001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018 package org.apache.oozie.servlet;
019
020 import org.apache.oozie.client.OozieClient.SYSTEM_MODE;
021 import org.apache.oozie.client.rest.JsonBean;
022 import org.apache.oozie.client.rest.RestConstants;
023 import org.apache.oozie.service.DagXLogInfoService;
024 import org.apache.oozie.service.InstrumentationService;
025 import org.apache.oozie.service.ProxyUserService;
026 import org.apache.oozie.service.Services;
027 import org.apache.oozie.service.XLogService;
028 import org.apache.oozie.util.Instrumentation;
029 import org.apache.oozie.util.ParamChecker;
030 import org.apache.oozie.util.XLog;
031 import org.apache.oozie.ErrorCode;
032 import org.json.simple.JSONObject;
033 import org.json.simple.JSONStreamAware;
034
035 import javax.servlet.ServletConfig;
036 import javax.servlet.ServletException;
037 import javax.servlet.http.HttpServlet;
038 import javax.servlet.http.HttpServletRequest;
039 import javax.servlet.http.HttpServletResponse;
040 import java.io.IOException;
041 import java.security.AccessControlException;
042 import java.util.*;
043 import java.util.concurrent.atomic.AtomicLong;
044
045 /**
046 * Base class for Oozie web service API Servlets. <p/> This class provides common instrumentation, error logging and
047 * other common functionality.
048 */
049 public abstract class JsonRestServlet extends HttpServlet {
050
051 private static final String JSTON_UTF8 = RestConstants.JSON_CONTENT_TYPE + "; charset=\"UTF-8\"";
052
053 protected static final String XML_UTF8 = RestConstants.XML_CONTENT_TYPE + "; charset=\"UTF-8\"";
054
055 protected static final String TEXT_UTF8 = RestConstants.TEXT_CONTENT_TYPE + "; charset=\"UTF-8\"";
056
057 protected static final String AUDIT_OPERATION = "audit.operation";
058 protected static final String AUDIT_PARAM = "audit.param";
059 protected static final String AUDIT_ERROR_CODE = "audit.error.code";
060 protected static final String AUDIT_ERROR_MESSAGE = "audit.error.message";
061 protected static final String AUDIT_HTTP_STATUS_CODE = "audit.http.status.code";
062
063 private XLog auditLog;
064 XLog.Info logInfo;
065
066 /**
067 * This bean defines a query string parameter.
068 */
069 public static class ParameterInfo {
070 private String name;
071 private Class type;
072 private List<String> methods;
073 private boolean required;
074
075 /**
076 * Creates a ParameterInfo with querystring parameter definition.
077 *
078 * @param name querystring parameter name.
079 * @param type type for the parameter value, valid types are: <code>Integer, Boolean and String</code>
080 * @param required indicates if the parameter is required.
081 * @param methods HTTP methods the parameter is used by.
082 */
083 public ParameterInfo(String name, Class type, boolean required, List<String> methods) {
084 this.name = ParamChecker.notEmpty(name, "name");
085 if (type != Integer.class && type != Boolean.class && type != String.class) {
086 throw new IllegalArgumentException("Type must be integer, boolean or string");
087 }
088 this.type = ParamChecker.notNull(type, "type");
089 this.required = required;
090 this.methods = ParamChecker.notNull(methods, "methods");
091 }
092
093 }
094
095 /**
096 * This bean defines a REST resource.
097 */
098 public static class ResourceInfo {
099 private String name;
100 private boolean wildcard;
101 private List<String> methods;
102 private Map<String, ParameterInfo> parameters = new HashMap<String, ParameterInfo>();
103
104 /**
105 * Creates a ResourceInfo with a REST resource definition.
106 *
107 * @param name name of the REST resource, it can be an fixed resource name, empty or a wildcard ('*').
108 * @param methods HTTP methods supported by the resource.
109 * @param parameters parameters supported by the resource.
110 */
111 public ResourceInfo(String name, List<String> methods, List<ParameterInfo> parameters) {
112 this.name = name;
113 wildcard = name.equals("*");
114 for (ParameterInfo parameter : parameters) {
115 this.parameters.put(parameter.name, parameter);
116 }
117 this.methods = ParamChecker.notNull(methods, "methods");
118 }
119 }
120
121 /**
122 * Name of the instrumentation group for the WS layer, value is 'webservices'.
123 */
124 protected static final String INSTRUMENTATION_GROUP = "webservices";
125
126 private static final String INSTR_TOTAL_REQUESTS_SAMPLER = "requests";
127 private static final String INSTR_TOTAL_REQUESTS_COUNTER = "requests";
128 private static final String INSTR_TOTAL_FAILED_REQUESTS_COUNTER = "failed";
129 private static AtomicLong TOTAL_REQUESTS_SAMPLER_COUNTER;
130
131 private Instrumentation instrumentation;
132 private String instrumentationName;
133 private AtomicLong samplerCounter = new AtomicLong();
134 private ThreadLocal<Instrumentation.Cron> requestCron = new ThreadLocal<Instrumentation.Cron>();
135 private List<ResourceInfo> resourcesInfo = new ArrayList<ResourceInfo>();
136 private boolean allowSafeModeChanges;
137
138 /**
139 * Creates a servlet with a specified instrumentation sampler name for its requests.
140 *
141 * @param instrumentationName instrumentation name for timer and samplers for the servlet.
142 * @param resourcesInfo list of resource definitions supported by the servlet, empty and wildcard resources must be
143 * the last ones, in that order, first empty and the wildcard.
144 */
145 public JsonRestServlet(String instrumentationName, ResourceInfo... resourcesInfo) {
146 this.instrumentationName = ParamChecker.notEmpty(instrumentationName, "instrumentationName");
147 if (resourcesInfo.length == 0) {
148 throw new IllegalArgumentException("There must be at least one ResourceInfo");
149 }
150 this.resourcesInfo = Arrays.asList(resourcesInfo);
151 auditLog = XLog.getLog("oozieaudit");
152 auditLog.setMsgPrefix("");
153 logInfo = new XLog.Info(XLog.Info.get());
154 }
155
156 /**
157 * Enable HTTP POST/PUT/DELETE methods while in safe mode.
158 *
159 * @param allow <code>true</code> enabled safe mode changes, <code>false</code> disable safe mode changes
160 * (default).
161 */
162 protected void setAllowSafeModeChanges(boolean allow) {
163 allowSafeModeChanges = allow;
164 }
165
166 /**
167 * Define an instrumentation sampler. <p/> Sampling period is 60 seconds, the sampling frequency is 1 second. <p/>
168 * The instrumentation group used is {@link #INSTRUMENTATION_GROUP}.
169 *
170 * @param samplerName sampler name.
171 * @param samplerCounter sampler counter.
172 */
173 private void defineSampler(String samplerName, final AtomicLong samplerCounter) {
174 instrumentation.addSampler(INSTRUMENTATION_GROUP, samplerName, 60, 1, new Instrumentation.Variable<Long>() {
175 public Long getValue() {
176 return samplerCounter.get();
177 }
178 });
179 }
180
181 /**
182 * Add an instrumentation cron.
183 *
184 * @param name name of the timer for the cron.
185 * @param cron cron to add to a instrumentation timer.
186 */
187 private void addCron(String name, Instrumentation.Cron cron) {
188 instrumentation.addCron(INSTRUMENTATION_GROUP, name, cron);
189 }
190
191 /**
192 * Start the request instrumentation cron.
193 */
194 protected void startCron() {
195 requestCron.get().start();
196 }
197
198 /**
199 * Stop the request instrumentation cron.
200 */
201 protected void stopCron() {
202 requestCron.get().stop();
203 }
204
205 /**
206 * Initializes total request and servlet request samplers.
207 */
208 public void init(ServletConfig servletConfig) throws ServletException {
209 super.init(servletConfig);
210 instrumentation = Services.get().get(InstrumentationService.class).get();
211 synchronized (JsonRestServlet.class) {
212 if (TOTAL_REQUESTS_SAMPLER_COUNTER == null) {
213 TOTAL_REQUESTS_SAMPLER_COUNTER = new AtomicLong();
214 defineSampler(INSTR_TOTAL_REQUESTS_SAMPLER, TOTAL_REQUESTS_SAMPLER_COUNTER);
215 }
216 }
217 defineSampler(instrumentationName, samplerCounter);
218 }
219
220 /**
221 * Convenience method for instrumentation counters.
222 *
223 * @param name counter name.
224 * @param count count to increment the counter.
225 */
226 private void incrCounter(String name, int count) {
227 if (instrumentation != null) {
228 instrumentation.incr(INSTRUMENTATION_GROUP, name, count);
229 }
230 }
231
232 /**
233 * Logs audit information for write requests to the audit log.
234 *
235 * @param request the http request.
236 */
237 private void logAuditInfo(HttpServletRequest request) {
238 if (request.getAttribute(AUDIT_OPERATION) != null) {
239 Integer httpStatusCode = (Integer) request.getAttribute(AUDIT_HTTP_STATUS_CODE);
240 httpStatusCode = (httpStatusCode != null) ? httpStatusCode : HttpServletResponse.SC_OK;
241 String status = (httpStatusCode == HttpServletResponse.SC_OK) ? "SUCCESS" : "FAILED";
242 String operation = (String) request.getAttribute(AUDIT_OPERATION);
243 String param = (String) request.getAttribute(AUDIT_PARAM);
244 String user = XLog.Info.get().getParameter(XLogService.USER);
245 String group = XLog.Info.get().getParameter(XLogService.GROUP);
246 String jobId = XLog.Info.get().getParameter(DagXLogInfoService.JOB);
247 String app = XLog.Info.get().getParameter(DagXLogInfoService.APP);
248
249 String errorCode = (String) request.getAttribute(AUDIT_ERROR_CODE);
250 String errorMessage = (String) request.getAttribute(AUDIT_ERROR_MESSAGE);
251
252 auditLog
253 .info(
254 "USER [{0}], GROUP [{1}], APP [{2}], JOBID [{3}], OPERATION [{4}], PARAMETER [{5}], STATUS [{6}], HTTPCODE [{7}], ERRORCODE [{8}], ERRORMESSAGE [{9}]",
255 user, group, app, jobId, operation, param, status, httpStatusCode, errorCode, errorMessage);
256 }
257 }
258
259 /**
260 * Dispatches to super after loginfo and intrumentation handling. In case of errors dispatches error response codes
261 * and does error logging.
262 */
263 @SuppressWarnings("unchecked")
264 protected final void service(HttpServletRequest request, HttpServletResponse response) throws ServletException,
265 IOException {
266 //if (Services.get().isSafeMode() && !request.getMethod().equals("GET") && !allowSafeModeChanges) {
267 if (Services.get().getSystemMode() != SYSTEM_MODE.NORMAL && !request.getMethod().equals("GET") && !allowSafeModeChanges) {
268 sendErrorResponse(response, HttpServletResponse.SC_SERVICE_UNAVAILABLE, ErrorCode.E0002.toString(),
269 ErrorCode.E0002.getTemplate());
270 return;
271 }
272 Instrumentation.Cron cron = new Instrumentation.Cron();
273 requestCron.set(cron);
274 try {
275 cron.start();
276 validateRestUrl(request.getMethod(), getResourceName(request), request.getParameterMap());
277 XLog.Info.get().clear();
278 String user = getUser(request);
279 TOTAL_REQUESTS_SAMPLER_COUNTER.incrementAndGet();
280 samplerCounter.incrementAndGet();
281 //If trace is enabled then display the request headers
282 XLog log = XLog.getLog(getClass());
283 if (log.isTraceEnabled()){
284 logHeaderInfo(request);
285 }
286 super.service(request, response);
287 }
288 catch (XServletException ex) {
289 XLog log = XLog.getLog(getClass());
290 log.warn("URL[{0} {1}] error[{2}], {3}", request.getMethod(), getRequestUrl(request), ex.getErrorCode(), ex
291 .getMessage(), ex);
292 request.setAttribute(AUDIT_ERROR_MESSAGE, ex.getMessage());
293 request.setAttribute(AUDIT_ERROR_CODE, ex.getErrorCode().toString());
294 request.setAttribute(AUDIT_HTTP_STATUS_CODE, ex.getHttpStatusCode());
295 incrCounter(INSTR_TOTAL_FAILED_REQUESTS_COUNTER, 1);
296 sendErrorResponse(response, ex.getHttpStatusCode(), ex.getErrorCode().toString(), ex.getMessage());
297 }
298 catch (AccessControlException ex) {
299 XLog log = XLog.getLog(getClass());
300 log.error("URL[{0} {1}] error, {2}", request.getMethod(), getRequestUrl(request), ex.getMessage(), ex);
301 incrCounter(INSTR_TOTAL_FAILED_REQUESTS_COUNTER, 1);
302 sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, ErrorCode.E1400.toString(),
303 ex.getMessage());
304 }
305 catch (RuntimeException ex) {
306 XLog log = XLog.getLog(getClass());
307 log.error("URL[{0} {1}] error, {2}", request.getMethod(), getRequestUrl(request), ex.getMessage(), ex);
308 incrCounter(INSTR_TOTAL_FAILED_REQUESTS_COUNTER, 1);
309 throw ex;
310 }
311 finally {
312 logAuditInfo(request);
313 TOTAL_REQUESTS_SAMPLER_COUNTER.decrementAndGet();
314 incrCounter(INSTR_TOTAL_REQUESTS_COUNTER, 1);
315 samplerCounter.decrementAndGet();
316 XLog.Info.remove();
317 cron.stop();
318 // TODO
319 incrCounter(instrumentationName, 1);
320 incrCounter(instrumentationName + "-" + request.getMethod(), 1);
321 addCron(instrumentationName, cron);
322 addCron(instrumentationName + "-" + request.getMethod(), cron);
323 requestCron.remove();
324 }
325 }
326
327 private void logHeaderInfo(HttpServletRequest request){
328 XLog log = XLog.getLog(getClass());
329 StringBuilder traceInfo = new StringBuilder(4096);
330 //Display request URL and request.getHeaderNames();
331 Enumeration<String> names = (Enumeration<String>) request.getHeaderNames();
332 traceInfo.append("Request URL: ").append(getRequestUrl(request)).append("\nRequest Headers:\n");
333 while (names.hasMoreElements()) {
334 String name = names.nextElement();
335 String value = request.getHeader(name);
336 traceInfo.append(name).append(" : ").append(value).append("\n");
337 }
338 log.trace(traceInfo);
339 }
340
341 private String getRequestUrl(HttpServletRequest request) {
342 StringBuffer url = request.getRequestURL();
343 if (request.getQueryString() != null) {
344 url.append("?").append(request.getQueryString());
345 }
346 return url.toString();
347 }
348
349 /**
350 * Sends a JSON response.
351 *
352 * @param response servlet response.
353 * @param statusCode HTTP status code.
354 * @param bean bean to send as JSON response.
355 * @param timeZoneId time zone to use for dates in the JSON response.
356 * @throws java.io.IOException thrown if the bean could not be serialized to the response output stream.
357 */
358 protected void sendJsonResponse(HttpServletResponse response, int statusCode, JsonBean bean, String timeZoneId)
359 throws IOException {
360 response.setStatus(statusCode);
361 JSONObject json = bean.toJSONObject(timeZoneId);
362 response.setContentType(JSTON_UTF8);
363 json.writeJSONString(response.getWriter());
364 }
365
366 /**
367 * Sends a error response.
368 *
369 * @param response servlet response.
370 * @param statusCode HTTP status code.
371 * @param error error code.
372 * @param message error message.
373 * @throws java.io.IOException thrown if the error response could not be set.
374 */
375 protected void sendErrorResponse(HttpServletResponse response, int statusCode, String error, String message)
376 throws IOException {
377 response.setHeader(RestConstants.OOZIE_ERROR_CODE, error);
378 response.setHeader(RestConstants.OOZIE_ERROR_MESSAGE, message);
379 response.sendError(statusCode);
380 }
381
382 protected void sendJsonResponse(HttpServletResponse response, int statusCode, JSONStreamAware json)
383 throws IOException {
384 if (statusCode == HttpServletResponse.SC_OK || statusCode == HttpServletResponse.SC_CREATED) {
385 response.setStatus(statusCode);
386 }
387 else {
388 response.sendError(statusCode);
389 }
390 response.setStatus(statusCode);
391 response.setContentType(JSTON_UTF8);
392 json.writeJSONString(response.getWriter());
393 }
394
395 /**
396 * Validates REST URL using the ResourceInfos of the servlet.
397 *
398 * @param method HTTP method.
399 * @param resourceName resource name.
400 * @param queryStringParams query string parameters.
401 * @throws javax.servlet.ServletException thrown if the resource name or parameters are incorrect.
402 */
403 @SuppressWarnings("unchecked")
404 protected void validateRestUrl(String method, String resourceName, Map<String, String[]> queryStringParams)
405 throws ServletException {
406
407 if (resourceName.contains("/")) {
408 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0301, resourceName);
409 }
410
411 boolean valid = false;
412 for (int i = 0; !valid && i < resourcesInfo.size(); i++) {
413 ResourceInfo resourceInfo = resourcesInfo.get(i);
414 if (resourceInfo.name.equals(resourceName) || resourceInfo.wildcard) {
415 if (!resourceInfo.methods.contains(method)) {
416 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0301, resourceName);
417 }
418 for (Map.Entry<String, String[]> entry : queryStringParams.entrySet()) {
419 String name = entry.getKey();
420 ParameterInfo parameterInfo = resourceInfo.parameters.get(name);
421 if (parameterInfo != null) {
422 if (!parameterInfo.methods.contains(method)) {
423 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0302, name);
424 }
425 String value = entry.getValue()[0].trim();
426 if (parameterInfo.type.equals(Boolean.class)) {
427 value = value.toLowerCase();
428 if (!value.equals("true") && !value.equals("false")) {
429 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0304, name,
430 "boolean");
431 }
432 }
433 if (parameterInfo.type.equals(Integer.class)) {
434 try {
435 Integer.parseInt(value);
436 }
437 catch (NumberFormatException ex) {
438 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0304, name,
439 "integer");
440 }
441 }
442 }
443 }
444 for (ParameterInfo parameterInfo : resourceInfo.parameters.values()) {
445 if (parameterInfo.methods.contains(method) && parameterInfo.required
446 && queryStringParams.get(parameterInfo.name) == null) {
447 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0305,
448 parameterInfo.name);
449 }
450 }
451 valid = true;
452 }
453 }
454 if (!valid) {
455 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0301, resourceName);
456 }
457 }
458
459 /**
460 * Return the resource name of the request. <p/> The resource name is the whole extra path. If the extra path starts
461 * with '/', the first '/' is trimmed.
462 *
463 * @param request request instance
464 * @return the resource name, <code>null</code> if none.
465 */
466 protected String getResourceName(HttpServletRequest request) {
467 String requestPath = request.getPathInfo();
468 if (requestPath != null) {
469 while (requestPath.startsWith("/")) {
470 requestPath = requestPath.substring(1);
471 }
472 requestPath = requestPath.trim();
473 }
474 else {
475 requestPath = "";
476 }
477 return requestPath;
478 }
479
480 /**
481 * Return the request content type, lowercase and without attributes.
482 *
483 * @param request servlet request.
484 * @return the request content type, <code>null</code> if none.
485 */
486 protected String getContentType(HttpServletRequest request) {
487 String contentType = request.getContentType();
488 if (contentType != null) {
489 int index = contentType.indexOf(";");
490 if (index > -1) {
491 contentType = contentType.substring(0, index);
492 }
493 contentType = contentType.toLowerCase();
494 }
495 return contentType;
496 }
497
498 /**
499 * Validate and return the content type of the request.
500 *
501 * @param request servlet request.
502 * @param expected expected contentType.
503 * @return the normalized content type (lowercase and without modifiers).
504 * @throws XServletException thrown if the content type is invalid.
505 */
506 protected String validateContentType(HttpServletRequest request, String expected) throws XServletException {
507 String contentType = getContentType(request);
508 if (contentType == null || contentType.trim().length() == 0) {
509 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0300, contentType);
510 }
511 if (!contentType.equals(expected)) {
512 throw new XServletException(HttpServletResponse.SC_BAD_REQUEST, ErrorCode.E0300, contentType);
513 }
514 return contentType;
515 }
516
517 /**
518 * Request attribute constant for the authenticatio token.
519 */
520 public static final String AUTH_TOKEN = "oozie.auth.token";
521
522 /**
523 * Request attribute constant for the user name.
524 */
525 public static final String USER_NAME = "oozie.user.name";
526
527 protected static final String UNDEF = "?";
528
529 /**
530 * Return the authentication token of the request if any.
531 *
532 * @param request request.
533 * @return the authentication token, <code>null</code> if there is none.
534 */
535 protected String getAuthToken(HttpServletRequest request) {
536 String authToken = (String) request.getAttribute(AUTH_TOKEN);
537 return (authToken != null) ? authToken : UNDEF;
538 }
539
540 /**
541 * Return the user name of the request if any.
542 *
543 * @param request request.
544 * @return the user name, <code>null</code> if there is none.
545 */
546 protected String getUser(HttpServletRequest request) {
547 String userName = (String) request.getAttribute(USER_NAME);
548
549 String doAsUserName = request.getParameter(RestConstants.DO_AS_PARAM);
550 if (doAsUserName != null && !doAsUserName.equals(userName)) {
551 ProxyUserService proxyUser = Services.get().get(ProxyUserService.class);
552 try {
553 proxyUser.validate(userName, HostnameFilter.get(), doAsUserName);
554 }
555 catch (IOException ex) {
556 throw new RuntimeException(ex);
557 }
558 auditLog.info("Proxy user [{0}] DoAs user [{1}] Request [{2}]", userName, doAsUserName,
559 getRequestUrl(request));
560
561 XLog.Info.get().setParameter(XLogService.USER, userName + " doAs " + doAsUserName);
562
563 userName = doAsUserName;
564 }
565 else {
566 XLog.Info.get().setParameter(XLogService.USER, userName);
567 }
568 return (userName != null) ? userName : UNDEF;
569 }
570
571 /**
572 * Set the log info with the given information.
573 *
574 * @param jobid job ID.
575 * @param actionid action ID.
576 */
577 protected void setLogInfo(String jobid, String actionid) {
578 logInfo.setParameter(DagXLogInfoService.JOB, jobid);
579 logInfo.setParameter(DagXLogInfoService.ACTION, actionid);
580
581 XLog.Info.get().setParameters(logInfo);
582 }
583 }