summaryrefslogtreecommitdiffstats
path: root/aai-resources/src/main/java
diff options
context:
space:
mode:
authorPavel Paroulek <pavel.paroulek@orange.com>2018-08-23 18:21:46 +0200
committerPavel Paroulek <pavel.paroulek@orange.com>2018-08-23 18:21:46 +0200
commit87d493e0e6a94e4a405185de01a45eae64d978b1 (patch)
treec99c7b2941e8ce3da2bd18597f8fd84ebf0b9224 /aai-resources/src/main/java
parentaaebcebde628f0b9d6a566e906d921bdfea8dd8e (diff)
Adding AAF basic auth filter
Adding a AAF Cadi filter. AAF is configured to communicate with Beijing AAF instance in the Windriver lab. To activate AAF filter set the profile aaf-auth Change-Id: I1489f1b4e22658c3513ac89ff2e57302bfe265c8 Issue-ID: AAI-32 Signed-off-by: Pavel Paroulek <pavel.paroulek@orange.com>
Diffstat (limited to 'aai-resources/src/main/java')
-rw-r--r--aai-resources/src/main/java/org/onap/aai/Profiles.java1
-rw-r--r--aai-resources/src/main/java/org/onap/aai/config/AafFilter.java77
2 files changed, 78 insertions, 0 deletions
diff --git a/aai-resources/src/main/java/org/onap/aai/Profiles.java b/aai-resources/src/main/java/org/onap/aai/Profiles.java
index f0419d8f..ea65b9ab 100644
--- a/aai-resources/src/main/java/org/onap/aai/Profiles.java
+++ b/aai-resources/src/main/java/org/onap/aai/Profiles.java
@@ -25,6 +25,7 @@ public final class Profiles {
public static final String DME2 = "dme2";
public static final String ONE_WAY_SSL = "one-way-ssl";
+ public static final String AAF_AUTHENTICATION = "aaf-auth";
public static final String TWO_WAY_SSL = "two-way-ssl";
private Profiles(){}
diff --git a/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java
new file mode 100644
index 00000000..750540d2
--- /dev/null
+++ b/aai-resources/src/main/java/org/onap/aai/config/AafFilter.java
@@ -0,0 +1,77 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.aai.config;
+
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.aai.Profiles;
+import org.onap.aai.ResourcesApp;
+import org.onap.aai.exceptions.AAIException;
+import org.onap.aai.logging.ErrorLogHelper;
+import org.springframework.boot.web.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.Ordered;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.MediaType;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Properties;
+
+/**
+ * AAF authentication filter
+ */
+
+@Component
+@Profile(Profiles.AAF_AUTHENTICATION)
+public class AafFilter extends OrderedRequestContextFilter {
+
+ private static final String ACCEPT_HEADER = "accept";
+ private final CadiFilter cadiFilter;
+
+ public AafFilter() throws IOException, ServletException {
+ Properties cadiProperties = new Properties();
+ cadiProperties.load(ResourcesApp.class.getClassLoader().getResourceAsStream("cadi.properties"));
+ cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
+ this.setOrder(Ordered.HIGHEST_PRECEDENCE);
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+ cadiFilter.doFilter(request, response, filterChain);
+ if(response.getStatus() >=400 && response.getStatus() < 500){
+ errorResponse(request, response);
+ }
+ }
+
+ private void errorResponse(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_XML : request.getHeader(ACCEPT_HEADER);
+ AAIException aaie = new AAIException("AAI_3300");
+ response.setStatus(aaie.getErrorObject().getHTTPResponseCode().getStatusCode());
+ response.getWriter().write(ErrorLogHelper.getRESTAPIErrorResponse(Collections.singletonList(MediaType.valueOf(accept)), aaie, new ArrayList<>()));
+ response.getWriter().flush();
+ response.getWriter().close();
+ }
+}