diff options
Diffstat (limited to 'ecomp-sdk/epsdk-fw/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java')
| -rw-r--r-- | ecomp-sdk/epsdk-fw/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java | 618 |
1 files changed, 618 insertions, 0 deletions
diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java b/ecomp-sdk/epsdk-fw/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java new file mode 100644 index 00000000..02d35ae9 --- /dev/null +++ b/ecomp-sdk/epsdk-fw/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java @@ -0,0 +1,618 @@ +/*- + * ================================================================================ + * ECOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.List; +import java.util.Map; + +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; +import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.openecomp.portalsdk.core.onboarding.rest.RestWebServiceClient; +import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; +import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; +import org.openecomp.portalsdk.core.restful.domain.EcompRole; +import org.openecomp.portalsdk.core.restful.domain.EcompUser; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.ObjectMapper; + +/** + * This servlet performs the functions described below. It listens on a path + * like "/api" (see {@link PortalApiConstants#API_PREFIX}). The servlet checks + * for authorized access and rejects unauthorized requests. + * <OL> + * <LI>Proxies user (i.e., browser) requests for web analytics. The GET method + * fetches javascript from the Portal and returns it. The POST method forwards + * data sent by the browser on to Portal. These requests are checked for a valid + * User UID in a header; these requests do NOT use the application + * username-password header.</LI> + * <LI>Responds to ECOMP Portal API requests to query and update user, role and + * user-role information. The servlet proxies all requests on to a local Java + * class that implements {@link IPortalRestAPIService}. These requests must have + * the application username-password header.</LI> + * </OL> + * This servlet will not start if the required portal.properties file is not + * found on the classpath. + */ + +@WebServlet(urlPatterns = { PortalApiConstants.API_PREFIX + "/*" }) +public class PortalRestAPIProxy extends HttpServlet implements IPortalRestAPIService { + private static final long serialVersionUID = 1L; + + private static final String contentTypeAppJson = "application/json"; + + private final Log logger = LogFactory.getLog(getClass()); + + /** + * Mapper for JSON to object etc. + */ + private final ObjectMapper mapper = new ObjectMapper(); + + /** + * Client-supplied class that implements our interface. + */ + private static IPortalRestAPIService portalRestApiServiceImpl; + + public PortalRestAPIProxy() { + // Ensure that any additional fields sent by the Portal + // will be ignored when creating objects. + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + } + + @Override + public void init() throws ServletException { + String className = PortalApiProperties.getProperty(PortalApiConstants.PORTAL_API_IMPL_CLASS); + if (className == null) + throw new ServletException( + "init: Failed to find class name property " + PortalApiConstants.PORTAL_API_IMPL_CLASS); + try { + logger.debug("init: creating instance of class " + className); + Class<?> implClass = Class.forName(className); + portalRestApiServiceImpl = (IPortalRestAPIService) (implClass.getConstructor().newInstance()); + } catch (Exception ex) { + throw new ServletException("init: Failed to find or instantiate class " + className, ex); + } + } + + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + if (portalRestApiServiceImpl == null) { + // Should never happen due to checks in init() + logger.error("doPost: no service class instance"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.getWriter().write(buildJsonResponse(false, "Misconfigured - no instance of service class")); + return; + } + String requestUri = request.getRequestURI(); + String responseJson = ""; + String storeAnalyticsContextPath = "/storeAnalytics"; + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + storeAnalyticsContextPath)) { + String userId; + try { + userId = getUserId(request); + } catch (PortalAPIException e) { + logger.error("Issue with invoking getUserId implemenation !!! ", e); + throw new ServletException(e); + } + if (userId == null || userId.length() == 0) { + logger.debug("doPost: userId is null or empty"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + responseJson = buildJsonResponse(false, "Not authorized for " + storeAnalyticsContextPath); + } else { + // User ID obtained from request + try { + String credential = PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY); + // for now lets also pass uebkey as user name and password + String requestBody = readRequestBody(request); + @SuppressWarnings("unchecked") + Map<String, String> bodyMap = mapper.readValue(requestBody, Map.class); + // add user ID + bodyMap.put("userid", userId); + requestBody = mapper.writeValueAsString(bodyMap); + responseJson = RestWebServiceClient.getInstance().postPortalContent(storeAnalyticsContextPath, + userId, credential, null, credential, credential, "application/json", requestBody); + if (logger.isDebugEnabled()) + logger.debug("doPost: postPortalContent returns " + responseJson); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + logger.error("doPost: " + storeAnalyticsContextPath + " caught exception", ex); + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } + writeAndFlush(response, contentTypeAppJson, responseJson); + return; + } // post analytics + + boolean secure = false; + try { + secure = isAppAuthenticated(request); + } catch (PortalAPIException ex) { + logger.error("doPost: isAppAuthenticated threw exception", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.getWriter().write(buildJsonResponse(false, "Failed to authenticate request")); + return; + } + if (!secure) { + if (logger.isDebugEnabled()) + logger.debug("doPost: isAppAuthenticated answered false"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + writeAndFlush(response, contentTypeAppJson, buildJsonResponse(false, "Not authorized")); + return; + } + + try { + String requestBody = readRequestBody(request); + if (logger.isDebugEnabled()) + logger.debug("doPost: URI = " + requestUri + ", payload = " + requestBody); + + /* + * All APIs: + * + * 1. /user <-- save user + * + * 2. /user/{loginId} <-- edit user + * + * 3. /user/{loginId}/roles <-- save roles for user + */ + + // On success return the empty string. + + if (requestUri.endsWith("/updateSessionTimeOuts")) { + if (updateSessionTimeOuts(requestBody)) { + if (logger.isDebugEnabled()) + logger.debug("doPost: updated session timeouts"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to update session time outs"; + logger.error("doPost: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else if (requestUri.endsWith("/timeoutSession")) { + String portalJSessionId = request.getParameter("portalJSessionId"); + if (portalJSessionId == null) { + portalJSessionId = ""; + } + if (timeoutSession(portalJSessionId)) { + if (logger.isDebugEnabled()) + logger.debug("doPost: timed out session"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to timeout session"; + logger.error("doPost: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else + // Example: /user <-- create user + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/user")) { + try { + EcompUser user = mapper.readValue(requestBody, EcompUser.class); + pushUser(user); + if (logger.isDebugEnabled()) + logger.debug("doPost: pushUser: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: pushUser: caught exception", ex); + } + } else + // Example: /user/fi241c <-- edit user fi241c + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && !(requestUri.endsWith("/roles"))) { + String loginId = requestUri.substring(requestUri.lastIndexOf('/') + 1); + try { + EcompUser user = mapper.readValue(requestBody, EcompUser.class); + editUser(loginId, user); + if (logger.isDebugEnabled()) + logger.debug("doPost: editUser: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: editUser: caught exception", ex); + } + } else + // Example: /user/{loginId}/roles <-- save roles for user + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.indexOf("/user/") + ("/user").length() + 1, + requestUri.lastIndexOf('/')); + try { + TypeReference<List<EcompRole>> typeRef = new TypeReference<List<EcompRole>>() { + }; + List<EcompRole> roles = mapper.readValue(requestBody, typeRef); + pushUserRole(loginId, roles); + if (logger.isDebugEnabled()) + logger.debug("doPost: pushUserRole: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: pushUserRole: caught exception", ex); + } + } else { + String msg = "doPost: no match for request " + requestUri; + logger.warn(msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + } + } catch (Exception ex) { + logger.error("doPost: Failed to process request " + requestUri, ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + responseJson = buildJsonResponse(ex); + } + + writeAndFlush(response, contentTypeAppJson, responseJson); + + } + + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + if (portalRestApiServiceImpl == null) { + // Should never happen due to checks in init() + logger.error("doGet: no service class instance"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, contentTypeAppJson, + buildJsonResponse(false, "Misconfigured - no instance of service class")); + return; + } + + String requestUri = request.getRequestURI(); + String responseString = ""; + String contentType = contentTypeAppJson; + + String webAnalyticsContextPath = "/analytics"; + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + webAnalyticsContextPath)) { + String userId; + try { + userId = getUserId(request); + } catch (PortalAPIException e) { + logger.error("Issue with invoking getUserId implemenation !!! ", e); + throw new ServletException(e); + } + if (userId == null || userId.length() == 0) { + logger.debug("doGet: userId is null or empty"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + responseString = buildJsonResponse(false, "Not authorized for " + webAnalyticsContextPath); + } else { + // User ID obtained from request + try { + String credential = PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY); + // for now lets also pass uebkey as user name and password + contentType = "text/javascript"; + responseString = RestWebServiceClient.getInstance().getPortalContent(webAnalyticsContextPath, + userId, credential, null, credential, credential); + if (logger.isDebugEnabled()) + logger.debug("doGet: " + webAnalyticsContextPath + ": " + responseString); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseString = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: " + webAnalyticsContextPath + " caught exception", ex); + } + } + writeAndFlush(response, contentType, responseString); + return; + } + + boolean secure = false; + try { + secure = isAppAuthenticated(request); + } catch (PortalAPIException ex) { + logger.error("doGet: isAppAuthenticated threw exception", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, contentTypeAppJson, buildJsonResponse(false, "Failed to authenticate request")); + return; + } + + if (!secure) { + if (logger.isDebugEnabled()) + logger.debug("doGet: isAppAuthenticated answered false"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + writeAndFlush(response, contentTypeAppJson, buildJsonResponse(false, "Not authorized")); + return; + } + + String responseJson = null; + try { + // Ignore any request body in a GET. + // String requestBody = readRequestBody(request); + if (logger.isDebugEnabled()) + logger.debug("doGet: URI = " + requestUri); + + /* + * 1. /roles <-- get roles + * + * 2. /user/{loginId} <-- get user + * + * 3. /users <-- get all users + * + * 4. /user/{loginId}/roles <-- get roles for user + */ + + if (requestUri.endsWith("/sessionTimeOuts")) { + responseJson = getSessionTimeOuts(); + if (responseJson != null && responseJson.length() > 0) { + if (logger.isDebugEnabled()) + logger.debug("doGet: got session timeouts"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to get session time outs"; + logger.error("doGet: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else + // Example: /users <-- get all users + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/users")) { + try { + List<EcompUser> users = getUsers(); + responseJson = mapper.writeValueAsString(users); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUsers: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUsers: caught exception", ex); + } + } else + // Example: /roles <-- get all roles + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/roles")) { + try { + List<EcompRole> roles = getAvailableRoles(); + responseJson = mapper.writeValueAsString(roles); + if (logger.isDebugEnabled()) + logger.debug("doGet: getAvailableRoles: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getAvailableRoles: caught exception", ex); + } + } else + // Example: /user/fi241c <-- get user fi241c + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && !requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.lastIndexOf('/') + 1); + try { + EcompUser user = getUser(loginId); + responseJson = mapper.writeValueAsString(user); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUser: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUser: caught exception", ex); + } + } + // Example: /user/fi241c/roles <-- get roles for user fi241c + else if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.indexOf("/user/") + ("/user").length() + 1, + requestUri.lastIndexOf('/')); + try { + List<EcompRole> roles = getUserRoles(loginId); + responseJson = mapper.writeValueAsString(roles); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUserRoles: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUserRoles: caught exception", ex); + } + } else { + logger.warn("doGet: no match found for request"); + responseJson = buildJsonResponse(false, "No match for request"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + } + } catch (Exception ex) { + logger.error("doGet: Failed to process request", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + responseJson = buildJsonResponse(ex); + } + writeAndFlush(response, contentTypeAppJson, responseJson); + } + + public String getSessionTimeOuts() throws Exception { + return PortalTimeoutHandler.gatherSessionExtensions(); + } + + public boolean timeoutSession(String portalJSessionId) throws Exception { + return PortalTimeoutHandler.invalidateSession(portalJSessionId); + } + + public boolean updateSessionTimeOuts(String sessionMap) throws Exception { + return PortalTimeoutHandler.updateSessionExtensions(sessionMap); + } + + @Override + public void pushUser(EcompUser user) throws PortalAPIException { + portalRestApiServiceImpl.pushUser(user); + } + + @Override + public void editUser(String loginId, EcompUser user) throws PortalAPIException { + portalRestApiServiceImpl.editUser(loginId, user); + } + + @Override + public EcompUser getUser(String loginId) throws PortalAPIException { + return portalRestApiServiceImpl.getUser(loginId); + } + + @Override + public List<EcompUser> getUsers() throws PortalAPIException { + return portalRestApiServiceImpl.getUsers(); + } + + @Override + public List<EcompRole> getAvailableRoles() throws PortalAPIException { + return portalRestApiServiceImpl.getAvailableRoles(); + } + + @Override + public void pushUserRole(String loginId, List<EcompRole> roles) throws PortalAPIException { + portalRestApiServiceImpl.pushUserRole(loginId, roles); + } + + @Override + public List<EcompRole> getUserRoles(String loginId) throws PortalAPIException { + return portalRestApiServiceImpl.getUserRoles(loginId); + } + + @Override + public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException { + return portalRestApiServiceImpl.isAppAuthenticated(request); + } + + /** + * Sets the content type and writes the response. + * + * @param response + * @param contentType + * @param responseBody + * @throws IOException + */ + private void writeAndFlush(HttpServletResponse response, String contentType, String responseBody) + throws IOException { + response.setContentType(contentType); + PrintWriter out = response.getWriter(); + out.print(responseBody); + out.flush(); + } + + /** + * Reads the request body and closes the input stream. + * + * @param request + * @return String read from the request, the empty string if nothing is + * read. + * @throws IOException + */ + private static String readRequestBody(HttpServletRequest request) throws IOException { + + String body = null; + StringBuilder stringBuilder = new StringBuilder(); + BufferedReader bufferedReader = null; + try { + InputStream inputStream = request.getInputStream(); + if (inputStream != null) { + bufferedReader = new BufferedReader(new InputStreamReader(inputStream)); + char[] charBuffer = new char[1024]; + int bytesRead = -1; + while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { + stringBuilder.append(charBuffer, 0, bytesRead); + } + } else { + stringBuilder.append(""); + } + } finally { + if (bufferedReader != null) { + try { + bufferedReader.close(); + } catch (IOException ex) { + throw ex; + } + } + } + body = stringBuilder.toString(); + return body; + } + + /** + * Builds JSON object with status + message response body. + * + * @param success + * True to indicate success, false to signal failure. + * @param msg + * Message to include in the response object; ignored if null. + * @return + * + * <pre> + * { "status" : "ok" (or "error"), "message": "some explanation" } + * </pre> + */ + private String buildJsonResponse(boolean success, String msg) { + PortalAPIResponse response = new PortalAPIResponse(success, msg); + String json = null; + try { + json = mapper.writeValueAsString(response); + } catch (JsonProcessingException ex) { + // Truly should never, ever happen + json = "{ \"status\": \"error\",\"message\":\"" + ex.toString() + "\" }"; + } + return json; + } + + /** + * Builds JSON object with status of error and message containing stack + * trace for the specified throwable. + * + * @param t + * Throwable with stack trace to use as message + * + * @return + * + * <pre> + * { "status" : "error", "message": "some-big-stacktrace" } + * </pre> + */ + private String buildJsonResponse(Throwable t) { + StringWriter sw = new StringWriter(); + PrintWriter pw = new PrintWriter(sw); + t.printStackTrace(pw); + return buildJsonResponse(false, sw.toString()); + } + + @Override + public String getUserId(HttpServletRequest request) throws PortalAPIException { + return portalRestApiServiceImpl.getUserId(request); + } + + public static IPortalRestAPIService getPortalRestApiServiceImpl() { + return portalRestApiServiceImpl; + } + + public static void setPortalRestApiServiceImpl(IPortalRestAPIService portalRestApiServiceImpl) { + PortalRestAPIProxy.portalRestApiServiceImpl = portalRestApiServiceImpl; + } + +} |