diff options
| author |   Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> | 2018-11-27 10:34:00 -0500 |
|---|---|---|
| committer | Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> | 2018-11-27 11:23:43 -0500 |
| commit | 677b05aeacfd280209a07debba202eaa01ac0968 (patch) | |
| tree | 30dc3d785111443b1286467b78aa21426955e23d | |
| parent | 92846d74d61560f7aba45fbb6dd3ca24e1cb29a2 (diff) | |
Issue-ID: PORTAL-474
System to system authorization using CADI
Change-Id: I58047d4cda3f445a223c6a12e59924db6881553a
Signed-off-by: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>
| -rw-r--r-- | ecomp-sdk/epsdk-fw/pom.xml | 4 | ||||
| -rw-r--r-- | ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java | 46 |
2 files changed, 38 insertions, 12 deletions
diff --git a/ecomp-sdk/epsdk-fw/pom.xml b/ecomp-sdk/epsdk-fw/pom.xml index 2a2e7721..aaf02147 100644 --- a/ecomp-sdk/epsdk-fw/pom.xml +++ b/ecomp-sdk/epsdk-fw/pom.xml @@ -77,7 +77,7 @@ <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-cadi-aaf</artifactId> - <version>2.1.7-SNAPSHOT</version> + <version>2.1.7</version> <exclusions> <exclusion> <groupId>gso</groupId> @@ -88,7 +88,7 @@ <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-cadi-core</artifactId> - <version>2.1.7-SNAPSHOT</version> + <version>2.1.7</version> </dependency> <dependency> <groupId>javax.servlet</groupId> diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java index 8bddef85..0fdc14d2 100644 --- a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java +++ b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java @@ -52,35 +52,65 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.portalsdk.core.onboarding.util.AuthUtil; import org.onap.portalsdk.core.onboarding.util.PortalApiConstants; import org.onap.portalsdk.core.onboarding.util.PortalApiProperties; public class CadiAuthFilter extends CadiFilter { - private static String inlclude_url_endpoints =""; + private static String include_url_endpoints =""; + private static String exclude_url_endpoints = ""; public static final String AUTHORIZATION = "Authorization"; public void init(FilterConfig filterConfig) throws ServletException { super.init(filterConfig); - inlclude_url_endpoints = filterConfig.getInitParameter("inlclude_url_endpoints"); + include_url_endpoints = filterConfig.getInitParameter("include_url_endpoints"); + exclude_url_endpoints = filterConfig.getInitParameter("exclude_url_endpoints"); } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { - if (inlclude_url_endpoints.equals("") || inlclude_url_endpoints == null || inlclude_url_endpoints.isEmpty()) { + if (include_url_endpoints.equals("") || include_url_endpoints == null || include_url_endpoints.isEmpty()) { throw new NullPointerException("inlclude_url_endpoints is null"); } else { - String includeUrlEndPointString = inlclude_url_endpoints; + String includeUrlEndPointString = include_url_endpoints; + if (exclude_url_endpoints.equals("") || exclude_url_endpoints == null || exclude_url_endpoints.isEmpty()) { + throw new NullPointerException("exculde_url_endpoints is null"); + } + String excludeUrlEndPointString = exclude_url_endpoints; + ArrayList<String> excludeUrlEndPointList = new ArrayList<String>( + Arrays.asList(excludeUrlEndPointString.split(","))); ArrayList<String> includeUrlEndPointList = new ArrayList<String>( Arrays.asList(includeUrlEndPointString.split(","))); - if (includeFilter(request, includeUrlEndPointList)) { + if (excludeFilter(request, excludeUrlEndPointList)) + chain.doFilter(request, response); + else if (includeFilter(request, includeUrlEndPointList)) super.doFilter(request, response, chain); - } else + else chain.doFilter(request, response); } } + + private String getUrl(ServletRequest request) { + String path = ""; + HttpServletRequest httpRequest = (HttpServletRequest) request; + path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1); + return path; + } + + private boolean excludeFilter(ServletRequest request, ArrayList<String> excludeUrlEndPointList) { + boolean isUrlExcluded = false; + String Path = getUrl(request); + + for (String str : excludeUrlEndPointList) { + if (!isUrlExcluded) + isUrlExcluded = AuthUtil.matchPattern(Path, str.substring(1)); + } + return isUrlExcluded; + } + private boolean includeFilter(ServletRequest request, ArrayList<String> includeapisList) { boolean isauthenticated = false; HttpServletRequest httpRequest = (HttpServletRequest) request; @@ -89,10 +119,6 @@ public class CadiAuthFilter extends CadiFilter { return isauthenticated; // TODO: refactor to have exclusion pattern String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1); - if (path.contains("analytics")) { - return isauthenticated; - } - for (String str : includeapisList) { if (!isauthenticated) isauthenticated = matchPattern(path, str); |