Issue-ID: PORTAL-474

System to system authorization using CADI Change-Id: I58047d4cda3f445a223c6a12e59924db6881553a Signed-off-by: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>
author: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> 2018-11-27 10:34:00 -0500
committer: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> 2018-11-27 11:23:43 -0500
commit: 677b05aeacfd280209a07debba202eaa01ac0968 (patch)
tree: 30dc3d785111443b1286467b78aa21426955e23d /ecomp-sdk/epsdk-fw/src/main/java
parent: 92846d74d61560f7aba45fbb6dd3ca24e1cb29a2 (diff)
1 files changed, 36 insertions, 10 deletions
diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java
index 8bddef85..0fdc14d2 100644
--- a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java
+++ b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/CadiAuthFilter.java
@@ -52,35 +52,65 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.portalsdk.core.onboarding.util.AuthUtil;
 import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
 import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
 
 public class CadiAuthFilter extends CadiFilter {
 
-	private static String inlclude_url_endpoints ="";
+	private static String include_url_endpoints ="";
+	private static String exclude_url_endpoints = "";
 	public static final String AUTHORIZATION = "Authorization";
 	
 	public void init(FilterConfig filterConfig) throws ServletException {
 		super.init(filterConfig);
-		inlclude_url_endpoints = filterConfig.getInitParameter("inlclude_url_endpoints");
+		include_url_endpoints = filterConfig.getInitParameter("include_url_endpoints");
+		exclude_url_endpoints = filterConfig.getInitParameter("exclude_url_endpoints");
 	}
 
 	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
 			throws IOException, ServletException {
 		
-		if (inlclude_url_endpoints.equals("") || inlclude_url_endpoints == null || inlclude_url_endpoints.isEmpty()) {
+		if (include_url_endpoints.equals("") || include_url_endpoints == null || include_url_endpoints.isEmpty()) {
 			throw new NullPointerException("inlclude_url_endpoints is null");
 		} else {
-			String includeUrlEndPointString = inlclude_url_endpoints;
+			String includeUrlEndPointString = include_url_endpoints;
+			if (exclude_url_endpoints.equals("") || exclude_url_endpoints == null || exclude_url_endpoints.isEmpty()) {
+				throw new NullPointerException("exculde_url_endpoints is null");
+			}
+			String excludeUrlEndPointString = exclude_url_endpoints;
+			ArrayList<String> excludeUrlEndPointList = new ArrayList<String>(
+					Arrays.asList(excludeUrlEndPointString.split(",")));
 			ArrayList<String> includeUrlEndPointList = new ArrayList<String>(
 					Arrays.asList(includeUrlEndPointString.split(",")));
-			if (includeFilter(request, includeUrlEndPointList)) {
+			if (excludeFilter(request, excludeUrlEndPointList))
+				chain.doFilter(request, response);
+			else if (includeFilter(request, includeUrlEndPointList))
 				super.doFilter(request, response, chain);
-			} else 
+			else
 				chain.doFilter(request, response);
 		}
 	}
 
+
+	private String getUrl(ServletRequest request) {
+		String path = "";
+		HttpServletRequest httpRequest = (HttpServletRequest) request;
+		path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
+		return path;
+	}
+
+	private boolean excludeFilter(ServletRequest request, ArrayList<String> excludeUrlEndPointList) {
+		boolean isUrlExcluded = false;
+		String Path = getUrl(request);
+
+		for (String str : excludeUrlEndPointList) {
+			if (!isUrlExcluded)
+				isUrlExcluded = AuthUtil.matchPattern(Path, str.substring(1));
+		}
+		return isUrlExcluded;
+	}
+
 	private boolean includeFilter(ServletRequest request, ArrayList<String> includeapisList) {
 		boolean isauthenticated = false;
 		HttpServletRequest httpRequest = (HttpServletRequest) request;
@@ -89,10 +119,6 @@ public class CadiAuthFilter extends CadiFilter {
 			return isauthenticated;
 		// TODO: refactor to have exclusion pattern
 		String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
-		if (path.contains("analytics")) {
-			return isauthenticated;
-		}
-		
 		for (String str : includeapisList) {
 			if (!isauthenticated)
 				isauthenticated = matchPattern(path, str);
author	Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>	2018-11-27 10:34:00 -0500
committer	Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>	2018-11-27 11:23:43 -0500
commit	677b05aeacfd280209a07debba202eaa01ac0968 (patch)
tree	30dc3d785111443b1286467b78aa21426955e23d /ecomp-sdk/epsdk-fw/src/main/java
parent	92846d74d61560f7aba45fbb6dd3ca24e1cb29a2 (diff)