From 7f535078ef80a7b7efa3e3325bfccb994fbd00e8 Mon Sep 17 00:00:00 2001 From: "Christopher Lott (cl778h)" Date: Thu, 31 Aug 2017 15:16:38 -0400 Subject: Rename packages to org.onap in 1.4.0-SNAPSHOT 19 - remove openecomp 72 - remediate Sonar scan issues 79 - removed unwanted left menu under Report 90 - apply approved license text Issue: PORTAL-19, PORTAL-72, PORTAL-79, PORTAL-90 Change-Id: I41a0ef5fba623d2242574bd15f2d9fb8029a496c Signed-off-by: Christopher Lott (cl778h) --- .../core/interceptor/ResourceInterceptor.java | 170 --------------------- 1 file changed, 170 deletions(-) delete mode 100644 ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java (limited to 'ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java') diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java deleted file mode 100644 index 5a631198..00000000 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java +++ /dev/null @@ -1,170 +0,0 @@ -/*- - * ================================================================================ - * eCOMP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalsdk.core.interceptor; - -import java.net.HttpURLConnection; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.openecomp.portalsdk.core.controller.FusionBaseController; -import org.openecomp.portalsdk.core.domain.App; -import org.openecomp.portalsdk.core.exception.UrlAccessRestrictedException; -import org.openecomp.portalsdk.core.logging.format.AlarmSeverityEnum; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.objectcache.AbstractCacheManager; -import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; -import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; -import org.openecomp.portalsdk.core.service.DataAccessService; -import org.openecomp.portalsdk.core.service.LoginService; -import org.openecomp.portalsdk.core.service.UrlAccessService; -import org.openecomp.portalsdk.core.service.WebServiceCallService; -import org.openecomp.portalsdk.core.util.SystemProperties; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; - -public class ResourceInterceptor extends HandlerInterceptorAdapter { - public static final String APP_METADATA = "APP.METADATA"; - - EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ResourceInterceptor.class); - - @Autowired - private DataAccessService dataAccessService; - @Autowired - private LoginService loginService; - @Autowired - private WebServiceCallService webServiceCallService; - - private AbstractCacheManager cacheManager; - - @Autowired - UrlAccessService urlAccessService; - - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) - throws Exception { - String uri = request.getRequestURI(); - String url = uri.substring(uri.indexOf("/", 1) + 1); - logger.info(EELFLoggerDelegate.debugLogger, "Url - " + url); - logger.info(EELFLoggerDelegate.debugLogger, "lastIndexOf - " + uri.substring(uri.lastIndexOf("/") + 1)); - if (handler instanceof HandlerMethod) { - HandlerMethod method = (HandlerMethod) handler; - FusionBaseController controller = (FusionBaseController) method.getBean(); - if (!controller.isAccessible()) { - if (controller.isRESTfulCall()) { - // check user authentication for RESTful calls - String secretKey = null; - try { - if (!webServiceCallService.verifyRESTCredential(secretKey, request.getHeader("username"), - request.getHeader("password"))) { - logger.error(EELFLoggerDelegate.errorLogger, "Error accesing RESTful service. Un-authorized",AlarmSeverityEnum.MINOR); - throw new UrlAccessRestrictedException(); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Error authenticating RESTful service :" + e,AlarmSeverityEnum.MINOR); - //throw new UrlAccessRestrictedException(); - HttpSession httpSession = request.getSession(); - ((HttpServletResponse) response).setStatus(HttpURLConnection.HTTP_UNAUTHORIZED); - return false; - } - } - if (!urlAccessService.isUrlAccessible(request, url)) { - logger.error(EELFLoggerDelegate.errorLogger, "Error accesing URL. Un-authorized",AlarmSeverityEnum.MINOR); - throw new UrlAccessRestrictedException(); - } - } - } - - logger.debug("successfully authorized rest call"); - logger.info(EELFLoggerDelegate.debugLogger, "successfully authorized rest call"); - handleSessionUpdates(request); - logger.debug("handled session updates for synchronization"); - logger.info(EELFLoggerDelegate.debugLogger, "handled session updates for synchronization"); - return super.preHandle(request, response, handler); - } - - /** - * - * @param request - */ - protected void handleSessionUpdates(HttpServletRequest request) { - - App app = null; - Object appObj = getCacheManager().getObject(APP_METADATA); - if (appObj == null) { - app = findApp(); - getCacheManager().putObject(APP_METADATA, app); - - } else { - app = (App) appObj; - } - - String ecompRestURL = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REST_URL); - String decreptedPwd = ""; - try { - decreptedPwd = CipherUtil.decrypt(app.getAppPassword(), - SystemProperties.getProperty(SystemProperties.Decryption_Key)); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Could not decrypt Password" + e.getMessage(),AlarmSeverityEnum.MINOR); - } - - PortalTimeoutHandler.handleSessionUpdatesNative(request, app.getUsername(), decreptedPwd, - PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY), ecompRestURL, null); - } - - public App findApp() { - List list = null; - StringBuffer criteria = new StringBuffer(); - criteria.append(" where id = 1"); - list = getDataAccessService().getList(App.class, criteria.toString(), null, null); - return (list == null || list.size() == 0) ? null : (App) list.get(0); - } - - public DataAccessService getDataAccessService() { - return dataAccessService; - } - - public void setDataAccessService(DataAccessService dataAccessService) { - this.dataAccessService = dataAccessService; - } - - public LoginService getLoginService() { - return loginService; - } - - public void setLoginService(LoginService loginService) { - this.loginService = loginService; - } - - @Autowired - public void setCacheManager(AbstractCacheManager cacheManager) { - this.cacheManager = cacheManager; - } - - public AbstractCacheManager getCacheManager() { - return cacheManager; - } - -} -- cgit 1.2.3-korg