2 * Copyright IBM Corporation, 2015. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.northbound.api;
11 import java.util.ArrayList;
12 import java.util.HashMap;
13 import java.util.Iterator;
14 import java.util.List;
16 import javax.ws.rs.Consumes;
17 import javax.ws.rs.DELETE;
18 import javax.ws.rs.DefaultValue;
19 import javax.ws.rs.GET;
20 import javax.ws.rs.POST;
21 import javax.ws.rs.PUT;
22 import javax.ws.rs.Path;
23 import javax.ws.rs.PathParam;
24 import javax.ws.rs.Produces;
25 import javax.ws.rs.QueryParam;
26 import javax.ws.rs.core.Context;
27 import javax.ws.rs.core.MediaType;
28 import javax.ws.rs.core.Response;
29 import javax.ws.rs.core.UriInfo;
31 import org.codehaus.enunciate.jaxrs.ResponseCode;
32 import org.codehaus.enunciate.jaxrs.StatusCodes;
33 import org.codehaus.enunciate.jaxrs.TypeHint;
34 import org.opendaylight.neutron.spi.INeutronVPNIPSECPolicyAware;
35 import org.opendaylight.neutron.spi.INeutronVPNIPSECPolicyCRUD;
36 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
37 import org.opendaylight.neutron.spi.NeutronVPNIPSECPolicy;
40 * Neutron Northbound REST APIs for VPN IPSEC Policy.<br>
41 * This class provides REST APIs for managing neutron VPN IPSEC Policies
45 * Authentication scheme : <b>HTTP Basic</b><br>
46 * Authentication realm : <b>opendaylight</b><br>
47 * Transport : <b>HTTP and HTTPS</b><br>
49 * HTTPS Authentication is disabled by default. Administrator can enable it in
50 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
51 * trusted authority.<br>
53 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
57 @Path("/vpn/ipsecpolicies")
58 public class NeutronVPNIPSECPoliciesNorthbound {
60 private NeutronVPNIPSECPolicy extractFields(NeutronVPNIPSECPolicy o, List<String> fields) {
61 return o.extractFields(fields);
68 * Returns a list of all VPN IPSEC Policies */
71 @Produces({ MediaType.APPLICATION_JSON })
73 @ResponseCode(code = 200, condition = "Operation successful"),
74 @ResponseCode(code = 401, condition = "Unauthorized"),
75 @ResponseCode(code = 501, condition = "Not Implemented"),
76 @ResponseCode(code = 503, condition = "No providers available") })
77 public Response listVPNIPSECPolicies(
79 @QueryParam("fields") List<String> fields,
81 @QueryParam("id") String queryID,
82 @QueryParam("tenant_id") String queryTenantID,
83 @QueryParam("name") String queryName,
84 @QueryParam("description") String queryDescription,
85 @QueryParam("transform_protocol") String queryTransformProtocol,
86 @QueryParam("encapsulation_mode") String queryEncapsulationMode,
87 @QueryParam("auth_algorithm") String queryAuthAlgorithm,
88 @QueryParam("encryption_algorithm") String queryEncryptionAlgorithm,
89 @QueryParam("pfs") String queryPFS
90 // pagination and sorting are TODO
92 INeutronVPNIPSECPolicyCRUD labelInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
93 if (labelInterface == null) {
94 throw new ServiceUnavailableException("NeutronVPNIPSECPolicy CRUD Interface "
95 + RestMessages.SERVICEUNAVAILABLE.toString());
97 List<NeutronVPNIPSECPolicy> allNeutronVPNIPSECPolicies = labelInterface.getAllNeutronVPNIPSECPolicies();
98 List<NeutronVPNIPSECPolicy> ans = new ArrayList<NeutronVPNIPSECPolicy>();
99 Iterator<NeutronVPNIPSECPolicy> i = allNeutronVPNIPSECPolicies.iterator();
100 while (i.hasNext()) {
101 NeutronVPNIPSECPolicy oSS = i.next();
102 if ((queryID == null || queryID.equals(oSS.getID())) &&
103 (queryName == null || queryName.equals(oSS.getName())) &&
104 (queryDescription == null || queryDescription.equals(oSS.getDescription())) &&
105 (queryAuthAlgorithm == null || queryAuthAlgorithm.equals(oSS.getAuthAlgorithm())) &&
106 (queryEncryptionAlgorithm == null || queryEncryptionAlgorithm.equals(oSS.getEncryptionAlgorithm())) &&
107 (queryPFS == null || queryPFS.equals(oSS.getPerfectForwardSecrecy())) &&
108 (queryTransformProtocol == null || queryTransformProtocol.equals(oSS.getTransformProtocol())) &&
109 (queryEncapsulationMode == null || queryEncapsulationMode.equals(oSS.getEncapsulationMode())) &&
110 (queryTenantID == null || queryTenantID.equals(oSS.getTenantID()))) {
111 if (fields.size() > 0) {
112 ans.add(extractFields(oSS,fields));
118 //TODO: apply pagination to results
119 return Response.status(200).entity(
120 new NeutronVPNIPSECPolicyRequest(ans)).build();
124 * Returns a specific VPN IPSEC Policy */
128 @Produces({ MediaType.APPLICATION_JSON })
130 @ResponseCode(code = 200, condition = "Operation successful"),
131 @ResponseCode(code = 401, condition = "Unauthorized"),
132 @ResponseCode(code = 403, condition = "Forbidden"),
133 @ResponseCode(code = 404, condition = "Not Found"),
134 @ResponseCode(code = 501, condition = "Not Implemented"),
135 @ResponseCode(code = 503, condition = "No providers available") })
136 public Response showVPNIPSECPolicy(
137 @PathParam("policyID") String policyUUID,
139 @QueryParam("fields") List<String> fields
141 INeutronVPNIPSECPolicyCRUD policyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
142 if (policyInterface == null) {
143 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
144 + RestMessages.SERVICEUNAVAILABLE.toString());
146 if (!policyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
147 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
149 if (fields.size() > 0) {
150 NeutronVPNIPSECPolicy ans = policyInterface.getNeutronVPNIPSECPolicy(policyUUID);
151 return Response.status(200).entity(
152 new NeutronVPNIPSECPolicyRequest(extractFields(ans, fields))).build();
154 return Response.status(200).entity(
155 new NeutronVPNIPSECPolicyRequest(policyInterface.getNeutronVPNIPSECPolicy(policyUUID))).build();
160 * Creates new VPN IPSEC Policy */
162 @Produces({ MediaType.APPLICATION_JSON })
163 @Consumes({ MediaType.APPLICATION_JSON })
164 @TypeHint(NeutronVPNIPSECPolicy.class)
166 @ResponseCode(code = 201, condition = "Created"),
167 @ResponseCode(code = 400, condition = "Bad Request"),
168 @ResponseCode(code = 401, condition = "Unauthorized"),
169 @ResponseCode(code = 501, condition = "Not Implemented"),
170 @ResponseCode(code = 503, condition = "No providers available") })
171 public Response createVPNIPSECPolicy(final NeutronVPNIPSECPolicyRequest input) {
172 INeutronVPNIPSECPolicyCRUD ipsecPolicyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
173 if (ipsecPolicyInterface == null) {
174 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
175 + RestMessages.SERVICEUNAVAILABLE.toString());
177 if (input.isSingleton()) {
178 NeutronVPNIPSECPolicy singleton = input.getSingleton();
181 * verify that the ipsecPolicy doesn't already exist (issue: is deeper inspection necessary?)
183 if (ipsecPolicyInterface.neutronVPNIPSECPolicyExists(singleton.getID())) {
184 throw new BadRequestException("ipsecPolicy UUID already exists");
186 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
187 if (instances != null) {
188 if (instances.length > 0) {
189 for (Object instance : instances) {
190 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
191 int status = service.canCreateNeutronVPNIPSECPolicy(singleton);
192 if (status < 200 || status > 299) {
193 return Response.status(status).build();
197 throw new ServiceUnavailableException("No providers registered. Please try again later");
200 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
204 * add ipsecPolicy to the cache
206 ipsecPolicyInterface.addNeutronVPNIPSECPolicy(singleton);
207 if (instances != null) {
208 for (Object instance : instances) {
209 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
210 service.neutronVPNIPSECPolicyCreated(singleton);
216 * only singleton ipsecPolicy creates supported
218 throw new BadRequestException("Only singleton ipsecPolicy creates supported");
220 return Response.status(201).entity(input).build();
224 * Updates a VPN IPSEC Policy */
227 @Produces({ MediaType.APPLICATION_JSON })
228 @Consumes({ MediaType.APPLICATION_JSON })
230 @ResponseCode(code = 200, condition = "Operation successful"),
231 @ResponseCode(code = 400, condition = "Bad Request"),
232 @ResponseCode(code = 401, condition = "Unauthorized"),
233 @ResponseCode(code = 404, condition = "Not Found"),
234 @ResponseCode(code = 501, condition = "Not Implemented"),
235 @ResponseCode(code = 503, condition = "No providers available") })
236 public Response updateVPNIPSECPolicy(
237 @PathParam("policyID") String policyUUID, final NeutronVPNIPSECPolicyRequest input
239 INeutronVPNIPSECPolicyCRUD ipsecPolicyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
240 if (ipsecPolicyInterface == null) {
241 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
242 + RestMessages.SERVICEUNAVAILABLE.toString());
246 * ipsecPolicy has to exist and only a single delta can be supplied
248 if (!ipsecPolicyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
249 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
251 if (!input.isSingleton()) {
252 throw new BadRequestException("Only single ipsecPolicy deltas supported");
254 NeutronVPNIPSECPolicy singleton = input.getSingleton();
255 NeutronVPNIPSECPolicy original = ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID);
258 * attribute changes blocked by Neutron
260 if (singleton.getID() != null || singleton.getTenantID() != null) {
261 throw new BadRequestException("Request attribute change not allowed");
264 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
265 if (instances != null) {
266 if (instances.length > 0) {
267 for (Object instance : instances) {
268 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
269 int status = service.canUpdateNeutronVPNIPSECPolicy(singleton, original);
270 if (status < 200 || status > 299) {
271 return Response.status(status).build();
275 throw new ServiceUnavailableException("No providers registered. Please try again later");
278 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
281 * update the ipsecPolicy entry and return the modified object
283 ipsecPolicyInterface.updateNeutronVPNIPSECPolicy(policyUUID, singleton);
284 NeutronVPNIPSECPolicy updatedVPNIPSECPolicy = ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID);
285 if (instances != null) {
286 for (Object instance : instances) {
287 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
288 service.neutronVPNIPSECPolicyUpdated(updatedVPNIPSECPolicy);
291 return Response.status(200).entity(
292 new NeutronVPNIPSECPolicyRequest(ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID))).build();
296 * Deletes a VPN IPSEC Policy */
301 @ResponseCode(code = 204, condition = "No Content"),
302 @ResponseCode(code = 401, condition = "Unauthorized"),
303 @ResponseCode(code = 404, condition = "Not Found"),
304 @ResponseCode(code = 409, condition = "Conflict"),
305 @ResponseCode(code = 501, condition = "Not Implemented"),
306 @ResponseCode(code = 503, condition = "No providers available") })
307 public Response deleteVPNIPSECPolicy(
308 @PathParam("policyID") String policyUUID) {
309 INeutronVPNIPSECPolicyCRUD policyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
310 if (policyInterface == null) {
311 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
312 + RestMessages.SERVICEUNAVAILABLE.toString());
316 * verify that the policy exists and is not in use before removing it
318 if (!policyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
319 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
321 NeutronVPNIPSECPolicy singleton = policyInterface.getNeutronVPNIPSECPolicy(policyUUID);
322 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
323 if (instances != null) {
324 if (instances.length > 0) {
325 for (Object instance : instances) {
326 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
327 int status = service.canDeleteNeutronVPNIPSECPolicy(singleton);
328 if (status < 200 || status > 299) {
329 return Response.status(status).build();
333 throw new ServiceUnavailableException("No providers registered. Please try again later");
336 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
338 policyInterface.removeNeutronVPNIPSECPolicy(policyUUID);
339 if (instances != null) {
340 for (Object instance : instances) {
341 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
342 service.neutronVPNIPSECPolicyDeleted(singleton);
345 return Response.status(204).build();