summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java
diff options
context:
space:
mode:
Diffstat (limited to 'ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java')
-rw-r--r--ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java83
1 files changed, 64 insertions, 19 deletions
diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java
index 14ad234f..e07e4f9d 100644
--- a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java
+++ b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java
@@ -39,6 +39,7 @@ package org.onap.portalsdk.core.onboarding.util;
import java.util.ArrayList;
import java.util.List;
+import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
@@ -89,11 +90,10 @@ public class AuthUtil {
return match;
}
} else {
- if (portalApiPath.matches(urlPattern))
+ if (urlPattern.equals("*"))
return true;
- else if (urlPattern.equals("*"))
+ else if (portalApiPath.matches(urlPattern))
return true;
-
}
return false;
}
@@ -172,25 +172,70 @@ public class AuthUtil {
* @return boolean value if the access is allowed
* @throws PortalAPIException
*/
- public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace) throws PortalAPIException {
- List<AAFPermission> aafPermsList = getAAFPermissions(request);
- logger.debug(EELFLoggerDelegate.debugLogger, "Application nameSpace: "+ nameSpace);
- if (nameSpace.isEmpty()) {
- throw new PortalAPIException("NameSpace not Declared!");
- }
- List<AAFPermission> aafPermsFinalList = getNameSpacesAAFPermissions(nameSpace, aafPermsList);
- List<String> finalInstanceList = getAllInstances(aafPermsFinalList);
- String requestUri = request.getRequestURI().substring(request.getContextPath().length() + 1);
+ public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace, Map<String,String> appCredentials) throws PortalAPIException {
+
boolean isauthorized = false;
- for (String str : finalInstanceList) {
- if (!isauthorized)
- isauthorized = matchPattern(requestUri, str);
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "isAccessAllowed for the request uri: "+requestUri + "is"+ isauthorized);
- if (isauthorized) {
+ try {
+ CadiWrap wrapReq = (CadiWrap) request;
+ List<AAFPermission> aafPermsList = getAAFPermissions(request);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Application nameSpace: " + nameSpace);
+ if (nameSpace.isEmpty()) {
+ throw new PortalAPIException("NameSpace not Declared!");
+ }
+ List<AAFPermission> aafPermsFinalList = getNameSpacesAAFPermissions(nameSpace, aafPermsList);
+ List<String> finalInstanceList = getAllInstances(aafPermsFinalList);
+ finalInstanceList.add("api/v3/timeoutSession");
+ String requestUri = request.getRequestURI().substring(request.getContextPath().length() + 1);
+
+ for (String str : finalInstanceList) {
+ if (!isauthorized)
+ isauthorized = matchPattern(requestUri, str);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "isAccessAllowed for the request uri: " + requestUri + "is" + isauthorized);
+ if (isauthorized) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Request is Authorized");
+ }
+ } catch (ClassCastException e) {
logger.debug(EELFLoggerDelegate.debugLogger,
- "Request is Authorized");
+ "Given request is not CADI request");
+
+ if(appCredentials.isEmpty())
+ {
+ logger.debug(EELFLoggerDelegate.debugLogger, "app credentails are empty");
+ return false;
+ }
+
+ String appUserName = "";
+ String appPassword = "";
+ String appName = "";
+
+ for (Map.Entry<String, String> entry : appCredentials.entrySet()) {
+ if (entry.getKey().equalsIgnoreCase("username")) {
+ appUserName = entry.getValue();
+ } else if (entry.getKey().equalsIgnoreCase("password")) {
+ appPassword = entry.getValue();
+ } else {
+ appName = entry.getValue();
+ }
+ }
+
+ try {
+ String appUser = request.getHeader("username");
+ String password = request.getHeader("password");
+
+ if (password.equals(appPassword) && appUserName.equals(appUser)) {
+ isauthorized = true;
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "isAccessAllowed for the request " + isauthorized);
+ } catch (Exception e1) {
+ String response = "AuthUtil.isAccessAllowed failed";
+ logger.error(EELFLoggerDelegate.errorLogger, response, e1);
+ throw new PortalAPIException(response, e1);
+ }
}
+
return isauthorized;
}
} \ No newline at end of file