Initial drop of rProxy code

The Reverse Proxy sidecar is used to separate the responsibility of
authentication and authorization away from the primary microservice. In
conjunction with the Forward Proxy sidecar, it is responsible for
controlling access to the REST URL endpoints exposed by the primary
microservice, and propogating security credentials to downstream
microservices.

Change-Id: I5d80429e5422d7b3937cde73ac10c2ec00d264e8
Issue-ID: AAI-1604
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>

1 files changed, 143 insertions, 0 deletions

diff --git a/sidecar/rproxy/src/main/java/org/onap/aaf/rproxy/mocks/ReverseProxyMockCadiFilter.java b/sidecar/rproxy/src/main/java/org/onap/aaf/rproxy/mocks/ReverseProxyMockCadiFilter.java
new file mode 100644
index 0000000..10bfc3e
--- /dev/null
+++ b/sidecar/rproxy/src/main/java/org/onap/aaf/rproxy/mocks/ReverseProxyMockCadiFilter.java
@@ -0,0 +1,143 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.rproxy.mocks;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.List;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import org.onap.aaf.cadi.CadiWrap;
+import org.onap.aaf.cadi.Lur;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.principal.TaggedPrincipal;
+import org.onap.aaf.cadi.taf.TafResp;
+
+public class ReverseProxyMockCadiFilter implements Filter {
+
+    private FakeLur fakeLur = new FakeLur();
+
+    static class FakeLur implements Lur {
+
+		@Override
+		public void fishAll(Principal bait, List<Permission> permissions) {
+			
+			final String WildcardPermissionType = "test.wildcard.access";
+			final String MultiplePermissionType = "test.multiple.access";
+			final String TestAuthAccessPermissionType = "test.auth.access";
+			final String PermissionAction = "permission";
+
+			String principalName = bait.getName();
+
+			if (principalName != null && principalName.equals("UserWithInstanceActionWildcardPermissionGranted")) {
+				permissions.add(new AAFPermission(null, WildcardPermissionType, "*", "*"));
+			} 
+			else 
+			if (principalName != null && principalName.equals("UserWithInstanceWildcardPermissionGranted")) {
+				permissions.add(new AAFPermission(null, WildcardPermissionType, "*", PermissionAction));
+			} 
+			else 
+			if (principalName != null && principalName.equals("UserWithActionWildcardPermissionGranted")) {
+					permissions.add(new AAFPermission(null, WildcardPermissionType, "first", "*"));
+				}
+			else {
+
+				// For single permission test
+				permissions.add(new AAFPermission(null, "test.single.access", "single", PermissionAction));
+
+				// For multiple permission test
+				permissions.add(new AAFPermission(null, MultiplePermissionType, "first", PermissionAction));
+				permissions.add(new AAFPermission(null, MultiplePermissionType, "second", PermissionAction));
+				permissions.add(new AAFPermission(null, MultiplePermissionType, "third", PermissionAction));
+
+				// For transaction id test
+				permissions.add(new AAFPermission(null, TestAuthAccessPermissionType, "rest", "write"));
+				permissions.add(new AAFPermission(null, TestAuthAccessPermissionType, "rpc", "write"));
+			}
+		}
+
+        @Override
+        public Permission createPerm(String p) {
+            return null;
+        }
+
+        @Override
+        public boolean fish(Principal bait, Permission... pond) {
+            return false;
+        }
+
+        @Override
+        public void destroy() {
+            // Mock implementation
+        }
+
+        @Override
+        public boolean handlesExclusively(Permission... pond) {
+            return false;
+        }
+
+        @Override
+        public boolean handles(Principal principal) {
+            return false;
+        }
+
+        @Override
+        public void clear(Principal p, StringBuilder report) {
+            // Mock implementation
+        }
+
+    }
+
+    @Override
+    public void destroy() {
+        // Mock implementation
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
+            throws IOException, ServletException {
+    	
+    	String userName = ((HttpServletRequest)servletRequest).getHeader("PermissionsUser");
+
+        TaggedPrincipal mockTaggedPrincipal = mock(TaggedPrincipal.class);
+        when(mockTaggedPrincipal.getName()).thenReturn(userName);
+
+        TafResp tafResponseMock = mock(TafResp.class);
+        when(tafResponseMock.getPrincipal()).thenReturn(mockTaggedPrincipal);
+
+        CadiWrap cadiWrap = new CadiWrap((HttpServletRequest) servletRequest, tafResponseMock, fakeLur);
+        filterChain.doFilter(cadiWrap, servletResponse);
+    }
+
+    @Override
+    public void init(FilterConfig arg0) throws ServletException {
+        // Mock implementation
+    }
+
+}