2 * Copyright IBM Corporation, 2013. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.neutron.northbound.api;
11 import java.util.ArrayList;
12 import java.util.HashMap;
13 import java.util.Iterator;
14 import java.util.List;
16 import javax.ws.rs.Consumes;
17 import javax.ws.rs.DELETE;
18 import javax.ws.rs.DefaultValue;
19 import javax.ws.rs.GET;
20 import javax.ws.rs.POST;
21 import javax.ws.rs.PUT;
22 import javax.ws.rs.Path;
23 import javax.ws.rs.PathParam;
24 import javax.ws.rs.Produces;
25 import javax.ws.rs.QueryParam;
26 import javax.ws.rs.core.Context;
27 import javax.ws.rs.core.MediaType;
28 import javax.ws.rs.core.Response;
29 import javax.ws.rs.core.UriInfo;
31 import org.codehaus.enunciate.jaxrs.ResponseCode;
32 import org.codehaus.enunciate.jaxrs.StatusCodes;
33 import org.codehaus.enunciate.jaxrs.TypeHint;
34 import org.opendaylight.neutron.spi.INeutronVPNIKEPolicyAware;
35 import org.opendaylight.neutron.spi.INeutronVPNIPSECSiteConnectionAware;
36 import org.opendaylight.neutron.spi.INeutronVPNIPSECSiteConnectionsCRUD;
37 import org.opendaylight.neutron.spi.NeutronCRUDInterfaces;
38 import org.opendaylight.neutron.spi.NeutronVPNIPSECSiteConnection;
41 * Neutron Northbound REST APIs for VPN IPSEC SiteConnection.<br>
42 * This class provides REST APIs for managing neutron VPN IPSEC SiteConnections
46 * Authentication scheme : <b>HTTP Basic</b><br>
47 * Authentication realm : <b>opendaylight</b><br>
48 * Transport : <b>HTTP and HTTPS</b><br>
50 * HTTPS Authentication is disabled by default. Administrator can enable it in
51 * tomcat-server.xml after adding a proper keystore / SSL certificate from a
52 * trusted authority.<br>
54 * http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html#Configuration
58 @Path("/vpn/ipsecsiteconnections")
59 public class NeutronVPNIPSECSiteConnectionsNorthbound {
61 private NeutronVPNIPSECSiteConnection extractFields(NeutronVPNIPSECSiteConnection o, List<String> fields) {
62 return o.extractFields(fields);
69 * Returns a list of all VPN IPSEC SiteConnections
73 @Produces({ MediaType.APPLICATION_JSON })
74 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
75 @ResponseCode(code = 401, condition = "Unauthorized"),
76 @ResponseCode(code = 501, condition = "Not Implemented"),
77 @ResponseCode(code = 503, condition = "No providers available") })
78 public Response listVPNIPSECSiteConnections(
80 @QueryParam("fields") List<String> fields,
82 @QueryParam("id") String queryID, @QueryParam("tenant_id") String queryTenantID,
83 @QueryParam("name") String queryName, @QueryParam("description") String queryDescription,
84 @QueryParam("peer_address") String queryPeerAddress, @QueryParam("peer_id") String queryPeerID,
85 @QueryParam("route_mode") String queryRouteMode, @QueryParam("mtu") Integer queryMtu,
86 @QueryParam("auth_mode") String queryAuthMode, @QueryParam("psk") String queryPsk,
87 @QueryParam("initiator") String queryInitiator, @QueryParam("admin_state_up") String queryAdminStateUp,
88 @QueryParam("status") String queryStatus, @QueryParam("ikepolicy_id") String queryIkePolicyID,
89 @QueryParam("ipsecpolicy_id") String queryIpSecPolicyID,
90 @QueryParam("vpnservice_id") String queryVpnServiceID
91 // pagination and sorting are TODO
93 INeutronVPNIPSECSiteConnectionsCRUD labelInterface = NeutronCRUDInterfaces
94 .getINeutronVPNIPSECSiteConnectionsCRUD(this);
95 if (labelInterface == null) {
96 throw new ServiceUnavailableException("NeutronVPNIPSECSiteConnections CRUD Interface "
97 + RestMessages.SERVICEUNAVAILABLE.toString());
99 List<NeutronVPNIPSECSiteConnection> allNeutronVPNIPSECSiteConnection = labelInterface
100 .getAllNeutronVPNIPSECSiteConnections();
101 List<NeutronVPNIPSECSiteConnection> ans = new ArrayList<NeutronVPNIPSECSiteConnection>();
102 Iterator<NeutronVPNIPSECSiteConnection> i = allNeutronVPNIPSECSiteConnection.iterator();
103 while (i.hasNext()) {
104 NeutronVPNIPSECSiteConnection oSS = i.next();
105 if ((queryID == null || queryID.equals(oSS.getID()))
106 && (queryTenantID == null || queryTenantID.equals(oSS.getTenantID()))
107 && (queryName == null || queryName.equals(oSS.getName()))
108 && (queryDescription == null || queryDescription.equals(oSS.getDescription()))
109 && (queryPeerAddress == null || queryPeerAddress.equals(oSS.getPeerAddress()))
110 && (queryPeerID == null || queryPeerID.equals(oSS.getPeerID()))
111 && (queryRouteMode == null || queryRouteMode.equals(oSS.getRouteMode()))
112 && (queryMtu == null || queryMtu.equals(oSS.getMtu()))
113 && (queryAuthMode == null || queryAuthMode.equals(oSS.getAuthMode()))
114 && (queryPsk == null || queryPsk.equals(oSS.getPreSharedKey()))
115 && (queryInitiator == null || queryInitiator.equals(oSS.getInitiator()))
116 && (queryAdminStateUp == null || queryAdminStateUp.equals(oSS.getAdminStateUp()))
117 && (queryStatus == null || queryStatus.equals(oSS.getStatus()))
118 && (queryIkePolicyID == null || queryIkePolicyID.equals(oSS.getIkePolicyID()))
119 && (queryIpSecPolicyID == null || queryIpSecPolicyID.equals(oSS.getIpsecPolicyID()))
120 && (queryVpnServiceID == null || queryVpnServiceID.equals(oSS.getVpnServiceID()))) {
121 if (fields.size() > 0) {
122 ans.add(extractFields(oSS, fields));
129 // TODO: apply pagination to results
130 return Response.status(200).entity(new NeutronVPNIPSECSiteConnectionRequest(ans)).build();
134 * Returns a specific VPN IPSEC SiteConnection
137 @Path("{connectionID}")
139 @Produces({ MediaType.APPLICATION_JSON })
140 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
141 @ResponseCode(code = 401, condition = "Unauthorized"), @ResponseCode(code = 403, condition = "Forbidden"),
142 @ResponseCode(code = 404, condition = "Not Found"),
143 @ResponseCode(code = 501, condition = "Not Implemented"),
144 @ResponseCode(code = 503, condition = "No providers available") })
145 public Response showVPNIPSECSiteConnection(@PathParam("policyID") String policyID,
147 @QueryParam("fields") List<String> fields) {
148 INeutronVPNIPSECSiteConnectionsCRUD connectionInterface = NeutronCRUDInterfaces
149 .getINeutronVPNIPSECSiteConnectionsCRUD(this);
150 if (connectionInterface == null) {
151 throw new ServiceUnavailableException("NeutronVPNIPSECSiteConnections CRUD Interface "
152 + RestMessages.SERVICEUNAVAILABLE.toString());
154 if (!connectionInterface.neutronVPNIPSECSiteConnectionsExists(policyID)) {
155 throw new ResourceNotFoundException("NeutronVPNIPSECSiteConnections ID not found");
157 if (fields.size() > 0) {
158 NeutronVPNIPSECSiteConnection ans = connectionInterface.getNeutronVPNIPSECSiteConnections(policyID);
159 return Response.status(200).entity(new NeutronVPNIPSECSiteConnectionRequest(extractFields(ans, fields)))
164 .entity(new NeutronVPNIPSECSiteConnectionRequest(connectionInterface
165 .getNeutronVPNIPSECSiteConnections(policyID))).build();
170 * Creates new VPN IPSEC SiteConnection
173 @Produces({ MediaType.APPLICATION_JSON })
174 @Consumes({ MediaType.APPLICATION_JSON })
175 @TypeHint(NeutronVPNIPSECSiteConnection.class)
176 @StatusCodes({ @ResponseCode(code = 201, condition = "Created"),
177 @ResponseCode(code = 400, condition = "Bad Request"),
178 @ResponseCode(code = 401, condition = "Unauthorized"),
179 @ResponseCode(code = 501, condition = "Not Implemented"),
180 @ResponseCode(code = 503, condition = "No providers available") })
181 public Response createVPNIPSECSiteConnection(final NeutronVPNIPSECSiteConnectionRequest input) {
182 INeutronVPNIPSECSiteConnectionsCRUD ipsecSiteConnectionsInterface = NeutronCRUDInterfaces
183 .getINeutronVPNIPSECSiteConnectionsCRUD(this);
184 if (ipsecSiteConnectionsInterface == null) {
185 throw new ServiceUnavailableException("VPNIPSECSiteConnections CRUD Interface "
186 + RestMessages.SERVICEUNAVAILABLE.toString());
188 if (input.isSingleton()) {
189 NeutronVPNIPSECSiteConnection singleton = input.getSingleton();
192 * verify that the ipsec site connection doesn't already exist (issue: is deeper
193 * inspection necessary?)
195 if (ipsecSiteConnectionsInterface.neutronVPNIPSECSiteConnectionsExists(singleton.getID())) {
196 throw new BadRequestException("VPNIPSECSiteConnections ID already exists");
198 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECSiteConnectionAware.class, this);
199 if (instances != null) {
200 if (instances.length > 0) {
201 for (Object instance : instances) {
202 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
203 int status = service.canCreateNeutronVPNIPSECSiteConnection(singleton);
204 if (status < 200 || status > 299) {
205 return Response.status(status).build();
209 throw new ServiceUnavailableException("No providers registered. Please try again later");
212 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
215 * add ipsecSiteConnections to the cache
217 ipsecSiteConnectionsInterface.addNeutronVPNIPSECSiteConnections(singleton);
218 if (instances != null) {
219 for (Object instance : instances) {
220 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
221 service.neutronVPNIPSECSiteConnectionCreated(singleton);
227 * only singleton ipsecSiteConnections creates supported
229 throw new BadRequestException("Only singleton ipsecSiteConnections creates supported");
231 return Response.status(201).entity(input).build();
235 * Updates a VPN IPSEC SiteConnection
239 @Produces({ MediaType.APPLICATION_JSON })
240 @Consumes({ MediaType.APPLICATION_JSON })
241 @StatusCodes({ @ResponseCode(code = 200, condition = "Operation successful"),
242 @ResponseCode(code = 400, condition = "Bad Request"),
243 @ResponseCode(code = 401, condition = "Unauthorized"), @ResponseCode(code = 404, condition = "Not Found"),
244 @ResponseCode(code = 501, condition = "Not Implemented"),
245 @ResponseCode(code = 503, condition = "No providers available") })
246 public Response updateVPNIPSECSiteConnection(@PathParam("policyID") String policyID,
247 final NeutronVPNIPSECSiteConnectionRequest input) {
248 INeutronVPNIPSECSiteConnectionsCRUD ipsecSiteConnectionsInterface = NeutronCRUDInterfaces
249 .getINeutronVPNIPSECSiteConnectionsCRUD(this);
251 if (ipsecSiteConnectionsInterface == null) {
252 throw new ServiceUnavailableException("VPNIPSECSiteConnections CRUD Interface "
253 + RestMessages.SERVICEUNAVAILABLE.toString());
257 * ipsecSiteConnection has to exist and only a single delta can be
260 if (!ipsecSiteConnectionsInterface.neutronVPNIPSECSiteConnectionsExists(policyID)) {
261 throw new ResourceNotFoundException("VPNIPSECSiteConnections ID not found");
263 if (!input.isSingleton()) {
264 throw new BadRequestException("Only singleton deltas supported");
266 NeutronVPNIPSECSiteConnection singleton = input.getSingleton();
267 NeutronVPNIPSECSiteConnection original = ipsecSiteConnectionsInterface
268 .getNeutronVPNIPSECSiteConnections(policyID);
271 * attribute changes blocked by Neutron
273 if (singleton.getID() != null || singleton.getTenantID() != null) {
274 throw new BadRequestException("Request attribute change not allowed");
277 Object[] instances = NeutronUtil.getInstances(INeutronVPNIKEPolicyAware.class, this);
278 if (instances != null) {
279 if (instances.length > 0) {
280 for (Object instance : instances) {
281 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
282 int status = service.canUpdateNeutronVPNIPSECSiteConnection(singleton, original);
283 if (status < 200 || status > 299) {
284 return Response.status(status).build();
288 throw new ServiceUnavailableException("No providers registered. Please try again later");
291 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
294 * update the ipsecSiteConnections entry and return the modified object
296 ipsecSiteConnectionsInterface.updateNeutronVPNIPSECSiteConnections(policyID, singleton);
297 NeutronVPNIPSECSiteConnection updatedVPNIKEPolicy = ipsecSiteConnectionsInterface
298 .getNeutronVPNIPSECSiteConnections(policyID);
299 if (instances != null) {
300 for (Object instance : instances) {
301 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
302 service.neutronVPNIPSECSiteConnectionUpdated(updatedVPNIKEPolicy);
307 .entity(new NeutronVPNIPSECSiteConnectionRequest(ipsecSiteConnectionsInterface
308 .getNeutronVPNIPSECSiteConnections(policyID))).build();
312 * Deletes a VPN IPSEC SiteConnection
317 @StatusCodes({ @ResponseCode(code = 204, condition = "No Content"),
318 @ResponseCode(code = 401, condition = "Unauthorized"), @ResponseCode(code = 404, condition = "Not Found"),
319 @ResponseCode(code = 409, condition = "Conflict"),
320 @ResponseCode(code = 501, condition = "Not Implemented"),
321 @ResponseCode(code = 503, condition = "No providers available") })
322 public Response deleteVPNIPSECSiteConnection(@PathParam("policyID") String policyID) {
323 INeutronVPNIPSECSiteConnectionsCRUD ipsecSiteConnectionsInterface = NeutronCRUDInterfaces
324 .getINeutronVPNIPSECSiteConnectionsCRUD(this);
325 if (ipsecSiteConnectionsInterface == null) {
326 throw new ServiceUnavailableException("NeutronVPNIPSECSiteConnections CRUD Interface "
327 + RestMessages.SERVICEUNAVAILABLE.toString());
331 * verify that the iSiteConnections exists and is not in use before
334 if (!ipsecSiteConnectionsInterface.neutronVPNIPSECSiteConnectionsExists(policyID)) {
335 throw new ResourceNotFoundException("VPNIPSECSiteConnections ID not found");
337 NeutronVPNIPSECSiteConnection singleton = ipsecSiteConnectionsInterface
338 .getNeutronVPNIPSECSiteConnections(policyID);
339 Object[] instances = NeutronUtil.getInstances(INeutronVPNIPSECSiteConnectionAware.class, this);
340 if (instances != null) {
341 if (instances.length > 0) {
342 for (Object instance : instances) {
343 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
344 int status = service.canDeleteNeutronVPNIPSECSiteConnection(singleton);
345 if (status < 200 || status > 299) {
346 return Response.status(status).build();
350 throw new ServiceUnavailableException("No providers registered. Please try again later");
353 throw new ServiceUnavailableException("Couldn't get providers list. Please try again later");
355 ipsecSiteConnectionsInterface.removeNeutronVPNIPSECSiteConnections(policyID);
356 if (instances != null) {
357 for (Object instance : instances) {
358 INeutronVPNIPSECSiteConnectionAware service = (INeutronVPNIPSECSiteConnectionAware) instance;
359 service.neutronVPNIPSECSiteConnectionDeleted(singleton);
362 return Response.status(204).build();