Merge pull request #43 from Microsoft/users/subraman/skipcacheck

1. Added skipCA check for the task
2016-02-11 10:07:06 +05:30 · 2016-02-11 10:07:06 +05:30 · fe15244e34
--- a/src/Tasks/vmOperations/task.json
+++ b/src/Tasks/vmOperations/task.json
@ -65,7 +65,7 @@
        {
            "name": "targetlocation",
            "type": "string",
-            "label": "Location",
+            "label": "Datacenter",
            "defaultValue": "",
            "required": true,
            "visibleRule": "action = Deploy Virtual Machines using Template",
@ -138,6 +138,14 @@
            "defaultValue": "",
            "visibleRule": "action = Take Snapshot of Virtual Machines || action = Deploy Virtual Machines using Template",
            "helpMarkDown": "Additional description for the action."
+        },
+        {
+            "name": "skipca",
+            "type": "boolean",
+            "label": "Skip Certification Authority check",
+            "required": false,
+            "defaultValue": "true",
+            "helpMarkDown": "Select the option to skip validating the authenticity of the machine's certificate by a trusted certification authority."
        }
    ],
    "instanceNameFormat": "$(action) : $(vmList)",
--- a/src/Tasks/vmOperations/vmOperations.ts
+++ b/src/Tasks/vmOperations/vmOperations.ts
@ -15,10 +15,11 @@ export class VmOperations {
        var vCenterUserName: string = endPointAuthCreds["username"];
        var vCenterPassword: string = endPointAuthCreds["password"];
        var vmList: string = tl.getInput("vmList", true);
+        var skipca: string = tl.getInput("skipca", false);
        this.validateVmListInput(vmList);

        cmdArgs += " -vCenterUrl \"" + vCenterUrl  + "\" -vCenterUserName \"" + vCenterUserName  + "\" -vCenterPassword \"" +
-                 vCenterPassword + "\" -vmList \"" + vmList + "\"";
+                 vCenterPassword + "\" -vmList \"" + vmList + "\"" + " -skipca " + skipca;
        tl.debug(util.format("common args: -vCenterUrl \"%s\" -vCenterUserName \"%s\" -vCenterPassword \"%s\" -vmList \"%s\"",
                vCenterUrl, vCenterUserName, "**********", vmList));
        return cmdArgs;
--- a/src/Tools/vmOpsTool/ConnectionData.java
+++ b/src/Tools/vmOpsTool/ConnectionData.java
@ -1,14 +1,30 @@
-
-
 public class ConnectionData {

-    public ConnectionData(String vCenterUrl, String vCenterUserName, String vCenterPassword) {
+    private String userName;
+    private String password;
+    private String url;
+    private boolean skipCACheck;
+
+    public ConnectionData(String vCenterUrl, String vCenterUserName, String vCenterPassword, boolean skipCACheck) {
        this.userName = vCenterUserName;
        this.password = vCenterPassword;
        this.url = vCenterUrl;
+        this.skipCACheck = skipCACheck;
    }

-    public String userName;
-    public String password;
-    public String url;
+    public String getUserName() {
+        return userName;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public String getUrl() {
+        return url;
+    }
+
+    public boolean isSkipCACheck() {
+        return skipCACheck;
+    }
 }
--- a/src/Tools/vmOpsTool/Constants.java
+++ b/src/Tools/vmOpsTool/Constants.java
@ -6,6 +6,7 @@ public class Constants {
    public static final String V_CENTER_USER_NAME = "-vCenterUserName";
    public static final String V_CENTER_PASSWORD = "-vCenterPassword";
    public static final String VM_LIST = "-vmList";
+    public static final String SKIP_CA_CHECK = "-skipca";
    public static final String SNAPSHOT_OPS = "-snapshotOps";
    public static final String DELETE_VM = "-deletevm";
    public static final String CLONE_TEMPLATE = "-clonetemplate";
--- a/src/Tools/vmOpsTool/SkipCACheck.java
+++ b/src/Tools/vmOpsTool/SkipCACheck.java
@ -0,0 +1,47 @@
+import javax.net.ssl.*;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import static javax.net.ssl.HttpsURLConnection.*;
+
+public class SkipCACheck {
+
+    public static void AllowUntrustedConnections() throws NoSuchAlgorithmException, KeyManagementException {
+        System.out.println("Setting allow untrusted connections for the session.");
+
+        HostnameVerifier verifier = (urlHostName, session) -> true;
+        TrustManager[] trustAllCerts = new TrustManager[1];
+        TrustManager trustManager = new TrustAllTrustManager();
+        trustAllCerts[0] = trustManager;
+        SSLContext sslContext = SSLContext.getInstance("SSL");
+
+        SSLSessionContext serverSessionContext = sslContext.getServerSessionContext();
+
+
+        serverSessionContext.setSessionTimeout(30 * 60);
+        sslContext.init(null, trustAllCerts, null);
+
+        setDefaultSSLSocketFactory(sslContext.getSocketFactory());
+        setDefaultHostnameVerifier(verifier);
+    }
+
+    private static class TrustAllTrustManager implements TrustManager, X509TrustManager {
+
+        @Override
+        public X509Certificate[] getAcceptedIssuers() {
+            return null;
+        }
+
+        @Override
+        public void checkServerTrusted(X509Certificate[] certs, String authType)
+                throws CertificateException {
+        }
+
+        @Override
+        public void checkClientTrusted(X509Certificate[] certs, String authType)
+                throws CertificateException {
+        }
+    }
+}
--- a/src/Tools/vmOpsTool/VMWareImpl.java
+++ b/src/Tools/vmOpsTool/VMWareImpl.java
@ -1,8 +1,8 @@
-import java.util.*;
+import com.sun.xml.ws.client.BindingProviderProperties;
+import com.vmware.vim25.*;

 import javax.xml.ws.BindingProvider;
-
-import com.vmware.vim25.*;
+import java.util.*;

 public class VMWareImpl implements IVMWare {

@ -497,15 +497,21 @@ public class VMWareImpl implements IVMWare {
                vimPort = vimService.getVimPort();

                Map<String, Object> reqContext = ((BindingProvider) vimPort).getRequestContext();
-                reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, connData.url);
+                reqContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, connData.getUrl());
                reqContext.put(BindingProvider.SESSION_MAINTAIN_PROPERTY, true);
+                reqContext.put(BindingProviderProperties.REQUEST_TIMEOUT, 30 * 60 * 1000);
+                reqContext.put(BindingProviderProperties.CONNECT_TIMEOUT, 5 * 60 * 1000);
                ManagedObjectReference serviceInstance = new ManagedObjectReference();
                serviceInstance.setType("ServiceInstance");
                serviceInstance.setValue("ServiceInstance");

+                if (connData.isSkipCACheck()) {
+                    SkipCACheck.AllowUntrustedConnections();
+                }
+
                serviceContent = vimPort.retrieveServiceContent(serviceInstance);
                rootFolder = serviceContent.getRootFolder();
-                userSession = vimPort.login(serviceContent.getSessionManager(), connData.userName, connData.password,
+                userSession = vimPort.login(serviceContent.getSessionManager(), connData.getUserName(), connData.getPassword(),
                        null);
            }
        } catch (Exception exp) {
--- a/src/Tools/vmOpsTool/VmOpsTool.java
+++ b/src/Tools/vmOpsTool/VmOpsTool.java
@ -32,8 +32,9 @@ public class VmOpsTool {
        String vCenterUserName = argsMap.get(Constants.V_CENTER_USER_NAME);
        String vCenterPassword = argsMap.get(Constants.V_CENTER_PASSWORD);
        String vmList = argsMap.get(Constants.VM_LIST);
+        boolean skipCACheck = Boolean.parseBoolean(argsMap.get(Constants.SKIP_CA_CHECK));

-        ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword);
+        ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword, skipCACheck);
        String[] vmNames = vmList.split(",");
        String failedVmList = "";
        String errorMessage = "";
--- a/src/Tools/vmOpsTool/pom.xml
+++ b/src/Tools/vmOpsTool/pom.xml
@ -27,6 +27,11 @@
      <artifactId>jaxws-api</artifactId>
      <version>2.1</version>
    </dependency>
+    <dependency>
+      <groupId>com.sun.xml.ws</groupId>
+      <artifactId>jaxws-rt</artifactId>
+      <version>2.1.4</version>
+    </dependency>
  </dependencies>

  <build>
--- a/tests/Tasks/vmOperations/vmOperationsTests.ts
+++ b/tests/Tasks/vmOperations/vmOperationsTests.ts
@ -39,12 +39,13 @@ describe("getCmdCommonArgs", (): void => {
        sandbox.restore();
    });

-    it("Successfully read all the common params (url, username, password, vmList)", (): void => {
+    it("Successfully read all the common params (url, username, password, vmList, skipca)", (): void => {

        getInputStub.withArgs("vCenterConnection", true).returns(dummyConnectionName);
        getInputStub.withArgs("vmList", true).returns(dummyVmList);
        getEndPointUrlStub.withArgs(dummyConnectionName, false).returns(dummyEndpointUrl);
        getEndpointAuthorizationStub.withArgs(dummyConnectionName, false).returns( { "parameters": { "username" : "dummyuser", "password" : "dummypassword"}});
+        getInputStub.withArgs("skipca", false).returns("true");

        var cmdArgs = vmOperations.VmOperations.getCmdCommonArgs();

@ -52,6 +53,7 @@ describe("getCmdCommonArgs", (): void => {
        cmdArgs.should.contain("-vCenterUserName \"dummyuser\"");
        cmdArgs.should.contain("-vCenterPassword \"dummypassword\"");
        cmdArgs.should.contain("-vmList \"" + dummyVmList + "\"");
+        cmdArgs.should.contain("-skipca true");
    });

    it("Should throw on failure to get connected service name", (): void => {
@ -81,6 +83,18 @@ describe("getCmdCommonArgs", (): void => {
        getEndpointAuthorizationStub.should.have.thrown("Error");
    });

+    it("Should throw on failure read skipca check", (): void => {
+        getInputStub.withArgs("vCenterConnection", true).returns(dummyConnectionName);
+        getEndPointUrlStub.withArgs(dummyConnectionName, false).returns(dummyEndpointUrl);
+        getEndpointAuthorizationStub.withArgs(dummyConnectionName, false).returns( { "parameters": { "username" : "dummyuser", "password" : "dummypassword"}});
+        getInputStub.withArgs("vmList", true).returns("vm1");
+        getInputStub.withArgs("skipca", false).throws();
+
+        expect(vmOperations.VmOperations.getCmdCommonArgs).to.throw("Error");
+        getInputStub.withArgs("skipca", false).should.have.been.calledOnce;
+        getInputStub.withArgs("skipca", false).should.have.thrown("Error");
+    });
+
    it("Should fail task for invalid vmList input, i.e vmname empty string", (): void => {
        getInputStub.withArgs("vCenterConnection", true).returns(dummyConnectionName);
        getInputStub.withArgs("vmList", true).returns("vm1, ,vm, vm2, vm3,");
--- a/tests/Tools/vmOpsTool/InMemoryVMWareImpl.java
+++ b/tests/Tools/vmOpsTool/InMemoryVMWareImpl.java
@ -80,7 +80,7 @@ public class InMemoryVMWareImpl implements IVMWare {
    }

    public void connect(ConnectionData connData) throws Exception {
-        if (connData.password.equals("InvalidPassword")) {
+        if (connData.getPassword().equals("InvalidPassword") || !connData.isSkipCACheck()) {
            throw new Exception();
        }
    }
--- a/tests/Tools/vmOpsTool/VMWarePlatformTests.java
+++ b/tests/Tools/vmOpsTool/VMWarePlatformTests.java
@ -6,7 +6,7 @@ public abstract class VMWarePlatformTests {
    private String vCenterUserName = "Administrator@vsphere.local";
    private String vCenterPassword = "Password~1";
    private String vCenterUrl = getvCenterUrl();
-    private ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword);
+    private ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword, true);
    private IVMWare vmWareImpl = getVmWareImpl();
    private String snapshotOne = "Snapshot1";
    private String templateName = "Ubuntu";
@ -182,10 +182,21 @@ public abstract class VMWarePlatformTests {
    }

    @Test
-    public void connectShouldThrowConnectionToServerFailsAuthentication() {
+    public void connectShouldThrowForInvalidCredentials() {
        Exception exp = null;
        try {
-            vmWareImpl.connect(new ConnectionData(vCenterUrl, vCenterUserName, "InvalidPassword"));
+            vmWareImpl.connect(new ConnectionData(vCenterUrl, vCenterUserName, "InvalidPassword", true));
+        } catch (Exception e) {
+            exp = e;
+        }
+        assertThat(exp).isNotNull();
+    }
+
+    @Test
+    public void connectShouldThrowWithoutSkipCACheck() {
+        Exception exp = null;
+        try {
+            vmWareImpl.connect(new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword, false));
        } catch (Exception e) {
            exp = e;
        }
--- a/tests/Tools/vmOpsTool/VmOpsToolUnitTests.java
+++ b/tests/Tools/vmOpsTool/VmOpsToolUnitTests.java
@ -17,7 +17,7 @@ public class VmOpsToolUnitTests {
    private String vCenterPassword = "Password~1";
    private String vmSnapshotName = "Snapshot1";

-    private ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword);
+    private ConnectionData connData = new ConnectionData(vCenterUrl, vCenterUserName, vCenterPassword, true);

    @Test
    public void parseCmdArgsWithAllRequiredInputs() {