diff options
Diffstat (limited to 'plugins/forwarding-plugins/src/main')
| -rw-r--r-- | plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyAdapter.java (renamed from plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/pap/engine/XacmlPapServletPolicyForwarder.java) | 41 | ||||
| -rw-r--r-- | plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarder.java | 135 | ||||
| -rw-r--r-- | plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarderParameterGroup.java | 182 | ||||
| -rw-r--r-- | plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/AbstractXacmlPdpPolicyAdapter.java | 54 | ||||
| -rw-r--r-- | plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/XacmlPdpOptimizationPolicyAdapter.java | 54 |
5 files changed, 453 insertions, 13 deletions
diff --git a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/pap/engine/XacmlPapServletPolicyForwarder.java b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyAdapter.java index eb33a852..c50eac12 100644 --- a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/pap/engine/XacmlPapServletPolicyForwarder.java +++ b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyAdapter.java @@ -5,34 +5,49 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * + * * SPDX-License-Identifier: Apache-2.0 * ============LICENSE_END========================================================= */ -package org.onap.policy.distribution.forwarding.pap.engine; +package org.onap.policy.distribution.forwarding.xacml.pdp; -import java.util.Collection; - -import org.onap.policy.distribution.forwarding.PolicyForwarder; +import org.onap.policy.api.PolicyParameters; +import org.onap.policy.api.PushPolicyParameters; import org.onap.policy.distribution.model.Policy; /** - * Forwards policies to the XACML PAP Servlet. + * Adapts {@link Policy} objects to objects compatible with the XACML PDP API. */ -public class XacmlPapServletPolicyForwarder implements PolicyForwarder { +public interface XacmlPdpPolicyAdapter<T extends Policy> { + + /** + * Get the policy. + * + * @return the policy + */ + T getPolicy(); + + /** + * Get as a {@link PolicyParameters} object. + * + * @returna {@link PolicyParameters} object + */ + PolicyParameters getAsPolicyParameters(); - @Override - public void forward(final Collection<Policy> policies) { - // Send policies to PAP using common/policy-endpoints - } + /** + * Get as a {@link PushPolicyParameters} object. + * + * @returna {@link PushPolicyParameters} object + */ + PushPolicyParameters getAsPushPolicyParameters(final String pdpGroups); } diff --git a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarder.java b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarder.java new file mode 100644 index 00000000..30d8f3ae --- /dev/null +++ b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarder.java @@ -0,0 +1,135 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2018 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.distribution.forwarding.xacml.pdp; + +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.util.Collection; +import java.util.Collections; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import org.onap.policy.api.PolicyParameters; +import org.onap.policy.api.PushPolicyParameters; +import org.onap.policy.common.endpoints.event.comm.bus.internal.BusTopicParams; +import org.onap.policy.common.endpoints.http.client.HttpClient; +import org.onap.policy.common.logging.flexlogger.FlexLogger; +import org.onap.policy.common.logging.flexlogger.Logger; +import org.onap.policy.common.parameters.ParameterService; +import org.onap.policy.distribution.forwarding.PolicyForwarder; +import org.onap.policy.distribution.forwarding.xacml.pdp.adapters.XacmlPdpOptimizationPolicyAdapter; +import org.onap.policy.distribution.model.OptimizationPolicy; +import org.onap.policy.distribution.model.Policy; +import org.springframework.http.HttpStatus; + +/** + * Forwards policies to the XACML PDP. + */ +public class XacmlPdpPolicyForwarder implements PolicyForwarder { + + private static final Logger LOGGER = FlexLogger.getLogger(XacmlPdpPolicyForwarder.class); + private static final String BASE_PATH = "pdp/api/"; + + private XacmlPdpPolicyForwarderParameterGroup configurationParameters = null; + + + @Override + public void forward(final Collection<Policy> policies) { + for (Policy policy : policies) { + forward(policy); + } + } + + private void forward(Policy policy) { + XacmlPdpPolicyAdapter<?> policyAdapter = getXacmlPdpPolicyAdapter(policy); + + if (policyAdapter == null) { + LOGGER.error("Cannot forward policy " + policy + ". Unsupported policy type " + + policy.getClass().getSimpleName()); + return; + } + + boolean policyCreated = createPolicy(policyAdapter); + if (policyCreated) { + pushPolicy(policyAdapter); + } + } + + private XacmlPdpPolicyAdapter<?> getXacmlPdpPolicyAdapter(Policy policy) { + if (policy instanceof OptimizationPolicy) { + return new XacmlPdpOptimizationPolicyAdapter((OptimizationPolicy) policy); + } + return null; + } + + private boolean createPolicy(XacmlPdpPolicyAdapter<?> policyAdapter) { + PolicyParameters policyParameters = policyAdapter.getAsPolicyParameters(); + Entity<PolicyParameters> entity = Entity.entity(policyParameters, MediaType.APPLICATION_JSON); + + return invokeHttpClient(entity, "createPolicy", policyAdapter.getPolicy().getPolicyName()); + } + + private boolean pushPolicy(XacmlPdpPolicyAdapter<?> policyAdapter) { + PushPolicyParameters pushPolicyParameters = + policyAdapter.getAsPushPolicyParameters(configurationParameters.getPdpGroup()); + Entity<PushPolicyParameters> entity = Entity.entity(pushPolicyParameters, MediaType.APPLICATION_JSON); + + return invokeHttpClient(entity, "pushPolicy", policyAdapter.getPolicy().getPolicyName()); + } + + private boolean invokeHttpClient(final Entity<?> entity, final String method, final String policyName) { + + try { + Response response = getHttpClient().put(method, entity, + Collections.singletonMap("ClientAuth", configurationParameters.getClientAuth())); + + if (response.getStatus() != HttpStatus.OK.value()) { + LOGGER.error( + "Invocation of method " + method + " failed for policy " + policyName + ". Response status: " + + response.getStatus() + ", Response status info: " + response.getStatusInfo()); + return false; + } + } catch (KeyManagementException | NoSuchAlgorithmException exception) { + LOGGER.error("Invocation of method " + method + " failed for policy " + policyName + + " due to error opening Http client", exception); + return false; + } + return true; + } + + private HttpClient getHttpClient() throws KeyManagementException, NoSuchAlgorithmException { + boolean useHttps = configurationParameters.isUseHttps(); + String hostname = configurationParameters.getHostname(); + int port = configurationParameters.getPort(); + String userName = configurationParameters.getUserName(); + String password = configurationParameters.getPassword(); + boolean managed = configurationParameters.isManaged(); + BusTopicParams params = BusTopicParams.builder().clientName("SDC Dist").useHttps(useHttps).hostname(hostname) + .port(port).userName(userName).password(password).basePath(BASE_PATH).managed(managed).build(); + return HttpClient.factory.build(params); + } + + @Override + public void configure(String parameterGroupName) { + configurationParameters = ParameterService.get(parameterGroupName); + } + +} diff --git a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarderParameterGroup.java b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarderParameterGroup.java new file mode 100644 index 00000000..e72e64ae --- /dev/null +++ b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/XacmlPdpPolicyForwarderParameterGroup.java @@ -0,0 +1,182 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2018 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.distribution.forwarding.xacml.pdp; + +import org.onap.policy.common.parameters.GroupValidationResult; +import org.onap.policy.common.parameters.ValidationStatus; +import org.onap.policy.common.utils.validation.ParameterValidationUtils; +import org.onap.policy.distribution.main.parameters.PolicyForwarderConfigurationParameterGroup; + +/** + * Holds the parameters for the{@link XacmlPdpPolicyForwarder} + */ +public class XacmlPdpPolicyForwarderParameterGroup extends PolicyForwarderConfigurationParameterGroup { + + public static final String POLICY_FORWARDER_PLUGIN_CLASS = XacmlPdpPolicyForwarder.class.getCanonicalName(); + + private boolean useHttps; + private String hostname; + private int port; + private String userName; + private String password; + private String clientAuth; + private boolean isManaged; + private String pdpGroup; + + public boolean isUseHttps() { + return useHttps; + } + + public String getHostname() { + return hostname; + } + + public int getPort() { + return port; + } + + public String getUserName() { + return userName; + } + + public String getPassword() { + return password; + } + + public String getClientAuth() { + return clientAuth; + } + + public boolean isManaged() { + return isManaged; + } + + public String getPdpGroup() { + return pdpGroup; + } + + /** + * Builder for XacmlPdpPolicyForwarderParameterGroup. + */ + public static class XacmlPdpPolicyForwarderParameterGroupBuilder { + private boolean useHttps = false; + private String hostname; + private int port; + private String userName; + private String password; + private String clientAuth; + private boolean isManaged = true; + private String pdpGroup; + + public XacmlPdpPolicyForwarderParameterGroupBuilder setUseHttps(final boolean useHttps) { + this.useHttps = useHttps; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setHostname(final String hostname) { + this.hostname = hostname; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setPort(final int port) { + this.port = port; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setUserName(final String userName) { + this.userName = userName; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setPassword(final String password) { + this.password = password; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setClientAuth(final String clientAuth) { + this.clientAuth = clientAuth; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setIsManaged(final boolean isManaged) { + this.isManaged = isManaged; + return this; + } + + public XacmlPdpPolicyForwarderParameterGroupBuilder setPdpGroup(final String pdpGroup) { + this.pdpGroup = pdpGroup; + return this; + } + + /** + * Creates a new XacmlPapServletPolicyForwarderParameterGroup instance. + */ + public XacmlPdpPolicyForwarderParameterGroup build() { + return new XacmlPdpPolicyForwarderParameterGroup(this); + } + } + + /** + * Construct an instance + * + * @param builder the builder create the instance from + */ + private XacmlPdpPolicyForwarderParameterGroup(final XacmlPdpPolicyForwarderParameterGroupBuilder builder) { + this.useHttps = builder.useHttps; + this.hostname = builder.hostname; + this.port = builder.port; + this.userName = builder.userName; + this.password = builder.password; + this.clientAuth = builder.clientAuth; + this.isManaged = builder.isManaged; + this.pdpGroup = builder.pdpGroup; + } + + @Override + public GroupValidationResult validate() { + final GroupValidationResult validationResult = new GroupValidationResult(this); + if (!ParameterValidationUtils.validateStringParameter(hostname)) { + validationResult.setResult("hostname", ValidationStatus.INVALID, + "must be a non-blank string containing hostname/ipaddress"); + } + if (!ParameterValidationUtils.validateIntParameter(port)) { + validationResult.setResult("port", ValidationStatus.INVALID, "must be a positive integer containing port"); + } + if (!ParameterValidationUtils.validateStringParameter(userName)) { + validationResult.setResult("userName", ValidationStatus.INVALID, + "must be a non-blank string containing userName"); + } + if (!ParameterValidationUtils.validateStringParameter(password)) { + validationResult.setResult("password", ValidationStatus.INVALID, + "must be a non-blank string containing password"); + } + if (!ParameterValidationUtils.validateStringParameter(clientAuth)) { + validationResult.setResult("clientAuth", ValidationStatus.INVALID, + "must be a non-blank string containing clientAuth"); + } + if (!ParameterValidationUtils.validateStringParameter(pdpGroup)) { + validationResult.setResult("pdpGroup", ValidationStatus.INVALID, + "must be a non-blank string containing pdpGroup"); + } + return validationResult; + } + +} diff --git a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/AbstractXacmlPdpPolicyAdapter.java b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/AbstractXacmlPdpPolicyAdapter.java new file mode 100644 index 00000000..c1365166 --- /dev/null +++ b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/AbstractXacmlPdpPolicyAdapter.java @@ -0,0 +1,54 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2018 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.distribution.forwarding.xacml.pdp.adapters; + +import org.onap.policy.api.PushPolicyParameters; +import org.onap.policy.distribution.forwarding.xacml.pdp.XacmlPdpPolicyAdapter; +import org.onap.policy.distribution.model.Policy; + +/** + * Base class for {@link XacmlPdpPolicyAdapter} implementations. + * + * @param <T> the type of policy the adapter handles + */ +public abstract class AbstractXacmlPdpPolicyAdapter<T extends Policy> implements XacmlPdpPolicyAdapter<T> { + + private T policy; + + protected AbstractXacmlPdpPolicyAdapter(T policy) { + this.policy = policy; + } + + @Override + public T getPolicy() { + return policy; + } + + @Override + public PushPolicyParameters getAsPushPolicyParameters(String pdpGroups) { + PushPolicyParameters pushPolicyParameters = new PushPolicyParameters(); + pushPolicyParameters.setPolicyName(policy.getPolicyName()); + pushPolicyParameters.setPolicyType(policy.getPolicyType()); + pushPolicyParameters.setPdpGroup(pdpGroups); + return pushPolicyParameters; + } + +} diff --git a/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/XacmlPdpOptimizationPolicyAdapter.java b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/XacmlPdpOptimizationPolicyAdapter.java new file mode 100644 index 00000000..1ec654fa --- /dev/null +++ b/plugins/forwarding-plugins/src/main/java/org/onap/policy/distribution/forwarding/xacml/pdp/adapters/XacmlPdpOptimizationPolicyAdapter.java @@ -0,0 +1,54 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2018 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.policy.distribution.forwarding.xacml.pdp.adapters; + +import org.onap.policy.api.PolicyConfigType; +import org.onap.policy.api.PolicyParameters; +import org.onap.policy.distribution.model.OptimizationPolicy; + +/** + * Adapts {@link OptimizationPolicy} objects to objects compatible with the XACML PDP API. + */ +public class XacmlPdpOptimizationPolicyAdapter extends AbstractXacmlPdpPolicyAdapter<OptimizationPolicy> { + + /** + * Create an instance to adapt the given {@link OptimizationPolicy}. + * + * @param optimizationPolicy the {@link OptimizationPolicy} to be adapted + */ + public XacmlPdpOptimizationPolicyAdapter(final OptimizationPolicy optimizationPolicy) { + super(optimizationPolicy); + } + + @Override + public PolicyParameters getAsPolicyParameters() { + PolicyParameters policyParameters = new PolicyParameters(); + policyParameters.setPolicyName(getPolicy().getPolicyName()); + policyParameters.setPolicyDescription(getPolicy().getPolicyDescription()); + policyParameters.setPolicyConfigType(PolicyConfigType.valueOf(getPolicy().getPolicyConfigType())); + policyParameters.setOnapName(getPolicy().getOnapName()); + policyParameters.setRiskLevel(getPolicy().getRiskLevel()); + policyParameters.setConfigBody(getPolicy().getConfigBody()); + policyParameters.setRiskType(getPolicy().getRiskType()); + return policyParameters; + } + +} |