summaryrefslogtreecommitdiffstats
path: root/sidecar/fproxy/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'sidecar/fproxy/src/main')
-rw-r--r--sidecar/fproxy/src/main/bin/start.sh32
-rw-r--r--sidecar/fproxy/src/main/docker/Dockerfile35
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/CredentialCacheConfig.java37
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/FProxyApplication.java74
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/RestTemplateConfig.java70
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/CredentialCache.java37
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/InMemoryCredentialCache.java116
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/utils/CacheUtils.java89
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/data/CredentialCacheData.java72
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/service/ForwardingProxyService.java100
-rw-r--r--sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/util/RequestValidationException.java35
-rw-r--r--sidecar/fproxy/src/main/resources/application.properties14
12 files changed, 711 insertions, 0 deletions
diff --git a/sidecar/fproxy/src/main/bin/start.sh b/sidecar/fproxy/src/main/bin/start.sh
new file mode 100644
index 0000000..53662b6
--- /dev/null
+++ b/sidecar/fproxy/src/main/bin/start.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# ============LICENSE_START=======================================================
+# org.onap.aaf
+# ================================================================================
+# Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+# Copyright © 2017-2018 European Software Marketing Ltd.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+BASEDIR="/opt/app/fproxy"
+
+if [ -z "${KEY_STORE_PASSWORD}" ]; then
+ echo "KEY_STORE_PASSWORD must be set in order to start up process"
+ exit 1
+fi
+
+PROPS="-DKEY_STORE_PASSWORD=${KEY_STORE_PASSWORD}"
+JVM_MAX_HEAP=${MAX_HEAP:-1024}
+
+exec java -Xmx${JVM_MAX_HEAP}m ${PROPS} -jar ${BASEDIR}/fproxy-exec.jar
diff --git a/sidecar/fproxy/src/main/docker/Dockerfile b/sidecar/fproxy/src/main/docker/Dockerfile
new file mode 100644
index 0000000..d91f0e3
--- /dev/null
+++ b/sidecar/fproxy/src/main/docker/Dockerfile
@@ -0,0 +1,35 @@
+FROM ubuntu:14.04
+
+ARG MICRO_HOME=/opt/app/fproxy
+ARG BIN_HOME=$MICRO_HOME/bin
+ARG JAR_FILE=fproxy-exec.jar
+
+RUN apt-get update
+
+# Install and setup java8
+RUN apt-get update && apt-get install -y software-properties-common
+## sudo -E is required to preserve the environment. If you remove that line, it will most like freeze at this step
+RUN sudo -E add-apt-repository ppa:openjdk-r/ppa && apt-get update && apt-get install -y openjdk-8-jdk
+
+RUN sudo dpkg --purge --force-depends ca-certificates-java
+RUN sudo apt-get install ca-certificates-java
+
+## Setup JAVA_HOME, this is useful for docker commandline
+ENV JAVA_HOME usr/lib/jvm/java-8-openjdk-$(dpkg --print-architecture)
+RUN export JAVA_HOME
+
+# Build up the deployment folder structure
+RUN mkdir -p $MICRO_HOME
+COPY ${JAR_FILE} $MICRO_HOME
+RUN mkdir -p $BIN_HOME
+COPY *.sh $BIN_HOME
+RUN chmod 755 $BIN_HOME/*
+RUN ln -s /logs $MICRO_HOME/logs
+RUN mkdir /logs
+# Create the appuser
+RUN groupadd -r appgroup && \
+ useradd -r -u 1001 -g appgroup appuser && \
+ chown -R appuser:appgroup $MICRO_HOME && \
+ chmod 777 /logs
+USER appuser
+CMD ["/opt/app/fproxy/bin/start.sh"]
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/CredentialCacheConfig.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/CredentialCacheConfig.java
new file mode 100644
index 0000000..f433c65
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/CredentialCacheConfig.java
@@ -0,0 +1,37 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy;
+
+import org.onap.aaf.fproxy.cache.CredentialCache;
+import org.onap.aaf.fproxy.cache.InMemoryCredentialCache;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Scope;
+
+@Configuration
+public class CredentialCacheConfig {
+
+ @Bean
+ @Scope("singleton")
+ public CredentialCache inMemoryCredentialCacheSingleton() {
+ return new InMemoryCredentialCache();
+ }
+
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/FProxyApplication.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/FProxyApplication.java
new file mode 100644
index 0000000..d226dc8
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/FProxyApplication.java
@@ -0,0 +1,74 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy;
+
+import java.util.HashMap;
+import javax.annotation.PostConstruct;
+import org.eclipse.jetty.util.security.Password;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+
+@SpringBootApplication
+@PropertySource("file:${CONFIG_HOME}/fproxy.properties")
+public class FProxyApplication extends SpringBootServletInitializer {
+
+ @Autowired
+ private Environment env;
+
+ /**
+ * Spring Boot Initialization.
+ *
+ * @param args main args
+ */
+ public static void main(String[] args) {
+ String keyStorePassword = System.getProperty("KEY_STORE_PASSWORD");
+ if (keyStorePassword == null || keyStorePassword.isEmpty()) {
+ throw new IllegalArgumentException("Env property KEY_STORE_PASSWORD not set");
+ }
+ HashMap<String, Object> props = new HashMap<>();
+ props.put("server.ssl.key-store-password", Password.deobfuscate(keyStorePassword));
+ new FProxyApplication().configure(new SpringApplicationBuilder(FProxyApplication.class).properties(props))
+ .run(args);
+ }
+
+ /**
+ * Set required trust store system properties using values from application.properties
+ */
+ @PostConstruct
+ public void setSystemProperties() {
+ String keyStorePath = env.getProperty("server.ssl.key-store");
+ if (keyStorePath != null) {
+ String keyStorePassword = env.getProperty("server.ssl.key-store-password");
+
+ if (keyStorePassword != null) {
+ System.setProperty("javax.net.ssl.keyStore", keyStorePath);
+ System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
+ System.setProperty("javax.net.ssl.trustStore", keyStorePath);
+ System.setProperty("javax.net.ssl.trustStorePassword", keyStorePassword);
+ } else {
+ throw new IllegalArgumentException("Env property server.ssl.key-store-password not set");
+ }
+ }
+ }
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/RestTemplateConfig.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/RestTemplateConfig.java
new file mode 100644
index 0000000..a1aef28
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/RestTemplateConfig.java
@@ -0,0 +1,70 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import javax.net.ssl.SSLContext;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContextBuilder;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.client.RestTemplateBuilder;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.util.ResourceUtils;
+import org.springframework.web.client.RestTemplate;
+
+@Configuration
+public class RestTemplateConfig {
+
+ @Value("${server.ssl.client-cert}")
+ private String clientCertPath;
+
+ @Value("${server.ssl.key-store-password}")
+ private String clientCertPassword;
+
+ @Profile("secure")
+ @Bean
+ public RestTemplate restTemplate(RestTemplateBuilder builder) throws GeneralSecurityException, IOException {
+ return new RestTemplate(new HttpComponentsClientHttpRequestFactory(getClientBuilder().build()));
+ }
+
+ @Profile("noHostVerification")
+ @Bean
+ public RestTemplate restTemplateNoHostVerification(RestTemplateBuilder builder)
+ throws GeneralSecurityException, IOException {
+ return new RestTemplate(new HttpComponentsClientHttpRequestFactory(
+ getClientBuilder().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE).build()));
+ }
+
+ private HttpClientBuilder getClientBuilder() throws GeneralSecurityException, IOException {
+
+ SSLContext sslContext = SSLContextBuilder.create()
+ .loadKeyMaterial(ResourceUtils.getFile(clientCertPath), clientCertPassword.toCharArray(),
+ clientCertPassword.toCharArray())
+ .loadTrustMaterial(ResourceUtils.getFile(clientCertPath), clientCertPassword.toCharArray()).build();
+
+ return HttpClients.custom().setSSLContext(sslContext);
+ }
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/CredentialCache.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/CredentialCache.java
new file mode 100644
index 0000000..00fe9d4
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/CredentialCache.java
@@ -0,0 +1,37 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.cache;
+
+import org.onap.aaf.fproxy.data.CredentialCacheData;
+import org.springframework.lang.Nullable;
+
+public interface CredentialCache {
+
+ void add(String key, CredentialCacheData value, long periodInMillis);
+
+ void remove(String key);
+
+ @Nullable
+ CredentialCacheData get(String key);
+
+ void clear();
+
+ long size();
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/InMemoryCredentialCache.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/InMemoryCredentialCache.java
new file mode 100644
index 0000000..44ce0cd
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/InMemoryCredentialCache.java
@@ -0,0 +1,116 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.cache;
+
+import java.lang.ref.SoftReference;
+import java.util.Optional;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.DelayQueue;
+import java.util.concurrent.Delayed;
+import java.util.concurrent.TimeUnit;
+import org.onap.aaf.fproxy.data.CredentialCacheData;
+
+public class InMemoryCredentialCache implements CredentialCache {
+
+ private final ConcurrentHashMap<String, SoftReference<CredentialCacheData>> cache = new ConcurrentHashMap<>();
+ private final DelayQueue<DelayedCacheObject> cleaningUpQueue = new DelayQueue<>();
+
+ public InMemoryCredentialCache() {
+ Thread cleanerThread = new Thread(() -> {
+ while (!Thread.currentThread().isInterrupted()) {
+ try {
+ DelayedCacheObject delayedCacheObject = cleaningUpQueue.take();
+ cache.remove(delayedCacheObject.getKey(), delayedCacheObject.getReference());
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ }
+ });
+ cleanerThread.setDaemon(true);
+ cleanerThread.start();
+ }
+
+ @Override
+ public void add(String key, CredentialCacheData value, long periodInMillis) {
+ if (key == null) {
+ return;
+ }
+ if (value == null) {
+ cache.remove(key);
+ } else {
+ long expiryTime = System.currentTimeMillis() + periodInMillis;
+ SoftReference<CredentialCacheData> reference = new SoftReference<>(value);
+ cache.put(key, reference);
+ cleaningUpQueue.put(new DelayedCacheObject(key, reference, expiryTime));
+ }
+ }
+
+ @Override
+ public void remove(String key) {
+ cache.remove(key);
+ }
+
+ @Override
+ public CredentialCacheData get(String key) {
+ return Optional.ofNullable(cache.get(key)).map(SoftReference::get).orElse(null);
+ }
+
+ @Override
+ public void clear() {
+ cache.clear();
+ }
+
+ @Override
+ public long size() {
+ return cache.size();
+ }
+
+ private static class DelayedCacheObject implements Delayed {
+
+ private final String key;
+ private final SoftReference<CredentialCacheData> reference;
+ private final long expiryTime;
+
+ public DelayedCacheObject(String key, SoftReference<CredentialCacheData> reference, long expiryTime) {
+ super();
+ this.key = key;
+ this.reference = reference;
+ this.expiryTime = expiryTime;
+ }
+
+ @Override
+ public long getDelay(TimeUnit unit) {
+ return unit.convert(expiryTime - System.currentTimeMillis(), TimeUnit.MILLISECONDS);
+ }
+
+ @Override
+ public int compareTo(Delayed o) {
+ return Long.compare(expiryTime, ((DelayedCacheObject) o).expiryTime);
+ }
+
+ public String getKey() {
+ return key;
+ }
+
+ public SoftReference<CredentialCacheData> getReference() {
+ return reference;
+ }
+ }
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/utils/CacheUtils.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/utils/CacheUtils.java
new file mode 100644
index 0000000..b80fc32
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/cache/utils/CacheUtils.java
@@ -0,0 +1,89 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.cache.utils;
+
+import javax.servlet.http.HttpServletRequest;
+import org.onap.aaf.fproxy.cache.CredentialCache;
+import org.onap.aaf.fproxy.data.CredentialCacheData;
+import org.onap.aaf.fproxy.data.CredentialCacheData.CredentialType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpHeaders;
+import org.springframework.stereotype.Component;
+import org.springframework.web.util.WebUtils;
+
+@Component
+public class CacheUtils {
+
+ Logger logger = LoggerFactory.getLogger(CacheUtils.class);
+
+ @Autowired
+ private CredentialCache credentialCache;
+
+ @Value("${transactionid.header.name}")
+ private String transactionIdHeaderName;
+
+ public void populateCredentialsFromCache(HttpHeaders headers, HttpServletRequest request) {
+ String transactionId = headers.getFirst(transactionIdHeaderName);
+ if (transactionId != null) {
+ CredentialCacheData cacheData = credentialCache.get(transactionId);
+ if (cacheData == null) {
+ logger.info("Transaction ID {} not found in cache, skipping credential population...", transactionId);
+ } else if (cacheData.getCredentialType().equals(CredentialType.HEADER)) {
+ logger.info("Populating header credentials from cache for transaction ID: {}", transactionId);
+ applyHeaderCacheData(cacheData, headers);
+ } else if (cacheData.getCredentialType().equals(CredentialType.COOKIE)) {
+ logger.info("Populating cookie credentials from cache for transaction ID: {}", transactionId);
+ applyCookieCacheData(cacheData, headers, request);
+ }
+ } else {
+ logger.info("No transaction ID found in request, skipping credential population...");
+ }
+ }
+
+ private void applyHeaderCacheData(CredentialCacheData cacheData, HttpHeaders headers) {
+ String credentialName = cacheData.getCredentialName();
+ if (!headers.containsKey(credentialName)) {
+ headers.add(credentialName, cacheData.getCredentialValue());
+ logger.info("Header credentials successfully populated.");
+ } else {
+ logger.info("Request already contains header with name: {}, skipping credential population...",
+ credentialName);
+ }
+ }
+
+ private void applyCookieCacheData(CredentialCacheData cacheData, HttpHeaders headers, HttpServletRequest request) {
+ String credentialName = cacheData.getCredentialName();
+ // Check if Cookie with same name is already set then skip
+ if (WebUtils.getCookie(request, credentialName) == null) {
+ headers.add(HttpHeaders.COOKIE, cacheData.getCredentialValue());
+ logger.info("Cookie credentials successfully populated.");
+ } else {
+ logger.info("Request already contains cookie with name: {}, skipping credential population...",
+ credentialName);
+ }
+ }
+
+ public void addCredentialsToCache(String transactionId, CredentialCacheData credentialdata, long cacheExpiryMs) {
+ credentialCache.add(transactionId, credentialdata, cacheExpiryMs);
+ }
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/data/CredentialCacheData.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/data/CredentialCacheData.java
new file mode 100644
index 0000000..b72ea08
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/data/CredentialCacheData.java
@@ -0,0 +1,72 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.data;
+
+public class CredentialCacheData {
+
+ public enum CredentialType {
+ HEADER, COOKIE;
+ }
+
+ private String credentialName;
+ private String credentialValue;
+ private CredentialType credentialType;
+
+ public CredentialCacheData() {
+ super();
+ }
+
+ public CredentialCacheData(String credentialName, String credentialValue, CredentialType credentialType) {
+ super();
+ this.credentialName = credentialName;
+ this.credentialValue = credentialValue;
+ this.credentialType = credentialType;
+ }
+
+ public String getCredentialName() {
+ return credentialName;
+ }
+
+ public void setCredentialName(String credentialName) {
+ this.credentialName = credentialName;
+ }
+
+ public String getCredentialValue() {
+ return credentialValue;
+ }
+
+ public void setCredentialValue(String credentialValue) {
+ this.credentialValue = credentialValue;
+ }
+
+ public Enum<CredentialType> getCredentialType() {
+ return credentialType;
+ }
+
+ public void setCredentialType(CredentialType credentialType) {
+ this.credentialType = credentialType;
+ }
+
+ @Override
+ public String toString() {
+ return "CredentialCacheData [credentialName=" + credentialName + ", credentialType=" + credentialType + "]";
+ }
+
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/service/ForwardingProxyService.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/service/ForwardingProxyService.java
new file mode 100644
index 0000000..0d150ba
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/service/ForwardingProxyService.java
@@ -0,0 +1,100 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.service;
+
+import java.net.URI;
+import java.util.Enumeration;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.fproxy.cache.utils.CacheUtils;
+import org.onap.aaf.fproxy.data.CredentialCacheData;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponentsBuilder;
+
+@RestController
+public class ForwardingProxyService {
+
+ Logger logger = LoggerFactory.getLogger(ForwardingProxyService.class);
+
+ private static final long DEFAULT_CACHE_EXPIRY_MS = 180000; // 3 mins
+
+ @Autowired
+ RestTemplate restTemplate;
+
+ @Autowired
+ CacheUtils cacheUtils;
+
+ @Value("${credential.cache.timeout.ms:" + DEFAULT_CACHE_EXPIRY_MS + "}")
+ long cacheExpiryMs;
+
+ @RequestMapping(value = "/credential-cache/{transactionId}", method = RequestMethod.POST)
+ public ResponseEntity<String> addCredentialToCache(@PathVariable("transactionId") String transactionId,
+ @RequestBody CredentialCacheData credentialdata) {
+ logger.info("Updating credential cache with transaction ID: {}", transactionId);
+
+ // Update credential cache
+ logger.debug("Credential data: {}", credentialdata);
+ cacheUtils.addCredentialsToCache(transactionId, credentialdata, cacheExpiryMs);
+
+ logger.info("Credential cache successfully updated with transaction ID: {}", transactionId);
+ return new ResponseEntity<>(transactionId, HttpStatus.OK);
+ }
+
+ @RequestMapping("/**")
+ public ResponseEntity<String> forwardRest(@RequestBody(required = false) String body, HttpMethod method,
+ HttpServletRequest request, HttpServletResponse response) {
+
+ String requestUrl = request.getRequestURI();
+
+ logger.info("Request received: {}", requestUrl);
+
+ URI uri = UriComponentsBuilder.fromHttpUrl(request.getRequestURL().toString()).query(request.getQueryString())
+ .build(true).toUri();
+
+ HttpHeaders headers = new HttpHeaders();
+ Enumeration<String> headerNames = request.getHeaderNames();
+ while (headerNames.hasMoreElements()) {
+ String headerName = headerNames.nextElement();
+ headers.set(headerName, request.getHeader(headerName));
+ }
+
+ cacheUtils.populateCredentialsFromCache(headers, request);
+
+ HttpEntity<String> httpEntity = new HttpEntity<>(body, headers);
+
+ logger.info("Forwarding request...");
+
+ return restTemplate.exchange(uri, method, httpEntity, String.class);
+ }
+}
diff --git a/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/util/RequestValidationException.java b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/util/RequestValidationException.java
new file mode 100644
index 0000000..ce6e162
--- /dev/null
+++ b/sidecar/fproxy/src/main/java/org/onap/aaf/fproxy/util/RequestValidationException.java
@@ -0,0 +1,35 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aaf
+ * ================================================================================
+ * Copyright © 2018 European Software Marketing Ltd.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aaf.fproxy.util;
+
+/** This exception is thrown when the request fails validation. */
+public class RequestValidationException extends Exception {
+
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * Constructor for an instance of this exception with just a message.
+ *
+ * @param message information about the exception
+ */
+ public RequestValidationException(String message) {
+ super(message);
+ }
+}
diff --git a/sidecar/fproxy/src/main/resources/application.properties b/sidecar/fproxy/src/main/resources/application.properties
new file mode 100644
index 0000000..d269c54
--- /dev/null
+++ b/sidecar/fproxy/src/main/resources/application.properties
@@ -0,0 +1,14 @@
+CONFIG_HOME=config
+
+server.port=10680
+server.ssl.key-store=${CONFIG_HOME}/auth/tomcat_keystore
+server.ssl.client-cert=${CONFIG_HOME}/auth/client-cert.p12
+server.ssl.client-auth=need
+
+server.contextPath=/
+
+logging.config=${CONFIG_HOME}/logback-spring.xml
+
+spring.profiles.active=secure
+
+management.endpoints.web.base-path=/fproxy \ No newline at end of file