diff options
Diffstat (limited to 'src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java')
-rw-r--r-- | src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java | 25 |
1 files changed, 6 insertions, 19 deletions
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java index e1beb28..ef1e6f4 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java +++ b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java @@ -21,10 +21,8 @@ package org.onap.dmaap.dbcapi.service; import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID; -import static com.att.eelf.configuration.Configuration.MDC_PARTNER_NAME; import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME; -import javax.xml.bind.DatatypeConverter; import org.onap.dmaap.dbcapi.aaf.DmaapPerm; import org.onap.dmaap.dbcapi.authentication.ApiPolicy; import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException; @@ -45,6 +43,7 @@ public class ApiService extends BaseLoggingClass { private String requestId; private ApiError err; private ApiPolicy apiPolicy; + private CredentialsParser credentialsParser = new CredentialsParser(); public ApiService() { @@ -127,29 +126,17 @@ public class ApiService extends BaseLoggingClass { if (env == null || env.isEmpty()) { env = "boot"; } - if (!apiPolicy.getUseAuthClass()) { + if (!apiPolicy.isPermissionClassSet()) { return; // skip authorization if not enabled } - if (authorization == null || authorization.isEmpty()) { - String errmsg = "No basic authorization value provided "; - err.setMessage(errmsg); - logger.info(errmsg); - throw new AuthenticationErrorException(); - } - String credentials = authorization.substring("Basic".length()).trim(); - byte[] decoded = DatatypeConverter.parseBase64Binary(credentials); - String decodedString = new String(decoded); - String[] actualCredentials = decodedString.split(":"); - String ID = actualCredentials[0]; - String Password = actualCredentials[1]; - MDC.put(MDC_PARTNER_NAME, ID); - try { + Credentials credentials = credentialsParser.parse(authorization); + try { DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method); - apiPolicy.check(ID, Password, p); + apiPolicy.check(credentials.getId(), credentials.getPwd(), p); } catch (AuthenticationErrorException ae) { String errmsg = - "User " + ID + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env + "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env + " " + method; logger.info(errmsg); err.setMessage(errmsg); |