From 179ff1eb0c1ac9eef4d152c47df5cb12a4584c0f Mon Sep 17 00:00:00 2001 From: "Kotta, Shireesha (sk434m)" Date: Fri, 28 Jun 2019 15:27:29 -0400 Subject: PENTEST:Do not display stack trace for the api's Issue-ID: PORTAL-654 PENTEST:Do not display stack trace for the api's and all users info for get_user api Change-Id: I68a4e3c7eba2628363275d63535290034591aa07 Signed-off-by: Kotta, Shireesha (sk434m) --- .../crossapi/PortalRestAPICentralServiceImpl.java | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/PortalRestAPICentralServiceImpl.java') diff --git a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/PortalRestAPICentralServiceImpl.java b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/PortalRestAPICentralServiceImpl.java index d53c0eb6..ab9c608a 100644 --- a/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/PortalRestAPICentralServiceImpl.java +++ b/ecomp-sdk/epsdk-fw/src/main/java/org/onap/portalsdk/core/onboarding/crossapi/PortalRestAPICentralServiceImpl.java @@ -48,6 +48,7 @@ import java.util.stream.Collectors; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.exception.CipherUtilException; import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; import org.onap.portalsdk.core.onboarding.rest.RestWebServiceClient; @@ -114,7 +115,7 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { user = mapper.readValue(responseString, EcompUser.class); } catch (IOException e) { - String response = "PortalRestAPICentralServiceImpl.getUser failed"; + String response = "Failed to get user from portal"; logger.error(response, e); throw new PortalAPIException(response, e); } @@ -133,7 +134,7 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { TypeFactory.defaultInstance().constructCollectionType(List.class, EcompUser.class)); } catch (IOException e) { - String response = "PortalRestAPICentralServiceImpl.getUsers failed"; + String response = "Failed to get the users from portal"; logger.error(response, e); throw new PortalAPIException(response, e); } @@ -152,7 +153,7 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { TypeFactory.defaultInstance().constructCollectionType(List.class, EcompRole.class)); } catch (IOException e) { - String response = "PortalRestAPICentralServiceImpl.getRoles failed"; + String response = "Failed to get Roles from portal"; logger.error(response, e); throw new PortalAPIException(response, e); } @@ -180,7 +181,7 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { userRoles = (List) roles.stream().collect(Collectors.toList()); } catch (IOException e) { - String response = "PortalRestAPICentralServiceImpl.getUserRoles failed"; + String response = "Failed to get user roles from portal"; logger.error(response, e); throw new PortalAPIException(response, e); } @@ -188,10 +189,10 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { } @Override - public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException { + public boolean isAppAuthenticated(HttpServletRequest request, Map appCredentials) throws PortalAPIException { boolean accessAllowed = false; try { - accessAllowed = AuthUtil.isAccessAllowed(request, nameSpace); + accessAllowed = AuthUtil.isAccessAllowed(request, nameSpace, appCredentials); } catch (Exception e) { logger.error(e); } @@ -213,4 +214,4 @@ public class PortalRestAPICentralServiceImpl implements IPortalRestAPIService { return credentialsMap; } -} +} \ No newline at end of file -- cgit 1.2.3-korg