.getUri().getPath(), token); return null; } Long expirationTime = claims.getExpirationTime(); if (expirationTime != null && TimeUnit.SECONDS.toMicros(expirationTime) <= Utils.getSystemNowMicrosUtc()) { host.log(Level.FINE, "Token expired for %s", claims.getSubject()); host.clearAuthorizationContext(null, claims.getSubject()); return null; } if (ctx != null) { return ctx; } AuthorizationContext.Builder b = AuthorizationContext.Builder.create(); b.setClaims(claims); b.setToken(token); ctx = b.getResult(); host.cacheAuthorizationContext(null, token, ctx); return ctx; }
private void selectAndForwardRequestToOwner(Service s, String path, Operation op, Service parent, OperationProcessingContext context) { String nodeSelectorPath = parent != null ? parent.getPeerNodeSelectorPath() : s.getPeerNodeSelectorPath(); ServiceHost host = context.getHost(); CompletionHandler ch = (o, e) -> { if (e != null) { host.log(Level.SEVERE, "Owner selection failed for service %s, op %d. Error: %s", op .getUri().getPath(), op.getId(), e.toString()); context.resumeProcessingRequest(op, FilterReturnCode.FAILED_STOP_PROCESSING, e); op.setRetryCount(0).fail(e); return; } SelectOwnerResponse rsp = o.getBody(SelectOwnerResponse.class); if (rsp.isLocalHostOwner) { context.resumeProcessingRequest(op, FilterReturnCode.CONTINUE_PROCESSING, null); } else { forwardRequestToOwner(op, rsp, context); } }; Operation selectOwnerOp = Operation .createPost(null) .setExpiration(op.getExpirationMicrosUtc()) .setCompletion(ch); host.selectOwner(nodeSelectorPath, path, selectOwnerOp); }
private void forwardRequestToOwner(Operation op, SelectOwnerResponse rsp, OperationProcessingContext context) { CompletionHandler fc = (fo, fe) -> { if (fe != null) { retryOrFailRequest(op, fo, fe, context); return; } op.setStatusCode(fo.getStatusCode()); op.setBodyNoCloning(fo.getBodyRaw()); op.setContentType(fo.getContentType()); op.setContentLength(fo.getContentLength()); op.transferResponseHeadersFrom(fo); context.resumeProcessingRequest(op, FilterReturnCode.SUCCESS_STOP_PROCESSING, null); op.complete(); }; Operation forwardOp = op.clone().setCompletion(fc); // Forwarded operations are retried until the parent operation, from the client, // expires. Since a peer might have become unresponsive, we want short time outs // and retries, to whatever peer we select, on each retry. ServiceHost host = context.getHost(); forwardOp.setExpiration(Utils.fromNowMicrosUtc( host.getOperationTimeoutMicros() / 10)); forwardOp.setUri(SelectOwnerResponse.buildUriToOwner(rsp, op)); prepareForwardRequest(forwardOp); host.sendRequest(forwardOp); }
private void verifyToken(Operation op, OperationProcessingContext context, Consumer<AuthorizationContext> authorizationContextHandler) { ServiceHost host = context.getHost(); boolean shouldRetry = true; URI tokenVerificationUri = host.getAuthenticationServiceUri(); if (tokenVerificationUri == null) { // It is possible to receive a request while the host is starting up: the listener is // processing requests but the core authorization/authentication services are not yet // started host.log(Level.WARNING, "Error verifying token, authentication service not initialized"); authorizationContextHandler.accept(null); return; } URI basicAuthenticationServiceUri = host.getBasicAuthenticationServiceUri(); if (basicAuthenticationServiceUri == null || basicAuthenticationServiceUri.equals(host.getAuthenticationServiceUri())) { // if authenticationService is BasicAuthenticationService, then no need to retry shouldRetry = false; } verifyTokenInternal(op, context, tokenVerificationUri, authorizationContextHandler, shouldRetry); }
@Override public FilterReturnCode processRequest(Operation request, OperationProcessingContext context) { ClearTransactionRequest clearTransactionRequest = getIfClearTransactionRequest(request); // TODO: generalize transaction requests protocol through headers if (clearTransactionRequest != null) { FilterReturnCode rc = handleClearTransaction(request, this.service.getState(request), clearTransactionRequest, context); return rc; } if (validateTransactionConflictsAndMarkState(request, this.service.getState(request))) { request.fail(new IllegalStateException("transactional conflict")); return FilterReturnCode.FAILED_STOP_PROCESSING; } if (request.getTransactionId() != null) { context.setSuspendConsumer(o -> { handleEnrollInTransaction(request, context); }); return FilterReturnCode.SUSPEND_PROCESSING; } return FilterReturnCode.CONTINUE_PROCESSING; }
private void getAuthorizationContext(Operation op, OperationProcessingContext context, Consumer<AuthorizationContext> authorizationContextHandler) { String token = BasicAuthenticationUtils.getAuthToken(op); if (token == null) { authorizationContextHandler.accept(null); return; } AuthorizationContext ctx = context.getHost().getAuthorizationContext(null, token); if (ctx != null) { ctx = checkAndGetAuthorizationContext(ctx, ctx.getClaims(), token, op, context); if (ctx == null) { // Delegate token verification to the authentication service for handling // cases like token refresh, etc. verifyToken(op, context, authorizationContextHandler); return; } authorizationContextHandler.accept(ctx); return; } verifyToken(op, context, authorizationContextHandler); }