Fix Babel authorisation mechanismv1.2.02.0.0-ONAPbeijing2.0.0-ONAP

Change-Id: Iae3139b33e315fae0c205fd7e0df67554d91cd5b
Issue-ID: AAI-1126
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>

5 files changed, 29 insertions, 50 deletions

diff --git a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java
index 67eee9a..0412c1a 100644
--- a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java
+++ b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java
@@ -51,30 +51,6 @@ public class AAIMicroServiceAuth {
     }
 
     /**
-     * @param username
-     * @param policyFunction
-     * @return
-     * @throws AAIAuthException
-     */
-    public boolean authorize(String username, String policyFunction) throws AAIAuthException {
-        return AAIMicroServiceAuthCore.authorize(username, policyFunction);
-    }
-
-    /**
-     * @param authUser
-     * @param policyFunction
-     * @return
-     * @throws AAIAuthException
-     */
-    public String authenticate(String authUser, String policyFunction) throws AAIAuthException {
-        if (authorize(authUser, policyFunction)) {
-            return "OK";
-        } else {
-            return "AAI_9101";
-        }
-    }
-
-    /**
      * @param headers
      * @param req
      * @param action
@@ -94,11 +70,7 @@ public class AAIMicroServiceAuth {
         }
 
         String[] ps = apiPath.split("/");
-        String authPolicyFunctionName = ps[0];
-        if (ps.length > 1 && authPolicyFunctionName.matches("v\\d+")) {
-            authPolicyFunctionName = ps[1];
-        }
-
+        String authPolicyFunctionName = ps[ps.length - 1];
         String cipherSuite = (String) req.getAttribute("javax.servlet.request.cipher_suite");
         String authUser = null;
 
@@ -110,7 +82,8 @@ public class AAIMicroServiceAuth {
         }
 
         if (authUser != null) {
-            return "OK".equals(authenticate(authUser.toLowerCase(), action.toString() + ":" + authPolicyFunctionName));
+            return AAIMicroServiceAuthCore.authorize(authUser.toLowerCase(),
+                    action.toString() + ":" + authPolicyFunctionName);
         } else {
             return false;
         }
diff --git a/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java b/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
index 17d0b65..532d8c7 100644
--- a/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
+++ b/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
@@ -30,6 +30,7 @@ import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.PathSegment;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import javax.ws.rs.core.UriInfo;
@@ -49,8 +50,10 @@ import org.onap.aai.babel.service.data.BabelArtifact;
 import org.onap.aai.babel.service.data.BabelRequest;
 import org.onap.aai.babel.util.RequestValidationException;
 import org.onap.aai.babel.util.RequestValidator;
+import org.springframework.stereotype.Service;
 
 /** Generate SDC Artifacts by passing in a CSAR payload, Artifact Name and Artifact version */
+@Service
 public class GenerateArtifactsServiceImpl implements GenerateArtifactsService {
     private static final LogHelper applicationLogger = LogHelper.INSTANCE;
 
@@ -96,8 +99,12 @@ public class GenerateArtifactsServiceImpl implements GenerateArtifactsService {
 
         Response response;
         try {
+            // Get last URI path segment to use for authentication
+            List<PathSegment> pathSegments = uriInfo.getPathSegments();
+            String lastPathSegment = pathSegments.isEmpty() ? "" : pathSegments.get(pathSegments.size() - 1).getPath();
+
             boolean authorized = aaiMicroServiceAuth.validateRequest(headers, servletRequest,
-                    AAIMicroServiceAuthCore.HTTP_METHODS.POST, uriInfo.getPath(false));
+                    AAIMicroServiceAuthCore.HTTP_METHODS.POST, lastPathSegment);
 
             response = authorized ? generateArtifacts(requestBody)
                     : buildResponse(Status.UNAUTHORIZED, "User not authorized to perform the operation.");
diff --git a/src/main/java/org/onap/aai/babel/service/InfoService.java b/src/main/java/org/onap/aai/babel/service/InfoService.java
index c993746..e115568 100644
--- a/src/main/java/org/onap/aai/babel/service/InfoService.java
+++ b/src/main/java/org/onap/aai/babel/service/InfoService.java
@@ -31,6 +31,7 @@ import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
+import org.springframework.stereotype.Service;
 
 /**
  * Information service for the micro-service. Return status details to the caller.
@@ -38,6 +39,7 @@ import javax.ws.rs.QueryParam;
  * @exclude
  */
 @Path("/core/core-service")
+@Service
 public class InfoService {
 
     private Clock clock = Clock.systemDefaultZone();
diff --git a/src/main/resources/babel-beans.xml b/src/main/resources/babel-beans.xml
index f4cc32c..e979a2e 100644
--- a/src/main/resources/babel-beans.xml
+++ b/src/main/resources/babel-beans.xml
@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
+<beans xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns="http://www.springframework.org/schema/beans" xmlns:context="http://www.springframework.org/schema/context"
 	xsi:schemaLocation="
 		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd">
@@ -8,7 +9,9 @@
 	<!-- PROPERTY AND CONFIGURATION FILES -->
 	<!-- ////////////////////////////////////////////////////////////////// -->
 
-	<context:property-placeholder location="file:${CONFIG_HOME}/babel-auth.properties" ignore-unresolvable="true" />
+	<context:property-placeholder
+		location="file:${CONFIG_HOME}/babel-auth.properties"
+		ignore-unresolvable="true" />
 
 	<!-- ////////////////////////////////////////////////////////////////// -->
 	<!-- CONFIG BEANS -->
@@ -23,13 +26,8 @@
 	<!-- IMPLEMENTATION BEANS -->
 	<!-- ////////////////////////////////////////////////////////////////// -->
 
-	<bean id="aaiMicroServiceAuth" class="org.onap.aai.auth.AAIMicroServiceAuth" >
+	<bean id="aaiMicroServiceAuth" class="org.onap.aai.auth.AAIMicroServiceAuth">
 		<constructor-arg ref="babelAuthConfig" />
 	</bean>
 
-
-	<bean id="generateArtifacts" class="org.onap.aai.babel.service.GenerateArtifactsServiceImpl" >
-		<constructor-arg ref="aaiMicroServiceAuth" />	
-	</bean>
-
 </beans>
diff --git a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
index 99eb4e9..e6f5aa6 100644
--- a/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
+++ b/src/test/java/org/onap/aai/babel/MicroServiceAuthTest.java
@@ -20,7 +20,6 @@
  */
 package org.onap.aai.babel;
 
-import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.junit.Assert.assertThat;
 
@@ -80,9 +79,9 @@ public class MicroServiceAuthTest {
     @Test
     public void createLocalAuthFile() throws AAIAuthException, IOException, JSONException {
         JSONObject roles = createRoleObject("role", createUserObject("user"), createFunctionObject("func"));
-        AAIMicroServiceAuth auth = createAuthService(roles);
-        assertThat(auth.authorize("nosuchuser", "method:func"), is(false));
-        assertThat(auth.authorize("user", "method:func"), is(true));
+        createAuthService(roles);
+        assertThat(AAIMicroServiceAuthCore.authorize("nosuchuser", "method:func"), is(false));
+        assertThat(AAIMicroServiceAuthCore.authorize("user", "method:func"), is(true));
     }
 
     /**
@@ -112,9 +111,9 @@ public class MicroServiceAuthTest {
 
     @Test
     public void testAuthUser() throws AAIAuthException {
-        AAIMicroServiceAuth auth = createStandardAuth();
-        assertThat(auth.authenticate(VALID_ADMIN_USER, "GET:actions"), is(equalTo("OK")));
-        assertThat(auth.authenticate(VALID_ADMIN_USER, "WRONG:action"), is(equalTo("AAI_9101")));
+        createStandardAuth();
+        assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "GET:actions"), is(true));
+        assertThat(AAIMicroServiceAuthCore.authorize(VALID_ADMIN_USER, "WRONG:action"), is(false));
     }
 
 
@@ -158,10 +157,10 @@ public class MicroServiceAuthTest {
      * @throws AAIAuthException
      */
     private void assertAdminUserAuthorisation(AAIMicroServiceAuth auth, String adminUser) throws AAIAuthException {
-        assertThat(auth.authorize(adminUser, "GET:actions"), is(true));
-        assertThat(auth.authorize(adminUser, "POST:actions"), is(true));
-        assertThat(auth.authorize(adminUser, "PUT:actions"), is(true));
-        assertThat(auth.authorize(adminUser, "DELETE:actions"), is(true));
+        assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "GET:actions"), is(true));
+        assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "POST:actions"), is(true));
+        assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "PUT:actions"), is(true));
+        assertThat(AAIMicroServiceAuthCore.authorize(adminUser, "DELETE:actions"), is(true));
     }
 
     private JSONArray createFunctionObject(String functionName) throws JSONException {