From bd890c575163e4d87ac24198b9c68a39cf4bbc4d Mon Sep 17 00:00:00 2001 From: sg481n Date: Mon, 28 Aug 2017 12:11:35 -0400 Subject: Update project structure to org.onap.aaf Update project structure of authz module in aaf from com.att to org.onap.aaf and add distribution management and repositories. Issue-id: AAF-21 Change-Id: Ia2486954e99f2bd60f18122ed60d32d5590781e9 Signed-off-by: sg481n --- .../src/main/java/org/onap/aaf/authz/gw/GwAPI.java | 248 ++++++++++++++ .../main/java/org/onap/aaf/authz/gw/GwCode.java | 45 +++ .../org/onap/aaf/authz/gw/api/API_AAFAccess.java | 363 +++++++++++++++++++++ .../java/org/onap/aaf/authz/gw/api/API_Api.java | 99 ++++++ .../java/org/onap/aaf/authz/gw/api/API_Find.java | 87 +++++ .../java/org/onap/aaf/authz/gw/api/API_Proxy.java | 156 +++++++++ .../java/org/onap/aaf/authz/gw/api/API_TGuard.java | 75 +++++ .../org/onap/aaf/authz/gw/facade/GwFacade.java | 74 +++++ .../onap/aaf/authz/gw/facade/GwFacadeFactory.java | 48 +++ .../org/onap/aaf/authz/gw/facade/GwFacadeImpl.java | 258 +++++++++++++++ .../org/onap/aaf/authz/gw/facade/GwFacade_1_0.java | 40 +++ .../java/org/onap/aaf/authz/gw/mapper/Mapper.java | 33 ++ .../org/onap/aaf/authz/gw/mapper/Mapper_1_0.java | 69 ++++ .../org/onap/aaf/authz/gw/service/GwService.java | 29 ++ .../onap/aaf/authz/gw/service/GwServiceImpl.java | 40 +++ 15 files changed, 1664 insertions(+) create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/GwAPI.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/GwCode.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_AAFAccess.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Api.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Find.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Proxy.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_TGuard.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacade.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeFactory.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeImpl.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacade_1_0.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper_1_0.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwService.java create mode 100644 authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwServiceImpl.java (limited to 'authz-gw/src/main/java/org/onap') diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwAPI.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwAPI.java new file mode 100644 index 00000000..5872e7d3 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwAPI.java @@ -0,0 +1,248 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw; + +import java.net.HttpURLConnection; +import java.util.ArrayList; +import java.util.EnumSet; +import java.util.List; +import java.util.Map; +import java.util.Properties; + +import org.onap.aaf.authz.env.AuthzEnv; +import org.onap.aaf.authz.gw.api.API_AAFAccess; +import org.onap.aaf.authz.gw.api.API_Api; +import org.onap.aaf.authz.gw.api.API_Find; +import org.onap.aaf.authz.gw.api.API_Proxy; +import org.onap.aaf.authz.gw.api.API_TGuard; +import org.onap.aaf.authz.gw.facade.GwFacade_1_0; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.server.AbsServer; +import org.onap.aaf.cache.Cache; +import org.onap.aaf.cache.Cache.Dated; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import com.att.aft.dme2.api.DME2Exception; + +import com.att.aft.dme2.api.DME2Manager; +import com.att.aft.dme2.api.DME2Server; +import com.att.aft.dme2.api.DME2ServerProperties; +import com.att.aft.dme2.api.DME2ServiceHolder; +import com.att.aft.dme2.api.util.DME2FilterHolder; +import com.att.aft.dme2.api.util.DME2FilterHolder.RequestDispatcherType; +import com.att.aft.dme2.api.util.DME2ServletHolder; +import org.onap.aaf.cadi.CadiException; +//import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn; +import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.inno.env.APIException; + +public class GwAPI extends AbsServer { + private static final String USER_PERMS = "userPerms"; + private GwFacade_1_0 facade; // this is the default Facade + private GwFacade_1_0 facade_1_0_XML; + public Map cacheUser; + public final String aafurl; + public final AAFAuthn aafAuthn; + public final AAFLurPerm aafLurPerm; + public DME2Manager dme2Man; + + + /** + * Construct AuthzAPI with all the Context Supporting Routes that Authz needs + * + * @param env + * @param si + * @param dm + * @param decryptor + * @throws APIException + */ + public GwAPI(AuthzEnv env) throws Exception { + super(env,"AAF GW"); + aafurl = env.getProperty(Config.AAF_URL); + + // Setup Logging + //env.setLog4JNames("log4j.properties","authz","gw","audit","init","trace"); + + aafLurPerm = aafCon.newLur(); + // Note: If you need both Authn and Authz construct the following: + aafAuthn = aafCon.newAuthn(aafLurPerm); + + // Initialize Facade for all uses + //AuthzTrans trans = env.newTrans(); + + // facade = GwFacadeFactory.v1_0(env,trans,Data.TYPE.JSON); // Default Facade + // facade_1_0_XML = GwFacadeFactory.v1_0(env,trans,Data.TYPE.XML); + + synchronized(env) { + if(cacheUser == null) { + cacheUser = Cache.obtain(USER_PERMS); + //Cache.startCleansing(env, USER_PERMS); + Cache.addShutdownHook(); // Setup Shutdown Hook to close cache + } + } + + //////////////////////////////////////////////////////////////////////////// + // Time Critical + // These will always be evaluated first + //////////////////////////////////////////////////////////////////////// + API_AAFAccess.init(this,facade); + API_Find.init(this, facade); + API_TGuard.init(this, facade); + API_Proxy.init(this, facade); + + //////////////////////////////////////////////////////////////////////// + // Management APIs + //////////////////////////////////////////////////////////////////////// + // There are several APIs around each concept, and it gets a bit too + // long in this class to create. The initialization of these Management + // APIs have therefore been pushed to StandAlone Classes with static + // init functions + API_Api.init(this, facade); + + //////////////////////////////////////////////////////////////////////// + // Default Function + //////////////////////////////////////////////////////////////////////// + API_AAFAccess.initDefault(this,facade); + + } + + /** + * Setup XML and JSON implementations for each supported Version type + * + * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties + * to do Versions and Content switches + * + */ + public void route(HttpMethods meth, String path, API api, GwCode code) throws Exception { + String version = "1.0"; + // Get Correct API Class from Mapper + Class respCls = facade.mapper().getClass(api); + if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); + // setup Application API HTML ContentTypes for JSON and Route + String application = applicationJSON(respCls, version); + //route(env,meth,path,code,application,"application/json;version="+version,"*/*"); + + // setup Application API HTML ContentTypes for XML and Route + application = applicationXML(respCls, version); + //route(env,meth,path,code.clone(facade_1_0_XML,false),application,"text/xml;version="+version); + + // Add other Supported APIs here as created + } + + public void routeAll(HttpMethods meth, String path, API api, GwCode code) throws Exception { + //route(env,meth,path,code,""); // this will always match + } + + + /** + * Start up AuthzAPI as DME2 Service + * @param env + * @param props + * @throws DME2Exception + * @throws CadiException + */ + public void startDME2(Properties props) throws DME2Exception, CadiException { + + dme2Man = new DME2Manager("GatewayDME2Manager",props); + + DME2ServiceHolder svcHolder; + List slist = new ArrayList(); + svcHolder = new DME2ServiceHolder(); + String serviceName = env.getProperty("DMEServiceName",null); + if(serviceName!=null) { + svcHolder.setServiceURI(serviceName); + svcHolder.setManager(dme2Man); + svcHolder.setContext("/"); + + + + DME2ServletHolder srvHolder = new DME2ServletHolder(this, new String[] {"/dme2","/api"}); + srvHolder.setContextPath("/*"); + slist.add(srvHolder); + + EnumSet edlist = EnumSet.of( + RequestDispatcherType.REQUEST, + RequestDispatcherType.FORWARD, + RequestDispatcherType.ASYNC + ); + + /////////////////////// + // Apply Filters + /////////////////////// + List flist = new ArrayList(); + + // Leave Login page un secured + // AuthzTransOnlyFilter atof = new AuthzTransOnlyFilter(env); + // flist.add(new DME2FilterHolder(atof,"/login", edlist)); + + // Secure all other interactions with AuthzTransFilter +// flist.add(new DME2FilterHolder( +// new AuthzTransFilter(env, aafCon, new AAFTrustChecker( +// env.getProperty(Config.CADI_TRUST_PROP, Config.CADI_USER_CHAIN), +// Define.ROOT_NS + ".mechid|"+Define.ROOT_COMPANY+"|trust" +// )), +// "/*", edlist)); +// + + svcHolder.setFilters(flist); + svcHolder.setServletHolders(slist); + + DME2Server dme2svr = dme2Man.getServer(); +// dme2svr.setGracefulShutdownTimeMs(1000); + + // env.init().log("Starting GW Jetty/DME2 server..."); + dme2svr.start(); + DME2ServerProperties dsprops = dme2svr.getServerProperties(); + try { +// if(env.getProperty("NO_REGISTER",null)!=null) + dme2Man.bindService(svcHolder); +// env.init().log("DME2 is available as HTTP"+(dsprops.isSslEnable()?"/S":""),"on port:",dsprops.getPort()); + + while(true) { // Per DME2 Examples... + Thread.sleep(5000); + } + } catch(InterruptedException e) { + // env.init().log("AAF Jetty Server interrupted!"); + } catch(Exception e) { // Error binding service doesn't seem to stop DME2 or Process + // env.init().log(e,"DME2 Initialization Error"); + dme2svr.stop(); + System.exit(1); + } + } else { + //env.init().log("Properties must contain DMEServiceName"); + } + } + + public static void main(String[] args) { + setup(GwAPI.class,"authGW.props"); + } + +// public void route(PropAccess env, HttpMethods get, String string, GwCode gwCode, String string2, String string3, +// String string4) { +// // TODO Auto-generated method stub +// +// } + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwCode.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwCode.java new file mode 100644 index 00000000..a9e6eb21 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/GwCode.java @@ -0,0 +1,45 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.cssa.rserv.HttpCode; + +public abstract class GwCode extends HttpCode implements Cloneable { + public boolean useJSON; + + public GwCode(GwFacade facade, String description, boolean useJSON, String ... roles) { + super(facade, description, roles); + this.useJSON = useJSON; + } + + public D clone(GwFacade facade, boolean useJSON) throws Exception { + @SuppressWarnings("unchecked") + D d = (D)clone(); + d.useJSON = useJSON; + d.context = facade; + return d; + } + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_AAFAccess.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_AAFAccess.java new file mode 100644 index 00000000..202ec58e --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_AAFAccess.java @@ -0,0 +1,363 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.api; + +import java.io.IOException; +import java.net.ConnectException; +import java.net.MalformedURLException; +import java.net.URI; +import java.security.Principal; + +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.GwAPI; +import org.onap.aaf.authz.gw.GwCode; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cache.Cache.Dated; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import com.att.aft.dme2.internal.jetty.http.HttpStatus; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.Locator; +import org.onap.aaf.cadi.Locator.Item; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.dme2.DME2Locator; +import org.onap.aaf.cadi.principal.BasicPrincipal; +import org.onap.aaf.inno.env.APIException; +import org.onap.aaf.inno.env.Env; +import org.onap.aaf.inno.env.TimeTaken; + +public class API_AAFAccess { + private static final String AUTHZ_DME2_GUI = "com.att.authz.authz-gui"; + static final String AFT_ENVIRONMENT="AFT_ENVIRONMENT"; + static final String AFT_ENV_CONTEXT="AFT_ENV_CONTEXT"; + static final String AFTUAT="AFTUAT"; + + private static final String PROD = "PROD"; + private static final String IST = "IST"; // main NONPROD system + private static final String PERF = "PERF"; + private static final String TEST = "TEST"; + private static final String DEV = "DEV"; + +// private static String service, version, envContext; + private static String routeOffer; + + private static final String GET_PERMS_BY_USER = "Get Perms by User"; + private static final String USER_HAS_PERM ="User Has Perm"; +// private static final String USER_IN_ROLE ="User Has Role"; + private static final String BASIC_AUTH ="AAF Basic Auth"; + + /** + * Normal Init level APIs + * + * @param gwAPI + * @param facade + * @throws Exception + */ + public static void init(final GwAPI gwAPI, GwFacade facade) throws Exception { + String aftenv = gwAPI.env.getProperty(AFT_ENVIRONMENT); + if(aftenv==null) throw new Exception(AFT_ENVIRONMENT + " must be set"); + + int equals, count=0; + for(int slash = gwAPI.aafurl.indexOf('/');slash>0;++count) { + equals = gwAPI.aafurl.indexOf('=',slash)+1; + slash = gwAPI.aafurl.indexOf('/',slash+1); + switch(count) { + case 2: +// service = gwAPI.aafurl.substring(equals, slash); + break; + case 3: +// version = gwAPI.aafurl.substring(equals, slash); + break; + case 4: +// envContext = gwAPI.aafurl.substring(equals, slash); + break; + case 5: + routeOffer = gwAPI.aafurl.substring(equals); + break; + } + } + if(count<6) throw new MalformedURLException(gwAPI.aafurl); + + gwAPI.route(HttpMethods.GET,"/authz/perms/user/:user",API.VOID,new GwCode(facade,GET_PERMS_BY_USER, true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + TimeTaken tt = trans.start(GET_PERMS_BY_USER, Env.SUB); + try { + final String accept = req.getHeader("ACCEPT"); + final String user = pathParam(req,":user"); + if(!user.contains("@")) { + context.error(trans,resp,Result.ERR_BadData,"User [%s] must be fully qualified with domain",user); + return; + } + String key = trans.user() + user + (accept!=null&&accept.contains("xml")?"-xml":"-json"); + TimeTaken tt2 = trans.start("Cache Lookup",Env.SUB); + Dated d; + try { + d = gwAPI.cacheUser.get(key); + } finally { + tt2.done(); + } + + if(d==null || d.data.isEmpty()) { + tt2 = trans.start("AAF Service Call",Env.REMOTE); + try { + gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Void code(Rcli client) throws CadiException, ConnectException, APIException { + Future fp = client.read("/authz/perms/user/"+user,accept); + if(fp.get(5000)) { + gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()))); + resp.setStatus(HttpStatus.OK_200); + ServletOutputStream sos; + try { + sos = resp.getOutputStream(); + sos.print(fp.value); + } catch (IOException e) { + throw new CadiException(e); + } + } else { + gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()))); + context.error(trans,resp,fp.code(),fp.body()); + } + return null; + } + }); + } finally { + tt2.done(); + } + } else { + User u = (User)d.data.get(0); + resp.setStatus(u.code); + ServletOutputStream sos = resp.getOutputStream(); + sos.print(u.resp); + } + } finally { + tt.done(); + } + } + }); + + gwAPI.route(gwAPI.env,HttpMethods.GET,"/authn/basicAuth",new GwCode(facade,BASIC_AUTH, true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, HttpServletResponse resp) throws Exception { + Principal p = trans.getUserPrincipal(); + if(p == null) { + trans.error().log("Transaction not Authenticated... no Principal"); + resp.setStatus(HttpStatus.FORBIDDEN_403); + } else if (p instanceof BasicPrincipal) { + // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok + // otherwise, it wouldn't have gotten here. + resp.setStatus(HttpStatus.OK_200); + } else { + trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans"); + // For Auth Security questions, we don't give any info to client on why failed + resp.setStatus(HttpStatus.FORBIDDEN_403); + } + } + },"text/plain","*/*","*"); + + /** + * Query User Has Perm + */ + gwAPI.route(HttpMethods.GET,"/ask/:user/has/:type/:instance/:action",API.VOID,new GwCode(facade,USER_HAS_PERM, true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, HttpServletResponse resp) throws Exception { + try { + resp.getOutputStream().print( + gwAPI.aafLurPerm.fish(pathParam(req,":user"), new AAFPermission( + pathParam(req,":type"), + pathParam(req,":instance"), + pathParam(req,":action")))); + resp.setStatus(HttpStatus.OK_200); + } catch(Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + + if(AFTUAT.equals(aftenv)) { + gwAPI.route(HttpMethods.GET,"/ist/aaf/:version/:path*",API.VOID ,new GwCode(facade,"Access UAT GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try{ + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, pathParam(req,":version"), IST, routeOffer), + pathParam(req,":path")); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + + gwAPI.route(HttpMethods.GET,"/test/aaf/:version/:path*",API.VOID ,new GwCode(facade,"Access TEST GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try{ + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, pathParam(req,":version"), TEST, routeOffer), + pathParam(req,":path")); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + + gwAPI.route(HttpMethods.GET,"/perf/aaf/:version/:path*",API.VOID ,new GwCode(facade,"Access PERF GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try{ + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, pathParam(req,":version"), PERF, routeOffer), + pathParam(req,":path")); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + + gwAPI.route(HttpMethods.GET,"/dev/aaf/:version/:path*",API.VOID,new GwCode(facade,"Access DEV GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try { + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, pathParam(req,":version"), DEV, routeOffer), + pathParam(req,":path")); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + } else { + gwAPI.route(HttpMethods.GET,"/aaf/:version/:path*",API.VOID,new GwCode(facade,"Access PROD GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try { + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, pathParam(req,":version"), PROD, routeOffer), + pathParam(req,":path")); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + } + + } + + public static void initDefault(final GwAPI gwAPI, GwFacade facade) throws Exception { + String aftenv = gwAPI.env.getProperty(AFT_ENVIRONMENT); + if(aftenv==null) throw new Exception(AFT_ENVIRONMENT + " must be set"); + + String aftctx = gwAPI.env.getProperty(AFT_ENV_CONTEXT); + if(aftctx==null) throw new Exception(AFT_ENV_CONTEXT + " must be set"); + + /** + * "login" url + */ + gwAPI.route(HttpMethods.GET,"/login",API.VOID,new GwCode(facade,"Access " + aftctx + " GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try { + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, "2.0", aftctx, routeOffer), + "login"); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + + /** + * Default URL + */ + gwAPI.route(HttpMethods.GET,"/",API.VOID,new GwCode(facade,"Access " + aftctx + " GUI for AAF", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + try { + redirect(trans, req, resp, context, + new DME2Locator(gwAPI.env, gwAPI.dme2Man, AUTHZ_DME2_GUI, "2.0", aftctx, routeOffer), + "gui/home"); + } catch (LocatorException e) { + context.error(trans, resp, Result.ERR_BadData, e.getMessage()); + } catch (Exception e) { + context.error(trans, resp, Result.ERR_General, e.getMessage()); + } + } + }); + } + + private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, GwFacade context, Locator loc, String path) throws IOException { + try { + if(loc.hasItems()) { + Item item = loc.best(); + URI uri = (URI) loc.get(item); + StringBuilder redirectURL = new StringBuilder(uri.toString()); + redirectURL.append('/'); + redirectURL.append(path); + String str = req.getQueryString(); + if(str!=null) { + redirectURL.append('?'); + redirectURL.append(str); + } + trans.info().log("Redirect to",redirectURL); + resp.sendRedirect(redirectURL.toString()); + } else { + context.error(trans, resp, Result.err(Result.ERR_NotFound,"%s is not valid",req.getPathInfo())); + } + } catch (LocatorException e) { + context.error(trans, resp, Result.err(Result.ERR_NotFound,"No DME2 Endpoints found for %s",req.getPathInfo())); + } + } + + private static class User { + public final int code; + public final String resp; + + public User(int code, String resp) { + this.code = code; + this.resp = resp; + } + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Api.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Api.java new file mode 100644 index 00000000..0a828f92 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Api.java @@ -0,0 +1,99 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.api; + +import static org.onap.aaf.authz.layer.Result.OK; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.GwAPI; +import org.onap.aaf.authz.gw.GwCode; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import com.att.aft.dme2.internal.jetty.http.HttpStatus; +import org.onap.aaf.cadi.Symm; + +/** + * API Apis + * + */ +public class API_Api { + /** + * Normal Init level APIs + * + * @param gwAPI + * @param facade + * @throws Exception + */ + public static void init(final GwAPI gwAPI, GwFacade facade) throws Exception { + //////// + // Overall APIs + /////// + gwAPI.route(HttpMethods.GET,"/api",API.VOID,new GwCode(facade,"Document API", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + Result r = context.getAPI(trans,resp,gwAPI); + switch(r.status) { + case OK: + resp.setStatus(HttpStatus.OK_200); + break; + default: + context.error(trans,resp,r); + } + + } + }); + + //////// + // Overall Examples + /////// + gwAPI.route(HttpMethods.GET,"/api/example/*",API.VOID,new GwCode(facade,"Document API", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + String pathInfo = req.getPathInfo(); + int question = pathInfo.lastIndexOf('?'); + + pathInfo = pathInfo.substring(13, question<0?pathInfo.length():question);// IMPORTANT, this is size of "/api/example/" + String nameOrContextType=Symm.base64noSplit.decode(pathInfo); +// String param = req.getParameter("optional"); + Result r = context.getAPIExample(trans,resp,nameOrContextType, + question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1)) + ); + switch(r.status) { + case OK: + resp.setStatus(HttpStatus.OK_200); + break; + default: + context.error(trans,resp,r); + } + + } + }); + + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Find.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Find.java new file mode 100644 index 00000000..63595f0e --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Find.java @@ -0,0 +1,87 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.api; + +import java.net.URI; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.GwAPI; +import org.onap.aaf.authz.gw.GwCode; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import org.onap.aaf.cadi.Locator; +import org.onap.aaf.cadi.Locator.Item; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.dme2.DME2Locator; + +/** + * API Apis.. using Redirect for mechanism + * + * + */ +public class API_Find { + /** + * Normal Init level APIs + * + * @param gwAPI + * @param facade + * @throws Exception + */ + public static void init(final GwAPI gwAPI, GwFacade facade) throws Exception { + //////// + // Overall APIs + /////// + gwAPI.route(HttpMethods.GET,"/dme2/:service/:version/:envContext/:routeOffer/:path*",API.VOID,new GwCode(facade,"Document API", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + //TODO cache this... + try { + Locator loc = new DME2Locator(gwAPI.env, gwAPI.dme2Man, + pathParam(req,":service"), + pathParam(req,":version"), + pathParam(req,":envContext"), + pathParam(req,":routeOffer") + ); + if(loc.hasItems()) { + Item item = loc.best(); + URI uri = (URI) loc.get(item); + String redirectURL = uri.toString() + '/' + pathParam(req,":path"); + trans.warn().log("Redirect to",redirectURL); + resp.sendRedirect(redirectURL); + } else { + context.error(trans, resp, Result.err(Result.ERR_NotFound,"%s is not valid",req.getPathInfo())); + } + } catch (LocatorException e) { + context.error(trans, resp, Result.err(Result.ERR_NotFound,"No DME2 Endpoints found for %s",req.getPathInfo())); + } + } + }); + + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Proxy.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Proxy.java new file mode 100644 index 00000000..90d754ec --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_Proxy.java @@ -0,0 +1,156 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.api; + +import java.net.ConnectException; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.GwAPI; +import org.onap.aaf.authz.gw.GwCode; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import com.att.aft.dme2.internal.jetty.http.HttpStatus; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.inno.env.APIException; +import org.onap.aaf.inno.env.Env; +import org.onap.aaf.inno.env.TimeTaken; + +/** + * API Apis.. using Redirect for mechanism + * + * + */ +public class API_Proxy { + + /** + * Normal Init level APIs + * + * @param gwAPI + * @param facade + * @throws Exception + */ + public static void init(final GwAPI gwAPI, GwFacade facade) throws Exception { + + String aafurl = gwAPI.env.getProperty(Config.AAF_URL); + if(aafurl==null) { + } else { + + //////// + // Transferring APIs + /////// + gwAPI.routeAll(HttpMethods.GET,"/proxy/:path*",API.VOID,new GwCode(facade,"Proxy GET", true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE); + try { + gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Void code(Rcli client) throws CadiException, ConnectException, APIException { + Future ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200); + ft.get(10000); // Covers return codes and err messages + return null; + } + }); + + } catch (CadiException | APIException e) { + trans.error().log(e); + } finally { + tt.done(); + } + } + }); + + gwAPI.routeAll(HttpMethods.POST,"/proxy/:path*",API.VOID,new GwCode(facade,"Proxy POST", true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE); + try { + gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Void code(Rcli client) throws CadiException, ConnectException, APIException { + Future ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.CREATED_201); + ft.get(10000); // Covers return codes and err messages + return null; + } + }); + } catch (CadiException | APIException e) { + trans.error().log(e); + } finally { + tt.done(); + } + } + }); + + gwAPI.routeAll(HttpMethods.PUT,"/proxy/:path*",API.VOID,new GwCode(facade,"Proxy PUT", true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE); + try { + gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Void code(Rcli client) throws CadiException, ConnectException, APIException { + Future ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200); + ft.get(10000); // Covers return codes and err messages + return null; + } + }); + } catch (CadiException | APIException e) { + trans.error().log(e); + } finally { + tt.done(); + } + } + }); + + gwAPI.routeAll(HttpMethods.DELETE,"/proxy/:path*",API.VOID,new GwCode(facade,"Proxy DELETE", true) { + @Override + public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { + TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE); + try { + gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Void code(Rcli client) throws CadiException, ConnectException, APIException { + Future ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200); + ft.get(10000); // Covers return codes and err messages + return null; + } + }); + } catch (CadiException | APIException e) { + trans.error().log(e); + } finally { + tt.done(); + } + } + }); + } + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_TGuard.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_TGuard.java new file mode 100644 index 00000000..876782fa --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/api/API_TGuard.java @@ -0,0 +1,75 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.api; + +import static org.onap.aaf.authz.layer.Result.OK; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.GwAPI; +import org.onap.aaf.authz.gw.GwCode; +import org.onap.aaf.authz.gw.facade.GwFacade; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cssa.rserv.HttpMethods; + +import com.att.aft.dme2.internal.jetty.http.HttpStatus; + +/** + * API Apis + * + */ +public class API_TGuard { + /** + * Normal Init level APIs + * + * @param gwAPI + * @param facade + * @throws Exception + */ + public static void init(final GwAPI gwAPI, GwFacade facade) throws Exception { + String aftenv = gwAPI.env.getProperty(API_AAFAccess.AFT_ENVIRONMENT); + if(aftenv==null) throw new Exception(API_AAFAccess.AFT_ENVIRONMENT + " must be set"); + + //////// + // Do not deploy these to PROD + /////// + if(API_AAFAccess.AFTUAT.equals(aftenv)) { + gwAPI.route(HttpMethods.GET,"/tguard/:path*",API.VOID,new GwCode(facade,"TGuard Test", true) { + @Override + public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { + Result r = context.getAPI(trans,resp,gwAPI); + switch(r.status) { + case OK: + resp.setStatus(HttpStatus.OK_200); + break; + default: + context.error(trans,resp,r); + } + } + }); + } + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacade.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacade.java new file mode 100644 index 00000000..e5f3919d --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacade.java @@ -0,0 +1,74 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.facade; + +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cssa.rserv.RServlet; + + +/** + * + * + */ +public interface GwFacade { + +///////////////////// STANDARD ELEMENTS ////////////////// + /** + * @param trans + * @param response + * @param result + */ + void error(AuthzTrans trans, HttpServletResponse response, Result result); + + /** + * + * @param trans + * @param response + * @param status + */ + void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail); + + + /** + * + * @param trans + * @param resp + * @param rservlet + * @return + */ + public Result getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet rservlet); + + /** + * + * @param trans + * @param resp + * @param typeCode + * @param optional + * @return + */ + public abstract Result getAPIExample(AuthzTrans trans, HttpServletResponse resp, String typeCode, boolean optional); + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeFactory.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeFactory.java new file mode 100644 index 00000000..30f9ce2a --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeFactory.java @@ -0,0 +1,48 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.facade; + +import org.onap.aaf.authz.env.AuthzEnv; +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.mapper.Mapper_1_0; +import org.onap.aaf.authz.gw.service.GwServiceImpl; + +import org.onap.aaf.inno.env.APIException; +import org.onap.aaf.inno.env.Data; + +import gw.v1_0.Error; +import gw.v1_0.InRequest; +import gw.v1_0.Out; + + +public class GwFacadeFactory { + public static GwFacade_1_0 v1_0(AuthzEnv env, AuthzTrans trans, Data.TYPE type) throws APIException { + return new GwFacade_1_0(env, + new GwServiceImpl< + InRequest, + Out, + Error>(trans,new Mapper_1_0()), + type); + } + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeImpl.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeImpl.java new file mode 100644 index 00000000..fa610669 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/facade/GwFacadeImpl.java @@ -0,0 +1,258 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.facade; + + +import static org.onap.aaf.authz.layer.Result.ERR_ActionNotCompleted; +import static org.onap.aaf.authz.layer.Result.ERR_BadData; +import static org.onap.aaf.authz.layer.Result.ERR_ConflictAlreadyExists; +import static org.onap.aaf.authz.layer.Result.ERR_Denied; +import static org.onap.aaf.authz.layer.Result.ERR_NotFound; +import static org.onap.aaf.authz.layer.Result.ERR_NotImplemented; +import static org.onap.aaf.authz.layer.Result.ERR_Policy; +import static org.onap.aaf.authz.layer.Result.ERR_Security; + +import java.lang.reflect.Method; + +import javax.servlet.http.HttpServletResponse; + +import org.onap.aaf.authz.env.AuthzEnv; +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.mapper.Mapper; +import org.onap.aaf.authz.gw.mapper.Mapper.API; +import org.onap.aaf.authz.gw.service.GwService; +import org.onap.aaf.authz.gw.service.GwServiceImpl; +import org.onap.aaf.authz.layer.FacadeImpl; +import org.onap.aaf.authz.layer.Result; +import org.onap.aaf.cssa.rserv.RServlet; +import org.onap.aaf.cssa.rserv.RouteReport; +import org.onap.aaf.cssa.rserv.doc.ApiDoc; + +import org.onap.aaf.cadi.aaf.client.Examples; +import org.onap.aaf.inno.env.APIException; +import org.onap.aaf.inno.env.Data; +import org.onap.aaf.inno.env.Data.TYPE; +import org.onap.aaf.inno.env.Env; +import org.onap.aaf.inno.env.TimeTaken; +import org.onap.aaf.rosetta.env.RosettaDF; + +import gw.v1_0.Api; + +/** + * AuthzFacade + * + * This Service Facade encapsulates the essence of the API Service can do, and provides + * a single created object for elements such as RosettaDF. + * + * The Responsibilities of this class are to: + * 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage) + * 2) Validate incoming data (if applicable) + * 3) Convert the Service response into the right Format, and mark the Content Type + * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request. + * 4) Log Service info, warnings and exceptions as necessary + * 5) When asked by the API layer, this will create and write Error content to the OutputStream + * + * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be + * clearly coordinated with the API Documentation + * + * + */ +public abstract class GwFacadeImpl extends FacadeImpl implements GwFacade + { + private GwService service; + + private final RosettaDF errDF; + private final RosettaDF apiDF; + + public GwFacadeImpl(AuthzEnv env, GwService service, Data.TYPE dataType) throws APIException { + this.service = service; + (errDF = env.newDataFactory(mapper().getClass(API.ERROR))).in(dataType).out(dataType); + (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType); + } + + public Mapper mapper() { + return service.mapper(); + } + + /* (non-Javadoc) + * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, int) + * + * Note: Conforms to AT&T TSS RESTful Error Structure + */ + @Override + public void error(AuthzTrans trans, HttpServletResponse response, Result result) { + String msg = result.details==null?"":result.details.trim(); + String[] detail; + if(result.variables==null) { + detail = new String[1]; + } else { + int l = result.variables.length; + detail=new String[l+1]; + System.arraycopy(result.variables, 0, detail, 1, l); + } + error(trans, response, result.status,msg,detail); + } + + @Override + public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... _detail) { + String[] detail = _detail; + if(detail.length==0) { + detail=new String[1]; + } + String msgId; + switch(status) { + case 202: + case ERR_ActionNotCompleted: + msgId = "SVC1202"; + detail[0] = "Accepted, Action not complete"; + response.setStatus(/*httpstatus=*/202); + break; + + case 403: + case ERR_Policy: + case ERR_Security: + case ERR_Denied: + msgId = "SVC1403"; + detail[0] = "Forbidden"; + response.setStatus(/*httpstatus=*/403); + break; + + case 404: + case ERR_NotFound: + msgId = "SVC1404"; + detail[0] = "Not Found"; + response.setStatus(/*httpstatus=*/404); + break; + + case 406: + case ERR_BadData: + msgId="SVC1406"; + detail[0] = "Not Acceptable"; + response.setStatus(/*httpstatus=*/406); + break; + + case 409: + case ERR_ConflictAlreadyExists: + msgId = "SVC1409"; + detail[0] = "Conflict Already Exists"; + response.setStatus(/*httpstatus=*/409); + break; + + case 501: + case ERR_NotImplemented: + msgId = "SVC1501"; + detail[0] = "Not Implemented"; + response.setStatus(/*httpstatus=*/501); + break; + + + default: + msgId = "SVC1500"; + detail[0] = "General Service Error"; + response.setStatus(/*httpstatus=*/500); + break; + } + + try { + StringBuilder holder = new StringBuilder(); + errDF.newData(trans).load( + mapper().errorFromMessage(holder,msgId,msg,detail)).to(response.getOutputStream()); + trans.checkpoint( + "ErrResp [" + + msgId + + "] " + + holder.toString(), + Env.ALWAYS); + } catch (Exception e) { + trans.error().log(e,"unable to send response for",msg); + } + } + + /* (non-Javadoc) + * @see com.att.authz.facade.AuthzFacade#getAPI(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse) + */ + public final static String API_REPORT = "apiReport"; + @Override + public Result getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet rservlet) { + TimeTaken tt = trans.start(API_REPORT, Env.SUB); + try { + Api api = new Api(); + Api.Route ar; + Method[] meths = GwServiceImpl.class.getDeclaredMethods(); + for(RouteReport rr : rservlet.routeReport()) { + api.getRoute().add(ar = new Api.Route()); + ar.setMeth(rr.meth.name()); + ar.setPath(rr.path); + ar.setDesc(rr.desc); + ar.getContentType().addAll(rr.contextTypes); + for(Method m : meths) { + ApiDoc ad; + if((ad = m.getAnnotation(ApiDoc.class))!=null && + rr.meth.equals(ad.method()) && + rr.path.equals(ad.path())) { + for(String param : ad.params()) { + ar.getParam().add(param); + } + for(String text : ad.text()) { + ar.getComments().add(text); + } + ar.setExpected(ad.expectedCode()); + for(int ec : ad.errorCodes()) { + ar.getExplicitErr().add(ec); + } + } + } + } + apiDF.newData(trans).load(api).to(resp.getOutputStream()); + setContentType(resp,apiDF.getOutType()); + return Result.ok(); + + } catch (Exception e) { + trans.error().log(e,IN,API_REPORT); + return Result.err(e); + } finally { + tt.done(); + } + } + + public final static String API_EXAMPLE = "apiExample"; + /* (non-Javadoc) + * @see com.att.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String) + */ + @Override + public Result getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) { + TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB); + try { + String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional); + resp.getOutputStream().print(content); + setContentType(resp,content.contains(" +{ + public GwFacade_1_0(AuthzEnv env, GwService service, Data.TYPE type) throws APIException { + super(env, service, type); + } +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper.java new file mode 100644 index 00000000..230e1b3a --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper.java @@ -0,0 +1,33 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.mapper; + +public interface Mapper +{ + public enum API{IN_REQ,OUT,ERROR,VOID}; + public Class getClass(API api); + public A newInstance(API api); + + public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail); + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper_1_0.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper_1_0.java new file mode 100644 index 00000000..ba87631e --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/mapper/Mapper_1_0.java @@ -0,0 +1,69 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.mapper; + +import org.onap.aaf.cadi.util.Vars; + +import gw.v1_0.Error; +import gw.v1_0.InRequest; +import gw.v1_0.Out; + +public class Mapper_1_0 implements Mapper { + + @Override + public Class getClass(API api) { + switch(api) { + case IN_REQ: return InRequest.class; + case OUT: return Out.class; + case ERROR: return Error.class; + case VOID: return Void.class; + } + return null; + } + + @SuppressWarnings("unchecked") + @Override + public A newInstance(API api) { + switch(api) { + case IN_REQ: return (A) new InRequest(); + case OUT: return (A) new Out(); + case ERROR: return (A)new Error(); + case VOID: return null; + } + return null; + } + + ////////////// Mapping Functions ///////////// + @Override + public gw.v1_0.Error errorFromMessage(StringBuilder holder, String msgID, String text,String... var) { + Error err = new Error(); + err.setMessageId(msgID); + // AT&T Restful Error Format requires numbers "%" placements + err.setText(Vars.convert(holder, text, var)); + for(String s : var) { + err.getVariables().add(s); + } + return err; + } + +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwService.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwService.java new file mode 100644 index 00000000..c4f240e5 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwService.java @@ -0,0 +1,29 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.service; + +import org.onap.aaf.authz.gw.mapper.Mapper; + +public interface GwService { + public Mapper mapper(); +} diff --git a/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwServiceImpl.java b/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwServiceImpl.java new file mode 100644 index 00000000..90039252 --- /dev/null +++ b/authz-gw/src/main/java/org/onap/aaf/authz/gw/service/GwServiceImpl.java @@ -0,0 +1,40 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aaf + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package org.onap.aaf.authz.gw.service; + +import org.onap.aaf.authz.env.AuthzTrans; +import org.onap.aaf.authz.gw.mapper.Mapper; + +public class GwServiceImpl + implements GwService { + + private Mapper mapper; + + public GwServiceImpl(AuthzTrans trans, Mapper mapper) { + this.mapper = mapper; + } + + public Mapper mapper() {return mapper;} + +//////////////// APIs /////////////////// +}; -- cgit 1.2.3-korg