diff options
Diffstat (limited to 'ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi')
15 files changed, 2138 insertions, 0 deletions
diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/CipherUtil.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/CipherUtil.java new file mode 100644 index 00000000..d355e102 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/CipherUtil.java @@ -0,0 +1,125 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; + +import org.apache.commons.codec.binary.Base64; + +public class CipherUtil { + + private final static String key = "AGLDdG4D04BKm2IxIWEr8o==!"; + + /** + * @param plainText + * @param secretKey + * @return encrypted version of plain text. + * @throws Exception + */ + public static String encrypt(String plainText, String secretKey) throws Exception{ + byte[] rawKey; + String encryptedString; + SecretKeySpec sKeySpec; + byte[] encryptText = plainText.getBytes("UTF-8"); + Cipher cipher; + rawKey = Base64.decodeBase64(secretKey); + sKeySpec = new SecretKeySpec(rawKey, "AES"); + cipher = Cipher.getInstance("AES"); + cipher.init(Cipher.ENCRYPT_MODE, sKeySpec); + encryptedString = Base64.encodeBase64String(cipher.doFinal(encryptText)); + + return encryptedString; + } + + /** + * + * @param plainText + * @return Encrypted Text + * @throws Exception + */ + public static String encrypt(String plainText) throws Exception + { + return CipherUtil.encrypt(plainText,key); + } + + /** + * @param encryptedText + * @param secretKey + * @return plain text version of encrypted text + * @throws Exception + */ + public static String decrypt(String encryptedText, String secretKey) throws Exception { + Cipher cipher; + String encryptedString; + byte[] encryptText = null; + byte[] rawKey; + SecretKeySpec sKeySpec; + + rawKey = Base64.decodeBase64(secretKey); + sKeySpec = new SecretKeySpec(rawKey, "AES"); + encryptText = Base64.decodeBase64(encryptedText.getBytes("UTF-8")); + cipher = Cipher.getInstance("AES"); + cipher.init(Cipher.DECRYPT_MODE, sKeySpec); + encryptedString = new String(cipher.doFinal(encryptText)); + + return encryptedString; + } + + /** + * @param encryptedText + * @return Decrypted Text + * @throws Exception + */ + public static String decrypt(String encryptedText) throws Exception + { + return CipherUtil.decrypt(encryptedText,key); + } + + + public static void main(String[] args) throws Exception { + + String password = "Welcome123"; + String encrypted; + String decrypted; + + if (args.length != 2) { + System.out.println("Default password testing... "); + System.out.println("Plain password: " + password); + encrypted = encrypt(password); + System.out.println("Encrypted password: " + encrypted); + decrypted = decrypt(encrypted); + System.out.println("Decrypted password: " + decrypted); + } else { + String whatToDo = args[0]; + if (whatToDo.equalsIgnoreCase("d")) { + encrypted = args[1]; + System.out.println("Encrypted Text: " + encrypted); + decrypted = decrypt(encrypted); + System.out.println("Decrypted Text: " + decrypted); + } else { + decrypted = args[1]; + System.out.println("Plain Text: " + decrypted); + encrypted = encrypt(decrypted); + System.out.println("Encrypted Text" + encrypted); + } + } + } +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/ECOMPSSO.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/ECOMPSSO.java new file mode 100644 index 00000000..8fc2ec5b --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/ECOMPSSO.java @@ -0,0 +1,238 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.UnsupportedEncodingException; +import java.net.URLEncoder; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + + +/** + * Provides authentication service for onboarded ECOMP applications. + */ +public class ECOMPSSO { + + private static final String EP_SERVICE = "EPService"; + private static final String USER_ID = "UserId"; + + private static final Log logger = LogFactory.getLog(ECOMPSSO.class); + + + public static String valdiateECOMPSSO(HttpServletRequest request) { + // Check ECOMP Portal cookie + if (!isLoginCookieExist(request)) + return null; + + String userid = null; + try { + userid = getUserIdFromCookie(request); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return userid; + } + + public static String getUserIdFromCookie(HttpServletRequest request) throws Exception { + String userId = ""; + Cookie[] cookies = request.getCookies(); + Cookie userIdcookie = null; + if (cookies != null) + for (Cookie cookie : cookies) + if (cookie.getName().equals(USER_ID)) + userIdcookie = cookie; + if(userIdcookie!=null){ + userId = CipherUtil.decrypt(userIdcookie.getValue(), + PortalApiProperties.getProperty(PortalApiConstants.Decryption_Key)); + } + return userId; + + } + + /** + * Builds a redirect URL from properties file and the specified relative + * path in this app. The intent is to take the user to the portal, which + * will redirect the user to Global Log On, and finally the user will be + * returned to the app. + * + * @param request + * HttpServletRequest + * @param response + * HttpServletResponse + * @param forwardPath + * portion of the application path after the protocol, server and + * context path plus any query parameters; e.g., "welcome.html"; + * empty string is allowed. + * @return URL that redirects user to ECOMP Portal for login. + */ + public static String getECOMPSSORedirectURL(HttpServletRequest request, HttpServletResponse response, + String forwardPath) { + // Construct a path for this server, this app's context, etc. + String appURL = (request.isSecure() ? "https://" : "http://") + request.getServerName() + ":" + + request.getServerPort() + request.getContextPath() + "/" + forwardPath; + String encodedAppURL = null; + try { + encodedAppURL = URLEncoder.encode(appURL, "UTF-8"); + } catch (UnsupportedEncodingException ex) { + // should never happen + logger.error("getECOMPSSORedirectURL: Failed to encode app URL " + appURL); + } + String portalURL = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REDIRECT_URL); + if (portalURL == null || portalURL.length() == 0) { + logger.error("getECOMPSSORedirectURL: Failed to get property " + PortalApiConstants.ECOMP_REDIRECT_URL); + return null; + } + String redirectURL = portalURL + "?redirectUrl=" + encodedAppURL; + return redirectURL; + } + + /** + * Answers whether the ECOMP Portal service cookie is present in the + * specified request. + * + * @param request + * @return true if the cookie is found, else false. + */ + private static boolean isLoginCookieExist(HttpServletRequest request) { + Cookie ep = getCookie(request, EP_SERVICE); + return (ep != null); + } + + /** + * Searches the request for a cookie with the specified name. + * + * @param request + * @param cookieName + * @return Cookie, or null if not found. + */ + public static Cookie getCookie(HttpServletRequest request, String cookieName) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) + for (Cookie cookie : cookies) + if (cookie.getName().equals(cookieName)) + return cookie; + + return null; + } + + /** + * Splits a string into an array. + * + * @param str + * @param delimiter + * @return + */ + private static String[] delimitedListToStringArray(String str, String delimiter) { + return delimitedListToStringArray(str, delimiter, null); + } + + /** + * Splits a string into an array, optionally deleting characters. + * + * @param str + * String to be split + * @param delimiter + * Token to use as the delimiter + * @param charsToDelete + * Optional String of characters to be removed; ignored if null + * @return String array; empty if the input is null or delimiter are null. + */ + private static String[] delimitedListToStringArray(String str, String delimiter, String charsToDelete) { + if (str == null) + return new String[0]; + if (delimiter == null) + return new String[] { str }; + + List<String> result = new ArrayList<String>(); + if ("".equals(delimiter)) { + for (int i = 0; i < str.length(); i++) { + result.add(deleteAny(str.substring(i, i + 1), charsToDelete)); + } + } else { + int pos = 0; + int delPos = 0; + while ((delPos = str.indexOf(delimiter, pos)) != -1) { + result.add(deleteAny(str.substring(pos, delPos), charsToDelete)); + pos = delPos + delimiter.length(); + } + if (str.length() > 0 && pos <= str.length()) { + // Add rest of String, but not in case of empty input. + result.add(deleteAny(str.substring(pos), charsToDelete)); + } + } + return toStringArray(result); + } + + /** + * Convenience method that creates a string array from the items in the + * collection. + * + * @param collection + * @return + */ + private static String[] toStringArray(Collection<String> collection) { + if (collection == null) + return null; + return (String[]) collection.toArray(new String[collection.size()]); + } + + /** + * Builds a new string that has none of the characters in the charsToDelete + * argument. + * + * @param inString + * @param charsToDelete + * @return Input string after removing all characters in the second + * argument. + */ + private static String deleteAny(String inString, String charsToDelete) { + if (!hasLength(inString) || !hasLength(charsToDelete)) { + return inString; + } + StringBuffer out = new StringBuffer(); + for (int i = 0; i < inString.length(); i++) { + char c = inString.charAt(i); + if (charsToDelete.indexOf(c) == -1) { + out.append(c); + } + } + return out.toString(); + } + + /** + * + * @param str + * @return + */ + private static boolean hasLength(String str) { + return (str != null && str.length() > 0); + } + + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalRestAPIService.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalRestAPIService.java new file mode 100644 index 00000000..25a8aeff --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalRestAPIService.java @@ -0,0 +1,133 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import org.openecomp.portalsdk.core.restful.domain.EcompRole; +import org.openecomp.portalsdk.core.restful.domain.EcompUser; + +/** + * Defines the REST API Interface that an onboarding non-SDK (i.e., third-party) + * application must implement to answer queries and accept updates from the + * ECOMP Portal about the application's users, roles and user-role assignments. + * + * @author Ikram Ikramullah + */ +public interface IPortalRestAPIService { + + // EcompUser Interface + + /** + * Creates a new user. + * + * @param user + * Model object with attributes of user to be created. + * @throws PortalAPIException + * If any error occurs while processing the request; for + * example, user exists already. + */ + public void pushUser(EcompUser user) throws PortalAPIException; + + /** + * Updates an existing user's attributes. + * + * @param loginId + * EcompUser ID to be updated. + * @param user + * Model object with attributes of user to be updated. + * @throws PortalAPIException + * If any error occurs while processing the request; for + * example, unknown user. + */ + public void editUser(String loginId, EcompUser user) throws PortalAPIException; + + /** + * Gets details about an existing user. + * + * @param loginId + * EcompUser ID to be fetched + * @return Model object with user attributes. + * @throws PortalAPIException + * If any error occurs while processing the request; for + * example, unknown user. + */ + public EcompUser getUser(String loginId) throws PortalAPIException; + + /** + * Gets all users. + * + * @return List of user attribute model objects; empty array if none are + * found. + * @throws PortalAPIException + * If any error occurs while processing the request. + */ + public List<EcompUser> getUsers() throws PortalAPIException; + + // Roles Interface + + /** + * Gets all defined roles. + * + * @return List of role attribute objects; empty array if none are + * found. + * @throws PortalAPIException + * If an unexpected error occurs while processing the request. + */ + public List<EcompRole> getAvailableRoles() throws PortalAPIException; + + /** + * Replaces existing user roles with new roles. + * + * @param loginId + * EcompUser ID to be updated. + * @param roles + * List of model objects with role attributes + * @throws PortalAPIException + * If any error occurs while processing the request. + */ + public void pushUserRole(String loginId, List<EcompRole> roles) throws PortalAPIException; + + /** + * Gets the roles defined for the specified user. + * + * @param loginId + * @return List of model objects; empty if no roles are found. + * @throws PortalAPIException + * If any error occurs while processing the request; e.g., user + * not found. + */ + public List<EcompRole> getUserRoles(String loginId) throws PortalAPIException; + + // Security Interface + + /** + * Answers whether the request is authenticated. + * + * @param request + * @return true if the request contains appropriate credentials, else false. + * @throws PortalAPIException + * If an unexpected error occurs while processing the request. + */ + public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException; + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalUebAPIService.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalUebAPIService.java new file mode 100644 index 00000000..0b55a965 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/IPortalUebAPIService.java @@ -0,0 +1,46 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + + +/** + * + * @author Ikram Ikramullah + * + * UEB API Interface for all the onboarding third party applications. + * + */ + +public interface IPortalUebAPIService { + //User Interface + public String pushUser(String userJson) throws PortalAPIException; + public String editUser(String loginId, String userJson) throws PortalAPIException; + public String getUser(String loginId) throws PortalAPIException; + public String getUsers() throws PortalAPIException; + + //Roles Interface + public String getAvailableRoles() throws PortalAPIException; + public String getAvailableFullRoles() throws PortalAPIException; + public String pushUserRole(String loginId, String rolesJson) throws PortalAPIException; + public String getUserRoles(String loginId) throws PortalAPIException; + + //Security Interface + public boolean isAppAuthenticated(String appUserName, String appPassword) throws PortalAPIException; +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIException.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIException.java new file mode 100644 index 00000000..8a4c9e4e --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIException.java @@ -0,0 +1,49 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +/** + * @author Ikram Ikramullah + */ +public class PortalAPIException extends Exception{ + + private static final long serialVersionUID = 4854048794984375707L; + + public PortalAPIException() { + super(); + } + + public PortalAPIException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) { + super(message, cause, enableSuppression, writableStackTrace); + } + + public PortalAPIException(String message, Throwable cause) { + super(message, cause); + } + + public PortalAPIException(String message) { + super(message); + } + + public PortalAPIException(Throwable cause) { + super(cause); + } + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIResponse.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIResponse.java new file mode 100644 index 00000000..f8d73acc --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalAPIResponse.java @@ -0,0 +1,58 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +/** + * This bean holds a response that is returned by the role and user-management + * REST API. + */ +public class PortalAPIResponse { + + /** + * Either "ok" or "error" + */ + private String status; + /** + * Optional if status is ok + */ + private String message; + + public PortalAPIResponse(boolean isOk, String msg) { + status = (isOk? "ok" : "error"); + message = msg; + } + + public String getStatus() { + return status; + } + + public void setStatus(String status) { + this.status = status; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiConstants.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiConstants.java new file mode 100644 index 00000000..667ad289 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiConstants.java @@ -0,0 +1,62 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +public interface PortalApiConstants { + public static final String API_PREFIX = "/api"; + public static final String PORTAL_JSESSION_ID = "PORTAL_JSESSION_ID"; + public static final String PORTAL_JSESSION_BIND = "PORTAL_JSESSION_BIND"; + public static final String ACTIVE_USERS_NAME = "activeUsers"; + + /** Portal service cookie name */ + public static final String EP_SERVICE = "EPService"; + + public static final String GLOBAL_SESSION_MAX_IDLE_TIME = "global_session_max_idle_time"; + public static final String PORTAL_SESSION_SLOT_CHECK = "portal_session_slot_check"; + public static final String SESSION_PREVIOUS_ACCESS_TIME = "session_previous_access_time"; + public static final String MAX_IDLE_TIME = "max.idle.time"; + + // Names of keys in the portal.properties file + public static final String PORTAL_API_IMPL_CLASS = "portal.api.impl.class"; + public static final String ECOMP_REDIRECT_URL = "ecomp_redirect_url"; + public static final String ECOMP_REST_URL = "ecomp_rest_url"; + + // UEB related + public static final String UEB_URL_LIST = "ueb_url_list"; // In properties file + public static final String ECOMP_PORTAL_INBOX_NAME = "ecomp_portal_inbox_name"; + public static final String ECOMP_DEFAULT_MSG_ID = "0"; + public static final String ECOMP_GENERAL_UEB_PARTITION = "EPGeneralPartition"; + public static final String UEB_LISTENERS_ENABLE = "ueb_listeners_enable"; + public static final String UEB_APP_INBOUND_MAILBOX_NAME = "ueb_app_mailbox_name"; + public static final String UEB_APP_CONSUMER_GROUP_NAME = "ueb_app_consumer_group_name"; + // UebManager generates a consumer group name for special token {UUID} + public static final String UEB_APP_CONSUMER_GROUP_NAME_GENERATOR = "{UUID}"; + public static final String UEB_APP_KEY = "ueb_app_key"; + public static final String UEB_APP_SECRET = "ueb_app_secret"; + public static final String ECOMP_UEB_INVALID_MSG = "100: Invalid Message format."; + public static final String ECOMP_UEB_TIMEOUT_ERROR = "101: Timeout"; + public static final String ECOMP_UEB_UNKNOWN_PUBLISH_ERROR = "102: Unknown error during publish"; + public static final String ECOMP_UEB_UNKNOWN_CONSUME_ERROR = "103: Unknown error during consume"; + public static final String USE_REST_FOR_FUNCTIONAL_MENU = "use_rest_for_functional_menu"; + + //encrpt key + public static final String Decryption_Key = "decryption_key"; + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiProperties.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiProperties.java new file mode 100644 index 00000000..b9853a9a --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalApiProperties.java @@ -0,0 +1,98 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Singleton Class representing portal properties. Searches the classpath for + * the file "portal.properties". + * + * To put the file "portal.properties" on the classpath, it can be in the same + * directory where the first package folder is - 'myClasses' folder in the + * following case as an example: + * + */ +public class PortalApiProperties { + + private static final Log logger = LogFactory.getLog(PortalApiProperties.class); + + private static Properties properties; + private static String propertyFileName = "portal.properties"; + + /** + * Constructor is private. + */ + private PortalApiProperties() { + } + + /** + * Gets the property value for the specified key. + * + * @param property + * @return Value for the named property; null if the property file was not + * loaded or the key was not found. + */ + public static String getProperty(String property) { + if (properties == null) { + synchronized (propertyFileName) { + try { + if (!initialize()) { + logger.error("Failed to read property file " + propertyFileName); + return null; + } + } catch (IOException e) { + logger.error("Failed to read property file " + propertyFileName, e); + return null; + } + } + } + return properties.getProperty(property); + } + + /** + * Reads properties from a portal.properties file on the classpath. + * + * Clients DO NOT need to call this method. Clients MAY call this method to + * test whether the properties file can be loaded successfully. + * + * @return True if properties were successfully loaded, else false. + * @throws IOException + */ + public static boolean initialize() throws IOException { + if (properties != null) + return true; + InputStream in = PortalApiProperties.class.getClassLoader().getResourceAsStream(propertyFileName); + if (in == null) + return false; + properties = new Properties(); + try { + properties.load(in); + } finally { + in.close(); + } + return true; + } +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java new file mode 100644 index 00000000..3012d1c7 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalRestAPIProxy.java @@ -0,0 +1,498 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.BufferedReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.util.List; + +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.openecomp.portalsdk.core.restful.domain.EcompRole; +import org.openecomp.portalsdk.core.restful.domain.EcompUser; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.ObjectMapper; + +/** + * This servlet responds to ECOMP Portal API calls to query and update user, + * role and user-role information. It registers itself at a path like "/api" + * (see {@link PortalApiConstants#API_PREFIX}) and proxies all requests on to a + * class that implements {@link IPortalRestAPIService}, as named in the required + * properties file ("portal.properties"). The servlet will not start if the + * properties file is not found. + * + * Implements the interface solely to ensure that changes to the interface are + * made here also, the compiler helps catch problems that way. + * + * @author Ikram Ikramullah + */ + +@WebServlet(urlPatterns = { PortalApiConstants.API_PREFIX + "/*" }) +public class PortalRestAPIProxy extends HttpServlet implements IPortalRestAPIService { + private static final long serialVersionUID = 1L; + + private final Log logger = LogFactory.getLog(getClass()); + + /** + * JSON to object etc. + */ + private final ObjectMapper mapper = new ObjectMapper(); + + /** + * Client-supplied class that implements our interface. + */ + private IPortalRestAPIService portalRestApiService; + + public PortalRestAPIProxy() { + // Ensure that any additional fields sent by the Portal + // will be ignored when creating objects. + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + } + + @Override + public void init() throws ServletException { + String className = PortalApiProperties.getProperty(PortalApiConstants.PORTAL_API_IMPL_CLASS); + if (className == null) + throw new ServletException( + "init: Failed to find class name property " + PortalApiConstants.PORTAL_API_IMPL_CLASS); + try { + logger.debug("init: creating instance of class " + className); + Class<?> implClass = Class.forName(className); + portalRestApiService = (IPortalRestAPIService) (implClass.getConstructor().newInstance()); + } catch (Exception ex) { + throw new ServletException("init: Failed to find or instantiate class " + className, ex); + } + } + + @Override + protected void doPost(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + if (portalRestApiService == null) { + // Should never happen due to checks in init() + logger.error("doPost: no service class instance"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.getWriter().write(buildJsonResponse(false, "Misconfigured - no instance of service class")); + return; + } + boolean secure = false; + try { + secure = isAppAuthenticated(request); + } catch (PortalAPIException ex) { + logger.error("doPost: isAppAuthenticated threw exception", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + response.getWriter().write(buildJsonResponse(false, "Failed to authenticate request")); + return; + } + if (!secure) { + if (logger.isDebugEnabled()) + logger.debug("doPost: isAppAuthenticated answered false"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + writeAndFlush(response, buildJsonResponse(false, "Not authorized")); + return; + } + + String requestUri = request.getRequestURI(); + try { + String requestBody = readRequestBody(request); + if (logger.isDebugEnabled()) + logger.debug("doPost: URI = " + requestUri + ", payload = " + requestBody); + + /* + * All APIs: + * + * 1. /user <-- save user + * + * 2. /user/{loginId} <-- edit user + * + * 3. /user/{loginId}/roles <-- save roles for user + */ + + // On success return the empty string. + String responseJson = ""; + if (requestUri.endsWith("/updateSessionTimeOuts")) { + if (updateSessionTimeOuts(requestBody)) { + if (logger.isDebugEnabled()) + logger.debug("doPost: updated session timeouts"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to update session time outs"; + logger.error("doPost: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else if (requestUri.endsWith("/timeoutSession")) { + String portalJSessionId = request.getParameter("portalJSessionId"); + if (portalJSessionId == null) { + portalJSessionId = ""; + } + if (timeoutSession(portalJSessionId)) { + if (logger.isDebugEnabled()) + logger.debug("doPost: timed out session"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to timeout session"; + logger.error("doPost: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else + // Example: /user <-- create user + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/user")) { + try { + EcompUser user = mapper.readValue(requestBody, EcompUser.class); + pushUser(user); + if (logger.isDebugEnabled()) + logger.debug("doPost: pushUser: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: pushUser: caught exception", ex); + } + } else + // Example: /user/fi241c <-- edit user fi241c + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && !(requestUri.endsWith("/roles"))) { + String loginId = requestUri.substring(requestUri.lastIndexOf('/') + 1); + try { + EcompUser user = mapper.readValue(requestBody, EcompUser.class); + editUser(loginId, user); + if (logger.isDebugEnabled()) + logger.debug("doPost: editUser: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: editUser: caught exception", ex); + } + } else + // Example: /user/{loginId}/roles <-- save roles for user + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.indexOf("/user/") + ("/user").length() + 1, + requestUri.lastIndexOf('/')); + try { + TypeReference<List<EcompRole>> typeRef = new TypeReference<List<EcompRole>>() { + }; + List<EcompRole> roles = mapper.readValue(requestBody, typeRef); + pushUserRole(loginId, roles); + if (logger.isDebugEnabled()) + logger.debug("doPost: pushUserRole: success"); + responseJson = buildJsonResponse(true, null); + response.setStatus(HttpServletResponse.SC_OK); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doPost: pushUserRole: caught exception", ex); + } + } else { + logger.warn("doPost: no match for request " + requestUri); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + } + writeAndFlush(response, responseJson); + } catch (Exception ex) { + logger.error("doPost: Failed to process request " + requestUri, ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, ex.toString()); + } + + } + + @Override + protected void doGet(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + if (portalRestApiService == null) { + // Should never happen due to checks in init() + logger.error("doGet: no service class instance"); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, buildJsonResponse(false, "Misconfigured - no instance of service class")); + return; + } + boolean secure = false; + try { + secure = isAppAuthenticated(request); + } catch (PortalAPIException ex) { + logger.error("doGet: isAppAuthenticated threw exception", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, buildJsonResponse(false, "Failed to authenticate request")); + return; + } + if (!secure) { + if (logger.isDebugEnabled()) + logger.debug("doGet: isAppAuthenticated answered false"); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + writeAndFlush(response, buildJsonResponse(false, "Not authorized")); + return; + } + + String requestUri = request.getRequestURI(); + try { + // Ignore any request body in a GET. + // String requestBody = readRequestBody(request); + if (logger.isDebugEnabled()) + logger.debug("doGet: URI = " + requestUri); + + String responseJson = ""; + /* + * 1. /roles <-- get roles + * + * 2. /user/{loginId} <-- get user + * + * 3. /users <-- get all users + * + * 4. /user/{loginId}/roles <-- get roles for user + */ + + if (requestUri.endsWith("/sessionTimeOuts")) { + responseJson = getSessionTimeOuts(); + if (responseJson != null && responseJson.length() > 0) { + if (logger.isDebugEnabled()) + logger.debug("doGet: got session timeouts"); + response.setStatus(HttpServletResponse.SC_OK); + } else { + String msg = "Failed to get session time outs"; + logger.error("doGet: " + msg); + responseJson = buildJsonResponse(false, msg); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else + // Example: /users <-- get all users + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/users")) { + try { + List<EcompUser> users = getUsers(); + responseJson = mapper.writeValueAsString(users); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUsers: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUsers: caught exception", ex); + } + } else + // Example: /roles <-- get all roles + if (requestUri.endsWith(PortalApiConstants.API_PREFIX + "/roles")) { + try { + List<EcompRole> roles = getAvailableRoles(); + responseJson = mapper.writeValueAsString(roles); + if (logger.isDebugEnabled()) + logger.debug("doGet: getAvailableRoles: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getAvailableRoles: caught exception", ex); + } + } else + // Example: /user/fi241c <-- get user fi241c + if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && !requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.lastIndexOf('/') + 1); + try { + EcompUser user = getUser(loginId); + responseJson = mapper.writeValueAsString(user); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUser: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUser: caught exception", ex); + } + } + // Example: /user/fi241c/roles <-- get roles for user fi241c + else if (requestUri.contains(PortalApiConstants.API_PREFIX + "/user/") && requestUri.endsWith("/roles")) { + String loginId = requestUri.substring(requestUri.indexOf("/user/") + ("/user").length() + 1, + requestUri.lastIndexOf('/')); + try { + List<EcompRole> roles = getUserRoles(loginId); + responseJson = mapper.writeValueAsString(roles); + if (logger.isDebugEnabled()) + logger.debug("doGet: getUserRoles: " + responseJson); + } catch (Exception ex) { + responseJson = buildJsonResponse(ex); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + logger.error("doGet: getUserRoles: caught exception", ex); + } + } else { + logger.warn("doGet: no match found for request"); + responseJson = buildJsonResponse(false, "No match for request"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + } + writeAndFlush(response, responseJson); + } catch (Exception ex) { + logger.error("doGet: Failed to process request", ex); + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + writeAndFlush(response, buildJsonResponse(ex)); + } + } + + public String getSessionTimeOuts() throws Exception { + return PortalTimeoutHandler.gatherSessionExtensions(); + } + + public boolean timeoutSession(String portalJSessionId) throws Exception { + return PortalTimeoutHandler.invalidateSession(portalJSessionId); + } + + public boolean updateSessionTimeOuts(String sessionMap) throws Exception { + return PortalTimeoutHandler.updateSessionExtensions(sessionMap); + } + + @Override + public void pushUser(EcompUser user) throws PortalAPIException { + portalRestApiService.pushUser(user); + } + + @Override + public void editUser(String loginId, EcompUser user) throws PortalAPIException { + portalRestApiService.editUser(loginId, user); + } + + @Override + public EcompUser getUser(String loginId) throws PortalAPIException { + return portalRestApiService.getUser(loginId); + } + + @Override + public List<EcompUser> getUsers() throws PortalAPIException { + return portalRestApiService.getUsers(); + } + + @Override + public List<EcompRole> getAvailableRoles() throws PortalAPIException { + return portalRestApiService.getAvailableRoles(); + } + + @Override + public void pushUserRole(String loginId, List<EcompRole> roles) throws PortalAPIException { + portalRestApiService.pushUserRole(loginId, roles); + } + + @Override + public List<EcompRole> getUserRoles(String loginId) throws PortalAPIException { + return portalRestApiService.getUserRoles(loginId); + } + + @Override + public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException { + return portalRestApiService.isAppAuthenticated(request); + } + + private void writeAndFlush(HttpServletResponse response, String jsonResponse) throws IOException { + response.setContentType("application/json"); + PrintWriter out = response.getWriter(); + out.print(jsonResponse); + out.flush(); + } + + /** + * Reads the request body and closes the input stream. + * + * @param request + * @return String read from the request, the empty string if nothing is + * read. + * @throws IOException + */ + private static String readRequestBody(HttpServletRequest request) throws IOException { + + String body = null; + StringBuilder stringBuilder = new StringBuilder(); + BufferedReader bufferedReader = null; + try { + InputStream inputStream = request.getInputStream(); + if (inputStream != null) { + bufferedReader = new BufferedReader(new InputStreamReader(inputStream)); + char[] charBuffer = new char[1024]; + int bytesRead = -1; + while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { + stringBuilder.append(charBuffer, 0, bytesRead); + } + } else { + stringBuilder.append(""); + } + } finally { + if (bufferedReader != null) { + try { + bufferedReader.close(); + } catch (IOException ex) { + throw ex; + } + } + } + body = stringBuilder.toString(); + return body; + } + + /** + * Builds JSON object with status + message response body. + * + * @param success + * True to indicate success, false to signal failure. + * @param msg + * Message to include in the response object; ignored if null. + * @return + * + * <pre> + * { "status" : "ok" (or "error"), "message": "some explanation" } + * </pre> + */ + private String buildJsonResponse(boolean success, String msg) { + PortalAPIResponse response = new PortalAPIResponse(success, msg); + String json = null; + try { + json = mapper.writeValueAsString(response); + } catch (JsonProcessingException ex) { + // Truly should never, ever happen + json = "{ \"status\": \"error\",\"message\":\"" + ex.toString() + "\" }"; + } + return json; + } + + /** + * Builds JSON object with status of error and message containing stack + * trace for the specified throwable. + * + * @param t + * Throwable with stack trace to use as message + * @return + * + * <pre> + * { "status" : "error", "message": "some-big-stacktrace" } + * </pre> + */ + private String buildJsonResponse(Throwable t) { + StringWriter sw = new StringWriter(); + PrintWriter pw = new PrintWriter(sw); + t.printStackTrace(pw); + return buildJsonResponse(false, sw.toString()); + } +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutBindingListener.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutBindingListener.java new file mode 100644 index 00000000..906b7e88 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutBindingListener.java @@ -0,0 +1,52 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.Serializable; + +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionBindingEvent; +import javax.servlet.http.HttpSessionBindingListener; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class PortalTimeoutBindingListener implements HttpSessionBindingListener, Serializable { + + private final Log logger = LogFactory.getLog(getClass()); + + private static final long serialVersionUID = 1L; + + @Override + public void valueBound(HttpSessionBindingEvent event) { + final HttpSession session = event.getSession(); + PortalTimeoutHandler.sessionMap.put((String) session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID), + session); + } + + @Override + public void valueUnbound(HttpSessionBindingEvent event) { + final HttpSession session = event.getSession(); + String portalJSessionId = (String) session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID); + logger.debug(portalJSessionId + " getting removed"); + PortalTimeoutHandler.sessionMap.remove(portalJSessionId); + } + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutHandler.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutHandler.java new file mode 100644 index 00000000..09166794 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutHandler.java @@ -0,0 +1,419 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.util.Calendar; +import java.util.Hashtable; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.ObjectMapper; + +/** + * Invoked by listeners (UserContextListener and UserSessionListener) to track + * user sessions. + */ +public class PortalTimeoutHandler { + + protected static final SessionCommInf sessionComm = new SessionComm(); + + + + public interface SessionCommInf { + public Integer fetchSessionSlotCheckInterval(String... params) throws Exception; + + public void extendSessionTimeOuts(String... sessionMap) throws Exception; + } + + public static class SessionComm implements SessionCommInf { + public Integer fetchSessionSlotCheckInterval(String... params) throws Exception { + + String ecompRestURL = params[0]; + String userName = params[1]; + String pwd = params[2]; + String uebKey = params[3]; + + String sessionSlot = SessionCommunication.getSessionSlotCheckInterval(ecompRestURL, userName, pwd, uebKey); + if(sessionSlot == null) + return null; + return Integer.parseInt(sessionSlot); + } + + public void extendSessionTimeOuts(String... params) throws Exception { + + String ecompRestURL = params[0]; + String userName = params[1]; + String pwd = params[2]; + String uebKey = params[3]; + String sessionTimeoutMap = params[4]; + + SessionCommunication.requestPortalSessionTimeoutExtension(ecompRestURL, userName, pwd, uebKey, sessionTimeoutMap); + } + } + + + + public static final Map<String, HttpSession> sessionMap = new Hashtable<String, HttpSession>(); + public static final Integer repeatInterval = 15 * 60; // 15 minutes + protected static final Log logger = LogFactory.getLog(PortalTimeoutHandler.class); + static ObjectMapper mapper = new ObjectMapper(); + private static PortalTimeoutHandler timeoutHandler; + + public static PortalTimeoutHandler getInstance() { + if (timeoutHandler == null) + timeoutHandler = new PortalTimeoutHandler(); + + return timeoutHandler; + } + + /** + * TODO: remove static + * + * @param portalJSessionId + * @param jSessionId + * @param session + */ + public static void sessionCreated(String portalJSessionId, String jSessionId, HttpSession session) { + + storeMaxInactiveTime(session); + + // this key is a combination of portal jsession id and app session id + String jSessionKey = jSessionKey(jSessionId, portalJSessionId); + Object jSessionKeySessionVal = session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID); + + // do not reset the attributes if the same values have already been set + // because that will cause PortalTimeoutBindingListener to unbound the value from map + if(jSessionKeySessionVal != null && jSessionKeySessionVal.equals(jSessionKey)) { + logger.debug(" Session Values already exist in te map for sessionKey " + jSessionKey); + return; + } + + session.setAttribute(PortalApiConstants.PORTAL_JSESSION_ID, jSessionKey); + + // session binding listener will add this value to the static map + // and with session replication the listener will fire in all tomcat + // instances + session.setAttribute(PortalApiConstants.PORTAL_JSESSION_BIND, new PortalTimeoutBindingListener()); + // sessionMap.put((String)session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID), + // session); + + } + + /** + * TODO: remove static + * + * @param session + */ + protected static void storeMaxInactiveTime(HttpSession session) { + if (session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME) == null) + session.setAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME, session.getMaxInactiveInterval()); + } + + /** + * TODO: remove static + * + * @param session + */ + public static void sessionDestroyed(HttpSession session) { + try { + logger.info(" Session getting destroyed - id: " + session.getId()); + session.removeAttribute(PortalApiConstants.PORTAL_JSESSION_BIND); + // sessionMap.remove((String)session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID)); + } catch (Exception e) { + logger.error("Error while destroy user session" + e.getMessage()); + } + } + + /*** + * TODO: remove static + * + * @param portalJSessionId + * @return true on success, false if the session cannot be found, etc. + */ + public static boolean invalidateSession(String portalJSessionId) { + boolean result = false; + logger.debug("Session Management: request from Portal to invalidate the session: " + portalJSessionId); + for (String jSessionKey : sessionMap.keySet()) { + try { + HttpSession session = sessionMap.get(jSessionKey); + if (portalJSessionId(jSessionKey).equals(portalJSessionId)) { + session.invalidate(); + result = true; + } + } catch (Exception e) { + logger.error("Session Management: Error when invalidating session", e); + } + } + return result; + } + + /** + * TODO: remove static + * + * @return json version of the timeout map: session ID -> timeout object + */ + public static String gatherSessionExtensions() { + logger.debug("Session Management: gatherSessionExtensions"); + + Map<String, PortalTimeoutVO> sessionTimeoutMap = new Hashtable<String, PortalTimeoutVO>(); + String jsonMap = ""; + + for (String jSessionKey : sessionMap.keySet()) { + + try { + // get the expirytime in seconds + HttpSession session = sessionMap.get(jSessionKey); + + Long lastAccessedTimeMilliSec = session.getLastAccessedTime(); + Long maxIntervalMilliSec = session.getMaxInactiveInterval() * 1000L; + // Long currentTimeMilliSec = + // Calendar.getInstance().getTimeInMillis() ; + // (maxIntervalMilliSec - (currentTimeMilliSec - + // lastAccessedTimeMilliSec) + ; + Calendar instance = Calendar.getInstance(); + instance.setTimeInMillis(session.getLastAccessedTime()); + logger.debug("Session Management: Last Accessed time for " + jSessionKey + ": " + instance.getTime()); + + Long sessionTimOutMilliSec = maxIntervalMilliSec + lastAccessedTimeMilliSec; + + sessionTimeoutMap.put(portalJSessionId(jSessionKey), + getSingleSessionTimeoutObj(jSessionKey, sessionTimOutMilliSec)); + logger.debug("Session Management: putting session in map " + jSessionKey + " sessionTimoutSec" + + (int) (sessionTimOutMilliSec / 1000)); + + jsonMap = mapper.writeValueAsString(sessionTimeoutMap); + + } catch (Exception e) { + logger.error("Session Management: Error during JsonSessionTimout conversion", e); + } + + } + + return jsonMap; + + } + + /** + * TODO: remove static + * + * @param sessionTimeoutMapStr + * @return true on success, false otherwise + * @throws Exception + */ + public static boolean updateSessionExtensions(String sessionTimeoutMapStr) throws Exception { + logger.debug("Session Management: updateSessionExtensions"); + // Map<String,Object> sessionTimeoutMap = + // mapper.readValue(sessionTimeoutMapStr, Map.class); + Map<String, PortalTimeoutVO> sessionTimeoutMap = null; + + try { + TypeReference<Hashtable<String, PortalTimeoutVO>> typeRef = new TypeReference<Hashtable<String, PortalTimeoutVO>>() { + }; + sessionTimeoutMap = mapper.readValue(sessionTimeoutMapStr, typeRef); + } catch (Exception e) { + logger.error("Session Management:error when try to parse the sessionTimeoutMap from portal"); + return false; + } + + boolean result = true; + for (String jPortalSessionId : sessionTimeoutMap.keySet()) { + try { + PortalTimeoutVO extendedTimeoutVO = mapper.readValue( + mapper.writeValueAsString(sessionTimeoutMap.get(jPortalSessionId)), PortalTimeoutVO.class); + HttpSession session = sessionMap.get(jSessionKey(extendedTimeoutVO.getjSessionId(), jPortalSessionId)); + + if (session == null) { + continue; + } + + Long lastAccessedTimeMilliSec = session.getLastAccessedTime(); + Long maxIntervalMilliSec = session.getMaxInactiveInterval() * 1000L; + Long sessionTimOutMilliSec = maxIntervalMilliSec + lastAccessedTimeMilliSec; + + Long maxTimeoutTimeMilliSec = extendedTimeoutVO.getSessionTimOutMilliSec(); + if (maxTimeoutTimeMilliSec > sessionTimOutMilliSec) { + session.setMaxInactiveInterval((int) (maxTimeoutTimeMilliSec - lastAccessedTimeMilliSec) / 1000); + logger.debug("Session Management: extended session for :" + session.getId() + " to :" + + (int) (maxTimeoutTimeMilliSec / 1000)); + // System.out.println("!!!!!!!!!extended session for :" + + // session.getId() + " to :" + + // (int)(maxTimeoutTimeMilliSec/1000)); + } + } catch (Exception e) { + logger.error("Session Management: error while updating the sessionTimeout" + e.getMessage()); + // Signal a problem if any one of them fails + result = false; + } + + } + return result; + } + + /** + * TODO: Remove static + * + * @param request + * @param userName + * @param pwd + * @param ecompRestURL + * @param _sessionComm + */ + public static void handleSessionUpdatesNative(HttpServletRequest request, String userName, String pwd, String uebKey, + String ecompRestURL, SessionCommInf _sessionComm) { + + if (_sessionComm == null) { + _sessionComm = sessionComm; + } + try { + synchronizeSessionForLastMinuteRequests(request, ecompRestURL, userName, pwd, uebKey, _sessionComm); + } catch (Exception e) { + logger.error(e); + } + resetSessionMaxIdleTimeOut(request); + } + + /** + * TODO: remove Static + * + * @param request + * @param ecompRestURL + * @param userName + * @param pwd + * @param _sessionComm + * @throws JsonProcessingException + * @throws Exception + */ + public static void synchronizeSessionForLastMinuteRequests(HttpServletRequest request, String ecompRestURL, + String userName, String pwd, String uebKey, SessionCommInf _sessionComm) throws JsonProcessingException, Exception { + + HttpSession session = request.getSession(false); + if (session == null) + return; + + Object portalSessionSlotCheckObj = session.getServletContext() + .getAttribute(PortalApiConstants.PORTAL_SESSION_SLOT_CHECK); + Integer portalSessionSlotCheckinMilliSec = 5 * 60 * 1000; // (5 minutes) + if (portalSessionSlotCheckObj != null) { + portalSessionSlotCheckinMilliSec = Integer.valueOf(portalSessionSlotCheckObj.toString()); + } else { + portalSessionSlotCheckObj = _sessionComm + .fetchSessionSlotCheckInterval(new String[] { ecompRestURL, userName, pwd, uebKey }); + logger.debug("Fetching Portal Session Slot Object: " + portalSessionSlotCheckObj); + if (portalSessionSlotCheckObj != null) { + portalSessionSlotCheckinMilliSec = Integer.valueOf(portalSessionSlotCheckObj.toString()); + session.getServletContext().setAttribute(PortalApiConstants.PORTAL_SESSION_SLOT_CHECK, + portalSessionSlotCheckinMilliSec); + } + } + + Object previousToLastAccessTimeObj = session.getAttribute(PortalApiConstants.SESSION_PREVIOUS_ACCESS_TIME); + final long lastAccessedTimeMilliSec = session.getLastAccessedTime(); + if (previousToLastAccessTimeObj == null) { + previousToLastAccessTimeObj = lastAccessedTimeMilliSec; + session.setAttribute(PortalApiConstants.SESSION_PREVIOUS_ACCESS_TIME, previousToLastAccessTimeObj); + } else { + Long previousToLastAccessTime = (Long) previousToLastAccessTimeObj; + final int maxIntervalMilliSec = session.getMaxInactiveInterval() * 1000; + if (maxIntervalMilliSec + - (lastAccessedTimeMilliSec - previousToLastAccessTime) <= portalSessionSlotCheckinMilliSec) { + + String jSessionKey = (String) session.getAttribute(PortalApiConstants.PORTAL_JSESSION_ID); + Map<String, PortalTimeoutVO> sessionTimeoutMap = new Hashtable<String, PortalTimeoutVO>(); + Long sessionTimOutMilliSec = maxIntervalMilliSec + lastAccessedTimeMilliSec; + + sessionTimeoutMap.put(PortalTimeoutHandler.portalJSessionId(jSessionKey), + PortalTimeoutHandler.getSingleSessionTimeoutObj(jSessionKey, sessionTimOutMilliSec)); + String jsonMap = mapper.writeValueAsString(sessionTimeoutMap); + logger.debug("Extension requested for all the Apps and Portal; JessionKey: " + jSessionKey + + "; SessionMap: " + sessionTimeoutMap); + _sessionComm.extendSessionTimeOuts(new String[] { ecompRestURL, userName, pwd, uebKey, jsonMap }); + } + + } + } + + /** + * TODO: remove static + * + * @param request + */ + public static void resetSessionMaxIdleTimeOut(HttpServletRequest request) { + try { + HttpSession session = request.getSession(false); + if (session == null) + return; + + final Object maxIdleAttribute = session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME); + if (maxIdleAttribute != null) { + session.setMaxInactiveInterval(Integer.parseInt(maxIdleAttribute.toString())); + } + + } catch (Exception e) { + logger.error("Could not reset the session timeout", e); + } + + } + + /** + * + * @param jSessionKey + * @param sessionTimOutMilliSec + * @return + */ + private static PortalTimeoutVO getSingleSessionTimeoutObj(String jSessionKey, Long sessionTimOutMilliSec) { + return new PortalTimeoutVO(jSessionId(jSessionKey), sessionTimOutMilliSec); + } + + /** + * + * @param jSessionId + * @param portalJSessionId + * @return + */ + private static String jSessionKey(String jSessionId, String portalJSessionId) { + return portalJSessionId + "-" + jSessionId; + } + + /** + * + * @param jSessionKey + * @return + */ + private static String portalJSessionId(String jSessionKey) { + return jSessionKey.split("-")[0]; + } + + /** + * + * @param jSessionKey + * @return + */ + private static String jSessionId(String jSessionKey) { + return jSessionKey.split("-")[1]; + } + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutVO.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutVO.java new file mode 100644 index 00000000..af6eab8a --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/PortalTimeoutVO.java @@ -0,0 +1,63 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +public class PortalTimeoutVO implements Comparable<PortalTimeoutVO>{ + + private String jSessionId; + private Long sessionTimOutMilliSec; + + public PortalTimeoutVO(){ + + } + + public PortalTimeoutVO(String _jSessionId, Long _sessionTimOutMilliSec) { + setjSessionId(_jSessionId); + setSessionTimOutMilliSec(_sessionTimOutMilliSec); + + } + + public String getjSessionId() { + return jSessionId; + } + + public void setjSessionId(String jSessionId) { + this.jSessionId = jSessionId; + } + + public Long getSessionTimOutMilliSec() { + return sessionTimOutMilliSec; + } + + public void setSessionTimOutMilliSec(Long sessionTimOutMilliSec) { + this.sessionTimOutMilliSec = sessionTimOutMilliSec; + } + + @Override + public int compareTo(PortalTimeoutVO o) { + return sessionTimOutMilliSec.compareTo(o.sessionTimOutMilliSec); + } + + + + + + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/SessionCommunication.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/SessionCommunication.java new file mode 100644 index 00000000..44178570 --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/SessionCommunication.java @@ -0,0 +1,161 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.io.BufferedReader; +import java.io.InputStreamReader; +import java.net.HttpURLConnection; +import java.net.URL; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class SessionCommunication { + + protected static final Log logger = LogFactory.getLog(SessionCommunication.class); + + /** + * Calls the ECOMP Portal to retrieve the session slot check interval. + * + * @param ecompRestURL + * @param userName + * application user name used for authentication at Portal + * @param password + * application password used for authentication at Portal + * @param uebKey + * application UEB key (basically application ID) used for + * authentication at Portal + * @return Content read from the remote REST endpoint + */ + public static String getSessionSlotCheckInterval(String ecompRestURL, String userName, String password, + String uebKey) { + try { + String url = ecompRestURL + "/getSessionSlotCheckInterval"; + + URL obj = new URL(url); + + HttpURLConnection con = (HttpURLConnection) obj.openConnection(); + + // optional default is GET + con.setRequestMethod("GET"); + con.setConnectTimeout(3000); + con.setReadTimeout(8000); + // add request header + con.setRequestProperty("username", userName); + con.setRequestProperty("password", password); + con.setRequestProperty("uebkey", uebKey); + + int responseCode = con.getResponseCode(); + if (logger.isDebugEnabled()) { + logger.debug("getSessionSlotCheckInterval: Sending 'GET' request to URL : " + url); + logger.debug("getSessionSlotCheckInterval: Response Code : " + responseCode); + } + + StringBuffer response = new StringBuffer(); + + BufferedReader in = null; + try { + in = new BufferedReader(new InputStreamReader(con.getInputStream(), "UTF-8")); + String inputLine; + while ((inputLine = in.readLine()) != null) + response.append(inputLine); + } finally { + in.close(); + } + return response.toString(); + } catch (Exception e) { + logger.error("getSessionSlotCheckInterval: failed to fetch the session slot check", e); + return null; + } + + } + + /** + * Calls the ECOMP Portal to request an extension of the current session. + * + * @param ecompRestURL + * @param userName + * application user name used for authentication at Portal + * @param password + * application password used for authentication at Portal + * @param uebKey + * application UEB key (basically application ID) used for + * authentication at Portal + * @param sessionTimeoutMap + * @return Content read from the remote REST endpoint + * @throws Exception + */ + public static String requestPortalSessionTimeoutExtension(String ecompRestURL, String userName, String password, + String uebKey, String sessionTimeoutMap) throws Exception { + + try { + + String url = ecompRestURL + "/extendSessionTimeOuts"; + // String decreptedPwd = + // app.appPassword;//CipherUtil.decrypt(encriptedPwdDB, + // SystemProperties.getProperty(SystemProperties.SECRET_KEY)); + + URL obj = new URL(url); + + HttpURLConnection con = (HttpURLConnection) obj.openConnection(); + + con.setRequestMethod("POST"); + con.setConnectTimeout(3000); + con.setReadTimeout(15000); + + // add request header + con.setRequestProperty("username", userName); + con.setRequestProperty("password", password); + con.setRequestProperty("uebkey", uebKey); + con.setRequestProperty("sessionMap", sessionTimeoutMap); + con.setDoInput(true); + con.setDoOutput(true); + con.getOutputStream().write(sessionTimeoutMap.getBytes()); + con.getOutputStream().flush(); + con.getOutputStream().close(); + + // con.set + + int responseCode = con.getResponseCode(); + if (logger.isDebugEnabled()) { + logger.debug("requestPortalSessionTimeoutExtension: Sending 'GET' request to URL : " + url); + logger.debug("requestPortalSessionTimeoutExtension: Response Code : " + responseCode); + } + + StringBuffer response = new StringBuffer(); + BufferedReader in = null; + try { + in = new BufferedReader(new InputStreamReader(con.getInputStream())); + String inputLine; + while ((inputLine = in.readLine()) != null) { + response.append(inputLine); + } + } finally { + in.close(); + } + return response.toString(); + } catch (Exception e) { + logger.error("requestPortalSessionTimeoutExtension: failed to request Portal to extend time out ", e); + return null; + } + + } + +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserContextListener.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserContextListener.java new file mode 100644 index 00000000..ea346f1e --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserContextListener.java @@ -0,0 +1,52 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.util.HashMap; + +import javax.servlet.ServletContext; +import javax.servlet.ServletContextEvent; +import javax.servlet.ServletContextListener; +import javax.servlet.annotation.WebListener; +import javax.servlet.http.HttpSession; + +@WebListener +public class UserContextListener implements ServletContextListener{ + + public void contextInitialized(ServletContextEvent event){ + ServletContext context = event.getServletContext(); + // + // instanciate a map to store references to all the active + // sessions and bind it to context scope. + // + HashMap<String, HttpSession> activeUsers = new HashMap<String, HttpSession>(); + context.setAttribute(PortalApiConstants.ACTIVE_USERS_NAME, activeUsers); + } + + /** + * Needed for the ServletContextListener interface. + */ + public void contextDestroyed(ServletContextEvent event){ + // To overcome the problem with losing the session references + // during server restarts, put code here to serialize the + // activeUsers HashMap. Then put code in the contextInitialized + // method that reads and reloads it if it exists... + } +} diff --git a/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserSessionListener.java b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserSessionListener.java new file mode 100644 index 00000000..b468851d --- /dev/null +++ b/ecomp-sdk/thirdparty/src/main/java/org/openecomp/portalsdk/core/onboarding/crossapi/UserSessionListener.java @@ -0,0 +1,84 @@ +/*- + * ================================================================================ + * eCOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalsdk.core.onboarding.crossapi; + +import java.util.HashMap; +import java.util.Hashtable; +import java.util.Map; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletContext; +import javax.servlet.annotation.WebListener; +import javax.servlet.http.HttpSession; +import javax.servlet.http.HttpSessionEvent; +import javax.servlet.http.HttpSessionListener; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * Listens to session-create and session-destroy events. + */ +@WebListener +public class UserSessionListener implements HttpSessionListener { + + private Log logger = LogFactory.getLog(getClass()); + + public static Map<String, HttpSession> activeSessions = new Hashtable<String, HttpSession>(); + + public void init(ServletConfig config) { + } + + /** + * Adds sessions to the context-scoped HashMap when they begin. + */ + public void sessionCreated(HttpSessionEvent event) { + HttpSession session = event.getSession(); + ServletContext context = session.getServletContext(); + @SuppressWarnings("unchecked") + HashMap<String, HttpSession> activeUsers = (HashMap<String, HttpSession>) context + .getAttribute(PortalApiConstants.ACTIVE_USERS_NAME); + if (activeUsers != null) + activeUsers.put(session.getId(), session); + context.setAttribute(PortalApiConstants.ACTIVE_USERS_NAME, activeUsers); + activeSessions.put(session.getId(), session); + session.getServletContext().setAttribute(PortalApiConstants.MAX_IDLE_TIME, session.getMaxInactiveInterval()); + } + + /** + * Removes sessions from the context-scoped HashMap when they expire or are + * invalidated. + */ + public void sessionDestroyed(HttpSessionEvent event) { + try { + HttpSession session = event.getSession(); + ServletContext context = session.getServletContext(); + @SuppressWarnings("unchecked") + HashMap<String, HttpSession> activeUsers = (HashMap<String, HttpSession>) context + .getAttribute(PortalApiConstants.ACTIVE_USERS_NAME); + if (activeUsers != null) + activeUsers.remove(session.getId()); + activeSessions.remove(session.getId()); + PortalTimeoutHandler.sessionDestroyed(session); + } catch (Exception e) { + logger.warn(e.getMessage(), e); + } + } +} |