summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-aaf
diff options
context:
space:
mode:
Diffstat (limited to 'ecomp-sdk/epsdk-aaf')
-rw-r--r--ecomp-sdk/epsdk-aaf/pom.xml165
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPerms.java178
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPermsDetail.java127
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java76
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java66
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUser.java65
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java104
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAuthUserRole.java74
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java150
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/exception/UserNotFoundException.java47
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java80
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java252
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java66
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java319
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthProperties.java123
-rw-r--r--ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java139
16 files changed, 2031 insertions, 0 deletions
diff --git a/ecomp-sdk/epsdk-aaf/pom.xml b/ecomp-sdk/epsdk-aaf/pom.xml
new file mode 100644
index 00000000..cccfc833
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/pom.xml
@@ -0,0 +1,165 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.onap.portal.sdk</groupId>
+ <artifactId>epsdk-project</artifactId>
+ <version>2.4.0-SNAPSHOT</version>
+ </parent>
+
+ <groupId>org.onap.portal.sdk</groupId>
+ <artifactId>epsdk-aaf</artifactId>
+ <version>2.4.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+
+ <name>ONAP Portal SDK AAF Authorization</name>
+
+ <properties>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <springframework.version>4.2.0.RELEASE</springframework.version>
+ </properties>
+ <dependencies>
+ <!-- internal -->
+ <dependency>
+ <groupId>org.onap.portal.sdk</groupId>
+ <artifactId>epsdk-fw</artifactId>
+ <version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <!-- internal -->
+ <dependency>
+ <groupId>org.onap.portal.sdk</groupId>
+ <artifactId>epsdk-core</artifactId>
+ <version>${project.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>com.att.eelf</groupId>
+ <artifactId>eelf-core</artifactId>
+ <version>1.0.0</version>
+ </dependency>
+ <!-- Spring -->
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-core</artifactId>
+ <version>${springframework.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-web</artifactId>
+ <version>${springframework.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-webmvc</artifactId>
+ <version>${springframework.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context-support</artifactId>
+ <version>${springframework.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ <version>${springframework.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-aop</artifactId>
+ <version>${springframework.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter</artifactId>
+ <version>1.3.0.RELEASE</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>log4j-over-slf4j</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>ch.qos.logback</groupId>
+ <artifactId>logback-classic</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <!-- Mapper -->
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>2.6.3</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>2.6.3</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>2.6.3</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>3.8.1</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+ <profiles>
+ <!-- disable doclint, a new feature in Java 8, when generating javadoc -->
+ <profile>
+ <id>doclint-java8-disable</id>
+ <activation>
+ <jdk>[1.8,)</jdk>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>2.10.4</version>
+ <configuration>
+ <additionalparam>-Xdoclint:none</additionalparam>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+ <build>
+ <!-- The war file name carries no version number -->
+ <finalName>epsdk-aaf</finalName>
+
+ <plugins>
+ <!-- Compile to Java 1.8 class output format -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>3.1</version>
+ <configuration>
+ <source>1.8</source>
+ <target>1.8</target>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPerms.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPerms.java
new file mode 100644
index 00000000..80956e64
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPerms.java
@@ -0,0 +1,178 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+import java.io.Serializable;
+
+public class ExternalAccessPerms implements Serializable, Comparable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -200964838466882602L;
+ private String type;
+ private String instance;
+ private String action;
+ private String description;
+
+ public ExternalAccessPerms() {
+ super();
+ }
+
+ public ExternalAccessPerms(String type, String instance, String action, String description) {
+ super();
+ this.type = type;
+ this.instance = instance;
+ this.action = action;
+ this.description = description;
+ }
+
+ public ExternalAccessPerms(String type, String instance, String action) {
+ super();
+ this.type = type;
+ this.instance = instance;
+ this.action = action;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type
+ * the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the instance
+ */
+ public String getInstance() {
+ return instance;
+ }
+
+ /**
+ * @param instance
+ * the instance to set
+ */
+ public void setInstance(String instance) {
+ this.instance = instance;
+ }
+
+ /**
+ * @return the action
+ */
+ public String getAction() {
+ return action;
+ }
+
+ /**
+ * @param action
+ * the action to set
+ */
+ public void setAction(String action) {
+ this.action = action;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ @Override
+ public int compareTo(Object obj) {
+ ExternalAccessPerms other = (ExternalAccessPerms) obj;
+
+ String c1 = getInstance();
+ String c2 = other.getInstance();
+
+ return (c1 == null || c2 == null) ? 1 : c1.compareTo(c2);
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((action == null) ? 0 : action.hashCode());
+ result = prime * result + ((description == null) ? 0 : description.hashCode());
+ result = prime * result + ((instance == null) ? 0 : instance.hashCode());
+ result = prime * result + ((type == null) ? 0 : type.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ExternalAccessPerms other = (ExternalAccessPerms) obj;
+ if (action == null) {
+ if (other.action != null)
+ return false;
+ } else if (!action.equals(other.action))
+ return false;
+ if (description == null) {
+ if (other.description != null)
+ return false;
+ } else if (!description.equals(other.description))
+ return false;
+ if (instance == null) {
+ if (other.instance != null)
+ return false;
+ } else if (!instance.equals(other.instance))
+ return false;
+ if (type == null) {
+ if (other.type != null)
+ return false;
+ } else if (!type.equals(other.type))
+ return false;
+ return true;
+ }
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPermsDetail.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPermsDetail.java
new file mode 100644
index 00000000..fab7d2c0
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessPermsDetail.java
@@ -0,0 +1,127 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+import java.util.List;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonRootName;
+
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonRootName(value="perm")
+public class ExternalAccessPermsDetail {
+
+ private String type;
+ private String instance;
+ private String action;
+ private List<String> roles;
+ private String description;
+
+
+
+ public ExternalAccessPermsDetail() {
+ super();
+ }
+
+ /**
+ * @param type
+ * @param instance
+ * @param action
+ * @param roles
+ * @param description
+ */
+ public ExternalAccessPermsDetail(String type, String instance, String action, List<String> roles,
+ String description) {
+ super();
+ this.type = type;
+ this.instance = instance;
+ this.action = action;
+ this.roles = roles;
+ this.description = description;
+ }
+
+ /**
+ * @param type
+ * @param instance
+ * @param action
+ * @param description
+ */
+ public ExternalAccessPermsDetail(String type, String instance, String action,
+ String description) {
+ super();
+ this.type = type;
+ this.instance = instance;
+ this.action = action;
+ this.description = description;
+ }
+
+ public String getType() {
+ return type;
+ }
+ public void setType(String type) {
+ this.type = type;
+ }
+ public String getInstance() {
+ return instance;
+ }
+ public void setInstance(String instance) {
+ this.instance = instance;
+ }
+ public String getAction() {
+ return action;
+ }
+ public void setAction(String action) {
+ this.action = action;
+ }
+ public List<String> getRoles() {
+ return roles;
+ }
+
+ public void setRoles(List<String> roles) {
+ this.roles = roles;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java
new file mode 100644
index 00000000..a14a4b5f
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java
@@ -0,0 +1,76 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+import java.io.Serializable;
+
+public class ExternalAccessRole implements Serializable {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 3439986826362436339L;
+ public String name;
+ public String description;
+
+ public ExternalAccessRole() {
+
+ }
+
+ public ExternalAccessRole(String name, String description) {
+ super();
+ this.name = name;
+ this.description = description;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java
new file mode 100644
index 00000000..f38b2f9f
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java
@@ -0,0 +1,66 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+public class ExternalAccessRolePerms {
+
+ private ExternalAccessPerms perm;
+ private String role;
+
+
+ public ExternalAccessRolePerms(ExternalAccessPerms perm, String role) {
+ super();
+ this.perm = perm;
+ this.role = role;
+ }
+
+ public ExternalAccessPerms getPerm() {
+ return perm;
+ }
+ public void setPerm(ExternalAccessPerms perm) {
+ this.perm = perm;
+ }
+ public String getRole() {
+ return role;
+ }
+ public void setRole(String role) {
+ this.role = role;
+ }
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUser.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUser.java
new file mode 100644
index 00000000..3ca88991
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUser.java
@@ -0,0 +1,65 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+public class ExternalAccessUser {
+
+ private String user;
+ private String role;
+
+ public ExternalAccessUser(String user, String role) {
+ super();
+ this.user = user;
+ this.role = role;
+ }
+
+ public String getUser() {
+ return user;
+ }
+ public void setUser(String user) {
+ this.user = user;
+ }
+ public String getRole() {
+ return role;
+ }
+ public void setRole(String role) {
+ this.role = role;
+ }
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java
new file mode 100644
index 00000000..5106f387
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java
@@ -0,0 +1,104 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+public class ExternalAccessUserRoleDetail {
+
+ private String name;
+ private ExternalRoleDescription description;
+
+
+ /**
+ *
+ */
+ public ExternalAccessUserRoleDetail() {
+ super();
+ }
+
+ public ExternalAccessUserRoleDetail(String name, ExternalRoleDescription description) {
+ super();
+ this.name = name;
+ this.description = description;
+ }
+
+ public String getName() {
+ return name;
+ }
+ public void setName(String name) {
+ this.name = name;
+ }
+ public ExternalRoleDescription getDescription() {
+ return description;
+ }
+ public void setDescription(ExternalRoleDescription description) {
+ this.description = description;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((description == null) ? 0 : description.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ExternalAccessUserRoleDetail other = (ExternalAccessUserRoleDetail) obj;
+ if (description == null) {
+ if (other.description != null)
+ return false;
+ } else if (!description.equals(other.description))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ return true;
+ }
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAuthUserRole.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAuthUserRole.java
new file mode 100644
index 00000000..33e21f2c
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAuthUserRole.java
@@ -0,0 +1,74 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+import java.io.Serializable;
+
+public class ExternalAuthUserRole implements Serializable{
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 5066251837431287376L;
+
+ private String role;
+ private String user;
+ private String expiryDate;
+
+ public String getRole() {
+ return role;
+ }
+ public void setRole(String role) {
+ this.role = role;
+ }
+ public String getUser() {
+ return user;
+ }
+ public void setUser(String user) {
+ this.user = user;
+ }
+ public String getExpiryDate() {
+ return expiryDate;
+ }
+ public void setExpiryDate(String expiryDate) {
+ this.expiryDate = expiryDate;
+ }
+
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java
new file mode 100644
index 00000000..d09db15d
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java
@@ -0,0 +1,150 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.domain;
+
+import java.util.List;
+
+public class ExternalRoleDescription {
+
+ private String id;
+ private String name;
+ private String active;
+ private String priority;
+ private String appId;
+ private String appRoleId;
+ private List<ExternalAccessPerms> permissions;
+
+ public String getId() {
+ return id;
+ }
+ public void setId(String id) {
+ this.id = id;
+ }
+ public String getName() {
+ return name;
+ }
+ public void setName(String name) {
+ this.name = name;
+ }
+ public String getActive() {
+ return active;
+ }
+ public void setActive(String active) {
+ this.active = active;
+ }
+ public String getPriority() {
+ return priority;
+ }
+ public void setPriority(String priority) {
+ this.priority = priority;
+ }
+ public String getAppId() {
+ return appId;
+ }
+ public void setAppId(String appId) {
+ this.appId = appId;
+ }
+ public String getAppRoleId() {
+ return appRoleId;
+ }
+ public void setAppRoleId(String appRoleId) {
+ this.appRoleId = appRoleId;
+ }
+
+ public List<ExternalAccessPerms> getPermissions() {
+ return permissions;
+ }
+ public void setPermissions(List<ExternalAccessPerms> permissions) {
+ this.permissions = permissions;
+ }
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((active == null) ? 0 : active.hashCode());
+ result = prime * result + ((appId == null) ? 0 : appId.hashCode());
+ result = prime * result + ((appRoleId == null) ? 0 : appRoleId.hashCode());
+ result = prime * result + ((id == null) ? 0 : id.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result + ((priority == null) ? 0 : priority.hashCode());
+ return result;
+ }
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ExternalRoleDescription other = (ExternalRoleDescription) obj;
+ if (active == null) {
+ if (other.active != null)
+ return false;
+ } else if (!active.equals(other.active))
+ return false;
+ if (appId == null) {
+ if (other.appId != null)
+ return false;
+ } else if (!appId.equals(other.appId))
+ return false;
+ if (appRoleId == null) {
+ if (other.appRoleId != null)
+ return false;
+ } else if (!appRoleId.equals(other.appRoleId))
+ return false;
+ if (id == null) {
+ if (other.id != null)
+ return false;
+ } else if (!id.equals(other.id))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (priority == null) {
+ if (other.priority != null)
+ return false;
+ } else if (!priority.equals(other.priority))
+ return false;
+ return true;
+ }
+
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/exception/UserNotFoundException.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/exception/UserNotFoundException.java
new file mode 100644
index 00000000..8d15b44c
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/exception/UserNotFoundException.java
@@ -0,0 +1,47 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.exception;
+
+public class UserNotFoundException extends Exception {
+
+ private static final long serialVersionUID = 1616470595106815228L;
+
+ public UserNotFoundException(String msg) {
+ super(msg);
+ }
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java
new file mode 100644
index 00000000..8f387f98
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java
@@ -0,0 +1,80 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.service;
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.portalsdk.core.command.LoginBean;
+import org.onap.portalsdk.core.domain.User;
+
+public interface LoginExternalAuthService {
+
+ /**
+ * validate user exists in the system
+ * @param bean
+ * @param menuPropertiesFilename
+ * @param additionalParams
+ * @return returns login user bean
+ * @throws IOException
+ */
+ @SuppressWarnings("rawtypes")
+ LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, HttpServletRequest request) throws Exception;
+
+ /**
+ *
+ * @param bean
+ * @param menuPropertiesFilename
+ * @param additionalParams
+ * @param matchPassword
+ * @return returns login user bean
+ * @throws IOException
+ */
+ @SuppressWarnings("rawtypes")
+ LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, boolean matchPassword, HttpServletRequest request)
+ throws Exception;
+
+ /**
+ *
+ * @param orgUserId
+ * @return
+ */
+ User findUserWithoutPwd(String orgUserId);
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java
new file mode 100644
index 00000000..d2ccfc2e
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java
@@ -0,0 +1,252 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.service;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.portalsdk.core.command.LoginBean;
+import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.User;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.menu.MenuBuilder;
+import org.onap.portalsdk.core.service.DataAccessService;
+import org.onap.portalsdk.core.service.LoginServiceCentralizedImpl;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.onap.portalsdk.core.web.support.AppUtils;
+import org.onap.portalsdk.core.web.support.UserUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service("loginExternalAuthService")
+public class LoginExternalAuthServiceImpl implements LoginExternalAuthService {
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class);
+
+ @Autowired
+ private DataAccessService dataAccessService;
+
+ @Autowired
+ private UserApiService userApiService;
+
+ @Override
+ public LoginBean findUser(LoginBean bean, String menuPropertiesFilename,
+ @SuppressWarnings("rawtypes") Map additionalParams, HttpServletRequest request) throws Exception {
+ return findUser(bean, menuPropertiesFilename, additionalParams, true, request);
+ }
+
+ @Override
+ @SuppressWarnings("rawtypes")
+ public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams,
+ boolean matchPassword, HttpServletRequest request) throws Exception {
+
+ User user;
+ if (bean.getUserid() != null) {
+ user = findUser(bean, request);
+ } else {
+ if (matchPassword)
+ user = findUser(bean.getLoginId(), bean.getLoginPwd());
+ else
+ user = findUserWithoutPwd(bean.getLoginId());
+ }
+
+ if (user != null) {
+ if (AppUtils.isApplicationLocked()
+ && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
+ }
+
+ // raise an error if the user is inactive
+ if (!user.getActive()) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
+ }
+
+ if (!userHasActiveRoles(user)) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
+ }
+ // only login the user if no errors have occurred
+ if (bean.getLoginErrorMessage() == null) {
+
+ // this will be a snapshot of the user's information as
+ // retrieved from the database
+ User userCopy = null;
+ try {
+ userCopy = (User) user.clone();
+ } catch (CloneNotSupportedException ex) {
+ // Never happens
+ logger.error(EELFLoggerDelegate.errorLogger, "findUser failed", ex);
+ }
+
+ User appuser = findUserWithoutPwd(user.getLoginId());
+
+ if (appuser == null && userHasRoleFunctions(user)) {
+ createUserIfNecessary(user);
+ } else {
+ appuser.setLastLoginDate(new Date());
+
+ // update the last logged in date for the user
+ dataAccessService.saveDomainObject(appuser, additionalParams);
+ }
+ // update the audit log of the user
+ // Check for the client device type and set log attributes
+ // appropriately
+
+ // save the above changes to the User and their audit trail
+
+ // create the application menu based on the user's privileges
+
+ Set appMenu = getMenuBuilder().getMenu(
+ SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
+ bean.setMenu(appMenu != null ? appMenu : new HashSet());
+ Set businessDirectMenu = getMenuBuilder().getMenu(
+ SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
+ dataAccessService);
+ bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
+
+ bean.setUser(userCopy);
+ }
+ }
+
+ return bean;
+ }
+
+ private void createUserIfNecessary(User user) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "createUser: " + user.getOrgUserId());
+ User user1 = new User();
+ user1.setEmail(user.getEmail());
+ user1.setEmail(user.getEmail());
+ user1.setFirstName(user.getFirstName());
+ user1.setHrid(user.getHrid());
+ user1.setJobTitle(user.getJobTitle());
+ user1.setLastName(user.getLastName());
+ user1.setLoginId(user.getLoginId());
+ user1.setOrgManagerUserId(user.getOrgManagerUserId());
+ user1.setMiddleInitial(user.getMiddleInitial());
+ user1.setOrgCode(user.getOrgCode());
+ user1.setOrgId(user.getOrgId());
+ user1.setPhone(user.getPhone());
+ user1.setOrgUserId(user.getOrgUserId());
+ user1.setActive(user.getActive());
+ user1.setLastLoginDate(new Date());
+
+ try {
+ dataAccessService.saveDomainObject(user1, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "createdUser Successfully: " + user.getOrgUserId());
+ } catch (Exception ex) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createUserIfNecessary failed", ex);
+ }
+
+ }
+
+ private boolean userHasActiveRoles(User user) {
+ boolean hasActiveRole = false;
+ @SuppressWarnings("rawtypes")
+ Iterator roles = user.getRoles().iterator();
+ while (roles.hasNext()) {
+ Role role = (Role) roles.next();
+ if (role.getActive()) {
+ hasActiveRole = true;
+ break;
+ }
+ }
+ return hasActiveRole;
+ }
+
+ private boolean userHasRoleFunctions(User user) {
+ boolean hasRoleFunctions = false;
+ @SuppressWarnings("rawtypes")
+ Iterator roles = user.getRoles().iterator();
+ while (roles.hasNext()) {
+ Role role = (Role) roles.next();
+ if (role.getActive() && role.getRoleFunctions() != null && !role.getRoleFunctions().isEmpty()) {
+ hasRoleFunctions = true;
+ break;
+ }
+ }
+ return hasRoleFunctions;
+ }
+
+ private User findUser(LoginBean bean, HttpServletRequest request) throws Exception {
+ User user = userApiService.getUser(bean.getUserid(), request);
+ user.setId(getUserIdByOrgUserId(user.getOrgUserId()));
+ user.setLoginId(bean.getUserid());
+ logger.debug(EELFLoggerDelegate.debugLogger, "findUser: Returning final user roles and permissions", user.toString());
+ return user;
+ }
+
+ private Long getUserIdByOrgUserId(String orgUserId) {
+ Map<String, String> params = new HashMap<>();
+ params.put("orgUserId", orgUserId);
+ @SuppressWarnings("rawtypes")
+ List list = dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null);
+ Long userId = null;
+ if (list != null && !list.isEmpty())
+ userId = (Long) list.get(0);
+ return userId;
+ }
+
+ @SuppressWarnings("rawtypes")
+ private User findUser(String loginId, String password) {
+ Map<String, String> params = new HashMap<>();
+ params.put("login_id", loginId);
+ params.put("login_pwd", password);
+ List list = dataAccessService.executeNamedQuery("getUserByLoginIdLoginPwd", params, new HashMap());
+ return (list == null || list.isEmpty()) ? null : (User) list.get(0);
+ }
+
+ @SuppressWarnings("rawtypes")
+ @Override
+ public User findUserWithoutPwd(String loginId) {
+ Map<String, String> params = new HashMap<>();
+ params.put("org_user_id", loginId);
+ List list = dataAccessService.executeNamedQuery("getUserByOrgUserId", params, new HashMap());
+ return (list == null || list.isEmpty()) ? null : (User) list.get(0);
+ }
+
+ private MenuBuilder getMenuBuilder() {
+ return new MenuBuilder();
+ }
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java
new file mode 100644
index 00000000..6eb312b6
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java
@@ -0,0 +1,66 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.service;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.domain.User;
+import org.onap.portalsdk.external.authorization.exception.UserNotFoundException;
+
+public interface UserApiService {
+
+ /**
+ * Gets list of all roles associated to user from external system
+ *
+ * @param orgUserId
+ * @return
+ * @throws Exception
+ */
+ User getUser(String orgUserId, HttpServletRequest request) throws UserNotFoundException;
+
+ /**
+ *
+ * @param OrgUserId
+ * @return
+ */
+ List<RoleFunction> getRoleFunctions(String orgUserId) throws Exception;
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java
new file mode 100644
index 00000000..8425f7da
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java
@@ -0,0 +1,319 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.service;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+import java.util.TreeSet;
+
+import javax.naming.NamingException;
+import javax.servlet.http.HttpServletRequest;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.onap.portalsdk.core.command.PostSearchBean;
+import org.onap.portalsdk.core.command.support.SearchResult;
+import org.onap.portalsdk.core.domain.App;
+import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.domain.User;
+import org.onap.portalsdk.core.domain.UserApp;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.service.AppService;
+import org.onap.portalsdk.core.service.DataAccessService;
+import org.onap.portalsdk.core.service.LdapService;
+import org.onap.portalsdk.core.service.PostSearchService;
+import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms;
+import org.onap.portalsdk.external.authorization.domain.ExternalAccessUserRoleDetail;
+import org.onap.portalsdk.external.authorization.domain.ExternalRoleDescription;
+import org.onap.portalsdk.external.authorization.exception.UserNotFoundException;
+import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties;
+import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.type.TypeFactory;
+
+@Service("userApiService")
+public class UserApiServiceImpl implements UserApiService {
+
+ private static final String AAF_GET_USER_ROLES_ENDPOINT = "roles/user/";
+
+ private static final String AAF_GET_USER_PERMS_ENDPOINT = "perms/user/";
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserApiServiceImpl.class);
+
+ @Autowired
+ private LoginExternalAuthService loginAAFService;
+
+ @Autowired
+ private LdapService ldapService;
+
+ @Autowired
+ private PostSearchService postSearchService;
+
+ @Autowired
+ private DataAccessService dataAccessService;
+
+ RestTemplate template = new RestTemplate();
+
+ @Autowired
+ private AppService appService;
+
+ @Override
+ public User getUser(String orgUserId, HttpServletRequest request)
+ throws UserNotFoundException {
+ User user = null;
+ try {
+ String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE);
+ HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth();
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getUserRoles: Connecting to external system for user {}",
+ orgUserId);
+ String endPoint = AAF_GET_USER_ROLES_ENDPOINT + orgUserId
+ + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
+ ResponseEntity<String> getResponse = template.exchange(
+ EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, HttpMethod.GET, entity,
+ String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getUserRoles: Finished GET unp ser roles from external system and body: {}",
+ getResponse.getBody());
+ }
+ String userRoles = getResponse.getBody();
+ JSONObject userJsonObj = null;
+ JSONArray userJsonArray = null;
+ ObjectMapper mapper = new ObjectMapper();
+ List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>();
+ if (!userRoles.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) {
+ userJsonObj = new JSONObject(userRoles);
+ userJsonArray = userJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_ROLE_FIELD);
+ ExternalAccessUserRoleDetail userRoleDetail = null;
+ for (int i = 0; i < userJsonArray.length(); i++) {
+ JSONObject role = userJsonArray.getJSONObject(i);
+ if (!role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME).endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_ADMIN)
+ && !role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME)
+ .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_OWNER)
+ && EcompExternalAuthUtils.checkNameSpaceMatching(role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME),
+ namespace)) {
+ ExternalRoleDescription desc = new ExternalRoleDescription();
+ if(role.has(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION)
+ && EcompExternalAuthUtils
+ .isJSONValid(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION))) {
+ desc = mapper.readValue(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION),
+ ExternalRoleDescription.class);
+ }
+ if(role.has(EcompExternalAuthUtils.EXT_FIELD_PERMS)) {
+ JSONArray perms = role.getJSONArray(EcompExternalAuthUtils.EXT_FIELD_PERMS);
+ List<ExternalAccessPerms> permsList = mapper.readValue(perms.toString(), TypeFactory
+ .defaultInstance().constructCollectionType(List.class, ExternalAccessPerms.class));
+ desc.setPermissions(permsList);
+ }
+ userRoleDetail = new ExternalAccessUserRoleDetail(
+ role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME), desc);
+ userRoleDetailList.add(userRoleDetail);
+ }
+ }
+ } else {
+ throw new UserNotFoundException("User roles not found!");
+ }
+
+ if (userRoleDetailList.isEmpty()) {
+ throw new UserNotFoundException("User roles not found!");
+ } else {
+ user = convertAAFUserRolesToEcompSDKUser(userRoleDetailList, orgUserId, namespace, request);
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getUser: Failed! ", e);
+ }
+ return user;
+
+ }
+
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ private User convertAAFUserRolesToEcompSDKUser(List<ExternalAccessUserRoleDetail> userRoleDetailList,
+ String orgUserId, String namespace, HttpServletRequest request)
+ throws Exception {
+ User user = loginAAFService.findUserWithoutPwd(orgUserId);
+ PostSearchBean postSearchBean = new PostSearchBean();
+ if (user == null) {
+ postSearchBean.setOrgUserId(orgUserId);
+ postSearchService.process(request, postSearchBean);
+ postSearchBean.setSearchResult(loadSearchResultData(postSearchBean));
+ user = (User) postSearchBean.getSearchResult().get(0);
+ user.setActive(true);
+ user.setLoginId(orgUserId);
+ dataAccessService.saveDomainObject(user, null);
+ }
+ App app = appService.getApp(1l);
+ try {
+ Set userApps = new TreeSet();
+ for (ExternalAccessUserRoleDetail userRoleDetail : userRoleDetailList) {
+ ExternalRoleDescription roleDesc = userRoleDetail.getDescription();
+ UserApp userApp = new UserApp();
+ Role role = new Role();
+ Set roleFunctions = new TreeSet<>();
+ if (roleDesc != null) {
+ if (roleDesc.getName() == null) {
+ role.setActive(true);
+ role.setName(userRoleDetail.getName().substring(namespace.length() + 1));
+ } else {
+ role.setActive(Boolean.valueOf(roleDesc.getActive()));
+ role.setId(Long.valueOf(roleDesc.getAppRoleId()));
+ role.setName(roleDesc.getName());
+ if (!roleDesc.getPriority().equals(EcompExternalAuthUtils.EXT_NULL_VALUE)) {
+ role.setPriority(Integer.valueOf(roleDesc.getPriority()));
+ }
+ }
+ for (ExternalAccessPerms extPerm : roleDesc.getPermissions()) {
+ RoleFunction roleFunction = new RoleFunction();
+ roleFunction.setCode(extPerm.getInstance());
+ roleFunction.setAction(extPerm.getAction());
+ if (extPerm.getDescription() != null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getDescription());
+ } else if (extPerm.getDescription() == null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|"
+ + extPerm.getInstance() + "|" + extPerm.getAction());
+ } else if (extPerm.getDescription() == null
+ && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(
+ extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction());
+ }
+ if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setType(extPerm.getType().substring(namespace.length() + 1));
+ } else {
+ roleFunction.setType(extPerm.getType());
+ }
+ roleFunctions.add(roleFunction);
+ }
+ }
+ role.setRoleFunctions(roleFunctions);
+ userApp.setApp(app);
+ userApp.setRole(role);
+ userApp.setUserId(user.getId());
+ userApps.add(userApp);
+ }
+ user.setUserApps(userApps);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createEPUser: createEPUser failed", e);
+ throw e;
+ }
+
+ return user;
+ }
+
+ @Override
+ public List<RoleFunction> getRoleFunctions(String orgUserId) throws Exception {
+ ObjectMapper mapper = new ObjectMapper();
+ HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth();
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctions: Connecting to external system for user {}",
+ orgUserId);
+ String endPoint = AAF_GET_USER_PERMS_ENDPOINT + orgUserId
+ + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN);
+ ResponseEntity<String> getResponse = template.exchange(
+ EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, HttpMethod.GET, entity,
+ String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getRoleFunctions: Finished GET user perms from external system and body: {}",
+ getResponse.getBody());
+ }
+ String userPerms = getResponse.getBody();
+ JSONObject userPermsJsonObj = null;
+ JSONArray userPermsJsonArray = null;
+ List<ExternalAccessPerms> extPermsList = new ArrayList<>();
+ if (!userPerms.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) {
+ userPermsJsonObj = new JSONObject(userPerms);
+ userPermsJsonArray = userPermsJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_PERM_FIELD);
+ for (int i = 0; i < userPermsJsonArray.length(); i++) {
+ JSONObject permJsonObj = userPermsJsonArray.getJSONObject(i);
+ if (!permJsonObj.getString(EcompExternalAuthUtils.EXT_PERM_FIELD_TYPE).endsWith(EcompExternalAuthUtils.EXT_PERM_ACCESS)) {
+ ExternalAccessPerms perm = mapper.readValue(permJsonObj.toString(), ExternalAccessPerms.class);
+ extPermsList.add(perm);
+ }
+ }
+ }
+ return convertToRoleFunctionList(extPermsList);
+ }
+
+ private List<RoleFunction> convertToRoleFunctionList(List<ExternalAccessPerms> extPermsList) {
+ List<RoleFunction> roleFunctions = new ArrayList<>();
+ String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE);
+ for (ExternalAccessPerms extPerm : extPermsList) {
+ RoleFunction roleFunction = new RoleFunction();
+ roleFunction.setCode(extPerm.getInstance());
+ roleFunction.setAction(extPerm.getAction());
+ if (extPerm.getDescription() != null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getDescription());
+ } else if (extPerm.getDescription() == null
+ && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|" + extPerm.getInstance()
+ + "|" + extPerm.getAction());
+ } else if (extPerm.getDescription() == null
+ && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setName(extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction());
+ }
+ if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) {
+ roleFunction.setType(extPerm.getType().substring(namespace.length() + 1));
+ } else {
+ roleFunction.setType(extPerm.getType());
+ }
+ roleFunctions.add(roleFunction);
+ }
+ return roleFunctions;
+ }
+
+ private SearchResult loadSearchResultData(PostSearchBean searchCriteria)
+ throws NamingException {
+ return ldapService.searchPost(searchCriteria.getUser(), searchCriteria.getSortBy1(),
+ searchCriteria.getSortBy2(), searchCriteria.getSortBy3(), searchCriteria.getPageNo(),
+ searchCriteria.getNewDataSize(), 1);
+ }
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthProperties.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthProperties.java
new file mode 100644
index 00000000..a680a672
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthProperties.java
@@ -0,0 +1,123 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Properties;
+
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+
+
+public class EcompExternalAuthProperties {
+
+ public static final String EXTERNAL_AUTH_USER_NAME = "extern_auth_user_name";
+
+ public static final String EXTERNAL_AUTH_PASSWORD = "extern_auth_password";
+
+ public static final String EXTERNAL_AUTH_URL = "extern_auth_url";
+
+ public static final String EXTERNAL_AUTH_USER_DOMAIN = "extern_auth_user_domain";
+
+ public static final String EXTERNAL_AUTH_NAMESPACE = "extern_auth_namespace";
+
+ private EcompExternalAuthProperties(){}
+
+ private static Properties properties;
+
+ private static String propertyFileName = "external-auth.properties";
+
+ private static final Object lockObject = new Object();
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EcompExternalAuthProperties.class);
+
+ /**
+ * Gets the property value for the specified key. If a value is found, leading
+ * and trailing space is trimmed.
+ *
+ * @param property
+ * Property key
+ * @return Value for the named property; null if the property file was not
+ * loaded or the key was not found.
+ */
+ public static String getProperty(String property) {
+ if (properties == null) {
+ synchronized (lockObject) {
+ try {
+ if (!initialize()) {
+ logger.error(EELFLoggerDelegate.errorLogger,"Failed to read property file " + propertyFileName);
+ return null;
+ }
+ } catch (IOException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,"Failed to read property file " + propertyFileName ,e);
+ return null;
+ }
+ }
+ }
+ String value = properties.getProperty(property);
+ if (value != null)
+ value = value.trim();
+ return value;
+ }
+
+ /**
+ * Reads properties from a portal.properties file on the classpath.
+ *
+ * Clients do NOT need to call this method. Clients MAY call this method to test
+ * whether the properties file can be loaded successfully.
+ *
+ * @return True if properties were successfully loaded, else false.
+ * @throws IOException
+ * On failure
+ */
+ private static boolean initialize() throws IOException {
+ if (properties != null)
+ return true;
+ InputStream in = EcompExternalAuthProperties.class.getClassLoader().getResourceAsStream(propertyFileName);
+ if (in == null)
+ return false;
+ properties = new Properties();
+ try {
+ properties.load(in);
+ } finally {
+ in.close();
+ }
+ return true;
+ }
+
+}
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java
new file mode 100644
index 00000000..56b1527e
--- /dev/null
+++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java
@@ -0,0 +1,139 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.portalsdk.external.authorization.util;
+
+import java.io.IOException;
+
+import javax.xml.bind.DatatypeConverter;
+
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.util.CipherUtil;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+public class EcompExternalAuthUtils {
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EcompExternalAuthUtils.class);
+
+ @Autowired
+ CipherUtil cipherUtil;
+
+ public static final String EXT_EMPTY_JSON_STRING = "{}";
+ public static final String EXT_ROLE_FIELD = "role";
+ public static final String EXT_PERM_FIELD = "perm";
+ public static final String EXT_PERM_FIELD_TYPE = "type";
+ public static final String EXT_PERM_ACCESS = ".access";
+ public static final String EXT_ROLE_FIELD_NAME = "name";
+ public static final String EXT_NULL_VALUE = "null";
+ public static final String EXT_FIELD_DESCRIPTION = "description";
+ public static final String EXT_FIELD_PERMS = "perms";
+ public static final String EXT_ROLE_FIELD_OWNER = ".owner";
+ public static final String EXT_ROLE_FIELD_ADMIN = ".admin";
+
+ public static HttpHeaders base64encodeKeyForAAFBasicAuth() throws Exception {
+ String userName = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME);
+ String encryptedPass = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_PASSWORD);
+ String decryptedPass = decryptPass(encryptedPass);
+ String usernamePass = userName + ":" + decryptedPass;
+ String encToBase64 = String.valueOf((DatatypeConverter.printBase64Binary(usernamePass.getBytes())));
+ HttpHeaders headers = new HttpHeaders();
+ headers.add("Authorization", "Basic " + encToBase64);
+ headers.setContentType(MediaType.APPLICATION_JSON);
+ return headers;
+ }
+
+ private static String decryptPass(String encrypted) throws Exception {
+ String result = "";
+ if (encrypted != null && encrypted.length() > 0) {
+ try {
+ result = CipherUtil.decryptPKC(encrypted,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,"decryptedPassword failed", e);
+ throw e;
+ }
+ }
+ return result;
+ }
+
+ /**
+ *
+ * It checks whether the namespace is matching or not
+ *
+ * @param permTypeVal
+ * @param appNamespaceVal
+ * @return true or false
+ */
+ public static boolean checkNameSpaceMatching(String permTypeVal, String appNamespaceVal) {
+ String[] typeNamespace = permTypeVal.split("\\.");
+ String[] appNamespace = appNamespaceVal.split("\\.");
+ boolean isNamespaceMatching = true;
+ if (appNamespace.length <= typeNamespace.length) {
+ for (int k = 0; k < appNamespace.length; k++) {
+ if (!appNamespace[k].equals(typeNamespace[k]))
+ isNamespaceMatching = false;
+ }
+
+ } else {
+ isNamespaceMatching = false;
+ }
+ return isNamespaceMatching;
+ }
+
+ /**
+ *
+ * It validates whether given string is JSON or not
+ *
+ * @param jsonInString
+ * @return true or false
+ */
+ public static boolean isJSONValid(String jsonInString ) {
+ try {
+ final ObjectMapper mapper = new ObjectMapper();
+ mapper.readTree(jsonInString);
+ return true;
+ } catch (IOException e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to parse Json!", e);
+ return false;
+ }
+ }
+}