/*- * ============LICENSE_START======================================================= * ECOMP Policy Engine * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ============LICENSE_END========================================================= */ package org.openecomp.policy.pypdp.controller; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; import java.util.Base64; import java.util.Collection; import java.util.List; import java.util.StringTokenizer; import java.util.concurrent.atomic.AtomicLong; import org.openecomp.policy.api.ConfigRequestParameters; import org.openecomp.policy.api.DeletePolicyParameters; import org.openecomp.policy.api.EventRequestParameters; import org.openecomp.policy.api.NotificationScheme; import org.openecomp.policy.api.PolicyParameters; import org.openecomp.policy.api.PolicyResponse; import org.openecomp.policy.pypdp.ConfigFirewallPolicyRequest; import org.openecomp.policy.pypdp.ConfigRequest; import org.openecomp.policy.pypdp.DeletePolicyRequest; import org.openecomp.policy.pypdp.EventRequest; import org.openecomp.policy.pypdp.ListConfigRequest; import org.openecomp.policy.pypdp.PolicyCreateUpdateRequest; import org.openecomp.policy.pypdp.PushPolicyRequest; import org.openecomp.policy.pypdp.authorization.AuthenticationService; import org.openecomp.policy.pypdp.authorization.Config; import org.openecomp.policy.pypdp.jmx.PyPdpMonitor; import org.openecomp.policy.pypdp.model_pojo.PepConfigFirewallPolicyRequest; import org.openecomp.policy.pypdp.model_pojo.PepConfigPolicyNameRequest; import org.openecomp.policy.pypdp.model_pojo.PepConfigPolicyRequest; import org.openecomp.policy.pypdp.model_pojo.PepPushPolicyRequest; import org.openecomp.policy.pypdp.model_pojo.PyPolicyConfig; import org.openecomp.policy.pypdp.notifications.NotificationController; import org.openecomp.policy.std.StdPolicyEngine; import org.openecomp.policy.utils.PolicyUtils; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import springfox.documentation.annotations.ApiIgnore; import org.openecomp.policy.common.logging.eelf.PolicyLogger; import org.openecomp.policy.common.im.AdministrativeStateException; import org.openecomp.policy.common.im.StandbyStatusException; @RestController @Api(value="Policy Engine Services") public class PolicyEngineServices { private final NotificationScheme scheme = NotificationScheme.AUTO_ALL_NOTIFICATIONS; private final NotificationController handler = new NotificationController(); private final AtomicLong configCounter = PyPdpMonitor.singleton.getAtomicConfigCounter(); private final AtomicLong eventCounter = PyPdpMonitor.singleton.getAtomicEventCounter(); private final AtomicLong configPolicyNameCounter = PyPdpMonitor.singleton.getAtomicConfigPolicyNameCounter(); private final StdPolicyEngine policyEngine = new StdPolicyEngine(Config.getPDPs(), Config.getPAPs(), Config.getEncodingPAP(), Config.getEncoding(), scheme, handler, Config.getEnvironment(), Config.getClientFile(), Config.isTest()); @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Gets the configuration from the PolicyDecisionPoint(PDP)") @RequestMapping(value = "/getConfig", method = RequestMethod.POST) public @ResponseBody ResponseEntity> createConfigRequest(@RequestBody ConfigRequestParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false)String requestID) { Collection policyConfig = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CONFIG"); } catch (Exception e1) { return new ResponseEntity>(policyConfig, HttpStatus.UNAUTHORIZED); } ConfigRequest configRequest = new ConfigRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } policyConfig = configRequest.run(pep, requestID, userNamePass[0], userNamePass[1]); configCounter.incrementAndGet(); Config.getIntegrityMonitor().endTransaction(); for(PyPolicyConfig pythonConfig: policyConfig){ if(pythonConfig.getPolicyConfigMessage()!=null && pythonConfig.getPolicyConfigMessage().contains("PE300")){ return new ResponseEntity>(policyConfig, HttpStatus.BAD_REQUEST); } } return new ResponseEntity>(policyConfig, HttpStatus.OK); } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Gets the configuration from the PDP") @RequestMapping(value = "/listConfig", method = RequestMethod.POST) public @ResponseBody ResponseEntity> createListConfigRequest(@RequestBody ConfigRequestParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false)String requestID) { Collection policyList = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CONFIG"); } catch (Exception e1) { return new ResponseEntity>(policyList, HttpStatus.UNAUTHORIZED); } ListConfigRequest listConfigRequest = new ListConfigRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (StandbyStatusException e) { PolicyLogger.error("Error while starting Transaction " + e); } policyList = listConfigRequest.run(pep, requestID, userNamePass[0], userNamePass[1]); configCounter.incrementAndGet(); Config.getIntegrityMonitor().endTransaction(); for(String response : policyList){ if(response!=null && response.contains("PE300")){ return new ResponseEntity>(policyList, HttpStatus.BAD_REQUEST); } } return new ResponseEntity>(policyList, HttpStatus.OK); } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Sends the Events specified to the Policy Engine") @RequestMapping(value = "/sendEvent", method = RequestMethod.POST) public @ResponseBody ResponseEntity> createEventParameterRequest(@RequestBody EventRequestParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { Collection policyResponse = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "ACTION"); } catch (Exception e1) { return new ResponseEntity>(policyResponse, HttpStatus.UNAUTHORIZED); } EventRequest eventRequest = new EventRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } policyResponse = eventRequest.run(pep, requestID, userNamePass[0], userNamePass[1]); eventCounter.incrementAndGet(); Config.getIntegrityMonitor().endTransaction(); for(PolicyResponse response: policyResponse ){ if(response.getPolicyResponseMessage()!=null && response.getPolicyResponseMessage().contains("PE300")){ return new ResponseEntity>(policyResponse,HttpStatus.BAD_REQUEST); } } return new ResponseEntity>(policyResponse,HttpStatus.OK); } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Gets the configuration from the PolicyDecisionPoint(PDP)") @RequestMapping(value = "/getConfigByPolicyName", method = RequestMethod.POST) @Deprecated public @ResponseBody ResponseEntity> createConfigRequest(@RequestBody PepConfigPolicyNameRequest pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { Collection policyConfig = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CONFIG"); } catch (Exception e1) { return new ResponseEntity>(policyConfig, HttpStatus.UNAUTHORIZED); } ConfigRequest configRequest = new ConfigRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } policyConfig = configRequest.run(pep, requestID, userNamePass[0], userNamePass[1]); configPolicyNameCounter.incrementAndGet(); Config.getIntegrityMonitor().endTransaction(); return new ResponseEntity>(policyConfig, HttpStatus.OK); } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value="Pushes the specified policy to the PDP Group.") @RequestMapping(value = "/pushPolicy", method = RequestMethod.PUT) public @ResponseBody ResponseEntity pushPolicyRequest(@RequestBody PepPushPolicyRequest pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } PushPolicyRequest pushPolicy = new PushPolicyRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = pushPolicy.run(pep, requestID, userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response.contains("BAD REQUEST")||response.contains("PE300")) { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } else { return new ResponseEntity(response, HttpStatus.OK); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value="Deletes the specified policy from the PDP Group or PAP.") @RequestMapping(value = "/deletePolicy", method = RequestMethod.DELETE) public @ResponseBody ResponseEntity deletePolicyRequest(@RequestBody DeletePolicyParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "DELETEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } DeletePolicyRequest deletePolicy = new DeletePolicyRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = deletePolicy.run(pep, requestID, userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response.contains("BAD REQUEST")||response.contains("PE300")||response.contains("not exist")||response.contains("Invalid policyName")) { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } else if (response.contains("locked down")){ return new ResponseEntity(response, HttpStatus.ACCEPTED); } else if (response.contains("not Authorized")) { return new ResponseEntity(response, HttpStatus.FORBIDDEN); } else if (response.contains("groupId")) { return new ResponseEntity(response, HttpStatus.NOT_FOUND); } else if (response.contains("JPAUtils")||response.contains("database")||response.contains("policy file")|| response.contains("unknown")||response.contains("configuration")) { return new ResponseEntity(response, HttpStatus.INTERNAL_SERVER_ERROR); } else { return new ResponseEntity(response, HttpStatus.OK); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Creates a Policy based on given Policy Parameters.") @RequestMapping(value = "/createPolicy", method = RequestMethod.PUT) public @ResponseBody ResponseEntity createRequest(@RequestBody PolicyParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false)String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } PolicyCreateUpdateRequest policyCreateUpdateRequest = new PolicyCreateUpdateRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = policyCreateUpdateRequest.run(pep, requestID, "create", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if(response== null || response.contains("BAD REQUEST")||response.contains("PE300")){ return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } else if (response.contains("Policy Exist Error")) { return new ResponseEntity(response, HttpStatus.CONFLICT); } else if (response.contains("PE200")){ return new ResponseEntity(response, HttpStatus.INTERNAL_SERVER_ERROR); } else { return new ResponseEntity(response, HttpStatus.OK); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Updates a Policy based on given Policy Parameters.") @RequestMapping(value = "/updatePolicy", method = RequestMethod.PUT) public @ResponseBody ResponseEntity updateRequest(@RequestBody PolicyParameters pep,@RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } PolicyCreateUpdateRequest policyCreateUpdateRequest = new PolicyCreateUpdateRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = policyCreateUpdateRequest.run(pep, requestID, "update", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response==null|| response.contains("BAD REQUEST")||response.contains("PE300")){ return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } else if (response.contains("PE200")){ return new ResponseEntity(response, HttpStatus.INTERNAL_SERVER_ERROR); } else { return new ResponseEntity(response, HttpStatus.OK); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Creates a Config Policy based on given Policy Parameters.") @RequestMapping(value = "/createConfig", method = RequestMethod.PUT) @Deprecated public @ResponseBody ResponseEntity createConfigRequest(@RequestBody PepConfigPolicyRequest pep, @RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } PolicyCreateUpdateRequest policyCreateUpdateRequest = new PolicyCreateUpdateRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = policyCreateUpdateRequest.run(pep, requestID, "create", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response!=null && !response.contains("BAD REQUEST")) { return new ResponseEntity(response, HttpStatus.OK); } else { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value= "Updates a Config Policy based on given Policy Parameters.") @RequestMapping(value = "/updateConfig", method = RequestMethod.PUT) @Deprecated public @ResponseBody ResponseEntity updateConfigRequest(@RequestBody PepConfigPolicyRequest pep, @RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } PolicyCreateUpdateRequest policyCreateUpdateRequest = new PolicyCreateUpdateRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = policyCreateUpdateRequest.run(pep, requestID, "update", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response!=null && !response.contains("BAD REQUEST")) { return new ResponseEntity(response, HttpStatus.OK); } else { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value = "Creates a Config Firewall Policy") @RequestMapping(value = "/createFirewallConfig", method = RequestMethod.PUT) @Deprecated public @ResponseBody ResponseEntity createFirewallConfigRequest(@RequestBody PepConfigFirewallPolicyRequest pep, @RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } ConfigFirewallPolicyRequest firewallPolicyRequest = new ConfigFirewallPolicyRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = firewallPolicyRequest.run(pep, requestID, "create", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response!=null && !response.contains("BAD REQUEST")) { return new ResponseEntity(response, HttpStatus.OK); } else { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header"), @ApiImplicitParam(name ="Environment", required = true, paramType = "Header") }) @ApiOperation(value = "Updates a Config Firewall Policy") @RequestMapping(value = "/updateFirewallConfig", method = RequestMethod.PUT) @Deprecated public @ResponseBody ResponseEntity updateFirewallConfigRequest(@RequestBody PepConfigFirewallPolicyRequest pep, @RequestHeader(value="ClientAuth", required=true)String clientEncoding, @RequestHeader(value="X-ECOMP-RequestID", required=false) String requestID) { String response = null; String[] userNamePass = null; try { userNamePass = decodeEncoding(clientEncoding, "CREATEPOLICY"); } catch (Exception e1) { return new ResponseEntity(response, HttpStatus.UNAUTHORIZED); } ConfigFirewallPolicyRequest firewallPolicyRequest = new ConfigFirewallPolicyRequest(policyEngine); try{ Config.getIntegrityMonitor().startTransaction(); } catch (AdministrativeStateException e) { PolicyLogger.error("Error while starting Transaction " + e); } catch (Exception e) { PolicyLogger.error("Error while starting Transaction " + e); } response = firewallPolicyRequest.run(pep, requestID, "update", userNamePass[0], userNamePass[1]); Config.getIntegrityMonitor().endTransaction(); if (response!=null && !response.contains("BAD REQUEST")) { return new ResponseEntity(response, HttpStatus.OK); } else { return new ResponseEntity(response, HttpStatus.BAD_REQUEST); } } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header") }) @ApiOperation(value= "Gets the API Services usage Information") @ApiIgnore @RequestMapping(value = "/count", method = RequestMethod.GET) public String getCount() { return "Total Config Calls : " + configCounter + "\n" +"Total Config calls made using Policy File Name: " + configPolicyNameCounter + "\n" + "Total Event Calls : " + eventCounter; } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header") }) @ApiOperation(value = "Gets the PDPs that are listed to provide service.") @RequestMapping(value = "/pdps", method = RequestMethod.GET) public List listPDPs() { return Config.getPDPs(); } @ApiImplicitParams({ @ApiImplicitParam(name ="Authorization", required = true, paramType = "Header") }) @ApiOperation(value = "Gets the PAPs that are listed to provide service.") @RequestMapping(value = "/paps", method = RequestMethod.GET) public List listPAPs() { return Config.getPAPs(); } /* * Internal Decoding System. to support old and new Calls. */ private String[] decodeEncoding(String clientEncoding, String scope) throws Exception{ String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding); if(userNamePass==null){ if(AuthenticationService.clientAuth(clientEncoding)){ if(AuthenticationService.checkClientScope(clientEncoding, scope)){ String usernameAndPassword = null; byte[] decodedBytes = Base64.getDecoder().decode(clientEncoding); usernameAndPassword = new String(decodedBytes, "UTF-8"); StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":"); String username = tokenizer.nextToken(); String password = tokenizer.nextToken(); userNamePass= new String[]{username, password}; } } } if(userNamePass==null){ throw new Exception("Client is Not authrorized to make this call. Please contact PyPDP Admin."); } return userNamePass; } }