summaryrefslogtreecommitdiffstats
path: root/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src
diff options
context:
space:
mode:
Diffstat (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src')
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java9
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java150
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java55
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java93
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java161
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java26
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java63
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java306
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java58
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java6
-rw-r--r--openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java34
11 files changed, 461 insertions, 500 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java
index c299805d0c..aeea6de894 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,7 +17,6 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.configuration;
import java.util.List;
@@ -25,8 +24,8 @@ import java.util.List;
public class CookieConfig {
String securityKey = "";
- long maxSessionTimeOut = 600L*1000L;
- long sessionIdleTimeOut = 30L*1000L;
+ long maxSessionTimeOut = 600L * 1000L;
+ long sessionIdleTimeOut = 30L * 1000L;
String cookieName = "AuthenticationCookie";
String redirectURL = "portal_url";
List<String> excludedUrls;
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
index 272e1e0e86..89d5346907 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java
@@ -12,98 +12,92 @@
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
-*/
-
+ */
package org.openecomp.server.filters;
-import org.openecomp.sdc.logging.api.Logger;
-import org.openecomp.sdc.logging.api.LoggerFactory;
-
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Principal;
import java.util.Base64;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import javax.servlet.http.HttpServletResponse;
+import org.openecomp.sdc.logging.api.Logger;
+import org.openecomp.sdc.logging.api.LoggerFactory;
public class ActionAuthenticationFilter implements Filter {
- private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName());
- private boolean runningOnLocal = true;
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
+ private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName());
+ private boolean runningOnLocal = true;
- }
-
- @Override
- public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
- throws IOException, ServletException {
- if (runningOnLocal) {
-
- HttpServletRequest httpRequest = (HttpServletRequest) arg0;
- String authorizationHeader = httpRequest.getHeader("Authorization");
- if (authorizationHeader != null && !authorizationHeader.isEmpty()) {
- String username;
- try {
- String base64Credentials =
- httpRequest.getHeader("Authorization").replace("Basic", "").trim();
- String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials));
- username = decodedCredentials.substring(0, decodedCredentials.indexOf(":"));
- } catch (Exception exception) {
- log.error("Failed to decode credentials", exception);
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
- return;
- }
- if (username.startsWith("AUTH")) {
- HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) {
- @Override
- public java.lang.String getRemoteUser() {
- return getUserPrincipal().getName();
- }
-
- @Override
- public Principal getUserPrincipal() {
- return () -> username.substring(0, username.indexOf("-"));
- }
+ @Override
+ public void destroy() {
+ // TODO Auto-generated method stub
+ }
- @Override
- public boolean isUserInRole(String role) {
- try {
- ActionLibraryPrivilege requiredPrivilege =
- ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod());
- ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege
- .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase());
- return userPrivilege.ordinal() >= requiredPrivilege.ordinal();
- } catch (Exception exception) {
- log.error("Failed to validate UserInRole", exception);
- return false;
- }
+ @Override
+ public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException {
+ if (runningOnLocal) {
+ HttpServletRequest httpRequest = (HttpServletRequest) arg0;
+ String authorizationHeader = httpRequest.getHeader("Authorization");
+ if (authorizationHeader != null && !authorizationHeader.isEmpty()) {
+ String username;
+ try {
+ String base64Credentials = httpRequest.getHeader("Authorization").replace("Basic", "").trim();
+ String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials));
+ username = decodedCredentials.substring(0, decodedCredentials.indexOf(":"));
+ } catch (Exception exception) {
+ log.error("Failed to decode credentials", exception);
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ return;
+ }
+ if (username.startsWith("AUTH")) {
+ HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) {
+ @Override
+ public java.lang.String getRemoteUser() {
+ return getUserPrincipal().getName();
+ }
+
+ @Override
+ public Principal getUserPrincipal() {
+ return () -> username.substring(0, username.indexOf("-"));
+ }
+
+ @Override
+ public boolean isUserInRole(String role) {
+ try {
+ ActionLibraryPrivilege requiredPrivilege = ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod());
+ ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege
+ .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase());
+ return userPrivilege.ordinal() >= requiredPrivilege.ordinal();
+ } catch (Exception exception) {
+ log.error("Failed to validate UserInRole", exception);
+ return false;
+ }
+ }
+ };
+ arg2.doFilter(servletRequest, arg1);
+ } else {
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ }
+ } else {
+ setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED);
}
- };
- arg2.doFilter(servletRequest, arg1);
} else {
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN);
+ //call super doFilter of cadi authentication filter
}
- } else {
- setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED);
- }
- } else {
- //call super doFilter of cadi authentication filter
}
+ private void setResponseStatus(HttpServletResponse response, int status) {
+ response.setStatus(status);
+ }
- }
-
- private void setResponseStatus(HttpServletResponse response, int status) {
- response.setStatus(status);
- }
-
- @Override
- public void init(FilterConfig arg0) throws ServletException {
-
- }
-
+ @Override
+ public void init(FilterConfig arg0) throws ServletException {
+ }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java
index 10fd7d23f5..c394c3cf46 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java
@@ -13,43 +13,42 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
package org.openecomp.server.filters;
-import javax.servlet.*;
+import java.io.IOException;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
public class ActionAuthorizationFilter implements Filter {
-
- @Override
- public void destroy() {
- //destroy() is not implemented for ActionAuthorizationFilter
-
- }
-
- @Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain filterChain)
- throws IOException, ServletException {
-
- HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
- if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) {
- filterChain.doFilter(servletRequest, servletResponse);
- } else {
- setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN);
+ @Override
+ public void destroy() {
+ //destroy() is not implemented for ActionAuthorizationFilter
}
- }
- private void setResponseStatus(HttpServletResponse response, int status) {
- response.setStatus(status);
- }
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
+ throws IOException, ServletException {
+ HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
+ if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) {
+ filterChain.doFilter(servletRequest, servletResponse);
+ } else {
+ setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN);
+ }
+ }
- @Override
- public void init(FilterConfig arg0) throws ServletException {
- //init() is not implemented for ActionAuthorizationFilter
- }
+ private void setResponseStatus(HttpServletResponse response, int status) {
+ response.setStatus(status);
+ }
+ @Override
+ public void init(FilterConfig arg0) throws ServletException {
+ //init() is not implemented for ActionAuthorizationFilter
+ }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java
index 6c8b1e8ca5..bd0f219f22 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,59 +17,54 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.filters;
/**
* The enum Action library privilege.
*/
public enum ActionLibraryPrivilege {
+ /**
+ * Retrieve action library privilege.
+ */
+ RETRIEVE,
+ /**
+ * Create action library privilege.
+ */
+ CREATE,
+ /**
+ * Update action library privilege.
+ */
+ UPDATE,
+ /**
+ * Delete action library privilege.
+ */
+ DELETE;
- /**
- * Retrieve action library privilege.
- */
- RETRIEVE, /**
- * Create action library privilege.
- */
- CREATE, /**
- * Update action library privilege.
- */
- UPDATE, /**
- * Delete action library privilege.
- */
- DELETE;
-
- /**
- * Gets privilege.
- *
- * @param operation the operation
- * @return the privilege
- */
- public static ActionLibraryPrivilege getPrivilege(String operation) {
-
- ActionLibraryPrivilege toReturn;
-
- switch (operation) {
-
- case "GET":
- toReturn = RETRIEVE;
- break;
- case "POST":
- toReturn = CREATE;
- break;
- case "PUT":
- toReturn = UPDATE;
- break;
- case "DELETE":
- toReturn = DELETE;
- break;
- default:
- toReturn = null;
- break;
-
+ /**
+ * Gets privilege.
+ *
+ * @param operation the operation
+ * @return the privilege
+ */
+ public static ActionLibraryPrivilege getPrivilege(String operation) {
+ ActionLibraryPrivilege toReturn;
+ switch (operation) {
+ case "GET":
+ toReturn = RETRIEVE;
+ break;
+ case "POST":
+ toReturn = CREATE;
+ break;
+ case "PUT":
+ toReturn = UPDATE;
+ break;
+ case "DELETE":
+ toReturn = DELETE;
+ break;
+ default:
+ toReturn = null;
+ break;
+ }
+ return toReturn;
}
-
- return toReturn;
-
- }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java
index 0cda5f8a27..2c2b36717a 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,13 +17,14 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.filters;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.FileInputStream;
+import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
+import java.util.Base64;
import java.util.List;
import java.util.Map;
import java.util.Objects;
@@ -33,101 +34,89 @@ import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import javax.servlet.http.HttpServletResponse;
import org.onap.sdc.tosca.services.YamlUtil;
import org.openecomp.sdc.be.config.Configuration.BasicAuthConfig;
import org.openecomp.sdc.logging.api.Logger;
import org.openecomp.sdc.logging.api.LoggerFactory;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletRequestWrapper;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Base64;
import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException;
public class BasicAuthenticationFilter implements Filter {
- private static final Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class);
- private static final String CONFIG_FILE_PROPERTY = "configuration.yaml";
- private static final String CONFIG_SECTION = "basicAuth";
-
- @Override
- public void destroy() {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2)
- throws IOException, ServletException {
- String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY),
- "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY);
- Object config = getAuthenticationConfiguration(file);
- ObjectMapper mapper = new ObjectMapper();
- BasicAuthConfig basicAuthConfig = mapper.convertValue(config, BasicAuthConfig.class);
- HttpServletRequest httpRequest = (HttpServletRequest) arg0;
- HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest);
-
- // BasicAuth is disabled
- if (!basicAuthConfig.isEnabled()) {
- arg2.doFilter(servletRequest, arg1);
- return;
- }
-
- List<String> excludedUrls = Arrays.asList(basicAuthConfig.getExcludedUrls().split(","));
- if (excludedUrls.contains(httpRequest.getServletPath() + httpRequest.getPathInfo())) {
- // this url is included in the excludeUrls list, no need for authentication
- arg2.doFilter(servletRequest, arg1);
- return;
- }
-
-
- // Get the basicAuth info from the header
- String authorizationHeader = httpRequest.getHeader("Authorization");
- if (authorizationHeader == null || authorizationHeader.isEmpty()) {
- ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- return;
- }
-
- String base64Credentials =
- httpRequest.getHeader("Authorization").replace("Basic", "").trim();
- if (verifyCredentials(basicAuthConfig, base64Credentials)) {
- arg2.doFilter(servletRequest, arg1);
- } else {
- ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
- }
- }
+ private static final Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class);
+ private static final String CONFIG_FILE_PROPERTY = "configuration.yaml";
+ private static final String CONFIG_SECTION = "basicAuth";
+
+ private static Object getAuthenticationConfiguration(String file) throws IOException {
+ InputStream fileInput = new FileInputStream(file);
+ YamlUtil yamlUtil = new YamlUtil();
+ Map<?, ?> configuration = Objects.requireNonNull(yamlUtil.yamlToMap(fileInput), "Configuration cannot be empty");
+ Object authenticationConfig = configuration.get(CONFIG_SECTION);
+ if (authenticationConfig == null) {
+ throw new EntryNotConfiguredException(CONFIG_SECTION + " section");
+ }
+ return authenticationConfig;
+ }
- @Override
- public void init(FilterConfig config) throws ServletException {
- }
+ @Override
+ public void destroy() {
+ // TODO Auto-generated method stub
+ }
- private static Object getAuthenticationConfiguration(String file) throws IOException {
- InputStream fileInput = new FileInputStream(file);
- YamlUtil yamlUtil = new YamlUtil();
+ @Override
+ public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException {
+ String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY),
+ "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY);
+ Object config = getAuthenticationConfiguration(file);
+ ObjectMapper mapper = new ObjectMapper();
+ BasicAuthConfig basicAuthConfig = mapper.convertValue(config, BasicAuthConfig.class);
+ HttpServletRequest httpRequest = (HttpServletRequest) arg0;
+ HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest);
+ // BasicAuth is disabled
+ if (!basicAuthConfig.isEnabled()) {
+ arg2.doFilter(servletRequest, arg1);
+ return;
+ }
+ List<String> excludedUrls = Arrays.asList(basicAuthConfig.getExcludedUrls().split(","));
+ if (excludedUrls.contains(httpRequest.getServletPath() + httpRequest.getPathInfo())) {
+ // this url is included in the excludeUrls list, no need for authentication
+ arg2.doFilter(servletRequest, arg1);
+ return;
+ }
+ // Get the basicAuth info from the header
+ String authorizationHeader = httpRequest.getHeader("Authorization");
+ if (authorizationHeader == null || authorizationHeader.isEmpty()) {
+ ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ return;
+ }
+ String base64Credentials = httpRequest.getHeader("Authorization").replace("Basic", "").trim();
+ if (verifyCredentials(basicAuthConfig, base64Credentials)) {
+ arg2.doFilter(servletRequest, arg1);
+ } else {
+ ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ }
+ }
- Map<?, ?> configuration = Objects.requireNonNull(yamlUtil.yamlToMap(fileInput), "Configuration cannot be empty");
- Object authenticationConfig = configuration.get(CONFIG_SECTION);
- if (authenticationConfig == null) {
- throw new EntryNotConfiguredException(CONFIG_SECTION + " section");
+ @Override
+ public void init(FilterConfig config) throws ServletException {
}
- return authenticationConfig;
- }
- private boolean verifyCredentials (BasicAuthConfig basicAuthConfig, String credential) {
- String decodedCredentials = new String(Base64.getDecoder().decode(credential));
- int p = decodedCredentials.indexOf(':');
- if (p != -1) {
- String userName = decodedCredentials.substring(0, p).trim();
- String password = decodedCredentials.substring(p + 1).trim();
- if (!userName.equals(basicAuthConfig.getUserName()) || !password.equals(basicAuthConfig.getUserPass())) {
- log.error("Authentication failed. Invalid user name or password");
- return false;
- }
- return true;
- } else {
- log.error("Failed to decode credentials");
- return false;
+ private boolean verifyCredentials(BasicAuthConfig basicAuthConfig, String credential) {
+ String decodedCredentials = new String(Base64.getDecoder().decode(credential));
+ int p = decodedCredentials.indexOf(':');
+ if (p != -1) {
+ String userName = decodedCredentials.substring(0, p).trim();
+ String password = decodedCredentials.substring(p + 1).trim();
+ if (!userName.equals(basicAuthConfig.getUserName()) || !password.equals(basicAuthConfig.getUserPass())) {
+ log.error("Authentication failed. Invalid user name or password");
+ return false;
+ }
+ return true;
+ } else {
+ log.error("Failed to decode credentials");
+ return false;
+ }
}
- }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java
index 5465677b5a..d8c8eb6cc4 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,25 +17,23 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.filters;
-import org.openecomp.sdcrests.filters.SessionContextFilter;
+import static org.openecomp.sdcrests.common.RestConstants.USER_ID_HEADER_PARAM;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
-
-import static org.openecomp.sdcrests.common.RestConstants.USER_ID_HEADER_PARAM;
+import org.openecomp.sdcrests.filters.SessionContextFilter;
public class OnboardingSessionContextFilter extends SessionContextFilter {
- @Override
- public String getUser(ServletRequest servletRequest) {
- return ((HttpServletRequest) servletRequest).getHeader(USER_ID_HEADER_PARAM);
- }
+ @Override
+ public String getUser(ServletRequest servletRequest) {
+ return ((HttpServletRequest) servletRequest).getHeader(USER_ID_HEADER_PARAM);
+ }
- @Override
- public String getTenant(ServletRequest servletRequest) {
- return "dox";
- }
+ @Override
+ public String getTenant(ServletRequest servletRequest) {
+ return "dox";
+ }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java
index 61a74500ca..19b5e52cf8 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,25 +17,23 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.filters;
import com.fasterxml.jackson.databind.ObjectMapper;
-import org.onap.sdc.tosca.services.YamlUtil;
-import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration;
-import org.openecomp.sdc.securityutil.filters.SessionValidationFilter;
-import org.openecomp.server.configuration.CookieConfig;
-import org.openecomp.sdc.logging.api.Logger;
-import org.openecomp.sdc.logging.api.LoggerFactory;
-import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException;
-
-import javax.servlet.http.Cookie;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.List;
import java.util.Map;
import java.util.Objects;
+import javax.servlet.http.Cookie;
+import org.onap.sdc.tosca.services.YamlUtil;
+import org.openecomp.sdc.logging.api.Logger;
+import org.openecomp.sdc.logging.api.LoggerFactory;
+import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration;
+import org.openecomp.sdc.securityutil.filters.SessionValidationFilter;
+import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException;
+import org.openecomp.server.configuration.CookieConfig;
public class RestrictionAccessFilter extends SessionValidationFilter {
@@ -43,7 +41,23 @@ public class RestrictionAccessFilter extends SessionValidationFilter {
private static final String CONFIG_FILE_PROPERTY = "configuration.yaml";
private static final String CONFIG_SECTION = "authCookie";
+ @Override
+ public ISessionValidationFilterConfiguration getFilterConfiguration() {
+ return Configuration.getInstance();
+ }
+
+ @Override
+ protected Cookie addRoleToCookie(Cookie cookie) {
+ return cookie;
+ }
+
+ @Override
+ protected boolean isRoleValid(Cookie cookie) {
+ return true;
+ }
+
private static class Configuration implements ISessionValidationFilterConfiguration {
+
private static Configuration instance;
private String securityKey;
private long maxSessionTimeOut;
@@ -55,13 +69,10 @@ public class RestrictionAccessFilter extends SessionValidationFilter {
private String cookiePath;
private boolean isCookieHttpOnly;
-
private Configuration() {
try {
-
String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY),
- "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY);
-
+ "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY);
Object config = getAuthenticationConfiguration(file);
ObjectMapper mapper = new ObjectMapper();
CookieConfig cookieConfig = mapper.convertValue(config, CookieConfig.class);
@@ -74,11 +85,9 @@ public class RestrictionAccessFilter extends SessionValidationFilter {
this.cookieDomain = cookieConfig.getDomain();
this.cookiePath = cookieConfig.getPath();
this.isCookieHttpOnly = cookieConfig.isHttpOnly();
-
} catch (Exception e) {
LOGGER.warn("Failed to load configuration. ", e);
}
-
}
public static Configuration getInstance() {
@@ -89,18 +98,15 @@ public class RestrictionAccessFilter extends SessionValidationFilter {
}
private static Object getAuthenticationConfiguration(String file) throws IOException {
-
Map<?, ?> configuration = Objects.requireNonNull(readConfigurationFile(file), "Configuration cannot be empty");
Object authenticationConfig = configuration.get(CONFIG_SECTION);
if (authenticationConfig == null) {
throw new EntryNotConfiguredException(CONFIG_SECTION + " section");
}
-
return authenticationConfig;
}
private static Map<?, ?> readConfigurationFile(String file) throws IOException {
-
try (InputStream fileInput = new FileInputStream(file)) {
YamlUtil yamlUtil = new YamlUtil();
return yamlUtil.yamlToMap(fileInput);
@@ -152,19 +158,4 @@ public class RestrictionAccessFilter extends SessionValidationFilter {
return excludedUrls;
}
}
-
- @Override
- public ISessionValidationFilterConfiguration getFilterConfiguration() {
- return Configuration.getInstance();
- }
-
- @Override
- protected Cookie addRoleToCookie(Cookie cookie) {
- return cookie;
- }
-
- @Override
- protected boolean isRoleValid(Cookie cookie) {
- return true;
- }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java
index 16110816b2..076582f5d5 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java
@@ -15,159 +15,165 @@
*/
package org.openecomp.server.interceptors;
-
-import javax.ws.rs.core.*;
import java.lang.annotation.Annotation;
import java.net.URI;
-import java.util.*;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
+import javax.ws.rs.core.EntityTag;
+import javax.ws.rs.core.GenericType;
+import javax.ws.rs.core.Link;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.NewCookie;
+import javax.ws.rs.core.Response;
public class DefaultOutput extends Response {
- private static final long serialVersionUID = 8061802931931401706L;
-
- private final int status;
- private final Object entity;
- private MultivaluedMap<String, Object> metadata;
-
- public DefaultOutput(int s0, Object e0) {
- this.status = s0;
- this.entity = e0;
- }
-
- @Override
- public Object getEntity() {
- return entity;
- }
-
- @Override
- public <T> T readEntity(Class<T> asClass) {
- return null;
- }
-
- @Override
- public <T> T readEntity(GenericType<T> genericType) {
- return null;
- }
-
- @Override
- public <T> T readEntity(Class<T> asClass, Annotation[] annotations) {
- return null;
- }
-
- @Override
- public <T> T readEntity(GenericType<T> var1, Annotation[] var2) {
- return null;
- }
-
- @Override
- public boolean hasEntity() {
- return false;
- }
-
- @Override
- public boolean bufferEntity() {
- return false;
- }
-
- @Override
- public void close() {
- //close() is not implemented for DefaultOutput
- }
-
- @Override
- public MediaType getMediaType() {
- return null;
- }
-
- @Override
- public Locale getLanguage() {
- return null;
- }
-
- @Override
- public int getLength() {
- return 0;
- }
-
- @Override
- public Set<String> getAllowedMethods() {
- return Collections.emptySet();
- }
-
- @Override
- public Map<String, NewCookie> getCookies() {
- return null;
- }
-
- @Override
- public EntityTag getEntityTag() {
- return null;
- }
-
- @Override
- public Date getDate() {
- return null;
- }
-
- @Override
- public Date getLastModified() {
- return null;
- }
-
- @Override
- public URI getLocation() {
- return null;
- }
-
- @Override
- public Set<Link> getLinks() {
- return Collections.emptySet();
- }
-
- @Override
- public boolean hasLink(String s0) {
- return false;
- }
-
-
- @Override
- public Link getLink(String s0) {
- return null;
- }
-
- @Override
- public Link.Builder getLinkBuilder(String s0) {
- return null;
- }
-
- @Override
- public int getStatus() {
- return status;
- }
-
- @Override
- public StatusType getStatusInfo() {
- return null;
- }
-
- void addMetadata(MultivaluedMap<String, Object> meta) {
- this.metadata = meta;
- }
-
- @Override
- public MultivaluedMap<String, Object> getMetadata() {
- // don't worry about cloning for now
- return metadata;
- }
-
- @Override
- public MultivaluedMap<String, String> getStringHeaders() {
- return null;
- }
-
- @Override
- public String getHeaderString(String s0) {
- return null;
- }
-
+ private static final long serialVersionUID = 8061802931931401706L;
+ private final int status;
+ private final Object entity;
+ private MultivaluedMap<String, Object> metadata;
+
+ public DefaultOutput(int s0, Object e0) {
+ this.status = s0;
+ this.entity = e0;
+ }
+
+ @Override
+ public Object getEntity() {
+ return entity;
+ }
+
+ @Override
+ public <T> T readEntity(Class<T> asClass) {
+ return null;
+ }
+
+ @Override
+ public <T> T readEntity(GenericType<T> genericType) {
+ return null;
+ }
+
+ @Override
+ public <T> T readEntity(Class<T> asClass, Annotation[] annotations) {
+ return null;
+ }
+
+ @Override
+ public <T> T readEntity(GenericType<T> var1, Annotation[] var2) {
+ return null;
+ }
+
+ @Override
+ public boolean hasEntity() {
+ return false;
+ }
+
+ @Override
+ public boolean bufferEntity() {
+ return false;
+ }
+
+ @Override
+ public void close() {
+ //close() is not implemented for DefaultOutput
+ }
+
+ @Override
+ public MediaType getMediaType() {
+ return null;
+ }
+
+ @Override
+ public Locale getLanguage() {
+ return null;
+ }
+
+ @Override
+ public int getLength() {
+ return 0;
+ }
+
+ @Override
+ public Set<String> getAllowedMethods() {
+ return Collections.emptySet();
+ }
+
+ @Override
+ public Map<String, NewCookie> getCookies() {
+ return null;
+ }
+
+ @Override
+ public EntityTag getEntityTag() {
+ return null;
+ }
+
+ @Override
+ public Date getDate() {
+ return null;
+ }
+
+ @Override
+ public Date getLastModified() {
+ return null;
+ }
+
+ @Override
+ public URI getLocation() {
+ return null;
+ }
+
+ @Override
+ public Set<Link> getLinks() {
+ return Collections.emptySet();
+ }
+
+ @Override
+ public boolean hasLink(String s0) {
+ return false;
+ }
+
+ @Override
+ public Link getLink(String s0) {
+ return null;
+ }
+
+ @Override
+ public Link.Builder getLinkBuilder(String s0) {
+ return null;
+ }
+
+ @Override
+ public int getStatus() {
+ return status;
+ }
+
+ @Override
+ public StatusType getStatusInfo() {
+ return null;
+ }
+
+ void addMetadata(MultivaluedMap<String, Object> meta) {
+ this.metadata = meta;
+ }
+
+ @Override
+ public MultivaluedMap<String, Object> getMetadata() {
+ // don't worry about cloning for now
+ return metadata;
+ }
+
+ @Override
+ public MultivaluedMap<String, String> getStringHeaders() {
+ return null;
+ }
+
+ @Override
+ public String getHeaderString(String s0) {
+ return null;
+ }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java
index 440354318d..b8548806fe 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java
@@ -15,48 +15,44 @@
*/
package org.openecomp.server.interceptors;
+import javax.inject.Named;
+import javax.ws.rs.core.Response;
import org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageContentsList;
import org.apache.cxf.phase.Phase;
-import javax.inject.Named;
-import javax.ws.rs.core.Response;
-
-
/**
* The type Empty output out interceptor.
*/
@Named
public class EmptyOutputOutInterceptor extends AbstractOutDatabindingInterceptor {
- public EmptyOutputOutInterceptor() {
- // To be executed in post logical phase before marshal phase
- super(Phase.POST_LOGICAL);
- }
+ public EmptyOutputOutInterceptor() {
+ // To be executed in post logical phase before marshal phase
+ super(Phase.POST_LOGICAL);
+ }
- /**
- * Intercepts a message.
- * Interceptors should NOT invoke handleMessage or handleFault
- * on the next interceptor - the interceptor chain will
- * take care of this.
- *
- * @param message input message.
- */
- @Override
- public void handleMessage(Message message) {
- //get the message
- MessageContentsList objs = MessageContentsList.getContentsList(message);
- if (objs.get(0) instanceof Response) {
- //check if response is present but entity inside it is null the set a default entity
- int status = ((Response) objs.get(0)).getStatus();
- Object entity = ((Response) objs.get(0)).getEntity();
- // in case of staus 200 and entity is null send InternalEmptyObject in output.
- if (entity == null && status == 200) {
- DefaultOutput defaultOutput = new DefaultOutput(status, new InternalEmptyObject());
- defaultOutput.addMetadata(((Response) objs.get(0)).getMetadata());
- objs.set(0, defaultOutput);
- }
+ /**
+ * Intercepts a message. Interceptors should NOT invoke handleMessage or handleFault on the next interceptor - the interceptor chain will take
+ * care of this.
+ *
+ * @param message input message.
+ */
+ @Override
+ public void handleMessage(Message message) {
+ //get the message
+ MessageContentsList objs = MessageContentsList.getContentsList(message);
+ if (objs.get(0) instanceof Response) {
+ //check if response is present but entity inside it is null the set a default entity
+ int status = ((Response) objs.get(0)).getStatus();
+ Object entity = ((Response) objs.get(0)).getEntity();
+ // in case of staus 200 and entity is null send InternalEmptyObject in output.
+ if (entity == null && status == 200) {
+ DefaultOutput defaultOutput = new DefaultOutput(status, new InternalEmptyObject());
+ defaultOutput.addMetadata(((Response) objs.get(0)).getMetadata());
+ objs.set(0, defaultOutput);
+ }
+ }
}
- }
}
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java
index b052c57d10..e65be6d38f 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,11 +17,9 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.interceptors;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
-
import java.io.Serializable;
/**
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java
index b1c818cabb..606a0f7f7c 100644
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -17,30 +17,26 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
package org.openecomp.server.listeners;
-
-import org.openecomp.sdc.common.session.SessionContextProviderFactory;
-import org.springframework.web.context.ContextLoaderListener;
-
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
+import org.openecomp.sdc.common.session.SessionContextProviderFactory;
+import org.springframework.web.context.ContextLoaderListener;
public class OnboardingAppStartupListener implements ServletContextListener {
- ContextLoaderListener springListener;
+ ContextLoaderListener springListener;
- @Override
- public void contextInitialized(ServletContextEvent servletContextEvent) {
- SessionContextProviderFactory.getInstance().createInterface().create("onboarding",
- "dox");
- springListener = new ContextLoaderListener();
- springListener.initWebApplicationContext(servletContextEvent.getServletContext());
- }
+ @Override
+ public void contextInitialized(ServletContextEvent servletContextEvent) {
+ SessionContextProviderFactory.getInstance().createInterface().create("onboarding", "dox");
+ springListener = new ContextLoaderListener();
+ springListener.initWebApplicationContext(servletContextEvent.getServletContext());
+ }
- @Override
- public void contextDestroyed(ServletContextEvent servletContextEvent) {
- springListener.closeWebApplicationContext(servletContextEvent.getServletContext());
- }
+ @Override
+ public void contextDestroyed(ServletContextEvent servletContextEvent) {
+ springListener.closeWebApplicationContext(servletContextEvent.getServletContext());
+ }
}