AAA CLI commands rewritten.
- Added AaaAuthState enum and AaaSession DTO to api.
- Reset Device command (WIP).
- Show Users command in terms of new classes.
Change-Id: Ia3d90ed48344c1c780dda4e376ac3758c2db71b7
diff --git a/src/main/java/org/opencord/aaa/api/AaaAuthState.java b/src/main/java/org/opencord/aaa/api/AaaAuthState.java
new file mode 100644
index 0000000..ffb4efb
--- /dev/null
+++ b/src/main/java/org/opencord/aaa/api/AaaAuthState.java
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2017-present Open Networking Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.opencord.aaa.api;
+
+/**
+ * Designates the different states an AAA authentication session may be in.
+ */
+public enum AaaAuthState {
+ IDLE,
+ STARTED,
+ PENDING,
+ AUTHORIZED,
+ UNAUTHORIZED
+}
diff --git a/src/main/java/org/opencord/aaa/api/AaaSession.java b/src/main/java/org/opencord/aaa/api/AaaSession.java
new file mode 100644
index 0000000..379419d
--- /dev/null
+++ b/src/main/java/org/opencord/aaa/api/AaaSession.java
@@ -0,0 +1,143 @@
+/*
+ * Copyright 2017-present Open Networking Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.opencord.aaa.api;
+
+import org.onlab.packet.MacAddress;
+import org.onlab.packet.VlanId;
+import org.onosproject.net.ConnectPoint;
+import org.onosproject.net.DeviceId;
+import org.onosproject.net.PortNumber;
+
+/**
+ * Represents an AAA authentication session.
+ */
+public final class AaaSession {
+ // This defines supplicant device and port
+ private final ConnectPoint supplicantConnectPoint;
+
+ // User name associated with this session
+ private final String username;
+
+ // MAC associated with this session
+ private final MacAddress supplicantMacAddress;
+
+ // TODO: Review why isn't vlanId of type VlanId ??
+ // VLAN from the EAP eth packet
+ private final short vlanId;
+
+ // VLAN from subscriber info : C-Tag
+ private final VlanId ctag;
+
+ // Current authentication state of this session
+ private final AaaAuthState state;
+
+ /**
+ * Constructs an immutable AAA session description.
+ *
+ * @param supplicantConnectPoint the supplicant connect point
+ * @param username the associated user name
+ * @param supplicantMacAddress the associated mac address
+ * @param vlanId the VLAN ID
+ * @param ctag the C-TAG VLAN ID
+ * @param state the current authentication state
+ */
+ public AaaSession(ConnectPoint supplicantConnectPoint, String username,
+ MacAddress supplicantMacAddress, short vlanId, VlanId ctag,
+ AaaAuthState state) {
+ this.supplicantConnectPoint = supplicantConnectPoint;
+ this.username = username;
+ this.supplicantMacAddress = supplicantMacAddress;
+ this.vlanId = vlanId;
+ this.ctag = ctag;
+ this.state = state;
+ }
+
+ /**
+ * The supplicant connect point.
+ *
+ * @return the connect point
+ */
+ public ConnectPoint getConnectPoint() {
+ return supplicantConnectPoint;
+ }
+
+ /**
+ * The device identifier of the supplicant connect point.
+ *
+ * @return the device identifier
+ */
+ public DeviceId deviceId() {
+ return supplicantConnectPoint.deviceId();
+ }
+
+ /**
+ * The port number of the supplicant connect point.
+ *
+ * @return the port number
+ */
+ public PortNumber portNumber() {
+ return supplicantConnectPoint.port();
+ }
+
+ /**
+ * The user name of the supplicant.
+ *
+ * @return the user name
+ */
+ public String username() {
+ return username;
+ }
+
+ /**
+ * The MAC address of the supplicant.
+ *
+ * @return the MAC address
+ */
+ public MacAddress macAddress() {
+ return supplicantMacAddress;
+ }
+
+ // TODO: Review this description of vlanId for correctness
+
+ /**
+ * The VLAN identifier for the supplicant connection.
+ *
+ * @return the VLAN ID
+ */
+ public short vlanId() {
+ return vlanId;
+ }
+
+ // TODO: Review - does this make sense in the general (other-than-VOLTHA) case?
+
+ /**
+ * The C-TAG associated with this supplicant's session.
+ *
+ * @return the C-TAG VLAN ID
+ */
+ public VlanId cTag() {
+ return ctag;
+ }
+
+ /**
+ * The current state of this session.
+ *
+ * @return the session state
+ */
+ public AaaAuthState state() {
+ return state;
+ }
+}
diff --git a/src/main/java/org/opencord/aaa/cli/AaaResetDeviceCommand.java b/src/main/java/org/opencord/aaa/cli/AaaResetDeviceCommand.java
new file mode 100644
index 0000000..337e3dc
--- /dev/null
+++ b/src/main/java/org/opencord/aaa/cli/AaaResetDeviceCommand.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2017-present Open Networking Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0.
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.opencord.aaa.cli;
+
+import org.apache.karaf.shell.commands.Argument;
+import org.apache.karaf.shell.commands.Command;
+import org.onosproject.cli.AbstractShellCommand;
+import org.opencord.aaa.api.AaaService;
+
+@Command(scope = "onos", name = "aaa-reset-device",
+ description = "Resets authentication sessions for a given device")
+public class AaaResetDeviceCommand extends AbstractShellCommand {
+ @Argument(index = 0, name = "mac",
+ description = "MAC of device to reset authentication sessions",
+ required = true, multiValued = true)
+ private String[] macs = null;
+
+ @Override
+ protected void execute() {
+ AaaService aaaService = get(AaaService.class);
+
+ // FIXME: access needs to be through AaaService - Proposal...
+// aaaService.resetAuthenticationSessionsByDeviceMac(macs);
+
+ // We shouldn't have visibility to StateMachine.
+ /*
+ for (String mac : macs) {
+ StateMachine.deleteByMac(MacAddress.valueOf(mac));
+ }
+ */
+ }
+}
diff --git a/src/main/java/org/opencord/aaa/cli/AaaShowUsersCommand.java b/src/main/java/org/opencord/aaa/cli/AaaShowUsersCommand.java
new file mode 100644
index 0000000..276c316
--- /dev/null
+++ b/src/main/java/org/opencord/aaa/cli/AaaShowUsersCommand.java
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2017-present Open Networking Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.opencord.aaa.cli;
+
+import org.apache.karaf.shell.commands.Command;
+import org.onosproject.cli.AbstractShellCommand;
+import org.onosproject.net.AnnotationKeys;
+import org.onosproject.net.ConnectPoint;
+import org.onosproject.net.Port;
+import org.onosproject.net.device.DeviceService;
+import org.opencord.aaa.api.AaaService;
+import org.opencord.aaa.api.AaaSession;
+import org.opencord.sadis.SubscriberAndDeviceInformation;
+import org.opencord.sadis.SubscriberAndDeviceInformationService;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Shows the users in the aaa.
+ */
+@Command(scope = "onos", name = "aaa-users",
+ description = "Displays the users with current AAA sessions")
+public class AaaShowUsersCommand extends AbstractShellCommand {
+
+ private static final String UNKNOWN = "UNKNOWN";
+
+ @Override
+ protected void execute() {
+ DeviceService devService = get(DeviceService.class);
+ SubscriberAndDeviceInformationService subsService =
+ get(SubscriberAndDeviceInformationService.class);
+ AaaService aaaService = get(AaaService.class);
+
+// TODO: add currentSessions() to AaaService API
+// List<AaaSession> sessionList = aaaService.currentSessions();
+ List<AaaSession> sessionList = new ArrayList<>();
+
+ for (AaaSession s : sessionList) {
+ String subsId = getSubscriberId(devService, subsService, s.getConnectPoint());
+ print("UserName=%s,CurrentState=%s,DeviceId=%s,MAC=%s,PortNumber=%s,SubscriberId=%s",
+ s.username(), s.state(), s.deviceId(), s.macAddress(), s.portNumber(), subsId);
+ }
+ }
+
+ private String getSubscriberId(DeviceService devService,
+ SubscriberAndDeviceInformationService sadis,
+ ConnectPoint cp) {
+ Port p = devService.getPort(cp);
+ String nasPortId = p.annotations().value(AnnotationKeys.PORT_NAME);
+ SubscriberAndDeviceInformation subscriber = sadis.get(nasPortId);
+ return (subscriber == null) ? UNKNOWN : subscriber.nasPortId();
+ }
+}