summaryrefslogtreecommitdiffstats
path: root/src/main/java
diff options
context:
space:
mode:
authorrenealr <reneal.rogers@amdocs.com>2018-02-20 16:37:04 -0500
committerrenealr <reneal.rogers@amdocs.com>2018-02-21 09:16:00 -0500
commite6f45969b521b66e1d72822157f0d8252e751bde (patch)
tree344dcb00bce5178e1b7da00792bea17e15373cd8 /src/main/java
parent570fbbc23ea65c4cdb10da04e37263f489b9b357 (diff)
fix the cookie decryption logic
Issue-ID: AAI-788 Change-Id: Ife47fe5e6f75ee1187c5385bca0ce53db4eff37f Signed-off-by: renealr <reneal.rogers@amdocs.com>
Diffstat (limited to 'src/main/java')
-rw-r--r--src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java49
-rw-r--r--src/main/java/org/onap/aai/sparky/security/CookieDecryptor.java29
-rw-r--r--src/main/java/org/onap/aai/sparky/security/EcompSso.java24
-rw-r--r--src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java21
4 files changed, 108 insertions, 15 deletions
diff --git a/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java b/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java
new file mode 100644
index 0000000..bf915d7
--- /dev/null
+++ b/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java
@@ -0,0 +1,49 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright © 2017 Amdocs
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.aai.sparky.security;
+
+import org.onap.aai.cl.api.Logger;
+import org.onap.aai.cl.eelf.LoggerFactory;
+import org.onap.aai.sparky.logging.AaiUiMsgs;
+import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
+
+public class BaseCookieDecryptor implements CookieDecryptor {
+
+ private static final Logger LOG = LoggerFactory.getInstance().getLogger(BaseCookieDecryptor.class);
+
+
+ public BaseCookieDecryptor(){}
+
+ public String decryptCookie(String encryptedCookie){
+
+ String decryptedCookie = "";
+ try {
+ decryptedCookie = CipherUtil.decrypt(encryptedCookie, "");
+ } catch (Exception e) {
+ LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, "decrypting base cookie failed " + e.getLocalizedMessage());
+ }
+ return decryptedCookie;
+
+ }
+
+} \ No newline at end of file
diff --git a/src/main/java/org/onap/aai/sparky/security/CookieDecryptor.java b/src/main/java/org/onap/aai/sparky/security/CookieDecryptor.java
new file mode 100644
index 0000000..36e4d12
--- /dev/null
+++ b/src/main/java/org/onap/aai/sparky/security/CookieDecryptor.java
@@ -0,0 +1,29 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright © 2017 Amdocs
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.aai.sparky.security;
+
+public interface CookieDecryptor {
+
+ String decryptCookie(String encryptedCookie);
+
+}
diff --git a/src/main/java/org/onap/aai/sparky/security/EcompSso.java b/src/main/java/org/onap/aai/sparky/security/EcompSso.java
index a5dd26b..8051d1d 100644
--- a/src/main/java/org/onap/aai/sparky/security/EcompSso.java
+++ b/src/main/java/org/onap/aai/sparky/security/EcompSso.java
@@ -106,16 +106,16 @@ public class EcompSso {
* cookies do not decode); else null.
*/
private static String getLoginIdFromCookie(HttpServletRequest request) {
- String attuid = null;
+ String uid = null;
try {
String[] cspFields = getCspData(request);
if (cspFields != null && cspFields.length > 5)
- attuid = cspFields[5];
+ uid = cspFields[5];
} catch (Throwable t) {
LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO,
"getLoginIdFromCookie failed " + t.getLocalizedMessage());
}
- return attuid;
+ return uid;
}
/**
@@ -139,18 +139,12 @@ public class EcompSso {
}
final String cspCookieEncrypted = csp.getValue();
- String gateKeeperProdKey = PortalApiProperties.getProperty(CSP_GATE_KEEPER_PROD_KEY);
- if (gateKeeperProdKey == null) {
- LOG.debug(AaiUiMsgs.LOGIN_FILTER_DEBUG,
- "getCspData: failed to get property " + CSP_GATE_KEEPER_PROD_KEY);
- }
-
- String cspCookieDecrypted = "";
- try {
- cspCookieDecrypted = CipherUtil.decrypt(cspCookieEncrypted, "");
- } catch (Exception e) {
- LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, "decrypting cookie failed " + e.getLocalizedMessage());
- }
+ String cspCookieDecrypted = null;
+ try {
+ cspCookieDecrypted = PortalAuthenticationConfig.getInstance().getCookieDecryptor().decryptCookie(cspCookieEncrypted);
+ } catch (ClassNotFoundException e) {
+ e.printStackTrace();
+ }
String[] cspData = cspCookieDecrypted.split("\\|");
return cspData;
diff --git a/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java b/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java
index e707f93..f34b419 100644
--- a/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java
+++ b/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java
@@ -22,8 +22,10 @@
*/
package org.onap.aai.sparky.security.portal.config;
+
import java.util.Properties;
+import org.onap.aai.sparky.security.CookieDecryptor;
import org.onap.aai.sparky.util.ConfigHelper;
import org.onap.aai.sparky.util.Encryptor;
import org.onap.aai.sparky.viewandinspect.config.SparkyConstants;
@@ -37,11 +39,14 @@ public class PortalAuthenticationConfig {
private String username;
private String password;
private boolean isOnapEnabled;
+ private CookieDecryptor cookieDecryptor;
+ private String cookieDecryptorClassName;
public static final String PROP_USERNAME = "username";
public static final String PROP_PASSWORD = "password"; // NOSONAR
public static final String PROP_IS_ONAP_ENABLED = "onap_enabled"; // NOSONAR
private static final String AUTHENTICATION_CONFIG_FILE = SparkyConstants.PORTAL_AUTHENTICATION_FILE_LOCATION;
+ public static final String PROP_COOKIEDECRYPTORCLASSNAME = "cookie_decryptor_classname";
private PortalAuthenticationConfig() {
// Prevent instantiation
@@ -77,6 +82,9 @@ public class PortalAuthenticationConfig {
public boolean getIsOnapEnabled() {
return isOnapEnabled;
}
+ public String getcookieDecryptorClassName() {
+ return cookieDecryptorClassName;
+ }
/**
* Reload the Portal authentication properties from the classpath.
@@ -93,5 +101,18 @@ public class PortalAuthenticationConfig {
username = props.getProperty(PROP_USERNAME);
password = props.getProperty(PROP_PASSWORD);
isOnapEnabled = Boolean.parseBoolean(props.getProperty(PROP_IS_ONAP_ENABLED, "true"));
+ cookieDecryptorClassName= props.getProperty(PROP_COOKIEDECRYPTORCLASSNAME);
+ }
+
+ public CookieDecryptor getCookieDecryptor() throws ClassNotFoundException{
+
+ Class cookieDecrypterClass = Class.forName(cookieDecryptorClassName);
+ try {
+ cookieDecryptor = (CookieDecryptor) cookieDecrypterClass.newInstance();
+ } catch (InstantiationException | IllegalAccessException e) {
+ e.printStackTrace();
+ }
+ return cookieDecryptor;
}
+
} \ No newline at end of file