From 21a8761f684745bb300e075c7e98ad897ace9eed Mon Sep 17 00:00:00 2001 From: st782s Date: Tue, 30 Jan 2018 17:29:36 -0500 Subject: Security/ Package Name changes Issue-ID: PORTAL-174, PORTAL-157, PORTAL-156, PORTAL-148, PORTAL-145, PORTAL-140, PORTAL-133, PORTAL-121, PORTAL-111, PORTAL-88 Includes security fixes, Role Centralization, replace certain ECOMP occurrences etc Change-Id: I3c8b706709c6b92e646e3cbe50c2d660e8a46ef4 Signed-off-by: st782s --- .../service/sessionmgt/SessionCommunication.java | 290 +++++++++++++++++++++ 1 file changed, 290 insertions(+) create mode 100644 ecomp-portal-BE-common/src/main/java/org/onap/portalapp/service/sessionmgt/SessionCommunication.java (limited to 'ecomp-portal-BE-common/src/main/java/org/onap/portalapp/service/sessionmgt/SessionCommunication.java') diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/service/sessionmgt/SessionCommunication.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/service/sessionmgt/SessionCommunication.java new file mode 100644 index 00000000..ee525796 --- /dev/null +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/service/sessionmgt/SessionCommunication.java @@ -0,0 +1,290 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ +package org.onap.portalapp.service.sessionmgt; + +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.net.HttpURLConnection; +import java.net.URL; +import java.util.UUID; + +import javax.servlet.http.HttpServletResponse; + +import org.onap.portalapp.portal.logging.aop.EPAuditLog; +import org.onap.portalapp.portal.logging.aop.EPMetricsLog; +import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum; +import org.onap.portalapp.portal.logging.logic.EPLogUtil; +import org.onap.portalapp.portal.transport.OnboardingApp; +import org.onap.portalapp.portal.utils.EPCommonSystemProperties; +import org.onap.portalapp.portal.utils.EcompPortalUtils; +import org.onap.portalsdk.core.exception.UrlAccessRestrictedException; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.slf4j.MDC; +import org.springframework.context.annotation.EnableAspectJAutoProxy; +import org.springframework.stereotype.Service; +import org.springframework.util.StringUtils; + +import com.att.eelf.configuration.Configuration; + +@Service("sessionCommunication") +@org.springframework.context.annotation.Configuration +@EnableAspectJAutoProxy +public class SessionCommunication { + EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCommunication.class); + + @EPAuditLog + public String sendGet(OnboardingApp app) throws Exception { + String appResponse = ""; + String appName = ""; + int responseCode = 0; + if (app != null && app.name != null && app.name != "") { + try { + appName = app.name; + String url = app.restUrl + "/sessionTimeOuts"; + String encriptedPwdDB = app.appPassword; + String appUserName = app.username; + + setLocalMDCContext(app, "/sessionTimeOuts", url); + + URL obj = new URL(url); + + HttpURLConnection con = (HttpURLConnection) obj.openConnection(); + + // optional default is GET + con.setRequestMethod("GET"); + con.setConnectTimeout(3000); + con.setReadTimeout(8000); + // add request header + con.setRequestProperty("username", appUserName); + con.setRequestProperty("password", encriptedPwdDB); + + // con.set + responseCode = con.getResponseCode(); + logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode); + + BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream())); + String inputLine; + StringBuffer response = new StringBuffer(); + + while ((inputLine = in.readLine()) != null) { + response.append(inputLine); + } + + in.close(); + appResponse = response.toString(); + } catch (UrlAccessRestrictedException e) { + responseCode = HttpServletResponse.SC_UNAUTHORIZED; + logger.error(EELFLoggerDelegate.errorLogger, String.format( + "SessionCommunication.sendGet received an un-authorized exception. AppName: %s", appName)); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e); + } catch (Exception e) { + responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR; + String message = String.format( + "SessionCommunication.sendGet encountered an Exception. AppName: %s, Details: %s", appName, + e.toString()); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + } finally { + EcompPortalUtils.setExternalAppResponseCode(responseCode); + } + } else { + logger.error(EELFLoggerDelegate.errorLogger, "SessionCommunication sendGet: app is null"); + } + return appResponse; + } + + @EPAuditLog + public Boolean pingSession(OnboardingApp app, String sessionTimeoutMap) throws Exception { + String appName = ""; + int responseCode = 0; + try { + if (app == null) + throw new Exception("SessionCommunication.pingSession: app is null"); + if (app != null && app.name != null && app.name != "") { + appName = app.name; + } + String url = app.restUrl + "/updateSessionTimeOuts"; + String encriptedPwdDB = app.appPassword; + String appUserName = app.username; + + setLocalMDCContext(app, "/updateSessionTimeOuts", url); + + URL obj = new URL(url); + + HttpURLConnection con = (HttpURLConnection) obj.openConnection(); + + // optional default is GET + con.setRequestMethod("POST"); + con.setConnectTimeout(3000); + con.setReadTimeout(15000); + + // add request header + con.setRequestProperty("username", appUserName); + con.setRequestProperty("password", encriptedPwdDB); + + con.setRequestProperty("sessionMap", sessionTimeoutMap); + con.setDoInput(true); + con.setDoOutput(true); + con.getOutputStream().write(sessionTimeoutMap.getBytes()); + con.getOutputStream().flush(); + con.getOutputStream().close(); + + responseCode = con.getResponseCode(); + logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode); + } catch (UrlAccessRestrictedException e) { + responseCode = HttpServletResponse.SC_UNAUTHORIZED; + String message = String.format( + "SessionCommunication.pingSession received an un-authorized exception. AppName: %s", appName); + logger.error(EELFLoggerDelegate.errorLogger, message); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e); + } catch (Exception e) { + responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR; + String message = String.format( + "SessionCommunication.pingSession encountered an Exception. AppName: %s, Details: %s", appName, e.toString()); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + } finally { + EcompPortalUtils.setExternalAppResponseCode(responseCode); + } + + return true; + } + + @EPAuditLog + public Boolean timeoutSession(OnboardingApp app, String portalJSessionId) throws Exception { + String appName = "Unknwon"; + int responseCode = 0; + if (app != null && app.name != null && app.name != "") { + try { + appName = app.name; + String url = app.restUrl + "/timeoutSession" + "?portalJSessionId=" + portalJSessionId; + + String encriptedPwdDB = app.appPassword; + String appUserName = app.username; + // String decreptedPwd = CipherUtil.decrypt(encriptedPwdDB, + // SystemProperties.getProperty(SystemProperties.Decryption_Key)); + + setLocalMDCContext(app, "/timeoutSession", url); + + URL obj = new URL(url); + HttpURLConnection con = (HttpURLConnection) obj.openConnection(); + + // optional default is GET + con.setRequestMethod("POST"); + con.setConnectTimeout(3000); + con.setReadTimeout(15000); + + // add request header + con.setRequestProperty("username", appUserName); + con.setRequestProperty("password", encriptedPwdDB); + + // con.setRequestProperty("portalJSessionId", portalJSessionId); + con.setDoInput(true); + con.setDoOutput(true); + con.getOutputStream().flush(); + con.getOutputStream().close(); + + responseCode = con.getResponseCode(); + logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode); + } catch (UrlAccessRestrictedException e) { + responseCode = HttpServletResponse.SC_UNAUTHORIZED; + String message = String.format( + "SessionCommunication.timeoutSession received an un-authorized exception. AppName: %s", + appName); + logger.error(EELFLoggerDelegate.errorLogger, message); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e); + } catch (Exception e) { + responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR; + String message = String.format( + "SessionCommunication.timeoutSession encountered an Exception. AppName: %s, Details: %s", + appName, e.toString()); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + } finally { + EcompPortalUtils.setExternalAppResponseCode(responseCode); + } + } else { + logger.error(EELFLoggerDelegate.errorLogger, "SessionCommunication pingSession: app is null"); + } + return true; + } + + @EPMetricsLog + private void setLocalMDCContext(OnboardingApp app, String restPath, String url) { + setRequestId(); + MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP); + if (url != null && url.contains("https")) { + MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS); + } + MDC.put(EPCommonSystemProperties.FULL_URL, url); + MDC.put(EPCommonSystemProperties.TARGET_ENTITY, app.myLoginsAppName); + MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath); + } + + /** + * Generates request id, service name fields and loads them into MDC, as these + * values could be empty as these session timeout requests are generated at + * scheduled intervals using quartz scheduler. + */ + @EPMetricsLog + public void setRequestId() { + String requestId = MDC.get(Configuration.MDC_KEY_REQUEST_ID); + if (StringUtils.isEmpty(requestId)) { + MDC.put(Configuration.MDC_KEY_REQUEST_ID, UUID.randomUUID().toString()); + } + + MDC.put(Configuration.MDC_SERVICE_NAME, "/quartz/keepSessionAlive"); + MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); + } + + /** + * Remove the values from MDC as these requests are executed at regular + * intervals based on quartz rather incoming REST API requests. + * + * @param bAll + */ + @EPMetricsLog + public void clear(Boolean bAll) { + MDC.remove(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE); + if (bAll) { + MDC.remove(Configuration.MDC_KEY_REQUEST_ID); + MDC.remove(Configuration.MDC_SERVICE_NAME); + MDC.remove(EPCommonSystemProperties.PARTNER_NAME); + } + } +} -- cgit 1.2.3-korg