diff options
Diffstat (limited to 'auth/auth-hello/src/main')
4 files changed, 248 insertions, 0 deletions
diff --git a/auth/auth-hello/src/main/config/.gitignore b/auth/auth-hello/src/main/config/.gitignore new file mode 100644 index 00000000..b8a5bee8 --- /dev/null +++ b/auth/auth-hello/src/main/config/.gitignore @@ -0,0 +1,2 @@ +/log4j.properties +/logging.properties diff --git a/auth/auth-hello/src/main/config/hello.props b/auth/auth-hello/src/main/config/hello.props new file mode 100644 index 00000000..055b15fb --- /dev/null +++ b/auth/auth-hello/src/main/config/hello.props @@ -0,0 +1,29 @@ +## +## AUTHZ GUI (authz-gui) Properties +## + +hostname=_HOSTNAME_ + +## DISCOVERY (DME2) Parameters on the Command Line +AFT_LATITUDE=_AFT_LATITUDE_ +AFT_LONGITUDE=_AFT_LONGITUDE_ +AFT_ENVIRONMENT=_AFT_ENVIRONMENT_ +DEPLOYED_VERSION=_ARTIFACT_VERSION_ + +## Pull in common/security properties + +cadi_prop_files=_COMMON_DIR_/com.att.aaf.common.props:_COMMON_DIR_/com.att.aaf.props + +##DME2 related parameters +DMEServiceName=service=com.att.authz.authz-gui/version=_MAJOR_VER_._MINOR_VER_._PATCH_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_ +AFT_DME2_PORT_RANGE=_AUTHZ_HELLO_PORT_RANGE_ + +# Turn on both AAF TAF & LUR 2.0 +aaf_url=https://DME2RESOLVE/service=com.att.authz.AuthorizationService/version=_MAJOR_VER_._MINOR_VER_/envContext=_ENV_CONTEXT_/routeOffer=_ROUTE_OFFER_ +# 1 min cache changes (when left alone) +aaf_user_expires=60000 + +# CSP +csp_domain=PROD + + diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java new file mode 100644 index 00000000..97448bdd --- /dev/null +++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java @@ -0,0 +1,129 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + + +package org.onap.aaf.auth.hello; + +import java.util.Map; + +import javax.servlet.Filter; + +import org.onap.aaf.auth.cache.Cache.Dated; +import org.onap.aaf.auth.env.AuthzEnv; +import org.onap.aaf.auth.env.AuthzTrans; +import org.onap.aaf.auth.env.AuthzTransFilter; +import org.onap.aaf.auth.rserv.HttpCode; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.auth.server.AbsService; +import org.onap.aaf.auth.server.JettyServiceStarter; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; +import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.register.Registrant; +import org.onap.aaf.cadi.register.RemoteRegistrant; +import org.onap.aaf.misc.env.APIException; +import org.onap.aaf.misc.env.Env; + +public class AAF_Hello extends AbsService<AuthzEnv,AuthzTrans> { + public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID}; + public Map<String, Dated> cacheUser; + public AAFAuthn<?> aafAuthn; + public AAFLurPerm aafLurPerm; + + /** + * Construct AuthzAPI with all the Context Supporting Routes that Authz needs + * + * @param env + * @param si + * @param dm + * @param decryptor + * @throws APIException + */ + public AAF_Hello(final AuthzEnv env) throws Exception { + super(env.access(), env); + + aafLurPerm = aafCon().newLur(); + // Note: If you need both Authn and Authz construct the following: + aafAuthn = aafCon().newAuthn(aafLurPerm); + + String aaf_env = env.getProperty(Config.AAF_ENV); + if(aaf_env==null) { + throw new APIException("aaf_env needs to be set"); + } + + // Initialize Facade for all uses + AuthzTrans trans = env.newTrans(); + StringBuilder sb = new StringBuilder(); + trans.auditTrail(2, sb); + trans.init().log(sb); + + API_Hello.init(this); +} + + /** + * Setup XML and JSON implementations for each supported Version type + * + * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties + * to do Versions and Content switches + * + */ + public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, AAF_Hello> code) throws Exception { + String version = "1.0"; + // Get Correct API Class from Mapper + route(env,meth,path,code,"text/plain;version="+version,"*/*"); + } + + @Override + public Filter[] filters() throws CadiException, LocatorException { + try { + return new Filter[] { + new AuthzTransFilter(env,aafCon(), + new AAFTrustChecker((Env)env)) + }; + } catch (NumberFormatException e) { + throw new CadiException("Invalid Property information", e); + } + } + + @SuppressWarnings("unchecked") + @Override + public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException { + return new Registrant[] { + new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port) + }; + } + + public static void main(final String[] args) { + PropAccess propAccess = new PropAccess(args); + try { + AAF_Hello service = new AAF_Hello(new AuthzEnv(propAccess)); +// env.setLog4JNames("log4j.properties","authz","hello","audit","init","trace"); + JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service); + jss.start(); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java new file mode 100644 index 00000000..e2252236 --- /dev/null +++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java @@ -0,0 +1,88 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.hello; + +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.auth.env.AuthzTrans; +import org.onap.aaf.auth.hello.AAF_Hello.API; +import org.onap.aaf.auth.rserv.HttpCode; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.misc.env.Env; +import org.onap.aaf.misc.env.TimeTaken; + +/** + * API Apis + * @author Jonathan + * + */ +public class API_Hello { + + + // Hide Public Constructor + private API_Hello() {} + + /** + * Normal Init level APIs + * + * @param oauthHello + * @param facade + * @throws Exception + */ + public static void init(final AAF_Hello oauthHello) throws Exception { + //////// + // Overall APIs + /////// + oauthHello.route(HttpMethods.GET,"/hello/:perm*",API.TOKEN,new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"Hello OAuth"){ + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + resp.setStatus(200 /* OK */); + ServletOutputStream os = resp.getOutputStream(); + os.print("Hello AAF "); + String perm = pathParam(req, "perm"); + if(perm!=null && perm.length()>0) { + os.print('('); + os.print(req.getUserPrincipal().getName()); + TimeTaken tt = trans.start("Authorize perm", Env.REMOTE); + try { + if(req.isUserInRole(perm)) { + os.print(" has "); + } else { + os.print(" does not have "); + } + } finally { + tt.done(); + } + os.print("Permission: "); + os.print(perm); + os.print(')'); + } + os.println(); + + trans.info().printf("Said 'Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName()); + } + }); + + } +} |