diff options
Diffstat (limited to 'aai-resources')
5 files changed, 1 insertions, 218 deletions
diff --git a/aai-resources/pom.xml b/aai-resources/pom.xml index e85c3400..f2b76711 100644 --- a/aai-resources/pom.xml +++ b/aai-resources/pom.xml @@ -28,7 +28,7 @@ <parent> <groupId>org.onap.aai.resources</groupId> <artifactId>resources</artifactId> - <version>1.7.1-SNAPSHOT</version> + <version>1.7.2-SNAPSHOT</version> </parent> <properties> <java.version>1.8</java.version> diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java deleted file mode 100644 index 51ad2abc..00000000 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafAuthorizationFilter.java +++ /dev/null @@ -1,68 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.config.aaf; - -import org.onap.aai.Profiles; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter; -import org.springframework.context.annotation.Profile; -import org.springframework.context.annotation.PropertySource; -import org.springframework.stereotype.Component; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -import static org.onap.aai.config.aaf.ResponseFormatter.errorResponse; - -/** - * AAF authorization filter - */ - -@Component -@Profile(Profiles.AAF_AUTHENTICATION) -@PropertySource("file:${server.local.startpath}/aaf/permissions.properties") -public class AafAuthorizationFilter extends OrderedRequestContextFilter { - - @Value("${permission.type}") - String type; - - @Value("${permission.instance}") - String instance; - - public AafAuthorizationFilter() { - this.setOrder(FilterPriority.AAF_AUTHORIZATION.getPriority()); - } - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { - String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase()); - if(request.getRequestURI().matches("^.*/util/echo$")){ - filterChain.doFilter(request, response); - } - if(!request.isUserInRole(permission)){ - errorResponse(request, response); - }else{ - filterChain.doFilter(request,response); - } - } - } diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java deleted file mode 100644 index f7fd85ce..00000000 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/AafFilter.java +++ /dev/null @@ -1,69 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.config.aaf; - -import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.filter.CadiFilter; -import org.onap.aai.Profiles; -import org.onap.aai.ResourcesApp; -import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter; -import org.springframework.context.annotation.Profile; -import org.springframework.stereotype.Component; - -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.Properties; - -import static org.onap.aai.config.aaf.ResponseFormatter.*; - -/** - * AAF authentication filter - */ - -@Component -@Profile(Profiles.AAF_AUTHENTICATION) -public class AafFilter extends OrderedRequestContextFilter { - - private final CadiFilter cadiFilter; - - public AafFilter() throws IOException, ServletException { - Properties cadiProperties = new Properties(); - cadiProperties.load(ResourcesApp.class.getClassLoader().getResourceAsStream("cadi.properties")); - cadiFilter = new CadiFilter(new PropAccess(cadiProperties)); - this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority()); - } - - @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { - if(!request.getRequestURI().matches("^.*/util/echo$")){ - cadiFilter.doFilter(request, response, filterChain); - if(response.getStatus() >=400 && response.getStatus() < 500){ - errorResponse(request, response); - } - } else { - filterChain.doFilter(request, response); - } - } - - -} diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/FilterPriority.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/FilterPriority.java deleted file mode 100644 index 910db691..00000000 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/FilterPriority.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.config.aaf; - -import org.springframework.core.Ordered; - -public enum FilterPriority { - AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE), - AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1); //higher number = lower priority - - private final int priority; - - FilterPriority(final int p) { - priority = p; - } - - public int getPriority() { return priority; } -} diff --git a/aai-resources/src/main/java/org/onap/aai/config/aaf/ResponseFormatter.java b/aai-resources/src/main/java/org/onap/aai/config/aaf/ResponseFormatter.java deleted file mode 100644 index 9e09827c..00000000 --- a/aai-resources/src/main/java/org/onap/aai/config/aaf/ResponseFormatter.java +++ /dev/null @@ -1,45 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ -package org.onap.aai.config.aaf; - -import org.onap.aai.exceptions.AAIException; -import org.onap.aai.logging.ErrorLogHelper; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.ws.rs.core.MediaType; -import java.io.IOException; -import java.util.ArrayList; -import java.util.Collections; - -class ResponseFormatter { - - private static final String ACCEPT_HEADER = "accept"; - - static void errorResponse(HttpServletRequest request, HttpServletResponse response) throws IOException { - String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_XML : request.getHeader(ACCEPT_HEADER); - AAIException aaie = new AAIException("AAI_3300"); - response.setStatus(aaie.getErrorObject().getHTTPResponseCode().getStatusCode()); - response.getWriter().write(ErrorLogHelper.getRESTAPIErrorResponse(Collections.singletonList(MediaType.valueOf(accept)), aaie, new ArrayList<>())); - response.getWriter().flush(); - response.getWriter().close(); - } - -} |