aboutsummaryrefslogtreecommitdiffstats
path: root/ccsdk-app-os/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'ccsdk-app-os/src/main/java')
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java20
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java24
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthenticationInterceptor.java117
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthorizationInterceptor.java42
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java67
-rw-r--r--ccsdk-app-os/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java4
6 files changed, 125 insertions, 149 deletions
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
index 665e0da..c59d5d9 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java
@@ -1,8 +1,8 @@
/*-
* ================================================================================
- * ECOMP Portal SDK
+ * DCAE Dashboard
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property
+ * Copyright (C) 2020 AT&T Intellectual Property
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,6 +17,7 @@
* limitations under the License.
* ================================================================================
*/
+
package org.onap.portalapp.conf;
import java.util.ArrayList;
@@ -52,7 +53,6 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-
/**
* ECOMP Portal SDK sample application. ECOMP Portal SDK core AppConfig class to
* reuse interceptors, view resolvers and other features defined there.
@@ -75,7 +75,7 @@ public class ExternalAppConfig extends AppConfig implements Configurable {
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAppConfig.class);
private static final String HEALTH = "/health*";
-
+
@Configuration
@Import(SystemProperties.class)
static class InnerConfiguration {
@@ -136,14 +136,14 @@ public class ExternalAppConfig extends AppConfig implements Configurable {
@Bean
public AuthenticationInterceptor authenticationInterceptor() {
- return new AuthenticationInterceptor();
- }
-
+ return new AuthenticationInterceptor();
+ }
+
@Bean
public AuthorizationInterceptor authorizationInterceptor() {
- return new AuthorizationInterceptor();
- }
-
+ return new AuthorizationInterceptor();
+ }
+
/**
* Adds request interceptors to the specified registry by calling
* {@link AppConfig#addInterceptors(InterceptorRegistry)}, but excludes
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java
index 2624e2f..d966c3a 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java
@@ -1,8 +1,8 @@
/*-
* ================================================================================
- * ECOMP Portal SDK
+ * DCAE Dashboard
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property
+ * Copyright (C) 2020 AT&T Intellectual Property
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -19,31 +19,11 @@
*/
package org.onap.portalapp.conf;
-import javax.servlet.ServletContext;
-import javax.servlet.ServletException;
-
import org.onap.ccsdk.dashboard.util.DashboardProperties;
import org.onap.portalsdk.core.conf.AppInitializer;
-import org.onap.portalsdk.core.logging.format.AlarmSeverityEnum;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.web.context.WebApplicationContext;
public class ExternalAppInitializer extends AppInitializer {
- /*
- @Override
- protected WebApplicationContext createServletApplicationContext() {
- WebApplicationContext context = super.createServletApplicationContext();
- try {
- ((ConfigurableEnvironment) context.getEnvironment()).setActiveProfiles("onap");
- } catch (Exception e) {
- System.out.println("Unable to set the active profile" + e.getMessage());
- //throw e;
- }
- return context;
- }
-*/
@Override
protected Class<?>[] getRootConfigClasses() {
return super.getRootConfigClasses();
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthenticationInterceptor.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthenticationInterceptor.java
index 206f364..e8a64b3 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthenticationInterceptor.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthenticationInterceptor.java
@@ -18,6 +18,7 @@
* ============LICENSE_END=========================================================
*
*******************************************************************************/
+
package org.onap.portalapp.interceptor;
import java.io.IOException;
@@ -25,7 +26,6 @@ import java.nio.charset.StandardCharsets;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-//import javax.xml.bind.DatatypeConverter;
import java.util.Base64;
import org.apache.http.HttpStatus;
@@ -33,70 +33,65 @@ import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.core.service.UserProfileService;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.ResponseEntity;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class AuthenticationInterceptor implements HandlerInterceptor {
- @Autowired
- private UserProfileService userSvc;
-
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
- String authString = request.getHeader("Authorization");
- try {
- if(authString == null || authString.isEmpty())
- {
- response.setStatus(HttpStatus.SC_UNAUTHORIZED);
- response.sendError(HttpStatus.SC_UNAUTHORIZED, "Authentication information is missing");
- return false; //Do not continue with request
- } else {
- String decodedAuth = "";
- String[] authParts = authString.split("\\s+");
- String authInfo = authParts[1];
- byte[] bytes = null;
- bytes = Base64.getDecoder().decode(authInfo);
- //DatatypeConverter.parseBase64Binary(authInfo);
- decodedAuth = new String(bytes,StandardCharsets.UTF_8);
- String[] authen = decodedAuth.split(":");
+ @Autowired
+ private UserProfileService userSvc;
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
+ Object handler) {
+ String authString = request.getHeader("Authorization");
+ try {
+ if (authString == null || authString.isEmpty()) {
+ response.setStatus(HttpStatus.SC_UNAUTHORIZED);
+ response.sendError(HttpStatus.SC_UNAUTHORIZED,
+ "Authentication information is missing");
+ return false; // Do not continue with request
+ } else {
+ String decodedAuth = "";
+ String[] authParts = authString.split("\\s+");
+ String authInfo = authParts[1];
+ byte[] bytes = null;
+ bytes = Base64.getDecoder().decode(authInfo);
+ // DatatypeConverter.parseBase64Binary(authInfo);
+ decodedAuth = new String(bytes, StandardCharsets.UTF_8);
+ String[] authen = decodedAuth.split(":");
+
+ if (authen.length > 1) {
+ User user = userSvc.getUserByLoginId(authen[0]);
+ if (user == null) {
+ response.sendError(HttpStatus.SC_UNAUTHORIZED,
+ "Un-authorized to perform this operation");
+ return false;
+ }
+ } else {
+ return false;
+ }
+ }
+ } catch (Exception e) {
+ try {
+ response.sendError(HttpStatus.SC_UNAUTHORIZED, e.getMessage());
+ } catch (IOException e1) {
+ return false;
+ }
+ return false;
+ }
+ return true; // Continue with request
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+ ModelAndView modelAndView) throws Exception {
+ // Ignore
+ }
- if (authen.length > 1) {
- User user = userSvc.getUserByLoginId(authen[0]);
- if (user == null) {
- response.sendError(HttpStatus.SC_UNAUTHORIZED, "Un-authorized to perform this operation");
- return false;
- }
-/* ResponseEntity<String> getResponse =
- userSrvc.checkUserExists(authen[0], authen[1]);
- if (getResponse.getStatusCode().value() != 200) {
- response.sendError(HttpStatus.SC_UNAUTHORIZED, "Un-authorized to perform this operation");
- return false;
- }*/
- } else {
- return false;
- }
- }
- } catch (Exception e) {
- try {
- response.sendError(HttpStatus.SC_UNAUTHORIZED, e.getMessage());
- } catch (IOException e1) {
- return false;
- }
- return false;
- }
- return true; //Continue with request
- }
-
- @Override
- public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
- ModelAndView modelAndView) throws Exception {
- //Ignore
- }
-
- @Override
- public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
- throws Exception {
- //Ignore
- }
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
+ Object handler, Exception ex) throws Exception {
+ // Ignore
+ }
}
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthorizationInterceptor.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthorizationInterceptor.java
index 2f3362b..df230d2 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthorizationInterceptor.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/interceptor/AuthorizationInterceptor.java
@@ -18,6 +18,7 @@
* ============LICENSE_END=========================================================
*
*******************************************************************************/
+
package org.onap.portalapp.interceptor;
import java.util.HashSet;
@@ -33,30 +34,31 @@ import org.springframework.web.servlet.ModelAndView;
import com.fasterxml.jackson.databind.ObjectMapper;
public class AuthorizationInterceptor implements HandlerInterceptor {
-
+
protected final ObjectMapper objectMapper = new ObjectMapper();
-
- @Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
+ Object handler) throws Exception {
Set<String> userRoleSet = new HashSet<String>();
Set<String> userApps = new TreeSet<>();
userRoleSet.add("Standard User");
- userRoleSet.add("ECOMPC_DCAE_WRITE");
+ userRoleSet.add("DCAE_WRITE");
userApps.add("dcae");
request.setAttribute("userRoles", userRoleSet);
- request.setAttribute("userApps", userApps);
- return true; //Continue with request
- }
-
- @Override
- public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
- ModelAndView modelAndView) throws Exception {
- //Ignore
- }
-
- @Override
- public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
- throws Exception {
- //Ignore
- }
+ request.setAttribute("userApps", userApps);
+ return true; // Continue with request
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+ ModelAndView modelAndView) throws Exception {
+ // Ignore
+ }
+
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response,
+ Object handler, Exception ex) throws Exception {
+ // Ignore
+ }
}
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java
index d7c9ab7..8e80e79 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java
@@ -1,6 +1,6 @@
/*-
* ================================================================================
- * ECOMP Portal SDK
+ * DCAE Dashboard
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property
* ================================================================================
@@ -35,15 +35,9 @@ import org.onap.portalsdk.core.auth.LoginStrategy;
import org.onap.portalsdk.core.command.LoginBean;
import org.onap.portalsdk.core.domain.Role;
import org.onap.portalsdk.core.domain.RoleFunction;
-import org.onap.portalsdk.core.domain.User;
-import org.onap.portalsdk.core.domain.FusionObject.Parameters;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.menu.MenuProperties;
import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
-import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.service.LoginService;
import org.onap.portalsdk.core.service.RoleService;
import org.onap.portalsdk.core.util.SystemProperties;
@@ -61,9 +55,10 @@ public class LoginStrategyImpl extends LoginStrategy {
@Autowired
private RoleService roleService;
-
+
@Override
- public ModelAndView doExternalLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ public ModelAndView doExternalLogin(HttpServletRequest request, HttpServletResponse response)
+ throws IOException {
invalidateExistingSession(request);
@@ -72,13 +67,15 @@ public class LoginStrategyImpl extends LoginStrategy {
String password = request.getParameter("password");
commandBean.setLoginId(loginId);
commandBean.setLoginPwd(password);
- //commandBean.setUserid(loginId);
+ // commandBean.setUserid(loginId);
commandBean = loginService.findUser(commandBean,
- (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap());
+ (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY),
+ new HashMap());
List<RoleFunction> roleFunctionList = roleService.getRoleFunctions(loginId);
if (commandBean.getUser() == null) {
- String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage()
+ String loginErrorMessage =
+ (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage()
: "login.error.external.invalid - User name and/or password incorrect";
Map<String, String> model = new HashMap<>();
model.put("error", loginErrorMessage);
@@ -86,53 +83,55 @@ public class LoginStrategyImpl extends LoginStrategy {
} else {
// store the currently logged in user's information in the session
UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
- commandBean.getBusinessDirectMenu(),
- SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
+ commandBean.getBusinessDirectMenu(),
+ SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR),
+ roleFunctionList);
// set the user's max role level in session
final String adminRole = "System Administrator";
final String standardRole = "Standard User";
final String readRole = "Read Access";
final String writeRole = "Write Access";
-
+
String maxRole = "";
String authType = "READ";
String accessLevel = "app";
-
- Predicate<Role> adminRoleFilter =
+
+ Predicate<Role> adminRoleFilter =
p -> p.getName() != null && p.getName().equalsIgnoreCase(adminRole);
-
- Predicate<Role> writeRoleFilter =
- p -> p.getName() != null && (p.getName().equalsIgnoreCase(writeRole) || p.getName().equalsIgnoreCase(standardRole));
-
- Predicate<Role> readRoleFilter =
- p -> p.getName() != null && (p.getName().equalsIgnoreCase(readRole) );
+
+ Predicate<Role> writeRoleFilter =
+ p -> p.getName() != null && (p.getName().equalsIgnoreCase(writeRole)
+ || p.getName().equalsIgnoreCase(standardRole));
+
+ Predicate<Role> readRoleFilter =
+ p -> p.getName() != null && (p.getName().equalsIgnoreCase(readRole));
if (UserUtils.getUserSession(request) != null) {
@SuppressWarnings("unchecked")
- Collection<org.onap.portalsdk.core.domain.Role> userRoles =
+ Collection<org.onap.portalsdk.core.domain.Role> userRoles =
UserUtils.getRoles(request).values();
- if (userRoles.stream().anyMatch(adminRoleFilter) ) {
+ if (userRoles.stream().anyMatch(adminRoleFilter)) {
maxRole = "admin";
- } else if (userRoles.stream().anyMatch(writeRoleFilter) ) {
+ } else if (userRoles.stream().anyMatch(writeRoleFilter)) {
maxRole = "write";
- } else if (userRoles.stream().anyMatch(readRoleFilter) ) {
+ } else if (userRoles.stream().anyMatch(readRoleFilter)) {
maxRole = "read";
}
- switch(maxRole) {
+ switch (maxRole) {
case "admin":
authType = "ADMIN";
accessLevel = "ops";
break;
case "write":
authType = "WRITE";
- accessLevel = "dev";
+ accessLevel = "dev";
break;
case "read":
authType = "READ";
- accessLevel = "dev";
- break;
+ accessLevel = "dev";
+ break;
default:
- accessLevel = "app";
+ accessLevel = "app";
}
}
AppUtils.getSession(request).setAttribute("role_level", accessLevel);
@@ -142,7 +141,7 @@ public class LoginStrategyImpl extends LoginStrategy {
return new ModelAndView("redirect:welcome");
}
}
-
+
@Override
public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response)
throws Exception {
@@ -165,7 +164,7 @@ public class LoginStrategyImpl extends LoginStrategy {
return userid;
}
- private static String getUserIdFromCookie(HttpServletRequest request){
+ private static String getUserIdFromCookie(HttpServletRequest request) {
String userId = "";
Cookie[] cookies = request.getCookies();
Cookie userIdcookie = null;
diff --git a/ccsdk-app-os/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java b/ccsdk-app-os/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java
index da306f6..65e8541 100644
--- a/ccsdk-app-os/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java
+++ b/ccsdk-app-os/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java
@@ -1,6 +1,6 @@
/*-
* ================================================================================
- * ECOMP Portal SDK
+ * DCAE Dashboard
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property
* ================================================================================
@@ -17,11 +17,11 @@
* limitations under the License.
* ================================================================================
*/
+
package org.onap.portalapp.service;
import java.util.Set;
-import org.onap.portalapp.service.IAdminAuthExtension;
import org.onap.portalsdk.core.domain.Role;
import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;