2 * Copyright (c) 2017 Brocade Communication Systems and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 package org.opendaylight.netconf.topology.spi;
10 import static java.util.Objects.requireNonNull;
12 import com.google.common.annotations.VisibleForTesting;
13 import com.google.common.collect.ImmutableClassToInstanceMap;
14 import com.google.common.util.concurrent.FutureCallback;
15 import com.google.common.util.concurrent.ListenableFuture;
16 import com.google.common.util.concurrent.MoreExecutors;
17 import com.google.common.util.concurrent.SettableFuture;
18 import java.nio.charset.StandardCharsets;
19 import java.security.GeneralSecurityException;
20 import org.eclipse.jdt.annotation.NonNull;
21 import org.opendaylight.aaa.encrypt.AAAEncryptionService;
22 import org.opendaylight.mdsal.binding.api.DataBroker;
23 import org.opendaylight.mdsal.binding.api.RpcProviderService;
24 import org.opendaylight.mdsal.binding.api.WriteTransaction;
25 import org.opendaylight.mdsal.common.api.CommitInfo;
26 import org.opendaylight.mdsal.common.api.LogicalDatastoreType;
27 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.Credentials;
28 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.KeyAuthBuilder;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.LoginPwBuilder;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.LoginPwUnencryptedBuilder;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.key.auth.KeyBasedBuilder;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.login.pw.LoginPasswordBuilder;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.device.rev240120.credentials.credentials.login.pw.unencrypted.LoginPasswordUnencryptedBuilder;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.optional.rev221225.NetconfNodeAugmentedOptionalBuilder;
35 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.CreateDevice;
36 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.CreateDeviceInput;
37 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.CreateDeviceOutput;
38 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.CreateDeviceOutputBuilder;
39 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.DeleteDevice;
40 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.DeleteDeviceInput;
41 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.DeleteDeviceOutput;
42 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.DeleteDeviceOutputBuilder;
43 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.NetconfNode;
44 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.NetconfNodeBuilder;
45 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.rpc.credentials.RpcCredentials;
46 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.rpc.credentials.rpc.credentials.KeyAuth;
47 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.rpc.credentials.rpc.credentials.LoginPw;
48 import org.opendaylight.yang.gen.v1.urn.opendaylight.netconf.node.topology.rev231121.rpc.credentials.rpc.credentials.LoginPwUnencrypted;
49 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NetworkTopology;
50 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.NodeId;
51 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.TopologyId;
52 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.Topology;
53 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.TopologyKey;
54 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.Node;
55 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.NodeBuilder;
56 import org.opendaylight.yang.gen.v1.urn.tbd.params.xml.ns.yang.network.topology.rev131021.network.topology.topology.NodeKey;
57 import org.opendaylight.yangtools.concepts.Registration;
58 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
59 import org.opendaylight.yangtools.yang.binding.Rpc;
60 import org.opendaylight.yangtools.yang.common.RpcResult;
61 import org.opendaylight.yangtools.yang.common.RpcResultBuilder;
62 import org.slf4j.Logger;
63 import org.slf4j.LoggerFactory;
66 public final class NetconfTopologyRPCProvider implements AutoCloseable {
67 private static final Logger LOG = LoggerFactory.getLogger(NetconfTopologyRPCProvider.class);
69 private final @NonNull InstanceIdentifier<Topology> topologyPath;
70 private final @NonNull AAAEncryptionService encryptionService;
71 private final @NonNull DataBroker dataBroker;
73 private final Registration reg;
75 public NetconfTopologyRPCProvider(final RpcProviderService rpcProviderService, final DataBroker dataBroker,
76 final AAAEncryptionService encryptionService, final String topologyId) {
77 this.dataBroker = requireNonNull(dataBroker);
78 this.encryptionService = requireNonNull(encryptionService);
79 topologyPath = InstanceIdentifier.builder(NetworkTopology.class)
80 .child(Topology.class, new TopologyKey(new TopologyId(topologyId)))
82 reg = rpcProviderService.registerRpcImplementations(ImmutableClassToInstanceMap.<Rpc<?, ?>>builder()
83 .put(CreateDevice.class, this::createDevice)
84 .put(DeleteDevice.class, this::deleteDevice)
88 protected @NonNull InstanceIdentifier<Topology> topologyPath() {
97 private ListenableFuture<RpcResult<CreateDeviceOutput>> createDevice(final CreateDeviceInput input) {
98 final var netconfNode = encryptPassword(input);
99 final var nodeId = new NodeId(input.getNodeId());
100 final var nodeBuilder = new NodeBuilder()
102 .addAugmentation(netconfNode);
103 if (input.getIgnoreMissingSchemaSources() != null) {
104 final var netconfNodeOptionalBuilder = new NetconfNodeAugmentedOptionalBuilder(input);
105 nodeBuilder.addAugmentation(netconfNodeOptionalBuilder.build());
107 final SettableFuture<RpcResult<CreateDeviceOutput>> futureResult = SettableFuture.create();
108 writeToConfigDS(nodeBuilder.build(), nodeId, futureResult);
112 private ListenableFuture<RpcResult<DeleteDeviceOutput>> deleteDevice(final DeleteDeviceInput input) {
113 final NodeId nodeId = new NodeId(input.getNodeId());
115 final InstanceIdentifier<Node> niid = topologyPath.child(Node.class, new NodeKey(nodeId));
117 final WriteTransaction wtx = dataBroker.newWriteOnlyTransaction();
118 wtx.delete(LogicalDatastoreType.CONFIGURATION, niid);
120 final SettableFuture<RpcResult<DeleteDeviceOutput>> rpcFuture = SettableFuture.create();
122 wtx.commit().addCallback(new FutureCallback<CommitInfo>() {
124 public void onSuccess(final CommitInfo result) {
125 LOG.info("delete-device RPC: Removed netconf node successfully.");
126 rpcFuture.set(RpcResultBuilder.success(new DeleteDeviceOutputBuilder().build()).build());
130 public void onFailure(final Throwable exception) {
131 LOG.error("delete-device RPC: Unable to remove netconf node.", exception);
132 rpcFuture.setException(exception);
134 }, MoreExecutors.directExecutor());
140 NetconfNode encryptPassword(final CreateDeviceInput input) {
141 final NetconfNodeBuilder builder = new NetconfNodeBuilder();
142 builder.fieldsFrom(input);
143 return builder.setCredentials(translate(input.getRpcCredentials()))
147 private Credentials translate(final RpcCredentials credentialsRpc) {
148 if (credentialsRpc instanceof LoginPw loginPw) {
149 final var loginPassword = loginPw.getLoginPassword();
150 final byte[] cipherBytes;
153 cipherBytes = encryptionService.encrypt(loginPassword.getPassword().getBytes(StandardCharsets.UTF_8));
154 } catch (GeneralSecurityException e) {
155 throw new IllegalArgumentException("Failed to encrypt password", e);
158 return new LoginPwBuilder()
159 .setLoginPassword(new LoginPasswordBuilder()
160 .setUsername(loginPassword.getUsername())
161 .setPassword(cipherBytes)
164 } else if (credentialsRpc instanceof LoginPwUnencrypted loginPwUnencrypted) {
165 final var loginPassword = loginPwUnencrypted.getLoginPasswordUnencrypted();
166 return new LoginPwUnencryptedBuilder()
167 .setLoginPasswordUnencrypted(new LoginPasswordUnencryptedBuilder()
168 .setUsername(loginPassword.getUsername())
169 .setPassword(loginPassword.getPassword())
172 } else if (credentialsRpc instanceof KeyAuth keyAuth) {
173 final var loginPassword = keyAuth.getKeyBased();
174 return new KeyAuthBuilder()
175 .setKeyBased(new KeyBasedBuilder()
176 .setUsername(loginPassword.getUsername())
177 .setKeyId(loginPassword.getKeyId())
181 throw new IllegalArgumentException("Unsupported credential type: " + credentialsRpc.getClass());
185 private void writeToConfigDS(final Node node, final NodeId nodeId,
186 final SettableFuture<RpcResult<CreateDeviceOutput>> futureResult) {
188 final WriteTransaction writeTransaction = dataBroker.newWriteOnlyTransaction();
189 final InstanceIdentifier<Node> niid = topologyPath.child(Node.class, new NodeKey(nodeId));
190 writeTransaction.mergeParentStructureMerge(LogicalDatastoreType.CONFIGURATION, niid, node);
191 writeTransaction.commit().addCallback(new FutureCallback<CommitInfo>() {
194 public void onSuccess(final CommitInfo result) {
195 LOG.info("add-netconf-node RPC: Added netconf node successfully.");
196 futureResult.set(RpcResultBuilder.success(new CreateDeviceOutputBuilder().build()).build());
200 public void onFailure(final Throwable exception) {
201 LOG.error("add-netconf-node RPC: Unable to add netconf node.", exception);
202 futureResult.setException(exception);
204 }, MoreExecutors.directExecutor());