summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-aaf/src/main
diff options
context:
space:
mode:
authorst782s <statta@research.att.com>2018-11-20 07:31:32 -0500
committerst782s <statta@research.att.com>2018-11-20 07:31:32 -0500
commit7246eabfd23d6cadc9f658f666df62b93f30ed70 (patch)
treef60963a0eb52e3bf645491afa5c6ed9477dc28c7 /ecomp-sdk/epsdk-aaf/src/main
parentace477c7097f4dc48498916ba2e024a81513ed93 (diff)
CADI Integration
Issue-ID: PORTAL-474 System to system authorization using CADI Change-Id: I76487f8155a36fca8283669fe5e28ec7d5aec91d Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-aaf/src/main')
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java225
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java (renamed from ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java)45
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java80
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java254
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java385
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java16
6 files changed, 235 insertions, 770 deletions
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java
new file mode 100644
index 00000000..f37af6fa
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java
@@ -0,0 +1,225 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.service;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms;
+//import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties;
+import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.client.RestTemplate;
+
+import com.fasterxml.jackson.core.JsonParseException;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+public class AAFRestServiceImpl implements AAFService {
+
+ private static final String PASSCODE = "password";
+
+ private static final String ID = "id";
+
+ private static final String EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT = "authz/roles/user/";
+
+ private static final String EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT = "authz/perms/user/";
+
+ private static final String EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT = "authn/validate";
+ RestTemplate template = new RestTemplate();
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AAFRestServiceImpl.class);
+
+ @Override
+ public String getUser(String orgUserId, HttpServletRequest request, HttpHeaders headers) throws Exception {
+
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getUserRoles: Connecting to external auth system for user {}",
+ orgUserId);
+ String endPoint = EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT + orgUserId
+ + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
+ ResponseEntity<String> getResponse = template.exchange(
+ EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
+ HttpMethod.GET, entity, String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getUserRoles: Finished GET user app roles from external auth system and body: {}",
+ getResponse.getBody());
+ }
+ String userRoles = getResponse.getBody();
+ return userRoles;
+
+ }
+
+ @Override
+ public ResponseEntity<String> checkUserExists(String username, String password, String appPass) throws Exception {
+ username = changeIfUserDomainNotAppended(username);
+ HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(username, password);
+ String appUsername = EcompExternalAuthProperties
+ .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME);
+ JSONObject credentials = new JSONObject();
+ credentials.put(ID, appUsername);
+ credentials.put(PASSCODE, appPass);
+ HttpEntity<String> entity = new HttpEntity<>(credentials.toString(), headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Connecting to external auth system for user {}",
+ username);
+ ResponseEntity<String> getResponse = template
+ .exchange(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL)
+ + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "checkUserExists: Finished POST from external auth system to validate credentials and status: {}",
+ getResponse.getStatusCode().value());
+ }
+ return getResponse;
+ }
+
+ private String changeIfUserDomainNotAppended(String username) {
+ if (!EcompExternalAuthUtils.validate(username)) {
+ username = username
+ + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
+ }
+ return username;
+ }
+
+ @Override
+ public List<ExternalAccessPerms> getIfUserPermsExists(String username, HttpHeaders headers) throws Exception {
+
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getIfUserPermsExists: Connecting to external auth system for user {}", username);
+ username = changeIfUserDomainNotAppended(username);
+ String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + username;
+ ResponseEntity<String> getResponse = getPermsFromExternalAuthSystem(entity, endPoint);
+ return convertPermsJSONArrayToExternalAccessPerms(new ObjectMapper(), getResponse.getBody());
+ }
+
+ private ResponseEntity<String> getPermsFromExternalAuthSystem(HttpEntity<String> entity, String endPoint) {
+ ResponseEntity<String> getResponse = template.exchange(
+ EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
+ HttpMethod.GET, entity, String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getPermsFromExternalAuthSystem: Finished GET user perms from external auth system and body: {}",
+ getResponse.getBody());
+ }
+ return getResponse;
+ }
+
+ private List<ExternalAccessPerms> convertPermsJSONArrayToExternalAccessPerms(ObjectMapper mapper, String userPerms)
+ throws IOException, JsonParseException, JsonMappingException {
+ JSONObject userPermsJsonObj = null;
+ JSONArray userPermsJsonArray = null;
+ List<ExternalAccessPerms> extPermsList = new ArrayList<>();
+ if (!userPerms.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) {
+ userPermsJsonObj = new JSONObject(userPerms);
+ userPermsJsonArray = userPermsJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_PERM_FIELD);
+ for (int i = 0; i < userPermsJsonArray.length(); i++) {
+ JSONObject permJsonObj = userPermsJsonArray.getJSONObject(i);
+ if (!permJsonObj.getString(EcompExternalAuthUtils.EXT_PERM_FIELD_TYPE)
+ .endsWith(EcompExternalAuthUtils.EXT_PERM_ACCESS)) {
+ ExternalAccessPerms perm = mapper.readValue(permJsonObj.toString(), ExternalAccessPerms.class);
+ extPermsList.add(perm);
+ }
+ }
+ }
+ return extPermsList;
+ }
+
+ @Override
+ public List<RoleFunction> getRoleFunctions(String orgUserId, HttpHeaders headers) throws Exception {
+ ObjectMapper mapper = new ObjectMapper();
+
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctions: Connecting to external auth system for user {}",
+ orgUserId);
+ String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + orgUserId
+ + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
+ ResponseEntity<String> getResponse = template.exchange(
+ EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
+ HttpMethod.GET, entity, String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getRoleFunctions: Finished GET user perms from external system and body: {}",
+ getResponse.getBody());
+ }
+ String userPerms = getResponse.getBody();
+ List<ExternalAccessPerms> extPermsList = convertPermsJSONArrayToExternalAccessPerms(mapper, userPerms);
+ return convertToRoleFunctionList(extPermsList);
+ }
+
+ private List<RoleFunction> convertToRoleFunctionList(List<ExternalAccessPerms> extPermsList) {
+ List<RoleFunction> roleFunctions = new ArrayList<>();
+ String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE);
+ for (ExternalAccessPerms extPerm : extPermsList) {
+ RoleFunction roleFunction = new RoleFunction();
+ roleFunction.setCode(extPerm.getInstance());
+ roleFunction.setAction(extPerm.getAction());
+ if (extPerm.getDescription() != null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getDescription());
+ } else if (extPerm.getDescription() == null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|" + extPerm.getInstance()
+ + "|" + extPerm.getAction());
+ } else if (extPerm.getDescription() == null
+ && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction());
+ }
+ if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setType(extPerm.getType().substring(namespace.length() + 1));
+ } else {
+ roleFunction.setType(extPerm.getType());
+ }
+ roleFunctions.add(roleFunction);
+ }
+ return roleFunctions;
+ }
+
+} \ No newline at end of file
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java
index 3d112268..758c0647 100644
--- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java
@@ -1,3 +1,4 @@
+
/*-
* ============LICENSE_START==========================================
* ONAP Portal SDK
@@ -42,46 +43,18 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.onap.portalsdk.core.domain.RoleFunction;
-import org.onap.portalsdk.core.domain.User;
import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms;
-import org.onap.portalsdk.external.authorization.exception.UserNotFoundException;
+import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
-public interface UserApiService {
+public interface AAFService {
- /**
- * Gets list of all roles associated to user from external system
- *
- * @param orgUserId
- * @return
- * @throws Exception
- */
- User getUser(String orgUserId, HttpServletRequest request) throws UserNotFoundException;
- /**
- *
- * @param OrgUserId
- * @return
- */
- List<RoleFunction> getRoleFunctions(String orgUserId) throws Exception;
+ public String getUser(String orgUserId, HttpServletRequest request,HttpHeaders headers) throws Exception;
- /**
- * Check if user exist in external auth system
- *
- * @param username
- * @param password
- * @return Response<String>
- * @throws Exception
- */
- ResponseEntity<String> checkUserExists(String username, String password) throws Exception;
+ public ResponseEntity<String> checkUserExists(String username, String password, String appPassword) throws Exception;
- /**
- * Get if user has any perms
- *
- * @param username
- * @param password
- * @return List<ExternalAccessPerms>
- * @throws Exception
- */
- List<ExternalAccessPerms> getIfUserPermsExists(String username) throws Exception;
-}
+ public List<ExternalAccessPerms> getIfUserPermsExists(String username,HttpHeaders headers) throws Exception ;
+
+ List<RoleFunction> getRoleFunctions(String orgUserId,HttpHeaders headers) throws Exception;
+} \ No newline at end of file
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java
deleted file mode 100644
index 0ad02460..00000000
--- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java
+++ /dev/null
@@ -1,80 +0,0 @@
-/*-
- * ============LICENSE_START==========================================
- * ONAP Portal SDK
- * ===================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- *
- */
-package org.onap.portalsdk.external.authorization.service;
-
-import java.io.IOException;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.portalsdk.core.command.LoginBean;
-import org.onap.portalsdk.core.domain.User;
-
-public interface LoginExternalAuthService {
-
- /**
- * validate user exists in the system
- * @param bean
- * @param menuPropertiesFilename
- * @param additionalParams
- * @return returns login user bean
- * @throws IOException
- */
- @SuppressWarnings("rawtypes")
- LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, HttpServletRequest request) throws Exception;
-
- /**
- *
- * @param bean
- * @param menuPropertiesFilename
- * @param additionalParams
- * @param matchPassword
- * @return returns login user bean
- * @throws IOException
- */
- @SuppressWarnings("rawtypes")
- LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, boolean matchPassword, HttpServletRequest request)
- throws Exception;
-
- /**
- *
- * @param orgUserId
- * @return
- */
- User findUserWithoutPwd(String orgUserId);
-}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java
deleted file mode 100644
index 173e9e7d..00000000
--- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java
+++ /dev/null
@@ -1,254 +0,0 @@
-/*-
- * ============LICENSE_START==========================================
- * ONAP Portal SDK
- * ===================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- *
- */
-package org.onap.portalsdk.external.authorization.service;
-
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.portalsdk.core.command.LoginBean;
-import org.onap.portalsdk.core.domain.Role;
-import org.onap.portalsdk.core.domain.User;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.menu.MenuBuilder;
-import org.onap.portalsdk.core.service.DataAccessService;
-import org.onap.portalsdk.core.service.LoginServiceCentralizedImpl;
-import org.onap.portalsdk.core.util.SystemProperties;
-import org.onap.portalsdk.core.web.support.AppUtils;
-import org.onap.portalsdk.core.web.support.UserUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-@Service("loginExternalAuthService")
-public class LoginExternalAuthServiceImpl implements LoginExternalAuthService {
-
- private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class);
-
- @Autowired
- private DataAccessService dataAccessService;
-
- @Autowired
- private UserApiService userApiService;
-
- @Override
- public LoginBean findUser(LoginBean bean, String menuPropertiesFilename,
- @SuppressWarnings("rawtypes") Map additionalParams, HttpServletRequest request) throws Exception {
- return findUser(bean, menuPropertiesFilename, additionalParams, true, request);
- }
-
- @Override
- @SuppressWarnings("rawtypes")
- @Transactional
- public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams,
- boolean matchPassword, HttpServletRequest request) throws Exception {
-
- User user;
- if (bean.getUserid() != null) {
- user = findUser(bean, request);
- } else {
- if (matchPassword)
- user = findUser(bean.getLoginId(), bean.getLoginPwd());
- else
- user = findUserWithoutPwd(bean.getLoginId());
- }
-
- if (user != null) {
- if (AppUtils.isApplicationLocked()
- && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
- bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
- }
-
- // raise an error if the user is inactive
- if (!user.getActive()) {
- bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
- }
-
- if (!userHasActiveRoles(user)) {
- bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
- }
- // only login the user if no errors have occurred
- if (bean.getLoginErrorMessage() == null) {
-
- // this will be a snapshot of the user's information as
- // retrieved from the database
- User userCopy = null;
- try {
- userCopy = (User) user.clone();
- } catch (CloneNotSupportedException ex) {
- // Never happens
- logger.error(EELFLoggerDelegate.errorLogger, "findUser failed", ex);
- }
-
- User appuser = findUserWithoutPwd(user.getLoginId());
-
- if (appuser == null && userHasRoleFunctions(user)) {
- createUserIfNecessary(user);
- } else {
- appuser.setLastLoginDate(new Date());
-
- // update the last logged in date for the user
- dataAccessService.saveDomainObject(appuser, additionalParams);
- }
- // update the audit log of the user
- // Check for the client device type and set log attributes
- // appropriately
-
- // save the above changes to the User and their audit trail
-
- // create the application menu based on the user's privileges
-
- Set appMenu = getMenuBuilder().getMenu(
- SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
- bean.setMenu(appMenu != null ? appMenu : new HashSet());
- Set businessDirectMenu = getMenuBuilder().getMenu(
- SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
- dataAccessService);
- bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
-
- bean.setUser(userCopy);
- }
- }
-
- return bean;
- }
-
- private void createUserIfNecessary(User user) {
- logger.debug(EELFLoggerDelegate.debugLogger, "createUser: " + user.getOrgUserId());
- User user1 = new User();
- user1.setEmail(user.getEmail());
- user1.setEmail(user.getEmail());
- user1.setFirstName(user.getFirstName());
- user1.setHrid(user.getHrid());
- user1.setJobTitle(user.getJobTitle());
- user1.setLastName(user.getLastName());
- user1.setLoginId(user.getLoginId());
- user1.setOrgManagerUserId(user.getOrgManagerUserId());
- user1.setMiddleInitial(user.getMiddleInitial());
- user1.setOrgCode(user.getOrgCode());
- user1.setOrgId(user.getOrgId());
- user1.setPhone(user.getPhone());
- user1.setOrgUserId(user.getOrgUserId());
- user1.setActive(user.getActive());
- user1.setLastLoginDate(new Date());
-
- try {
- dataAccessService.saveDomainObject(user1, null);
- logger.debug(EELFLoggerDelegate.debugLogger, "createdUser Successfully: " + user.getOrgUserId());
- } catch (Exception ex) {
- logger.error(EELFLoggerDelegate.errorLogger, "createUserIfNecessary failed", ex);
- }
-
- }
-
- private boolean userHasActiveRoles(User user) {
- boolean hasActiveRole = false;
- @SuppressWarnings("rawtypes")
- Iterator roles = user.getRoles().iterator();
- while (roles.hasNext()) {
- Role role = (Role) roles.next();
- if (role.getActive()) {
- hasActiveRole = true;
- break;
- }
- }
- return hasActiveRole;
- }
-
- private boolean userHasRoleFunctions(User user) {
- boolean hasRoleFunctions = false;
- @SuppressWarnings("rawtypes")
- Iterator roles = user.getRoles().iterator();
- while (roles.hasNext()) {
- Role role = (Role) roles.next();
- if (role.getActive() && role.getRoleFunctions() != null && !role.getRoleFunctions().isEmpty()) {
- hasRoleFunctions = true;
- break;
- }
- }
- return hasRoleFunctions;
- }
-
- private User findUser(LoginBean bean, HttpServletRequest request) throws Exception {
- User user = userApiService.getUser(bean.getUserid(), request);
- user.setId(getUserIdByOrgUserId(user.getOrgUserId()));
- user.setLoginId(bean.getUserid());
- logger.debug(EELFLoggerDelegate.debugLogger, "findUser: Returning final user roles and permissions", user.toString());
- return user;
- }
-
- private Long getUserIdByOrgUserId(String orgUserId) {
- Map<String, String> params = new HashMap<>();
- params.put("orgUserId", orgUserId);
- @SuppressWarnings("rawtypes")
- List list = dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null);
- Long userId = null;
- if (list != null && !list.isEmpty())
- userId = (Long) list.get(0);
- return userId;
- }
-
- @SuppressWarnings("rawtypes")
- private User findUser(String loginId, String password) {
- Map<String, String> params = new HashMap<>();
- params.put("login_id", loginId);
- params.put("login_pwd", password);
- List list = dataAccessService.executeNamedQuery("getUserByLoginIdLoginPwd", params, new HashMap());
- return (list == null || list.isEmpty()) ? null : (User) list.get(0);
- }
-
- @SuppressWarnings("rawtypes")
- @Override
- public User findUserWithoutPwd(String loginId) {
- Map<String, String> params = new HashMap<>();
- params.put("org_user_id", loginId);
- List list = dataAccessService.executeNamedQuery("getUserByOrgUserId", params, new HashMap());
- return (list == null || list.isEmpty()) ? null : (User) list.get(0);
- }
-
- private MenuBuilder getMenuBuilder() {
- return new MenuBuilder();
- }
-
-}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java
deleted file mode 100644
index 14d8a5e2..00000000
--- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java
+++ /dev/null
@@ -1,385 +0,0 @@
-/*-
- * ============LICENSE_START==========================================
- * ONAP Portal SDK
- * ===================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- *
- */
-package org.onap.portalsdk.external.authorization.service;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import java.util.TreeSet;
-
-import javax.naming.NamingException;
-import javax.servlet.http.HttpServletRequest;
-
-import org.json.JSONArray;
-import org.json.JSONObject;
-import org.onap.portalsdk.core.command.PostSearchBean;
-import org.onap.portalsdk.core.command.support.SearchResult;
-import org.onap.portalsdk.core.domain.App;
-import org.onap.portalsdk.core.domain.Role;
-import org.onap.portalsdk.core.domain.RoleFunction;
-import org.onap.portalsdk.core.domain.User;
-import org.onap.portalsdk.core.domain.UserApp;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.service.AppService;
-import org.onap.portalsdk.core.service.DataAccessService;
-import org.onap.portalsdk.core.service.LdapService;
-import org.onap.portalsdk.core.service.PostSearchService;
-import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms;
-import org.onap.portalsdk.external.authorization.domain.ExternalAccessRole;
-import org.onap.portalsdk.external.authorization.domain.ExternalAccessRoleDescription;
-import org.onap.portalsdk.external.authorization.domain.ExternalAccessUserRoleDetail;
-import org.onap.portalsdk.external.authorization.exception.UserNotFoundException;
-import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties;
-import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpEntity;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpMethod;
-import org.springframework.http.ResponseEntity;
-import org.springframework.stereotype.Service;
-import org.springframework.web.client.RestTemplate;
-
-import com.fasterxml.jackson.core.JsonParseException;
-import com.fasterxml.jackson.databind.JsonMappingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.type.TypeFactory;
-
-@Service("userApiService")
-public class UserApiServiceImpl implements UserApiService {
-
- private static final String PASSCODE = "password";
-
- private static final String ID = "id";
-
- private static final String EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT = "authz/roles/user/";
-
- private static final String EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT = "authz/perms/user/";
-
- private static final String EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT = "authn/validate";
-
- private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserApiServiceImpl.class);
-
- @Autowired
- private LoginExternalAuthService loginAAFService;
-
- @Autowired
- private LdapService ldapService;
-
- @Autowired
- private PostSearchService postSearchService;
-
- @Autowired
- private DataAccessService dataAccessService;
-
- RestTemplate template = new RestTemplate();
-
- @Autowired
- private AppService appService;
-
- @Override
- public User getUser(String orgUserId, HttpServletRequest request) throws UserNotFoundException {
- User user = null;
- try {
- String namespace = EcompExternalAuthProperties
- .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE);
- HttpHeaders headers = getBasicAuthHeaders();
- HttpEntity<String> entity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "getUserRoles: Connecting to external auth system for user {}",
- orgUserId);
- String endPoint = EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT + orgUserId
- + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
- ResponseEntity<String> getResponse = template.exchange(
- EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
- HttpMethod.GET, entity, String.class);
- if (getResponse.getStatusCode().value() == 200) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getUserRoles: Finished GET user app roles from external auth system and body: {}",
- getResponse.getBody());
- }
- String userRoles = getResponse.getBody();
- ObjectMapper mapper = new ObjectMapper();
- List<ExternalAccessUserRoleDetail> userRoleDetailList = setExternalAccessUserRoles(namespace, userRoles,
- mapper);
-
- if (userRoleDetailList.isEmpty()) {
- throw new UserNotFoundException("User roles not found!");
- } else {
- user = convertAAFUserRolesToEcompSDKUser(userRoleDetailList, orgUserId, namespace, request);
- }
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getUser: Failed! ", e);
- }
- return user;
-
- }
-
- private List<ExternalAccessUserRoleDetail> setExternalAccessUserRoles(String namespace, String userRoles,
- ObjectMapper mapper) throws IOException, JsonParseException, JsonMappingException, UserNotFoundException {
- JSONObject userJsonObj;
- JSONArray userJsonArray;
- List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>();
- if (!userRoles.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) {
- userJsonObj = new JSONObject(userRoles);
- userJsonArray = userJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_ROLE_FIELD);
- ExternalAccessUserRoleDetail userRoleDetail = null;
- for (int i = 0; i < userJsonArray.length(); i++) {
- JSONObject role = userJsonArray.getJSONObject(i);
- if (!role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME)
- .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_ADMIN)
- && !role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME)
- .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_OWNER)) {
- ExternalAccessRoleDescription ecDesc = new ExternalAccessRoleDescription();
- if (role.has(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION) && EcompExternalAuthUtils
- .isJSONValid(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION))) {
- ecDesc = mapper.readValue(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION),
- ExternalAccessRoleDescription.class);
- }
- List<ExternalAccessPerms> ecPerms = new ArrayList<>();
- if (role.has(EcompExternalAuthUtils.EXT_FIELD_PERMS)) {
- JSONArray perms = role.getJSONArray(EcompExternalAuthUtils.EXT_FIELD_PERMS);
- ecPerms = mapper.readValue(perms.toString(), TypeFactory.defaultInstance()
- .constructCollectionType(List.class, ExternalAccessPerms.class));
- }
- ExternalAccessRole ecRole = new ExternalAccessRole(
- role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME), ecPerms, ecDesc);
- userRoleDetail = new ExternalAccessUserRoleDetail(ecRole);
- userRoleDetailList.add(userRoleDetail);
- }
- }
- } else {
- throw new UserNotFoundException("User roles not found!");
- }
- return userRoleDetailList;
- }
-
- private User convertAAFUserRolesToEcompSDKUser(List<ExternalAccessUserRoleDetail> userRoleDetailList,
- String orgUserId, String namespace, HttpServletRequest request) throws Exception {
- User user = loginAAFService.findUserWithoutPwd(orgUserId);
- PostSearchBean postSearchBean = new PostSearchBean();
- if (user == null) {
- postSearchBean.setOrgUserId(orgUserId);
- postSearchService.process(request, postSearchBean);
- postSearchBean.setSearchResult(loadSearchResultData(postSearchBean));
- user = (User) postSearchBean.getSearchResult().get(0);
- user.setActive(true);
- user.setLoginId(orgUserId);
- dataAccessService.saveDomainObject(user, null);
- }
- App app = appService.getApp(1l);
- try {
- Set userApps = setUserApps(userRoleDetailList, namespace, user, app);
- user.setUserApps(userApps);
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "createEPUser: createEPUser failed", e);
- throw e;
- }
-
- return user;
- }
-
- @SuppressWarnings({ "rawtypes", "unchecked" })
- private Set setUserApps(List<ExternalAccessUserRoleDetail> userRoleDetailList, String namespace, User user,
- App app) {
- Set userApps = new TreeSet();
- for (ExternalAccessUserRoleDetail userRoleDetail : userRoleDetailList) {
- ExternalAccessRole ecRole = userRoleDetail.getRole();
- ExternalAccessRoleDescription roleDesc = ecRole.getDescription();
- UserApp userApp = new UserApp();
- Role role = new Role();
- Set roleFunctions = new TreeSet<>();
- if (roleDesc.getName() == null) {
- role.setActive(true);
- role.setName(ecRole.getName());
- } else {
- role.setActive(Boolean.valueOf(roleDesc.getActive()));
- role.setId(Long.valueOf(roleDesc.getAppRoleId()));
- role.setName(roleDesc.getName());
- if (!roleDesc.getPriority().equals(EcompExternalAuthUtils.EXT_NULL_VALUE)) {
- role.setPriority(Integer.valueOf(roleDesc.getPriority()));
- }
- }
- for (ExternalAccessPerms extPerm : ecRole.getPerms()) {
- RoleFunction roleFunction = new RoleFunction();
- roleFunction.setCode(extPerm.getInstance());
- roleFunction.setAction(extPerm.getAction());
- if (extPerm.getDescription() != null) {
- roleFunction.setName(extPerm.getDescription());
- }
- roleFunction.setType(extPerm.getType());
- roleFunctions.add(roleFunction);
- }
- role.setRoleFunctions(roleFunctions);
- userApp.setApp(app);
- userApp.setRole(role);
- userApp.setUserId(user.getId());
- userApps.add(userApp);
- }
- return userApps;
- }
-
- @Override
- public List<RoleFunction> getRoleFunctions(String orgUserId) throws Exception {
- ObjectMapper mapper = new ObjectMapper();
- HttpHeaders headers = getBasicAuthHeaders();
- HttpEntity<String> entity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctions: Connecting to external auth system for user {}",
- orgUserId);
- String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + orgUserId
- + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
- ResponseEntity<String> getResponse = template.exchange(
- EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
- HttpMethod.GET, entity, String.class);
- if (getResponse.getStatusCode().value() == 200) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getRoleFunctions: Finished GET user perms from external system and body: {}",
- getResponse.getBody());
- }
- String userPerms = getResponse.getBody();
- List<ExternalAccessPerms> extPermsList = convertPermsJSONArrayToExternalAccessPerms(mapper, userPerms);
- return convertToRoleFunctionList(extPermsList);
- }
-
- private List<ExternalAccessPerms> convertPermsJSONArrayToExternalAccessPerms(ObjectMapper mapper, String userPerms)
- throws IOException, JsonParseException, JsonMappingException {
- JSONObject userPermsJsonObj = null;
- JSONArray userPermsJsonArray = null;
- List<ExternalAccessPerms> extPermsList = new ArrayList<>();
- if (!userPerms.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) {
- userPermsJsonObj = new JSONObject(userPerms);
- userPermsJsonArray = userPermsJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_PERM_FIELD);
- for (int i = 0; i < userPermsJsonArray.length(); i++) {
- JSONObject permJsonObj = userPermsJsonArray.getJSONObject(i);
- if (!permJsonObj.getString(EcompExternalAuthUtils.EXT_PERM_FIELD_TYPE)
- .endsWith(EcompExternalAuthUtils.EXT_PERM_ACCESS)) {
- ExternalAccessPerms perm = mapper.readValue(permJsonObj.toString(), ExternalAccessPerms.class);
- extPermsList.add(perm);
- }
- }
- }
- return extPermsList;
- }
-
- private ResponseEntity<String> getPermsFromExternalAuthSystem(HttpEntity<String> entity, String endPoint) {
- ResponseEntity<String> getResponse = template.exchange(
- EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint,
- HttpMethod.GET, entity, String.class);
- if (getResponse.getStatusCode().value() == 200) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getPermsFromExternalAuthSystem: Finished GET user perms from external auth system and body: {}",
- getResponse.getBody());
- }
- return getResponse;
- }
-
- private HttpHeaders getBasicAuthHeaders() throws Exception {
- String userName = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME);
- String encryptedPass = EcompExternalAuthProperties
- .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_PASSWORD);
- String decryptedPass = EcompExternalAuthUtils.decryptPass(encryptedPass);
- return EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(userName, decryptedPass);
- }
-
- private List<RoleFunction> convertToRoleFunctionList(List<ExternalAccessPerms> extPermsList) {
- List<RoleFunction> roleFunctions = new ArrayList<>();
- String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE);
- for (ExternalAccessPerms extPerm : extPermsList) {
- RoleFunction roleFunction = new RoleFunction();
- roleFunction.setCode(extPerm.getInstance());
- roleFunction.setAction(extPerm.getAction());
- if (extPerm.getDescription() != null) {
- roleFunction.setName(extPerm.getDescription());
- }
- roleFunction.setType(extPerm.getType());
- roleFunctions.add(roleFunction);
- }
- return roleFunctions;
- }
-
- private SearchResult loadSearchResultData(PostSearchBean searchCriteria) throws NamingException {
- return ldapService.searchPost(searchCriteria.getUser(), searchCriteria.getSortBy1(),
- searchCriteria.getSortBy2(), searchCriteria.getSortBy3(), searchCriteria.getPageNo(),
- searchCriteria.getNewDataSize(), 1);
- }
-
- @Override
- public ResponseEntity<String> checkUserExists(String username, String password) throws Exception {
- username = changeIfUserDomainNotAppended(username);
- HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(username, password);
- String appUsername = EcompExternalAuthProperties
- .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME);
- String appPass = EcompExternalAuthUtils.decryptPass(
- EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_PASSWORD));
- JSONObject credentials = new JSONObject();
- credentials.put(ID, appUsername);
- credentials.put(PASSCODE, appPass);
- HttpEntity<String> entity = new HttpEntity<>(credentials.toString(), headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Connecting to external auth system for user {}",
- username);
- ResponseEntity<String> getResponse = template
- .exchange(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL)
- + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class);
- if (getResponse.getStatusCode().value() == 200) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "checkUserExists: Finished POST from external auth system to validate credentials and status: {}",
- getResponse.getStatusCode().value());
- }
- return getResponse;
- }
-
- private String changeIfUserDomainNotAppended(String username) {
- if (!EcompExternalAuthUtils.validate(username)) {
- username = username
- + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
- }
- return username;
- }
-
- @Override
- public List<ExternalAccessPerms> getIfUserPermsExists(String username) throws Exception {
- HttpHeaders headers = getBasicAuthHeaders();
- HttpEntity<String> entity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getIfUserPermsExists: Connecting to external auth system for user {}", username);
- username = changeIfUserDomainNotAppended(username);
- String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + username;
- ResponseEntity<String> getResponse = getPermsFromExternalAuthSystem(entity, endPoint);
- return convertPermsJSONArrayToExternalAccessPerms(new ObjectMapper(), getResponse.getBody());
- }
-
-}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java
index dc6559ab..8a2c1206 100644
--- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java
@@ -44,8 +44,6 @@ import java.util.regex.Pattern;
import javax.xml.bind.DatatypeConverter;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
@@ -79,19 +77,7 @@ public class EcompExternalAuthUtils {
return headers;
}
- public static String decryptPass(String encrypted) throws Exception {
- String result = "";
- if (encrypted != null && encrypted.length() > 0) {
- try {
- result = CipherUtil.decryptPKC(encrypted,
- SystemProperties.getProperty(SystemProperties.Decryption_Key));
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,"decryptedPassword failed", e);
- throw e;
- }
- }
- return result;
- }
+
/**
* Validates, if given username has fully domain address