From 13ab11a844d840025d153f7eac9109fbbe1c6b08 Mon Sep 17 00:00:00 2001
From: sebdet <sebastien.determe@intl.att.com>
Date: Thu, 10 Oct 2019 11:40:27 +0200
Subject: Rework the clamp cadi filter

Add test and rework the code for X509 certificate

Issue-ID: CLAMP-519
Change-Id: I3c0aa05cd4bec24770243b86a4672ff3906afba5
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
---
 .../org/onap/clamp/clds/filter/ClampCadiFilter.java    | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'src/main')

diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
index 7e104c74..cd141ae7 100644
--- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
+++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
@@ -144,16 +144,22 @@ public class ClampCadiFilter extends CadiFilter {
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
         try {
-            String certHeader = URLDecoder.decode(((HttpServletRequest) request).getHeader("X-SSL-Cert"),
-                    StandardCharsets.UTF_8.toString());
+            String certHeader = ((HttpServletRequest) request).getHeader("X-SSL-Cert");
             if (certHeader != null) {
-
                 CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                 X509Certificate cert = (X509Certificate) certificateFactory
-                        .generateCertificate(new ByteArrayInputStream(certHeader.getBytes()));
-                request.setAttribute("javax.servlet.request.X509Certificate", cert);
-
+                        .generateCertificate(new ByteArrayInputStream(
+                                URLDecoder.decode(certHeader, StandardCharsets.UTF_8.toString()).getBytes()));
+                X509Certificate[] certifArray = ((X509Certificate[]) request
+                        .getAttribute("javax.servlet.request.X509Certificate"));
+                if (certifArray == null) {
+                    certifArray = new X509Certificate[] { cert };
+                    request.setAttribute("javax.servlet.request.X509Certificate", certifArray);
+                } else {
+                    certifArray[0] = cert;
+                }
             }
+
         } catch (CertificateException e) {
             logger.error("Unable to inject the X.509 certificate", e);
         }
-- 
cgit 1.2.3-korg