From 19620eb066c4cbb2c2b60cecdcd55fded03af2d1 Mon Sep 17 00:00:00 2001 From: Fiachra Corcoran Date: Mon, 27 Aug 2018 17:59:42 +0100 Subject: Add subscriber docker image for client testing Issue-ID: DMAAP-662 Change-Id: I5f8f5a23e5116b2077689f704962e88dbeafb1b0 Signed-off-by: Fiachra Corcoran --- .../dmaap/datarouter/subscriber/Subscriber.java | 120 +++++++++++++++ .../datarouter/subscriber/SubscriberServlet.java | 168 +++++++++++++++++++++ 2 files changed, 288 insertions(+) create mode 100644 datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java create mode 100644 datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java (limited to 'datarouter-subscriber/src/main/java') diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java new file mode 100644 index 00000000..b6edb670 --- /dev/null +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/Subscriber.java @@ -0,0 +1,120 @@ +/******************************************************************************* + * ============LICENSE_START================================================== + * * org.onap.dmaap + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ + +package org.onap.dmaap.datarouter.subscriber; + +import org.apache.log4j.Logger; +import org.eclipse.jetty.servlet.*; +import org.eclipse.jetty.util.ssl.*; +import org.eclipse.jetty.server.*; +import org.eclipse.jetty.http.HttpVersion; + +import java.io.FileInputStream; +import java.io.IOException; +import java.util.Arrays; +import java.util.Properties; + +public class Subscriber { + + private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.subscriber.Subscriber"); + + private static final String CONTEXT_PATH = "/"; + private static final String URL_PATTERN = "/*"; + + static Properties props; + + private static void loadProps() { + if (props == null) { + props = new Properties(); + try { + props.load(new FileInputStream(System.getProperty( + "org.onap.dmaap.datarouter.subscriber.properties", + "/opt/app/subscriber/etc/subscriber.properties"))); + } catch (IOException e) { + logger.fatal("SubServlet: Exception opening properties: " + e.getMessage()); + System.exit(1); + } + } + } + + public static void main(String[] args) throws Exception { + //Load the properties + loadProps(); + + int httpsPort = Integer.parseInt(props.getProperty("org.onap.dmaap.datarouter.subscriber.https.port", "8443")); + int httpPort = Integer.parseInt(props.getProperty("org.onap.dmaap.datarouter.subscriber.http.port", "8080")); + + Server server = new Server(); + HttpConfiguration httpConfig = new HttpConfiguration(); + httpConfig.setRequestHeaderSize(8192); + + // HTTP connector + ServletContextHandler ctxt; + try (ServerConnector httpServerConnector = new ServerConnector(server, + new HttpConnectionFactory(httpConfig))) { + httpServerConnector.setPort(httpPort); + httpServerConnector.setIdleTimeout(30000); + + // SSL Context Factory + SslContextFactory sslContextFactory = new SslContextFactory(); + + // SSL HTTP Configuration + HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); + httpsConfig.addCustomizer(new SecureRequestCustomizer()); + + // SSL Connector + ServerConnector sslConnector = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfig)); + sslConnector.setPort(httpsPort); + server.addConnector(sslConnector); + + /*Skip SSLv3 Fixes*/ + sslContextFactory.addExcludeProtocols("SSLv3"); + logger.info("Excluded protocols for Subscriber:" + Arrays.toString(sslContextFactory.getExcludeProtocols())); + /*End of SSLv3 Fixes*/ + + // HTTPS Configuration + try (ServerConnector https = new ServerConnector(server, + new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), + new HttpConnectionFactory(httpsConfig))) { + https.setPort(httpsPort); + https.setIdleTimeout(30000); + } + server.setConnectors(new Connector[]{ httpServerConnector }); + } + ctxt = new ServletContextHandler(0); + ctxt.setContextPath(CONTEXT_PATH); + server.setHandler(ctxt); + + ctxt.addServlet(new ServletHolder(new SubscriberServlet()), URL_PATTERN); + try { + server.start(); + } catch ( Exception e ) { + logger.info("Jetty failed to start. Reporting will be unavailable-"+e); + } + server.join(); + logger.info("org.onap.dmaap.datarouter.subscriber.Subscriber started-"+ server.getState()); + + } +} \ No newline at end of file diff --git a/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java new file mode 100644 index 00000000..72afcf06 --- /dev/null +++ b/datarouter-subscriber/src/main/java/org/onap/dmaap/datarouter/subscriber/SubscriberServlet.java @@ -0,0 +1,168 @@ +/******************************************************************************* + * ============LICENSE_START================================================== + * * org.onap.dmaap + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ + +package org.onap.dmaap.datarouter.subscriber; + +import org.apache.commons.codec.binary.Base64; +import org.apache.log4j.Logger; + +import javax.servlet.ServletConfig; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.*; +import java.net.URLEncoder; +import java.nio.file.Files; +import java.nio.file.Paths; +import java.nio.file.StandardCopyOption; +import java.nio.file.attribute.PosixFilePermissions; + +import static org.onap.dmaap.datarouter.subscriber.Subscriber.props; + +public class SubscriberServlet extends HttpServlet { + + private static Logger logger = Logger.getLogger("org.onap.dmaap.datarouter.subscriber.SubscriberServlet"); + private String outputDirectory; + private String basicAuth; + + /** + * Configure this subscriberservlet. Configuration parameters from config.getInitParameter() are: + * + */ + @Override + public void init(ServletConfig config) { + String login = props.getProperty("org.onap.dmaap.datarouter.subscriber.auth.user", "LOGIN"); + String password = props.getProperty("org.onap.dmaap.datarouter.subscriber.auth.password", "PASSWORD"); + outputDirectory = props.getProperty("org.onap.dmaap.datarouter.subscriber.delivery.dir", "/tmp"); + try { + Files.createDirectory(Paths.get(outputDirectory), PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwxrwxrwx"))); + } catch (IOException e) { + logger.info("SubServlet: Failed to create delivery dir: " + e.getMessage()); + e.printStackTrace(); + } + basicAuth = "Basic " + Base64.encodeBase64String((login + ":" + password).getBytes()); + } + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { + File filesPath = new File(outputDirectory); + File[] filesArr = filesPath.listFiles(); + assert filesArr != null; + for (File file: filesArr) { + try (BufferedReader in = new BufferedReader(new FileReader(file))) { + String line = in.readLine(); + while (line != null) { + line = in.readLine(); + } + } + } + } + /** + * Invoke common(req, resp, false). + */ + @Override + protected void doPut(HttpServletRequest req, HttpServletResponse resp) { + try { + common(req, resp, false); + } catch (IOException e) { + logger.info("SubServlet: Failed to doPut: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + } + } + /** + * Invoke common(req, resp, true). + */ + @Override + protected void doDelete(HttpServletRequest req, HttpServletResponse resp) { + try { + common(req, resp, true); + } catch (IOException e) { + logger.info("SubServlet: Failed to doDelete: " + req.getRemoteAddr() + " : " + req.getPathInfo(), e); + } + } + /** + * Process a PUT or DELETE request. + *
    + *
  1. Verify that the request contains an Authorization header + * or else UNAUTHORIZED. + *
  2. Verify that the Authorization header matches the configured + * Login and Password or else FORBIDDEN. + *
  3. If the request is PUT, store the message body as a file + * in the configured outputDirectory directory protecting against + * evil characters in the received FileID. The file is created + * initially with its name prefixed with a ".", and once it is complete, it is + * renamed to remove the leading "." character. + *
  4. If the request is DELETE, instead delete the file (if it exists) from the configured outputDirectory directory. + *
  5. Respond with NO_CONTENT. + *
+ */ + private void common(HttpServletRequest req, HttpServletResponse resp, boolean isdelete) throws IOException { + String authHeader = req.getHeader("Authorization"); + if (authHeader == null) { + logger.info("Rejecting request with no Authorization header from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + resp.sendError(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + if (!basicAuth.equals(authHeader)) { + logger.info("Rejecting request with incorrect Authorization header from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + resp.sendError(HttpServletResponse.SC_FORBIDDEN); + return; + } + String fileid = req.getPathInfo(); + fileid = fileid.substring(fileid.lastIndexOf('/') + 1); + String queryString = req.getQueryString(); + if (queryString != null) { + fileid = fileid + "?" + queryString; + } + String publishid = req.getHeader("X-ATT-DR-PUBLISH-ID"); + String filename = URLEncoder.encode(fileid, "UTF-8").replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A"); + String fullPath = outputDirectory + "/" + filename; + String tmpPath = outputDirectory + "/." + filename; + try { + if (isdelete) { + Files.deleteIfExists(Paths.get(fullPath)); + logger.info("Received delete for file id " + fileid + " from " + req.getRemoteAddr() + " publish id " + publishid + " as " + fullPath); + } else { + new File(tmpPath).createNewFile(); + try (InputStream is = req.getInputStream(); OutputStream os = new FileOutputStream(tmpPath)) { + byte[] buf = new byte[65536]; + int i; + while ((i = is.read(buf)) > 0) { + os.write(buf, 0, i); + } + } + Files.move(Paths.get(tmpPath), Paths.get(fullPath), StandardCopyOption.REPLACE_EXISTING); + logger.info("Received file id " + fileid + " from " + req.getRemoteAddr() + " publish id " + publishid + " as " + fullPath); + resp.setStatus(HttpServletResponse.SC_NO_CONTENT); + } + resp.setStatus(HttpServletResponse.SC_NO_CONTENT); + } catch (IOException ioe) { + Files.deleteIfExists(Paths.get(tmpPath)); + logger.info("Failed to process file " + fullPath + " from " + req.getRemoteAddr() + ": " + req.getPathInfo()); + throw ioe; + } + } +} -- cgit 1.2.3-korg