aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java81
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java137
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java56
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java176
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java133
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java42
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java45
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java111
-rw-r--r--cmso-optimizer/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java103
9 files changed, 884 insertions, 0 deletions
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java
new file mode 100644
index 0000000..246c396
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java
@@ -0,0 +1,81 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.io.IOException;
+import java.util.Properties;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CmsoException;
+import org.onap.optf.cmso.optimizer.Application;
+import org.onap.optf.cmso.optimizer.SpringProfiles;
+import org.onap.optf.cmso.optimizer.common.LogMessages;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authentication filter.
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafFilter extends OrderedRequestContextFilter {
+
+ private final CadiFilter cadiFilter;
+
+ /**
+ * Instantiates a new aaf filter.
+ *
+ * @throws IOException Signals that an I/O exception has occurred.
+ * @throws ServletException the servlet exception
+ */
+ public AafFilter() throws IOException, ServletException {
+ Properties cadiProperties = new Properties();
+ cadiProperties.load(Application.class.getClassLoader().getResourceAsStream("cadi.properties"));
+ cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
+ this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority());
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
+ throws IOException, ServletException {
+ cadiFilter.doFilter(request, response, filterChain);
+ if (response.getStatus() == 401) {
+ Observation.report(LogMessages.UNAUTHENTICATED);
+ ResponseFormatter.errorResponse(request, response,
+ new CmsoException(LogMessages.UNAUTHENTICATED.getStatus(), LogMessages.UNAUTHENTICATED, ""));
+ }
+ }
+
+
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java
new file mode 100644
index 0000000..db58156
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java
@@ -0,0 +1,137 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.util.HashSet;
+import java.util.Set;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+
+
+/**
+ * The Class AafPerm.
+ */
+public class AafPerm {
+ private String type;
+ private String instance;
+ private String action;
+ private Set<String> actions = new HashSet<>();
+
+ /**
+ * Gets the action.
+ *
+ * @return the action
+ */
+ public String getAction() {
+ return action;
+ }
+
+ /**
+ * Sets the action.
+ *
+ * @param action the new action
+ */
+ public void setAction(String action) {
+ this.action = action;
+ String[] list = action.split(",");
+ for (String a : list) {
+ actions.add(a);
+ }
+ }
+
+ /**
+ * Gets the type.
+ *
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * Sets the type.
+ *
+ * @param type the new type
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * Gets the single instance of AafPerm.
+ *
+ * @return single instance of AafPerm
+ */
+ public String getInstance() {
+ return instance;
+ }
+
+ /**
+ * Sets the instance.
+ *
+ * @param instance the new instance
+ */
+ public void setInstance(String instance) {
+ this.instance = instance;
+ }
+
+ /**
+ * Gets the actions.
+ *
+ * @return the actions
+ */
+ public Set<String> getActions() {
+ return actions;
+ }
+
+ /**
+ * Sets the actions.
+ *
+ * @param actions the new actions
+ */
+ public void setActions(Set<String> actions) {
+ this.actions = actions;
+ }
+
+ /**
+ * Matches.
+ *
+ * @param userPerm the user perm
+ * @return true, if successful
+ */
+ public boolean matches(AAFPermission userPerm) {
+ if (type.equals(userPerm.getType())) {
+ if (userPerm.getInstance().equals("*") || instance.equals("*") || userPerm.getInstance().equals(instance)) {
+ for (String userAction : userPerm.getAction().split(",")) {
+ if (userAction.equals("*") || actions.contains("*") || actions.contains(userAction)) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java
new file mode 100644
index 0000000..38e9af4
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.optf.cmso.aaf;
+
+import org.onap.optf.cmso.optimizer.SpringProfiles;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@ComponentScan("org.onap.optf")
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafSecurityConfig extends WebSecurityConfigurerAdapter {
+
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+
+ http.csrf().disable();
+
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java
new file mode 100644
index 0000000..65decec
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java
@@ -0,0 +1,176 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * The Class AafUserRole.
+ */
+public class AafUserRole {
+ private String url = "";
+ private String[] pathParts = {};
+ private String perm = "";
+ private String method = "";
+ private List<AafPerm> aafPerms = new ArrayList<>();
+
+ /**
+ * Instantiates a new aaf user role.
+ *
+ * @param url the url
+ * @param perm the perm
+ */
+ public AafUserRole(String url, String perm) {
+ this.setUrl(url);
+ this.setPerm(perm);
+ pathParts = url.split("\\/");
+
+ String[] perms = perm.split(",");
+ for (String p : perms) {
+ String[] parts = p.split(" ");
+ if (parts.length == 2) {
+ method = parts[1];
+ } else {
+ method = "ALL";
+ }
+
+ String[] list = parts[0].split("\\|");
+ if (list.length == 3) {
+ AafPerm aafPerm = new AafPerm();
+ aafPerm.setAction(list[2]);
+ aafPerm.setInstance(list[1]);
+ aafPerm.setType(list[0]);
+ aafPerms.add(aafPerm);
+ }
+ }
+ }
+
+ /**
+ * Gets the url.
+ *
+ * @return the url
+ */
+ public String getUrl() {
+ return url;
+ }
+
+ /**
+ * Sets the url.
+ *
+ * @param url the new url
+ */
+ public void setUrl(String url) {
+ this.url = url;
+ }
+
+ /**
+ * Gets the perm.
+ *
+ * @return the perm
+ */
+ public String getPerm() {
+ return perm;
+ }
+
+ /**
+ * Sets the perm.
+ *
+ * @param perm the new perm
+ */
+ public void setPerm(String perm) {
+ this.perm = perm;
+ }
+
+ /**
+ * Gets the aaf perms.
+ *
+ * @return the aaf perms
+ */
+ public List<AafPerm> getAafPerms() {
+ return aafPerms;
+ }
+
+ /**
+ * Sets the aaf perms.
+ *
+ * @param aafPerms the new aaf perms
+ */
+ public void setAafPerms(List<AafPerm> aafPerms) {
+ this.aafPerms = aafPerms;
+ }
+
+ /**
+ * Matches.
+ *
+ * @param path the path
+ * @param matchMethod the match method
+ * @return true, if successful
+ */
+ public boolean matches(String path, String matchMethod) {
+ if (!this.method.equalsIgnoreCase("ALL") && !this.method.equals("*") && !this.method.equals(matchMethod)) {
+ return false;
+ }
+ List<String> inNodes = new ArrayList<>();
+ List<String> matchNodes = new ArrayList<>();
+ String[] pathList = path.split("\\/");
+ for (String n : pathList) {
+ inNodes.add(n);
+ }
+ for (String n : pathParts) {
+ matchNodes.add(n);
+ }
+
+ while (!inNodes.isEmpty() && !matchNodes.isEmpty()) {
+ String inNode = inNodes.remove(0);
+ String matchNode = matchNodes.get(0);
+ if (matchNode.equals(inNode) || matchNode.equals("*")) {
+ matchNodes.remove(0);
+ } else {
+ if (!matchNode.equals("**")) {
+ return false;
+ }
+ }
+ }
+
+ //
+ if (inNodes.isEmpty() && matchNodes.isEmpty()) {
+ return true;
+ }
+
+ // We have incoming nodes remaining, see if we can wildcard them
+ if (matchNodes.size() == 1) {
+ if (matchNodes.get(0).equals("**")) {
+ return true;
+ }
+ if (inNodes.size() == 1 && matchNodes.get(0).equals("*")) {
+ return true;
+ }
+ }
+ return false;
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java
new file mode 100644
index 0000000..171a11f
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java
@@ -0,0 +1,133 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+import javax.annotation.PostConstruct;
+import javax.servlet.http.HttpServletRequest;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.optimizer.SpringProfiles;
+import org.onap.optf.cmso.optimizer.common.LogMessages;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+/**
+ * This class uses a properties file to map URL patterns/method to AAF Permissions (AafPerm).
+ *
+ * @author jf9860
+ *
+ */
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafUserRoleProperties {
+ @Autowired
+ Environment env;
+
+ private List<AafUserRole> list = new ArrayList<>();
+
+ /**
+ * Initialize permissions.
+ */
+ @PostConstruct
+ public void initializePermissions() {
+ String userRolePropertiesName =
+ env.getProperty("aaf.user.roles", "src/main/resources/aaf/AAFUserRoles.properties");
+ Properties props = new Properties();
+ try {
+ props.load(new FileInputStream(new File(userRolePropertiesName)));
+ } catch (Exception e) {
+ Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage());
+ }
+ for (Object url : props.keySet()) {
+ Object value = props.get(url);
+ list.add(new AafUserRole((String) url, (String) value));
+ }
+ }
+
+ /**
+ * Gets the for url method.
+ *
+ * @param url the url
+ * @param method the method
+ * @return the for url method
+ */
+ public List<AafUserRole> getForUrlMethod(String url, String method) {
+ List<AafUserRole> userRoleList = new ArrayList<>();
+ for (AafUserRole aur : list) {
+ if (aur.matches(url, method)) {
+ userRoleList.add(aur);
+ }
+ }
+ return userRoleList;
+ }
+
+ /**
+ * Process permissions.
+ *
+ * @param request the request
+ * @param userPerms the user perms
+ * @return true, if successful
+ */
+ public boolean processPermissions(HttpServletRequest request, List<Permission> userPerms) {
+ try {
+ // Get list of perms that match incoming URL. May be more than 1...
+ // Users perms must match all that match URL
+ List<AafUserRole> perms = getForUrlMethod(request.getRequestURI(), request.getMethod());
+ int tested = 0;
+ int passed = 0;
+ for (AafUserRole perm : perms) {
+ for (AafPerm test : perm.getAafPerms()) {
+ tested++;
+ for (Permission userPerm : userPerms) {
+
+ if (test.matches((AAFPermission) userPerm)) {
+ passed++;
+ break;
+ }
+ }
+ }
+ }
+ // All permissions must be OK
+ if (tested > 0 && tested == passed) {
+ return true;
+ } else {
+ return false;
+ }
+ } catch (Exception e) {
+ Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage());
+ }
+ return false;
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java
new file mode 100644
index 0000000..bfafbd8
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java
@@ -0,0 +1,42 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import org.springframework.core.Ordered;
+
+public enum FilterPriority {
+ AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE), AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1);
+ private final int priority;
+
+ FilterPriority(final int ppri) {
+ priority = ppri;
+ }
+
+ public int getPriority() {
+ return priority;
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java
new file mode 100644
index 0000000..518814e
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright © 2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+
+package org.onap.optf.cmso.aaf;
+
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.onap.optf.cmso.common.exceptions.CmsoException;
+
+class ResponseFormatter {
+
+
+ static void errorResponse(HttpServletRequest request, HttpServletResponse response, CmsoException error)
+ throws IOException {
+ response.setStatus(error.getStatus().getStatusCode());
+ response.getWriter().write(error.getRequestError().toString());
+ response.getWriter().flush();
+ response.getWriter().close();
+ }
+
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java
new file mode 100644
index 0000000..4c85246
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java
@@ -0,0 +1,111 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.optf.cmso.common;
+
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.client.ClientRequestContext;
+import javax.ws.rs.client.ClientRequestFilter;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.xml.bind.DatatypeConverter;
+
+/**
+ * The Class BasicAuthenticatorFilter.
+ */
+public class BasicAuthenticatorFilter implements ClientRequestFilter {
+ private static EELFLogger log = EELFManager.getInstance().getLogger(BasicAuthenticatorFilter.class);
+ private final String user;
+ private final String password;
+
+ /**
+ * Instantiates a new basic authenticator filter.
+ *
+ * @param user the user
+ * @param password the password
+ */
+ public BasicAuthenticatorFilter(String user, String password) {
+ this.user = user;
+ this.password = password;
+ log.info("user: " + user + " pass:" + password);
+ }
+
+ /**
+ * Filter.
+ *
+ * @param requestContext the request context
+ * @throws IOException Signals that an I/O exception has occurred.
+ */
+ @Override
+ public void filter(ClientRequestContext requestContext) throws IOException {
+ MultivaluedMap<String, Object> headers = requestContext.getHeaders();
+ final String basicAuthentication = getBasicAuthentication();
+ headers.add("Authorization", basicAuthentication);
+ }
+
+ private String getBasicAuthentication() {
+ String token = this.user + ":" + this.password;
+ try {
+ return "Basic " + DatatypeConverter.printBase64Binary(token.getBytes("UTF-8"));
+ } catch (UnsupportedEncodingException ex) {
+ throw new IllegalStateException("Cannot encode with UTF-8", ex);
+ }
+ }
+
+ /**
+ * Gets the user.
+ *
+ * @param request the request
+ * @return the user
+ */
+ public static String getUser(HttpServletRequest request) {
+ String user = "";
+ String header = request.getHeader("Authorization");
+ if (header != null) {
+ String[] auth = header.split("Basic ");
+ if (auth.length == 2) {
+ String token = getToken(auth[1]);
+ if (token.contains(":")) {
+ String[] tokens = token.split(":");
+ user = tokens[0];
+ }
+ }
+ }
+ return user;
+ }
+
+ private static String getToken(String auth) {
+ try {
+ String token = new String(DatatypeConverter.parseBase64Binary(auth));
+ return token;
+ } catch (Exception e) {
+ return auth;
+ }
+ }
+}
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java
new file mode 100644
index 0000000..d56a992
--- /dev/null
+++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed under the Creative
+ * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.optf.cmso.common;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * The Class CMSRequestError.
+ */
+public class CmsoRequestError implements Serializable {
+ private static final long serialVersionUID = 1L;
+ @JsonProperty
+ RequestError requestError;
+
+ /**
+ * Instantiates a new CMS request error.
+ *
+ * @param messageId the message id
+ * @param text the text
+ * @param variables the variables
+ */
+ public CmsoRequestError(String messageId, String text, List<String> variables) {
+ requestError = new RequestError(messageId, text, variables);
+ }
+
+ /**
+ * Instantiates a new CMS request error.
+ *
+ * @param messageId the message id
+ * @param text the text
+ */
+ public CmsoRequestError(String messageId, String text) {
+ requestError = new RequestError(messageId, text, new ArrayList<String>());
+ }
+
+ /**
+ * The Class RequestError.
+ */
+ public class RequestError {
+ @JsonProperty
+ private String messageId;
+ @JsonProperty
+ private String text;
+ @JsonProperty
+ private List<String> variables;
+
+ private RequestError(String messageId, String text, List<String> variables) {
+ this.messageId = "CMSO." + messageId;
+ this.text = text;
+ this.variables = variables;
+ }
+
+ /**
+ * To string.
+ *
+ * @return the string
+ */
+ @Override
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append(messageId).append(":").append(text).append(":").append(variables);
+ return sb.toString();
+
+ }
+ }
+
+ /**
+ * To string.
+ *
+ * @return the string
+ */
+ @Override
+ public String toString() {
+ return requestError.toString();
+ }
+}