diff options
| author |   Michael Lando <ml636r@att.com> | 2018-03-04 14:53:33 +0200 |
|---|---|---|
| committer | Michael Lando <ml636r@att.com> | 2018-03-07 13:19:05 +0000 |
| commit | a5445100050e49e83f73424198d73cd72d672a4d (patch) | |
| tree | cacf4df817df31be23e4e790d1dda857bdae061e /catalog-be/src/main/java/org/openecomp/sdc/be/filters | |
| parent | 51157f92c21976cba4914c378aaa3cba49826931 (diff) | |
Sync Integ to Master
Change-Id: I71e3acc26fa612127756ac04073a522b9cc6cd74
Issue-ID: SDC-977
Signed-off-by: Gitelman, Tal (tg851x) <tg851x@intl.att.com>
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp/sdc/be/filters')
3 files changed, 433 insertions, 443 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java index de95790f4e..841cd3225d 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BasicAuthenticationFilter.java @@ -20,27 +20,15 @@ package org.openecomp.sdc.be.filters; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.util.StringTokenizer; - -import javax.annotation.Priority; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.Response.ResponseBuilder; -import javax.ws.rs.core.Response.Status; - +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import fj.data.Either; import org.apache.commons.codec.binary.Base64; import org.openecomp.sdc.be.components.impl.ConsumerBusinessLogic; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.impl.WebAppContextWrapper; import org.openecomp.sdc.be.model.ConsumerDefinition; -import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum; import org.openecomp.sdc.common.api.Constants; import org.openecomp.sdc.exception.ResponseFormat; import org.openecomp.sdc.security.Passwords; @@ -48,178 +36,186 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.context.WebApplicationContext; -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; - -import fj.data.Either; +import javax.annotation.Priority; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.ResponseBuilder; +import javax.ws.rs.core.Response.Status; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.util.StringTokenizer; @Priority(10) public class BasicAuthenticationFilter implements ContainerRequestFilter { - @Context - private HttpServletRequest sr; - - protected Gson gson = new GsonBuilder().setPrettyPrinting().create(); - - private String realm = "ASDC"; - - private static Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class.getName()); - - @Override - public void filter(ContainerRequestContext requestContext) throws IOException { - - String authHeader = requestContext.getHeaderString(Constants.AUTHORIZATION_HEADER); - if (authHeader != null) { - StringTokenizer st = new StringTokenizer(authHeader); - if (st.hasMoreTokens()) { - String basic = st.nextToken(); - - if (basic.equalsIgnoreCase("Basic")) { - try { - String credentials = new String(Base64.decodeBase64(st.nextToken()), "UTF-8"); - log.debug("Credentials: {}" , credentials); - checkUserCredentiles(requestContext, credentials); - } catch (UnsupportedEncodingException e) { - log.error("Authentication Filter Failed Couldn't retrieve authentication", e); - authInvalidHeaderError(requestContext); - } - } else { - log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); - authInvalidHeaderError(requestContext); - } - } else { - log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); - authInvalidHeaderError(requestContext); - } - - } else { - log.error("Authentication Filter Failed no autharization header"); - authRequiredError(requestContext); - } - } - - private void checkUserCredentiles(ContainerRequestContext requestContext, String credentials) { - int p = credentials.indexOf(":"); - if (p != -1) { - String _username = credentials.substring(0, p).trim(); - String _password = credentials.substring(p + 1).trim(); - - ConsumerBusinessLogic consumerBL = getConsumerBusinessLogic(); - if (consumerBL == null) { - log.error("Authentication Filter Failed to get consumerBL."); - requestContext.abortWith(Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build()); - } else { - Either<ConsumerDefinition, ResponseFormat> result = consumerBL.getConsumer(_username); - validatePassword(requestContext, _username, _password, result); - } - } else { - log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); - authInvalidHeaderError(requestContext); - - } - } - - private void validatePassword(ContainerRequestContext requestContext, String _username, String _password, Either<ConsumerDefinition, ResponseFormat> result) { - if (result.isRight()) { - Integer status = result.right().value().getStatus(); - if (status == Status.NOT_FOUND.getStatusCode()) { - log.error("Authentication Filter Failed Couldn't find user"); - authUserNotFoundError(requestContext, _username); - } else { - log.error("Authentication Filter Failed to get consumerBL."); - requestContext.abortWith(Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build()); - } - } else { - ConsumerDefinition consumerCredentials = result.left().value(); - if (!Passwords.isExpectedPassword(_password, consumerCredentials.getConsumerSalt(), consumerCredentials.getConsumerPassword())) { - log.error("Authentication Filter Failed invalide password"); - authInvalidePasswordError(requestContext, _username); - } else { - authSuccesessful(requestContext, _username); - } - } - } - - private void authSuccesessful(ContainerRequestContext requestContext, String _username) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Authentication Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - componentUtils.auditAuthEvent(AuditingActionEnum.AUTH_REQUEST, requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_SUCCESS.toString(), realm); - } - - private void authInvalidePasswordError(ContainerRequestContext requestContext, String _username) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Authentication Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - componentUtils.auditAuthEvent(AuditingActionEnum.AUTH_REQUEST, requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_FAILED_INVALID_PASSWORD.toString(), realm); - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); - requestContext.abortWith(buildErrorResponse(responseFormat, false)); - } - - private void authUserNotFoundError(ContainerRequestContext requestContext, String _username) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Authentication Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - getComponentsUtils().auditAuthEvent(AuditingActionEnum.AUTH_REQUEST, requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_FAILED_USER_NOT_FOUND.toString(), realm); - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); - requestContext.abortWith(buildErrorResponse(responseFormat, false)); - } - - private void authInvalidHeaderError(ContainerRequestContext requestContext) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Authentication Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - getComponentsUtils().auditAuthEvent(AuditingActionEnum.AUTH_REQUEST, requestContext.getUriInfo().getPath(), "", AuthStatus.AUTH_FAILED_INVALID_AUTHENTICATION_HEADER.toString(), realm); - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED_INVALIDE_HEADER); - requestContext.abortWith(buildErrorResponse(responseFormat, false)); - } - - private void authRequiredError(ContainerRequestContext requestContext) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Authentication Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - getComponentsUtils().auditAuthEvent(AuditingActionEnum.AUTH_REQUEST, requestContext.getUriInfo().getPath(), "", AuthStatus.AUTH_REQUIRED.toString(), realm); - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_REQUIRED); - requestContext.abortWith(buildErrorResponse(responseFormat, true)); - } - - private ComponentsUtils getComponentsUtils() { - ServletContext context = sr.getSession().getServletContext(); - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - ComponentsUtils componentsUtils = webApplicationContext.getBean(ComponentsUtils.class); - return componentsUtils; - } - - private ConsumerBusinessLogic getConsumerBusinessLogic() { - ServletContext context = sr.getSession().getServletContext(); - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - ConsumerBusinessLogic consumerBusinessLogic = webApplicationContext.getBean(ConsumerBusinessLogic.class); - return consumerBusinessLogic; - } - - public enum AuthStatus { - AUTH_REQUIRED, AUTH_FAILED_USER_NOT_FOUND, AUTH_FAILED_INVALID_PASSWORD, AUTH_FAILED_INVALID_AUTHENTICATION_HEADER, AUTH_SUCCESS - } - - protected Response buildErrorResponse(ResponseFormat requestErrorWrapper, boolean addWwwAuthenticationHeader) { - ResponseBuilder responseBuilder = Response.status(requestErrorWrapper.getStatus()); - if (addWwwAuthenticationHeader) { - responseBuilder = responseBuilder.header("WWW-Authenticate", "Basic realm=\"" + realm + "\""); - } - Response response = responseBuilder.entity(gson.toJson(requestErrorWrapper.getRequestError())).build(); - return response; - } + @Context + private HttpServletRequest sr; + + protected Gson gson = new GsonBuilder().setPrettyPrinting().create(); + + private String realm = "ASDC"; + + private static final Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class); + + @Override + public void filter(ContainerRequestContext requestContext) throws IOException { + + String authHeader = requestContext.getHeaderString(Constants.AUTHORIZATION_HEADER); + if (authHeader != null) { + StringTokenizer st = new StringTokenizer(authHeader); + if (st.hasMoreTokens()) { + String basic = st.nextToken(); + + if (basic.equalsIgnoreCase("Basic")) { + try { + String credentials = new String(Base64.decodeBase64(st.nextToken()), "UTF-8"); + log.debug("Credentials: {}" , credentials); + checkUserCredentiles(requestContext, credentials); + } catch (UnsupportedEncodingException e) { + log.error("Authentication Filter Failed Couldn't retrieve authentication", e); + authInvalidHeaderError(requestContext); + } + } else { + log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); + authInvalidHeaderError(requestContext); + } + } else { + log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); + authInvalidHeaderError(requestContext); + } + + } else { + log.error("Authentication Filter Failed no autharization header"); + authRequiredError(requestContext); + } + } + + private void checkUserCredentiles(ContainerRequestContext requestContext, String credentials) { + int p = credentials.indexOf(":"); + if (p != -1) { + String _username = credentials.substring(0, p).trim(); + String _password = credentials.substring(p + 1).trim(); + + ConsumerBusinessLogic consumerBL = getConsumerBusinessLogic(); + if (consumerBL == null) { + log.error("Authentication Filter Failed to get consumerBL."); + requestContext.abortWith(Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build()); + } else { + Either<ConsumerDefinition, ResponseFormat> result = consumerBL.getConsumer(_username); + validatePassword(requestContext, _username, _password, result); + } + } else { + log.error("Authentication Filter Failed Couldn't retrieve authentication, no basic autantication."); + authInvalidHeaderError(requestContext); + + } + } + + private void validatePassword(ContainerRequestContext requestContext, String _username, String _password, Either<ConsumerDefinition, ResponseFormat> result) { + if (result.isRight()) { + Integer status = result.right().value().getStatus(); + if (status == Status.NOT_FOUND.getStatusCode()) { + log.error("Authentication Filter Failed Couldn't find user"); + authUserNotFoundError(requestContext, _username); + } else { + log.error("Authentication Filter Failed to get consumerBL."); + requestContext.abortWith(Response.serverError().status(Status.INTERNAL_SERVER_ERROR).build()); + } + } else { + ConsumerDefinition consumerCredentials = result.left().value(); + if (!Passwords.isExpectedPassword(_password, consumerCredentials.getConsumerSalt(), consumerCredentials.getConsumerPassword())) { + log.error("Authentication Filter Failed invalide password"); + authInvalidePasswordError(requestContext, _username); + } else { + authSuccesessful(requestContext, _username); + } + } + } + + private void authSuccesessful(ContainerRequestContext requestContext, String _username) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Authentication Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + componentUtils.auditAuthEvent(requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_SUCCESS.toString(), realm); + } + + private void authInvalidePasswordError(ContainerRequestContext requestContext, String _username) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Authentication Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + componentUtils.auditAuthEvent(requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_FAILED_INVALID_PASSWORD.toString(), realm); + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); + requestContext.abortWith(buildErrorResponse(responseFormat, false)); + } + + private void authUserNotFoundError(ContainerRequestContext requestContext, String _username) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Authentication Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + getComponentsUtils().auditAuthEvent(requestContext.getUriInfo().getPath(), _username, AuthStatus.AUTH_FAILED_USER_NOT_FOUND.toString(), realm); + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED); + requestContext.abortWith(buildErrorResponse(responseFormat, false)); + } + + private void authInvalidHeaderError(ContainerRequestContext requestContext) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Authentication Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + getComponentsUtils().auditAuthEvent(requestContext.getUriInfo().getPath(), "", AuthStatus.AUTH_FAILED_INVALID_AUTHENTICATION_HEADER.toString(), realm); + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_FAILED_INVALIDE_HEADER); + requestContext.abortWith(buildErrorResponse(responseFormat, false)); + } + + private void authRequiredError(ContainerRequestContext requestContext) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Authentication Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + getComponentsUtils().auditAuthEvent(requestContext.getUriInfo().getPath(), "", AuthStatus.AUTH_REQUIRED.toString(), realm); + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.AUTH_REQUIRED); + requestContext.abortWith(buildErrorResponse(responseFormat, true)); + } + + private ComponentsUtils getComponentsUtils() { + ServletContext context = sr.getSession().getServletContext(); + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + ComponentsUtils componentsUtils = webApplicationContext.getBean(ComponentsUtils.class); + return componentsUtils; + } + + private ConsumerBusinessLogic getConsumerBusinessLogic() { + ServletContext context = sr.getSession().getServletContext(); + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + ConsumerBusinessLogic consumerBusinessLogic = webApplicationContext.getBean(ConsumerBusinessLogic.class); + return consumerBusinessLogic; + } + + public enum AuthStatus { + AUTH_REQUIRED, AUTH_FAILED_USER_NOT_FOUND, AUTH_FAILED_INVALID_PASSWORD, AUTH_FAILED_INVALID_AUTHENTICATION_HEADER, AUTH_SUCCESS + } + + protected Response buildErrorResponse(ResponseFormat requestErrorWrapper, boolean addWwwAuthenticationHeader) { + ResponseBuilder responseBuilder = Response.status(requestErrorWrapper.getStatus()); + if (addWwwAuthenticationHeader) { + responseBuilder = responseBuilder.header("WWW-Authenticate", "Basic realm=\"" + realm + "\""); + } + Response response = responseBuilder.entity(gson.toJson(requestErrorWrapper.getRequestError())).build(); + return response; + } } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeServletFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeServletFilter.java index d24743534c..60409b3ee0 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeServletFilter.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/BeServletFilter.java @@ -20,20 +20,7 @@ package org.openecomp.sdc.be.filters; -import java.io.IOException; -import java.util.UUID; - -import javax.annotation.Priority; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; -import javax.ws.rs.container.ContainerResponseContext; -import javax.ws.rs.container.ContainerResponseFilter; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; -import javax.ws.rs.ext.Provider; - +import com.google.gson.GsonBuilder; import org.openecomp.sdc.be.config.BeEcompErrorManager; import org.openecomp.sdc.be.config.Configuration; import org.openecomp.sdc.be.config.ConfigurationManager; @@ -50,171 +37,180 @@ import org.slf4j.LoggerFactory; import org.slf4j.MDC; import org.springframework.web.context.WebApplicationContext; -import com.google.gson.GsonBuilder; +import javax.annotation.Priority; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.container.ContainerResponseContext; +import javax.ws.rs.container.ContainerResponseFilter; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import javax.ws.rs.ext.Provider; +import java.io.IOException; +import java.util.UUID; @Provider @Priority(1) public class BeServletFilter implements ContainerRequestFilter, ContainerResponseFilter { - @Context - private HttpServletRequest sr; - - private static Logger log = LoggerFactory.getLogger(BeServletFilter.class.getName()); - - @Override - public void filter(ContainerRequestContext requestContext) throws IOException { - try { - - MDC.clear(); - - // In case of 405 response code, this function is not entered, then - // we'll process - // the MDC fields and UUID during the response - ThreadLocalsHolder.setMdcProcessed(true); - - // Timing HTTP request - ThreadLocalsHolder.setRequestStartTime(System.currentTimeMillis()); - - String uuid = processMdcFields(requestContext); - - ThreadLocalsHolder.setUuid(uuid); - - inHttpRequest(); - - } catch (Exception e) { - BeEcompErrorManager.getInstance().processEcompError(EcompErrorName.BeRestApiGeneralError, "Error during request filter"); - BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Error during request filter"); - log.debug("Error during request filter: {} ", e); - } - } - - @Override - public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { - try { - // Formatting the response in case of 405 - if (responseContext.getStatus() == Response.Status.METHOD_NOT_ALLOWED.getStatusCode()) { - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.NOT_ALLOWED); - responseContext.setEntity(new GsonBuilder().setPrettyPrinting().create().toJson(responseFormat.getRequestError())); - } - - if (ThreadLocalsHolder.isMdcProcessed()) { - // filter() was executed during request - this is the regular - // flow - responseContext.getHeaders().add(Constants.X_ECOMP_REQUEST_ID_HEADER, ThreadLocalsHolder.getUuid()); - Long startTime = ThreadLocalsHolder.getRequestStartTime(); - if (startTime != null) { - long endTime = System.currentTimeMillis(); - MDC.put("timer", Long.toString(endTime - startTime)); - } - } else { - // this is the 405 response code case - // we have no MDC fields since filter() wasn't executed during - // request - String uuid = processMdcFields(requestContext); - responseContext.getHeaders().add(Constants.X_ECOMP_REQUEST_ID_HEADER, uuid); - } - - outHttpResponse(responseContext); - - log.debug("Close transaction from filter"); - TitanDao titanDao = getTitanDao(); - if ( titanDao != null ){ - if (responseContext.getStatus() == Response.Status.OK.getStatusCode() || responseContext.getStatus() == Response.Status.CREATED.getStatusCode() ){ - titanDao.commit(); - log.debug("Doing commit from filter"); - }else{ - titanDao.rollback(); - log.debug("Doing rollback from filter"); - } - } - // Cleaning up - MDC.clear(); - ThreadLocalsHolder.cleanup(); - } catch (Exception e) { - BeEcompErrorManager.getInstance().processEcompError(EcompErrorName.BeRestApiGeneralError, "Error during request filter"); - BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Error during request filter"); - log.debug("Error during response filter: {} ", e); - } - } - - private String processMdcFields(ContainerRequestContext requestContext) { - // UserId for logging - String userId = requestContext.getHeaderString(Constants.USER_ID_HEADER); - MDC.put("userId", userId); - - String serviceInstanceID = requestContext.getHeaderString(Constants.X_ECOMP_SERVICE_ID_HEADER); - MDC.put("serviceInstanceID", serviceInstanceID); - - MDC.put("remoteAddr", sr.getRemoteAddr()); - MDC.put("localAddr", sr.getLocalAddr()); - - // UUID - String uuid = requestContext.getHeaderString(Constants.X_ECOMP_REQUEST_ID_HEADER); - if (uuid == null) { - // Generate the UUID - uuid = UUID.randomUUID().toString(); - - // Add to MDC for logging - MDC.put("uuid", uuid); - - // This log message should already be with the UUID - uuidGeneration(uuid); - - } else { - // According to Ella, in case this header exists, we don't have to - // perform any validations - // since it's not our responsibilty, so we log the UUID just as it - // was received. - MDC.put("uuid", uuid); - } - return uuid; - } - - private ComponentsUtils getComponentsUtils() { - ServletContext context = this.sr.getSession().getServletContext(); - - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - return webApplicationContext.getBean(ComponentsUtils.class); - } - private TitanDao getTitanDao() { - ServletContext context = this.sr.getSession().getServletContext(); - - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - return webApplicationContext.getBean(TitanDao.class); - } - // Extracted for purpose of clear method name, for logback %M parameter - private void inHttpRequest() { - if (isInfoLog()) { - log.info("{} {} {}", sr.getMethod(), sr.getRequestURI(), sr.getProtocol()); - } else { - log.debug("{} {} {}", sr.getMethod(), sr.getRequestURI(), sr.getProtocol()); - } - } - - // Extracted for purpose of clear method name, for logback %M parameter - private void outHttpResponse(ContainerResponseContext responseContext) { - if (isInfoLog()) { - log.info("{} {} {} SC=\"{}\"", sr.getMethod(), sr.getRequestURI(), sr.getProtocol(), responseContext.getStatus()); - } else { - log.debug("{} {} {} SC=\"{}\"", sr.getMethod(), sr.getRequestURI(), sr.getProtocol(), responseContext.getStatus()); - } - } - - private boolean isInfoLog() { - boolean logRequest = true; - Configuration configuration = ConfigurationManager.getConfigurationManager().getConfiguration(); - String requestURI = sr.getRequestURI(); - if (requestURI != null && configuration.getUnLoggedUrls() != null) { - logRequest = !configuration.getUnLoggedUrls().contains(requestURI); - } - - return logRequest; - } - - // Extracted for purpose of clear method name, for logback %M parameter - private void uuidGeneration(String uuid) { - log.info("No requestID provided -> Generated UUID {}", uuid); - } + @Context + private HttpServletRequest sr; + + private static final Logger log = LoggerFactory.getLogger(BeServletFilter.class); + + @Override + public void filter(ContainerRequestContext requestContext) throws IOException { + try { + + MDC.clear(); + + // In case of 405 response code, this function is not entered, then + // we'll process + // the MDC fields and UUID during the response + ThreadLocalsHolder.setMdcProcessed(true); + + // Timing HTTP request + ThreadLocalsHolder.setRequestStartTime(System.currentTimeMillis()); + + String uuid = processMdcFields(requestContext); + + ThreadLocalsHolder.setUuid(uuid); + + inHttpRequest(); + + } catch (Exception e) { + BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Error during request filter"); + log.debug("Error during request filter: {} ", e); + } + } + + @Override + public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { + try { + // Formatting the response in case of 405 + if (responseContext.getStatus() == Response.Status.METHOD_NOT_ALLOWED.getStatusCode()) { + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.NOT_ALLOWED); + responseContext.setEntity(new GsonBuilder().setPrettyPrinting().create().toJson(responseFormat.getRequestError())); + } + + if (ThreadLocalsHolder.isMdcProcessed()) { + // filter() was executed during request - this is the regular + // flow + responseContext.getHeaders().add(Constants.X_ECOMP_REQUEST_ID_HEADER, ThreadLocalsHolder.getUuid()); + Long startTime = ThreadLocalsHolder.getRequestStartTime(); + if (startTime != null) { + long endTime = System.currentTimeMillis(); + MDC.put("timer", Long.toString(endTime - startTime)); + } + } else { + // this is the 405 response code case + // we have no MDC fields since filter() wasn't executed during + // request + String uuid = processMdcFields(requestContext); + responseContext.getHeaders().add(Constants.X_ECOMP_REQUEST_ID_HEADER, uuid); + } + + outHttpResponse(responseContext); + + log.debug("Close transaction from filter"); + TitanDao titanDao = getTitanDao(); + if ( titanDao != null ){ + if (responseContext.getStatus() == Response.Status.OK.getStatusCode() || responseContext.getStatus() == Response.Status.CREATED.getStatusCode() ){ + titanDao.commit(); + log.debug("Doing commit from filter"); + }else{ + titanDao.rollback(); + log.debug("Doing rollback from filter"); + } + } + // Cleaning up + MDC.clear(); + ThreadLocalsHolder.cleanup(); + } catch (Exception e) { + BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Error during request filter"); + log.debug("Error during response filter: {} ", e); + } + } + + private String processMdcFields(ContainerRequestContext requestContext) { + // UserId for logging + String userId = requestContext.getHeaderString(Constants.USER_ID_HEADER); + MDC.put("userId", userId); + + String serviceInstanceID = requestContext.getHeaderString(Constants.X_ECOMP_SERVICE_ID_HEADER); + MDC.put("serviceInstanceID", serviceInstanceID); + + MDC.put("remoteAddr", sr.getRemoteAddr()); + MDC.put("localAddr", sr.getLocalAddr()); + + // UUID + String uuid = requestContext.getHeaderString(Constants.X_ECOMP_REQUEST_ID_HEADER); + if (uuid == null) { + // Generate the UUID + uuid = UUID.randomUUID().toString(); + + // Add to MDC for logging + MDC.put("uuid", uuid); + + // This log message should already be with the UUID + uuidGeneration(uuid); + + } else { + // According to Ella, in case this header exists, we don't have to + // perform any validations + // since it's not our responsibilty, so we log the UUID just as it + // was received. + MDC.put("uuid", uuid); + } + return uuid; + } + + private ComponentsUtils getComponentsUtils() { + ServletContext context = this.sr.getSession().getServletContext(); + + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + return webApplicationContext.getBean(ComponentsUtils.class); + } + private TitanDao getTitanDao() { + ServletContext context = this.sr.getSession().getServletContext(); + + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + return webApplicationContext.getBean(TitanDao.class); + } + // Extracted for purpose of clear method name, for logback %M parameter + private void inHttpRequest() { + if (isInfoLog()) { + log.info("{} {} {}", sr.getMethod(), sr.getRequestURI(), sr.getProtocol()); + } else { + log.debug("{} {} {}", sr.getMethod(), sr.getRequestURI(), sr.getProtocol()); + } + } + + // Extracted for purpose of clear method name, for logback %M parameter + private void outHttpResponse(ContainerResponseContext responseContext) { + if (isInfoLog()) { + log.info("{} {} {} SC=\"{}\"", sr.getMethod(), sr.getRequestURI(), sr.getProtocol(), responseContext.getStatus()); + } else { + log.debug("{} {} {} SC=\"{}\"", sr.getMethod(), sr.getRequestURI(), sr.getProtocol(), responseContext.getStatus()); + } + } + + private boolean isInfoLog() { + boolean logRequest = true; + Configuration configuration = ConfigurationManager.getConfigurationManager().getConfiguration(); + String requestURI = sr.getRequestURI(); + if (requestURI != null && configuration.getUnLoggedUrls() != null) { + logRequest = !configuration.getUnLoggedUrls().contains(requestURI); + } + + return logRequest; + } + + // Extracted for purpose of clear method name, for logback %M parameter + private void uuidGeneration(String uuid) { + log.info("No requestID provided -> Generated UUID {}", uuid); + } } diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ComponentsAvailabilityFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ComponentsAvailabilityFilter.java index c572e2e552..b80ee4c324 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ComponentsAvailabilityFilter.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ComponentsAvailabilityFilter.java @@ -20,21 +20,9 @@ package org.openecomp.sdc.be.filters; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import javax.annotation.Priority; -import javax.servlet.ServletContext; -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.container.ContainerRequestContext; -import javax.ws.rs.container.ContainerRequestFilter; -import javax.ws.rs.core.Context; -import javax.ws.rs.core.Response; -import javax.ws.rs.core.Response.ResponseBuilder; -import javax.ws.rs.core.Response.Status; - -import org.openecomp.sdc.be.components.impl.HealthCheckBusinessLogic; +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import org.openecomp.sdc.be.components.health.HealthCheckBusinessLogic; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.impl.WebAppContextWrapper; @@ -46,77 +34,87 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.context.WebApplicationContext; -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; +import javax.annotation.Priority; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.ResponseBuilder; +import javax.ws.rs.core.Response.Status; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; @Priority(11) public class ComponentsAvailabilityFilter implements ContainerRequestFilter { - @Context - protected HttpServletRequest sr; - protected Gson gson = new GsonBuilder().setPrettyPrinting().create(); - private static Logger log = LoggerFactory.getLogger(ComponentsAvailabilityFilter.class.getName()); - - @Override - public void filter(ContainerRequestContext requestContext) throws IOException { - - String requestUrl = requestContext.getUriInfo().getPath(); - if (!requestUrl.equals("healthCheck")) { - List<HealthCheckInfo> beHealthCheckInfos = getBeHealthCheckInfos(this.sr.getSession().getServletContext()); - ActionStatus status = getAggregateBeStatus(beHealthCheckInfos); - - if (!status.equals(ActionStatus.OK)) { - log.error("Components Availability Filter Failed - ES/Cassandra is DOWN"); - availabilityError(requestContext); - } - } - - } - - protected ActionStatus getAggregateBeStatus(List<HealthCheckInfo> beHealthCheckInfos) { - ActionStatus status = ActionStatus.OK; - for (HealthCheckInfo healthCheckInfo : beHealthCheckInfos) { - if (healthCheckInfo.getHealthCheckStatus().equals(HealthCheckStatus.DOWN)) { - status = ActionStatus.GENERAL_ERROR; - break; - } - } - return status; - } - - protected List<HealthCheckInfo> getBeHealthCheckInfos(ServletContext servletContext) { - - List<HealthCheckInfo> healthCheckInfos = new ArrayList<HealthCheckInfo>(); - HealthCheckBusinessLogic healthCheckBusinessLogic = getHealthCheckBL(servletContext); - healthCheckBusinessLogic.getTitanHealthCheck(healthCheckInfos); // Titan - return healthCheckInfos; - } - - protected ComponentsUtils getComponentsUtils() { - ServletContext context = sr.getSession().getServletContext(); - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - ComponentsUtils componentsUtils = webApplicationContext.getBean(ComponentsUtils.class); - return componentsUtils; - } - - protected void availabilityError(ContainerRequestContext requestContext) { - ComponentsUtils componentUtils = getComponentsUtils(); - if (componentUtils == null) { - log.error("Components Availability Filter Failed to get component utils."); - requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); - } - ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR); - ResponseBuilder responseBuilder = Response.status(responseFormat.getStatus()); - Response response = responseBuilder.entity(gson.toJson(responseFormat.getRequestError())).build(); - requestContext.abortWith(response); - } - - private HealthCheckBusinessLogic getHealthCheckBL(ServletContext context) { - WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); - WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); - HealthCheckBusinessLogic healthCheckBl = webApplicationContext.getBean(HealthCheckBusinessLogic.class); - return healthCheckBl; - } + @Context + protected HttpServletRequest sr; + protected Gson gson = new GsonBuilder().setPrettyPrinting().create(); + private static final Logger log = LoggerFactory.getLogger(ComponentsAvailabilityFilter.class); + + @Override + public void filter(ContainerRequestContext requestContext) throws IOException { + + String requestUrl = requestContext.getUriInfo().getPath(); + if (!requestUrl.equals("healthCheck")) { + List<HealthCheckInfo> beHealthCheckInfos = getBeHealthCheckInfos(this.sr.getSession().getServletContext()); + ActionStatus status = getAggregateBeStatus(beHealthCheckInfos); + + if (!status.equals(ActionStatus.OK)) { + log.error("Components Availability Filter Failed - ES/Cassandra is DOWN"); + availabilityError(requestContext); + } + } + + } + + protected ActionStatus getAggregateBeStatus(List<HealthCheckInfo> beHealthCheckInfos) { + ActionStatus status = ActionStatus.OK; + for (HealthCheckInfo healthCheckInfo : beHealthCheckInfos) { + if (healthCheckInfo.getHealthCheckStatus().equals(HealthCheckStatus.DOWN)) { + status = ActionStatus.GENERAL_ERROR; + break; + } + } + return status; + } + + protected List<HealthCheckInfo> getBeHealthCheckInfos(ServletContext servletContext) { + + List<HealthCheckInfo> healthCheckInfos = new ArrayList<HealthCheckInfo>(); + HealthCheckBusinessLogic healthCheckBusinessLogic = getHealthCheckBL(servletContext); + healthCheckBusinessLogic.getTitanHealthCheck(healthCheckInfos); // Titan + return healthCheckInfos; + } + + protected ComponentsUtils getComponentsUtils() { + ServletContext context = sr.getSession().getServletContext(); + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + ComponentsUtils componentsUtils = webApplicationContext.getBean(ComponentsUtils.class); + return componentsUtils; + } + + protected void availabilityError(ContainerRequestContext requestContext) { + ComponentsUtils componentUtils = getComponentsUtils(); + if (componentUtils == null) { + log.error("Components Availability Filter Failed to get component utils."); + requestContext.abortWith(Response.status(Status.INTERNAL_SERVER_ERROR).build()); + } + ResponseFormat responseFormat = getComponentsUtils().getResponseFormat(ActionStatus.GENERAL_ERROR); + ResponseBuilder responseBuilder = Response.status(responseFormat.getStatus()); + Response response = responseBuilder.entity(gson.toJson(responseFormat.getRequestError())).build(); + requestContext.abortWith(response); + } + + private HealthCheckBusinessLogic getHealthCheckBL(ServletContext context) { + WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context.getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR); + WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context); + HealthCheckBusinessLogic healthCheckBl = webApplicationContext.getBean(HealthCheckBusinessLogic.class); + return healthCheckBl; + } } |