diff options
Diffstat (limited to 'ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth')
3 files changed, 45 insertions, 38 deletions
diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/AuthenticationService.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/AuthenticationService.java index 10cc81549..ff849435e 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/AuthenticationService.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/AuthenticationService.java @@ -21,9 +21,11 @@ package org.onap.policy.pap.xacml.restAuth; import com.att.research.xacml.util.XACMLProperties; + import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.StringTokenizer; + import org.onap.policy.common.logging.eelf.MessageCodes; import org.onap.policy.common.logging.eelf.PolicyLogger; import org.onap.policy.rest.XACMLRestProperties; diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/CheckPDP.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/CheckPDP.java index 181dd0910..ab1576715 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/CheckPDP.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/CheckPDP.java @@ -21,6 +21,7 @@ package org.onap.policy.pap.xacml.restAuth; import com.att.research.xacml.api.pap.PAPException; + import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; @@ -37,6 +38,7 @@ import java.util.HashMap; import java.util.List; import java.util.Objects; import java.util.Properties; + import org.onap.policy.common.logging.eelf.MessageCodes; import org.onap.policy.common.logging.eelf.PolicyLogger; import org.onap.policy.common.logging.flexlogger.FlexLogger; @@ -73,19 +75,20 @@ public class CheckPDP { String pdpFile = XACMLPapServlet.getPDPFile(); if (pdpFile == null) { PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + "PDP File name is undefined"); - throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"PDP File name not Valid : " + pdpFile); + throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "PDP File name not Valid : " + pdpFile); } if (pdpPath == null) { pdpPath = Paths.get(pdpFile); if (Files.notExists(pdpPath)) { PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + "File doesn't exist in the specified Path"); - throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"File doesn't exist in the specified Path : "+ pdpPath.toString()); + throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + + "File doesn't exist in the specified Path : " + pdpPath.toString()); } if (pdpPath.toString().endsWith(".properties")) { readProps(); } else { PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR + "Not a .properties file"); - throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Not a .properties file"); + throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file"); } } // Check if File is updated recently @@ -98,7 +101,7 @@ public class CheckPDP { } } - @SuppressWarnings({ "rawtypes", "unchecked" }) + @SuppressWarnings({"rawtypes", "unchecked"}) private static void readProps() throws PAPException { InputStream in; pdpProp = new Properties(); @@ -137,45 +140,47 @@ public class CheckPDP { } if (pdpMap == null || pdpMap.isEmpty()) { logger.debug(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Proceed without PDP_URLs"); - throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Cannot Proceed without PDP_URLs"); + throw new PAPException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Proceed without PDP_URLs"); } } - private static void readPDPParam(String pdpVal) throws PAPException{ - if(pdpVal.contains(",")){ + private static void readPDPParam(String pdpVal) throws PAPException { + if (pdpVal.contains(",")) { List<String> pdpValues = new ArrayList<>(Arrays.asList(pdpVal.split("\\s*,\\s*"))); - if(pdpValues.size()==3){ + if (pdpValues.size() == 3) { // 1:2 will be UserID:Password String userID = pdpValues.get(1); String pass = PeCryptoUtils.decrypt(pdpValues.get(2)); Base64.Encoder encoder = Base64.getEncoder(); // 0 - PDPURL - pdpMap.put(pdpValues.get(0), encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8))); - }else{ + pdpMap.put(pdpValues.get(0), + encoder.encodeToString((userID + ":" + pass).getBytes(StandardCharsets.UTF_8))); + } else { PolicyLogger.error(MessageCodes.ERROR_PERMISSIONS + "No Credentials to send Request"); - throw new PAPException(XACMLErrorConstants.ERROR_PERMISSIONS + "No enough Credentials to send Request. " + pdpValues); + throw new PAPException( + XACMLErrorConstants.ERROR_PERMISSIONS + "No enough Credentials to send Request. " + pdpValues); } - }else{ + } else { PolicyLogger.error(MessageCodes.ERROR_PERMISSIONS + "No Credentials to send Request: " + pdpVal); - throw new PAPException(XACMLErrorConstants.ERROR_PERMISSIONS +"No enough Credentials to send Request."); + throw new PAPException(XACMLErrorConstants.ERROR_PERMISSIONS + "No enough Credentials to send Request."); } } - public static String getEncoding(String pdpID){ + public static String getEncoding(String pdpID) { try { readFile(); } catch (Exception e) { PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "CheckPDP", "Exeption reading Properties file"); } String encoding = null; - if(pdpMap!=null && (!pdpMap.isEmpty())){ - try{ + if (pdpMap != null && (!pdpMap.isEmpty())) { + try { encoding = pdpMap.get(pdpID); - } catch(Exception e){ + } catch (Exception e) { PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "CheckPDP", "Exception encoding"); } return encoding; - }else{ + } else { return null; } } diff --git a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java index 94cd9c798..323b89a01 100644 --- a/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java +++ b/ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java @@ -2,14 +2,14 @@ * ============LICENSE_START======================================================= * ONAP-PAP-REST * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -41,13 +41,12 @@ import org.apache.commons.logging.LogFactory; @WebFilter("/*") public class PAPAuthenticationFilter implements Filter { - private static final Log logger = LogFactory.getLog(PAPAuthenticationFilter.class); + private static final Log logger = LogFactory.getLog(PAPAuthenticationFilter.class); public static final String AUTHENTICATION_HEADER = "Authorization"; @Override - public void doFilter(ServletRequest request, ServletResponse response, - FilterChain filter) throws IOException, ServletException { - + public void doFilter(ServletRequest request, ServletResponse response, FilterChain filter) + throws IOException, ServletException { if (request instanceof HttpServletRequest) { HttpServletRequest httpServletRequest = (HttpServletRequest) request; @@ -57,7 +56,7 @@ public class PAPAuthenticationFilter implements Filter { logger.info("Request URI: " + url); - //getting authentication credentials + // getting authentication credentials authCredentials = httpServletRequest.getHeader(AUTHENTICATION_HEADER); // Check Authentication credentials @@ -65,17 +64,17 @@ public class PAPAuthenticationFilter implements Filter { boolean authenticationStatus = authenticationService.authenticate(authCredentials); if (authenticationStatus) { - //indicates the request comes from Traditional Admin Console or PolicyEngineAPI - if ("/pap/".equals(url)){ + // indicates the request comes from Traditional Admin Console or PolicyEngineAPI + if ("/pap/".equals(url)) { logger.info("Request comes from Traditional Admin Console or PolicyEngineAPI"); - //forward request to the XACMLPAPServlet if authenticated + // forward request to the XACMLPAPServlet if authenticated request.getRequestDispatcher("/pap/pap/").forward(request, response); - }else if (url.startsWith("/pap/onap/") && response instanceof HttpServletResponse){ - //indicates the request comes from the ONAP Portal onap-sdk-app - HttpServletResponse alteredResponse = ((HttpServletResponse)response); + } else if (url.startsWith("/pap/onap/") && response instanceof HttpServletResponse) { + // indicates the request comes from the ONAP Portal onap-sdk-app + HttpServletResponse alteredResponse = ((HttpServletResponse) response); addCorsHeader(alteredResponse); logger.info("Request comes from Onap Portal"); - //Spring dispatcher servlet is at the end of the filter chain at /pap/onap/ path + // Spring dispatcher servlet is at the end of the filter chain at /pap/onap/ path filter.doFilter(request, response); } } else { @@ -88,22 +87,23 @@ public class PAPAuthenticationFilter implements Filter { } } - //method to add CorsHeaders for onap portal rest call + // method to add CorsHeaders for onap portal rest call private void addCorsHeader(HttpServletResponse response) { logger.info("Adding Cors Response Headers!!!"); response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, HEAD"); - response.addHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept"); - response.addHeader("Access-Control-Max-Age", "1728000"); + response.addHeader("Access-Control-Allow-Headers", + "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept"); + response.addHeader("Access-Control-Max-Age", "1728000"); } @Override public void destroy() { - //Empty + // Empty } @Override public void init(FilterConfig arg0) throws ServletException { - //Empty + // Empty } } |