summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorTschaen, Brendan <ctschaen@att.com>2019-02-28 13:57:51 -0500
committerTschaen, Brendan <ctschaen@att.com>2019-02-28 15:46:49 -0500
commit4d6e2a982cc0ee48aca9d8531424d795e44842c9 (patch)
tree3b07a546a57e5f500a06cc8f5d8dff97f96147df /src
parent24accb9cb8000591cc22a5d98d2c079b8084b123 (diff)
Complete new authentication across REST APIs
Change-Id: I0d8ae84bdebbad986d557f722047318d5b72b591 Issue-ID: MUSIC-345 Signed-off-by: Tschaen, Brendan <ctschaen@att.com>
Diffstat (limited to 'src')
-rwxr-xr-xsrc/main/java/org/onap/music/MusicApplication.java1
-rwxr-xr-xsrc/main/java/org/onap/music/authentication/CachingUtil.java14
-rw-r--r--src/main/java/org/onap/music/authentication/CadiAuthFilter.java (renamed from src/main/java/org/onap/music/CadiAuthFilter.java)2
-rw-r--r--src/main/java/org/onap/music/authentication/MusicAAFAuthentication.java (renamed from src/main/java/org/onap/music/authentication/MusicAuthentication.java)115
-rw-r--r--src/main/java/org/onap/music/authentication/MusicAuthenticator.java6
-rw-r--r--src/main/java/org/onap/music/conductor/conditionals/RestMusicConditionalAPI.java67
-rwxr-xr-xsrc/main/java/org/onap/music/rest/RestMusicAdminAPI.java4
-rwxr-xr-xsrc/main/java/org/onap/music/rest/RestMusicDataAPI.java56
-rw-r--r--src/main/java/org/onap/music/rest/RestMusicLocksAPI.java134
-rw-r--r--src/test/java/org/onap/music/unittests/TstRestMusicAdminAPI.java6
10 files changed, 106 insertions, 299 deletions
diff --git a/src/main/java/org/onap/music/MusicApplication.java b/src/main/java/org/onap/music/MusicApplication.java
index 90bcbbae..e6fee58f 100755
--- a/src/main/java/org/onap/music/MusicApplication.java
+++ b/src/main/java/org/onap/music/MusicApplication.java
@@ -30,6 +30,7 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.onap.aaf.cadi.PropAccess;
+import org.onap.music.authentication.CadiAuthFilter;
import org.onap.music.main.MusicUtil;
import org.onap.music.main.PropertiesLoader;
import org.springframework.beans.factory.annotation.Autowired;
diff --git a/src/main/java/org/onap/music/authentication/CachingUtil.java b/src/main/java/org/onap/music/authentication/CachingUtil.java
index 80eed1e6..5c379c6e 100755
--- a/src/main/java/org/onap/music/authentication/CachingUtil.java
+++ b/src/main/java/org/onap/music/authentication/CachingUtil.java
@@ -72,7 +72,6 @@ public class CachingUtil implements Runnable {
private static CacheAccess<String, Map<String, String>> musicValidateCache = JCS.getInstance("musicValidateCache");
private static Map<String, Number> userAttempts = new HashMap<>();
private static Map<String, Calendar> lastFailedTime = new HashMap<>();
- private static CacheAccess<String, PreparedStatement> queryBank = JCS.getInstance("statementBank");
private static CacheAccess<String, String> adminUserCache = JCS.getInstance("adminUserCache");
public static CacheAccess<String, String> getAdminUserCache() {
@@ -83,19 +82,6 @@ public class CachingUtil implements Runnable {
adminUserCache.put(authorization,userId);
}
-
- public static void updateStatementBank(String query,PreparedStatement statement) {
- queryBank.put(query, statement);
- }
-
- public static void resetStatementBank() {
- queryBank.clear();
- }
-
- public static CacheAccess<String, PreparedStatement> getStatementBank() {
- return queryBank;
- }
-
private static final String USERNAME="username";
private static final String PASSWORD="password";
diff --git a/src/main/java/org/onap/music/CadiAuthFilter.java b/src/main/java/org/onap/music/authentication/CadiAuthFilter.java
index 62bf9c73..56371c7d 100644
--- a/src/main/java/org/onap/music/CadiAuthFilter.java
+++ b/src/main/java/org/onap/music/authentication/CadiAuthFilter.java
@@ -20,7 +20,7 @@
* ====================================================================
*/
-package org.onap.music;
+package org.onap.music.authentication;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
diff --git a/src/main/java/org/onap/music/authentication/MusicAuthentication.java b/src/main/java/org/onap/music/authentication/MusicAAFAuthentication.java
index 6c38e6df..2d0d4e59 100644
--- a/src/main/java/org/onap/music/authentication/MusicAuthentication.java
+++ b/src/main/java/org/onap/music/authentication/MusicAAFAuthentication.java
@@ -44,121 +44,10 @@ import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
-public class MusicAuthentication implements MusicAuthenticator {
+public class MusicAAFAuthentication implements MusicAuthenticator {
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthentication.class);
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAAFAuthentication.class);
- /**
- * authenticate user logic
- *
- * @param nameSpace
- * @param userId
- * @param password
- * @param keyspace
- * @param aid
- * @param operation
- * @return
- * @throws Exception
- */
- @Deprecated
- public static Map<String, Object> autheticateUser(String nameSpace, String userId,
- String password, String keyspace, String aid, String operation) {
- logger.info(EELFLoggerDelegate.applicationLogger,"Inside User Authentication.......");
- Map<String, Object> resultMap = new HashMap<>();
- String uuid = null;
- if(! MusicUtil.getIsCadi()) {
- resultMap = CachingUtil.validateRequest(nameSpace, userId, password, keyspace, aid,
- operation);
- if (!resultMap.isEmpty())
- return resultMap;
- String isAAFApp = null;
- try {
- isAAFApp= CachingUtil.isAAFApplication(nameSpace);
- } catch(MusicServiceException e) {
- logger.error(e.getErrorMessage(), e);
- resultMap.put("Exception", e.getMessage());
- return resultMap;
- }
- if(isAAFApp == null) {
- resultMap.put("Exception", "Namespace: "+nameSpace+" doesn't exist. Please make sure ns(appName)"
- + " is correct and Application is onboarded.");
- return resultMap;
- }
- boolean isAAF = Boolean.parseBoolean(isAAFApp);
- if (userId == null || password == null) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
- logger.error(EELFLoggerDelegate.errorLogger,"One or more required headers is missing. userId: " + userId
- + " :: password: " + password);
- resultMap.put("Exception",
- "UserId and Password are mandatory for the operation " + operation);
- return resultMap;
- }
- if(!isAAF && !(operation.equals("createKeySpace"))) {
- resultMap = CachingUtil.authenticateAIDUser(nameSpace, userId, password, keyspace);
- if (!resultMap.isEmpty())
- return resultMap;
-
- }
- if (isAAF && nameSpace != null && userId != null && password != null) {
- boolean isValid = true;
- try {
- isValid = CachingUtil.authenticateAAFUser(nameSpace, userId, password, keyspace);
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,"Error while aaf authentication for user:" + userId);
- logger.error(EELFLoggerDelegate.errorLogger,"Error: "+ e.getMessage());
- logger.error(EELFLoggerDelegate.errorLogger,e.getMessage(), AppMessages.AUTHENTICATIONERROR ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
- logger.error(EELFLoggerDelegate.errorLogger,"Got exception while AAF authentication for namespace " + nameSpace);
- resultMap.put("Exception", e.getMessage());
- }
- if (!isValid) {
- logger.error(EELFLoggerDelegate.errorLogger,"User not authenticated...", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
- resultMap.put("Exception", "User not authenticated...");
- }
- if (!resultMap.isEmpty())
- return resultMap;
-
- }
- } else {
-
- String cachedKS = CachingUtil.getKSFromCadiCache(userId);
- if(cachedKS != null && !cachedKS.equals(keyspace)) {
- resultMap.put("Exception", "User not authenticated to access this keyspace...");
- }
- }
-
- if (operation.equals("createKeySpace")) {
- logger.info(EELFLoggerDelegate.applicationLogger,"AID is not provided. Creating new UUID for keyspace.");
- PreparedQueryObject pQuery = new PreparedQueryObject();
- pQuery.appendQueryString(
- "select uuid from admin.keyspace_master where application_name=? and username=? and keyspace_name=? allow filtering");
- try {
- pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), nameSpace));
- pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId));
- pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(),
- MusicUtil.DEFAULTKEYSPACENAME));
- } catch (Exception e1) {
- logger.error(EELFLoggerDelegate.errorLogger, e1, "Can not authenticate for createkeyspace", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
- resultMap.put("Exception", "Cannot authenticate for createKeyspace");
- return resultMap;
- }
-
-
- try {
- Row rs = MusicCore.get(pQuery).one();
- uuid = rs.getUUID("uuid").toString();
- resultMap.put("uuid", "existing");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.applicationLogger,"No UUID found in DB. So creating new UUID.");
- uuid = MusicUtil.generateUUID();
- resultMap.put("uuid", "new");
- }
- resultMap.put("aid", uuid);
- CachingUtil.updateCadiCache(userId, keyspace);
- }
-
- return resultMap;
- }
-
@Override
public boolean authenticateAdmin(String authorization) {
logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: ");
diff --git a/src/main/java/org/onap/music/authentication/MusicAuthenticator.java b/src/main/java/org/onap/music/authentication/MusicAuthenticator.java
index 0b1fd5c8..78f76ab1 100644
--- a/src/main/java/org/onap/music/authentication/MusicAuthenticator.java
+++ b/src/main/java/org/onap/music/authentication/MusicAuthenticator.java
@@ -33,7 +33,11 @@ public interface MusicAuthenticator {
DELETE_FROM_TABLE,
DROP_TABLE,
SELECT_CRITICAL,
- SELECT
+ SELECT,
+ CREATE_LOCKREF,
+ ACQUIRE_LOCK,
+ CURRENT_LOCK,
+ DELETE_LOCK
}
/**
diff --git a/src/main/java/org/onap/music/conductor/conditionals/RestMusicConditionalAPI.java b/src/main/java/org/onap/music/conductor/conditionals/RestMusicConditionalAPI.java
index 6ea05c7b..20fd3150 100644
--- a/src/main/java/org/onap/music/conductor/conditionals/RestMusicConditionalAPI.java
+++ b/src/main/java/org/onap/music/conductor/conditionals/RestMusicConditionalAPI.java
@@ -52,7 +52,9 @@ import org.onap.music.main.ResultType;
import org.onap.music.main.ReturnType;
import org.onap.music.response.jsonobjects.JsonResponse;
import org.onap.music.rest.RestMusicAdminAPI;
-import org.onap.music.authentication.MusicAuthentication;
+import org.onap.music.authentication.MusicAAFAuthentication;
+import org.onap.music.authentication.MusicAuthenticator;
+import org.onap.music.authentication.MusicAuthenticator.Operation;
import org.onap.music.conductor.*;
import com.datastax.driver.core.DataType;
@@ -69,6 +71,8 @@ public class RestMusicConditionalAPI {
private static final String XPATCHVERSION = "X-patchVersion";
private static final String NS = "ns";
private static final String VERSION = "v2";
+
+ private MusicAuthenticator authenticator = new MusicAAFAuthentication();
@POST
@Path("/insert/keyspaces/{keyspace}/tables/{tablename}")
@@ -85,6 +89,14 @@ public class RestMusicConditionalAPI {
@ApiParam(value = "Table Name", required = true) @PathParam("tablename") String tablename,
JsonConditional jsonObj) throws Exception {
ResponseBuilder response = MusicUtil.buildVersionResponse(VERSION, minorVersion, patchVersion);
+
+ if (!authenticator.authenticateUser(ns, authorization, keyspace, aid, Operation.INSERT_INTO_TABLE)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
+ }
+
String primaryKey = jsonObj.getPrimaryKey();
String primaryKeyValue = jsonObj.getPrimaryKeyValue();
String casscadeColumnName = jsonObj.getCasscadeColumnName();
@@ -100,28 +112,6 @@ public class RestMusicConditionalAPI {
.setError(String.valueOf("One or more input values missing")).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
-
- Map<String, Object> authMap = null;
- try {
- authMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspace, aid, "insertIntoTable");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "", AppMessages.MISSINGINFO, ErrorSeverity.CRITICAL,
- ErrorTypes.AUTHENTICATIONERROR);
- return response.status(Status.UNAUTHORIZED)
- .entity(new JsonResponse(ResultType.FAILURE).setError(e.getMessage()).toMap()).build();
- }
- if (authMap.containsKey("aid"))
- authMap.remove("aid");
- if (!authMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger, "", AppMessages.MISSINGINFO, ErrorSeverity.CRITICAL,
- ErrorTypes.AUTHENTICATIONERROR);
- return response.status(Status.UNAUTHORIZED).entity(
- new JsonResponse(ResultType.FAILURE).setError(String.valueOf(authMap.get("Exception"))).toMap())
- .build();
- }
Map<String, Object> valuesMap = new LinkedHashMap<>();
for (Map.Entry<String, Object> entry : tableValues.entrySet()) {
@@ -156,7 +146,14 @@ public class RestMusicConditionalAPI {
@ApiParam(value = "Major Version", required = true) @PathParam("tablename") String tablename,
JsonConditional upObj) throws Exception {
ResponseBuilder response = MusicUtil.buildVersionResponse(VERSION, minorVersion, patchVersion);
-
+
+ if (!authenticator.authenticateUser(ns, authorization, keyspace, aid, Operation.INSERT_INTO_TABLE)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
+ }
+
String primaryKey = upObj.getPrimaryKey();
String primaryKeyValue = upObj.getPrimaryKeyValue();
String casscadeColumnName = upObj.getCasscadeColumnName();
@@ -171,28 +168,6 @@ public class RestMusicConditionalAPI {
.setError(String.valueOf("One or more input values missing")).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
-
- Map<String, Object> authMap = null;
- try {
- authMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspace, aid, "updateTable");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "", AppMessages.MISSINGINFO, ErrorSeverity.CRITICAL,
- ErrorTypes.AUTHENTICATIONERROR);
- return response.status(Status.UNAUTHORIZED)
- .entity(new JsonResponse(ResultType.FAILURE).setError(e.getMessage()).toMap()).build();
- }
- if (authMap.containsKey("aid"))
- authMap.remove("aid");
- if (!authMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger, "", AppMessages.MISSINGINFO, ErrorSeverity.CRITICAL,
- ErrorTypes.AUTHENTICATIONERROR);
- return response.status(Status.UNAUTHORIZED).entity(
- new JsonResponse(ResultType.FAILURE).setError(String.valueOf(authMap.get("Exception"))).toMap())
- .build();
- }
String planId = casscadeColumnData.get("key").toString();
Map<String,String> casscadeColumnValueMap = (Map<String, String>) casscadeColumnData.get("value");
diff --git a/src/main/java/org/onap/music/rest/RestMusicAdminAPI.java b/src/main/java/org/onap/music/rest/RestMusicAdminAPI.java
index 26069ebe..adcb6584 100755
--- a/src/main/java/org/onap/music/rest/RestMusicAdminAPI.java
+++ b/src/main/java/org/onap/music/rest/RestMusicAdminAPI.java
@@ -47,7 +47,7 @@ import javax.ws.rs.core.Response.Status;
import org.mindrot.jbcrypt.BCrypt;
import org.onap.music.authentication.CachingUtil;
-import org.onap.music.authentication.MusicAuthentication;
+import org.onap.music.authentication.MusicAAFAuthentication;
import org.onap.music.authentication.MusicAuthenticator;
import org.onap.music.datastore.PreparedQueryObject;
import org.onap.music.datastore.jsonobjects.JsonOnboard;
@@ -81,7 +81,7 @@ public class RestMusicAdminAPI {
// Set to true in env like ONAP. Where access to creating and dropping keyspaces exist.
private static final boolean KEYSPACE_ACTIVE = false;
- private MusicAuthenticator authenticator = new MusicAuthentication();
+ private MusicAuthenticator authenticator = new MusicAAFAuthentication();
/*
* API to onboard an application with MUSIC. This is the mandatory first step.
diff --git a/src/main/java/org/onap/music/rest/RestMusicDataAPI.java b/src/main/java/org/onap/music/rest/RestMusicDataAPI.java
index a7522b90..dfcf0bdb 100755
--- a/src/main/java/org/onap/music/rest/RestMusicDataAPI.java
+++ b/src/main/java/org/onap/music/rest/RestMusicDataAPI.java
@@ -49,7 +49,7 @@ import javax.ws.rs.core.UriInfo;
import org.apache.commons.lang3.StringUtils;
import org.mindrot.jbcrypt.BCrypt;
import org.onap.music.authentication.CachingUtil;
-import org.onap.music.authentication.MusicAuthentication;
+import org.onap.music.authentication.MusicAAFAuthentication;
import org.onap.music.authentication.MusicAuthenticator;
import org.onap.music.authentication.MusicAuthenticator.Operation;
import org.onap.music.datastore.PreparedQueryObject;
@@ -117,7 +117,7 @@ public class RestMusicDataAPI {
private static final String XPATCHVERSION = "X-patchVersion";
private static final String NS = "ns";
private static final String VERSION = "v2";
- private MusicAuthenticator authenticator = new MusicAuthentication();
+ private MusicAuthenticator authenticator = new MusicAAFAuthentication();
// Set to true in env like ONAP. Where access to creating and dropping keyspaces exist.
private static final boolean KEYSPACE_ACTIVE = false;
@@ -174,34 +174,21 @@ public class RestMusicDataAPI {
response.status(Status.UNAUTHORIZED);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(authMap.get("Exception"))).toMap()).build();
}
- if(kspObject == null || kspObject.getReplicationInfo() == null) {
- response.status(Status.BAD_REQUEST);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(ResultType.BODYMISSING.getResult()).toMap()).build();
- }
-
- try {
- authMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "createKeySpace");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,e.getMessage(), AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.DATAERROR);
- response.status(Status.BAD_REQUEST);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError("Unable to authenticate.").toMap()).build();
- }
- String newAid = null;
- if (!authMap.isEmpty()) {
- if (authMap.containsKey("aid")) {
- newAid = (String) authMap.get("aid");
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,String.valueOf(authMap.get("Exception")), AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(authMap.get("Exception"))).toMap()).build();
- }
- }
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.CREATE_KEYSPACE)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
+ }
String consistency = MusicUtil.EVENTUAL;// for now this needs only
// eventual consistency
+ if(kspObject == null || kspObject.getReplicationInfo() == null) {
+ response.status(Status.BAD_REQUEST);
+ return response.entity(new JsonResponse(ResultType.FAILURE).setError(ResultType.BODYMISSING.getResult()).toMap()).build();
+ }
PreparedQueryObject queryObject = new PreparedQueryObject();
if(consistency.equalsIgnoreCase(MusicUtil.EVENTUAL) && kspObject.getConsistencyInfo().get("consistency") != null) {
if(MusicUtil.isValidConsistency(kspObject.getConsistencyInfo().get("consistency")))
@@ -260,7 +247,7 @@ public class RestMusicDataAPI {
queryObject.appendQueryString(
"INSERT into admin.keyspace_master (uuid, keyspace_name, application_name, is_api, "
+ "password, username, is_aaf) values (?,?,?,?,?,?,?)");
- queryObject.addValue(MusicUtil.convertToActualDataType(DataType.uuid(), newAid));
+ queryObject.addValue(MusicUtil.convertToActualDataType(DataType.uuid(), aid));
queryObject.addValue(MusicUtil.convertToActualDataType(DataType.text(), keyspaceName));
queryObject.addValue(MusicUtil.convertToActualDataType(DataType.text(), ns));
queryObject.addValue(MusicUtil.convertToActualDataType(DataType.cboolean(), "True"));
@@ -312,17 +299,12 @@ public class RestMusicDataAPI {
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
logger.info(EELFLoggerDelegate.applicationLogger,"In Drop Keyspace " + keyspaceName);
if ( KEYSPACE_ACTIVE ) {
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
- Map<String, Object> authMap = MusicAuthentication.autheticateUser(ns, userId, password,keyspaceName, aid, "dropKeySpace");
- if (authMap.containsKey("aid"))
- authMap.remove("aid");
- if (!authMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,authMap.get("Exception").toString(), AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(authMap.get("Exception"))).toMap()).build();
- }
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.DROP_KEYSPACE)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
+ }
String consistency = MusicUtil.EVENTUAL;// for now this needs only
// eventual
diff --git a/src/main/java/org/onap/music/rest/RestMusicLocksAPI.java b/src/main/java/org/onap/music/rest/RestMusicLocksAPI.java
index 0bb2368a..b3e3b4d5 100644
--- a/src/main/java/org/onap/music/rest/RestMusicLocksAPI.java
+++ b/src/main/java/org/onap/music/rest/RestMusicLocksAPI.java
@@ -37,7 +37,9 @@ import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status;
-import org.onap.music.authentication.MusicAuthentication;
+import org.onap.music.authentication.MusicAAFAuthentication;
+import org.onap.music.authentication.MusicAuthenticator;
+import org.onap.music.authentication.MusicAuthenticator.Operation;
import org.onap.music.datastore.jsonobjects.JsonLeasedLock;
import org.onap.music.eelf.logging.EELFLoggerDelegate;
import org.onap.music.eelf.logging.format.AppMessages;
@@ -63,6 +65,8 @@ public class RestMusicLocksAPI {
private static final String XMINORVERSION = "X-minorVersion";
private static final String XPATCHVERSION = "X-patchVersion";
private static final String VERSION = "v2";
+
+ private MusicAuthenticator authenticator = new MusicAAFAuthentication();
/**
* Puts the requesting process in the q for this lock. The corresponding
@@ -96,21 +100,16 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
- resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "createLockReference");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.CREATE_LOCKREF)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
ResultType status = ResultType.SUCCESS;
String lockId = MusicCore.createLockReference(lockName);
@@ -155,21 +154,17 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
+
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
- resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "accquireLock");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.ACQUIRE_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
try {
String lockName = lockId.substring(lockId.indexOf('$')+1, lockId.lastIndexOf('$'));
ReturnType lockStatus = MusicCore.acquireLock(lockName,lockId);
@@ -212,22 +207,16 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "accquireLockWithLease");
-
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.ACQUIRE_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
String lockName = lockId.substring(lockId.indexOf('$')+1, lockId.lastIndexOf('$'));
ReturnType lockLeaseStatus = MusicCore.acquireLockWithLease(lockName, lockId, lockObj.getLeasePeriod());
if ( lockLeaseStatus.getResult().equals(ResultType.SUCCESS)) {
@@ -266,21 +255,17 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
+
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "currentLockHolder");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.CURRENT_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
String who = MusicCore.whoseTurnIsIt(lockName);
ResultType status = ResultType.SUCCESS;
String error = "";
@@ -321,18 +306,11 @@ public class RestMusicLocksAPI {
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
resultMap.remove("keyspace");
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
- resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "currentLockHolder");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.CURRENT_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
String who = MusicCore.whoseTurnIsIt(lockName);
@@ -394,21 +372,17 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
+
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "unLock");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.DELETE_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
boolean voluntaryRelease = true;
MusicLockState mls = MusicCore.releaseLock(lockId,voluntaryRelease);
if(mls.getErrorMessage() != null) {
@@ -458,21 +432,17 @@ public class RestMusicLocksAPI {
response.status(Status.BAD_REQUEST);
return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
}
- Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
- String userId = userCredentials.get(MusicUtil.USERID);
- String password = userCredentials.get(MusicUtil.PASSWORD);
+
String keyspaceName = (String) resultMap.get("keyspace");
EELFLoggerDelegate.mdcPut("keyspace", "( "+keyspaceName+" ) ");
resultMap.remove("keyspace");
- resultMap = MusicAuthentication.autheticateUser(ns, userId, password, keyspaceName, aid,
- "deleteLock");
- if (resultMap.containsKey("aid"))
- resultMap.remove("aid");
- if (!resultMap.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGDATA ,ErrorSeverity.CRITICAL, ErrorTypes.AUTHENTICATIONERROR);
- response.status(Status.UNAUTHORIZED);
- return response.entity(new JsonResponse(ResultType.FAILURE).setError(String.valueOf(resultMap.get("Error"))).toMap()).build();
+ if (!authenticator.authenticateUser(ns, authorization, keyspaceName, aid, Operation.DELETE_LOCK)) {
+ return response.status(Status.UNAUTHORIZED)
+ .entity(new JsonResponse(ResultType.FAILURE)
+ .setError("Unauthorized: Please check username, password and make sure your app is onboarded")
+ .toMap()).build();
}
+
try{
MusicCore.deleteLock(lockName);
}catch (Exception e) {
diff --git a/src/test/java/org/onap/music/unittests/TstRestMusicAdminAPI.java b/src/test/java/org/onap/music/unittests/TstRestMusicAdminAPI.java
index 8eb677de..02b7f3a4 100644
--- a/src/test/java/org/onap/music/unittests/TstRestMusicAdminAPI.java
+++ b/src/test/java/org/onap/music/unittests/TstRestMusicAdminAPI.java
@@ -40,7 +40,7 @@ import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.internal.util.reflection.FieldSetter;
-import org.onap.music.authentication.MusicAuthentication;
+import org.onap.music.authentication.MusicAAFAuthentication;
import org.onap.music.datastore.PreparedQueryObject;
import org.onap.music.datastore.jsonobjects.JsonOnboard;
import org.onap.music.main.MusicCore;
@@ -53,7 +53,7 @@ public class TstRestMusicAdminAPI {
static PreparedQueryObject testObject;
@Mock
- MusicAuthentication authMock;
+ MusicAAFAuthentication authMock;
static String appName = "TestApp";
static String userId = "TestUser";
@@ -423,7 +423,7 @@ public class TstRestMusicAdminAPI {
* @throws NoSuchFieldException
*/
public void authenticateAdminTrue() throws NoSuchFieldException {
- authMock = Mockito.mock(MusicAuthentication.class);
+ authMock = Mockito.mock(MusicAAFAuthentication.class);
FieldSetter.setField(admin, admin.getClass().getDeclaredField("authenticator"), authMock);
Mockito.when(authMock.authenticateAdmin(Mockito.matches(adminAuthorization))).thenReturn(true);