From 0d62e1d1e8d0a7744a62f437605a4197ec6e3285 Mon Sep 17 00:00:00 2001 From: Jorge Hernandez Date: Wed, 8 Aug 2018 10:28:36 -0500 Subject: generic jetty filter and cadi support Change-Id: I363e44e85e1d89c6254218629010d5c3e1507e0a Issue-ID: POLICY-1043 Signed-off-by: Jorge Hernandez --- policy-endpoints/pom.xml | 6 ++ .../endpoints/http/server/HttpServletServer.java | 32 +++--- .../http/server/HttpServletServerFactory.java | 12 +++ .../http/server/internal/JettyServletServer.java | 17 ++++ .../properties/PolicyEndPointProperties.java | 107 +++++++++++---------- .../endpoints/http/server/test/HttpServerTest.java | 5 + .../endpoints/http/server/test/TestFilter.java | 41 ++++++++ 7 files changed, 155 insertions(+), 65 deletions(-) create mode 100644 policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/TestFilter.java (limited to 'policy-endpoints') diff --git a/policy-endpoints/pom.xml b/policy-endpoints/pom.xml index 81c1d86f..fb546a5a 100644 --- a/policy-endpoints/pom.xml +++ b/policy-endpoints/pom.xml @@ -86,6 +86,12 @@ + + org.onap.aaf.authz + aaf-cadi-aaf + 2.1.1 + + org.eclipse.jetty jetty-server diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java index c1d1a353..a2dd948a 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServer.java @@ -1,6 +1,6 @@ /* * ============LICENSE_START======================================================= - * policy-endpoints + * ONAP * ================================================================================ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ @@ -23,30 +23,38 @@ package org.onap.policy.common.endpoints.http.server; import org.onap.policy.common.capabilities.Startable; /** - * A Jetty Server to server REST Requests + * Http Servlet Server interface */ public interface HttpServletServer extends Startable { /** - * factory for managing and tracking DMAAP sources + * Factory of Http Servlet Servers */ - public static HttpServletServerFactory factory = new IndexedHttpServletServerFactory(); + HttpServletServerFactory factory = new IndexedHttpServletServerFactory(); /** * * @return port */ - public int getPort(); + int getPort(); /** * enables basic authentication with user and password on the the relative path relativeUriPath * - * @param user - * @param password - * @param relativeUriPath + * @param user user + * @param password password + * @param relativeUriPath relative path */ - public void setBasicAuthentication(String user, String password, String relativeUriPath); + void setBasicAuthentication(String user, String password, String relativeUriPath); + + /** + * adds a filter at the specified path + * + * @param filterPath filter path + * @param filterClass filter class + */ + void addFilterClass(String filterPath, String filterClass); /** * adds a JAX-RS servlet class to serve REST requests @@ -57,7 +65,7 @@ public interface HttpServletServer extends Startable { * @throws IllegalArgumentException unable to process because of invalid input * @throws IllegalStateException unable to process because of invalid state */ - public void addServletClass(String servletPath, String restClass); + void addServletClass(String servletPath, String restClass); /** * adds a package containing JAX-RS classes to serve REST requests @@ -68,7 +76,7 @@ public interface HttpServletServer extends Startable { * @throws IllegalArgumentException unable to process because of invalid input * @throws IllegalStateException unable to process because of invalid state */ - public void addServletPackage(String servletPath, String restPackage); + void addServletPackage(String servletPath, String restPackage); /** * blocking start of the http server @@ -79,5 +87,5 @@ public interface HttpServletServer extends Startable { * @throws IllegalArgumentException if arguments are invalid * @throws InterruptedException if the blocking operation is interrupted */ - public boolean waitedStart(long maxWaitTime) throws InterruptedException; + boolean waitedStart(long maxWaitTime) throws InterruptedException; } diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java index c7d2b1bf..4a430b20 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/HttpServletServerFactory.java @@ -26,6 +26,7 @@ import java.util.HashMap; import java.util.List; import java.util.Properties; +import org.onap.aaf.cadi.filter.CadiFilter; import org.onap.policy.common.endpoints.http.server.internal.JettyJerseyServer; import org.onap.policy.common.endpoints.properties.PolicyEndPointProperties; import org.slf4j.Logger; @@ -222,6 +223,13 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory { https = Boolean.parseBoolean(httpsString); } + String aafString = properties.getProperty(PolicyEndPointProperties.PROPERTY_HTTP_SERVER_SERVICES + "." + + serviceName + PolicyEndPointProperties.PROPERTY_AAF_SUFFIX); + boolean aaf = false; + if (aafString != null && !aafString.isEmpty()) { + aaf = Boolean.parseBoolean(httpsString); + } + HttpServletServer service = build(serviceName, https, hostName, servicePort, contextUriPath, swagger, managed); if (userName != null && !userName.isEmpty() && password != null && !password.isEmpty()) { service.setBasicAuthentication(userName, password, authUriPath); @@ -241,6 +249,10 @@ class IndexedHttpServletServerFactory implements HttpServletServerFactory { } } + if (aaf) { + service.addFilterClass(contextUriPath, CadiFilter.class.getCanonicalName()); + } + serviceList.add(service); } diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java index a4cc9b5f..b22a9401 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/http/server/internal/JettyServletServer.java @@ -22,6 +22,8 @@ package org.onap.policy.common.endpoints.http.server.internal; import com.fasterxml.jackson.annotation.JsonIgnore; +import java.util.EnumSet; +import javax.servlet.DispatcherType; import org.eclipse.jetty.security.ConstraintMapping; import org.eclipse.jetty.security.ConstraintSecurityHandler; import org.eclipse.jetty.security.HashLoginService; @@ -175,6 +177,21 @@ public abstract class JettyServletServer implements HttpServletServer, Runnable this(name, false, host, port, contextPath); } + @Override + public void addFilterClass(String aFilterPath, String aFilterClass) { + if (aFilterClass == null || aFilterClass.isEmpty()) { + throw new IllegalArgumentException("No filter class provided"); + } + + String filterPath = aFilterPath; + if (aFilterPath == null || aFilterPath.isEmpty()) { + filterPath = "/*"; + } + + context.addFilter(aFilterClass, filterPath, + EnumSet.of(DispatcherType.INCLUDE, DispatcherType.REQUEST)); + } + public ServerConnector httpsConnector() { SslContextFactory sslContextFactory = new SslContextFactory(); diff --git a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java index 38f9b94d..bd8ea6f5 100644 --- a/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java +++ b/policy-endpoints/src/main/java/org/onap/policy/common/endpoints/properties/PolicyEndPointProperties.java @@ -24,77 +24,78 @@ public interface PolicyEndPointProperties { /* Generic property suffixes */ - public static final String PROPERTY_TOPIC_SERVERS_SUFFIX = ".servers"; - public static final String PROPERTY_TOPIC_API_KEY_SUFFIX = ".apiKey"; - public static final String PROPERTY_TOPIC_API_SECRET_SUFFIX = ".apiSecret"; - public static final String PROPERTY_TOPIC_AAF_MECHID_SUFFIX = ".aafMechId"; - public static final String PROPERTY_TOPIC_AAF_PASSWORD_SUFFIX = ".aafPassword"; - public static final String PROPERTY_TOPIC_EVENTS_SUFFIX = ".events"; - public static final String PROPERTY_TOPIC_EVENTS_FILTER_SUFFIX = ".filter"; - public static final String PROPERTY_TOPIC_EVENTS_CUSTOM_MODEL_CODER_GSON_SUFFIX = ".events.custom.gson"; - public static final String PROPERTY_TOPIC_EVENTS_CUSTOM_MODEL_CODER_JACKSON_SUFFIX = ".events.custom.jackson"; - - public static final String PROPERTY_TOPIC_SOURCE_CONSUMER_GROUP_SUFFIX = ".consumerGroup"; - public static final String PROPERTY_TOPIC_SOURCE_CONSUMER_INSTANCE_SUFFIX = ".consumerInstance"; - public static final String PROPERTY_TOPIC_SOURCE_FETCH_TIMEOUT_SUFFIX = ".fetchTimeout"; - public static final String PROPERTY_TOPIC_SOURCE_FETCH_LIMIT_SUFFIX = ".fetchLimit"; - public static final String PROPERTY_MANAGED_SUFFIX = ".managed"; - - public static final String PROPERTY_TOPIC_SINK_PARTITION_KEY_SUFFIX = ".partitionKey"; - - public static final String PROPERTY_ALLOW_SELF_SIGNED_CERTIFICATES_SUFFIX = ".selfSignedCertificates"; + String PROPERTY_TOPIC_SERVERS_SUFFIX = ".servers"; + String PROPERTY_TOPIC_API_KEY_SUFFIX = ".apiKey"; + String PROPERTY_TOPIC_API_SECRET_SUFFIX = ".apiSecret"; + String PROPERTY_TOPIC_AAF_MECHID_SUFFIX = ".aafMechId"; + String PROPERTY_TOPIC_AAF_PASSWORD_SUFFIX = ".aafPassword"; + String PROPERTY_TOPIC_EVENTS_SUFFIX = ".events"; + String PROPERTY_TOPIC_EVENTS_FILTER_SUFFIX = ".filter"; + String PROPERTY_TOPIC_EVENTS_CUSTOM_MODEL_CODER_GSON_SUFFIX = ".events.custom.gson"; + String PROPERTY_TOPIC_EVENTS_CUSTOM_MODEL_CODER_JACKSON_SUFFIX = ".events.custom.jackson"; + + String PROPERTY_TOPIC_SOURCE_CONSUMER_GROUP_SUFFIX = ".consumerGroup"; + String PROPERTY_TOPIC_SOURCE_CONSUMER_INSTANCE_SUFFIX = ".consumerInstance"; + String PROPERTY_TOPIC_SOURCE_FETCH_TIMEOUT_SUFFIX = ".fetchTimeout"; + String PROPERTY_TOPIC_SOURCE_FETCH_LIMIT_SUFFIX = ".fetchLimit"; + String PROPERTY_MANAGED_SUFFIX = ".managed"; + String PROPERTY_AAF_SUFFIX = ".aaf"; + + String PROPERTY_TOPIC_SINK_PARTITION_KEY_SUFFIX = ".partitionKey"; + + String PROPERTY_ALLOW_SELF_SIGNED_CERTIFICATES_SUFFIX = ".selfSignedCertificates"; /* UEB Properties */ - public static final String PROPERTY_UEB_SOURCE_TOPICS = "ueb.source.topics"; - public static final String PROPERTY_UEB_SINK_TOPICS = "ueb.sink.topics"; + String PROPERTY_UEB_SOURCE_TOPICS = "ueb.source.topics"; + String PROPERTY_UEB_SINK_TOPICS = "ueb.sink.topics"; /* DMAAP Properties */ - public static final String PROPERTY_DMAAP_SOURCE_TOPICS = "dmaap.source.topics"; - public static final String PROPERTY_DMAAP_SINK_TOPICS = "dmaap.sink.topics"; - - public static final String PROPERTY_DMAAP_DME2_PARTNER_SUFFIX = ".dme2.partner"; - public static final String PROPERTY_DMAAP_DME2_ROUTE_OFFER_SUFFIX = ".dme2.routeOffer"; - public static final String PROPERTY_DMAAP_DME2_ENVIRONMENT_SUFFIX = ".dme2.environment"; - public static final String PROPERTY_DMAAP_DME2_AFT_ENVIRONMENT_SUFFIX = ".dme2.aft.environment"; - public static final String PROPERTY_DMAAP_DME2_LATITUDE_SUFFIX = ".dme2.latitude"; - public static final String PROPERTY_DMAAP_DME2_LONGITUDE_SUFFIX = ".dme2.longitude"; - - public static final String PROPERTY_DMAAP_DME2_EP_READ_TIMEOUT_MS_SUFFIX = ".dme2.epReadTimeoutMs"; - public static final String PROPERTY_DMAAP_DME2_EP_CONN_TIMEOUT_SUFFIX = ".dme2.epConnTimeout"; - public static final String PROPERTY_DMAAP_DME2_ROUNDTRIP_TIMEOUT_MS_SUFFIX = ".dme2.roundtripTimeoutMs"; - public static final String PROPERTY_DMAAP_DME2_VERSION_SUFFIX = ".dme2.version"; - public static final String PROPERTY_DMAAP_DME2_SERVICE_NAME_SUFFIX = ".dme2.serviceName"; - public static final String PROPERTY_DMAAP_DME2_SUB_CONTEXT_PATH_SUFFIX = ".dme2.subContextPath"; - public static final String PROPERTY_DMAAP_DME2_SESSION_STICKINESS_REQUIRED_SUFFIX = + String PROPERTY_DMAAP_SOURCE_TOPICS = "dmaap.source.topics"; + String PROPERTY_DMAAP_SINK_TOPICS = "dmaap.sink.topics"; + + String PROPERTY_DMAAP_DME2_PARTNER_SUFFIX = ".dme2.partner"; + String PROPERTY_DMAAP_DME2_ROUTE_OFFER_SUFFIX = ".dme2.routeOffer"; + String PROPERTY_DMAAP_DME2_ENVIRONMENT_SUFFIX = ".dme2.environment"; + String PROPERTY_DMAAP_DME2_AFT_ENVIRONMENT_SUFFIX = ".dme2.aft.environment"; + String PROPERTY_DMAAP_DME2_LATITUDE_SUFFIX = ".dme2.latitude"; + String PROPERTY_DMAAP_DME2_LONGITUDE_SUFFIX = ".dme2.longitude"; + + String PROPERTY_DMAAP_DME2_EP_READ_TIMEOUT_MS_SUFFIX = ".dme2.epReadTimeoutMs"; + String PROPERTY_DMAAP_DME2_EP_CONN_TIMEOUT_SUFFIX = ".dme2.epConnTimeout"; + String PROPERTY_DMAAP_DME2_ROUNDTRIP_TIMEOUT_MS_SUFFIX = ".dme2.roundtripTimeoutMs"; + String PROPERTY_DMAAP_DME2_VERSION_SUFFIX = ".dme2.version"; + String PROPERTY_DMAAP_DME2_SERVICE_NAME_SUFFIX = ".dme2.serviceName"; + String PROPERTY_DMAAP_DME2_SUB_CONTEXT_PATH_SUFFIX = ".dme2.subContextPath"; + String PROPERTY_DMAAP_DME2_SESSION_STICKINESS_REQUIRED_SUFFIX = ".dme2.sessionStickinessRequired"; - public static final String PROPERTY_NOOP_SINK_TOPICS = "noop.sink.topics"; + String PROPERTY_NOOP_SINK_TOPICS = "noop.sink.topics"; /* HTTP Server Properties */ - public static final String PROPERTY_HTTP_SERVER_SERVICES = "http.server.services"; + String PROPERTY_HTTP_SERVER_SERVICES = "http.server.services"; - public static final String PROPERTY_HTTP_HOST_SUFFIX = ".host"; - public static final String PROPERTY_HTTP_PORT_SUFFIX = ".port"; - public static final String PROPERTY_HTTP_CONTEXT_URIPATH_SUFFIX = ".contextUriPath"; + String PROPERTY_HTTP_HOST_SUFFIX = ".host"; + String PROPERTY_HTTP_PORT_SUFFIX = ".port"; + String PROPERTY_HTTP_CONTEXT_URIPATH_SUFFIX = ".contextUriPath"; - public static final String PROPERTY_HTTP_AUTH_USERNAME_SUFFIX = ".userName"; - public static final String PROPERTY_HTTP_AUTH_PASSWORD_SUFFIX = ".password"; - public static final String PROPERTY_HTTP_AUTH_URIPATH_SUFFIX = ".authUriPath"; + String PROPERTY_HTTP_AUTH_USERNAME_SUFFIX = ".userName"; + String PROPERTY_HTTP_AUTH_PASSWORD_SUFFIX = ".password"; + String PROPERTY_HTTP_AUTH_URIPATH_SUFFIX = ".authUriPath"; - public static final String PROPERTY_HTTP_REST_CLASSES_SUFFIX = ".restClasses"; - public static final String PROPERTY_HTTP_REST_PACKAGES_SUFFIX = ".restPackages"; - public static final String PROPERTY_HTTP_REST_URIPATH_SUFFIX = ".restUriPath"; + String PROPERTY_HTTP_REST_CLASSES_SUFFIX = ".restClasses"; + String PROPERTY_HTTP_REST_PACKAGES_SUFFIX = ".restPackages"; + String PROPERTY_HTTP_REST_URIPATH_SUFFIX = ".restUriPath"; - public static final String PROPERTY_HTTP_HTTPS_SUFFIX = ".https"; - public static final String PROPERTY_HTTP_SWAGGER_SUFFIX = ".swagger"; + String PROPERTY_HTTP_HTTPS_SUFFIX = ".https"; + String PROPERTY_HTTP_SWAGGER_SUFFIX = ".swagger"; /* HTTP Client Properties */ - public static final String PROPERTY_HTTP_CLIENT_SERVICES = "http.client.services"; + String PROPERTY_HTTP_CLIENT_SERVICES = "http.client.services"; - public static final String PROPERTY_HTTP_URL_SUFFIX = PROPERTY_HTTP_CONTEXT_URIPATH_SUFFIX; + String PROPERTY_HTTP_URL_SUFFIX = PROPERTY_HTTP_CONTEXT_URIPATH_SUFFIX; } diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java index 0db6cfe1..d4c14a8a 100644 --- a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java +++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/HttpServerTest.java @@ -20,6 +20,7 @@ package org.onap.policy.common.endpoints.http.server.test; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import java.io.BufferedReader; @@ -51,6 +52,7 @@ public class HttpServerTest { HttpServletServer server = HttpServletServer.factory.build("echo", "localhost", 5678, "/", false, true); server.addServletPackage("/*", this.getClass().getPackage().getName()); + server.addFilterClass("/*", TestFilter.class.getCanonicalName()); server.waitedStart(5000); assertTrue(HttpServletServer.factory.get(5678).isAlive()); @@ -66,6 +68,9 @@ public class HttpServerTest { } assertTrue(response == null); + response = http(HttpServletServer.factory.get(5678), "http://localhost:5678/junit/echo/hello?block=true"); + assertEquals("FILTERED", response); + assertTrue(HttpServletServer.factory.get(5678).isAlive()); assertTrue(HttpServletServer.factory.inventory().size() == 1); diff --git a/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/TestFilter.java b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/TestFilter.java new file mode 100644 index 00000000..5de96930 --- /dev/null +++ b/policy-endpoints/src/test/java/org/onap/policy/common/endpoints/http/server/test/TestFilter.java @@ -0,0 +1,41 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP + * ================================================================================ + * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.policy.common.endpoints.http.server.test; + +import java.io.IOException; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; + +public class TestFilter implements Filter { + + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) + throws IOException, ServletException { + + if (servletRequest.getParameter("block") != null) { + servletResponse.getWriter().write("FILTERED"); + } else { + filterChain.doFilter(servletRequest, servletResponse); + } + } +} \ No newline at end of file -- cgit 1.2.3-korg