aboutsummaryrefslogtreecommitdiffstats
path: root/sidecar/rproxy/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'sidecar/rproxy/src/main')
-rw-r--r--sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/ReverseProxyAuthorizationFilter.java10
-rw-r--r--sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/utils/ReverseProxyAuthorization.java5
2 files changed, 12 insertions, 3 deletions
diff --git a/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/ReverseProxyAuthorizationFilter.java b/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/ReverseProxyAuthorizationFilter.java
index 2ef4cc0..5a09f6e 100644
--- a/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/ReverseProxyAuthorizationFilter.java
+++ b/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/ReverseProxyAuthorizationFilter.java
@@ -98,13 +98,15 @@ public class ReverseProxyAuthorizationFilter implements Filter {
}
String requestPath;
+ String requestMethod;
try {
requestPath = new URI(((HttpServletRequest) servletRequest).getRequestURI()).getPath();
+ requestMethod = ((HttpServletRequest)servletRequest).getMethod();
} catch (URISyntaxException e) {
throw new ServletException("Request URI not valid", e);
}
- if (authorizeRequest(grantedPermissions, requestPath)) {
+ if (authorizeRequest(grantedPermissions, requestPath, requestMethod)) {
LOGGER.info("Authorized");
filterChain.doFilter(servletRequest, servletResponse);
} else {
@@ -121,12 +123,14 @@ public class ReverseProxyAuthorizationFilter implements Filter {
*
* @param grantedPermissions The granted permissions for the request path
* @param requestPath The request path
+ * @param requestMethod The request method i.e. HTTP verb e.g. GET, PUT, POST etc
* @return true if permissions match
*/
- private boolean authorizeRequest(List<Permission> grantedPermissions, String requestPath) {
+ private boolean authorizeRequest(List<Permission> grantedPermissions, String requestPath, String requestMethod) {
boolean authorized = false;
for (ReverseProxyAuthorization reverseProxyAuthorization : reverseProxyAuthorizations) {
- if (requestPath.matches(reverseProxyAuthorization.getUri())) {
+ if (requestPath.matches(reverseProxyAuthorization.getUri()) &&
+ requestMethod.matches(reverseProxyAuthorization.getMethod())) {
LOGGER.debug("The URI:{} matches:{}", requestPath, reverseProxyAuthorization.getUri());
if (checkPermissionsMatch(grantedPermissions, reverseProxyAuthorization)) {
authorized = true;
diff --git a/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/utils/ReverseProxyAuthorization.java b/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/utils/ReverseProxyAuthorization.java
index fd9db8e..994121c 100644
--- a/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/utils/ReverseProxyAuthorization.java
+++ b/sidecar/rproxy/src/main/java/org/onap/aaf/cadi/sidecar/rproxy/utils/ReverseProxyAuthorization.java
@@ -22,6 +22,7 @@ package org.onap.aaf.cadi.sidecar.rproxy.utils;
public class ReverseProxyAuthorization {
private String uri;
+ private String method;
private String[] permissions;
public String getUri() {
@@ -31,4 +32,8 @@ public class ReverseProxyAuthorization {
public String[] getPermissions() {
return permissions;
}
+
+ public String getMethod() {
+ return method == null ? "GET" : method;
+ }
}