diff options
author | TATTAVARADA <statta@research.att.com> | 2017-04-27 07:53:18 -0400 |
---|---|---|
committer | st782s <statta@research.att.com> | 2017-04-27 08:31:27 -0400 |
commit | 6beb446925c967aca92f5513adf36c5db77c00d6 (patch) | |
tree | 9392057ed0739de2445c5b2a2a8bee6dcdacbcf7 /ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor | |
parent | 246b225194e3e8dc1926294de591a94fd9787fa7 (diff) |
[PORTAL-7] Rebase
This rebasing includes common libraries and common overlays projects
abstraction of components
Change-Id: Ia1efa4deacdc5701e6205104ac021a6c80ed60ba
Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor')
2 files changed, 0 insertions, 267 deletions
diff --git a/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java b/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java deleted file mode 100644 index 24088cdb..00000000 --- a/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java +++ /dev/null @@ -1,164 +0,0 @@ -/*- - * ================================================================================ - * eCOMP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalsdk.core.interceptor; - -import java.net.HttpURLConnection; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.openecomp.portalsdk.core.controller.FusionBaseController; -import org.openecomp.portalsdk.core.domain.App; -import org.openecomp.portalsdk.core.exception.UrlAccessRestrictedException; -import org.openecomp.portalsdk.core.logging.format.AlarmSeverityEnum; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.objectcache.AbstractCacheManager; -import org.openecomp.portalsdk.core.onboarding.crossapi.PortalApiConstants; -import org.openecomp.portalsdk.core.onboarding.crossapi.PortalApiProperties; -import org.openecomp.portalsdk.core.onboarding.crossapi.PortalTimeoutHandler; -import org.openecomp.portalsdk.core.service.DataAccessService; -import org.openecomp.portalsdk.core.service.LoginService; -import org.openecomp.portalsdk.core.service.WebServiceCallService; -import org.openecomp.portalsdk.core.util.CipherUtil; -import org.openecomp.portalsdk.core.util.SystemProperties; -import org.openecomp.portalsdk.core.web.support.UserUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; - -public class ResourceInterceptor extends HandlerInterceptorAdapter { - public static final String APP_METADATA = "APP.METADATA"; - - EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ResourceInterceptor.class); - - @Autowired - private DataAccessService dataAccessService; - @Autowired - private LoginService loginService; - @Autowired - private WebServiceCallService webServiceCallService; - - private AbstractCacheManager cacheManager; - - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws Exception { - String uri = request.getRequestURI(); - String url = uri.substring(uri.indexOf("/", 1) + 1); - logger.info(EELFLoggerDelegate.debugLogger, "Url - " + url); - logger.info(EELFLoggerDelegate.debugLogger, "lastIndexOf - " + uri.substring(uri.lastIndexOf("/") + 1)); - if (handler instanceof HandlerMethod) { - HandlerMethod method = (HandlerMethod) handler; - FusionBaseController controller = (FusionBaseController) method.getBean(); - if (!controller.isAccessible()) { - if (controller.isRESTfulCall()) { - // check user authentication for RESTful calls - String secretKey = null; - try { - if (!webServiceCallService.verifyRESTCredential(secretKey, request.getHeader("username"), - request.getHeader("password"))) { - logger.error(EELFLoggerDelegate.errorLogger, "Error accesing RESTful service. Un-authorized",AlarmSeverityEnum.MINOR); - throw new UrlAccessRestrictedException(); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Error authenticating RESTful service :" + e,AlarmSeverityEnum.MINOR); - ((HttpServletResponse) response).setStatus(HttpURLConnection.HTTP_UNAUTHORIZED); - return false; - } - } - if (!UserUtils.isUrlAccessible(request, url)) { - logger.error(EELFLoggerDelegate.errorLogger, "Error accesing URL. Un-authorized",AlarmSeverityEnum.MINOR); - throw new UrlAccessRestrictedException(); - } - } - } - - logger.debug("successfully authorized rest call"); - logger.info(EELFLoggerDelegate.debugLogger, "successfully authorized rest call"); - handleSessionUpdates(request); - logger.debug("handled session updates for synchronization"); - logger.info(EELFLoggerDelegate.debugLogger, "handled session updates for synchronization"); - return super.preHandle(request, response, handler); - } - - /** - * - * @param request - */ - protected void handleSessionUpdates(HttpServletRequest request) { - - App app = null; - Object appObj = getCacheManager().getObject(APP_METADATA); - if (appObj == null) { - app = findApp(); - getCacheManager().putObject(APP_METADATA, app); - - } else { - app = (App) appObj; - } - - String ecompRestURL = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REST_URL); - String decreptedPwd = ""; - try { - decreptedPwd = CipherUtil.decrypt(app.getAppPassword(), - SystemProperties.getProperty(SystemProperties.Decryption_Key)); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Could not decrypt Password" + e.getMessage(),AlarmSeverityEnum.MINOR); - } - - PortalTimeoutHandler.handleSessionUpdatesNative(request, app.getUsername(), decreptedPwd, - PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY), ecompRestURL, null); - } - - public App findApp() { - List<?> list = null; - StringBuffer criteria = new StringBuffer(); - criteria.append(" where id = 1"); - list = getDataAccessService().getList(App.class, criteria.toString(), null, null); - return (list == null || list.size() == 0) ? null : (App) list.get(0); - } - - public DataAccessService getDataAccessService() { - return dataAccessService; - } - - public void setDataAccessService(DataAccessService dataAccessService) { - this.dataAccessService = dataAccessService; - } - - public LoginService getLoginService() { - return loginService; - } - - public void setLoginService(LoginService loginService) { - this.loginService = loginService; - } - - @Autowired - public void setCacheManager(AbstractCacheManager cacheManager) { - this.cacheManager = cacheManager; - } - - public AbstractCacheManager getCacheManager() { - return cacheManager; - } - -} diff --git a/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/SessionTimeoutInterceptor.java b/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/SessionTimeoutInterceptor.java deleted file mode 100644 index e28ce866..00000000 --- a/ecomp-sdk/quantum/src/main/java/org/openecomp/portalsdk/core/interceptor/SessionTimeoutInterceptor.java +++ /dev/null @@ -1,103 +0,0 @@ -/*- - * ================================================================================ - * eCOMP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalsdk.core.interceptor; - -import java.net.URLEncoder; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.openecomp.portalsdk.core.controller.FusionBaseController; -import org.openecomp.portalsdk.core.domain.User; -import org.openecomp.portalsdk.core.exception.SessionExpiredException; -import org.openecomp.portalsdk.core.listener.CollaborateListBindingListener; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.web.support.AppUtils; -import org.openecomp.portalsdk.core.web.support.UserUtils; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; - -public class SessionTimeoutInterceptor extends HandlerInterceptorAdapter { - - EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionTimeoutInterceptor.class); - - public SessionTimeoutInterceptor() { - } - - /** - * Checks all requests for valid session information. If not found, - * redirects to a controller that will establish a valid session. - */ - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws Exception { - if (handler instanceof HandlerMethod) { - HandlerMethod method = (HandlerMethod) handler; - FusionBaseController controller = (FusionBaseController) method.getBean(); - if (!controller.isAccessible() && !controller.isRESTfulCall()) { - try { - // getSession() throws SessionExpiredException - HttpSession session = AppUtils.getSession(request); - User user = UserUtils.getUserSession(request); - // check if user is logging out - if (request.getRequestURI().indexOf("logout.htm") > -1) { - session.removeAttribute(CollaborateListBindingListener.SESSION_ATTR_NAME); - throw new SessionExpiredException(); - } else if (user == null) { - // Jump to the redirection code - throw new Exception("preHandle: user not found in session"); - } else { - // session binding listener will add this value to the - // map, and with session replication the listener will - // fire in all tomcat instances - session.setAttribute(CollaborateListBindingListener.SESSION_ATTR_NAME, - new CollaborateListBindingListener(user.getOrgUserId())); - } - } catch (Exception ex) { - // get the path within the webapp that the user requested (no host name etc.) - final String forwardUrl = request.getRequestURI().substring(request.getContextPath().length() + 1) - + (request.getQueryString() == null ? "" : "?" + request.getQueryString()); - final String forwardUrlParm = "forwardURL=" + URLEncoder.encode(forwardUrl, "UTF-8"); - final String singleSignonPrefix = "/single_signon.htm?"; - if (ex instanceof SessionExpiredException) { - // Session is expired; send to portal. - // Redirect to an absolute path in the webapp; e.g., "/context/single_signon.htm" - final String redirectUrl = request.getContextPath() + singleSignonPrefix + "redirectToPortal=Yes&" + forwardUrlParm; - logger.debug(EELFLoggerDelegate.debugLogger, "preHandle: session is expired, redirecting to {}", - redirectUrl); - response.sendRedirect(redirectUrl); - return false; - } else { - // Other issue; do not send to portal. - // Redirect to an absolute path in the webapp; e.g., "/context/single_signon.htm" - final String redirectUrl = request.getContextPath() + singleSignonPrefix + forwardUrlParm; - logger.debug(EELFLoggerDelegate.debugLogger, "preHandle: took exception {}, redirecting to {}", - ex.getMessage(), redirectUrl); - response.sendRedirect(redirectUrl); - return false; - } - } - } - } - - return super.preHandle(request, response, handler); - } - -} |