aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org/onap/music/authentication/AuthUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/org/onap/music/authentication/AuthUtil.java')
-rw-r--r--src/main/java/org/onap/music/authentication/AuthUtil.java80
1 files changed, 43 insertions, 37 deletions
diff --git a/src/main/java/org/onap/music/authentication/AuthUtil.java b/src/main/java/org/onap/music/authentication/AuthUtil.java
index 51e3dac0..223fa74e 100644
--- a/src/main/java/org/onap/music/authentication/AuthUtil.java
+++ b/src/main/java/org/onap/music/authentication/AuthUtil.java
@@ -37,14 +37,16 @@ import org.onap.aaf.cadi.CadiWrap;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.music.eelf.logging.EELFLoggerDelegate;
+import org.onap.music.exceptions.MusicAuthenticationException;
public class AuthUtil {
- private static final String decodeValueOfForwardSlash = "2f";
- private static final String decodeValueOfHyphen = "2d";
- private static final String decodeValueOfAsterisk = "2a";
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AuthUtil.class);
+ private AuthUtil() {
+ throw new IllegalStateException("Utility class");
+ }
+
/**
* Get the list of permissions from the Request object.
*
@@ -88,7 +90,7 @@ public class AuthUtil {
private static List<AAFPermission> filterNameSpacesAAFPermissions(String nameSpace,
List<AAFPermission> allPermissionsList) {
List<AAFPermission> list = new ArrayList<>();
- for (Iterator iterator = allPermissionsList.iterator(); iterator.hasNext();) {
+ for (Iterator<AAFPermission> iterator = allPermissionsList.iterator(); iterator.hasNext();) {
AAFPermission aafPermission = (AAFPermission) iterator.next();
if(aafPermission.getType().indexOf(nameSpace) == 0) {
list.add(aafPermission);
@@ -104,20 +106,23 @@ public class AuthUtil {
* @return returns the decoded string.
* @throws Exception throws excpetion
*/
- public static String decodeFunctionCode(String str) throws Exception {
+ public static String decodeFunctionCode(String str) throws MusicAuthenticationException {
+ final String DECODEVALUE_FORWARDSLASH = "2f";
+ final String DECODEVALUE_HYPHEN = "2d";
+ final String DECODEVALUE_ASTERISK = "2a";
String decodedString = str;
List<Pattern> decodingList = new ArrayList<>();
- decodingList.add(Pattern.compile(decodeValueOfForwardSlash));
- decodingList.add(Pattern.compile(decodeValueOfHyphen));
- decodingList.add(Pattern.compile(decodeValueOfAsterisk));
+ decodingList.add(Pattern.compile(DECODEVALUE_FORWARDSLASH));
+ decodingList.add(Pattern.compile(DECODEVALUE_HYPHEN));
+ decodingList.add(Pattern.compile(DECODEVALUE_ASTERISK));
for (Pattern xssInputPattern : decodingList) {
try {
decodedString = decodedString.replaceAll("%" + xssInputPattern,
new String(Hex.decodeHex(xssInputPattern.toString().toCharArray())));
} catch (DecoderException e) {
- logger.error(EELFLoggerDelegate.applicationLogger,
+ logger.error(EELFLoggerDelegate.securityLogger,
"AuthUtil Decode Failed! for instance: " + str);
- throw new Exception("decode failed", e);
+ throw new MusicAuthenticationException("Decode failed", e);
}
}
@@ -132,44 +137,42 @@ public class AuthUtil {
* @return boolean value if the access is allowed
* @throws Exception throws exception
*/
- public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws Exception {
+ public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws MusicAuthenticationException {
if (request==null) {
- throw new Exception("Request cannot be null");
+ throw new MusicAuthenticationException("Request cannot be null");
}
if (nameSpace==null || nameSpace.isEmpty()) {
- throw new Exception("NameSpace not Declared!");
+ throw new MusicAuthenticationException("NameSpace not Declared!");
}
boolean isauthorized = false;
List<AAFPermission> aafPermsList = getAAFPermissions(request);
- //logger.info(EELFLoggerDelegate.applicationLogger,
- // "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
-
- logger.debug(EELFLoggerDelegate.applicationLogger, "Requested nameSpace: " + nameSpace);
-
+ logger.info(EELFLoggerDelegate.securityLogger,
+ "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
+ logger.debug(EELFLoggerDelegate.securityLogger, "Requested nameSpace: " + nameSpace);
List<AAFPermission> aafPermsFinalList = filterNameSpacesAAFPermissions(nameSpace, aafPermsList);
- logger.debug(EELFLoggerDelegate.applicationLogger,
- "AuthUtil list of AAFPermission for the specific namespace ::::::::::::::::::::::::::::::::::::::::::::"
+ logger.debug(EELFLoggerDelegate.securityLogger,
+ "AuthUtil list of AAFPermission for the specific namespace :::"
+ aafPermsFinalList);
HttpServletRequest httpRequest = (HttpServletRequest) request;
String requestUri = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
- logger.debug(EELFLoggerDelegate.applicationLogger,
- "AuthUtil requestUri ::::::::::::::::::::::::::::::::::::::::::::" + requestUri);
+ logger.debug(EELFLoggerDelegate.securityLogger,
+ "AuthUtil requestUri :::" + requestUri);
- for (Iterator iterator = aafPermsFinalList.iterator(); iterator.hasNext();) {
+ for (Iterator<AAFPermission> iterator = aafPermsFinalList.iterator(); iterator.hasNext();) {
AAFPermission aafPermission = (AAFPermission) iterator.next();
if(!isauthorized) {
- isauthorized = isMatchPatternWithInstanceAndAction(aafPermission, requestUri, httpRequest.getMethod());
+ isauthorized = isMatchPattern(aafPermission, requestUri, httpRequest.getMethod());
}
}
- logger.debug(EELFLoggerDelegate.applicationLogger,
+ logger.debug(EELFLoggerDelegate.securityLogger,
"isAccessAllowed for the request uri: " + requestUri + "is :" + isauthorized);
return isauthorized;
}
@@ -205,23 +208,21 @@ public class AuthUtil {
* @return returns a boolean
* @throws Exception - throws an exception
*/
- private static boolean isMatchPatternWithInstanceAndAction(
+ private static boolean isMatchPattern(
AAFPermission aafPermission,
String requestUri,
- String method) throws Exception {
+ String method) throws MusicAuthenticationException {
if (null == aafPermission || null == requestUri || null == method) {
return false;
}
String permKey = aafPermission.getKey();
- logger.info(EELFLoggerDelegate.applicationLogger, "isMatchPattern permKey: "
+ logger.debug(EELFLoggerDelegate.securityLogger, "isMatchPattern permKey: "
+ permKey + ", requestUri " + requestUri + " ," + method);
String[] keyArray = permKey.split("\\|");
String[] subPath = null;
- //String type = null;
- //type = keyArray[0];
String instance = keyArray[1];
String action = keyArray[2];
@@ -251,13 +252,7 @@ public class AuthUtil {
subPath = path[i].split("\\.");
for (int j = 0; j < subPath.length; j++) {
if (instanceList.contains(subPath[j])) {
- if ("*".equals(action) || "ALL".equalsIgnoreCase(action)) {
- return true;
- } else if (method.equalsIgnoreCase(action)) {
- return true;
- } else {
- return false;
- }
+ return checkAction(method,action);
} else {
continue;
}
@@ -265,4 +260,15 @@ public class AuthUtil {
}
return false;
}
+
+ private static boolean checkAction(String method, String action) {
+ if ("*".equals(action) || "ALL".equalsIgnoreCase(action)) {
+ return true;
+ } else {
+ return (method.equalsIgnoreCase(action));
+ }
+ }
+
+
+
} \ No newline at end of file