diff options
Diffstat (limited to 'datarouter-subscriber/src/main')
6 files changed, 377 insertions, 0 deletions
diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java new file mode 100644 index 00000000..b6edb670 --- /dev/null +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java @@ -0,0 +1,120 @@ +/******************************************************************************* + * ============LICENSE_START================================================== + * * org.onap.dmaap + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ + +package org.onap.dmaap.datarouter.subscriber; + +import org.apache.log4j.Logger; +import org.eclipse.jetty.servlet.*; +import org.eclipse.jetty.util.ssl.*; +import org.eclipse.jetty.server.*; +import org.eclipse.jetty.http.HttpVersion; + +import java.io.FileInputStream; +import java.io.IOException; +import java.util.Arrays; +import java.util.Properties; + +public class Subscriber { + + private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.subscriber.Subscriber"); + + private static final String CONTEXT_PATH = "/"; + private static final String URL_PATTERN = "/*"; + + static Properties props; + + private static void loadProps() { + if (props == null) { + props = new Properties(); + try { + props.load(new FileInputStream(System.getProperty( + "org.onap.dmaap.datarouter.subscriber.properties", + "/opt/app/subscriber/etc/subscriber.properties"))); + } catch (IOException e) { + logger.fatal("SubServlet: Exception opening properties: " + e.getMessage()); + System.exit(1); + } + } + } + + public static void main(String[] args) throws Exception { + //Load the properties + loadProps(); + + int httpsPort = Integer.parseInt(props.getProperty("org.onap.dmaap.datarouter.subscriber.https.port", "8443")); + int httpPort = Integer.parseInt(props.getProperty("org.onap.dmaap.datarouter.subscriber.http.port", "8080")); + + Server server = new Server(); + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setRequestHeaderSize(8192); + + // HTTP connector + ServletContextHandler ctxt; + try (ServerConnector httpServerConnector = new ServerConnector(server, + new HttpConnectionFactory(httpConfig))) { + httpServerConnector.setPort(httpPort); + httpServerConnector.setIdleTimeout(30000); + + // SSL Context Factory + SslContextFactory sslContextFactory = new SslContextFactory(); + + // SSL HTTP Configuration + HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); + httpsConfig.addCustomizer(new SecureRequestCustomizer()); + + // SSL Connector + ServerConnector sslConnector = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfig)); + sslConnector.setPort(httpsPort); + server.addConnector(sslConnector); + + /*Skip SSLv3 Fixes*/ + sslContextFactory.addExcludeProtocols("SSLv3"); + logger.info("Excluded protocols for Subscriber:" + Arrays.toString(sslContextFactory.getExcludeProtocols())); + /*End of SSLv3 Fixes*/ + + // HTTPS Configuration + try (ServerConnector https = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfig))) { + https.setPort(httpsPort); + https.setIdleTimeout(30000); + } + server.setConnectors(new Connector[]{ httpServerConnector }); + } + ctxt = new ServletContextHandler(0); + ctxt.setContextPath(CONTEXT_PATH); + server.setHandler(ctxt); + + ctxt.addServlet(new ServletHolder(new SubscriberServlet()), URL_PATTERN); + try { + server.start(); + } catch ( Exception e ) { + logger.info("Jetty failed to start. Reporting will be unavailable-"+e); + } + server.join(); + logger.info("org.onap.dmaap.datarouter.subscriber.Subscriber started-"+ server.getState()); + + } +}
\ No newline at end of file diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java new file mode 100644 index 00000000..72afcf06 --- /dev/null +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java @@ -0,0 +1,168 @@ +/******************************************************************************* + * ============LICENSE_START================================================== + * * org.onap.dmaap + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ + +package org.onap.dmaap.datarouter.subscriber; + +import org.apache.commons.codec.binary.Base64; +import org.apache.log4j.Logger; + +import javax.servlet.ServletConfig; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.*; +import java.net.URLEncoder; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.nio.file.StandardCopyOption; +import java.nio.file.attribute.PosixFilePermissions; + +import static org.onap.dmaap.datarouter.subscriber.Subscriber.props; + +public class SubscriberServlet extends HttpServlet { + + private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.subscriber.SubscriberServlet"); + private String outputDirectory; + private String basicAuth; + + /** + * Configure this subscriberservlet. Configuration parameters from config.getInitParameter() are: + * <ul> + * <li>Login - The login expected in the Authorization header (default "LOGIN"). + * <li>Password - The password expected in the Authorization header (default "PASSWORD"). + * <li>outputDirectory - The directory where files are placed (default "tmp"). + * </ul> + */ + @Override + public void init(ServletConfig config) { + String login = props.getProperty("org.onap.dmaap.datarouter.subscriber.auth.user", "LOGIN"); + String password = props.getProperty("org.onap.dmaap.datarouter.subscriber.auth.password", "PASSWORD"); + outputDirectory = props.getProperty("org.onap.dmaap.datarouter.subscriber.delivery.dir", "/tmp"); + try { + Files.createDirectory(Paths.get(outputDirectory), PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwxrwxrwx"))); + } catch (IOException e) { + logger.info("SubServlet: Failed to create delivery dir: " + e.getMessage()); + e.printStackTrace(); + } + basicAuth = "Basic " + Base64.encodeBase64String((login + ":" + password).getBytes()); + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { + File filesPath = new File(outputDirectory); + File[] filesArr = filesPath.listFiles(); + assert filesArr != null; + for (File file: filesArr) { + try (BufferedReader in = new BufferedReader(new FileReader(file))) { + String line = in.readLine(); + while (line != null) { + line = in.readLine(); + } + } + } + } + /** + * Invoke common(req, resp, false). + */ + @Override + protected void doPut(HttpServletRequest req, HttpServletResponse resp) { + try { + common(req, resp, false); + } catch (IOException e) { + logger.info("SubServlet: Failed to doPut: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + } + } + /** + * Invoke common(req, resp, true). + */ + @Override + protected void doDelete(HttpServletRequest req, HttpServletResponse resp) { + try { + common(req, resp, true); + } catch (IOException e) { + logger.info("SubServlet: Failed to doDelete: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + } + } + /** + * Process a PUT or DELETE request. + * <ol> + * <li>Verify that the request contains an Authorization header + * or else UNAUTHORIZED. + * <li>Verify that the Authorization header matches the configured + * Login and Password or else FORBIDDEN. + * <li>If the request is PUT, store the message body as a file + * in the configured outputDirectory directory protecting against + * evil characters in the received FileID. The file is created + * initially with its name prefixed with a ".", and once it is complete, it is + * renamed to remove the leading "." character. + * <li>If the request is DELETE, instead delete the file (if it exists) from the configured outputDirectory directory. + * <li>Respond with NO_CONTENT. + * </ol> + */ + private void common(HttpServletRequest req, HttpServletResponse resp, boolean isdelete) throws IOException { + String authHeader = req.getHeader("Authorization"); + if (authHeader == null) { + logger.info("Rejecting request with no Authorization header from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + if (!basicAuth.equals(authHeader)) { + logger.info("Rejecting request with incorrect Authorization header from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + resp.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + String fileid = req.getPathInfo(); + fileid = fileid.substring(fileid.lastIndexOf('/') + 1); + String queryString = req.getQueryString(); + if (queryString != null) { + fileid = fileid + "?" + queryString; + } + String publishid = req.getHeader("X-ATT-DR-PUBLISH-ID"); + String filename = URLEncoder.encode(fileid, "UTF-8").replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A"); + String fullPath = outputDirectory + "/" + filename; + String tmpPath = outputDirectory + "/." + filename; + try { + if (isdelete) { + Files.deleteIfExists(Paths.get(fullPath)); + logger.info("Received delete for file id " + fileid + " from " + req.getRemoteAddr() + " publish id " + publishid + " as " + fullPath); + } else { + new File(tmpPath).createNewFile(); + try (InputStream is = req.getInputStream(); OutputStream os = new FileOutputStream(tmpPath)) { + byte[] buf = new byte[65536]; + int i; + while ((i = is.read(buf)) > 0) { + os.write(buf, 0, i); + } + } + Files.move(Paths.get(tmpPath), Paths.get(fullPath), StandardCopyOption.REPLACE_EXISTING); + logger.info("Received file id " + fileid + " from " + req.getRemoteAddr() + " publish id " + publishid + " as " + fullPath); + resp.setStatus(HttpServletResponse.SC_NO_CONTENT); + } + resp.setStatus(HttpServletResponse.SC_NO_CONTENT); + } catch (IOException ioe) { + Files.deleteIfExists(Paths.get(tmpPath)); + logger.info("Failed to process file " + fullPath + " from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + throw ioe; + } + } +} diff --git a/datarouter-subscriber/src/main/resources/docker/Dockerfile b/datarouter-subscriber/src/main/resources/docker/Dockerfile new file mode 100644 index 00000000..6cc74cc3 --- /dev/null +++ b/datarouter-subscriber/src/main/resources/docker/Dockerfile @@ -0,0 +1,6 @@ +FROM java:8 +ADD opt /opt/ +ADD startup.sh /startup.sh +RUN chmod 700 /startup.sh +ENTRYPOINT ./startup.sh start +EXPOSE 7070
\ No newline at end of file diff --git a/datarouter-subscriber/src/main/resources/docker/startup.sh b/datarouter-subscriber/src/main/resources/docker/startup.sh new file mode 100644 index 00000000..53b1053d --- /dev/null +++ b/datarouter-subscriber/src/main/resources/docker/startup.sh @@ -0,0 +1,12 @@ +#!/bin/bash +LIB=/opt/app/subscriber/lib +ETC=/opt/app/subscriber/etc +CLASSPATH=$ETC +for FILE in `find $LIB -name *.jar`; do + CLASSPATH=$CLASSPATH:$FILE +done +java -classpath $CLASSPATH org.onap.dmaap.datarouter.subscriber.Subscriber + +runner_file="$LIB/subscriber-jar-with-dependencies.jar" +echo "Starting using" $runner_file +java -Dorg.onap.dmaap.datarouter.subscriber.properties=/opt/app/subscriber/etc/subscriber.properties -jar $runner_file
\ No newline at end of file diff --git a/datarouter-subscriber/src/main/resources/log4j.properties b/datarouter-subscriber/src/main/resources/log4j.properties new file mode 100644 index 00000000..bb66ef42 --- /dev/null +++ b/datarouter-subscriber/src/main/resources/log4j.properties @@ -0,0 +1,31 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright � 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- + +log4j.rootLogger=info,Root + +log4j.appender.Root=org.apache.log4j.DailyRollingFileAppender +log4j.appender.Root.file=/opt/app/subscriber/logs/subscriber.log +log4j.appender.Root.datePattern='.'yyyyMMdd +log4j.appender.Root.append=true +log4j.appender.Root.layout=org.apache.log4j.PatternLayout +log4j.appender.Root.layout.ConversionPattern=%d %p %t %m%n diff --git a/datarouter-subscriber/src/main/resources/subscriber.properties b/datarouter-subscriber/src/main/resources/subscriber.properties new file mode 100644 index 00000000..771fdd34 --- /dev/null +++ b/datarouter-subscriber/src/main/resources/subscriber.properties @@ -0,0 +1,40 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright � 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- + +#Subscriber properties +org.onap.dmaap.datarouter.subscriber.http.port = 7070 +org.onap.dmaap.datarouter.subscriber.https.port = 7443 +org.onap.dmaap.datarouter.subscriber.auth.user = LOGIN +org.onap.dmaap.datarouter.subscriber.auth.password = PASSWORD +org.onap.dmaap.datarouter.subscriber.delivery.dir = /opt/app/subscriber/delivery + +org.onap.dmaap.datarouter.subscriber.https.relaxation = true +org.onap.dmaap.datarouter.subscriber.keystore.type = jks +org.onap.dmaap.datarouter.subscriber.keymanager.password = changeit +org.onap.dmaap.datarouter.subscriber.keystore.path = /opt/app/datartr/self_signed/keystore.jks +org.onap.dmaap.datarouter.subscriber.keystore.password = changeit +org.onap.dmaap.datarouter.subscriber.truststore.path = /opt/app/datartr/self_signed/cacerts.jks +org.onap.dmaap.datarouter.subscriber.truststore.password = changeit + + + |