diff options
Diffstat (limited to 'ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java')
| -rw-r--r-- | ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java | 130 |
1 files changed, 130 insertions, 0 deletions
diff --git a/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java b/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java new file mode 100644 index 000000000..817629420 --- /dev/null +++ b/ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java @@ -0,0 +1,130 @@ +/*- + * ============LICENSE_START======================================================= + * ECOMP-PAP-REST + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.openecomp.policy.pap.xacml.restAuth; + +import java.io.IOException; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.annotation.WebFilter; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.openecomp.policy.pap.xacml.rest.XACMLPapServlet; + +/** + * Servlet Filter implementation class PAPAuthenticationFilter + */ +@WebFilter("/*") +public class PAPAuthenticationFilter implements Filter { + + private static final Log logger = LogFactory.getLog(PAPAuthenticationFilter.class); + public static final String AUTHENTICATION_HEADER = "Authorization"; + + @Override + public void doFilter(ServletRequest request, ServletResponse response, + FilterChain filter) throws IOException, ServletException { + + + if (request instanceof HttpServletRequest) { + HttpServletRequest httpServletRequest = (HttpServletRequest) request; + + String authCredentials = null; + String url = httpServletRequest.getRequestURI(); + + logger.info("Request URI: " + url); + System.out.println("Request URI: " + url); + + //getting authentication credentials + if(url.contains("@Auth@")){ + int authIndex = url.lastIndexOf("@"); + int endAuthIndex = url.indexOf("/ecomp"); + authCredentials = "Basic " + url.substring(authIndex+1, endAuthIndex); + + //parse the url for /pap/ecomp/ + String url1 = url.substring(0, 4); + String url2 = url.substring(endAuthIndex, url.length()); + url = url1 + url2; + + } else { + authCredentials = httpServletRequest.getHeader(AUTHENTICATION_HEADER); + } + + // Check Authentication credentials + AuthenticationService authenticationService = new AuthenticationService(); + boolean authenticationStatus = authenticationService.authenticate(authCredentials); + + if (authenticationStatus) { + //indicates the request comes from Traditional Admin Console or PolicyEngineAPI + if (url.equals("/pap/")){ + logger.info("Request comes from Traditional Admin Console or PolicyEngineAPI"); + + //forward request to the XACMLPAPServlet if authenticated + request.getRequestDispatcher("/pap/pap/").forward(request, response); + + }else if (url.startsWith("/pap/ecomp/")){ + + //indicates the request comes from the ECOMP Portal ecomp-sdk-app + if(response instanceof HttpServletResponse) { + HttpServletResponse alteredResponse = ((HttpServletResponse)response); + addCorsHeader(alteredResponse); + logger.info("Request comes from Ecomp Portal"); + //Spring dispatcher servlet is at the end of the filter chain at /pap/ecomp/ path + System.out.println("New Request URI: " + url); + //request.getRequestDispatcher(url).forward(request, alteredResponse); + filter.doFilter(request, response); + } + + } + + } else { + if (response instanceof HttpServletResponse) { + HttpServletResponse httpServletResponse = (HttpServletResponse) response; + httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + } + } + + } + } + + //method to add CorsHeaders for ecomp portal rest call + private void addCorsHeader(HttpServletResponse response) { + logger.info("Adding Cors Response Headers!!!"); + response.addHeader("Access-Control-Allow-Origin", "*"); + response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, HEAD"); + response.addHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept"); + response.addHeader("Access-Control-Max-Age", "1728000"); + } + + @Override + public void destroy() { + } + + @Override + public void init(FilterConfig arg0) throws ServletException { + } +} |