zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-15 17:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Actionize the EPP endpoints.

Browse source 
This introduces Actions and Dagger up until FlowRunner. The changes
to the servlets are relatively simple, but the required changes to
the tests, as well as to auxillary EPP endpoints (such as the http
check api and the load test servlet) were vast. I've added some
comments in critique to make the review easier that don't really
make sense as in-code comments for the future.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=124593546
This commit is contained in:
Corey Goldfeder 2016-06-10 13:44:06 -07:00 committed by Justine Tunney
parent 6ba1d5e6df
commit 0ce293325c
63 changed files with 1911 additions and 1630 deletions
Download patch file Download diff file Expand all files Collapse all files

47
java/google/registry/env/common/default/WEB-INF/web.xml vendored
View file

@ -4,32 +4,24 @@
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<!-- Servlets -->
<!-- Servlet for injected frontend actions -->
<servlet>
<description>
This is the primary EPP endpoint for the Registry. It accepts
EPP XHRs from our TLS proxy.
</description>
<display-name>EPP</display-name>
<servlet-name>epp</servlet-name>
<servlet-class>google.registry.flows.EppTlsServlet</servlet-class>
<display-name>FrontendServlet</display-name>
<servlet-name>frontend-servlet</servlet-name>
<servlet-class>google.registry.module.frontend.FrontendServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- The primary EPP endpoint for the Registry, which accepts EPP requests from our TLS proxy. -->
<servlet-mapping>
<servlet-name>epp</servlet-name>
<servlet-name>frontend-servlet</servlet-name>
<url-pattern>/_dr/epp</url-pattern>
</servlet-mapping>
<servlet>
<description>
Registrar Console XHR servlet. Accepts EPP XHRs from GAE GAIA-authenticated frontend sessions.
</description>
<display-name>Registrar Console XHR</display-name>
<servlet-name>registrar-xhr</servlet-name>
<servlet-class>google.registry.flows.EppConsoleServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Registrar Console endpoint, which accepts EPP XHRs from GAE GAIA-authenticated sessions. -->
<servlet-mapping>
<servlet-name>registrar-xhr</servlet-name>
<servlet-name>frontend-servlet</servlet-name>
<url-pattern>/registrar-xhr</url-pattern>
</servlet-mapping>
@ -44,14 +36,6 @@
<url-pattern>/registrar-settings</url-pattern>
</servlet-mapping>
<!-- Servlet for injected frontend actions -->
<servlet>
<display-name>FrontendServlet</display-name>
<servlet-name>frontend-servlet</servlet-name>
<servlet-class>google.registry.module.frontend.FrontendServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Registrar Console. -->
<servlet-mapping>
<servlet-name>frontend-servlet</servlet-name>
@ -89,17 +73,8 @@
</servlet-mapping>
<!-- Public API to do availability checks -->
<servlet>
<description>
Availability Check API.
</description>
<display-name>Availability Check</display-name>
<servlet-name>check</servlet-name>
<servlet-class>google.registry.ui.server.api.CheckApiServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>check</servlet-name>
<servlet-name>frontend-servlet</servlet-name>
<url-pattern>/check</url-pattern>
</servlet-mapping>

11
java/google/registry/env/common/tools/WEB-INF/web.xml vendored
View file

@ -61,17 +61,8 @@
</servlet-mapping>
<!-- ExecuteEppCommand uses this to execute remotely. -->
<servlet>
<description>
Execute epp from the registry tool.
</description>
<display-name>Registry tool EPP endpoint</display-name>
<servlet-name>epptool</servlet-name>
<servlet-class>google.registry.flows.EppToolServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>epptool</servlet-name>
<servlet-name>tools-servlet</servlet-name>
<url-pattern>/_dr/epptool</url-pattern>
</servlet-mapping>

47
java/google/registry/flows/EppConsoleAction.java Normal file
View file

@ -0,0 +1,47 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static com.google.appengine.api.users.UserServiceFactory.getUserService;
import google.registry.request.Action;
import google.registry.request.Action.Method;
import google.registry.request.Payload;
import javax.inject.Inject;
import javax.servlet.http.HttpSession;
/** Runs EPP from the console and requires GAE user authentication. */
@Action(
path = "/registrar-xhr",
xsrfProtection = true,
xsrfScope = EppConsoleAction.XSRF_SCOPE,
method = Method.POST)
public class EppConsoleAction implements Runnable {
public static final String XSRF_SCOPE = "console";
@Inject @Payload byte[] inputXmlBytes;
@Inject HttpSession session;
@Inject EppRequestHandler eppRequestHandler;
@Inject EppConsoleAction() {}
@Override
public void run() {
eppRequestHandler.executeEpp(
new HttpSessionMetadata(new GaeUserCredentials(getUserService().getCurrentUser()), session),
inputXmlBytes);
}
}

120
java/google/registry/flows/EppConsoleServlet.java
View file

@ -1,120 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static com.google.appengine.api.users.UserServiceFactory.getUserService;
import static com.google.common.base.Strings.nullToEmpty;
import static google.registry.flows.EppServletUtils.handleEppCommandAndWriteResponse;
import static java.lang.System.identityHashCode;
import com.google.appengine.api.users.User;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.io.ByteStreams;
import google.registry.flows.EppException.AuthenticationErrorException;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarContact;
import google.registry.security.XsrfProtectedServlet;
import org.joda.time.Duration;
import java.io.IOException;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/** The {@link EppConsoleServlet} runs EPP from the console. It requires GAE user authentication. */
public class EppConsoleServlet extends XsrfProtectedServlet {
/**
* Credentials provided by the GAE User service.
*
* @see com.google.appengine.api.users.UserService
*/
public static final class GaeUserCredentials implements TransportCredentials {
/** User is not logged in as a GAE user. */
public static class UserNotLoggedInException extends AuthenticationErrorException {
public UserNotLoggedInException() {
super("User is not logged in");
}
}
/** GAE user id is not allowed to login as requested registrar. */
public static class BadGaeUserIdException extends AuthenticationErrorException {
public BadGaeUserIdException(User user) {
super(
"User id is not allowed to login as requested registrar: "
+ (nullToEmpty(user.getEmail())));
}
}
final User gaeUser;
@VisibleForTesting
public GaeUserCredentials(@Nullable User gaeUser) {
this.gaeUser = gaeUser;
}
@Override
public boolean performsLoginCheck() {
return true;
}
@Override
public void validate(Registrar r) throws AuthenticationErrorException {
if (gaeUser == null) {
throw new UserNotLoggedInException();
}
// Allow admins to act as any registrar.
if (getUserService().isUserAdmin()) {
return;
}
// Check Registrar's contacts to see if any are associated with this gaeUserId.
final String gaeUserId = gaeUser.getUserId();
for (RegistrarContact rc : r.getContacts()) {
if (gaeUserId.equals(rc.getGaeUserId())) {
return;
}
}
throw new BadGaeUserIdException(gaeUser);
}
@Override
public String toString() {
return String.format("GaeUserCredentials@%s{gaeUser: %s}", identityHashCode(this), gaeUser);
}
}
/** Used by related UI servlets to generate matching XSRF tokens. */
public static final String XSRF_SCOPE = "console";
/** How long generated XSRF tokens for this scope remain valid. */
public static final Duration XSRF_LIFETIME = Duration.standardDays(1);
public EppConsoleServlet() {
super(XSRF_SCOPE, false);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse rsp) throws IOException {
handleEppCommandAndWriteResponse(
ByteStreams.toByteArray(req.getInputStream()),
rsp,
new HttpSessionMetadata(
new GaeUserCredentials(getUserService().getCurrentUser()), req.getSession(true)));
}
}

28
java/google/registry/flows/EppController.java
View file

@ -18,7 +18,6 @@ import static google.registry.flows.EppXmlTransformer.marshalWithLenientRetry;
import static google.registry.flows.EppXmlTransformer.unmarshal;
import static google.registry.flows.picker.FlowPicker.getFlowClass;
import com.google.apphosting.api.ApiProxy;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
import com.google.common.collect.ImmutableList;
@ -34,11 +33,11 @@ import google.registry.model.eppoutput.Result.Code;
import google.registry.monitoring.whitebox.EppMetrics;
import google.registry.util.Clock;
import google.registry.util.FormattingLogger;
import google.registry.util.SystemClock;
import javax.inject.Inject;
/**
* The EppController class, which implements the state machine for the EPP command/response
* protocol.
* An implementation of the EPP command/response protocol.
*
* @see "http://tools.ietf.org/html/rfc5730"
*/
@ -46,18 +45,16 @@ public final class EppController {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
private static final Clock clock = new SystemClock();
@Inject Clock clock;
@Inject EppMetrics metrics;
@Inject EppController() {}
/**
* Read an EPP envelope from the client, find the matching flow, execute it, and return
* the response marshalled to a byte array.
*/
public static byte[] handleEppCommand(byte[] inputXmlBytes, SessionMetadata sessionMetadata) {
public byte[] handleEppCommand(SessionMetadata sessionMetadata, byte[] inputXmlBytes) {
Trid trid = null;
EppMetrics metrics = new EppMetrics();
metrics.setRequestId(
ApiProxy.getCurrentEnvironment().getAttributes().get(
"com.google.appengine.runtime.request_log_id").toString());
try {
EppInput eppInput = unmarshal(inputXmlBytes);
trid = Trid.create(eppInput.getCommandWrapper().getClTrid());
@ -71,14 +68,14 @@ public final class EppController {
if (!targetIds.isEmpty()) {
metrics.setEppTarget(Joiner.on(",").join(targetIds));
}
FlowRunner flowRunner = new FlowRunner(
getFlowClass(eppInput),
eppInput,
trid,
sessionMetadata,
inputXmlBytes,
metrics);
metrics,
clock);
EppOutput eppOutput = flowRunner.run(
sessionMetadata.isDryRun() ? CommitMode.DRY_RUN : CommitMode.LIVE,
sessionMetadata.isSuperuser() ? UserPrivileges.SUPERUSER : UserPrivileges.NORMAL);
@ -89,12 +86,13 @@ public final class EppController {
} catch (EppException e) {
// The command failed. Send the client an error message.
metrics.setEppStatus(e.getResult().getCode());
return marshalWithLenientRetry(getErrorResponse(e.getResult(), trid));
return marshalWithLenientRetry(getErrorResponse(clock, e.getResult(), trid));
} catch (Throwable e) {
// Something bad and unexpected happened. Send the client a generic error, and log it.
logger.severe(e, "Unexpected failure");
metrics.setEppStatus(Code.CommandFailed);
return marshalWithLenientRetry(getErrorResponse(Result.create(Code.CommandFailed), trid));
return marshalWithLenientRetry(
getErrorResponse(clock, Result.create(Code.CommandFailed), trid));
} finally {
metrics.export();
}
@ -102,7 +100,7 @@ public final class EppController {
/** Create a response indicating an Epp failure. */
@VisibleForTesting
static EppOutput getErrorResponse(Result result, Trid trid) {
static EppOutput getErrorResponse(Clock clock, Result result, Trid trid) {
// Create TRID (without a clTRID) if one hasn't been created yet, as it's necessary to construct
// a valid response. This can happen if the error occurred before we could even parse out the
// clTRID (e.g. if a syntax error occurred parsing the supplied XML).

58
java/google/registry/flows/EppRequestHandler.java Normal file
View file

@ -0,0 +1,58 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static java.nio.charset.StandardCharsets.UTF_8;
import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
import static javax.servlet.http.HttpServletResponse.SC_OK;
import com.google.common.net.MediaType;
import google.registry.request.Response;
import google.registry.util.FormattingLogger;
import javax.inject.Inject;
/** Handle an EPP request and response. */
public class EppRequestHandler {
private static final MediaType APPLICATION_EPP_XML =
MediaType.create("application", "epp+xml").withCharset(UTF_8);
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
@Inject EppController eppController;
@Inject Response response;
@Inject EppRequestHandler() {}
/** Handle an EPP request and write out a servlet response. */
public void executeEpp(SessionMetadata sessionMetadata, byte[] inputXmlBytes) {
try {
response.setPayload(new String(
eppController.handleEppCommand(sessionMetadata, inputXmlBytes), UTF_8));
response.setContentType(APPLICATION_EPP_XML);
// Note that we always return 200 (OK) even if the EppController returns an error response.
// This is because returning an non-OK HTTP status code will cause the proxy server to
// silently close the connection without returning any data. The only time we will ever return
// a non-OK status (400) is if we fail to muster even an EPP error response message. In that
// case it's better to close the connection than to return garbage.
response.setStatus(SC_OK);
} catch (Exception e) {
logger.warning(e, "handleEppCommand general exception");
response.setStatus(SC_BAD_REQUEST);
}
}
}

68
java/google/registry/flows/EppServletUtils.java
View file

@ -1,68 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static google.registry.flows.EppController.handleEppCommand;
import static java.nio.charset.StandardCharsets.UTF_8;
import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
import static javax.servlet.http.HttpServletResponse.SC_OK;
import com.google.common.net.MediaType;
import google.registry.util.FormattingLogger;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.http.HttpServletResponse;
/** Utility methods for Epp servlet classes. */
public final class EppServletUtils {
public static final MediaType APPLICATION_EPP_XML_UTF8 =
MediaType.create("application", "epp+xml").withCharset(UTF_8);
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
/**
* Handle an EPP request and write out a servlet response.
*
* @throws IOException upon failure writing to {@code rsp}
*/
static void handleEppCommandAndWriteResponse(
byte[] inputXmlBytes, HttpServletResponse rsp, SessionMetadata sessionMetadata)
throws IOException {
byte[] response;
try {
response = handleEppCommand(inputXmlBytes, sessionMetadata);
} catch (Exception e) {
logger.warning(e, "handleEppCommand general exception");
rsp.setStatus(SC_BAD_REQUEST);
return;
}
// Note that we always return 200 (OK) even if the EppController returns an error response.
// This is because returning an non-OK HTTP status code will cause the proxy server to
// silently close the connection without returning any data. The only time we will ever return
// a non-OK status (400) is if we fail to muster even an EPP error response message. In that
// case it's better to close the connection than to return garbage.
rsp.setStatus(SC_OK);
rsp.setContentType(APPLICATION_EPP_XML_UTF8.toString());
try (OutputStream output = rsp.getOutputStream()) {
output.write(response);
}
}
private EppServletUtils() {}
}

52
java/google/registry/flows/EppTlsAction.java Normal file
View file

@ -0,0 +1,52 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import google.registry.request.Action;
import google.registry.request.Action.Method;
import google.registry.request.Payload;
import google.registry.util.FormattingLogger;
import javax.inject.Inject;
import javax.servlet.http.HttpSession;
/**
* Establishes a transport for EPP+TLS over HTTP. All commands and responses are EPP XML according
* to RFC 5730. Commands must be requested via POST.
*/
@Action(
path = "/_dr/epp",
method = Method.POST)
public class EppTlsAction implements Runnable {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
@Inject @Payload byte[] inputXmlBytes;
@Inject TlsCredentials tlsCredentials;
@Inject HttpSession session;
@Inject EppRequestHandler eppRequestHandler;
@Inject EppTlsAction() {}
@Override
public void run() {
// Check that SNI header is present. This is a signal that we're receiving traffic proxied by a
// GFE, which is the expectation of this servlet. The value is unused.
if (!tlsCredentials.hasSni()) {
logger.warning("Request did not include required SNI header.");
}
eppRequestHandler.executeEpp(new HttpSessionMetadata(tlsCredentials, session), inputXmlBytes);
}
}

72
java/google/registry/flows/EppTlsServlet.java
View file

@ -1,72 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static com.google.common.io.ByteStreams.toByteArray;
import static google.registry.flows.EppServletUtils.handleEppCommandAndWriteResponse;
import google.registry.util.FormattingLogger;
import java.io.IOException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* The {@link EppTlsServlet} class establishes a transport for EPP+TLS over* HTTP. All commands and
* responses are EPP XML according to RFC 5730. Commands must must requested via POST.
*
* <p>There are a number of expected headers to this endpoint:
* <dl>
* <dt>{@value #SSL_CLIENT_CERTIFICATE_HASH_FIELD}
* <dd>
* This field should contain a base64 encoded digest of the client's TLS certificate. It is
* validated during an EPP login command against a known good value that is transmitted out of
* band.
* <dt>{@value #FORWARDED_FOR_FIELD}
* <dd>
* This field should contain the host and port of the connecting client. It is validated during
* an EPP login command against an IP whitelist that is transmitted out of band.
* <dt>{@value #REQUESTED_SERVERNAME_VIA_SNI_FIELD}
* <dd>
* This field should contain the servername that the client requested during the TLS handshake.
* It is unused, but expected to be present in the GFE-proxied configuration.
* </dl>
*/
public class EppTlsServlet extends HttpServlet {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
static final String REQUESTED_SERVERNAME_VIA_SNI_FIELD = "X-GFE-Requested-Servername-SNI";
static final String FORWARDED_FOR_FIELD = "X-Forwarded-For";
static final String SSL_CLIENT_CERTIFICATE_HASH_FIELD = "X-GFE-SSL-Certificate";
@Override
public void doPost(HttpServletRequest req, HttpServletResponse rsp) throws IOException {
// Check that SNI header is present. This is a signal that we're receiving traffic proxied by a
// GFE, which is the expectation of this servlet. The value is unused.
TlsCredentials tlsCredentials = new TlsCredentials(req);
if (!tlsCredentials.hasSni()) {
logger.warning("Request did not include required SNI header.");
}
SessionMetadata sessionMetadata = new HttpSessionMetadata(tlsCredentials, req.getSession(true));
// Note that we are using the raw input stream rather than the reader, which implies that we are
// ignoring the HTTP-specified charset (if any) in favor of whatever charset the XML declares.
// This is ok because this code is only called from the proxy, which can't specify a charset
// (it blindly copies bytes off a socket).
handleEppCommandAndWriteResponse(toByteArray(req.getInputStream()), rsp, sessionMetadata);
}
}

85
java/google/registry/flows/EppToolAction.java Normal file
View file

@ -0,0 +1,85 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static google.registry.request.RequestParameters.extractBooleanParameter;
import static google.registry.request.RequestParameters.extractRequiredParameter;
import static java.nio.charset.StandardCharsets.UTF_8;
import dagger.Module;
import dagger.Provides;
import google.registry.flows.SessionMetadata.SessionSource;
import google.registry.model.eppcommon.ProtocolDefinition;
import google.registry.request.Action;
import google.registry.request.Action.Method;
import google.registry.request.Parameter;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
/** Runs EPP commands directly without logging in, verifying an XSRF token from the tool. */
@Action(
path = "/_dr/epptool",
xsrfProtection = true,
xsrfScope = "admin",
method = Method.POST)
public class EppToolAction implements Runnable {
@Inject @Parameter("clientIdentifier") String clientIdentifier;
@Inject @Parameter("superuser") boolean superuser;
@Inject @Parameter("dryRun") boolean dryRun;
@Inject @Parameter("xml") String xml;
@Inject EppRequestHandler eppRequestHandler;
@Inject EppToolAction() {}
@Override
public void run() {
eppRequestHandler.executeEpp(
new StatelessRequestSessionMetadata(
clientIdentifier,
superuser,
dryRun,
ProtocolDefinition.getVisibleServiceExtensionUris(),
SessionSource.TOOL),
xml.getBytes(UTF_8));
}
/** Dagger module for the epp tool endpoint. */
@Module
public static final class EppToolModule {
// TODO(b/29139545): Make parameters consistent across the graph. @Parameter("dryRun") is
// already provided elsewhere in the graph and happens to work for us but that's just luck.
@Provides
@Parameter("xml")
static String provideXml(HttpServletRequest req) {
return extractRequiredParameter(req, "xml");
}
@Provides
@Parameter("superuser")
static boolean provideIsSuperuser(HttpServletRequest req) {
return extractBooleanParameter(req, "superuser");
}
@Provides
@Parameter("clientIdentifier")
static String provideClientIdentifier(HttpServletRequest req) {
return extractRequiredParameter(req, "clientIdentifier");
}
}
}

52
java/google/registry/flows/EppToolServlet.java
View file

@ -1,52 +0,0 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static google.registry.flows.EppServletUtils.handleEppCommandAndWriteResponse;
import static java.nio.charset.StandardCharsets.UTF_8;
import google.registry.flows.SessionMetadata.SessionSource;
import google.registry.model.eppcommon.ProtocolDefinition;
import google.registry.security.XsrfProtectedServlet;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* This servlet runs EPP commands directly without logging in. It verifies an XSRF token that could
* only come from the tool.
*/
public class EppToolServlet extends XsrfProtectedServlet {
/** Used to verify XSRF tokens. */
public static final String XSRF_SCOPE = "admin";
public EppToolServlet() {
super(XSRF_SCOPE, true);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse rsp) throws IOException {
handleEppCommandAndWriteResponse(
req.getParameter("xml").getBytes(UTF_8), rsp, new StatelessRequestSessionMetadata(
req.getParameter("clientIdentifier"),
Boolean.parseBoolean(req.getParameter("superuser")),
Boolean.parseBoolean(req.getParameter("dryRun")),
ProtocolDefinition.getVisibleServiceExtensionUris(),
SessionSource.TOOL));
}
}

10
java/google/registry/flows/FlowRunner.java
View file

@ -29,8 +29,6 @@ import google.registry.model.eppoutput.EppOutput;
import google.registry.monitoring.whitebox.EppMetrics;
import google.registry.util.Clock;
import google.registry.util.FormattingLogger;
import google.registry.util.NonFinalForTesting;
import google.registry.util.SystemClock;
import google.registry.util.TypeUtils;
import org.joda.time.DateTime;
@ -48,15 +46,13 @@ public class FlowRunner {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
@NonFinalForTesting
private static Clock clock = new SystemClock();
private final Class<? extends Flow> flowClass;
private final EppInput eppInput;
private final Trid trid;
private final SessionMetadata sessionMetadata;
private final byte[] inputXmlBytes;
private final EppMetrics metrics;
private final Clock clock;
public FlowRunner(
Class<? extends Flow> flowClass,
@ -64,13 +60,15 @@ public class FlowRunner {
Trid trid,
SessionMetadata sessionMetadata,
byte[] inputXmlBytes,
final EppMetrics metrics) {
final EppMetrics metrics,
Clock clock) {
this.flowClass = flowClass;
this.eppInput = eppInput;
this.trid = trid;
this.sessionMetadata = sessionMetadata;
this.inputXmlBytes = inputXmlBytes;
this.metrics = metrics;
this.clock = clock;
}
public EppOutput run(

84
java/google/registry/flows/GaeUserCredentials.java Normal file
View file

@ -0,0 +1,84 @@
// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.flows;
import static com.google.appengine.api.users.UserServiceFactory.getUserService;
import static com.google.common.base.Strings.nullToEmpty;
import static java.lang.System.identityHashCode;
import com.google.appengine.api.users.User;
import com.google.common.annotations.VisibleForTesting;
import google.registry.flows.EppException.AuthenticationErrorException;
import google.registry.model.registrar.Registrar;
import google.registry.model.registrar.RegistrarContact;
import javax.annotation.Nullable;
/** Credentials provided by {@link com.google.appengine.api.users.UserService}. */
public class GaeUserCredentials implements TransportCredentials {
final User gaeUser;
@VisibleForTesting
public GaeUserCredentials(@Nullable User gaeUser) {
this.gaeUser = gaeUser;
}
@Override
public boolean performsLoginCheck() {
return true;
}
@Override
public void validate(Registrar r) throws AuthenticationErrorException {
if (gaeUser == null) {
throw new UserNotLoggedInException();
}
// Allow admins to act as any registrar.
if (getUserService().isUserAdmin()) {
return;
}
// Check Registrar's contacts to see if any are associated with this gaeUserId.
final String gaeUserId = gaeUser.getUserId();
for (RegistrarContact rc : r.getContacts()) {
if (gaeUserId.equals(rc.getGaeUserId())) {
return;
}
}
throw new BadGaeUserIdException(gaeUser);
}
@Override
public String toString() {
return String.format("GaeUserCredentials@%s{gaeUser: %s}", identityHashCode(this), gaeUser);
}
/** User is not logged in as a GAE user. */
public static class UserNotLoggedInException extends AuthenticationErrorException {
public UserNotLoggedInException() {
super("User is not logged in");
}
}
/** GAE user id is not allowed to login as requested registrar. */
public static class BadGaeUserIdException extends AuthenticationErrorException {
public BadGaeUserIdException(User user) {
super(
"User id is not allowed to login as requested registrar: "
+ (nullToEmpty(user.getEmail())));
}
}
}

129
java/google/registry/flows/TlsCredentials.java
View file

@ -16,77 +16,68 @@ package google.registry.flows;
import static com.google.common.base.MoreObjects.toStringHelper;
import static com.google.common.base.Strings.isNullOrEmpty;
import static google.registry.request.RequestParameters.extractOptionalHeader;
import static google.registry.request.RequestParameters.extractRequiredHeader;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
import com.google.common.collect.ImmutableList;
import com.google.common.net.HostAndPort;
import com.google.common.net.InetAddresses;
import dagger.Module;
import dagger.Provides;
import google.registry.flows.EppException.AuthenticationErrorException;
import google.registry.model.registrar.Registrar;
import google.registry.request.Header;
import google.registry.util.CidrAddressBlock;
import google.registry.util.FormattingLogger;
import java.net.InetAddress;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
/**
* Container and validation for TLS certificate and ip-whitelisting.
*
* <p>Credentials are based on the following headers:
* <dl>
* <dt>X-GFE-Requested-Servername-SNI
* <dd>
* This field should contain a base64 encoded digest of the client's TLS certificate. It is
* validated during an EPP login command against a known good value that is transmitted out of
* band.
* <dt>X-Forwarded-For
* <dd>
* This field should contain the host and port of the connecting client. It is validated during
* an EPP login command against an IP whitelist that is transmitted out of band.
* <dt>X-GFE-Requested-Servername-SNI
* <dd>
* This field should contain the servername that the client requested during the TLS handshake.
* It is unused, but expected to be present in the GFE-proxied configuration.
* </dl>
*/
public final class TlsCredentials implements TransportCredentials {
/** Registrar certificate does not match stored certificate. */
public static class BadRegistrarCertificateException extends AuthenticationErrorException {
public BadRegistrarCertificateException() {
super("Registrar certificate does not match stored certificate");
}
}
/** Registrar certificate not present. */
public static class MissingRegistrarCertificateException extends AuthenticationErrorException {
public MissingRegistrarCertificateException() {
super("Registrar certificate not present");
}
}
/** SNI header is required. */
public static class NoSniException extends AuthenticationErrorException {
public NoSniException() {
super("SNI header is required");
}
}
/** Registrar IP address is not in stored whitelist. */
public static class BadRegistrarIpAddressException extends AuthenticationErrorException {
public BadRegistrarIpAddressException() {
super("Registrar IP address is not in stored whitelist");
}
}
public class TlsCredentials implements TransportCredentials {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
private final String clientCertificateHash;
private final InetAddress clientInetAddr;
private final String sni;
private final InetAddress clientInetAddr;
@Inject
@VisibleForTesting
public TlsCredentials(String clientCertificateHash, InetAddress clientInetAddr, String sni) {
public TlsCredentials(
@Header("X-GFE-SSL-Certificate") String clientCertificateHash,
@Header("X-Forwarded-For") Optional<String> clientAddress,
@Header("X-GFE-Requested-Servername-SNI") String sni) {
this.clientCertificateHash = clientCertificateHash;
this.clientInetAddr = clientInetAddr;
this.clientInetAddr = clientAddress.isPresent() ? parseInetAddress(clientAddress.get()) : null;
this.sni = sni;
}
/**
* Extracts the client TLS certificate and source internet address
* from the given HTTP request.
*/
TlsCredentials(HttpServletRequest req) {
this(req.getHeader(EppTlsServlet.SSL_CLIENT_CERTIFICATE_HASH_FIELD),
parseInetAddress(req.getHeader(EppTlsServlet.FORWARDED_FOR_FIELD)),
req.getHeader(EppTlsServlet.REQUESTED_SERVERNAME_VIA_SNI_FIELD));
}
static InetAddress parseInetAddress(String asciiAddr) {
try {
return InetAddresses.forString(HostAndPort.fromString(asciiAddr).getHostText());
@ -155,7 +146,7 @@ public final class TlsCredentials implements TransportCredentials {
if (!hasSni()) {
throw new NoSniException();
}
logger.infofmt("Request did not include %s", EppTlsServlet.SSL_CLIENT_CERTIFICATE_HASH_FIELD);
logger.infofmt("Request did not include %s", "X-GFE-SSL-Certificate");
throw new MissingRegistrarCertificateException();
}
if (!clientCertificateHash.equals(registrar.getClientCertificateHash())
@ -174,8 +165,58 @@ public final class TlsCredentials implements TransportCredentials {
return toStringHelper(getClass())
.add("system hash code", System.identityHashCode(this))
.add("clientCertificateHash", clientCertificateHash)
.add("clientInetAddress", clientInetAddr)
.add("clientAddress", clientInetAddr)
.add("sni", sni)
.toString();
}
/** Registrar certificate does not match stored certificate. */
public static class BadRegistrarCertificateException extends AuthenticationErrorException {
public BadRegistrarCertificateException() {
super("Registrar certificate does not match stored certificate");
}
}
/** Registrar certificate not present. */
public static class MissingRegistrarCertificateException extends AuthenticationErrorException {
public MissingRegistrarCertificateException() {
super("Registrar certificate not present");
}
}
/** SNI header is required. */
public static class NoSniException extends AuthenticationErrorException {
public NoSniException() {
super("SNI header is required");
}
}
/** Registrar IP address is not in stored whitelist. */
public static class BadRegistrarIpAddressException extends AuthenticationErrorException {
public BadRegistrarIpAddressException() {
super("Registrar IP address is not in stored whitelist");
}
}
/** Dagger module for the EPP TLS endpoint. */
@Module
public static final class EppTlsModule {
@Provides
@Header("X-GFE-SSL-Certificate")
static String provideClientCertificateHash(HttpServletRequest req) {
return extractRequiredHeader(req, "X-GFE-SSL-Certificate");
}
@Provides
@Header("X-Forwarded-For")
static Optional<String> provideForwardedFor(HttpServletRequest req) {
return extractOptionalHeader(req, "X-Forwarded-For");
}
@Provides
@Header("X-GFE-Requested-Servername-SNI")
static String provideRequestedServername(HttpServletRequest req) {
return extractRequiredHeader(req, "X-GFE-Requested-Servername-SNI");
}
}
}

4
java/google/registry/flows/session/LoginFlow.java
View file

@ -46,11 +46,11 @@ import java.util.Set;
/**
* An EPP flow for login.
*
* @error {@link google.registry.flows.EppConsoleServlet.GaeUserCredentials.BadGaeUserIdException}
* @error {@link google.registry.flows.EppConsoleServlet.GaeUserCredentials.UserNotLoggedInException}
* @error {@link google.registry.flows.EppException.UnimplementedExtensionException}
* @error {@link google.registry.flows.EppException.UnimplementedObjectServiceException}
* @error {@link google.registry.flows.EppException.UnimplementedProtocolVersionException}
* @error {@link google.registry.flows.GaeUserCredentials.BadGaeUserIdException}
* @error {@link google.registry.flows.GaeUserCredentials.UserNotLoggedInException}
* @error {@link google.registry.flows.TlsCredentials.BadRegistrarCertificateException}
* @error {@link google.registry.flows.TlsCredentials.BadRegistrarIpAddressException}
* @error {@link google.registry.flows.TlsCredentials.MissingRegistrarCertificateException}

2
java/google/registry/module/frontend/BUILD
View file

@ -18,11 +18,13 @@ java_library(
"//third_party/java/servlet/servlet_api",
"//java/google/registry/braintree",
"//java/google/registry/config",
"//java/google/registry/flows",
"//java/google/registry/keyring/api",
"//java/google/registry/rdap",
"//java/google/registry/request",
"//java/google/registry/request:modules",
"//java/google/registry/ui",
"//java/google/registry/ui/server/api",
"//java/google/registry/ui/server/registrar",
"//java/google/registry/util",
"//java/google/registry/whois",

10
java/google/registry/module/frontend/FrontendRequestComponent.java
View file

@ -16,6 +16,9 @@ package google.registry.module.frontend;
import dagger.Subcomponent;
import google.registry.flows.EppConsoleAction;
import google.registry.flows.EppTlsAction;
import google.registry.flows.TlsCredentials.EppTlsModule;
import google.registry.rdap.RdapAutnumAction;
import google.registry.rdap.RdapDomainAction;
import google.registry.rdap.RdapDomainSearchAction;
@ -28,6 +31,8 @@ import google.registry.rdap.RdapNameserverAction;
import google.registry.rdap.RdapNameserverSearchAction;
import google.registry.request.RequestModule;
import google.registry.request.RequestScope;
import google.registry.ui.server.api.CheckApiAction;
import google.registry.ui.server.api.CheckApiAction.CheckApiModule;
import google.registry.ui.server.registrar.ConsoleUiAction;
import google.registry.ui.server.registrar.RegistrarPaymentAction;
import google.registry.ui.server.registrar.RegistrarPaymentSetupAction;
@ -40,13 +45,18 @@ import google.registry.whois.WhoisServer;
@RequestScope
@Subcomponent(
modules = {
CheckApiModule.class,
EppTlsModule.class,
RdapModule.class,
RegistrarUserModule.class,
RequestModule.class,
WhoisModule.class,
})
interface FrontendRequestComponent {
CheckApiAction checkApiAction();
ConsoleUiAction consoleUiAction();
EppConsoleAction eppConsoleAction();
EppTlsAction eppTlsAction();
RdapAutnumAction rdapAutnumAction();
RegistrarPaymentAction registrarPaymentAction();
RegistrarPaymentSetupAction registrarPaymentSetupAction();

1
java/google/registry/module/tools/BUILD
View file

@ -18,6 +18,7 @@ java_library(
"//third_party/java/servlet/servlet_api",
"//java/google/registry/config",
"//java/google/registry/export",
"//java/google/registry/flows",
"//java/google/registry/gcs",
"//java/google/registry/groups",
"//java/google/registry/keyring/api",

4
java/google/registry/module/tools/ToolsRequestComponent.java
View file

@ -17,6 +17,8 @@ package google.registry.module.tools;
import dagger.Subcomponent;
import google.registry.export.PublishDetailReportAction;
import google.registry.flows.EppToolAction;
import google.registry.flows.EppToolAction.EppToolModule;
import google.registry.loadtest.LoadTestAction;
import google.registry.loadtest.LoadTestModule;
import google.registry.mapreduce.MapreduceModule;
@ -46,6 +48,7 @@ import google.registry.tools.server.javascrap.CountRecurringBillingEventsAction;
@RequestScope
@Subcomponent(
modules = {
EppToolModule.class,
LoadTestModule.class,
MapreduceModule.class,
RequestModule.class,
@ -58,6 +61,7 @@ interface ToolsRequestComponent {
CreatePremiumListAction createPremiumListAction();
DeleteEntityAction deleteEntityAction();
DeleteProberDataAction deleteProberDataAction();
EppToolAction eppToolAction();
GenerateZoneFilesAction generateZoneFilesAction();
KillAllCommitLogsAction killAllCommitLogsAction();
KillAllEppResourcesAction killAllEppResourcesAction();

14
java/google/registry/monitoring/whitebox/EppMetrics.java
View file

@ -15,12 +15,17 @@
package google.registry.monitoring.whitebox;
import com.google.api.services.bigquery.model.TableFieldSchema;
import com.google.apphosting.api.ApiProxy;
import com.google.common.collect.ImmutableList;
import google.registry.bigquery.BigqueryUtils.FieldType;
import google.registry.model.eppoutput.Result.Code;
import google.registry.request.RequestScope;
import javax.inject.Inject;
/** The EPP Metrics collector. See {@link Metrics}. */
@RequestScope
public class EppMetrics extends Metrics {
static final String EPPMETRICS_TABLE_ID = "eppMetrics";
@ -37,9 +42,14 @@ public class EppMetrics extends Metrics {
new TableFieldSchema().setName("eppStatus").setType(FieldType.INTEGER.name()),
new TableFieldSchema().setName("attempts").setType(FieldType.INTEGER.name()));
@Inject
public EppMetrics() {
setTableId(EPPMETRICS_TABLE_ID);
fields.put("attempts", 0);
fields.put(
"requestId",
ApiProxy.getCurrentEnvironment().getAttributes()
.get("com.google.appengine.runtime.request_log_id").toString());
}
public void setCommandName(String name) {
@ -58,10 +68,6 @@ public class EppMetrics extends Metrics {
fields.put("eppTarget", eppTarget);
}
public void setRequestId(String requestId) {
fields.put("requestId", requestId);
}
public void setEppStatus(Code status) {
fields.put("eppStatus", String.valueOf(status.code));
}

6
java/google/registry/request/RequestModule.java
View file

@ -37,6 +37,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/** Dagger module for servlets. */
@Module
@ -55,6 +56,11 @@ public final class RequestModule {
return response;
}
@Provides
HttpSession provideHttpSession() {
return req.getSession();
}
@Provides
HttpServletRequest provideHttpServletRequest() {
return req;

9
java/google/registry/request/RequestParameters.java
View file

@ -198,5 +198,14 @@ public final class RequestParameters {
return result;
}
/**
* Returns an {@link Optional} of the first HTTP header associated with {@code name}, or empty.
*
* @param name case insensitive header name
*/
public static Optional<String> extractOptionalHeader(HttpServletRequest req, String name) {
return Optional.fromNullable(req.getHeader(name));
}
private RequestParameters() {}
}

57
java/google/registry/tools/ValidateLoginCredentialsCommand.java
View file

@ -17,38 +17,37 @@ package google.registry.tools;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Strings.isNullOrEmpty;
import static com.google.common.io.Resources.getResource;
import static google.registry.flows.EppXmlTransformer.unmarshal;
import static google.registry.tools.CommandUtilities.runFlow;
import static google.registry.util.X509Utils.getCertificateHash;
import static google.registry.util.X509Utils.loadCertificate;
import static java.nio.charset.StandardCharsets.US_ASCII;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.google.common.net.InetAddresses;
import com.google.common.base.Optional;
import com.google.template.soy.SoyFileSet;
import com.google.template.soy.data.SoyMapData;
import com.beust.jcommander.Parameter;
import com.beust.jcommander.Parameters;
import google.registry.flows.Flow;
import google.registry.flows.EppXmlTransformer;
import google.registry.flows.FlowRunner;
import google.registry.flows.FlowRunner.CommitMode;
import google.registry.flows.FlowRunner.UserPrivileges;
import google.registry.flows.SessionMetadata;
import google.registry.flows.HttpSessionMetadata;
import google.registry.flows.TlsCredentials;
import google.registry.flows.picker.FlowPicker;
import google.registry.flows.session.LoginFlow;
import google.registry.model.eppcommon.Trid;
import google.registry.model.eppinput.EppInput;
import google.registry.tools.Command.GtechCommand;
import google.registry.tools.Command.RemoteApiCommand;
import google.registry.tools.params.PathParameter;
import google.registry.tools.soy.LoginSoyInfo;
import google.registry.util.BasicHttpSession;
import google.registry.util.SystemClock;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Nullable;
@ -102,44 +101,20 @@ final class ValidateLoginCredentialsCommand implements RemoteApiCommand, GtechCo
.setData(new SoyMapData("clientIdentifier", clientIdentifier, "password", password))
.render()
.getBytes(UTF_8);
EppInput eppInput = unmarshal(inputXmlBytes);
Class<? extends Flow> flowClass = FlowPicker.getFlowClass(eppInput);
System.out.println(runFlow(
new FlowRunner(
flowClass,
eppInput,
Trid.create(eppInput.getCommandWrapper().getClTrid()),
new SessionMetadata() {
private final Map<String, Object> properties = new HashMap<>();
{
setTransportCredentials(new TlsCredentials(
LoginFlow.class,
EppXmlTransformer.<EppInput>unmarshal(inputXmlBytes),
Trid.create(null),
new HttpSessionMetadata(
new TlsCredentials(
clientCertificateHash,
InetAddresses.forString(clientIpAddress),
"placeholder")); // behave as if we have SNI on, since we're validating a cert
}
@Override
protected void setProperty(String key, Object value) {
properties.put(key, value);
}
@Override
protected Object getProperty(String key) {
return properties.get(key);
}
@Override
public SessionSource getSessionSource() {
return SessionSource.TOOL;
}
@Override
public void invalidate() {}
},
Optional.of(clientIpAddress),
"placeholder"), // behave as if we have SNI on, since we're validating a cert
new BasicHttpSession()),
inputXmlBytes,
null),
null,
new SystemClock()),
CommitMode.DRY_RUN,
UserPrivileges.NORMAL));
}

3
java/google/registry/ui/server/api/BUILD
View file

@ -11,9 +11,12 @@ java_library(
"//java/com/google/common/base",
"//java/com/google/common/collect",
"//java/com/google/common/net",
"//third_party/java/dagger",
"//third_party/java/jsr330_inject",
"//java/google/registry/config",
"//java/google/registry/flows",
"//java/google/registry/model",
"//java/google/registry/request",
"//java/google/registry/ui/server",
"//java/google/registry/ui/soy/api:soy_java_wrappers",
"//java/google/registry/util",

61
java/google/registry/ui/server/api/CheckApiServlet.java → java/google/registry/ui/server/api/CheckApiAction.java
View file

@ -31,6 +31,9 @@ import com.google.common.net.InternetDomainName;
import com.google.common.net.MediaType;
import com.google.template.soy.tofu.SoyTofu;
import dagger.Module;
import dagger.Provides;
import google.registry.config.RegistryEnvironment;
import google.registry.flows.EppException;
import google.registry.flows.EppXmlTransformer;
@ -47,37 +50,33 @@ import google.registry.model.eppinput.EppInput;
import google.registry.model.eppoutput.CheckData.DomainCheck;
import google.registry.model.eppoutput.CheckData.DomainCheckData;
import google.registry.model.eppoutput.Response;
import google.registry.request.Action;
import google.registry.request.Parameter;
import google.registry.request.RequestParameters;
import google.registry.ui.soy.api.DomainCheckFeeEppSoyInfo;
import google.registry.util.Clock;
import google.registry.util.FormattingLogger;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServlet;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* A servlet that returns availability and premium checks as json.
*
* <p>This servlet returns plain JSON without a safety prefix, so it's vital that the output not be
* <p>This action returns plain JSON without a safety prefix, so it's vital that the output not be
* user controlled, lest it open an XSS vector. Do not modify this to return the domain name in the
* response.
*/
public class CheckApiServlet extends HttpServlet {
@Action(path = "/check")
public class CheckApiAction implements Runnable {
private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
private static final Supplier<SoyTofu> TOFU_SUPPLIER =
createTofuSupplier(DomainCheckFeeEppSoyInfo.getInstance());
@Override
public void doGet(HttpServletRequest req, HttpServletResponse rsp) throws IOException {
Map<String, ?> response = doCheck(req.getParameter("domain"));
rsp.setHeader("Content-Disposition", "attachment");
rsp.setHeader("X-Content-Type-Options", "nosniff");
rsp.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
rsp.setContentType(MediaType.JSON_UTF_8.toString());
rsp.getWriter().write(toJSONString(response));
}
private StatelessRequestSessionMetadata sessionMetadata = new StatelessRequestSessionMetadata(
RegistryEnvironment.get().config().getCheckApiServletRegistrarClientId(),
false,
@ -85,6 +84,21 @@ public class CheckApiServlet extends HttpServlet {
ImmutableSet.of(FEE_0_6.getUri()),
SessionSource.HTTP);
@Inject @Parameter("domain") String domain;
@Inject google.registry.request.Response response;
@Inject Clock clock;
@Inject CheckApiAction() {}
@Override
public void run() {
Map<String, ?> checkResponse = doCheck(domain);
response.setHeader("Content-Disposition", "attachment");
response.setHeader("X-Content-Type-Options", "nosniff");
response.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
response.setContentType(MediaType.JSON_UTF_8);
response.setPayload(toJSONString(checkResponse));
}
// TODO(rgr): add whitebox instrumentation for this?
private Map<String, ?> doCheck(String domainString) {
try {
@ -103,10 +117,11 @@ public class CheckApiServlet extends HttpServlet {
Response response = new FlowRunner(
DomainCheckFlow.class,
EppXmlTransformer.<EppInput>unmarshal(inputXmlBytes),
Trid.create(CheckApiServlet.class.getSimpleName()),
Trid.create(getClass().getSimpleName()),
sessionMetadata,
inputXmlBytes,
null)
null,
clock)
.run(CommitMode.LIVE, UserPrivileges.NORMAL)
.getResponse();
DomainCheckData checkData = (DomainCheckData) response.getResponseData().get(0);
@ -127,7 +142,7 @@ public class CheckApiServlet extends HttpServlet {
} catch (EppException e) {
return fail(e.getMessage());
} catch (Exception e) {
e.printStackTrace();
logger.warning(e, "Unknown error");
return fail("Invalid request");
}
}
@ -137,4 +152,14 @@ public class CheckApiServlet extends HttpServlet {
"status", "error",
"reason", reason);
}
/** Dagger module for the check api endpoint. */
@Module
public static final class CheckApiModule {
@Provides
@Parameter("domain")
static String provideDomain(HttpServletRequest req) {
return RequestParameters.extractRequiredParameter(req, "domain");
}
}
}

4
java/google/registry/ui/server/registrar/ConsoleUiAction.java
View file

@ -28,7 +28,7 @@ import com.google.template.soy.shared.SoyCssRenamingMap;
import com.google.template.soy.tofu.SoyTofu;
import google.registry.config.ConfigModule.Config;
import google.registry.flows.EppConsoleServlet;
import google.registry.flows.EppConsoleAction;
import google.registry.model.registrar.Registrar;
import google.registry.request.Action;
import google.registry.request.Response;
@ -92,7 +92,7 @@ public final class ConsoleUiAction implements Runnable {
}
Registrar registrar = Registrar.loadByClientId(sessionUtils.getRegistrarClientId(req));
SoyMapData data = new SoyMapData();
data.put("xsrfToken", XsrfTokenManager.generateToken(EppConsoleServlet.XSRF_SCOPE));
data.put("xsrfToken", XsrfTokenManager.generateToken(EppConsoleAction.XSRF_SCOPE));
data.put("clientId", registrar.getClientIdentifier());
data.put("username", userService.getCurrentUser().getNickname());
data.put("isAdmin", userService.isUserAdmin());

2
java/google/registry/ui/server/registrar/ResourceServlet.java
View file

@ -15,7 +15,7 @@
package google.registry.ui.server.registrar;
import static com.google.appengine.api.users.UserServiceFactory.getUserService;
import static google.registry.flows.EppConsoleServlet.XSRF_SCOPE;
import static google.registry.flows.EppConsoleAction.XSRF_SCOPE;
import static google.registry.security.JsonResponseHelper.Status.ERROR;
import com.google.common.base.Optional;