Merge branch 'main' into improve-component-config

Author: 0utplay

checkstyle.xml

@@ -36,6 +36,8 @@
     <property name="ignorePattern" value="^package.*|^import.*|a href|http://|https://|ftp://|//.*"/>
   </module>
   <module name="TreeWalker">
+    <property name="javaParseExceptionSeverity" value="info"/>
+    <property name="skipFileOnJavaParseException" value="true"/>
     <module name="SuppressionCommentFilter">
       <property name="offCommentFormat" value="CHECKSTYLE.OFF\: ([\w\|]+)"/>
       <property name="onCommentFormat" value="CHECKSTYLE.ON"/>

cloudnet-rest-module/build.gradle.kts

@@ -57,6 +57,31 @@ dependencies {
   compileOnly("eu.cloudnetservice.cloudnet:bridge:4.0.0-RC11-SNAPSHOT")
 }
 
+tasks.withType<Test> {
+  jvmArgs("--enable-preview")
+}
+
+tasks.withType<JavaCompile> {
+  sourceCompatibility = JavaVersion.VERSION_22.toString()
+  targetCompatibility = JavaVersion.VERSION_22.toString()
+
+  options.compilerArgs.add("-Xlint:-preview")
+  options.compilerArgs.add("--enable-preview")
+}
+
+tasks.withType<Javadoc> {
+  val options = options as? StandardJavadocDocletOptions ?: return@withType
+  options.addStringOption("-release", "22")
+  options.addBooleanOption("-enable-preview", true)
+}
+
+extensions.configure<JavaPluginExtension> {
+  toolchain {
+    vendor = JvmVendorSpec.AZUL
+    languageVersion = JavaLanguageVersion.of(22)
+  }
+}
+
 tasks.withType<Jar> {
   archiveFileName.set("cloudnet-rest.jar")
 }

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/CloudNetRestModule.java

@@ -69,6 +69,8 @@ public void loadLanguageFile() {
   @ModuleTask(order = 127, lifecycle = ModuleLifeCycle.STARTED)
   public void initHttpServer(@Named("module") @NonNull InjectionLayer<?> injectionLayer) {
     var restConfig = this.readConfig(RestConfiguration.class, () -> RestConfiguration.DEFAULT, DocumentFactory.json());
+    restConfig.validate();
+    RestConfiguration.setInstance(restConfig);
 
     // construct the http server component
     var componentFactory = HttpComponentFactoryLoader.getFirstComponentFactory(HttpServer.class);

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/RestCommand.java

@@ -16,12 +16,6 @@
 
 package eu.cloudnetservice.ext.modules.rest;
 
-import cloud.commandframework.annotations.Argument;
-import cloud.commandframework.annotations.CommandMethod;
-import cloud.commandframework.annotations.CommandPermission;
-import cloud.commandframework.annotations.Regex;
-import cloud.commandframework.annotations.parsers.Parser;
-import cloud.commandframework.context.CommandContext;
 import eu.cloudnetservice.common.language.I18n;
 import eu.cloudnetservice.ext.modules.rest.auth.DefaultRestUser;
 import eu.cloudnetservice.ext.rest.api.auth.AuthProvider;
@@ -36,13 +30,18 @@
 import jakarta.inject.Singleton;
 import java.nio.charset.StandardCharsets;
 import java.time.OffsetDateTime;
-import java.util.Queue;
 import java.util.Set;
 import java.util.function.Consumer;
 import lombok.NonNull;
+import org.incendo.cloud.annotations.Argument;
+import org.incendo.cloud.annotations.Command;
+import org.incendo.cloud.annotations.Permission;
+import org.incendo.cloud.annotations.Regex;
+import org.incendo.cloud.annotations.parser.Parser;
+import org.incendo.cloud.context.CommandInput;
 
 @Singleton
-@CommandPermission("cloudnet.command.rest")
+@Permission("cloudnet.command.rest")
 @Description("module-rest-command-description")
 public final class RestCommand {
 
@@ -56,8 +55,8 @@ public RestCommand(@NonNull RestUserManagement restUserManagement) {
   }
 
   @Parser
-  public @NonNull DefaultRestUser defaultRestUserParser(@NonNull CommandContext<?> $, @NonNull Queue<String> input) {
-    var username = input.remove();
+  public @NonNull DefaultRestUser defaultRestUserParser(@NonNull CommandInput input) {
+    var username = input.readString();
     var user = this.restUserManagement.restUserByUsername(username);
     if (user == null) {
       throw new ArgumentNotAvailableException(I18n.trans("module-rest-user-not-found", username));
@@ -74,8 +73,8 @@ public RestCommand(@NonNull RestUserManagement restUserManagement) {
   }
 
   @Parser(name = "restUserScope")
-  public @NonNull String restUserScopeParser(@NonNull CommandContext<?> $, @NonNull Queue<String> input) {
-    var scope = input.remove();
+  public @NonNull String restUserScopeParser(@NonNull CommandInput input) {
+    var scope = input.readString();
     if (RestUser.SCOPE_NAMING_PATTERN.matcher(scope).matches()) {
       return scope;
     }
@@ -86,7 +85,7 @@ public RestCommand(@NonNull RestUserManagement restUserManagement) {
       scope));
   }
 
-  @CommandMethod("rest user create <username> <password>")
+  @Command("rest user create <username> <password>")
   public void createRestUser(
     @NonNull CommandSource source,
     @Argument("username") @Regex(DefaultRestUser.USER_NAMING_REGEX) @NonNull String username,
@@ -109,13 +108,13 @@ public void createRestUser(
     source.sendMessage(I18n.trans("module-rest-user-create-successful", username));
   }
 
-  @CommandMethod("rest user delete <username>")
+  @Command("rest user delete <username>")
   public void deleteRestUser(@NonNull CommandSource source, @Argument("username") @NonNull DefaultRestUser restUser) {
     this.restUserManagement.deleteRestUser(restUser.id());
     source.sendMessage(I18n.trans("module-rest-user-delete-successful", restUser.username()));
   }
 
-  @CommandMethod("rest user <username>")
+  @Command("rest user <username>")
   public void displayUser(@NonNull CommandSource source, @Argument("username") @NonNull DefaultRestUser restUser) {
     source.sendMessage("RestUser " + restUser.id() + ":" + restUser.username());
     source.sendMessage("Scopes:");
@@ -124,7 +123,7 @@ public void displayUser(@NonNull CommandSource source, @Argument("username") @No
     }
   }
 
-  @CommandMethod("rest user <username> add scope <scope>")
+  @Command("rest user <username> add scope <scope>")
   public void addScope(
     @NonNull CommandSource source,
     @Argument("username") @NonNull DefaultRestUser restUser,
@@ -134,13 +133,13 @@ public void addScope(
     source.sendMessage(I18n.trans("module-rest-user-add-scope-successful", restUser.username(), scope));
   }
 
-  @CommandMethod("rest user <username> clear scopes")
+  @Command("rest user <username> clear scopes")
   public void clearScopes(@NonNull CommandSource source, @Argument("username") @NonNull DefaultRestUser restUser) {
     this.updateRestUser(source, restUser, builder -> builder.scopes(Set.of()));
     source.sendMessage(I18n.trans("module-rest-user-clear-scopes-successful", restUser.username()));
   }
 
-  @CommandMethod("rest user <username> remove scope <scope>")
+  @Command("rest user <username> remove scope <scope>")
   public void removeScope(
     @NonNull CommandSource source,
     @Argument("username") @NonNull DefaultRestUser restUser,
@@ -150,7 +149,7 @@ public void removeScope(
     source.sendMessage(I18n.trans("module-rest-user-remove-scope-successful", restUser.username(), scope));
   }
 
-  @CommandMethod("rest user <username> set password <password>")
+  @Command("rest user <username> set password <password>")
   public void setPassword(
     @NonNull CommandSource source,
     @Argument("username") @NonNull DefaultRestUser restUser,
@@ -160,7 +159,7 @@ public void setPassword(
     source.sendMessage(I18n.trans("module-rest-user-password-changed", restUser.username()));
   }
 
-  @CommandMethod("rest user <username> verifyPassword <password>")
+  @Command("rest user <username> verifyPassword <password>")
   public void verifyPassword(
     @NonNull CommandSource source,
     @Argument("username") @NonNull DefaultRestUser restUser,

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/auth/provider/CloudNetJwtAuthProvider.java

@@ -20,13 +20,13 @@
 import eu.cloudnetservice.driver.inject.InjectionLayer;
 import eu.cloudnetservice.ext.modules.rest.CloudNetRestModule;
 import eu.cloudnetservice.ext.modules.rest.auth.util.KeySecurityUtil;
+import eu.cloudnetservice.ext.modules.rest.config.RestConfiguration;
 import eu.cloudnetservice.ext.rest.api.auth.AuthProvider;
 import eu.cloudnetservice.ext.rest.jwt.JwtAuthProvider;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.KeyPair;
-import java.time.Duration;
 import lombok.NonNull;
 
 public final class CloudNetJwtAuthProvider extends JwtAuthProvider {
@@ -35,10 +35,12 @@ public final class CloudNetJwtAuthProvider extends JwtAuthProvider {
   private static final Path PUBLIC_KEY_PATH = Path.of("jwt_sign_key.pub");
 
   public CloudNetJwtAuthProvider() {
-    super("CloudNet Rest",
+    var authConfig = RestConfiguration.get().authConfig();
+    super(
+      "CloudNet Rest",
       readOrGenerateJwtKeyPair(),
-      Duration.ofHours(12),
-      Duration.ofDays(3));
+      authConfig.jwtTokenLifetime(),
+      authConfig.jwtRefreshTokenLifetime());
   }
 
   private static @NonNull KeyPair readOrGenerateJwtKeyPair() {

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/auth/provider/CloudNetTicketAuthProvider.java

@@ -20,23 +20,22 @@
 import eu.cloudnetservice.driver.inject.InjectionLayer;
 import eu.cloudnetservice.ext.modules.rest.CloudNetRestModule;
 import eu.cloudnetservice.ext.modules.rest.auth.util.KeySecurityUtil;
+import eu.cloudnetservice.ext.modules.rest.config.RestConfiguration;
 import eu.cloudnetservice.ext.rest.ticket.TicketAuthProvider;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
-import java.time.Duration;
 import javax.crypto.Mac;
 import lombok.NonNull;
 
 public final class CloudNetTicketAuthProvider extends TicketAuthProvider {
 
   private static final Path HMAC_KEY_PATH = Path.of("ticket_sign_key");
-  private static final Duration TICKET_EXPIRATION_DURATION = Duration.ofSeconds(15);
 
   public CloudNetTicketAuthProvider() {
-    super(TICKET_EXPIRATION_DURATION, readOrGenenerateMAC());
+    super(RestConfiguration.get().authConfig().ticketLifetime(), readOrGenenerateMAC());
   }
 
   private static @NonNull Mac readOrGenenerateMAC() {

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/config/AuthConfiguration.java

@@ -0,0 +1,53 @@
+/*
+ * Copyright 2019-2024 CloudNetService team & contributors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package eu.cloudnetservice.ext.modules.rest.config;
+
+import java.time.Duration;
+import lombok.NonNull;
+
+public record AuthConfiguration(
+  int jwtTokenLifetimeSeconds,
+  int jwtRefreshTokenLifetimeSeconds,
+  int ticketLifetimeSeconds
+) {
+
+  public static final AuthConfiguration DEFAULT_CONFIGURATION = new AuthConfiguration(
+    12 * 60 * 60, // 12h
+    3 * 24 * 60 * 60, // 3d
+    15 // 15s
+  );
+
+  public void validate() {
+    if (this.jwtTokenLifetimeSeconds <= 0
+      || this.jwtRefreshTokenLifetimeSeconds <= 0
+      || this.ticketLifetimeSeconds <= 0) {
+      throw new IllegalStateException("invalid authentication configuration: one lifetime is less or equal to zero");
+    }
+  }
+
+  public @NonNull Duration jwtTokenLifetime() {
+    return Duration.ofSeconds(this.jwtTokenLifetimeSeconds);
+  }
+
+  public @NonNull Duration jwtRefreshTokenLifetime() {
+    return Duration.ofSeconds(this.jwtRefreshTokenLifetimeSeconds);
+  }
+
+  public @NonNull Duration ticketLifetime() {
+    return Duration.ofSeconds(this.ticketLifetimeSeconds);
+  }
+}

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/config/RestConfiguration.java

@@ -16,6 +16,7 @@
 
 package eu.cloudnetservice.ext.modules.rest.config;
 
+import com.google.common.base.Preconditions;
 import eu.cloudnetservice.ext.rest.api.config.ComponentConfig;
 import eu.cloudnetservice.ext.rest.api.config.CorsConfig;
 import eu.cloudnetservice.ext.rest.api.config.HttpProxyMode;
@@ -31,8 +32,9 @@
 public record RestConfiguration(
   int maxContentLength,
   boolean disableNativeTransport,
-  @NonNull CorsConfig cors,
+  @NonNull CorsConfig corsConfig,
   @NonNull HttpProxyMode proxyMode,
+  @NonNull AuthConfiguration authConfig,
   @NonNull List<HostAndPort> httpListeners,
   @NonNull List<ConnectionInfoResolverConfiguration> connectionInfoResolver,
   @Nullable SslConfiguration sslConfiguration
@@ -47,13 +49,29 @@ public record RestConfiguration(
       .allowCredentials(true)
       .build(),
     HttpProxyMode.DISABLED,
+    AuthConfiguration.DEFAULT_CONFIGURATION,
     List.of(new HostAndPort("127.0.0.1", 2812)),
     List.of(),
     null);
 
+  private static RestConfiguration instance;
+
+  public static @NonNull RestConfiguration get() {
+    Preconditions.checkState(instance != null, "rest configuration has not been initialized");
+    return instance;
+  }
+
+  public static void setInstance(@NonNull RestConfiguration config) {
+    instance = config;
+  }
+
+  public void validate() {
+    this.authConfig.validate();
+  }
+
   public @NonNull ComponentConfig toComponentConfig() {
     return ComponentConfig.builder()
-      .corsConfig(this.cors)
+      .corsConfig(this.corsConfig)
       .haProxyMode(this.proxyMode)
       .maxContentLength(this.maxContentLength)
       .sslConfiguration(this.sslConfiguration)

cloudnet-rest-module/src/main/java/eu/cloudnetservice/ext/modules/rest/v3/V3HttpHandlerCluster.java

@@ -18,9 +18,11 @@
 
 import eu.cloudnetservice.driver.document.Document;
 import eu.cloudnetservice.ext.modules.rest.dto.NetworkClusterNodeDto;
+import eu.cloudnetservice.ext.modules.rest.validation.TrueFalse;
 import eu.cloudnetservice.ext.rest.api.HttpMethod;
 import eu.cloudnetservice.ext.rest.api.HttpResponseCode;
 import eu.cloudnetservice.ext.rest.api.annotation.Authentication;
+import eu.cloudnetservice.ext.rest.api.annotation.FirstRequestQueryParam;
 import eu.cloudnetservice.ext.rest.api.annotation.RequestHandler;
 import eu.cloudnetservice.ext.rest.api.annotation.RequestPathParam;
 import eu.cloudnetservice.ext.rest.api.annotation.RequestTypedBody;
@@ -77,6 +79,24 @@ public V3HttpHandlerCluster(@NonNull Configuration configuration, @NonNull NodeS
     return this.nodeServerNotFound(node);
   }
 
+  @EnableValidation
+  @RequestHandler(path = "/api/v3/cluster/{node}/drain", method = HttpMethod.PATCH)
+  @Authentication(
+    providers = "jwt",
+    scopes = {"cloudnet_rest:cluster_write", "cloudnet_rest:cluster_node_change_draining"})
+  public @NonNull IntoResponse<?> handleNodeDrainRequest(
+    @NonNull @RequestPathParam("node") String node,
+    @Valid @TrueFalse @NonNull @FirstRequestQueryParam("draining") String drainingParam
+  ) {
+    var server = this.nodeServerProvider.node(node);
+    if (server == null) {
+      return this.nodeServerNotFound(node);
+    }
+
+    server.drain(Boolean.parseBoolean(drainingParam));
+    return HttpResponseCode.ACCEPTED;
+  }
+
   @RequestHandler(path = "/api/v3/cluster/{node}/command", method = HttpMethod.POST)
   @Authentication(providers = "jwt", scopes = {"cloudnet_rest:cluster_write", "cloudnet_rest:cluster_node_command"})
   public @NonNull IntoResponse<?> handleNodeCommandRequest(