diff options
| author | Mike McCune <mmccune@gibson.pdx.redhat.com> | 2009-07-24 15:42:35 -0700 |
|---|---|---|
| committer | Mike McCune <mmccune@gibson.pdx.redhat.com> | 2009-07-24 15:42:35 -0700 |
| commit | 81b83122f0060f6f7f63e3bc0eb3e9f7f4b5e803 (patch) | |
| tree | 9019b6dff0a2d27d110e49c8afd147380b604a9e /proxy/code/src | |
| parent | 18be31235657af1be55e0f284d4bdfd3dd22f6de (diff) | |
adding cert generation and Entitlement API
Diffstat (limited to 'proxy/code/src')
8 files changed, 721 insertions, 1 deletions
diff --git a/proxy/code/src/org/fedoraproject/candlepin/api/EntitlementApi.java b/proxy/code/src/org/fedoraproject/candlepin/api/EntitlementApi.java index c952143..2266694 100644 --- a/proxy/code/src/org/fedoraproject/candlepin/api/EntitlementApi.java +++ b/proxy/code/src/org/fedoraproject/candlepin/api/EntitlementApi.java @@ -14,9 +14,26 @@ */ package org.fedoraproject.candlepin.api; +import com.sun.jersey.api.representation.Form; + +import org.apache.log4j.Logger; +import org.bouncycastle.jce.provider.test.CertUniqueIDTest; +import org.fedoraproject.candlepin.api.cert.CertGenerator; +import org.fedoraproject.candlepin.model.BaseModel; +import org.fedoraproject.candlepin.model.Consumer; import org.fedoraproject.candlepin.model.Entitlement; +import org.fedoraproject.candlepin.model.EntitlementPool; +import org.fedoraproject.candlepin.model.ObjectFactory; +import org.fedoraproject.candlepin.model.Product; + +import java.util.Date; +import java.util.List; +import javax.ws.rs.Consumes; +import javax.ws.rs.POST; import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; /** @@ -26,11 +43,78 @@ import javax.ws.rs.Path; public class EntitlementApi extends BaseApi { /** + * Logger for this class + */ + private static final Logger log = Logger.getLogger(EntitlementApi.class); + + /** * {@inheritDoc} */ @Override protected Class getApiClass() { return Entitlement.class; } - + + + @POST + @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_FORM_URLENCODED}) + @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML}) + public Object entitle(Form form) { + String retval = null; + String consumerUuid = form.getFirst("consumer_uuid"); + String productUuid = form.getFirst("product_uuid"); + log.debug("UUID: " + consumerUuid); + Consumer c = (Consumer) ObjectFactory.get().lookupByUUID(Consumer.class, + consumerUuid); + if (c == null) { + throw new RuntimeException("Consumer with UUID: [" + + consumerUuid + "] not found"); + } + Product p = (Product) ObjectFactory.get().lookupByUUID(Product.class, productUuid); + if (p == null) { + throw new RuntimeException("Product with UUID: [" + + productUuid + "] not found"); + } + + // Possibly refactor this down into some 'business layer' + // Check for a matching EntitlementPool + List pools = ObjectFactory.get().listObjectsByClass(EntitlementPool.class); + for (int i = 0; i < pools.size(); i++) { + EntitlementPool ep = (EntitlementPool) pools.get(i); + if (ep.getProduct().equals(p)) { + log.debug("We found a matching EP"); + // Check membership availability + if (ep.getCurrentMembers() >= ep.getMaxMembers()) { + throw new RuntimeException("Not enough entitlements"); + } + // Check expiration + Date today = new Date(); + if (ep.getEndDate().before(today)) { + throw new RuntimeException("Entitlement expired on: " + ep.getEndDate()); + } + + Entitlement e = new Entitlement(BaseModel.generateUUID()); + e.setPool(ep); + e.setStartDate(new Date()); + ep.bumpCurrentMembers(); + c.addConsumedProduct(p); + c.addEntitlement(e); + e.setOwner(ep.getOwner()); + + + ObjectFactory.get().store(e); + ObjectFactory.get().store(ep); + + return CertGenerator.getCertString(); + } + } + + + + + + + return null; + } + } diff --git a/proxy/code/src/org/fedoraproject/candlepin/api/cert/CertGenerator.java b/proxy/code/src/org/fedoraproject/candlepin/api/cert/CertGenerator.java new file mode 100644 index 0000000..db305f1 --- /dev/null +++ b/proxy/code/src/org/fedoraproject/candlepin/api/cert/CertGenerator.java @@ -0,0 +1,199 @@ +/** + * Copyright (c) 2008 Red Hat, Inc. + * + * This software is licensed to you under the GNU General Public License, + * version 2 (GPLv2). There is NO WARRANTY for this software, express or + * implied, including the implied warranties of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 + * along with this software; if not, see + * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + * + * Red Hat trademarks are not licensed under GPLv2. No permission is + * granted to use or replicate Red Hat trademarks that are incorporated + * in this software or its documentation. + */ +package org.fedoraproject.candlepin.api.cert; + +import org.bouncycastle.asn1.DEREncodable; +import org.bouncycastle.asn1.DEREnumerated; +import org.bouncycastle.asn1.misc.MiscObjectIdentifiers; +import org.bouncycastle.asn1.misc.NetscapeCertType; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.asn1.x509.GeneralNames; +import org.bouncycastle.asn1.x509.X509Extensions; +import org.bouncycastle.jce.X509Principal; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.x509.X509V3CertificateGenerator; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.cert.X509Certificate; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.util.Date; +import java.util.Hashtable; +import java.util.Vector; + +/** + * CertGenerator - util class for generating a cert + * @version $Rev$ + */ +public class CertGenerator { + + private static X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); + + public static String getCertString() { + X509Certificate retval = null; + Security.addProvider(new BouncyCastleProvider()); + // + // personal keys + // + RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626" + + "cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + // + // ca keys + // + RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec( + new BigInteger( + "b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7" + + "540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c2" + + "98e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad6" + + "9c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", + 16), new BigInteger("11", 16)); + + RSAPrivateCrtKeySpec caPrivKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197" + + "731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6" + + "bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea2" + + "6c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16), + new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8" + + "f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e125" + + "8d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7" + + "487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16), + new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a484" + + "6208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415" + + "d03", 16), + new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709" + + "edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7" + + "947", 16), + new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53c" + + "c03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25" + + "ceb5", 16), + new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605" + + "d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498d" + + "ded", 16), + new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa" + + "7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97" + + "339", 16)); + + // + // set up the keys + // + try { + KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); + PrivateKey caPrivKey = fact.generatePrivate(caPrivKeySpec); + PublicKey caPubKey = fact.generatePublic(caPubKeySpec); + PublicKey pubKey = fact.generatePublic(pubKeySpec); + + // + // note in this case we are using the CA certificate for both the client + // cetificate + // and the attribute certificate. This is to make the vcode simpler to + // read, in practice + // the CA for the attribute certificate should be different to that of + // the client certificate + // + X509Certificate clientCert = createClientCert(pubKey, + caPrivKey, caPubKey); + retval = clientCert; + } + catch (Exception e) { + throw new RuntimeException(e); + } + + return retval.toString(); + } + + /** + * we generate a certificate signed by our CA's intermediate certficate + */ + public static X509Certificate createClientCert(PublicKey pubKey, + PrivateKey caPrivKey, PublicKey caPubKey) throws Exception { + // + // issuer + // + String issuer = "C=AU, O=The Players of Candlepin, OU=Candlepin Primary Certificate"; + + // + // subjects name table. + // + Hashtable attrs = new Hashtable(); + Vector order = new Vector(); + + attrs.put(X509Principal.C, "US"); + attrs.put(X509Principal.O, "The Players of Candlepin"); + attrs.put(X509Principal.L, "Raleigh"); + attrs.put(X509Principal.CN, "Tito Walker"); + attrs.put(X509Principal.EmailAddress, + "dev-null@fedoraproject.org"); + + order.addElement(X509Principal.C); + order.addElement(X509Principal.O); + order.addElement(X509Principal.L); + order.addElement(X509Principal.CN); + order.addElement(X509Principal.EmailAddress); + + // + // create the certificate - version 3 + // + v3CertGen.reset(); + + v3CertGen.setSerialNumber(BigInteger.valueOf(20)); + v3CertGen.setIssuerDN(new X509Principal(issuer)); + v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 + * 60 * 24 * 30)); + v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + + (1000L * 60 * 60 * 24 * 30))); + v3CertGen.setSubjectDN(new X509Principal(order, attrs)); + v3CertGen.setPublicKey(pubKey); + v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); + + // + // add the extensions + // + NetscapeCertType type = new NetscapeCertType(NetscapeCertType.PRINTABLE_STRING); + DEREncodable enc = new DEREnumerated(1); + + //v3CertGen.addExtension(MiscObjectIdentifiers.netscapeCertComment, + // true, enc); + + //v3CertGen.addExtension(MiscObjectIdentifiers.netscapeCertType, false, + // type); + + GeneralNames altnames = new GeneralNames( + new GeneralName(GeneralName.rfc822Name, "mmccune@redhat.com")); + v3CertGen.addExtension(X509Extensions.SubjectAlternativeName, false, altnames); + + // v3CertGen. + + //v3CertGen.addExtension(MiscObjectIdentifiers.netscapeCertType, false, + // new NetscapeCertType(NetscapeCertType.objectSigning + // | NetscapeCertType.smime)); + + X509Certificate cert = v3CertGen.generate(caPrivKey); + + cert.checkValidity(new Date()); + + cert.verify(caPubKey); + + return cert; + } + +} diff --git a/proxy/code/src/org/fedoraproject/candlepin/api/cert/test/CertTest.java b/proxy/code/src/org/fedoraproject/candlepin/api/cert/test/CertTest.java new file mode 100644 index 0000000..62beae1 --- /dev/null +++ b/proxy/code/src/org/fedoraproject/candlepin/api/cert/test/CertTest.java @@ -0,0 +1,247 @@ +/** + * Copyright (c) 2008 Red Hat, Inc. + * + * This software is licensed to you under the GNU General Public License, + * version 2 (GPLv2). There is NO WARRANTY for this software, express or + * implied, including the implied warranties of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 + * along with this software; if not, see + * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + * + * Red Hat trademarks are not licensed under GPLv2. No permission is + * granted to use or replicate Red Hat trademarks that are incorporated + * in this software or its documentation. + */ +package org.fedoraproject.candlepin.api.cert.test; + +import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.DERSequence; +import org.bouncycastle.asn1.x509.GeneralName; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.x509.AttributeCertificateHolder; +import org.bouncycastle.x509.AttributeCertificateIssuer; +import org.bouncycastle.x509.X509Attribute; +import org.bouncycastle.x509.X509V2AttributeCertificate; +import org.bouncycastle.x509.X509V2AttributeCertificateGenerator; +import org.bouncycastle.x509.examples.AttrCertExample; +import org.fedoraproject.candlepin.api.cert.CertGenerator; + +import java.math.BigInteger; +import java.security.KeyFactory; +import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.PublicKey; +import java.security.Security; +import java.security.cert.X509Certificate; +import java.security.spec.RSAPrivateCrtKeySpec; +import java.security.spec.RSAPublicKeySpec; +import java.util.Date; + +import junit.framework.TestCase; + +/** + * CertTest + * @version $Rev$ + */ +public class CertTest extends TestCase { + + public void testCertGenerator() { + String cert = CertGenerator.getCertString(); + System.out.println("Cert: " + cert); + } + + public void zzzzCertExample() throws Exception { + + Security.addProvider(new BouncyCastleProvider()); + + // + // personal keys + // + RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16)); + + RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), + new BigInteger("11", 16), + new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), + new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), + new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), + new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), + new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), + new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); + + // + // ca keys + // + RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec( + new BigInteger( + "b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", + 16), new BigInteger("11", 16)); + + RSAPrivateCrtKeySpec caPrivKeySpec = new RSAPrivateCrtKeySpec( + new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16), + new BigInteger("11", 16), + new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16), + new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16), + new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16), + new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16), + new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16), + new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16)); + + // + // set up the keys + // + KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); + PrivateKey caPrivKey = fact.generatePrivate(caPrivKeySpec); + PublicKey caPubKey = fact.generatePublic(caPubKeySpec); + PrivateKey privKey = fact.generatePrivate(privKeySpec); + PublicKey pubKey = fact.generatePublic(pubKeySpec); + + // + // note in this case we are using the CA certificate for both the client + // cetificate + // and the attribute certificate. This is to make the vcode simpler to + // read, in practice + // the CA for the attribute certificate should be different to that of + // the client certificate + // + X509Certificate caCert = AttrCertExample.createAcIssuerCert(caPubKey, + caPrivKey); + X509Certificate clientCert = AttrCertExample.createClientCert(pubKey, + caPrivKey, caPubKey); + System.out.println("CaCert: " + caCert); + System.out.println("clientCert: " + clientCert); + // Instantiate a new AC generator + X509V2AttributeCertificateGenerator acGen = new X509V2AttributeCertificateGenerator(); + + acGen.reset(); + + // + // Holder: here we use the IssuerSerial form + // + acGen.setHolder(new AttributeCertificateHolder(clientCert)); + + // set the Issuer + acGen.setIssuer(new AttributeCertificateIssuer(caCert + .getSubjectX500Principal())); + + // + // serial number (as it's an example we don't have to keep track of the + // serials anyway + // + acGen.setSerialNumber(new BigInteger("1")); + + // not Before + acGen.setNotBefore(new Date(System.currentTimeMillis() - 50000)); + + // not After + acGen.setNotAfter(new Date(System.currentTimeMillis() + 50000)); + + // signature Algorithmus + acGen.setSignatureAlgorithm("SHA1WithRSAEncryption"); + + // the actual attributes + GeneralName roleName = new GeneralName(GeneralName.rfc822Name, + "DAU123456789"); + ASN1EncodableVector roleSyntax = new ASN1EncodableVector(); + roleSyntax.add(roleName); + + // roleSyntax OID: 2.5.24.72 + X509Attribute attributes = new X509Attribute("2.5.24.72", + new DERSequence(roleSyntax)); + + acGen.addAttribute(attributes); + + // finally create the AC + X509V2AttributeCertificate att = (X509V2AttributeCertificate) acGen + .generate(caPrivKey, "BC"); + + + + String encoded = new String(att.getEncoded()); + System.out.println("CERT CERT: " + encoded); + KeyStore store = KeyStore.getInstance("PKCS12"); + String pass = "redhat"; + + + /*FileOutputStream fout = new FileOutputStream("/tmp/foo.file"); + store.load(null, null); + store.store(fout, pass.toCharArray()); + X509CertificateObject ccert = new + X509CertificateObject(new X509CertificateStructure(new DERSequence(att)));*/ + // + // starting here, we parse the newly generated AC + // + + // Holder + + AttributeCertificateHolder h = att.getHolder(); + if (h.match(clientCert)) { + if (h.getEntityNames() != null) { + System.out.println(h.getEntityNames().length + + " entity names found"); + } + if (h.getIssuer() != null) { + System.out.println(h.getIssuer().length + + " issuer names found, serial number " + + h.getSerialNumber()); + } + System.out.println("Matches original client x509 cert"); + } + + // Issuer + + AttributeCertificateIssuer issuer = att.getIssuer(); + if (issuer.match(caCert)) { + if (issuer.getPrincipals() != null) { + System.out.println(issuer.getPrincipals().length + + " entity names found"); + } + System.out.println("Matches original ca x509 cert"); + } + + // Dates + System.out.println("valid not before: " + att.getNotBefore()); + System.out.println("valid not before: " + att.getNotAfter()); + + // check the dates, an exception is thrown in checkValidity()... + + try { + att.checkValidity(); + att.checkValidity(new Date()); + } + catch (Exception e) { + System.out.println(e); + } + + // verify + + try { + att.verify(caPubKey, "BC"); + } + catch (Exception e) { + System.out.println(e); + } + + // Attribute + X509Attribute[] attribs = att.getAttributes(); + System.out.println("cert has " + attribs.length + " attributes:"); + for (int i = 0; i < attribs.length; i++) { + X509Attribute a = attribs[i]; + System.out.println("OID: " + a.getOID()); + + // currently we only check for the presence of a 'RoleSyntax' + // attribute + + if (a.getOID().equals("2.5.24.72")) { + System.out.println("rolesyntax read from cert!"); + } + } + + + + + // CertificateFactory.getInstance + } +} diff --git a/proxy/code/src/org/fedoraproject/candlepin/api/test/EntitlementApiTest.java b/proxy/code/src/org/fedoraproject/candlepin/api/test/EntitlementApiTest.java new file mode 100644 index 0000000..e91d8ca --- /dev/null +++ b/proxy/code/src/org/fedoraproject/candlepin/api/test/EntitlementApiTest.java @@ -0,0 +1,93 @@ +/** + * Copyright (c) 2008 Red Hat, Inc. + * + * This software is licensed to you under the GNU General Public License, + * version 2 (GPLv2). There is NO WARRANTY for this software, express or + * implied, including the implied warranties of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2 + * along with this software; if not, see + * http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + * + * Red Hat trademarks are not licensed under GPLv2. No permission is + * granted to use or replicate Red Hat trademarks that are incorporated + * in this software or its documentation. + */ +package org.fedoraproject.candlepin.api.test; + +import com.sun.jersey.api.representation.Form; + +import org.fedoraproject.candlepin.api.EntitlementApi; +import org.fedoraproject.candlepin.model.Consumer; +import org.fedoraproject.candlepin.model.EntitlementPool; +import org.fedoraproject.candlepin.model.ObjectFactory; +import org.fedoraproject.candlepin.model.Product; +import org.fedoraproject.candlepin.model.test.TestUtil; + +import java.sql.Date; + +import junit.framework.TestCase; + + +/** + * ConsumerApiTest + * @version $Rev$ + */ +public class EntitlementApiTest extends TestCase { + + public void testEntitle() throws Exception { + + Consumer c = TestUtil.createConsumer(); + Product p = TestUtil.createProduct(); + EntitlementPool ep = new EntitlementPool(); + ep.setProduct(p); + ep.setOwner(c.getOwner()); + ep.setMaxMembers(10); + ep.setCurrentMembers(0); + + Date futuredate = new Date(System.currentTimeMillis() + 1000000000); + Date pastdate = new Date(System.currentTimeMillis() - 1000000000); + System.out.println("future: " + futuredate); + System.out.println("past: " + pastdate); + ep.setEndDate(futuredate); + ObjectFactory.get().store(ep); + + EntitlementApi eapi = new EntitlementApi(); + Form f = new Form(); + f.add("consumer_uuid", c.getUuid()); + f.add("product_uuid", p.getUuid()); + String cert = (String) eapi.entitle(f); + + assertNotNull(cert); + assertNotNull(c.getConsumedProducts()); + assertNotNull(c.getEntitlements()); + + // Test max membership + boolean failed = false; + for (int i = 0; i < ep.getMaxMembers() + 10; i++) { + Consumer ci = TestUtil.createConsumer(c.getOwner()); + f.add("consumer_uuid", ci.getUuid()); + try { + eapi.entitle(f); + } + catch (Exception e) { + System.out.println("Failed: " + e); + failed = true; + } + } + assertTrue("we didnt hit max members", failed); + + // Test expiration + ep.setEndDate(pastdate); + failed = false; + try { + eapi.entitle(f); + } catch (Exception e) { + System.out.println("expired: ? " + e); + failed = true; + } + assertTrue("we didnt expire", failed); + + + + } +} diff --git a/proxy/code/src/org/fedoraproject/candlepin/model/Consumer.java b/proxy/code/src/org/fedoraproject/candlepin/model/Consumer.java index be567e7..c690f85 100644 --- a/proxy/code/src/org/fedoraproject/candlepin/model/Consumer.java +++ b/proxy/code/src/org/fedoraproject/candlepin/model/Consumer.java @@ -31,6 +31,7 @@ public class Consumer extends BaseModel { private Owner owner; private Consumer parent; private List<Product> consumedProducts; + private List<Entitlement> entitlements; private ConsumerInfo info; /** @@ -178,5 +179,33 @@ public class Consumer extends BaseModel { return null; } + /** + * @return Returns the entitlements. + */ + public List<Entitlement> getEntitlements() { + return entitlements; + } + + + /** + * @param entitlementsIn The entitlements to set. + */ + public void setEntitlements(List<Entitlement> entitlementsIn) { + entitlements = entitlementsIn; + } + + /** + * Add an Entitlement to this Consumer + * @param entitlementIn to add to this consumer + * + */ + public void addEntitlement(Entitlement entitlementIn) { + if (this.entitlements == null) { + this.entitlements = new LinkedList<Entitlement>(); + } + this.entitlements.add(entitlementIn); + + } + } diff --git a/proxy/code/src/org/fedoraproject/candlepin/model/Entitlement.java b/proxy/code/src/org/fedoraproject/candlepin/model/Entitlement.java index cba25ae..2100664 100644 --- a/proxy/code/src/org/fedoraproject/candlepin/model/Entitlement.java +++ b/proxy/code/src/org/fedoraproject/candlepin/model/Entitlement.java @@ -14,6 +14,7 @@ */ package org.fedoraproject.candlepin.model; +import java.util.Date; import java.util.List; import javax.xml.bind.annotation.XmlAccessType; @@ -26,7 +27,10 @@ import javax.xml.bind.annotation.XmlTransient; public class Entitlement extends BaseModel { private Owner owner; + private EntitlementPool pool; private List<Entitlement> childEntitlements; + + private Date startDate; /** * default ctor @@ -71,4 +75,45 @@ public class Entitlement extends BaseModel { this.childEntitlements = childEntitlements; } + + /** + * @return Returns the product. + */ + public Product getProduct() { + return this.pool.getProduct(); + } + + + /** + * @return Returns the pool. + */ + public EntitlementPool getPool() { + return pool; + } + + + /** + * @param poolIn The pool to set. + */ + public void setPool(EntitlementPool poolIn) { + pool = poolIn; + } + + + /** + * @return Returns the startDate. + */ + public Date getStartDate() { + return startDate; + } + + + /** + * @param startDateIn The startDate to set. + */ + public void setStartDate(Date startDateIn) { + startDate = startDateIn; + } + + } diff --git a/proxy/code/src/org/fedoraproject/candlepin/model/EntitlementPool.java b/proxy/code/src/org/fedoraproject/candlepin/model/EntitlementPool.java index ce5918a..410423c 100644 --- a/proxy/code/src/org/fedoraproject/candlepin/model/EntitlementPool.java +++ b/proxy/code/src/org/fedoraproject/candlepin/model/EntitlementPool.java @@ -124,4 +124,11 @@ public class EntitlementPool extends BaseModel { this.owner = owner; } + /** + * Add 1 to the current members. + */ + public void bumpCurrentMembers() { + this.currentMembers = this.currentMembers + 1; + } + } diff --git a/proxy/code/src/org/fedoraproject/candlepin/model/test/TestUtil.java b/proxy/code/src/org/fedoraproject/candlepin/model/test/TestUtil.java index 7e691ef..d316d16 100644 --- a/proxy/code/src/org/fedoraproject/candlepin/model/test/TestUtil.java +++ b/proxy/code/src/org/fedoraproject/candlepin/model/test/TestUtil.java @@ -18,6 +18,7 @@ import org.fedoraproject.candlepin.model.BaseModel; import org.fedoraproject.candlepin.model.Consumer; import org.fedoraproject.candlepin.model.ObjectFactory; import org.fedoraproject.candlepin.model.Owner; +import org.fedoraproject.candlepin.model.Product; @@ -37,4 +38,19 @@ public class TestUtil { ObjectFactory.get().store(c); return c; } + + /** + * Create a consumer with a new owner + * @return Consumer + */ + public static Consumer createConsumer() { + return createConsumer(createOwner()); + } + + public static Product createProduct() { + Product rhel = new Product(BaseModel.generateUUID()); + rhel.setName("Red Hat Enterprise Linux"); + ObjectFactory.get().store(rhel); + return rhel; + } } |