diff options
Diffstat (limited to 'ONAP-SDK-APP/src/main/java')
11 files changed, 252 insertions, 315 deletions
diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java index 1b6397c05..7db760a93 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java @@ -17,21 +17,20 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.conf; +package org.onap.portalapp.conf; import java.util.ArrayList; import java.util.List; -import org.openecomp.portalapp.login.LoginStrategyImpl; -import org.openecomp.portalapp.scheduler.RegistryAdapter; -import org.openecomp.portalsdk.core.auth.LoginStrategy; -import org.openecomp.portalsdk.core.conf.AppConfig; -import org.openecomp.portalsdk.core.conf.Configurable; -import org.openecomp.portalsdk.core.objectcache.AbstractCacheManager; -import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; -import org.openecomp.portalsdk.core.service.DataAccessService; -import org.openecomp.portalsdk.core.util.CacheManager; -import org.openecomp.portalsdk.core.util.SystemProperties; +import org.onap.portalapp.login.LoginStrategyImpl; +import org.onap.portalapp.scheduler.RegistryAdapter; +import org.onap.portalsdk.core.auth.LoginStrategy; +import org.onap.portalsdk.core.conf.AppConfig; +import org.onap.portalsdk.core.conf.Configurable; +import org.onap.portalsdk.core.objectcache.AbstractCacheManager; +import org.onap.portalsdk.core.service.DataAccessService; +import org.onap.portalsdk.core.util.CacheManager; +import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; @@ -48,12 +47,12 @@ import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; /** - * ONAP Portal SDK sample application. ONAP Portal SDK core AppConfig class to + * ONAP Portal SDK sample application. Extends core AppConfig class to * reuse interceptors, view resolvers and other features defined there. */ @Configuration @EnableWebMvc -@ComponentScan(basePackages = "org.onap, org.openecomp") +@ComponentScan(basePackages = "org.onap") @PropertySource(value = { "${container.classpath:}/WEB-INF/conf/app/test.properties" }, ignoreResourceNotFound = true) @Profile("src") @EnableAsync @@ -68,24 +67,27 @@ public class ExternalAppConfig extends AppConfig implements Configurable { } /** - * @see org.openecomp.portalsdk.core.conf.AppConfig#viewResolver() + * @see org.onap.portalsdk.core.conf.AppConfig#viewResolver() */ + @Override public ViewResolver viewResolver() { return super.viewResolver(); } /** - * @see org.openecomp.portalsdk.core.conf.AppConfig#addResourceHandlers(ResourceHandlerRegistry) + * @see org.onap.portalsdk.core.conf.AppConfig#addResourceHandlers(ResourceHandlerRegistry) * * @param registry */ + @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { super.addResourceHandlers(registry); } /** - * @see org.openecomp.portalsdk.core.conf.AppConfig#dataAccessService() + * @see org.onap.portalsdk.core.conf.AppConfig#dataAccessService() */ + @Override public DataAccessService dataAccessService() { // Echo the JDBC URL to assist developers when starting the app. System.out.println("ExternalAppConfig: " + SystemProperties.DB_CONNECTIONURL + " is " @@ -99,6 +101,7 @@ public class ExternalAppConfig extends AppConfig implements Configurable { * * @return List of String, size 1 */ + @Override public List<String> addTileDefinitions() { List<String> definitions = new ArrayList<>(); definitions.add("/WEB-INF/defs/definitions.xml"); @@ -136,15 +139,11 @@ public class ExternalAppConfig extends AppConfig implements Configurable { */ // @Bean // ANNOTATION COMMENTED OUT // APPLICATIONS REQUIRING QUARTZ SHOULD RESTORE ANNOTATION - public SchedulerFactoryBean schedulerFactoryBean() throws PortalAPIException { + public SchedulerFactoryBean schedulerFactoryBean() throws Exception { SchedulerFactoryBean scheduler = new SchedulerFactoryBean(); scheduler.setTriggers(schedulerRegistryAdapter.getTriggers()); scheduler.setConfigLocation(appApplicationContext.getResource("WEB-INF/conf/quartz.properties")); - try{ - scheduler.setDataSource(dataSource()); - }catch(Exception e){ - throw new PortalAPIException(e); - } + scheduler.setDataSource(dataSource()); return scheduler; } @@ -160,7 +159,6 @@ public class ExternalAppConfig extends AppConfig implements Configurable { @Bean public LoginStrategy loginStrategy() { - return new LoginStrategyImpl(); } } diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/ExternalAppInitializer.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java index 2a904ce3c..8a1fff0f5 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/ExternalAppInitializer.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/ExternalAppInitializer.java @@ -17,9 +17,9 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.conf; +package org.onap.portalapp.conf; -import org.openecomp.portalsdk.core.conf.AppInitializer; +import org.onap.portalsdk.core.conf.AppInitializer; public class ExternalAppInitializer extends AppInitializer { diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/HibernateMappingLocations.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/HibernateMappingLocations.java index c66a96c6b..01591ccf3 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/conf/HibernateMappingLocations.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/conf/HibernateMappingLocations.java @@ -17,25 +17,18 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.conf; +package org.onap.portalapp.conf; +import org.onap.portalsdk.core.conf.HibernateMappingLocatable; import org.springframework.context.annotation.Profile; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; import org.springframework.stereotype.Component; -import org.openecomp.portalsdk.core.conf.HibernateMappingLocatable; - @Component @Profile("src") public class HibernateMappingLocations implements HibernateMappingLocatable { - /* - * (non-Javadoc) - * - * @see org.openecomp.portalsdk.core.conf.HibernateMappingLocatable# - * getMappingLocations() - */ @Override public Resource[] getMappingLocations() { return new Resource[] { new ClassPathResource("../fusion/orm/Fusion.hbm.xml"), @@ -43,15 +36,9 @@ public class HibernateMappingLocations implements HibernateMappingLocatable { new ClassPathResource("../fusion/orm/RNoteBookIntegration.hbm.xml") }; } - /* - * (non-Javadoc) - * - * @see org.openecomp.portalsdk.core.conf.HibernateMappingLocatable# - * getPackagesToScan() - */ @Override public String[] getPackagesToScan() { - return new String[] { "org.onap", "org.openecomp" }; + return new String[] { "org.onap" }; } } diff --git a/ONAP-SDK-APP/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java new file mode 100644 index 000000000..9843f604a --- /dev/null +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/filter/SecurityXssFilter.java @@ -0,0 +1,90 @@ +/*- + * ================================================================================ + * ONAP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.onap.portalapp.filter; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; + +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.lang.StringUtils; +import org.onap.portalapp.util.SecurityXssValidator; +import org.springframework.web.filter.OncePerRequestFilter; +import org.springframework.web.util.ContentCachingRequestWrapper; +import org.springframework.web.util.ContentCachingResponseWrapper; +import org.springframework.web.util.WebUtils; + +public class SecurityXssFilter extends OncePerRequestFilter { + + private static final String BAD_REQUEST = "BAD_REQUEST"; + + private SecurityXssValidator validator = SecurityXssValidator.getInstance(); + + private static String getRequestData(final HttpServletRequest request) throws UnsupportedEncodingException { + String payload = null; + ContentCachingRequestWrapper wrapper = WebUtils.getNativeRequest(request, ContentCachingRequestWrapper.class); + if (wrapper != null) { + byte[] buf = wrapper.getContentAsByteArray(); + if (buf.length > 0) { + payload = new String(buf, 0, buf.length, wrapper.getCharacterEncoding()); + } + } + return payload; + } + + private static String getResponseData(final HttpServletResponse response) throws IOException { + String payload = null; + ContentCachingResponseWrapper wrapper = WebUtils.getNativeResponse(response, + ContentCachingResponseWrapper.class); + if (wrapper != null) { + byte[] buf = wrapper.getContentAsByteArray(); + if (buf.length > 0) { + payload = new String(buf, 0, buf.length, wrapper.getCharacterEncoding()); + wrapper.copyBodyToResponse(); + } + } + return payload; + } + + @SuppressWarnings("unused") + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + + if (request.getMethod().equalsIgnoreCase("POST") || request.getMethod().equalsIgnoreCase("PUT")) { + + HttpServletRequest requestToCache = new ContentCachingRequestWrapper(request); + HttpServletResponse responseToCache = new ContentCachingResponseWrapper(response); + filterChain.doFilter(requestToCache, responseToCache); + String requestData = getRequestData(requestToCache); + String responseData = getResponseData(responseToCache); + if (StringUtils.isNotBlank(requestData) && validator.denyXSS(requestData)) { + throw new SecurityException(BAD_REQUEST); + } + + } else { + filterChain.doFilter(request, response); + } + + } +} diff --git a/ONAP-SDK-APP/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java new file mode 100644 index 000000000..af6e0ae69 --- /dev/null +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/login/LoginStrategyImpl.java @@ -0,0 +1,113 @@ +/*- + * ================================================================================ + * ONAP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ + +package org.onap.portalapp.login; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.portalsdk.core.auth.LoginStrategy; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.onboarding.exception.CipherUtilException; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; +import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.util.SystemProperties; +import org.springframework.web.servlet.ModelAndView; + +/** + * Implements basic single-signon login strategy for open-source applications + * when users start at Portal. Extracts an encrypted user ID sent by Portal. + */ +public class LoginStrategyImpl extends LoginStrategy { + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginStrategyImpl.class); + + /** + * login for open source is same as external login in the non-open-source + * version. + */ + @Override + public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { + return doExternalLogin(request, response); + } + + @Override + public String getUserId(HttpServletRequest request) throws PortalAPIException { + // Check ECOMP Portal cookie + Cookie ep = getCookie(request, EP_SERVICE); + if (ep == null) { + logger.debug(EELFLoggerDelegate.debugLogger, "getUserId: no EP_SERVICE cookie, returning null"); + return null; + } + + String userid = null; + try { + userid = getUserIdFromCookie(request); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getUserId failed", e); + } + return userid; + } + + /** + * Searches the request for the user-ID cookie and decrypts the value using a + * key configured in properties + * + * @param request + * HttpServletRequest + * @return User ID + * @throws CipherUtilException + * On any failure to decrypt + */ + @SuppressWarnings("deprecation") + private String getUserIdFromCookie(HttpServletRequest request) throws CipherUtilException { + String userId = ""; + Cookie userIdCookie = getCookie(request, USER_ID); + if (userIdCookie != null) { + final String cookieValue = userIdCookie.getValue(); + if (!SystemProperties.containsProperty(SystemProperties.Decryption_Key)) + throw new IllegalStateException("Failed to find property " + SystemProperties.Decryption_Key); + final String decryptionKey = SystemProperties.getProperty(SystemProperties.Decryption_Key); + userId = CipherUtil.decrypt(cookieValue, decryptionKey); + logger.debug(EELFLoggerDelegate.debugLogger, "getUserIdFromCookie: decrypted as {}", userId); + } + return userId; + } + + /** + * Searches the request for the named cookie. + * + * @param request + * HttpServletRequest + * @param cookieName + * Name of desired cookie + * @return Cookie if found; otherwise null. + */ + private Cookie getCookie(HttpServletRequest request, String cookieName) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) + for (Cookie cookie : cookies) + if (cookie.getName().equals(cookieName)) + return cookie; + return null; + } + +} diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/scheduler/Register.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/scheduler/Register.java index 0bb7da14a..2a355787b 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/scheduler/Register.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/scheduler/Register.java @@ -17,14 +17,14 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.scheduler; +package org.onap.portalapp.scheduler; import java.util.ArrayList; import java.util.List; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.scheduler.Registerable; -import org.openecomp.portalsdk.core.util.SystemProperties; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.scheduler.Registerable; +import org.onap.portalsdk.core.util.SystemProperties; import org.quartz.Trigger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.DependsOn; @@ -34,10 +34,10 @@ import org.springframework.stereotype.Component; @DependsOn({ "logRegistry", "systemProperties" }) public class Register implements Registerable { - EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(Register.class); + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(Register.class); private List<Trigger> scheduleTriggers = new ArrayList<>(); - Trigger trigger[] = new Trigger[1]; + Trigger[] trigger = new Trigger[1]; @Autowired private LogRegistry logRegistry; @@ -49,15 +49,12 @@ public class Register implements Registerable { @Override public void registerTriggers() { - // if the property value is not available; the cron will not be added - // and can be ignored. its safe to ignore the exceptions - try { - if (SystemProperties.getProperty(SystemProperties.LOG_CRON) != null) - getScheduleTriggers().add(logRegistry.getTrigger()); - } catch (IllegalStateException ies) { - logger.info(EELFLoggerDelegate.debugLogger, ("Log Cron not available") + ies); + // if the property value is not available; the cron will not be added. + if (SystemProperties.containsProperty(SystemProperties.LOG_CRON)) { + logger.debug(EELFLoggerDelegate.debugLogger, + "Adding log registry for cron property {}", SystemProperties.getProperty(SystemProperties.LOG_CRON)); + getScheduleTriggers().add(logRegistry.getTrigger()); } - } public List<Trigger> getScheduleTriggers() { diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/scheduler/RegistryAdapter.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/scheduler/RegistryAdapter.java index 18b3fa45f..241d2a18e 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/scheduler/RegistryAdapter.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/scheduler/RegistryAdapter.java @@ -17,14 +17,14 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.scheduler; +package org.onap.portalapp.scheduler; import java.util.ArrayList; import java.util.Arrays; import java.util.List; -import org.openecomp.portalsdk.core.scheduler.Registerable; -import org.openecomp.portalsdk.workflow.services.WorkflowScheduleService; +import org.onap.portalsdk.core.scheduler.Registerable; +import org.onap.portalsdk.workflow.services.WorkflowScheduleService; import org.quartz.Trigger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.scheduling.quartz.SchedulerFactoryBean; @@ -41,20 +41,15 @@ public class RegistryAdapter { private SchedulerFactoryBean schedulerBean; - Trigger trigger[] = new Trigger[1]; + Trigger [] trigger = new Trigger[1]; public Trigger[] getTriggers() { - registry.registerTriggers(); - List<Trigger> allTriggers = new ArrayList<>(); - List<Trigger> coreTriggers = addCoreTriggers(); final Trigger[] extTriggerArray = registry.getTriggers(); - allTriggers.addAll(Arrays.asList(extTriggerArray)); allTriggers.addAll(coreTriggers); - return allTriggers.toArray(trigger); } @@ -65,8 +60,8 @@ public class RegistryAdapter { return triggers; } - public void setSchedulerBean(SchedulerFactoryBean _schedulerBean) { - schedulerBean = _schedulerBean; + public void setSchedulerBean(final SchedulerFactoryBean schedulerBean) { + this.schedulerBean = schedulerBean; } public SchedulerFactoryBean getSchedulerBean() { diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/service/AdminAuthExtension.java b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java index db5c0a69a..c769ded26 100644 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/service/AdminAuthExtension.java +++ b/ONAP-SDK-APP/src/main/java/org/onap/portalapp/service/AdminAuthExtension.java @@ -17,17 +17,17 @@ * limitations under the License. * ================================================================================ */ -package org.openecomp.portalapp.service; +package org.onap.portalapp.service; import java.util.Set; +import org.onap.policy.model.Roles; import org.onap.policy.rest.dao.CommonClassDao; import org.onap.policy.rest.jpa.UserInfo; -import org.openecomp.policy.model.Roles; -import org.openecomp.portalapp.service.IAdminAuthExtension; -import org.openecomp.portalsdk.core.domain.Role; -import org.openecomp.portalsdk.core.domain.User; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalapp.service.IAdminAuthExtension; +import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.User; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/FusionLicenseManagerImpl.java b/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/FusionLicenseManagerImpl.java deleted file mode 100644 index 454cd3378..000000000 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/FusionLicenseManagerImpl.java +++ /dev/null @@ -1,88 +0,0 @@ -/*- - * ================================================================================ - * ONAP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.lm; - -import java.util.Date; -import java.util.List; -import java.util.Map; - -import javax.servlet.ServletContext; - -import org.openecomp.portalsdk.core.lm.FusionLicenseManager; -import org.springframework.stereotype.Component; - -/* - * Please note that this class is not being used; its a dummy stub to have a qualifying bean for the interface. - */ - -@Component -public class FusionLicenseManagerImpl implements FusionLicenseManager { - - @Override - public void initKeyStoreParam() { - - } - - @Override - public void initCipherParam() { - - } - - @Override - public void initLicenseParam() { - - } - - @Override - public void doInitWork() { - - } - - @Override - public int installLicense() { - return 0; - } - - @Override - public synchronized int verifyLicense(ServletContext context) { - return 0; - } - - @Override - public void generateLicense(Map<String, String> clientInfoMap, List<String> ipAddressList) throws Exception { - - } - - @Override - public String nvl(String s) { - return null; - } - - @Override - public Date getExpiredDate() { - return null; - } - - @Override - public void setExpiredDate(Date expiredDate) { - - } - -} diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/LicenseableClassImpl.java b/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/LicenseableClassImpl.java deleted file mode 100644 index 26c5d9174..000000000 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/lm/LicenseableClassImpl.java +++ /dev/null @@ -1,62 +0,0 @@ -/*- - * ================================================================================ - * onap Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.lm; - -import java.io.FileNotFoundException; -import java.io.InputStream; - -import org.openecomp.portalsdk.core.lm.LicenseableClass; - -/* - * Please note that this class is not being used; its a dummy stub to have a qualifying bean for the interface. - */ - -public class LicenseableClassImpl implements LicenseableClass { - - public String getApplicationName() { - return ""; - } - - public InputStream getPublicKeystoreAsInputStream() throws FileNotFoundException { - return null; - } - - public String getAlias() { - return ""; - } - - public String getKeyPasswd() { - return ""; - } - - public String getPublicKeystorePassword() { - return ""; - } - - public String getCipherParamPassword() { - return ""; - } - - @SuppressWarnings("rawtypes") - public Class getClassToLicense() { - return this.getClass(); - } -} - diff --git a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java b/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java deleted file mode 100644 index 3b38f1d8e..000000000 --- a/ONAP-SDK-APP/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java +++ /dev/null @@ -1,93 +0,0 @@ -/*- - * ================================================================================ - * ONAP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.login; - -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.onap.policy.common.logging.flexlogger.FlexLogger; -import org.onap.policy.common.logging.flexlogger.Logger; -import org.openecomp.portalsdk.core.auth.LoginStrategy; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; -import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; -import org.openecomp.portalsdk.core.util.SystemProperties; -import org.springframework.web.servlet.ModelAndView; - -public class LoginStrategyImpl extends LoginStrategy { - - private static final Logger LOGGER = FlexLogger.getLogger(LoginStrategyImpl.class); - - @Override - public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { - // 'login' for opensource is same as 'external' login. - return doExternalLogin(request, response); - } - - @Override - public String getUserId(HttpServletRequest request) throws PortalAPIException { - // Check ONAP Portal cookie - if (!isLoginCookieExist(request)) - return null; - - String userid = null; - try { - userid = getUserIdFromCookie(request); - } catch (Exception e) { - LOGGER.error("Exception Occured" + e); - } - return userid; - } - - private static String getUserIdFromCookie(HttpServletRequest request) throws PortalAPIException { - String userId = ""; - Cookie userIdCookie = getCookie(request, USER_ID); - if (userIdCookie != null) { - final String cookieValue = userIdCookie.getValue(); - if (!SystemProperties.containsProperty(SystemProperties.Decryption_Key)) - throw new IllegalStateException("Failed to find property " + SystemProperties.Decryption_Key); - final String decryptionKey = SystemProperties.getProperty(SystemProperties.Decryption_Key); - try { - userId = CipherUtil.decrypt(cookieValue, decryptionKey); - LOGGER.debug("getUserIdFromCookie: decrypted as {}" +userId); - } catch (Exception e) { - LOGGER.error("Exception Occured in getUserIdFromCookie" + e); - } - } - return userId; - } - - private static boolean isLoginCookieExist(HttpServletRequest request) { - Cookie ep = getCookie(request, EP_SERVICE); - return (ep != null); - } - - private static Cookie getCookie(HttpServletRequest request, String cookieName) { - Cookie[] cookies = request.getCookies(); - if (cookies != null) - for (Cookie cookie : cookies) - if (cookie.getName().equals(cookieName)) - return cookie; - - return null; - } - -} |