diff options
author | Pavel Paroulek <pavel.paroulek@orange.com> | 2018-08-23 14:15:37 +0200 |
---|---|---|
committer | Pavel Paroulek <pavel.paroulek@orange.com> | 2018-08-23 14:15:37 +0200 |
commit | fa7573e7121cc92257bc02b438185668a07399a5 (patch) | |
tree | f7ff5f51c3b016ea92c95c49dd28db35265ffab2 /aai-traversal/src/main/java | |
parent | 06bba1da199688ba30ad1ab5da7e49451f5cfddf (diff) |
Adding AAF basic auth filter
Adding a AAF Cadi filter. AAF is configured to communicate with Beijing AAF instance in the Windriver lab. To activate AAF filter set the profile aaf-auth
Change-Id: I4f226f56eeb4686abd7b2d17a9db8be6a5e169c5
Issue-ID: AAI-32
Signed-off-by: Pavel Paroulek <pavel.paroulek@orange.com>
Diffstat (limited to 'aai-traversal/src/main/java')
-rw-r--r-- | aai-traversal/src/main/java/org/onap/aai/Profiles.java | 1 | ||||
-rw-r--r-- | aai-traversal/src/main/java/org/onap/aai/config/AafFilter.java | 77 |
2 files changed, 78 insertions, 0 deletions
diff --git a/aai-traversal/src/main/java/org/onap/aai/Profiles.java b/aai-traversal/src/main/java/org/onap/aai/Profiles.java index f0419d8..ea65b9a 100644 --- a/aai-traversal/src/main/java/org/onap/aai/Profiles.java +++ b/aai-traversal/src/main/java/org/onap/aai/Profiles.java @@ -25,6 +25,7 @@ public final class Profiles { public static final String DME2 = "dme2"; public static final String ONE_WAY_SSL = "one-way-ssl"; + public static final String AAF_AUTHENTICATION = "aaf-auth"; public static final String TWO_WAY_SSL = "two-way-ssl"; private Profiles(){} diff --git a/aai-traversal/src/main/java/org/onap/aai/config/AafFilter.java b/aai-traversal/src/main/java/org/onap/aai/config/AafFilter.java new file mode 100644 index 0000000..d0c070f --- /dev/null +++ b/aai-traversal/src/main/java/org/onap/aai/config/AafFilter.java @@ -0,0 +1,77 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.aai.config; + +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.aai.Profiles; +import org.onap.aai.TraversalApp; +import org.onap.aai.exceptions.AAIException; +import org.onap.aai.logging.ErrorLogHelper; +import org.springframework.context.annotation.Profile; +import org.springframework.core.annotation.Order; +import org.springframework.stereotype.Component; +import org.springframework.web.filter.OncePerRequestFilter; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.core.MediaType; +import java.io.IOException; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Properties; + +/** + * AAF authentication filter + */ + +@Order(1) +@Component +@Profile(Profiles.AAF_AUTHENTICATION) +public class AafFilter extends OncePerRequestFilter { + + private static final String ACCEPT_HEADER = "accept"; + private final CadiFilter cadiFilter; + + public AafFilter() throws IOException, ServletException { + Properties cadiProperties = new Properties(); + cadiProperties.load(TraversalApp.class.getClassLoader().getResourceAsStream("cadi.properties")); + cadiFilter = new CadiFilter(new PropAccess(cadiProperties)); + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException { + cadiFilter.doFilter(request, response, filterChain); + if(response.getStatus() >=400 && response.getStatus() < 500){ + errorResponse(request, response); + } + } + + private void errorResponse(HttpServletRequest request, HttpServletResponse response) throws IOException { + String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_XML : request.getHeader(ACCEPT_HEADER); + AAIException aaie = new AAIException("AAI_3300"); + response.setStatus(aaie.getErrorObject().getHTTPResponseCode().getStatusCode()); + response.getWriter().write(ErrorLogHelper.getRESTAPIErrorResponse(Collections.singletonList(MediaType.valueOf(accept)), aaie, new ArrayList<>())); + response.getWriter().flush(); + response.getWriter().close(); + } +} |