aboutsummaryrefslogtreecommitdiffstats
path: root/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
diff options
context:
space:
mode:
Diffstat (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java')
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java150
1 files changed, 72 insertions, 78 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
index 272e1e0e86..89d5346907 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
@@ -12,98 +12,92 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
-*/
-
+ */
package org.openecomp.server.filters;
-import org.openecomp.sdc.logging.api.Logger;
-import org.openecomp.sdc.logging.api.LoggerFactory;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Principal;
import java.util.Base64;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import javax.servlet.http.HttpServletResponse;
+import org.openecomp.sdc.logging.api.Logger;
+import org.openecomp.sdc.logging.api.LoggerFactory;
public class ActionAuthenticationFilter implements Filter {
- private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName());
- private boolean runningOnLocal = true;
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
+ private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName());
+ private boolean runningOnLocal = true;
- }
-
- @Override
- public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
- throws IOException, ServletException {
- if (runningOnLocal) {
-
- HttpServletRequest httpRequest = (HttpServletRequest) arg0;
- String authorizationHeader = httpRequest.getHeader("Authorization");
- if (authorizationHeader != null && !authorizationHeader.isEmpty()) {
- String username;
- try {
- String base64Credentials =
- httpRequest.getHeader("Authorization").replace("Basic", "").trim();
- String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials));
- username = decodedCredentials.substring(0, decodedCredentials.indexOf(":"));
- } catch (Exception exception) {
- log.error("Failed to decode credentials", exception);
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- if (username.startsWith("AUTH")) {
- HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) {
- @Override
- public java.lang.String getRemoteUser() {
- return getUserPrincipal().getName();
- }
-
- @Override
- public Principal getUserPrincipal() {
- return () -> username.substring(0, username.indexOf("-"));
- }
+ @Override
+ public void destroy() {
+ // TODO Auto-generated method stub
+ }
- @Override
- public boolean isUserInRole(String role) {
- try {
- ActionLibraryPrivilege requiredPrivilege =
- ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod());
- ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege
- .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase());
- return userPrivilege.ordinal() >= requiredPrivilege.ordinal();
- } catch (Exception exception) {
- log.error("Failed to validate UserInRole", exception);
- return false;
- }
+ @Override
+ public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException {
+ if (runningOnLocal) {
+ HttpServletRequest httpRequest = (HttpServletRequest) arg0;
+ String authorizationHeader = httpRequest.getHeader("Authorization");
+ if (authorizationHeader != null && !authorizationHeader.isEmpty()) {
+ String username;
+ try {
+ String base64Credentials = httpRequest.getHeader("Authorization").replace("Basic", "").trim();
+ String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials));
+ username = decodedCredentials.substring(0, decodedCredentials.indexOf(":"));
+ } catch (Exception exception) {
+ log.error("Failed to decode credentials", exception);
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ return;
+ }
+ if (username.startsWith("AUTH")) {
+ HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) {
+ @Override
+ public java.lang.String getRemoteUser() {
+ return getUserPrincipal().getName();
+ }
+
+ @Override
+ public Principal getUserPrincipal() {
+ return () -> username.substring(0, username.indexOf("-"));
+ }
+
+ @Override
+ public boolean isUserInRole(String role) {
+ try {
+ ActionLibraryPrivilege requiredPrivilege = ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod());
+ ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege
+ .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase());
+ return userPrivilege.ordinal() >= requiredPrivilege.ordinal();
+ } catch (Exception exception) {
+ log.error("Failed to validate UserInRole", exception);
+ return false;
+ }
+ }
+ };
+ arg2.doFilter(servletRequest, arg1);
+ } else {
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ }
+ } else {
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED);
}
- };
- arg2.doFilter(servletRequest, arg1);
} else {
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ //call super doFilter of cadi authentication filter
}
- } else {
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED);
- }
- } else {
- //call super doFilter of cadi authentication filter
}
+ private void setResponseStatus(HttpServletResponse response, int status) {
+ response.setStatus(status);
+ }
- }
-
- private void setResponseStatus(HttpServletResponse response, int status) {
- response.setStatus(status);
- }
-
- @Override
- public void init(FilterConfig arg0) throws ServletException {
-
- }
-
+ @Override
+ public void init(FilterConfig arg0) throws ServletException {
+ }
}