From 782742f49ea4c670438886a1e5d82023bfec5e18 Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Wed, 3 Aug 2022 09:48:33 +0200 Subject: [PATCH 1/7] normalize domains in mentix providerauthorizer --- pkg/ocm/provider/authorizer/json/json.go | 32 +++++--------------- pkg/ocm/provider/authorizer/mentix/mentix.go | 28 +++++++++++------ pkg/ocm/provider/provider.go | 18 +++++++++++ 3 files changed, 44 insertions(+), 34 deletions(-) diff --git a/pkg/ocm/provider/authorizer/json/json.go b/pkg/ocm/provider/authorizer/json/json.go index 575287c586..35afbb6aeb 100644 --- a/pkg/ocm/provider/authorizer/json/json.go +++ b/pkg/ocm/provider/authorizer/json/json.go @@ -84,24 +84,8 @@ type authorizer struct { conf *config } -func normalizeDomain(d string) (string, error) { - var urlString string - if strings.Contains(d, "://") { - urlString = d - } else { - urlString = "https://" + d - } - - u, err := url.Parse(urlString) - if err != nil { - return "", err - } - - return u.Hostname(), nil -} - func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmprovider.ProviderInfo, error) { - normalizedDomain, err := normalizeDomain(domain) + normalizedDomain, err := provider.NormalizeDomain(domain) if err != nil { return nil, err } @@ -113,9 +97,9 @@ func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmpr return nil, errtypes.NotFound(domain) } -func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovider.ProviderInfo) error { +func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.ProviderInfo) error { var err error - normalizedDomain, err := normalizeDomain(provider.Domain) + normalizedDomain, err := provider.NormalizeDomain(pi.Domain) if err != nil { return err } @@ -133,10 +117,10 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovide switch { case !providerAuthorized: - return errtypes.NotFound(provider.GetDomain()) + return errtypes.NotFound(pi.GetDomain()) case !a.conf.VerifyRequestHostname: return nil - case len(provider.Services) == 0: + case len(pi.Services) == 0: return errtypes.NotSupported("No IP provided") } @@ -169,7 +153,7 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovide } for _, ip := range ipList { - if ip == provider.Services[0].Host { + if ip == pi.Services[0].Host { providerAuthorized = true } } @@ -194,8 +178,8 @@ func (a *authorizer) getOCMProviders(providers []*ocmprovider.ProviderInfo) (po return } -func (a *authorizer) getOCMHost(provider *ocmprovider.ProviderInfo) (string, error) { - for _, s := range provider.Services { +func (a *authorizer) getOCMHost(pi *ocmprovider.ProviderInfo) (string, error) { + for _, s := range pi.Services { if s.Endpoint.Type.Name == "OCM" { ocmHost, err := url.Parse(s.Host) if err != nil { diff --git a/pkg/ocm/provider/authorizer/mentix/mentix.go b/pkg/ocm/provider/authorizer/mentix/mentix.go index 30ab53c0ef..100d27b3a9 100644 --- a/pkg/ocm/provider/authorizer/mentix/mentix.go +++ b/pkg/ocm/provider/authorizer/mentix/mentix.go @@ -130,29 +130,37 @@ func (a *authorizer) fetchProviders() ([]*ocmprovider.ProviderInfo, error) { } func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmprovider.ProviderInfo, error) { - providers, err := a.fetchProviders() + normalizedDomain, err := provider.NormalizeDomain(domain) if err != nil { return nil, err } + providers, err := a.fetchProviders() + if err != nil { + return nil, err + } for _, p := range providers { - if strings.Contains(p.Domain, domain) { + if strings.Contains(p.Domain, normalizedDomain) { return p, nil } } return nil, errtypes.NotFound(domain) } -func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovider.ProviderInfo) error { +func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.ProviderInfo) error { providers, err := a.fetchProviders() if err != nil { return err } - + normalizedDomain, err := provider.NormalizeDomain(pi.Domain) + if err != nil { + return err + } + var providerAuthorized bool - if provider.Domain != "" { + if normalizedDomain != "" { for _, p := range providers { - if p.Domain == provider.Domain { + if p.Domain == normalizedDomain { providerAuthorized = true break } @@ -163,16 +171,16 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovide switch { case !providerAuthorized: - return errtypes.NotFound(provider.GetDomain()) + return errtypes.NotFound(pi.GetDomain()) case !a.conf.VerifyRequestHostname: return nil - case len(provider.Services) == 0: + case len(pi.Services) == 0: return errtypes.NotSupported("No IP provided") } var ocmHost string for _, p := range providers { - if p.Domain == provider.Domain { + if p.Domain == normalizedDomain { ocmHost, err = a.getOCMHost(p) if err != nil { return err @@ -199,7 +207,7 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, provider *ocmprovide } for _, ip := range ipList { - if ip == provider.Services[0].Host { + if ip == pi.Services[0].Host { providerAuthorized = true } } diff --git a/pkg/ocm/provider/provider.go b/pkg/ocm/provider/provider.go index 6a793cc729..b6a508260a 100644 --- a/pkg/ocm/provider/provider.go +++ b/pkg/ocm/provider/provider.go @@ -20,6 +20,8 @@ package provider import ( "context" + "net/url" + "strings" ocmprovider "github.com/cs3org/go-cs3apis/cs3/ocm/provider/v1beta1" ) @@ -35,3 +37,19 @@ type Authorizer interface { // ListAllProviders returns the information of all the providers registered in the mesh. ListAllProviders(ctx context.Context) ([]*ocmprovider.ProviderInfo, error) } + +func NormalizeDomain(d string) (string, error) { + var urlString string + if strings.Contains(d, "://") { + urlString = d + } else { + urlString = "https://" + d + } + + u, err := url.Parse(urlString) + if err != nil { + return "", err + } + + return u.Hostname(), nil +} From 6b1f6fbc5692b124cdbf1e81a6da9ab424c55a4b Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Wed, 3 Aug 2022 10:23:40 +0200 Subject: [PATCH 2/7] add changelog & fix ci --- .../fix-mentix-domain-normalization.md | 6 +++++ pkg/ocm/provider/authorizer/json/json.go | 20 +++++++++++++++-- pkg/ocm/provider/authorizer/mentix/mentix.go | 22 ++++++++++++++++--- pkg/ocm/provider/provider.go | 18 --------------- 4 files changed, 43 insertions(+), 23 deletions(-) create mode 100644 changelog/unreleased/fix-mentix-domain-normalization.md diff --git a/changelog/unreleased/fix-mentix-domain-normalization.md b/changelog/unreleased/fix-mentix-domain-normalization.md new file mode 100644 index 0000000000..785f620109 --- /dev/null +++ b/changelog/unreleased/fix-mentix-domain-normalization.md @@ -0,0 +1,6 @@ +Bugfix: Add missing domain normalization to mentix provider authorizer + +The Mentix OCM Provider authorizer lacked provider domain normalization. +This led to incorrect provider domain matching when authorizing OCM providers. + + diff --git a/pkg/ocm/provider/authorizer/json/json.go b/pkg/ocm/provider/authorizer/json/json.go index 35afbb6aeb..ad517550f6 100644 --- a/pkg/ocm/provider/authorizer/json/json.go +++ b/pkg/ocm/provider/authorizer/json/json.go @@ -84,8 +84,24 @@ type authorizer struct { conf *config } +func normalizeDomain(d string) (string, error) { + var urlString string + if strings.Contains(d, "://") { + urlString = d + } else { + urlString = "https://" + d + } + + u, err := url.Parse(urlString) + if err != nil { + return "", err + } + + return u.Hostname(), nil +} + func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmprovider.ProviderInfo, error) { - normalizedDomain, err := provider.NormalizeDomain(domain) + normalizedDomain, err := normalizeDomain(domain) if err != nil { return nil, err } @@ -99,7 +115,7 @@ func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmpr func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.ProviderInfo) error { var err error - normalizedDomain, err := provider.NormalizeDomain(pi.Domain) + normalizedDomain, err := normalizeDomain(pi.Domain) if err != nil { return err } diff --git a/pkg/ocm/provider/authorizer/mentix/mentix.go b/pkg/ocm/provider/authorizer/mentix/mentix.go index 100d27b3a9..707f6933d4 100644 --- a/pkg/ocm/provider/authorizer/mentix/mentix.go +++ b/pkg/ocm/provider/authorizer/mentix/mentix.go @@ -96,6 +96,22 @@ type authorizer struct { conf *config } +func normalizeDomain(d string) (string, error) { + var urlString string + if strings.Contains(d, "://") { + urlString = d + } else { + urlString = "https://" + d + } + + u, err := url.Parse(urlString) + if err != nil { + return "", err + } + + return u.Hostname(), nil +} + func (a *authorizer) fetchProviders() ([]*ocmprovider.ProviderInfo, error) { if (a.providers != nil) && (time.Now().Unix() < a.providersExpiration) { return a.providers, nil @@ -130,7 +146,7 @@ func (a *authorizer) fetchProviders() ([]*ocmprovider.ProviderInfo, error) { } func (a *authorizer) GetInfoByDomain(ctx context.Context, domain string) (*ocmprovider.ProviderInfo, error) { - normalizedDomain, err := provider.NormalizeDomain(domain) + normalizedDomain, err := normalizeDomain(domain) if err != nil { return nil, err } @@ -152,11 +168,11 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov if err != nil { return err } - normalizedDomain, err := provider.NormalizeDomain(pi.Domain) + normalizedDomain, err := normalizeDomain(pi.Domain) if err != nil { return err } - + var providerAuthorized bool if normalizedDomain != "" { for _, p := range providers { diff --git a/pkg/ocm/provider/provider.go b/pkg/ocm/provider/provider.go index b6a508260a..6a793cc729 100644 --- a/pkg/ocm/provider/provider.go +++ b/pkg/ocm/provider/provider.go @@ -20,8 +20,6 @@ package provider import ( "context" - "net/url" - "strings" ocmprovider "github.com/cs3org/go-cs3apis/cs3/ocm/provider/v1beta1" ) @@ -37,19 +35,3 @@ type Authorizer interface { // ListAllProviders returns the information of all the providers registered in the mesh. ListAllProviders(ctx context.Context) ([]*ocmprovider.ProviderInfo, error) } - -func NormalizeDomain(d string) (string, error) { - var urlString string - if strings.Contains(d, "://") { - urlString = d - } else { - urlString = "https://" + d - } - - u, err := url.Parse(urlString) - if err != nil { - return "", err - } - - return u.Hostname(), nil -} From e36e722630b70188de874ed861660ec92a90038a Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Wed, 3 Aug 2022 10:25:55 +0200 Subject: [PATCH 3/7] fix changelog format --- changelog/unreleased/fix-mentix-domain-normalization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog/unreleased/fix-mentix-domain-normalization.md b/changelog/unreleased/fix-mentix-domain-normalization.md index 785f620109..d20973f4bf 100644 --- a/changelog/unreleased/fix-mentix-domain-normalization.md +++ b/changelog/unreleased/fix-mentix-domain-normalization.md @@ -3,4 +3,4 @@ Bugfix: Add missing domain normalization to mentix provider authorizer The Mentix OCM Provider authorizer lacked provider domain normalization. This led to incorrect provider domain matching when authorizing OCM providers. - +https://github.com/cs3org/reva/pull/3121 From 408fc518a53a64e6d50f54c206a1bb418a538da8 Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Thu, 4 Aug 2022 10:28:05 +0200 Subject: [PATCH 4/7] let ocm provider authz handle domain normalization --- internal/http/services/ocmd/invites.go | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/internal/http/services/ocmd/invites.go b/internal/http/services/ocmd/invites.go index eab71c7d90..7d7eab3552 100644 --- a/internal/http/services/ocmd/invites.go +++ b/internal/http/services/ocmd/invites.go @@ -25,7 +25,6 @@ import ( "io" "mime" "net/http" - "net/url" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" invitepb "github.com/cs3org/go-cs3apis/cs3/ocm/invite/v1beta1" @@ -238,14 +237,8 @@ func (h *invitesHandler) acceptInvite(w http.ResponseWriter, r *http.Request) { return } - recipientProviderURL, err := url.Parse(recipientProvider) - if err != nil { - WriteError(w, r, APIErrorServerError, fmt.Sprintf("error parseing recipientProvider URL: %s", recipientProvider), err) - return - } - providerInfo := ocmprovider.ProviderInfo{ - Domain: recipientProviderURL.Hostname(), + Domain: recipientProvider, Services: []*ocmprovider.Service{ { Host: clientIP, From f7fe28bddc97b28f9c280be850d9ee55ca32b521 Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Thu, 4 Aug 2022 13:20:40 +0200 Subject: [PATCH 5/7] improve mentix authz errors --- pkg/ocm/provider/authorizer/json/json.go | 2 ++ pkg/ocm/provider/authorizer/mentix/mentix.go | 20 ++++++++++++++------ 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/pkg/ocm/provider/authorizer/json/json.go b/pkg/ocm/provider/authorizer/json/json.go index ad517550f6..1b5447721f 100644 --- a/pkg/ocm/provider/authorizer/json/json.go +++ b/pkg/ocm/provider/authorizer/json/json.go @@ -147,6 +147,7 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov if err != nil { return err } + break } } if ocmHost == "" { @@ -171,6 +172,7 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov for _, ip := range ipList { if ip == pi.Services[0].Host { providerAuthorized = true + break } } if !providerAuthorized { diff --git a/pkg/ocm/provider/authorizer/mentix/mentix.go b/pkg/ocm/provider/authorizer/mentix/mentix.go index 707f6933d4..aa30b29dcc 100644 --- a/pkg/ocm/provider/authorizer/mentix/mentix.go +++ b/pkg/ocm/provider/authorizer/mentix/mentix.go @@ -127,7 +127,7 @@ func (a *authorizer) fetchProviders() ([]*ocmprovider.ProviderInfo, error) { res, err := a.client.HTTPClient.Do(req) if err != nil { err = errors.Wrap(err, - fmt.Sprintf("error fetching provider list from: %s", a.client.BaseURL)) + fmt.Sprintf("mentix: error fetching provider list from: %s", a.client.BaseURL)) return nil, err } @@ -191,7 +191,8 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov case !a.conf.VerifyRequestHostname: return nil case len(pi.Services) == 0: - return errtypes.NotSupported("No IP provided") + return errtypes.NotSupported( + fmt.Sprintf("mentix: provider %s has no supported services", pi.GetDomain())) } var ocmHost string @@ -201,10 +202,12 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov if err != nil { return err } + break } } if ocmHost == "" { - return errtypes.InternalError("mentix: ocm host not specified for mesh provider") + return errtypes.NotSupported( + fmt.Sprintf("mentix: provider %s is missing OCM endpoint", pi.GetDomain())) } providerAuthorized = false @@ -214,7 +217,8 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov } else { addr, err := net.LookupIP(ocmHost) if err != nil { - return errors.Wrap(err, "json: error looking up client IP") + return errors.Wrap(err, + fmt.Sprintf("mentix: error looking up IPs for OCM endpoint %s", ocmHost)) } for _, a := range addr { ipList = append(ipList, a.String()) @@ -225,10 +229,14 @@ func (a *authorizer) IsProviderAllowed(ctx context.Context, pi *ocmprovider.Prov for _, ip := range ipList { if ip == pi.Services[0].Host { providerAuthorized = true + break } } if !providerAuthorized { - return errtypes.NotFound("OCM Host") + return errtypes.BadRequest( + fmt.Sprintf( + "Invalid requesting OCM endpoint IP %s of provider %s", + pi.Services[0].Host, pi.GetDomain())) } return nil @@ -257,7 +265,7 @@ func (a *authorizer) getOCMHost(provider *ocmprovider.ProviderInfo) (string, err if s.Endpoint.Type.Name == "OCM" { ocmHost, err := url.Parse(s.Host) if err != nil { - return "", errors.Wrap(err, "json: error parsing OCM host URL") + return "", errors.Wrap(err, "mentix: error parsing OCM host URL") } return ocmHost.Host, nil } From fdced3305f289fd9cb59684a24ce0a97b31d7f0b Mon Sep 17 00:00:00 2001 From: Miroslav Bauer Date: Thu, 4 Aug 2022 13:24:23 +0200 Subject: [PATCH 6/7] improve mentix authz errors --- pkg/ocm/provider/authorizer/mentix/mentix.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/ocm/provider/authorizer/mentix/mentix.go b/pkg/ocm/provider/authorizer/mentix/mentix.go index aa30b29dcc..ffb1d116c5 100644 --- a/pkg/ocm/provider/authorizer/mentix/mentix.go +++ b/pkg/ocm/provider/authorizer/mentix/mentix.go @@ -265,7 +265,7 @@ func (a *authorizer) getOCMHost(provider *ocmprovider.ProviderInfo) (string, err if s.Endpoint.Type.Name == "OCM" { ocmHost, err := url.Parse(s.Host) if err != nil { - return "", errors.Wrap(err, "mentix: error parsing OCM host URL") + return "", errors.Wrap(err, fmt.Sprintf("mentix: error parsing OCM host URL %s", s.Host)) } return ocmHost.Host, nil } From 5edd8050e23a119c07e2c503a76ea687ffc639e1 Mon Sep 17 00:00:00 2001 From: Michiel de Jong Date: Mon, 12 Dec 2022 19:22:14 +0100 Subject: [PATCH 7/7] service.Host is an FQDN --- examples/meshdirectory/providers.demo.json | 14 ++++---- examples/oc-phoenix/providers.demo.json | 16 +++++----- examples/ocm-partners/providers.demo.json | 32 +++++++++---------- examples/ocmd/providers.demo.json | 16 +++++----- examples/oidc-mapping-tpc/providers.demo.json | 16 +++++----- .../storage-references/providers.demo.json | 16 +++++----- examples/two-server-setup/providers.demo.json | 16 +++++----- pkg/ocm/provider/authorizer/json/json.go | 6 +--- pkg/ocm/provider/authorizer/mentix/mentix.go | 6 +--- pkg/ocm/provider/authorizer/open/open.go | 7 +--- .../drone/providers.demo.json | 8 ++--- .../local-mesh/providers.demo.json | 8 ++--- .../local/providers.demo.json | 8 ++--- 13 files changed, 78 insertions(+), 91 deletions(-) diff --git a/examples/meshdirectory/providers.demo.json b/examples/meshdirectory/providers.demo.json index 7d2af6b1ce..e3674f7658 100644 --- a/examples/meshdirectory/providers.demo.json +++ b/examples/meshdirectory/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cernbox.cern.ch/" + "host": "sciencemesh.cernbox.cern.ch" } ] }, @@ -41,7 +41,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cesnet.cz/" + "host": "sciencemesh.cesnet.cz" } ] }, @@ -64,7 +64,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.uni-muenster.de/" + "host": "sciencemesh-test.uni-muenster.de" } ] }, @@ -87,7 +87,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://ocm.cubbit.io/" + "host": "ocm.cubbit.io" } ] }, @@ -110,7 +110,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://cs3mesh.softwaremind.com:19000/" + "host": "cs3mesh.softwaremind.com:19000" } ] }, @@ -133,7 +133,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://app.cs3mesh-iop.k8s.surfsara.nl/" + "host": "app.cs3mesh-iop.k8s.surfsara.nl" } ] }, @@ -156,7 +156,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.switch.ch/" + "host": "sciencemesh-test.switch.ch" } ] } diff --git a/examples/oc-phoenix/providers.demo.json b/examples/oc-phoenix/providers.demo.json index 4c87fb8ca1..cd457dd00a 100644 --- a/examples/oc-phoenix/providers.demo.json +++ b/examples/oc-phoenix/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" } ] }, @@ -54,7 +54,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" } ] }, @@ -90,7 +90,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" }, { "endpoint": { @@ -103,7 +103,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "/127.0.0.1:13001" } ] }, @@ -126,7 +126,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" }, { "endpoint": { @@ -139,7 +139,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:13001/" + "host": "127.0.0.1:13001" } ] } diff --git a/examples/ocm-partners/providers.demo.json b/examples/ocm-partners/providers.demo.json index 66d0880587..2ed2801225 100644 --- a/examples/ocm-partners/providers.demo.json +++ b/examples/ocm-partners/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cernbox.cern.ch/iop/" + "host": "sciencemesh.cernbox.cern.ch" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cernbox.cern.ch/iop/" + "host": "sciencemesh.cernbox.cern.ch" } ] }, @@ -54,7 +54,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cesnet.cz/iop/" + "host": "sciencemesh.cesnet.cz" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cesnet.cz/iop/" + "host": "sciencemesh.cesnet.cz" } ] }, @@ -90,7 +90,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.uni-muenster.de/api/" + "host": "sciencemesh-test.uni-muenster.de" }, { "endpoint": { @@ -103,7 +103,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.uni-muenster.de/api/" + "host": "sciencemesh-test.uni-muenster.de" } ] }, @@ -126,7 +126,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cubbit.io/" + "host": "sciencemesh.cubbit.io" }, { "endpoint": { @@ -139,7 +139,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.cubbit.io/" + "host": "sciencemesh.cubbit.io" } ] }, @@ -162,7 +162,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.softwaremind.com/iop/" + "host": "sciencemesh.softwaremind.com" }, { "endpoint": { @@ -175,7 +175,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.softwaremind.com/iop/" + "host": "sciencemesh.softwaremind.com" } ] }, @@ -198,7 +198,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://app.cs3mesh-iop.k8s.surfsara.nl/iop/" + "host": "app.cs3mesh-iop.k8s.surfsara.nl" }, { "endpoint": { @@ -211,7 +211,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://app.cs3mesh-iop.k8s.surfsara.nl/iop/" + "host": "app.cs3mesh-iop.k8s.surfsara.nl" } ] }, @@ -234,7 +234,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.switch.ch/api/" + "host": "sciencemesh-test.switch.ch" }, { "endpoint": { @@ -247,7 +247,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh-test.switch.ch/api/" + "host": "sciencemesh-test.switch.ch" } ] }, @@ -270,7 +270,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.sciencedata.dk/iop/" + "host": "sciencemesh.sciencedata.dk" }, { "endpoint": { @@ -283,7 +283,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "https://sciencemesh.sciencedata.dk/iop" + "host": "sciencemesh.sciencedata.dk" } ] diff --git a/examples/ocmd/providers.demo.json b/examples/ocmd/providers.demo.json index 05aa6c78d3..0a9b671ab4 100644 --- a/examples/ocmd/providers.demo.json +++ b/examples/ocmd/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -116,7 +116,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -129,7 +129,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -165,7 +165,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -178,7 +178,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { diff --git a/examples/oidc-mapping-tpc/providers.demo.json b/examples/oidc-mapping-tpc/providers.demo.json index 05aa6c78d3..0a9b671ab4 100644 --- a/examples/oidc-mapping-tpc/providers.demo.json +++ b/examples/oidc-mapping-tpc/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -116,7 +116,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -129,7 +129,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -165,7 +165,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -178,7 +178,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { diff --git a/examples/storage-references/providers.demo.json b/examples/storage-references/providers.demo.json index 05aa6c78d3..0a9b671ab4 100644 --- a/examples/storage-references/providers.demo.json +++ b/examples/storage-references/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:17001/" + "host": "127.0.0.1:17001" }, { "endpoint": { @@ -116,7 +116,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -129,7 +129,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -165,7 +165,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -178,7 +178,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { diff --git a/examples/two-server-setup/providers.demo.json b/examples/two-server-setup/providers.demo.json index 03f99626d1..d3a0056aa6 100644 --- a/examples/two-server-setup/providers.demo.json +++ b/examples/two-server-setup/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:29001/" + "host": "127.0.0.1:29001" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:29001/" + "host": "127.0.0.1:29001" }, { "endpoint": { @@ -116,7 +116,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -129,7 +129,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -165,7 +165,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { @@ -178,7 +178,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:19001/" + "host": "127.0.0.1:19001" }, { "endpoint": { diff --git a/pkg/ocm/provider/authorizer/json/json.go b/pkg/ocm/provider/authorizer/json/json.go index c0acb290f3..1cf27379f6 100644 --- a/pkg/ocm/provider/authorizer/json/json.go +++ b/pkg/ocm/provider/authorizer/json/json.go @@ -199,11 +199,7 @@ func (a *authorizer) getOCMProviders(providers []*ocmprovider.ProviderInfo) (po func (a *authorizer) getOCMHost(pi *ocmprovider.ProviderInfo) (string, error) { for _, s := range pi.Services { if s.Endpoint.Type.Name == "OCM" { - ocmHost, err := url.Parse(s.Host) - if err != nil { - return "", errors.Wrap(err, "json: error parsing OCM host URL") - } - return ocmHost.Host, nil + return s.Host, nil } } return "", errtypes.NotFound("OCM Host") diff --git a/pkg/ocm/provider/authorizer/mentix/mentix.go b/pkg/ocm/provider/authorizer/mentix/mentix.go index ee3365dfd5..f04ab9c454 100644 --- a/pkg/ocm/provider/authorizer/mentix/mentix.go +++ b/pkg/ocm/provider/authorizer/mentix/mentix.go @@ -262,11 +262,7 @@ func (a *authorizer) getOCMProviders(providers []*ocmprovider.ProviderInfo) (po func (a *authorizer) getOCMHost(provider *ocmprovider.ProviderInfo) (string, error) { for _, s := range provider.Services { if s.Endpoint.Type.Name == "OCM" { - ocmHost, err := url.Parse(s.Host) - if err != nil { - return "", errors.Wrap(err, fmt.Sprintf("mentix: error parsing OCM host URL %s", s.Host)) - } - return ocmHost.Host, nil + return s.Host, nil } } return "", errtypes.NotFound("OCM Host") diff --git a/pkg/ocm/provider/authorizer/open/open.go b/pkg/ocm/provider/authorizer/open/open.go index e12e70717d..c4bed41989 100644 --- a/pkg/ocm/provider/authorizer/open/open.go +++ b/pkg/ocm/provider/authorizer/open/open.go @@ -21,7 +21,6 @@ package open import ( "context" "encoding/json" - "net/url" "os" "strings" @@ -107,11 +106,7 @@ func (a *authorizer) getOCMProviders(providers []*ocmprovider.ProviderInfo) (po func (a *authorizer) getOCMHost(provider *ocmprovider.ProviderInfo) (string, error) { for _, s := range provider.Services { if s.Endpoint.Type.Name == "OCM" { - ocmHost, err := url.Parse(s.Host) - if err != nil { - return "", errors.Wrap(err, "json: error parsing OCM host URL") - } - return ocmHost.Host, nil + return s.Host, nil } } return "", errtypes.NotFound("OCM Host") diff --git a/tests/oc-integration-tests/drone/providers.demo.json b/tests/oc-integration-tests/drone/providers.demo.json index c7d93d7283..f2111b71b2 100644 --- a/tests/oc-integration-tests/drone/providers.demo.json +++ b/tests/oc-integration-tests/drone/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": { diff --git a/tests/oc-integration-tests/local-mesh/providers.demo.json b/tests/oc-integration-tests/local-mesh/providers.demo.json index c7d93d7283..f2111b71b2 100644 --- a/tests/oc-integration-tests/local-mesh/providers.demo.json +++ b/tests/oc-integration-tests/local-mesh/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": { diff --git a/tests/oc-integration-tests/local/providers.demo.json b/tests/oc-integration-tests/local/providers.demo.json index c7d93d7283..f2111b71b2 100644 --- a/tests/oc-integration-tests/local/providers.demo.json +++ b/tests/oc-integration-tests/local/providers.demo.json @@ -18,7 +18,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -31,7 +31,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:20080/" + "host": "127.0.0.1:20080" }, { "endpoint": { @@ -67,7 +67,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": { @@ -80,7 +80,7 @@ "is_monitored": true }, "api_version": "0.0.1", - "host": "http://127.0.0.1:40080/" + "host": "127.0.0.1:40080" }, { "endpoint": {