From b7698cb99d4ad54f7da486a6ffd60a9997425249 Mon Sep 17 00:00:00 2001
From: Tino Vazquez <tinova@opennebula.org>
Date: Fri, 6 Nov 2015 15:25:57 +0100
Subject: [PATCH] feature #4065: Add onegate token to vcenter contextualization
 (cherry picked from commit 497831ab74de7149271090d368672a950eded2f0)

---
 src/vm/VirtualMachine.cc                      |  8 ++--
 src/vmm_mad/remotes/vcenter/vcenter_driver.rb | 47 +++++++++++++++++++
 2 files changed, 51 insertions(+), 4 deletions(-)

diff --git a/src/vm/VirtualMachine.cc b/src/vm/VirtualMachine.cc
index a5f11e2847..04613402de 100644
--- a/src/vm/VirtualMachine.cc
+++ b/src/vm/VirtualMachine.cc
@@ -1059,6 +1059,10 @@ int VirtualMachine::parse_context(string& error_str)
 
         context_parsed->replace("ONEGATE_ENDPOINT", endpoint);
         context_parsed->replace("VMID", oid);
+
+        // The token_password is taken from the owner user's template.
+        // We store this original owner in case a chown operation is performed.
+        add_template_attribute("CREATED_BY", uid);
     }
 
     return rc;
@@ -3271,10 +3275,6 @@ int VirtualMachine::generate_context(string &files, int &disk_id,
             return -1;
         }
 
-        // The token_password is taken from the owner user's template.
-        // We store this original owner in case a chown operation is performed.
-        add_template_attribute("CREATED_BY", uid);
-
         token_file.open(history->token_file.c_str(), ios::out);
 
         if (token_file.fail())
diff --git a/src/vmm_mad/remotes/vcenter/vcenter_driver.rb b/src/vmm_mad/remotes/vcenter/vcenter_driver.rb
index 21b8d6ec67..bcd0763386 100644
--- a/src/vmm_mad/remotes/vcenter/vcenter_driver.rb
+++ b/src/vmm_mad/remotes/vcenter/vcenter_driver.rb
@@ -41,6 +41,7 @@ require 'yaml'
 require 'opennebula'
 require 'base64'
 require 'openssl'
+require 'openssl'
 
 module VCenterDriver
 
@@ -1484,6 +1485,52 @@ private
                 context_text += context_element.name + "='" +
                                 context_element.text.gsub("'", "\\'") + "'\n"
             }
+
+            # OneGate
+            onegate_token_flag = xml.root.elements["/VM/TEMPLATE/CONTEXT/TOKEN"]
+            if onegate_token_flag and onegate_token_flag.text == "YES"
+                # Create the OneGate token string
+                vmid_str  = xml.root.elements["/VM/ID"].text
+                stime_str = xml.root.elements["//HISTORY[SEQ=0]/STIME"].text
+                str_to_encrypt = "#{vmid_str}:#{stime_str}"
+
+                user_id = xml.root.elements['//CREATED_BY'].text
+
+                if user_id.nil?
+                    logger.error {"VMID:#{vmid} CREATED_BY not present" \
+                        " in the VM TEMPLATE"}
+                    return nil
+                end
+
+                user = OpenNebula::User.new_with_id(user_id,
+                                                    OpenNebula::Client.new)
+                rc   = user.info
+
+                if OpenNebula.is_error?(rc)
+                    logger.error {"VMID:#{vmid} user.info" \
+                        " error: #{rc.message}"}
+                    return nil
+                end
+
+                token_password = user['TEMPLATE/TOKEN_PASSWORD']
+
+                if token_password.nil?
+                    logger.error {"VMID:#{vmid} TOKEN_PASSWORD not present"\
+                        " in the USER:#{user_id} TEMPLATE"}
+                    return nil
+                end
+
+                cipher = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
+                cipher.encrypt
+                cipher.key = token_password
+                onegate_token = cipher.update(str_to_encrypt)
+                onegate_token << cipher.final
+
+                onegate_token_64 = Base64.encode64(onegate_token).chop
+
+                context_text += "ONEGATE_TOKEN='#{onegate_token_64}'\n"
+            end
+
             context_text = Base64.encode64(context_text.chop)
             config_array +=
                      [{:key=>"guestinfo.opennebula.context",