2 * Copyright IBM Corporation, 2015. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.northbound.api;
11 import java.net.HttpURLConnection;
13 import java.util.ArrayList;
14 import java.util.HashMap;
15 import java.util.Iterator;
16 import java.util.List;
18 import javax.ws.rs.Consumes;
19 import javax.ws.rs.DELETE;
20 import javax.ws.rs.DefaultValue;
21 import javax.ws.rs.GET;
22 import javax.ws.rs.POST;
23 import javax.ws.rs.PUT;
24 import javax.ws.rs.Path;
25 import javax.ws.rs.PathParam;
26 import javax.ws.rs.Produces;
27 import javax.ws.rs.QueryParam;
28 import javax.ws.rs.core.Context;
29 import javax.ws.rs.core.MediaType;
30 import javax.ws.rs.core.Response;
31 import javax.ws.rs.core.UriInfo;
33 import org.codehaus.enunciate.jaxrs.ResponseCode;
34 import org.codehaus.enunciate.jaxrs.StatusCodes;
35 import org.codehaus.enunciate.jaxrs.TypeHint;
36 import org.opendaylight.neutron.spi.INeutronVPNIPSECPolicyAware;
37 import org.opendaylight.neutron.spi.INeutronVPNIPSECPolicyCRUD;
38 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
39 import org.opendaylight.neutron.spi.NeutronVPNIPSECPolicy;
42 * Neutron Northbound REST APIs for VPN IPSEC Policy.<br>
43 * This class provides REST APIs for managing neutron VPN IPSEC Policies
47 * Authentication scheme : <b>HTTP Basic</b><br>
48 * Authentication realm : <b>opendaylight</b><br>
49 * Transport : <b>HTTP and HTTPS</b><br>
51 * HTTPS Authentication is disabled by default. Administrator can enable it in
52 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
53 * trusted authority.<br>
55 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
59 @Path("/vpn/ipsecpolicies")
60 public class NeutronVPNIPSECPoliciesNorthbound {
62 private static final int HTTP_OK_BOTTOM = 200;
63 private static final int HTTP_OK_TOP = 299;
65 private NeutronVPNIPSECPolicy extractFields(NeutronVPNIPSECPolicy o, List<String> fields) {
66 return o.extractFields(fields);
73 * Returns a list of all VPN IPSEC Policies */
76 @Produces({ MediaType.APPLICATION_JSON })
78 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
79 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
80 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
81 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
82 public Response listVPNIPSECPolicies(
84 @QueryParam("fields") List<String> fields,
86 @QueryParam("id") String queryID,
87 @QueryParam("tenant_id") String queryTenantID,
88 @QueryParam("name") String queryName,
89 @QueryParam("description") String queryDescription,
90 @QueryParam("transform_protocol") String queryTransformProtocol,
91 @QueryParam("encapsulation_mode") String queryEncapsulationMode,
92 @QueryParam("auth_algorithm") String queryAuthAlgorithm,
93 @QueryParam("encryption_algorithm") String queryEncryptionAlgorithm,
94 @QueryParam("pfs") String queryPFS
95 // pagination and sorting are TODO
97 INeutronVPNIPSECPolicyCRUD labelInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
98 if (labelInterface == null) {
99 throw new ServiceUnavailableException("NeutronVPNIPSECPolicy CRUD Interface "
100 + RestMessages.SERVICEUNAVAILABLE.toString());
102 List<NeutronVPNIPSECPolicy> allNeutronVPNIPSECPolicies = labelInterface.getAllNeutronVPNIPSECPolicies();
103 List<NeutronVPNIPSECPolicy> ans = new ArrayList<NeutronVPNIPSECPolicy>();
104 Iterator<NeutronVPNIPSECPolicy> i = allNeutronVPNIPSECPolicies.iterator();
105 while (i.hasNext()) {
106 NeutronVPNIPSECPolicy oSS = i.next();
107 if ((queryID == null || queryID.equals(oSS.getID())) &&
108 (queryName == null || queryName.equals(oSS.getName())) &&
109 (queryDescription == null || queryDescription.equals(oSS.getDescription())) &&
110 (queryAuthAlgorithm == null || queryAuthAlgorithm.equals(oSS.getAuthAlgorithm())) &&
111 (queryEncryptionAlgorithm == null || queryEncryptionAlgorithm.equals(oSS.getEncryptionAlgorithm())) &&
112 (queryPFS == null || queryPFS.equals(oSS.getPerfectForwardSecrecy())) &&
113 (queryTransformProtocol == null || queryTransformProtocol.equals(oSS.getTransformProtocol())) &&
114 (queryEncapsulationMode == null || queryEncapsulationMode.equals(oSS.getEncapsulationMode())) &&
115 (queryTenantID == null || queryTenantID.equals(oSS.getTenantID()))) {
116 if (fields.size() > 0) {
117 ans.add(extractFields(oSS,fields));
123 //TODO: apply pagination to results
124 return Response.status(HttpURLConnection.HTTP_OK).entity(
125 new NeutronVPNIPSECPolicyRequest(ans)).build();
129 * Returns a specific VPN IPSEC Policy */
133 @Produces({ MediaType.APPLICATION_JSON })
135 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
136 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
137 @ResponseCode(code = HttpURLConnection.HTTP_FORBIDDEN, condition = "Forbidden"),
138 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
139 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
140 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
141 public Response showVPNIPSECPolicy(
142 @PathParam("policyID") String policyUUID,
144 @QueryParam("fields") List<String> fields
146 INeutronVPNIPSECPolicyCRUD policyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
147 if (policyInterface == null) {
148 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
149 + RestMessages.SERVICEUNAVAILABLE.toString());
151 if (!policyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
152 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
154 if (fields.size() > 0) {
155 NeutronVPNIPSECPolicy ans = policyInterface.getNeutronVPNIPSECPolicy(policyUUID);
156 return Response.status(HttpURLConnection.HTTP_OK).entity(
157 new NeutronVPNIPSECPolicyRequest(extractFields(ans, fields))).build();
159 return Response.status(HttpURLConnection.HTTP_OK).entity(
160 new NeutronVPNIPSECPolicyRequest(policyInterface.getNeutronVPNIPSECPolicy(policyUUID))).build();
165 * Creates new VPN IPSEC Policy */
167 @Produces({ MediaType.APPLICATION_JSON })
168 @Consumes({ MediaType.APPLICATION_JSON })
169 @TypeHint(NeutronVPNIPSECPolicy.class)
171 @ResponseCode(code = HttpURLConnection.HTTP_CREATED, condition = "Created"),
172 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
173 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
174 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
175 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
176 public Response createVPNIPSECPolicy(final NeutronVPNIPSECPolicyRequest input) {
177 INeutronVPNIPSECPolicyCRUD ipsecPolicyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
178 if (ipsecPolicyInterface == null) {
179 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
180 + RestMessages.SERVICEUNAVAILABLE.toString());
182 if (input.isSingleton()) {
183 NeutronVPNIPSECPolicy singleton = input.getSingleton();
186 * verify that the ipsecPolicy doesn't already exist (issue: is deeper inspection necessary?)
188 if (ipsecPolicyInterface.neutronVPNIPSECPolicyExists(singleton.getID())) {
189 throw new BadRequestException("ipsecPolicy UUID already exists");
191 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
192 if (instances != null) {
193 if (instances.length > 0) {
194 for (Object instance : instances) {
195 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
196 int status = service.canCreateNeutronVPNIPSECPolicy(singleton);
197 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
198 return Response.status(status).build();
202 throw new ServiceUnavailableException("No providers registered. Please try again later");
205 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
209 * add ipsecPolicy to the cache
211 ipsecPolicyInterface.addNeutronVPNIPSECPolicy(singleton);
212 if (instances != null) {
213 for (Object instance : instances) {
214 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
215 service.neutronVPNIPSECPolicyCreated(singleton);
221 * only singleton ipsecPolicy creates supported
223 throw new BadRequestException("Only singleton ipsecPolicy creates supported");
225 return Response.status(HttpURLConnection.HTTP_CREATED).entity(input).build();
229 * Updates a VPN IPSEC Policy */
232 @Produces({ MediaType.APPLICATION_JSON })
233 @Consumes({ MediaType.APPLICATION_JSON })
235 @ResponseCode(code = HttpURLConnection.HTTP_OK, condition = "Operation successful"),
236 @ResponseCode(code = HttpURLConnection.HTTP_BAD_REQUEST, condition = "Bad Request"),
237 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
238 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
239 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
240 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
241 public Response updateVPNIPSECPolicy(
242 @PathParam("policyID") String policyUUID, final NeutronVPNIPSECPolicyRequest input
244 INeutronVPNIPSECPolicyCRUD ipsecPolicyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
245 if (ipsecPolicyInterface == null) {
246 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
247 + RestMessages.SERVICEUNAVAILABLE.toString());
251 * ipsecPolicy has to exist and only a single delta can be supplied
253 if (!ipsecPolicyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
254 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
256 if (!input.isSingleton()) {
257 throw new BadRequestException("Only single ipsecPolicy deltas supported");
259 NeutronVPNIPSECPolicy singleton = input.getSingleton();
260 NeutronVPNIPSECPolicy original = ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID);
263 * attribute changes blocked by Neutron
265 if (singleton.getID() != null || singleton.getTenantID() != null) {
266 throw new BadRequestException("Request attribute change not allowed");
269 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
270 if (instances != null) {
271 if (instances.length > 0) {
272 for (Object instance : instances) {
273 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
274 int status = service.canUpdateNeutronVPNIPSECPolicy(singleton, original);
275 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
276 return Response.status(status).build();
280 throw new ServiceUnavailableException("No providers registered. Please try again later");
283 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
286 * update the ipsecPolicy entry and return the modified object
288 ipsecPolicyInterface.updateNeutronVPNIPSECPolicy(policyUUID, singleton);
289 NeutronVPNIPSECPolicy updatedVPNIPSECPolicy = ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID);
290 if (instances != null) {
291 for (Object instance : instances) {
292 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
293 service.neutronVPNIPSECPolicyUpdated(updatedVPNIPSECPolicy);
296 return Response.status(HttpURLConnection.HTTP_OK).entity(
297 new NeutronVPNIPSECPolicyRequest(ipsecPolicyInterface.getNeutronVPNIPSECPolicy(policyUUID))).build();
301 * Deletes a VPN IPSEC Policy */
306 @ResponseCode(code = HttpURLConnection.HTTP_NO_CONTENT, condition = "No Content"),
307 @ResponseCode(code = HttpURLConnection.HTTP_UNAUTHORIZED, condition = "Unauthorized"),
308 @ResponseCode(code = HttpURLConnection.HTTP_NOT_FOUND, condition = "Not Found"),
309 @ResponseCode(code = HttpURLConnection.HTTP_CONFLICT, condition = "Conflict"),
310 @ResponseCode(code = HttpURLConnection.HTTP_NOT_IMPLEMENTED, condition = "Not Implemented"),
311 @ResponseCode(code = HttpURLConnection.HTTP_UNAVAILABLE, condition = "No providers available") })
312 public Response deleteVPNIPSECPolicy(
313 @PathParam("policyID") String policyUUID) {
314 INeutronVPNIPSECPolicyCRUD policyInterface = NeutronCRUDInterfaces.getINeutronVPNIPSECPolicyCRUD(this);
315 if (policyInterface == null) {
316 throw new ServiceUnavailableException("VPNIPSECPolicy CRUD Interface "
317 + RestMessages.SERVICEUNAVAILABLE.toString());
321 * verify that the policy exists and is not in use before removing it
323 if (!policyInterface.neutronVPNIPSECPolicyExists(policyUUID)) {
324 throw new ResourceNotFoundException("VPNIPSECPolicy UUID not found");
326 NeutronVPNIPSECPolicy singleton = policyInterface.getNeutronVPNIPSECPolicy(policyUUID);
327 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECPolicyAware.class, this);
328 if (instances != null) {
329 if (instances.length > 0) {
330 for (Object instance : instances) {
331 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
332 int status = service.canDeleteNeutronVPNIPSECPolicy(singleton);
333 if (status < HTTP_OK_BOTTOM || status > HTTP_OK_TOP) {
334 return Response.status(status).build();
338 throw new ServiceUnavailableException("No providers registered. Please try again later");
341 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
343 policyInterface.removeNeutronVPNIPSECPolicy(policyUUID);
344 if (instances != null) {
345 for (Object instance : instances) {
346 INeutronVPNIPSECPolicyAware service = (INeutronVPNIPSECPolicyAware) instance;
347 service.neutronVPNIPSECPolicyDeleted(singleton);
350 return Response.status(HttpURLConnection.HTTP_NO_CONTENT).build();