diff options
Diffstat (limited to 'ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java')
-rw-r--r-- | ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java | 53 |
1 files changed, 28 insertions, 25 deletions
diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java index e07e4f9d..dc49933e 100644 --- a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java +++ b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/util/AuthUtil.java @@ -48,10 +48,11 @@ import javax.servlet.http.HttpServletRequest; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.onap.aaf.cadi.CadiWrap; import org.onap.aaf.cadi.Permission; import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; public class AuthUtil { @@ -59,7 +60,7 @@ public class AuthUtil { private static final String decodeValueOfForwardSlash = "2f"; private static final String decodeValueOfHyphen = "2d"; private static final String decodeValueOfAsterisk = "2a"; - private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AuthUtil.class); + private static final Log logger = LogFactory.getLog(AuthUtil.class); /* * This method compares the portalApiPath against the urlPattern; splits the @@ -97,10 +98,12 @@ public class AuthUtil { } return false; } + /** * * @param request - * @return returns list of AAFPermission of the requested MechId for all the namespaces + * @return returns list of AAFPermission of the requested MechId for all the + * namespaces */ public static List<AAFPermission> getAAFPermissions(HttpServletRequest request) { CadiWrap wrapReq = (CadiWrap) request; @@ -124,6 +127,7 @@ public class AuthUtil { allPermissionsList.removeIf(perm -> (!perm.getType().equals(type))); return allPermissionsList; } + /** * * @param permsList @@ -142,7 +146,8 @@ public class AuthUtil { str = decodeFunctionCode(instance); finalInstanceList.add(str); } - logger.debug(EELFLoggerDelegate.debugLogger, "List of AllInstances: "+ finalInstanceList); + if (logger.isDebugEnabled()) + logger.debug("List of AllInstances: " + finalInstanceList); return finalInstanceList; } @@ -157,7 +162,7 @@ public class AuthUtil { decodedString = decodedString.replaceAll("%" + xssInputPattern, new String(Hex.decodeHex(xssInputPattern.toString().toCharArray()))); } catch (DecoderException e) { - logger.error(EELFLoggerDelegate.errorLogger, "Decode Failed! for instance: "+ str); + logger.error("Decode Failed! for instance: " + str); throw new PortalAPIException("decode failed", e); } } @@ -168,17 +173,19 @@ public class AuthUtil { /** * * @param request - * @param nameSpace application namespace + * @param nameSpace + * application namespace * @return boolean value if the access is allowed * @throws PortalAPIException */ - public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace, Map<String,String> appCredentials) throws PortalAPIException { - + public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace, + Map<String, String> appCredentials) throws PortalAPIException { + boolean isauthorized = false; try { CadiWrap wrapReq = (CadiWrap) request; List<AAFPermission> aafPermsList = getAAFPermissions(request); - logger.debug(EELFLoggerDelegate.debugLogger, "Application nameSpace: " + nameSpace); + logger.debug("Application nameSpace: " + nameSpace); if (nameSpace.isEmpty()) { throw new PortalAPIException("NameSpace not Declared!"); } @@ -191,21 +198,18 @@ public class AuthUtil { if (!isauthorized) isauthorized = matchPattern(requestUri, str); } - logger.debug(EELFLoggerDelegate.debugLogger, - "isAccessAllowed for the request uri: " + requestUri + "is" + isauthorized); + logger.debug("isAccessAllowed for the request uri: " + requestUri + "is" + isauthorized); if (isauthorized) { - logger.debug(EELFLoggerDelegate.debugLogger, "Request is Authorized"); + logger.debug("Request is Authorized"); } } catch (ClassCastException e) { - logger.debug(EELFLoggerDelegate.debugLogger, - "Given request is not CADI request"); - - if(appCredentials.isEmpty()) - { - logger.debug(EELFLoggerDelegate.debugLogger, "app credentails are empty"); + logger.warn("Given request is not CADI request: " + e.toString()); + + if (appCredentials.isEmpty()) { + logger.debug("app credentails are empty"); return false; } - + String appUserName = ""; String appPassword = ""; String appName = ""; @@ -219,23 +223,22 @@ public class AuthUtil { appName = entry.getValue(); } } - + try { String appUser = request.getHeader("username"); String password = request.getHeader("password"); - + if (password.equals(appPassword) && appUserName.equals(appUser)) { isauthorized = true; } - logger.debug(EELFLoggerDelegate.debugLogger, - "isAccessAllowed for the request " + isauthorized); + logger.debug("isAccessAllowed for the request " + isauthorized); } catch (Exception e1) { String response = "AuthUtil.isAccessAllowed failed"; - logger.error(EELFLoggerDelegate.errorLogger, response, e1); + logger.error(response, e1); throw new PortalAPIException(response, e1); } } - + return isauthorized; } }
\ No newline at end of file |