From 316f6b290c57cc7017e11102e2b2e2ed190e069a Mon Sep 17 00:00:00 2001
From: Jorge Hernandez <jh1730@att.com>
Date: Mon, 17 Sep 2018 10:12:23 -0500
Subject: temporarily set aaf version to snapshot

With the latest released version of AAF, encountered
problems when testing AAF.  This seems to be resolved
when migrating to the not-released yet, 2.1.2-SNAPSHOT.
Checking further into AAF jira's it seems that some
necessary fixes have gone into 2.1.2-SNAPSHOT (see for example
AAF-460).

The assumption is that 2.1.2-SNAPSHOT will be soon
released by AAF team, and then we should appropriately change
this version.

In addition, there has been enhancements to allow policy
apps to configure additional filters.   These will be used
initially by specific "rest" servers to provide additional
authorization capabilities.

Change-Id: I48e279738de20bd68e3f05323ad9b6cffdafc83e
Signed-off-by: Jorge Hernandez <jh1730@att.com>
Issue-ID: POLICY-1044
Signed-off-by: Jorge Hernandez <jh1730@att.com>
---
 policy-endpoints/pom.xml                           |  2 +-
 .../http/server/HttpServletServerFactory.java      | 23 ++++++++++++++++------
 .../properties/PolicyEndPointProperties.java       |  1 +
 .../endpoints/http/server/test/HttpClientTest.java |  5 +++++
 4 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/policy-endpoints/pom.xml b/policy-endpoints/pom.xml
index 331ea183..716f5c9d 100644
--- a/policy-endpoints/pom.xml
+++ b/policy-endpoints/pom.xml
@@ -87,7 +87,7 @@
         <dependency>
             <groupId>org.onap.aaf.authz</groupId>
             <artifactId>aaf-cadi-aaf</artifactId>
-            <version>2.1.1</version>
+            <version>2.1.2-SNAPSHOT</version>
         </dependency>
 
         <dependency>
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
index 8d2953b6..c789cd26 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java
@@ -25,7 +25,6 @@ import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Properties;
-
 import org.onap.aaf.cadi.filter.CadiFilter;
 import org.onap.policy.common.endpoints.http.server.internal.JettyJerseyServer;
 import org.onap.policy.common.endpoints.properties.PolicyEndPointProperties;
@@ -198,6 +197,9 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
             String restClasses = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
                     + serviceName + PolicyEndPointProperties.PROPERTY_HTTP_REST_CLASSES_SUFFIX);
 
+            String filterClasses = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
+                + serviceName + PolicyEndPointProperties.PROPERTY_HTTP_FILTER_CLASSES_SUFFIX);
+
             String restPackages = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
                     + serviceName + PolicyEndPointProperties.PROPERTY_HTTP_REST_PACKAGES_SUFFIX);
             String restUriPath = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "."
@@ -232,8 +234,20 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
             }
 
             HttpServletServer service = build(serviceName, https, hostName, servicePort, contextUriPath, swagger, managed);
-            if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) {
-                service.setBasicAuthentication(userName, password, authUriPath);
+
+            /* authentication method either AAF or HTTP Basic Auth */
+
+            if (aaf) {
+                service.addFilterClass(contextUriPath, CadiFilter.class.getCanonicalName());
+            } else if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) {
+                    service.setBasicAuthentication(userName, password, authUriPath);
+            }
+
+            if (filterClasses != null && !filterClasses.isEmpty()) {
+                List<String> filterClassesList = Arrays.asList(filterClasses.split(SPACES_COMMA_SPACES));
+                for (String filterClass : filterClassesList) {
+                    service.addFilterClass(restUriPath, filterClass);
+                }
             }
 
             if (restClasses != null && !restClasses.isEmpty()) {
@@ -250,9 +264,6 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory {
                 }
             }
 
-            if (aaf) {
-                service.addFilterClass(contextUriPath, CadiFilter.class.getCanonicalName());
-            }
 
             serviceList.add(service);
         }
diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java
index bd8ea6f5..cc71748d 100644
--- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java
+++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java
@@ -85,6 +85,7 @@ public interface PolicyEndPointProperties {
     String PROPERTY_HTTP_AUTH_PASSWORD_SUFFIX = ".password";
     String PROPERTY_HTTP_AUTH_URIPATH_SUFFIX = ".authUriPath";
 
+    String PROPERTY_HTTP_FILTER_CLASSES_SUFFIX = ".filterClasses";
     String PROPERTY_HTTP_REST_CLASSES_SUFFIX = ".restClasses";
     String PROPERTY_HTTP_REST_PACKAGES_SUFFIX = ".restPackages";
     String PROPERTY_HTTP_REST_URIPATH_SUFFIX = ".restUriPath";
diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpClientTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpClientTest.java
index 61525c33..6805cdff 100644
--- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpClientTest.java
+++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpClientTest.java
@@ -108,6 +108,7 @@ public class HttpClientTest {
                 HttpServletServer.factory.build("echo", true, "localhost", 6667, "/", false, true);
         echoServerAuth.setBasicAuthentication("x", "y", null);
         echoServerAuth.addServletPackage("/*", HttpClientTest.class.getPackage().getName());
+        echoServerAuth.addFilterClass("/*", TestFilter.class.getCanonicalName());
         echoServerAuth.waitedStart(5000);
 
         if (!NetworkUtil.isTcpPortOpen("localhost", echoServerAuth.getPort(), 5, 10000L)) {
@@ -251,6 +252,10 @@ public class HttpClientTest {
                 PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + "PAP"
                         + PolicyEndPointProperties.PROPERTY_HTTP_REST_CLASSES_SUFFIX,
                 RestMockHealthCheck.class.getName());
+        httpProperties.setProperty(
+            PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + "PAP"
+                + PolicyEndPointProperties.PROPERTY_HTTP_FILTER_CLASSES_SUFFIX,
+            TestFilter.class.getName());
         httpProperties.setProperty(PolicyEndPointProperties.PROPERTY_HTTP_CLIENT_SERVICES + "." + "PAP"
                 + PolicyEndPointProperties.PROPERTY_MANAGED_SUFFIX, "true");
 
-- 
cgit 1.2.3-korg