npm - k2hr3-api - Versions diffs - 1.0.42 → 2.0.1 - Mend

k2hr3-api 1.0.42 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/config/k2hr3-init.sh.templ +4 -4
package/dist/.gitkeep +0 -0
package/dist/src/app.js +262 -0
package/{bin → dist/src/bin}/run.sh +1 -1
package/dist/src/bin/watcher.js +113 -0
package/dist/src/bin/www.js +217 -0
package/dist/src/lib/basicipcheck.js +392 -0
package/dist/src/lib/cacerts.js +106 -0
package/dist/src/lib/dbglogging.js +190 -0
package/dist/src/lib/dummyuserapi.js +719 -0
package/dist/src/lib/ipwatch.js +354 -0
package/dist/src/lib/k2hr3acrutil.js +532 -0
package/dist/src/lib/k2hr3apiutil.js +1444 -0
package/dist/src/lib/k2hr3cliutil.js +183 -0
package/dist/src/lib/k2hr3config.js +832 -0
package/dist/src/lib/k2hr3cryptutil.js +258 -0
package/dist/src/lib/k2hr3dkc.js +12121 -0
package/dist/src/lib/k2hr3extdata.js +198 -0
package/dist/src/lib/k2hr3keys.js +207 -0
package/dist/src/lib/k2hr3resutil.js +111 -0
package/dist/src/lib/k2hr3template.js +6546 -0
package/dist/src/lib/k2hr3tokens.js +2643 -0
package/dist/src/lib/k2hr3userdata.js +296 -0
package/dist/src/lib/k8soidc.js +1000 -0
package/dist/src/lib/openstackapiv2.js +695 -0
package/dist/src/lib/openstackapiv3.js +932 -0
package/dist/src/lib/openstackep.js +667 -0
package/{tests/auto_common.js → dist/src/lib/types.js} +4 -38
package/dist/src/routes/acr.js +704 -0
package/dist/src/routes/debugVerify.js +294 -0
package/dist/src/routes/extdata.js +219 -0
package/dist/src/routes/list.js +264 -0
package/dist/src/routes/policy.js +840 -0
package/dist/src/routes/resource.js +1489 -0
package/dist/src/routes/role.js +2627 -0
package/dist/src/routes/service.js +908 -0
package/dist/src/routes/tenant.js +1141 -0
package/dist/src/routes/userTokens.js +482 -0
package/dist/src/routes/userdata.js +212 -0
package/dist/src/routes/version.js +103 -0
package/package.json +152 -121
package/ChangeLog +0 -378
package/app.js +0 -292
package/bin/watcher +0 -122
package/bin/www +0 -180
package/eslint.config.mjs +0 -68
package/lib/basicipcheck.js +0 -376
package/lib/cacerts.js +0 -71
package/lib/dbglogging.js +0 -151
package/lib/dummyuserapi.js +0 -766
package/lib/ipwatch.js +0 -379
package/lib/k2hr3acrutil.js +0 -516
package/lib/k2hr3apiutil.js +0 -1494
package/lib/k2hr3cliutil.js +0 -191
package/lib/k2hr3config.js +0 -826
package/lib/k2hr3cryptutil.js +0 -254
package/lib/k2hr3dkc.js +0 -12632
package/lib/k2hr3extdata.js +0 -198
package/lib/k2hr3keys.js +0 -234
package/lib/k2hr3resutil.js +0 -100
package/lib/k2hr3template.js +0 -6925
package/lib/k2hr3tokens.js +0 -2799
package/lib/k2hr3userdata.js +0 -312
package/lib/k8soidc.js +0 -1012
package/lib/openstackapiv2.js +0 -764
package/lib/openstackapiv3.js +0 -1032
package/lib/openstackep.js +0 -553
package/routes/acr.js +0 -738
package/routes/debugVerify.js +0 -263
package/routes/extdata.js +0 -232
package/routes/list.js +0 -270
package/routes/policy.js +0 -869
package/routes/resource.js +0 -1441
package/routes/role.js +0 -2664
package/routes/service.js +0 -894
package/routes/tenant.js +0 -1095
package/routes/userTokens.js +0 -511
package/routes/userdata.js +0 -218
package/routes/version.js +0 -108
package/templ/Dockerfile.templ +0 -71
package/tests/auto_acr.js +0 -1101
package/tests/auto_acr_spec.js +0 -79
package/tests/auto_all_spec.js +0 -142
package/tests/auto_control_subprocess.sh +0 -243
package/tests/auto_extdata.js +0 -220
package/tests/auto_extdata_spec.js +0 -79
package/tests/auto_init_config_json.sh +0 -275
package/tests/auto_k2hdkc_server.ini +0 -109
package/tests/auto_k2hdkc_slave.ini +0 -83
package/tests/auto_list.js +0 -439
package/tests/auto_list_spec.js +0 -79
package/tests/auto_policy.js +0 -1579
package/tests/auto_policy_spec.js +0 -79
package/tests/auto_resource.js +0 -10956
package/tests/auto_resource_spec.js +0 -79
package/tests/auto_role.js +0 -6150
package/tests/auto_role_spec.js +0 -79
package/tests/auto_service.js +0 -770
package/tests/auto_service_spec.js +0 -79
package/tests/auto_subprocesses.js +0 -114
package/tests/auto_template.sh +0 -126
package/tests/auto_tenant.js +0 -1100
package/tests/auto_tenant_spec.js +0 -79
package/tests/auto_token_util.js +0 -219
package/tests/auto_userdata.js +0 -292
package/tests/auto_userdata_spec.js +0 -79
package/tests/auto_usertokens.js +0 -565
package/tests/auto_usertokens_spec.js +0 -79
package/tests/auto_version.js +0 -127
package/tests/auto_version_spec.js +0 -79
package/tests/auto_watcher.js +0 -157
package/tests/auto_watcher_spec.js +0 -79
package/tests/k2hdkc_test.data +0 -986
package/tests/k2hdkc_test_load.sh +0 -255
package/tests/k2hr3template_test.js +0 -187
package/tests/k2hr3template_test.sh +0 -339
package/tests/k2hr3template_test_async.js +0 -216
package/tests/k2hr3template_test_template.result +0 -7117
package/tests/k2hr3template_test_template.txt +0 -3608
package/tests/k2hr3template_test_vars.js +0 -194
package/tests/manual_acr_delete.js +0 -143
package/tests/manual_acr_get.js +0 -297
package/tests/manual_acr_postput.js +0 -215
package/tests/manual_allusertenant_get.js +0 -113
package/tests/manual_extdata_get.js +0 -191
package/tests/manual_k2hr3keys_get.js +0 -84
package/tests/manual_list_gethead.js +0 -230
package/tests/manual_policy_delete.js +0 -132
package/tests/manual_policy_gethead.js +0 -275
package/tests/manual_policy_postput.js +0 -297
package/tests/manual_resource_delete.js +0 -433
package/tests/manual_resource_gethead.js +0 -423
package/tests/manual_resource_postput.js +0 -487
package/tests/manual_role_delete.js +0 -404
package/tests/manual_role_gethead.js +0 -547
package/tests/manual_role_postput.js +0 -544
package/tests/manual_service_delete.js +0 -153
package/tests/manual_service_gethead.js +0 -178
package/tests/manual_service_postput.js +0 -348
package/tests/manual_tenant_delete.js +0 -186
package/tests/manual_tenant_gethead.js +0 -268
package/tests/manual_tenant_postput.js +0 -293
package/tests/manual_test.sh +0 -352
package/tests/manual_userdata_get.js +0 -173
package/tests/manual_usertoken_gethead.js +0 -136
package/tests/manual_usertoken_postput.js +0 -310
package/tests/manual_version_get.js +0 -127
package/tests/run_local_test_k2hdkc.sh +0 -174
package/tests/test.sh +0 -333

package/routes/acr.js DELETED Viewed

@@ -1,738 +0,0 @@
-/*
- * K2HR3 REST API
- *
- * Copyright 2017 Yahoo Japan Corporation.
- *
- * K2HR3 is K2hdkc based Resource and Roles and policy Rules, gathers
- * common management information for the cloud.
- * K2HR3 can dynamically manage information as "who", "what", "operate".
- * These are stored as roles, resources, policies in K2hdkc, and the
- * client system can dynamically read and modify these information.
- *
- * For the full copyright and license information, please view
- * the license file that was distributed with this source code.
- *
- * AUTHOR:   Takeshi Nakatani
- * CREATE:   Thu Nov 2 2017
- * REVISION:
- *
- */
-'use strict';
-var express	= require('express');
-var router	= express.Router();
-var	r3token	= require('../lib/k2hr3tokens');
-var	apiutil	= require('../lib/k2hr3apiutil');
-var	resutil	= require('../lib/k2hr3resutil');
-var	k2hr3	= require('../lib/k2hr3dkc');
-// Debug logging objects
-var r3logger	= require('../lib/dbglogging');
-//
-// Common utility function
-//
-// Create or update service
-//
-// Result			null(succeed) or error message(failed)
-//
-function rawCreateServiceTenant(token_info, token, tenantname, servicename, callback)
-{
-	var	error = null;
-	if(!apiutil.isSafeEntity(callback) || 'function' !== typeof callback){
-		error = new Error('callback parameter is wrong : callback=' + JSON.stringify(callback));
-		r3logger.elog(error.message);
-		return;
-	}
-	//
-	// Check service name
-	//
-	if(!apiutil.isSafeString(servicename)){
-		error = new Error('service name is wrong.');
-		r3logger.elog(error.message);
-		callback(error, false);
-		return;
-	}
-	//
-	// Check token
-	//
-	if(	!apiutil.isSafeString(token)				||
-		!apiutil.isSafeEntity(token_info)			||
-		!apiutil.isSafeEntity(token_info.scoped)	||
-		'boolean' !== typeof token_info.scoped		||
-		!apiutil.isSafeString(token_info.user)		)
-	{
-		error = new Error('specified wrong token or it is not scoped or no tenant.');
-		r3logger.elog(error.message);
-		callback(error, false);
-		return;
-	}
-	var	user = apiutil.isSafeString(token_info.user) ? token_info.user : null;
-	//
-	// Create service + tenant
-	//
-	if(token_info.scoped){
-		// [NOTE]
-		// The token is scoped to tenant, but if the user exists, we use this token as unscoped.
-		// By using as an unscoped token, the following function creates a scoped token inside it.
-		// Then this logic will not be affected by deletion (one time) of token.
-		//
-		k2hr3.createServiceTenantByScopedToken(tenantname, servicename, token, callback);
-	}else{
-		k2hr3.createServiceTenantByUnscopedToken(tenantname, servicename, token, user, callback);
-	}
-	return;
-}
-//
-// Mountpath				: '/v1/acr'
-//
-// POST '/v1/acr/<service>'	: post service/tenant on version 1
-// HEADER					: X-Auth-Token	=> Unscoped/Scoped User token or Role Token
-// body						:	{
-// 									tenant:	=> tenant name(when unscoped user token)
-//								}
-// response body			: result		=> true/false
-//							  message		=> messages
-//
-router.post('/', function(req, res, next)								// eslint-disable-line no-unused-vars
-{
-	r3logger.dlog('CALL:', req.method, req.url);
-	res.type('application/json; charset=utf-8');
-	var	result = { result: true, message: null };
-	if(	!apiutil.isSafeEntity(req)			||
-		!apiutil.isSafeEntity(req.baseUrl)	)
-	{
-		result = {
-			result: 	false,
-			message:	'POST request is wrong'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	//------------------------------
-	// check token
-	//------------------------------
-	var	token_result = r3token.checkToken(req, false, true);			// (un)scoped user token
-	if(!token_result.result){
-		r3logger.elog(token_result.message);
-		var	_status = token_result.status;
-		delete token_result.status;
-		resutil.errResponse(req, res, _status, token_result);
-		return;
-	}
-	var	token_info = token_result.token_info;
-	var	tenantname = null;
-	if(false === token_info.scoped){
-		//
-		// Unscoped user token : need tenant parameter
-		//
-		if(	!apiutil.isSafeEntity(req.body)			||
-			!apiutil.isSafeString(req.body.tenant)	)
-		{
-			result = {
-				result: 	false,
-				message:	'Specified unscoped user token, but there is not tenant in body data.'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		// get user's tenant list
-		var	tenant_list = r3token.getTenantList(token_info.user);
-		if(null === tenant_list || apiutil.isEmptyArray(tenant_list)){
-			result = {
-				result: 	false,
-				message:	'token(' + token_result.token + ') for user (' + token_info.user + ') does not have any tenant.'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		// check tenant
-		if(!r3token.checkTenantInTenantList(tenant_list, req.body.tenant.toLowerCase())){
-			result = {
-				result: 	false,
-				message:	'user (' + token_info.user + ') is not member of tenant(' + req.body.tenant + ').'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		tenantname = req.body.tenant.toLowerCase();
-	}else{
-		//
-		// Scoped user token : not need tenant parameter
-		//
-		if(	apiutil.isSafeEntity(req.body)			&&
-			apiutil.isSafeString(req.body.tenant)	)
-		{
-			if(!apiutil.compareCaseString(token_info.tenant, req.body.tenant)){
-				result = {
-					result: 	false,
-					message:	'Specified scoped user token and tenant in body data, but these are not same tenant name.'
-				};
-				r3logger.elog(result.message);
-				resutil.errResponse(req, res, 400, result);				// 400: Bad Request
-				return;
-			}
-		}
-		tenantname = token_info.tenant;
-	}
-	//------------------------------
-	// check service path in url
-	//------------------------------
-	var	requestptn	= new RegExp('^/v1/acr/(.*)');						// regex = /^\/v1\/acr\/(.*)/
-	var	reqmatchs	= decodeURI(req.baseUrl).match(requestptn);
-	if(apiutil.isEmptyArray(reqmatchs) || reqmatchs.length < 2 || '' === apiutil.getSafeString(reqmatchs[1])){
-		result = {
-			result: 	false,
-			message:	'POST request url does not have service name'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	servicename		= reqmatchs[1].toLowerCase();
-	//------------------------------
-	// create service + tenant
-	//------------------------------
-	rawCreateServiceTenant(token_info, token_result.token, tenantname, servicename, function(error)
-	{
-		var	resobj = { result: true, message: null };
-		if(null !== error){
-			resobj = {
-				result: 	false,
-				message:	error.message
-			};
-			r3logger.elog(resobj.message);
-			resutil.errResponse(req, res, 403, resobj);					// 403: Forbidden(is this status OK?)
-			return;
-		}
-		res.status(201);												// 201: Created
-		res.send(JSON.stringify(resobj));
-	});
-});
-//
-// Mountpath				: '/v1/acr'
-//
-// PUT '/v1/acr/<service>'	: post service/tenant on version 1
-// HEADER					: X-Auth-Token	=> Unscoped/Scoped User token or Role Token
-// URL arguments			: tenant		=> tenant name(when unscoped user token)
-// response body			: result		=> true/false
-//							  message		=> messages
-//
-router.put('/', function(req, res, next)								// eslint-disable-line no-unused-vars
-{
-	r3logger.dlog('CALL:', req.method, req.url);
-	res.type('application/json; charset=utf-8');
-	var	result = { result: true, message: null };
-	if(	!apiutil.isSafeEntity(req)			||
-		!apiutil.isSafeEntity(req.baseUrl)	)
-	{
-		result = {
-			result: 	false,
-			message:	'PUT request is wrong'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	//------------------------------
-	// check token
-	//------------------------------
-	var	token_result = r3token.checkToken(req, false, true);			// (un)scoped user token
-	if(!token_result.result){
-		r3logger.elog(token_result.message);
-		var	_status = token_result.status;
-		delete token_result.status;
-		resutil.errResponse(req, res, _status, token_result);
-		return;
-	}
-	var	token_info = token_result.token_info;
-	var	tenantname = null;
-	if(false === token_info.scoped){
-		//
-		// Unscoped user token : need tenant parameter
-		//
-		if(	!apiutil.isSafeEntity(req.query)			||
-			!apiutil.isSafeString(req.query.tenant)	)
-		{
-			result = {
-				result: 	false,
-				message:	'Specified unscoped user token, but there is not tenant in argument.'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		// get user's tenant list
-		var	tenant_list = r3token.getTenantList(token_info.user);
-		if(null === tenant_list || apiutil.isEmptyArray(tenant_list)){
-			result = {
-				result: 	false,
-				message:	'token(' + token_result.token + ') for user (' + token_info.user + ') does not have any tenant.'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		// check tenant
-		if(!r3token.checkTenantInTenantList(tenant_list, req.query.tenant.toLowerCase())){
-			result = {
-				result: 	false,
-				message:	'user (' + token_info.user + ') is not member of tenant(' + req.query.tenant + ').'
-			};
-			r3logger.elog(result.message);
-			resutil.errResponse(req, res, 400, result);					// 400: Bad Request
-			return;
-		}
-		tenantname = req.query.tenant.toLowerCase();
-	}else{
-		//
-		// Scoped user token : not need tenant parameter
-		//
-		if(	apiutil.isSafeEntity(req.body)			&&
-			apiutil.isSafeString(req.body.tenant)	)
-		{
-			if(!apiutil.compareCaseString(token_info.tenant, req.body.tenant)){
-				result = {
-					result: 	false,
-					message:	'Specified scoped user token and tenant in body data, but these are not same tenant name.'
-				};
-				r3logger.elog(result.message);
-				resutil.errResponse(req, res, 400, result);				// 400: Bad Request
-				return;
-			}
-		}
-		tenantname = token_info.tenant;
-	}
-	//------------------------------
-	// check service path in url
-	//------------------------------
-	var	requestptn	= new RegExp('^/v1/acr/(.*)');						// regex = /^\/v1\/acr\/(.*)/
-	var	reqmatchs	= decodeURI(req.baseUrl).match(requestptn);
-	if(apiutil.isEmptyArray(reqmatchs) || reqmatchs.length < 2 || '' === apiutil.getSafeString(reqmatchs[1])){
-		result = {
-			result: 	false,
-			message:	'PUT request url does not have service name'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	servicename		= reqmatchs[1].toLowerCase();
-	//------------------------------
-	// create service + tenant
-	//------------------------------
-	rawCreateServiceTenant(token_info, token_result.token, tenantname, servicename, function(error)
-	{
-		var	resobj = { result: true, message: null };
-		if(null !== error){
-			resobj = {
-				result: 	false,
-				message:	error.message
-			};
-			r3logger.elog(resobj.message);
-			resutil.errResponse(req, res, 403, resobj);					// 403: Forbidden(is this status OK?)
-			return;
-		}
-		res.status(201);												// 201: Created
-		res.send(JSON.stringify(resobj));
-	});
-});
-//
-// Utility function for getting Service/Tenant Names
-//
-function rawGetServiceTenantNames(req, res)
-{
-	var	result;
-	if(	!apiutil.isSafeEntity(req)			||
-		!apiutil.isSafeEntity(req.baseUrl)	)
-	{
-		result = {
-			result: 	false,
-			message:	'GET request or url is wrong'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	//------------------------------
-	// check token
-	//------------------------------
-	var	token_result = r3token.checkToken(req, true, true);				// scoped user token
-	if(!token_result.result){
-		r3logger.elog(token_result.message);
-		var	_status = token_result.status;
-		delete token_result.status;
-		resutil.errResponse(req, res, _status, token_result);
-		return;
-	}
-	var	token_info	= token_result.token_info;
-	//
-	// force remove user token(this is one shot!)
-	//
-	r3token.removeScopedUserToken(token_result.token);
-	//------------------------------
-	// check service path in url
-	//------------------------------
-	var	requestptn	= new RegExp('^/v1/acr/(.*)');						// regex = /^\/v1\/acr\/(.*)/
-	var	reqmatchs	= decodeURI(req.baseUrl).match(requestptn);
-	if(apiutil.isEmptyArray(reqmatchs) || reqmatchs.length < 2 || '' === apiutil.getSafeString(reqmatchs[1])){
-		result = {
-			result: 	false,
-			message:	'PUT request url does not have service name'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	servicename	= reqmatchs[1].toLowerCase();
-	//------------------------------
-	// check tenant in service's tenant list
-	//------------------------------
-	result = k2hr3.checkTenantInService(servicename, token_info.tenant);
-	if(!apiutil.isSafeEntity(result) || !apiutil.isSafeEntity(result.result) || false === result.result){
-		if(!apiutil.isSafeEntity(result)){
-			result = {
-				result: 	false,
-				message:	'Could not get service data from checkTenantInService'
-			};
-		}else{
-			if(!apiutil.isSafeEntity(result.result)){
-				result.result	= false;
-			}
-			if(!apiutil.isSafeEntity(result.message)){
-				result.message	= 'Could not get error message in response from checkTenantInService';
-			}
-		}
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 403, result);						// 403: Forbidden(is this status OK?)
-		return;
-	}
-	//------------------------------
-	// make result
-	//------------------------------
-	var	tokeninfo = {
-		user:		token_info.user,
-		tenant:		token_info.tenant,
-		service:	servicename
-	};
-	result = {
-		result: 	true,
-		message:	null,
-		tokeninfo:	tokeninfo
-	};
-	r3logger.dlog('succeed');
-	res.status(200);													// 200: OK
-	res.send(JSON.stringify(result));
-}
-//
-// Utility function for getting Service/Tenant Resources
-//
-function rawGetServiceTenantResources(req, res)
-{
-	var	result;
-	//------------------------------
-	// check request
-	//------------------------------
-	var	sip		= apiutil.getClientIpAddress(req);
-	if(	!apiutil.isSafeEntity(req)				||
-		!apiutil.isSafeString(req.baseUrl)		||
-		!apiutil.isSafeEntity(req.query)		||
-		!apiutil.isSafeString(req.query.cip)	||
-		!apiutil.isSafeString(sip)				||
-		!apiutil.isSafeString(req.query.crole)	||
-		!apiutil.isSafeString(req.query.srole)	)
-	{
-		result = {
-			result: 	false,
-			message:	'GET request or parameters are wrong'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	//------------------------------
-	// port parameters
-	//------------------------------
-	var	cport	= apiutil.isSafeEntity(req.query.cport) ? apiutil.isSafeString(req.query.cport) ? !isNaN(req.query.cport) ? parseInt(req.query.cport) : req.query.cport : req.query.cport : null;
-	var	sport	= apiutil.isSafeEntity(req.query.sport) ? apiutil.isSafeString(req.query.sport) ? !isNaN(req.query.sport) ? parseInt(req.query.sport) : req.query.sport : req.query.sport : null;
-	//------------------------------
-	// cuk parameters
-	//------------------------------
-	var	ccuk	= apiutil.isSafeEntity(req.query.ccuk) ? req.query.ccuk : null;
-	var	scuk	= apiutil.isSafeEntity(req.query.scuk) ? req.query.scuk : null;
-	//------------------------------
-	// check service path in url
-	//------------------------------
-	var	requestptn	= new RegExp('^/v1/acr/(.*)');						// regex = /^\/v1\/acr\/(.*)/
-	var	reqmatchs	= decodeURI(req.baseUrl).match(requestptn);
-	if(apiutil.isEmptyArray(reqmatchs) || reqmatchs.length < 2 || '' === apiutil.getSafeString(reqmatchs[1])){
-		result = {
-			result: 	false,
-			message:	'PUT request url does not have service name'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	servicename	= reqmatchs[1].toLowerCase();
-	//------------------------------
-	// Get ACR resources
-	//------------------------------
-	result = k2hr3.getServiceTenantResources(servicename, sip, sport, scuk, req.query.srole, req.query.cip, cport, ccuk, req.query.crole);
-	if(!apiutil.isSafeEntity(result) || !apiutil.isSafeEntity(result.result) || false === result.result){
-		if(!apiutil.isSafeEntity(result)){
-			result = {
-				result: 	false,
-				message:	'Could not get ACR resources from getServiceTenantResources'
-			};
-		}else{
-			if(!apiutil.isSafeEntity(result.result)){
-				result.result	= false;
-			}
-			if(!apiutil.isSafeEntity(result.message)){
-				result.message	= 'Could not get error message in response from getServiceTenantResources';
-			}
-		}
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 403, result);						// 403: Forbidden(is this status OK?)
-		return;
-	}
-	r3logger.dlog('succeed : ' + JSON.stringify(result));
-	res.status(200);													// 200: OK
-	res.send(JSON.stringify(result));
-}
-//
-// Mountpath				: '/v1/acr'
-//
-// GET '/v1/acr/<service>'	: get service/tenant names on version 1
-// HEADER					: X-Auth-Token		=>	Scoped User token
-// response body			: result			=>	true/false
-//							  message			=>	messages
-//							  tokeninfo			=>	user/tenant information for verify
-//
-//	tokeninfo = {
-//		user:				: <user name>		=>	user name string
-//		tenant:				: <tenant name>		=>	tenant name string
-//		service:			: <service name>	=>	service name string
-//	}
-//
-//
-// GET '/v1/acr/<service>'	: get resource proxying service on version 1
-// URL argument				:
-//		"cip"				: <IP address>		=>	client IP address(client peer address to service) gave by service
-//		"cport"				: <port>			=>	client port number specified by client(proxied by service)
-//													this value is optional
-//		"ccuk"				: <cuk string>		=>	client container unique key
-//													this value is optional
-//		"sport"				: <port>			=>	service port number specified by service
-//													this value is optional
-//		"scuk"				: <cuk string>		=>	service container unique key
-//													this value is optional
-//		"crole"				: <role yrn>		=>	client role full yrn specified by client(proxied by service)
-//		"srole"				: <role yrn>		=>	service role full yrn
-//
-// response body			: result			=>	true/false
-//							  message			=>	messages
-//							  resource			=>	following format
-//
-//	response = [								=>	allowed null/undefined, this object is the result of verify from service at creating service/tenant
-//		{
-//			name			: <resource name>	=>	resource name which is key name(path) for resource
-//			expire			: <expire>			=>	undefined/null or integer
-//			type			: <resource type>	=>	resource data type(string or object), if date is null or '', this value must be string.
-//			data			: <resource data>	=>	resource data which must be string or object or null/undefined.
-//			keys = {		: <resource keys>	=>	resource has keys(associative array), or null/undefined.
-//				'foo':	bar,:					=>	any value is allowed
-//				...
-//			}
-//		},
-//		...
-//	]
-//
-router.get('/', function(req, res, next)
-{
-	r3logger.dlog('CALL:', req.method, req.url);
-	if('GET' !== req.method){
-		// HEAD request comes here, so it should be routed to head function.
-		next();
-		return;
-	}
-	res.type('application/json; charset=utf-8');
-	//------------------------------
-	// check request type
-	//------------------------------
-	if(r3token.hasAuthTokenHeader(req)){
-		//
-		// Get service/tenant name
-		//
-		rawGetServiceTenantNames(req, res);
-	}else{
-		//
-		// Get resources for service/tenant
-		//
-		rawGetServiceTenantResources(req, res);
-	}
-});
-//
-// Mountpath					: '/v1/acr/*'
-//
-// DELETE '/v1/acr/<service>'	: delete service tenant on version 1
-// HEADER						: X-Auth-Token	=> Scoped User token
-// response body				: result		=> true/false
-//
-router.delete('/', function(req, res, next)								// eslint-disable-line no-unused-vars
-{
-	r3logger.dlog('CALL:', req.method, req.url);
-	res.type('application/json; charset=utf-8');
-	var	result;
-	if(	!apiutil.isSafeEntity(req)			||
-		!apiutil.isSafeEntity(req.baseUrl)	)
-	{
-		result = {
-			result: 	false,
-			message:	'DELETE request or url is wrong'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400);								// 400: Bad Request
-		return;
-	}
-	//------------------------------
-	// check token
-	//------------------------------
-	var	token_result = r3token.checkToken(req, true, true);				// scoped user token
-	if(!token_result.result){
-		r3logger.elog(token_result.message);
-		var	_status = token_result.status;
-		delete token_result.status;
-		resutil.errResponse(req, res, _status, token_result);
-		return;
-	}
-	// Check token
-	if(	!apiutil.isSafeString(token_result.token_info.tenant)	||
-		!apiutil.isSafeString(token_result.token_info.user)		)
-	{
-		result = {
-			result: 	false,
-			message:	'specified wrong token or it is not scoped user token'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	tenantname	= token_result.token_info.tenant;
-	var	user		= token_result.token_info.user;
-	//------------------------------
-	// check service path in url
-	//------------------------------
-	var	requestptn	= new RegExp('^/v1/acr/(.*)');						// regex = /^\/v1\/acr\/(.*)/
-	var	reqmatchs	= decodeURI(req.baseUrl).match(requestptn);
-	if(apiutil.isEmptyArray(reqmatchs) || reqmatchs.length < 2 || '' === apiutil.getSafeString(reqmatchs[1])){
-		result = {
-			result: 	false,
-			message:	'DELETE request url does not have service name'
-		};
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 400, result);						// 400: Bad Request
-		return;
-	}
-	var	servicename		= reqmatchs[1].toLowerCase();
-	//------------------------------
-	// remove service + tenant
-	//------------------------------
-	result = k2hr3.removeServiceTenant(user, tenantname, servicename);
-	if(!apiutil.isSafeEntity(result) || !apiutil.isSafeEntity(result.result) || false === result.result){
-		if(!apiutil.isSafeEntity(result)){
-			result = {
-				result: 	false,
-				message:	'Could not get response from removeServiceTenant'
-			};
-		}else{
-			if(!apiutil.isSafeEntity(result.result)){
-				result.result	= false;
-			}
-			if(!apiutil.isSafeEntity(result.message)){
-				result.message	= 'Could not get error message in response from removeServiceTenant';
-			}
-		}
-		r3logger.elog(result.message);
-		resutil.errResponse(req, res, 403);							// 403: Forbidden(is this status OK?)
-		return;
-	}
-	r3logger.dlog('succeed : ' + result.message);
-	res.status(204);												// 204: No Content
-	res.send();
-});
-module.exports = router;
-/*
- * Local variables:
- * tab-width: 4
- * c-basic-offset: 4
- * End:
- * vim600: noexpandtab sw=4 ts=4 fdm=marker
- * vim<600: noexpandtab sw=4 ts=4
- */