From 93871ff58e90a91d359f72b00a92fe1e28310b82 Mon Sep 17 00:00:00 2001
From: Instrumental <jonathan.gathman@att.com>
Date: Mon, 15 Oct 2018 07:37:28 -0500
Subject: Add Servlet Sample

Includes CA Bootstrap names for K8

Issue-ID: AAF-451
Change-Id: Ibc34a21cad0b38c5d56dbc20d84deb5bf66e9d64
Signed-off-by: Instrumental <jonathan.gathman@att.com>
---
 .../servlet-sample/src/assemble/servlet_sample.xml |  48 ++++++++
 .../java/org/onap/aaf/sample/cadi/MyServlet.java   | 127 +++++++++++++++++++++
 .../org/onap/aaf/sample/cadi/jetty/Config.java     |  45 ++++++++
 .../aaf/sample/cadi/jetty/JettyServletServer.java  | 112 ++++++++++++++++++
 .../aaf/sample/cadi/jetty/JettyStandalone.java     |  46 ++++++++
 .../onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java  | 101 ++++++++++++++++
 .../java/org/onap/aaf/sample/cadi/MyServlet.java   | 127 ---------------------
 .../org/onap/aaf/sample/cadi/jetty/Config.java     |  45 --------
 .../aaf/sample/cadi/jetty/JettyServletServer.java  | 112 ------------------
 .../aaf/sample/cadi/jetty/JettyStandalone.java     |  46 --------
 .../onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java  | 101 ----------------
 11 files changed, 479 insertions(+), 431 deletions(-)
 create mode 100644 cadi/servlet-sample/src/assemble/servlet_sample.xml
 create mode 100644 cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
 create mode 100644 cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/Config.java
 create mode 100644 cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
 create mode 100644 cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
 create mode 100644 cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
 delete mode 100644 cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
 delete mode 100644 cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
 delete mode 100644 cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
 delete mode 100644 cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
 delete mode 100644 cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java

(limited to 'cadi/servlet-sample/src')

diff --git a/cadi/servlet-sample/src/assemble/servlet_sample.xml b/cadi/servlet-sample/src/assemble/servlet_sample.xml
new file mode 100644
index 00000000..cd95cd33
--- /dev/null
+++ b/cadi/servlet-sample/src/assemble/servlet_sample.xml
@@ -0,0 +1,48 @@
+<?xml version='1.0' encoding='utf-8'?>
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
+
+  <id>sample</id>
+  <formats>
+    <format>jar</format>
+  </formats>
+
+  <includeBaseDirectory>false</includeBaseDirectory>
+  <dependencySets>
+    <dependencySet>
+      <unpack>true</unpack>
+      <includes>
+      	<include>org.onap.aaf.authz:aaf-cadi-servlet-sample</include>
+      	<include>javax.servlet:javax.servlet-api</include>
+      	<include>org.eclipse.jetty:jetty-webapp</include>
+      	<include>org.eclipse.jetty:jetty-http</include>
+      	<include>org.eclipse.jetty:jetty-util</include>
+      	<include>org.eclipse.jetty:jetty-server</include>
+      	<include>org.eclipse.jetty:jetty-servlet</include>
+      	<include>org.eclipse.jetty:jetty-io</include>
+      	<include>org.eclipse.jetty:jetty-security</include>
+      	<!-- Note: expects to include cadi-aaf-full jar already delivered -->
+      </includes>
+    </dependencySet>
+  </dependencySets>
+</assembly>
\ No newline at end of file
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
new file mode 100644
index 00000000..7d1eae96
--- /dev/null
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
@@ -0,0 +1,127 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.sample.cadi;
+
+import java.io.IOException;
+import java.security.Principal;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.principal.TaggedPrincipal;
+
+// Uncomment if you utilized the "MiniJASPIWrap" in the Servlet setup in "main()", and want to protect your service via Permission or mapped role
+//    @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
+    public class MyServlet implements Servlet {
+        private ServletConfig servletConfig;
+    
+        public void init(ServletConfig config) throws ServletException {
+            servletConfig = config;
+        }
+    
+        public ServletConfig getServletConfig() {
+            return servletConfig;
+        }
+    
+        public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
+            HttpServletRequest request;
+            try {
+                request = (HttpServletRequest)req;
+            } catch (ClassCastException e) {
+                throw new ServletException("Only serving HTTP today",e);
+            }
+            
+            res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
+                    request.getUserPrincipal());
+            
+            String perm = request.getParameter("PERM");
+            if (perm!=null) {
+                if (request.isUserInRole(perm)) {
+                    if (perm.indexOf('|')<0) { 
+                        res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
+                    } else { 
+                        res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
+                    }
+                } else {
+                    if (perm.indexOf('|')<0) { 
+                        res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
+                    } else {
+                        res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
+                    }
+                }
+            }
+            
+            // You can get the working AAFCon from Trans
+            AAFCon<?> aafcon = AAFCon.obtain(req);
+            if (aafcon!=null) {
+                try {
+                    res.getOutputStream().println("----- Perms JSON from direct call -----");
+                    final Principal up = request.getUserPrincipal();
+                    TaggedPrincipal tp;
+                    if (up instanceof TaggedPrincipal) {
+                        tp = (TaggedPrincipal)up;
+                    } else {
+                        tp = new TaggedPrincipal() {
+                            @Override
+                            public String getName() {
+                                return up.getName();
+                            }
+
+                            @Override
+                            public String tag() {
+                                return "Unknown";
+                            }
+                        };
+                    }
+                    // This call will be "as the user calling", but only if permission is set to trust.
+//                    Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+                    Future<String> future = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+                    if (future.get(4000 /* timeout */)) {
+                        res.getOutputStream().print(future.value);
+                    } else {
+                        System.err.println(future.code() + ", " + future.body());
+                        res.getOutputStream().print(future.code() + ", " + future.body());
+                    }
+                } catch (Exception e) {
+                    e.printStackTrace();
+                }
+            } else {
+                res.getOutputStream().println("No AAFCon instantiated");
+            }
+            res.getOutputStream().print("</pre></body></html>");
+            
+        }
+    
+        public String getServletInfo() {
+            return "MyServlet";
+        }
+    
+        public void destroy() {
+        }
+    }
\ No newline at end of file
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/Config.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/Config.java
new file mode 100644
index 00000000..a45725d7
--- /dev/null
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/Config.java
@@ -0,0 +1,45 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.sample.cadi.jetty;
+
+import java.util.EnumSet;
+
+import javax.servlet.DispatcherType;
+
+import org.eclipse.jetty.webapp.WebAppContext;
+import org.onap.aaf.cadi.filter.CadiFilter;
+
+
+
+public class Config {
+    /**
+     * Method to make jetty configurations (others?) with more complex function possible
+     * 
+     * @param sc
+     */
+    public static final void addToContext(WebAppContext sc, String propFile) {
+        sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
+        sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
+    }
+    
+
+}
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
new file mode 100644
index 00000000..165acffb
--- /dev/null
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
@@ -0,0 +1,112 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.sample.cadi.jetty;
+
+import java.net.Inet4Address;
+import java.util.concurrent.ArrayBlockingQueue;
+
+import javax.servlet.Servlet;
+
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
+import org.eclipse.jetty.server.handler.ContextHandler;
+import org.eclipse.jetty.servlet.FilterHolder;
+import org.eclipse.jetty.servlet.FilterMapping;
+import org.eclipse.jetty.servlet.ServletContextHandler;
+import org.eclipse.jetty.servlet.ServletHandler;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.eclipse.jetty.util.thread.QueuedThreadPool;
+import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.config.SecurityInfo;
+import org.onap.aaf.cadi.filter.CadiFilter;
+
+public abstract class JettyServletServer implements Servlet {
+    
+    public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
+        // Defaults:
+        int blockingQueueSize = 10;
+        int corePoolSize = 10;
+        int maxPoolSize = 10;
+        int keepAliveTime  = 3000;
+        String hostname = access.getProperty(Config.HOSTNAME, null);
+        if (hostname==null) {
+            hostname = Inet4Address.getLocalHost().getHostName();
+        }
+        
+        // Add your own Properties to override defaults
+
+        ArrayBlockingQueue<Runnable> queue = new ArrayBlockingQueue<Runnable>(blockingQueueSize);
+        QueuedThreadPool pool = new QueuedThreadPool(maxPoolSize,corePoolSize,keepAliveTime,queue);
+        Server server = new Server(pool);            
+
+        String protocol;
+        if (access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
+            ServerConnector conn = new ServerConnector(server);
+            conn.setHost(hostname);
+            conn.setPort(port);
+            server.addConnector(conn);
+            protocol = "http";
+        } else {
+            // Setup Security
+            SecurityInfo securityInfo = new SecurityInfo(access);
+            SslContextFactory scf = new SslContextFactory();
+            scf.setSslContext(securityInfo.getSSLContext());
+            scf.setWantClientAuth(true);
+            ServerConnector sslConnector = new ServerConnector(server,scf); 
+            sslConnector.setHost(hostname);
+            sslConnector.setPort(port);
+            server.addConnector(sslConnector);
+            protocol = "https";
+        }
+        
+        // Setup Sample Servlet
+        CadiFilter cf = new CadiFilter(true,access);
+        FilterHolder cfh = new FilterHolder(cf);
+        
+        ServletHandler shand = new ServletHandler();
+        shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
+        // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
+        ServletHolder sh = new ServletHolder();
+        sh.setServlet(servletCls.newInstance());
+        shand.addServletWithMapping(sh,"/*");
+        
+        // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
+        // with the "MiniJSAPIWrap class, as shown here.  Then add "@RolesAllowed" on your 
+        // servlet (see sample).  Use Pipe delimited Permissions, not AAF Roles in the line
+        // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
+        // call initialize after start
+        ContextHandler ch = new ServletContextHandler();
+        ch.setContextPath(context);
+        ch.setHandler(shand);
+        server.setHandler(ch);
+        // Startup the Server
+        server.setStopAtShutdown(true);
+        server.start();
+   
+        access.log(Level.INFO,"TestServlet is running at " + protocol + "://"+hostname+':'+port+context);
+        return server;
+    }
+
+}
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
new file mode 100644
index 00000000..6edd6f5b
--- /dev/null
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
@@ -0,0 +1,46 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.sample.cadi.jetty;
+
+import org.eclipse.jetty.server.Server;
+import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.sample.cadi.MyServlet;
+import org.onap.aaf.cadi.PropAccess;
+
+
+
+
+public class JettyStandalone {
+    public static void main(String[] args) {
+        PropAccess access = new PropAccess(args);
+        try {
+            Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
+            server.join();
+        } catch (Exception e) {
+            access.log(Level.ERROR, e);
+        } finally {
+            access.log(Level.INFO,"Stopping Service");
+        }
+        
+    }    
+
+}
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
new file mode 100644
index 00000000..4d170f3f
--- /dev/null
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
@@ -0,0 +1,101 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.sample.cadi.jetty;
+
+import java.io.IOException;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.UnavailableException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.servlet.ServletHolder;
+import org.onap.aaf.cadi.filter.RolesAllowed;
+
+
+
+/**
+ * MiniJASPIWrap
+ * 
+ * Support the ability to check JASPI Annotation Style Authorizations.
+ * 
+ * This can be a clean way to enforce API Authorization without mistakes in code.
+ * 
+ * @author JonathanGathman
+ *
+ */
+public class MiniJASPIWrap extends ServletHolder {
+    private RolesAllowed rolesAllowed;
+    //private String roles;
+    public MiniJASPIWrap(Class<? extends Servlet> servlet) {
+        super(servlet);
+        this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
+        StringBuilder sb = new StringBuilder();
+        boolean first = true;
+        if (rolesAllowed!=null) {
+            for (String str : rolesAllowed.value()) {
+                if (first)first=false;
+                else sb.append(',');
+                sb.append(str);
+            }
+        }
+        //roles = sb.toString();
+    }
+
+    /**
+     * handle
+     * 
+     * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
+     * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style) 
+     */
+    @Override
+    public void handle(Request baseRequest, ServletRequest request,    ServletResponse response) throws ServletException,    UnavailableException, IOException {
+        if (rolesAllowed==null) {
+            super.handle(baseRequest, request, response);
+        } else { // Validate
+            try {
+                
+                HttpServletRequest hreq = (HttpServletRequest)request;
+                boolean proceed = false;
+                for (String role : rolesAllowed.value()) {
+                    if (hreq.isUserInRole(role)) {
+                        proceed = true;
+                        break;
+                    }
+                }
+                if (proceed) {
+                    super.handle(baseRequest, request, response);
+                } else {
+                    //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
+                    ((HttpServletResponse)response).sendError(403); // forbidden
+                }
+            } catch (ClassCastException e) {
+                throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
+            }
+        }        
+    }
+
+}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
deleted file mode 100644
index 7d1eae96..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
+++ /dev/null
@@ -1,127 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi;
-
-import java.io.IOException;
-import java.security.Principal;
-
-import javax.servlet.Servlet;
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
-import org.onap.aaf.cadi.client.Future;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.principal.TaggedPrincipal;
-
-// Uncomment if you utilized the "MiniJASPIWrap" in the Servlet setup in "main()", and want to protect your service via Permission or mapped role
-//    @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
-    public class MyServlet implements Servlet {
-        private ServletConfig servletConfig;
-    
-        public void init(ServletConfig config) throws ServletException {
-            servletConfig = config;
-        }
-    
-        public ServletConfig getServletConfig() {
-            return servletConfig;
-        }
-    
-        public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
-            HttpServletRequest request;
-            try {
-                request = (HttpServletRequest)req;
-            } catch (ClassCastException e) {
-                throw new ServletException("Only serving HTTP today",e);
-            }
-            
-            res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
-                    request.getUserPrincipal());
-            
-            String perm = request.getParameter("PERM");
-            if (perm!=null) {
-                if (request.isUserInRole(perm)) {
-                    if (perm.indexOf('|')<0) { 
-                        res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
-                    } else { 
-                        res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
-                    }
-                } else {
-                    if (perm.indexOf('|')<0) { 
-                        res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
-                    } else {
-                        res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
-                    }
-                }
-            }
-            
-            // You can get the working AAFCon from Trans
-            AAFCon<?> aafcon = AAFCon.obtain(req);
-            if (aafcon!=null) {
-                try {
-                    res.getOutputStream().println("----- Perms JSON from direct call -----");
-                    final Principal up = request.getUserPrincipal();
-                    TaggedPrincipal tp;
-                    if (up instanceof TaggedPrincipal) {
-                        tp = (TaggedPrincipal)up;
-                    } else {
-                        tp = new TaggedPrincipal() {
-                            @Override
-                            public String getName() {
-                                return up.getName();
-                            }
-
-                            @Override
-                            public String tag() {
-                                return "Unknown";
-                            }
-                        };
-                    }
-                    // This call will be "as the user calling", but only if permission is set to trust.
-//                    Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
-                    Future<String> future = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
-                    if (future.get(4000 /* timeout */)) {
-                        res.getOutputStream().print(future.value);
-                    } else {
-                        System.err.println(future.code() + ", " + future.body());
-                        res.getOutputStream().print(future.code() + ", " + future.body());
-                    }
-                } catch (Exception e) {
-                    e.printStackTrace();
-                }
-            } else {
-                res.getOutputStream().println("No AAFCon instantiated");
-            }
-            res.getOutputStream().print("</pre></body></html>");
-            
-        }
-    
-        public String getServletInfo() {
-            return "MyServlet";
-        }
-    
-        public void destroy() {
-        }
-    }
\ No newline at end of file
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
deleted file mode 100644
index a45725d7..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.util.EnumSet;
-
-import javax.servlet.DispatcherType;
-
-import org.eclipse.jetty.webapp.WebAppContext;
-import org.onap.aaf.cadi.filter.CadiFilter;
-
-
-
-public class Config {
-    /**
-     * Method to make jetty configurations (others?) with more complex function possible
-     * 
-     * @param sc
-     */
-    public static final void addToContext(WebAppContext sc, String propFile) {
-        sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
-        sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
-    }
-    
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
deleted file mode 100644
index 165acffb..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.net.Inet4Address;
-import java.util.concurrent.ArrayBlockingQueue;
-
-import javax.servlet.Servlet;
-
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.handler.ContextHandler;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.FilterMapping;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.PropAccess;
-import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.config.SecurityInfo;
-import org.onap.aaf.cadi.filter.CadiFilter;
-
-public abstract class JettyServletServer implements Servlet {
-    
-    public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
-        // Defaults:
-        int blockingQueueSize = 10;
-        int corePoolSize = 10;
-        int maxPoolSize = 10;
-        int keepAliveTime  = 3000;
-        String hostname = access.getProperty(Config.HOSTNAME, null);
-        if (hostname==null) {
-            hostname = Inet4Address.getLocalHost().getHostName();
-        }
-        
-        // Add your own Properties to override defaults
-
-        ArrayBlockingQueue<Runnable> queue = new ArrayBlockingQueue<Runnable>(blockingQueueSize);
-        QueuedThreadPool pool = new QueuedThreadPool(maxPoolSize,corePoolSize,keepAliveTime,queue);
-        Server server = new Server(pool);            
-
-        String protocol;
-        if (access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
-            ServerConnector conn = new ServerConnector(server);
-            conn.setHost(hostname);
-            conn.setPort(port);
-            server.addConnector(conn);
-            protocol = "http";
-        } else {
-            // Setup Security
-            SecurityInfo securityInfo = new SecurityInfo(access);
-            SslContextFactory scf = new SslContextFactory();
-            scf.setSslContext(securityInfo.getSSLContext());
-            scf.setWantClientAuth(true);
-            ServerConnector sslConnector = new ServerConnector(server,scf); 
-            sslConnector.setHost(hostname);
-            sslConnector.setPort(port);
-            server.addConnector(sslConnector);
-            protocol = "https";
-        }
-        
-        // Setup Sample Servlet
-        CadiFilter cf = new CadiFilter(true,access);
-        FilterHolder cfh = new FilterHolder(cf);
-        
-        ServletHandler shand = new ServletHandler();
-        shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
-        // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
-        ServletHolder sh = new ServletHolder();
-        sh.setServlet(servletCls.newInstance());
-        shand.addServletWithMapping(sh,"/*");
-        
-        // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
-        // with the "MiniJSAPIWrap class, as shown here.  Then add "@RolesAllowed" on your 
-        // servlet (see sample).  Use Pipe delimited Permissions, not AAF Roles in the line
-        // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
-        // call initialize after start
-        ContextHandler ch = new ServletContextHandler();
-        ch.setContextPath(context);
-        ch.setHandler(shand);
-        server.setHandler(ch);
-        // Startup the Server
-        server.setStopAtShutdown(true);
-        server.start();
-   
-        access.log(Level.INFO,"TestServlet is running at " + protocol + "://"+hostname+':'+port+context);
-        return server;
-    }
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
deleted file mode 100644
index 6edd6f5b..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import org.eclipse.jetty.server.Server;
-import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.sample.cadi.MyServlet;
-import org.onap.aaf.cadi.PropAccess;
-
-
-
-
-public class JettyStandalone {
-    public static void main(String[] args) {
-        PropAccess access = new PropAccess(args);
-        try {
-            Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
-            server.join();
-        } catch (Exception e) {
-            access.log(Level.ERROR, e);
-        } finally {
-            access.log(Level.INFO,"Stopping Service");
-        }
-        
-    }    
-
-}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
deleted file mode 100644
index 4d170f3f..00000000
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
+++ /dev/null
@@ -1,101 +0,0 @@
-/**
- * ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- */
-
-package org.onap.aaf.sample.cadi.jetty;
-
-import java.io.IOException;
-
-import javax.servlet.Servlet;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.UnavailableException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.eclipse.jetty.server.Request;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.onap.aaf.cadi.filter.RolesAllowed;
-
-
-
-/**
- * MiniJASPIWrap
- * 
- * Support the ability to check JASPI Annotation Style Authorizations.
- * 
- * This can be a clean way to enforce API Authorization without mistakes in code.
- * 
- * @author JonathanGathman
- *
- */
-public class MiniJASPIWrap extends ServletHolder {
-    private RolesAllowed rolesAllowed;
-    //private String roles;
-    public MiniJASPIWrap(Class<? extends Servlet> servlet) {
-        super(servlet);
-        this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
-        StringBuilder sb = new StringBuilder();
-        boolean first = true;
-        if (rolesAllowed!=null) {
-            for (String str : rolesAllowed.value()) {
-                if (first)first=false;
-                else sb.append(',');
-                sb.append(str);
-            }
-        }
-        //roles = sb.toString();
-    }
-
-    /**
-     * handle
-     * 
-     * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
-     * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style) 
-     */
-    @Override
-    public void handle(Request baseRequest, ServletRequest request,    ServletResponse response) throws ServletException,    UnavailableException, IOException {
-        if (rolesAllowed==null) {
-            super.handle(baseRequest, request, response);
-        } else { // Validate
-            try {
-                
-                HttpServletRequest hreq = (HttpServletRequest)request;
-                boolean proceed = false;
-                for (String role : rolesAllowed.value()) {
-                    if (hreq.isUserInRole(role)) {
-                        proceed = true;
-                        break;
-                    }
-                }
-                if (proceed) {
-                    super.handle(baseRequest, request, response);
-                } else {
-                    //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
-                    ((HttpServletResponse)response).sendError(403); // forbidden
-                }
-            } catch (ClassCastException e) {
-                throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
-            }
-        }        
-    }
-
-}
-- 
cgit 1.2.3-korg