Skip to content

Commit

Permalink
Validation of temporary keys (Digital-Ecosystems#76)
Browse files Browse the repository at this point in the history 
* feat: validation of temporary keys

* feat: validation of temporary keys

* fix: s3 region names

* fix: s3 region names

* feat: validation of temporary keys
  • Loading branch information
@jannotti-glaucio
jannotti-glaucio authored May 31, 2024
1 parent ee015cc commit 6f982f5
Show file tree
Hide file tree
Showing 19 changed files with 357 additions and 310 deletions.
15 changes: 9 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,12 +59,15 @@ The credentials can be found/configured in one of the following:

It is required to configure those parameters:

| Parameter name | Description | Mandatory |
|-----------------------------------------|----------------------------------------| ---------- |
| `edc.ionos.access.key` | IONOS Access Key Id to access S3 | Yes if the context is accessing file |
| `edc.ionos.secret.access.key` | IONOS Secret Access Key to access S3 | Yes if the context is accessing file |
| `edc.ionos.token` | IONOS token to allow S3 provisioning | Yes if the context is provisioning access for others |
| `edc.ionos.endpoint` | IONOS S3 endpoint address. Refer to [docs](https://docs.ionos.com/cloud/managed-services/s3-object-storage/endpoints) for further information. | Yes, if the context is accessing file |
| Parameter name | Description | Mandatory |
|--------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------|
| `edc.ionos.access.key` | IONOS Access Key Id to access S3 | Yes if the context is accessing file |
| `edc.ionos.secret.access.key` | IONOS Secret Access Key to access S3 | Yes if the context is accessing file |
| `edc.ionos.token` | IONOS token to allow S3 provisioning | Yes if the context is provisioning access for others |
| `edc.ionos.endpoint` | IONOS S3 endpoint address. Refer to [docs](https://docs.ionos.com/cloud/managed-services/s3-object-storage/endpoints) for further information. | Yes, if the context is accessing file | No, the default value is |
| `edc.ionos.max.files` | Maximum number of files retrieved by list files function. | No, the default value is 5,000 files |
| `edc.ionos.key.validation.attempts` | Maximum number of attemps to validate a temporary key after its creation. | No, the default values is 10 attempts |
| `edc.ionos.key.validation.delay` | Time to wait (in milisseconds) before each key validation attempt. In each new attempt the delay is multiplied by the attempt number. | No, the default value is 3,000 (3 seconds) |

To create the token please take a look at the following [documentation](./ionos_token.md).

Expand Down
8 changes: 8 additions & 0 deletions extensions/core-ionos-s3/build.gradle.kts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ val metaModelVersion: String by project
val minIOVersion: String by project
val extensionsGroup: String by project
val extensionsVersion: String by project
val junitVersion: String by project

val gitHubPkgsName: String by project
val gitHubPkgsUrl: String by project
Expand All @@ -20,13 +21,20 @@ dependencies {

implementation("${edcGroup}:transfer-spi:${edcVersion}")
implementation("io.minio:minio:${minIOVersion}")

testImplementation("org.junit.jupiter:junit-jupiter-api:${junitVersion}")
testImplementation("org.junit.jupiter:junit-jupiter-engine:${junitVersion}")
}

java {
withJavadocJar()
withSourcesJar()
}

tasks.test {
useJUnitPlatform()
}

publishing {
publications {
create<MavenPublication>("maven") {
Expand Down
11 changes: 6 additions & 5 deletions extensions/core-ionos-s3/src/main/java/com/ionos/edc/extension/s3/api/S3ConnectorApi.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,9 @@

package com.ionos.edc.extension.s3.api;

import com.ionos.edc.extension.s3.connector.ionosapi.S3AccessKey;
import org.eclipse.edc.runtime.metamodel.annotation.ExtensionPoint;

import com.ionos.edc.extension.s3.connector.ionosapi.TemporaryKey;

import java.io.ByteArrayInputStream;
import java.util.List;

Expand All @@ -36,8 +35,10 @@ public interface S3ConnectorApi {

List<S3Object> listObjects(String bucketName, String objectName);

TemporaryKey createTemporaryKey();

void deleteTemporaryKey(String accessKey);
S3AccessKey createAccessKey();

S3AccessKey retrieveAccessKey(String keyID);

void deleteAccessKey(String keyID);

}
58 changes: 35 additions & 23 deletions ...nsions/core-ionos-s3/src/main/java/com/ionos/edc/extension/s3/api/S3ConnectorApiImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@
package com.ionos.edc.extension.s3.api;

import com.ionos.edc.extension.s3.connector.MinioConnector;
import com.ionos.edc.extension.s3.connector.ionosapi.HttpConnector;
import com.ionos.edc.extension.s3.connector.ionosapi.TemporaryKey;
import com.ionos.edc.extension.s3.connector.ionosapi.S3AccessKey;
import com.ionos.edc.extension.s3.connector.ionosapi.S3ApiConnector;

import io.minio.BucketExistsArgs;
import io.minio.GetObjectArgs;
Expand All @@ -34,16 +34,15 @@
public class S3ConnectorApiImpl implements S3ConnectorApi {

MinioConnector miniConnector = new MinioConnector();
HttpConnector ionosApi = new HttpConnector();
S3ApiConnector ionoss3Api = new S3ApiConnector();

private MinioClient minioClient;
private final MinioClient minioClient;
private final String region;
private String token;
private final Integer maxFiles;

public S3ConnectorApiImpl(String endpoint, String accessKey, String secretKey, int maxFiles) {
if(accessKey != null && secretKey != null && endpoint != null)
this.minioClient = miniConnector.connect(endpoint, accessKey, secretKey);
this.minioClient = miniConnector.connect(endpoint, accessKey, secretKey);
this.region = getRegion(endpoint);
this.token = "";
this.maxFiles = maxFiles;
Expand All @@ -54,7 +53,6 @@ public S3ConnectorApiImpl(String endpoint, String accessKey, String secretKey, S
this.token = token;
}


@Override
public void createBucket(String bucketName) {
if (!bucketExists(bucketName.toLowerCase())) {
Expand Down Expand Up @@ -163,35 +161,49 @@ public List<S3Object> listObjects(String bucketName, String objectName) {
}

@Override
public TemporaryKey createTemporaryKey() {
public S3AccessKey createAccessKey() {
try{
return ionosApi.createTemporaryKey(token);
return ionoss3Api.createAccessKey(token);
} catch (Exception e) {
throw new EdcException("Creating temporary key - (Warning: max 5 keys on the storage) - " + e.getMessage());
}
}

@Override
public S3AccessKey retrieveAccessKey(String keyID) {
try{
return ionoss3Api.retrieveAccessKey(token, keyID);
} catch (Exception e) {
throw new EdcException("Retrieving temporary key: " + e.getMessage());
}
}

@Override
public void deleteTemporaryKey(String accessKey) {
public void deleteAccessKey(String keyID) {
try{
ionosApi.deleteTemporaryAccount(token,accessKey);
ionoss3Api.deleteAccessKey(token, keyID);
} catch (Exception e) {
throw new EdcException("Deleting temporary key: " + e.getMessage());
}
}

private String getRegion(String endpoint) {
if (!endpoint.contains(".ionoscloud.com"))
return endpoint;

var region = endpoint.substring(0, endpoint.indexOf(".ionoscloud.com"));

if (region.contains("https://" )) {
return region.substring(region.indexOf("https://") + 8);
} else if (region.contains("http://" )) {
return region.substring(region.indexOf("http://") + 7);
} else {
return region;
static String getRegion(String endpoint) {

switch (endpoint) {
case "https://s3-eu-central-1.ionoscloud.com":
return "de";
case "s3-eu-central-1.ionoscloud.com":
return "de";
case "https://s3-eu-central-2.ionoscloud.com":
return "eu-central-2";
case "s3-eu-central-2.ionoscloud.com":
return "eu-central-2";
case "https://s3-eu-south-2.ionoscloud.com":
return "eu-south-2";
case "s3-eu-south-2.ionoscloud.com":
return "eu-south-2";
default:
throw new EdcException("Invalid endpoint: " + endpoint);
}
}

Expand Down
7 changes: 5 additions & 2 deletions ...core-ionos-s3/src/main/java/com/ionos/edc/extension/s3/configuration/S3CoreExtension.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@
import static com.ionos.edc.extension.s3.schema.IonosSettingsSchema.IONOS_SECRET_KEY;
import static com.ionos.edc.extension.s3.schema.IonosSettingsSchema.IONOS_ENDPOINT;
import static com.ionos.edc.extension.s3.schema.IonosSettingsSchema.IONOS_TOKEN;
import static com.ionos.edc.extension.s3.schema.IonosSettingsSchema.IONOS_MAX_FILES;
import static com.ionos.edc.extension.s3.schema.IonosSettingsSchema.IONOS_MAX_FILES_DEFAULT;

@Provides(S3ConnectorApi.class)
Expand Down Expand Up @@ -62,8 +63,10 @@ public void initialize(ServiceExtensionContext context) {
endPoint = context.getSetting(IONOS_ENDPOINT, IONOS_ENDPOINT);
token = context.getSetting(IONOS_TOKEN, IONOS_TOKEN);
}

var s3Api = new S3ConnectorApiImpl(endPoint, accessKey, secretKey, token, IONOS_MAX_FILES_DEFAULT);

var maxFiles = context.getSetting(IONOS_MAX_FILES, IONOS_MAX_FILES_DEFAULT);

var s3Api = new S3ConnectorApiImpl(endPoint, accessKey, secretKey, token, maxFiles);
context.registerService(S3ConnectorApi.class, s3Api);
}
}
64 changes: 0 additions & 64 deletions ...e-ionos-s3/src/main/java/com/ionos/edc/extension/s3/connector/ionosapi/HttpConnector.java
View file

This file was deleted.

96 changes: 0 additions & 96 deletions ...onos-s3/src/main/java/com/ionos/edc/extension/s3/connector/ionosapi/ResponseIonosApi.java
View file

This file was deleted.

Loading

0 comments on commit 6f982f5

Please sign in to comment.