diff options
author | Pavel Paroulek <pavel.paroulek@orange.com> | 2018-08-23 18:21:46 +0200 |
---|---|---|
committer | Pavel Paroulek <pavel.paroulek@orange.com> | 2018-08-23 18:21:46 +0200 |
commit | 87d493e0e6a94e4a405185de01a45eae64d978b1 (patch) | |
tree | c99c7b2941e8ce3da2bd18597f8fd84ebf0b9224 /aai-resources/src/main/java/org/onap | |
parent | aaebcebde628f0b9d6a566e906d921bdfea8dd8e (diff) |
Adding AAF basic auth filter
Adding a AAF Cadi filter. AAF is configured to communicate with Beijing AAF instance in the Windriver lab. To activate AAF filter set the profile aaf-auth
Change-Id: I1489f1b4e22658c3513ac89ff2e57302bfe265c8
Issue-ID: AAI-32
Signed-off-by: Pavel Paroulek <pavel.paroulek@orange.com>
Diffstat (limited to 'aai-resources/src/main/java/org/onap')
-rw-r--r-- | aai-resources/src/main/java/org/onap/aai/Profiles.java | 1 | ||||
-rw-r--r-- | aai-resources/src/main/java/org/onap/aai/config/AafFilter.java | 77 |
2 files changed, 78 insertions, 0 deletions
diff --git a/aai-resources/src/main/java/org/onap/aai/Profiles.java b/aai-resources/src/main/java/org/onap/aai/Profiles.java index f0419d8f..ea65b9ab 100644 --- a/aai-resources/src/main/java/org/onap/aai/Profiles.java +++ b/aai-resources/src/main/java/org/onap/aai/Profiles.java @@ -25,6 +25,7 @@ public final class Profiles { public static final String DME2 = "dme2"; public static final String ONE_WAY_SSL = "one-way-ssl"; + public static final String AAF_AUTHENTICATION = "aaf-auth"; public static final String TWO_WAY_SSL = "two-way-ssl"; private Profiles(){} diff --git a/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java new file mode 100644 index 00000000..750540d2 --- /dev/null +++ b/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java @@ -0,0 +1,77 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.aai.config; + +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.aai.Profiles; +import org.onap.aai.ResourcesApp; +import org.onap.aai.exceptions.AAIException; +import org.onap.aai.logging.ErrorLogHelper; +import org.springframework.boot.web.filter.OrderedRequestContextFilter; +import org.springframework.context.annotation.Profile; +import org.springframework.core.Ordered; +import org.springframework.stereotype.Component; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.core.MediaType; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Properties; + +/** + * AAF authentication filter + */ + +@Component +@Profile(Profiles.AAF_AUTHENTICATION) +public class AafFilter extends OrderedRequestContextFilter { + + private static final String ACCEPT_HEADER = "accept"; + private final CadiFilter cadiFilter; + + public AafFilter() throws IOException, ServletException { + Properties cadiProperties = new Properties(); + cadiProperties.load(ResourcesApp.class.getClassLoader().getResourceAsStream("cadi.properties")); + cadiFilter = new CadiFilter(new PropAccess(cadiProperties)); + this.setOrder(Ordered.HIGHEST_PRECEDENCE); + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { + cadiFilter.doFilter(request, response, filterChain); + if(response.getStatus() >=400 && response.getStatus() < 500){ + errorResponse(request, response); + } + } + + private void errorResponse(HttpServletRequest request, HttpServletResponse response) throws IOException { + String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_XML : request.getHeader(ACCEPT_HEADER); + AAIException aaie = new AAIException("AAI_3300"); + response.setStatus(aaie.getErrorObject().getHTTPResponseCode().getStatusCode()); + response.getWriter().write(ErrorLogHelper.getRESTAPIErrorResponse(Collections.singletonList(MediaType.valueOf(accept)), aaie, new ArrayList<>())); + response.getWriter().flush(); + response.getWriter().close(); + } +} |