Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
reg-app
Regapp
Commits
3d5398ff
Commit
3d5398ff
authored
Feb 15, 2021
by
michael.simon
Browse files
add mail support for expired and soon to expire ssh pub keys
parent
f5775833
Changes
10
Hide whitespace changes
Inline
Side-by-side
bwreg-jpa/src/main/java/edu/kit/scc/webreg/dao/SshPubKeyDao.java
View file @
3d5398ff
...
...
@@ -31,4 +31,5 @@ public interface SshPubKeyDao extends BaseDao<SshPubKeyEntity, Long> {
List
<
SshPubKeyEntity
>
findKeysToExpire
(
int
limit
);
List
<
SshPubKeyEntity
>
findKeysToExpiryWarning
(
int
limit
,
int
days
);
}
bwreg-jpa/src/main/java/edu/kit/scc/webreg/dao/jpa/JpaSshPubKeyDao.java
View file @
3d5398ff
...
...
@@ -10,6 +10,8 @@
******************************************************************************/
package
edu.kit.scc.webreg.dao.jpa
;
import
java.time.LocalDateTime
;
import
java.time.ZoneId
;
import
java.util.Date
;
import
java.util.List
;
...
...
@@ -78,13 +80,26 @@ public class JpaSshPubKeyDao extends JpaBaseDao<SshPubKeyEntity, Long> implement
@Override
@SuppressWarnings
(
"unchecked"
)
public
List
<
SshPubKeyEntity
>
findKeysToExpire
(
int
limit
)
{
return
em
.
createQuery
(
"select e from SshPubKeyEntity e where e.expiresAt < :dateNow and e.keyStatus
!
= :keyStatus"
)
return
em
.
createQuery
(
"select e from SshPubKeyEntity e where e.expiresAt < :dateNow and e.keyStatus = :keyStatus"
)
.
setParameter
(
"dateNow"
,
new
Date
())
.
setParameter
(
"keyStatus"
,
SshPubKeyStatus
.
ACTIVE
)
.
setMaxResults
(
limit
)
.
getResultList
();
}
@Override
@SuppressWarnings
(
"unchecked"
)
public
List
<
SshPubKeyEntity
>
findKeysToExpiryWarning
(
int
limit
,
int
days
)
{
Date
dateDays
=
Date
.
from
(
LocalDateTime
.
now
().
plusDays
(
days
).
atZone
(
ZoneId
.
systemDefault
()).
toInstant
());
return
em
.
createQuery
(
"select e from SshPubKeyEntity e where e.expireWarningSent = null and "
+
"e.expiresAt > :dateNow and e.expiresAt < :dateDays and e.keyStatus = :keyStatus"
)
.
setParameter
(
"dateNow"
,
new
Date
())
.
setParameter
(
"dateDays"
,
dateDays
)
.
setParameter
(
"keyStatus"
,
SshPubKeyStatus
.
ACTIVE
)
.
setMaxResults
(
limit
)
.
getResultList
();
}
@Override
public
Class
<
SshPubKeyEntity
>
getEntityClass
()
{
return
SshPubKeyEntity
.
class
;
...
...
bwreg-jpa/src/main/java/edu/kit/scc/webreg/entity/EventType.java
View file @
3d5398ff
...
...
@@ -45,6 +45,7 @@ public enum EventType {
SSH_KEY_REGISTRY_DEPLOYED
,
SSH_KEY_REGISTRY_DENIED
,
SSH_KEY_REGISTRY_DELETED
,
SSH_KEY_EXPIRY_WARNING
,
/*
* 2FA Events
...
...
bwreg-service/src/main/java/edu/kit/scc/webreg/event/SshPubKeyExpiredSendMailExecutor.java
0 → 100644
View file @
3d5398ff
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package
edu.kit.scc.webreg.event
;
import
java.util.HashMap
;
import
java.util.Map
;
import
javax.naming.InitialContext
;
import
javax.naming.NamingException
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
edu.kit.scc.webreg.entity.SshPubKeyEntity
;
import
edu.kit.scc.webreg.service.mail.TemplateMailService
;
import
edu.kit.scc.webreg.service.ssh.SshPubKeyService
;
public
class
SshPubKeyExpiredSendMailExecutor
extends
AbstractEventExecutor
<
SshPubKeyEvent
,
SshPubKeyEntity
>
{
private
static
final
long
serialVersionUID
=
1L
;
public
SshPubKeyExpiredSendMailExecutor
()
{
super
();
}
@Override
public
void
execute
()
{
Logger
logger
=
LoggerFactory
.
getLogger
(
SshPubKeyExpiredSendMailExecutor
.
class
);
logger
.
debug
(
"Executing"
);
String
templateName
=
getJobStore
().
get
(
"mail_template"
);
if
(
templateName
==
null
)
{
logger
.
warn
(
"No template configured for SshPubKeyExpiredSendMailExecutor"
);
return
;
}
try
{
InitialContext
ic
=
new
InitialContext
();
TemplateMailService
templateMailService
=
(
TemplateMailService
)
ic
.
lookup
(
"global/bwreg/bwreg-service/TemplateMailServiceImpl!edu.kit.scc.webreg.service.mail.TemplateMailService"
);
SshPubKeyService
pubKeyService
=
(
SshPubKeyService
)
ic
.
lookup
(
"global/bwreg/bwreg-service/SshPubKeyServiceImpl!edu.kit.scc.webreg.service.ssh.SshPubKeyService"
);
SshPubKeyEntity
sshPubKey
=
getEvent
().
getEntity
();
pubKeyService
.
keyExpirySent
(
sshPubKey
);
Map
<
String
,
Object
>
context
=
new
HashMap
<
String
,
Object
>(
3
);
context
.
put
(
"sshPubKey"
,
sshPubKey
);
context
.
put
(
"user"
,
sshPubKey
.
getUser
());
context
.
put
(
"identity"
,
sshPubKey
.
getIdentity
());
templateMailService
.
sendMail
(
templateName
,
context
,
true
);
}
catch
(
NamingException
e
)
{
logger
.
warn
(
"Could not send email: {}"
,
e
);
}
}
}
bwreg-service/src/main/java/edu/kit/scc/webreg/event/SshPubKeyExpiryWarningSendMailExecutor.java
0 → 100644
View file @
3d5398ff
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package
edu.kit.scc.webreg.event
;
import
java.util.HashMap
;
import
java.util.Map
;
import
javax.naming.InitialContext
;
import
javax.naming.NamingException
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
edu.kit.scc.webreg.entity.SshPubKeyEntity
;
import
edu.kit.scc.webreg.service.mail.TemplateMailService
;
import
edu.kit.scc.webreg.service.ssh.SshPubKeyService
;
public
class
SshPubKeyExpiryWarningSendMailExecutor
extends
AbstractEventExecutor
<
SshPubKeyEvent
,
SshPubKeyEntity
>
{
private
static
final
long
serialVersionUID
=
1L
;
public
SshPubKeyExpiryWarningSendMailExecutor
()
{
super
();
}
@Override
public
void
execute
()
{
Logger
logger
=
LoggerFactory
.
getLogger
(
SshPubKeyExpiryWarningSendMailExecutor
.
class
);
logger
.
debug
(
"Executing"
);
String
templateName
=
getJobStore
().
get
(
"mail_template"
);
if
(
templateName
==
null
)
{
logger
.
warn
(
"No template configured for SshPubKeyExpiredSendMailExecutor"
);
return
;
}
try
{
InitialContext
ic
=
new
InitialContext
();
TemplateMailService
templateMailService
=
(
TemplateMailService
)
ic
.
lookup
(
"global/bwreg/bwreg-service/TemplateMailServiceImpl!edu.kit.scc.webreg.service.mail.TemplateMailService"
);
SshPubKeyService
pubKeyService
=
(
SshPubKeyService
)
ic
.
lookup
(
"global/bwreg/bwreg-service/SshPubKeyServiceImpl!edu.kit.scc.webreg.service.ssh.SshPubKeyService"
);
SshPubKeyEntity
sshPubKey
=
getEvent
().
getEntity
();
pubKeyService
.
keyExpirySent
(
sshPubKey
);
Map
<
String
,
Object
>
context
=
new
HashMap
<
String
,
Object
>(
3
);
context
.
put
(
"sshPubKey"
,
sshPubKey
);
context
.
put
(
"user"
,
sshPubKey
.
getUser
());
context
.
put
(
"identity"
,
sshPubKey
.
getIdentity
());
templateMailService
.
sendMail
(
templateName
,
context
,
true
);
}
catch
(
NamingException
e
)
{
logger
.
warn
(
"Could not send email: {}"
,
e
);
}
}
}
bwreg-service/src/main/java/edu/kit/scc/webreg/event/SshPubKeyRegistrySendMailExecutor.java
View file @
3d5398ff
...
...
@@ -55,6 +55,7 @@ public class SshPubKeyRegistrySendMailExecutor extends
context
.
put
(
"registry"
,
sshPubKeyRegistry
.
getRegistry
());
context
.
put
(
"service"
,
sshPubKeyRegistry
.
getRegistry
().
getService
());
context
.
put
(
"user"
,
sshPubKeyRegistry
.
getSshPubKey
().
getUser
());
context
.
put
(
"identity"
,
sshPubKeyRegistry
.
getSshPubKey
().
getIdentity
());
templateMailService
.
sendMail
(
templateName
,
context
,
true
);
...
...
bwreg-service/src/main/java/edu/kit/scc/webreg/event/SshPubKeySendMailExecutor.java
View file @
3d5398ff
...
...
@@ -52,6 +52,7 @@ public class SshPubKeySendMailExecutor extends
Map
<
String
,
Object
>
context
=
new
HashMap
<
String
,
Object
>(
3
);
context
.
put
(
"sshPubKey"
,
sshPubKey
);
context
.
put
(
"user"
,
sshPubKey
.
getUser
());
context
.
put
(
"identity"
,
sshPubKey
.
getIdentity
());
templateMailService
.
sendMail
(
templateName
,
context
,
true
);
...
...
bwreg-service/src/main/java/edu/kit/scc/webreg/job/ExpiryWarningSshPubKeys.java
0 → 100644
View file @
3d5398ff
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package
edu.kit.scc.webreg.job
;
import
java.util.List
;
import
javax.naming.InitialContext
;
import
javax.naming.NamingException
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
edu.kit.scc.webreg.entity.SshPubKeyEntity
;
import
edu.kit.scc.webreg.service.ssh.SshPubKeyService
;
public
class
ExpiryWarningSshPubKeys
extends
AbstractExecutableJob
{
private
static
final
long
serialVersionUID
=
1L
;
@Override
public
void
execute
()
{
Logger
logger
=
LoggerFactory
.
getLogger
(
ExpiryWarningSshPubKeys
.
class
);
try
{
logger
.
debug
(
"Expiry warn Ssh pub keys"
);
Integer
limit
,
days
;
if
(
getJobStore
().
containsKey
(
"limit"
))
{
limit
=
Integer
.
parseInt
(
getJobStore
().
get
(
"limit"
));
}
else
{
limit
=
1
;
}
if
(
getJobStore
().
containsKey
(
"days"
))
{
days
=
Integer
.
parseInt
(
getJobStore
().
get
(
"days"
));
}
else
{
days
=
7
;
}
InitialContext
ic
=
new
InitialContext
();
SshPubKeyService
service
=
(
SshPubKeyService
)
ic
.
lookup
(
"global/bwreg/bwreg-service/SshPubKeyServiceImpl!edu.kit.scc.webreg.service.ssh.SshPubKeyService"
);
List
<
SshPubKeyEntity
>
keyList
=
service
.
findKeysToExpiryWarning
(
limit
,
days
);
for
(
SshPubKeyEntity
key
:
keyList
)
{
service
.
expiryWarningKey
(
key
,
"ExpiryWarningSshPubKeys-job"
);
}
logger
.
debug
(
"Expire done"
);
}
catch
(
NamingException
e
)
{
logger
.
warn
(
"Could not expire SSH Keys: {}"
,
e
);
}
}
}
bwreg-service/src/main/java/edu/kit/scc/webreg/service/ssh/SshPubKeyService.java
View file @
3d5398ff
...
...
@@ -33,6 +33,15 @@ public interface SshPubKeyService extends BaseService<SshPubKeyEntity, Long> {
List
<
SshPubKeyEntity
>
findByIdentityAndStatusWithRegs
(
Long
identityId
,
SshPubKeyStatus
keyStatus
);
SshPubKeyEntity
expireKey
(
SshPubKeyEntity
entity
,
String
executor
);
SshPubKeyEntity
expiryWarningKey
(
SshPubKeyEntity
entity
,
String
executor
);
List
<
SshPubKeyEntity
>
findKeysToExpire
(
int
limit
);
SshPubKeyEntity
keyExpirySent
(
SshPubKeyEntity
entity
);
SshPubKeyEntity
keyExpiryWarningSent
(
SshPubKeyEntity
entity
);
List
<
SshPubKeyEntity
>
findKeysToExpiryWarning
(
int
limit
,
int
days
);
}
bwreg-service/src/main/java/edu/kit/scc/webreg/service/ssh/SshPubKeyServiceImpl.java
View file @
3d5398ff
...
...
@@ -10,6 +10,7 @@
******************************************************************************/
package
edu.kit.scc.webreg.service.ssh
;
import
java.util.Date
;
import
java.util.List
;
import
javax.ejb.Stateless
;
...
...
@@ -72,13 +73,20 @@ public class SshPubKeyServiceImpl extends BaseServiceImpl<SshPubKeyEntity, Long>
public
List
<
SshPubKeyEntity
>
findKeysToExpire
(
int
limit
)
{
return
dao
.
findKeysToExpire
(
limit
);
}
@Override
public
List
<
SshPubKeyEntity
>
findKeysToExpiryWarning
(
int
limit
,
int
days
)
{
return
dao
.
findKeysToExpiryWarning
(
limit
,
days
);
}
@Override
public
SshPubKeyEntity
expireKey
(
SshPubKeyEntity
entity
,
String
executor
)
{
entity
=
dao
.
merge
(
entity
);
entity
.
setKeyStatus
(
SshPubKeyStatus
.
EXPIRED
);
logger
.
debug
(
"Setting key {} to expired"
);
for
(
SshPubKeyRegistryEntity
regKey
:
entity
.
getSshPubKeyRegistries
())
{
logger
.
debug
(
"Deleting registry connection {} for key {}"
,
regKey
.
getId
(),
entity
.
getId
());
sshPubKeyRegistryDao
.
delete
(
regKey
);
}
...
...
@@ -90,15 +98,45 @@ public class SshPubKeyServiceImpl extends BaseServiceImpl<SshPubKeyEntity, Long>
}
return
entity
;
}
@Override
public
SshPubKeyEntity
expiryWarningKey
(
SshPubKeyEntity
entity
,
String
executor
)
{
entity
=
dao
.
merge
(
entity
);
logger
.
debug
(
"Send expiry warning event for key {}"
,
entity
.
getId
());
SshPubKeyEvent
event
=
new
SshPubKeyEvent
(
entity
);
try
{
eventSubmitter
.
submit
(
event
,
EventType
.
SSH_KEY_EXPIRY_WARNING
,
executor
);
}
catch
(
EventSubmitException
e
)
{
logger
.
warn
(
"Could not submit event"
,
e
);
}
return
entity
;
}
@Override
public
SshPubKeyEntity
keyExpirySent
(
SshPubKeyEntity
entity
)
{
entity
=
dao
.
merge
(
entity
);
entity
.
setExpiredSent
(
new
Date
());
return
entity
;
}
@Override
public
SshPubKeyEntity
keyExpiryWarningSent
(
SshPubKeyEntity
entity
)
{
entity
=
dao
.
merge
(
entity
);
entity
.
setExpireWarningSent
(
new
Date
());
return
entity
;
}
@Override
public
SshPubKeyEntity
deleteKey
(
SshPubKeyEntity
entity
,
String
executor
)
{
entity
=
dao
.
merge
(
entity
);
entity
.
setKeyStatus
(
SshPubKeyStatus
.
DELETED
);
logger
.
debug
(
"Setting key {} to deleted"
);
for
(
SshPubKeyRegistryEntity
regKey
:
entity
.
getSshPubKeyRegistries
())
{
sshPubKeyRegistryDao
.
delete
(
regKey
);
logger
.
debug
(
"Deleting registry connection {} for key {}"
,
regKey
.
getId
(),
entity
.
getId
());
SshPubKeyRegistryEvent
event
=
new
SshPubKeyRegistryEvent
(
regKey
);
try
{
eventSubmitter
.
submit
(
event
,
EventType
.
SSH_KEY_REGISTRY_DELETED
,
executor
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment