Skip to content
This repository
branch: stag
Fetching contributors…

Cannot retrieve contributors at this time

file 133 lines (108 sloc) 4.131 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133
# Copyright (c) 2009-2012 VMware, Inc.

require "bcrypt"
require "sinatra"
require "sequel"
require "thin"
require "yajl"

require "eventmachine/schedule_sync"

require "vcap/common"
require "uaa/token_coder"

require "sinatra/vcap"
require "cloud_controller/security_context"

module VCAP::CloudController
  autoload :Models, "cloud_controller/models"
  include VCAP::RestAPI

  class Controller < Sinatra::Base
    register Sinatra::VCAP

    vcap_configure(:logger_name => "cc.api",
                   :reload_path => File.dirname(__FILE__))

    def initialize(config)
      @config = config
      @verification_key = @config[:uaa][:verification_key]
      super()
    end

    before do
      VCAP::CloudController::SecurityContext.clear
      user = nil
      auth_token = env["HTTP_AUTHORIZATION"]

      if auth_token && auth_token.upcase.start_with?("BEARER")
        token_coder = CF::UAA::TokenCoder.new(@config[:uaa][:resource_id],
                                              @config[:uaa][:symmetric_secret],
                                              @verification_key)
        begin
          token_information = token_coder.decode(auth_token)
          logger.info("Token received from the UAA #{token_information.inspect}")
          uaa_id = token_information['user_id'] if token_information
          user = Models::User.find(:guid => uaa_id) if uaa_id

          # Bootstraping mechanism..
          #
          # TODO: replace this with an exteranl bootstraping mechanism.
          # I'm not wild about having *any* auto-admin generation code
          # in the cc.
          if (user.nil? && Models::User.count == 0 &&
              @config[:bootstrap_admin_email] && token_information['email'] &&
              @config[:bootstrap_admin_email] == token_information['email'])
              user = Models::User.create(:guid => uaa_id,
                                         :admin => true, :active => true)
          end

          VCAP::CloudController::SecurityContext.set(user, token_information)
        rescue => e
          logger.warn("Invalid bearer token: #{e.message} #{e.backtrace}")
        end
      end

      validate_scheme(user)
    end

    def validate_scheme(user)
      return unless user

      if @config[:https_required]
        raise Errors::NotAuthorized unless request.scheme == "https"
      end

      if @config[:https_required_for_admins] && user && user.admin?
        raise Errors::NotAuthorized unless request.scheme == "https"
      end
    end

    # All manual routes here will be removed prior to final release.
    # They are manual ad-hoc testing entry points.
    get "/hello/sync" do
      "sync return\n"
    end

    get "/hello/async" do
      sleep 5
      "async return\n"
    end

    get "/hello/em_sync" do
      EM.schedule_sync do
        "async return from the EM thread\n"
      end
    end

    get "/hello/em_async" do
      EM.schedule_sync do |promise|
        EM::Timer.new(5) { promise.deliver("async return from an EM timer\n") }
      end
    end
  end
end

require "cloud_controller/config"
require "cloud_controller/db"
require "cloud_controller/errors"
require "cloud_controller/permissions"
require "cloud_controller/runner"
require "cloud_controller/errors"
require "cloud_controller/app_package"
require "cloud_controller/app_stager"
require "cloud_controller/api"

require "cloud_controller/legacy_api/legacy_api_base"
require "cloud_controller/legacy_api/legacy_info"
require "cloud_controller/legacy_api/legacy_apps"
require "cloud_controller/legacy_api/legacy_services"
require "cloud_controller/legacy_api/legacy_service_gateway"
require "cloud_controller/legacy_api/legacy_service_lifecycle"
require "cloud_controller/legacy_api/legacy_bulk"
require "cloud_controller/legacy_api/legacy_staging"
require "cloud_controller/legacy_api/legacy_resources"
require "cloud_controller/legacy_api/legacy_users"

require "cloud_controller/resource_pool"

require "cloud_controller/dea/dea_pool"
require "cloud_controller/dea/dea_client"

require "cloud_controller/health_manager_client"
require "cloud_controller/health_manager_respondent"
Something went wrong with that request. Please try again.