diff options
author | Feras Aldahlawi <faldahlawi@gmail.com> | 2021-03-20 00:01:46 +0300 |
---|---|---|
committer | Feras Aldahlawi <faldahlawi@gmail.com> | 2021-08-10 03:55:32 +0300 |
commit | 735ef6d87392d643901ffede8042652b29d8cce7 (patch) | |
tree | 0ac8a6a20cf2cd22195f1629c5566013d1791dc2 | |
parent | 885bbf1c82ea9f9cbfbe0065ee46adc8e398c868 (diff) | |
download | bmcweb-735ef6d87392d643901ffede8042652b29d8cce7.tar.xz |
Add google service root
This commit introduces the following
=> Service root for Google
=> compiler option for the Google Root of Trust specific functionalities
Tested:
curl -vvvv --insecure --user $user_pass https://${bmc}/google/v1
Desing Doc can be found here https://github.com/openbmc/docs/blob/master/designs/oem/google/root_of_trust.md
Change-Id: I941b5cab55179279d0eff18aa29df62c3f226e47
Signed-off-by: Feras Aldahlawi <faldahlawi@gmail.com>
-rw-r--r-- | include/google/google_service_root.hpp | 28 | ||||
-rw-r--r-- | meson.build | 1 | ||||
-rw-r--r-- | meson_options.txt | 1 | ||||
-rw-r--r-- | src/webserver_main.cpp | 5 | ||||
-rw-r--r-- | static/google/v1/$metadata/index.xml | 7 | ||||
-rw-r--r-- | static/google/v1/odata/index.json | 25 | ||||
-rw-r--r-- | static/google/v1/schema/ServiceRoot_v1.xml | 46 |
7 files changed, 113 insertions, 0 deletions
diff --git a/include/google/google_service_root.hpp b/include/google/google_service_root.hpp new file mode 100644 index 0000000000..a80a50071b --- /dev/null +++ b/include/google/google_service_root.hpp @@ -0,0 +1,28 @@ +#pragma once + +#include <app.hpp> +#include <async_resp.hpp> +#include <nlohmann/json.hpp> + +namespace crow +{ +namespace google_api +{ + +inline void requestRoutes(App& app) +{ + BMCWEB_ROUTE(app, "/google/v1/") + .methods(boost::beast::http::verb::get)( + [](const crow::Request&, + const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) { + asyncResp->res.jsonValue["@odata.type"] = + "#GoogleServiceRoot.v1_0_0.GoogleServiceRoot"; + asyncResp->res.jsonValue["@odata.id"] = "/google/v1"; + asyncResp->res.jsonValue["Id"] = "Google Rest RootService"; + asyncResp->res.jsonValue["Name"] = "Google Service Root"; + asyncResp->res.jsonValue["Version"] = "1.0.0"; + }); +} + +} // namespace google_api +} // namespace crow diff --git a/meson.build b/meson.build index bdc514bdc2..f6a66f1462 100644 --- a/meson.build +++ b/meson.build @@ -61,6 +61,7 @@ feature_map = { 'insecure-disable-ssl' : '-DBMCWEB_INSECURE_DISABLE_SSL', 'host-serial-socket' : '-DBMCWEB_ENABLE_HOST_SERIAL_WEBSOCKET', 'ibm-management-console' : '-DBMCWEB_ENABLE_IBM_MANAGEMENT_CONSOLE', +'google-api' : '-DBMCWEB_ENABLE_GOOGLE_API', 'kvm' : '-DBMCWEB_ENABLE_KVM' , 'basic-auth' : '-DBMCWEB_ENABLE_BASIC_AUTHENTICATION', 'session-auth' : '-DBMCWEB_ENABLE_SESSION_AUTHENTICATION', diff --git a/meson_options.txt b/meson_options.txt index 0ab31b87f7..23874027d1 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -27,6 +27,7 @@ option('xtoken-auth', type : 'feature', value : 'enabled', description : '''Enab option('cookie-auth', type : 'feature', value : 'enabled', description : '''Enable cookie authentication''') option('mutual-tls-auth', type : 'feature', value : 'enabled', description : '''Enables authenticating users through TLS client certificates. The insecure-disable-ssl must be disabled for this option to take effect.''') option('ibm-management-console', type : 'feature', value : 'disabled', description : 'Enable the IBM management console specific functionality. Paths are under \'/ibm/v1/\'') +option('google-api', type : 'feature', value : 'disabled', description : 'Enable the Google specific functionality. Paths are under \'/google/v1/\'') option('http-body-limit', type: 'integer', min : 0, max : 512, value : 30, description : 'Specifies the http request body length limit') option('redfish-allow-deprecated-hostname-patch', type : 'feature', value : 'disabled', description : 'Enable/disable Managers/bmc/NetworkProtocol HostName PATCH commands. The default condition is to prevent HostName changes from this URI, following the Redfish schema. Enabling this switch permits the HostName to be PATCHed at this URI. In Q4 2021 this feature will be removed, and the Redfish schema enforced, making the HostName read-only.') option('redfish-allow-deprecated-power-thermal', type : 'feature', value : 'enabled', description : 'Enable/disable the old Power / Thermal. The default condition is allowing the old Power / Thermal.') diff --git a/src/webserver_main.cpp b/src/webserver_main.cpp index c01accd2e9..bf98aae73b 100644 --- a/src/webserver_main.cpp +++ b/src/webserver_main.cpp @@ -6,6 +6,7 @@ #include <cors_preflight.hpp> #include <dbus_monitor.hpp> #include <dbus_singleton.hpp> +#include <google/google_service_root.hpp> #include <hostname_monitor.hpp> #include <ibm/management_console_rest.hpp> #include <image_upload.hpp> @@ -108,6 +109,10 @@ int main(int /*argc*/, char** /*argv*/) crow::ibm_mc_lock::Lock::getInstance(); #endif +#ifdef BMCWEB_ENABLE_GOOGLE_API + crow::google_api::requestRoutes(app); +#endif + if (bmcwebInsecureDisableXssPrevention) { cors_preflight::requestRoutes(app); diff --git a/static/google/v1/$metadata/index.xml b/static/google/v1/$metadata/index.xml new file mode 100644 index 0000000000..57a64afa2f --- /dev/null +++ b/static/google/v1/$metadata/index.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<edmx:Edmx xmlns:edmx="http://docs.oasis-open.org/odata/ns/edmx" Version="4.0"> + <edmx:Reference Uri="/google/v1/schema/ServiceRoot_v1.xml"> + <edmx:Include Namespace="GoogleServiceRoot"/> + <edmx:Include Namespace="GoogleServiceRoot.v1_0_0"/> + </edmx:Reference> +</edmx:Edmx> diff --git a/static/google/v1/odata/index.json b/static/google/v1/odata/index.json new file mode 100644 index 0000000000..3b5896b2b4 --- /dev/null +++ b/static/google/v1/odata/index.json @@ -0,0 +1,25 @@ +{ + "@odata.context": "/google/v1/$metadata", + "value": [ + { + "kind": "Singleton", + "name": "$metadata", + "url": "/google/v1/$metadata" + }, + { + "kind": "Singleton", + "name": "odata", + "url": "/google/v1/odata" + }, + { + "kind": "Singleton", + "name": "Service", + "url": "/google/v1/" + }, + { + "kind": "Singleton", + "name": "ServiceRoot", + "url": "/google/v1/ServiceRoot" + } + ] +} diff --git a/static/google/v1/schema/ServiceRoot_v1.xml b/static/google/v1/schema/ServiceRoot_v1.xml new file mode 100644 index 0000000000..59771b6a5e --- /dev/null +++ b/static/google/v1/schema/ServiceRoot_v1.xml @@ -0,0 +1,46 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!----> +<!--################################################################################ --> +<!--# Google Schema: GoogleServiceRoot v1.0.0 --> +<!--# --> +<!--################################################################################ --> +<!----> +<edmx:Edmx Version="1.0"> + + <edmx:DataServices> + + <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="GoogleServiceRoot"> + + <EntityType Name="ServiceRoot" BaseType="Resource.v1_0_0.Resource" Abstract="true"> + <Annotation Term="OData.Description" String="The GoogleServiceRoot schema describes the root of the Google Service, located at the '/google/v1' URI. All other Resources accessible through the Google interface on this device are linked directly or indirectly from the Service Root."/> + <Annotation Term="OData.LongDescription" String="This Resource represents the root Google Service. All values that this schema describes for Resources shall comply with the Google Specification-described requirements."/> + </EntityType> + + </Schema> + + <Schema xmlns="http://docs.oasis-open.org/odata/ns/edm" Namespace="GoogleServiceRoot.v1_0_0"> + + <EntityContainer Name="ServiceContainer"> + <Singleton Name="Service" Type="ServiceRoot.ServiceRoot"/> + <Singleton Name="JsonSchemas" Type="JsonSchemaFileCollection.JsonSchemaFileCollection"/> + </EntityContainer> + + <EntityType Name="ServiceRoot" BaseType="ServiceRoot.ServiceRoot"> + <Property Name="Version" Type="Edm.String" Nullable="false"> + <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> + <Annotation Term="OData.Description" String="The version of the Google Service."/> + <Annotation Term="OData.LongDescription" String="This property shall represent the Google protocol version."/> + <Annotation Term="Validation.Pattern" String="^\d+\.\d+\.\d+$"/> + </Property> + <NavigationProperty Name="JsonSchemas" Type="JsonSchemaFileCollection.JsonSchemaFileCollection" Nullable="false"> + <Annotation Term="OData.Permissions" EnumMember="OData.Permission/Read"/> + <Annotation Term="OData.Description" String="The link to a collection of JSON Schema files."/> + <Annotation Term="OData.LongDescription" String="This property shall contain a link to a Resource Collection of type JsonSchemaFileCollection."/> + <Annotation Term="OData.AutoExpandReferences"/> + </NavigationProperty> + </EntityType> + + </Schema> + + </edmx:DataServices> +</edmx:Edmx> |