diff options
Diffstat (limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war')
11 files changed, 461 insertions, 500 deletions
diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java index c299805d0c..aeea6de894 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/configuration/CookieConfig.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,7 +17,6 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.configuration; import java.util.List; @@ -25,8 +24,8 @@ import java.util.List; public class CookieConfig { String securityKey = ""; - long maxSessionTimeOut = 600L*1000L; - long sessionIdleTimeOut = 30L*1000L; + long maxSessionTimeOut = 600L * 1000L; + long sessionIdleTimeOut = 30L * 1000L; String cookieName = "AuthenticationCookie"; String redirectURL = "portal_url"; List<String> excludedUrls; diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java index 272e1e0e86..89d5346907 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthenticationFilter.java @@ -12,98 +12,92 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. -*/ - + */ package org.openecomp.server.filters; -import org.openecomp.sdc.logging.api.Logger; -import org.openecomp.sdc.logging.api.LoggerFactory; - -import javax.servlet.*; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletRequestWrapper; -import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.security.Principal; import java.util.Base64; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; +import javax.servlet.http.HttpServletResponse; +import org.openecomp.sdc.logging.api.Logger; +import org.openecomp.sdc.logging.api.LoggerFactory; public class ActionAuthenticationFilter implements Filter { - private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName()); - private boolean runningOnLocal = true; - - @Override - public void destroy() { - // TODO Auto-generated method stub + private final Logger log = (Logger) LoggerFactory.getLogger(this.getClass().getName()); + private boolean runningOnLocal = true; - } - - @Override - public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) - throws IOException, ServletException { - if (runningOnLocal) { - - HttpServletRequest httpRequest = (HttpServletRequest) arg0; - String authorizationHeader = httpRequest.getHeader("Authorization"); - if (authorizationHeader != null && !authorizationHeader.isEmpty()) { - String username; - try { - String base64Credentials = - httpRequest.getHeader("Authorization").replace("Basic", "").trim(); - String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials)); - username = decodedCredentials.substring(0, decodedCredentials.indexOf(":")); - } catch (Exception exception) { - log.error("Failed to decode credentials", exception); - setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN); - return; - } - if (username.startsWith("AUTH")) { - HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) { - @Override - public java.lang.String getRemoteUser() { - return getUserPrincipal().getName(); - } - - @Override - public Principal getUserPrincipal() { - return () -> username.substring(0, username.indexOf("-")); - } + @Override + public void destroy() { + // TODO Auto-generated method stub + } - @Override - public boolean isUserInRole(String role) { - try { - ActionLibraryPrivilege requiredPrivilege = - ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod()); - ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege - .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase()); - return userPrivilege.ordinal() >= requiredPrivilege.ordinal(); - } catch (Exception exception) { - log.error("Failed to validate UserInRole", exception); - return false; - } + @Override + public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { + if (runningOnLocal) { + HttpServletRequest httpRequest = (HttpServletRequest) arg0; + String authorizationHeader = httpRequest.getHeader("Authorization"); + if (authorizationHeader != null && !authorizationHeader.isEmpty()) { + String username; + try { + String base64Credentials = httpRequest.getHeader("Authorization").replace("Basic", "").trim(); + String decodedCredentials = new String(Base64.getDecoder().decode(base64Credentials)); + username = decodedCredentials.substring(0, decodedCredentials.indexOf(":")); + } catch (Exception exception) { + log.error("Failed to decode credentials", exception); + setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN); + return; + } + if (username.startsWith("AUTH")) { + HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest) { + @Override + public java.lang.String getRemoteUser() { + return getUserPrincipal().getName(); + } + + @Override + public Principal getUserPrincipal() { + return () -> username.substring(0, username.indexOf("-")); + } + + @Override + public boolean isUserInRole(String role) { + try { + ActionLibraryPrivilege requiredPrivilege = ActionLibraryPrivilege.getPrivilege(httpRequest.getMethod()); + ActionLibraryPrivilege userPrivilege = ActionLibraryPrivilege + .valueOf(username.substring(username.indexOf("-") + 1).toUpperCase()); + return userPrivilege.ordinal() >= requiredPrivilege.ordinal(); + } catch (Exception exception) { + log.error("Failed to validate UserInRole", exception); + return false; + } + } + }; + arg2.doFilter(servletRequest, arg1); + } else { + setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN); + } + } else { + setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED); } - }; - arg2.doFilter(servletRequest, arg1); } else { - setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_FORBIDDEN); + //call super doFilter of cadi authentication filter } - } else { - setResponseStatus((HttpServletResponse) arg1, HttpServletResponse.SC_UNAUTHORIZED); - } - } else { - //call super doFilter of cadi authentication filter } + private void setResponseStatus(HttpServletResponse response, int status) { + response.setStatus(status); + } - } - - private void setResponseStatus(HttpServletResponse response, int status) { - response.setStatus(status); - } - - @Override - public void init(FilterConfig arg0) throws ServletException { - - } - + @Override + public void init(FilterConfig arg0) throws ServletException { + } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java index 10fd7d23f5..c394c3cf46 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionAuthorizationFilter.java @@ -13,43 +13,42 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.openecomp.server.filters; -import javax.servlet.*; +import java.io.IOException; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import java.io.IOException; public class ActionAuthorizationFilter implements Filter { - - @Override - public void destroy() { - //destroy() is not implemented for ActionAuthorizationFilter - - } - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, - FilterChain filterChain) - throws IOException, ServletException { - - HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; - if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) { - filterChain.doFilter(servletRequest, servletResponse); - } else { - setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN); + @Override + public void destroy() { + //destroy() is not implemented for ActionAuthorizationFilter } - } - private void setResponseStatus(HttpServletResponse response, int status) { - response.setStatus(status); - } + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) + throws IOException, ServletException { + HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; + if (httpRequest.isUserInRole(httpRequest.getMethod().toUpperCase())) { + filterChain.doFilter(servletRequest, servletResponse); + } else { + setResponseStatus((HttpServletResponse) servletResponse, HttpServletResponse.SC_FORBIDDEN); + } + } - @Override - public void init(FilterConfig arg0) throws ServletException { - //init() is not implemented for ActionAuthorizationFilter - } + private void setResponseStatus(HttpServletResponse response, int status) { + response.setStatus(status); + } + @Override + public void init(FilterConfig arg0) throws ServletException { + //init() is not implemented for ActionAuthorizationFilter + } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java index 6c8b1e8ca5..bd0f219f22 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/ActionLibraryPrivilege.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,59 +17,54 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.filters; /** * The enum Action library privilege. */ public enum ActionLibraryPrivilege { + /** + * Retrieve action library privilege. + */ + RETRIEVE, + /** + * Create action library privilege. + */ + CREATE, + /** + * Update action library privilege. + */ + UPDATE, + /** + * Delete action library privilege. + */ + DELETE; - /** - * Retrieve action library privilege. - */ - RETRIEVE, /** - * Create action library privilege. - */ - CREATE, /** - * Update action library privilege. - */ - UPDATE, /** - * Delete action library privilege. - */ - DELETE; - - /** - * Gets privilege. - * - * @param operation the operation - * @return the privilege - */ - public static ActionLibraryPrivilege getPrivilege(String operation) { - - ActionLibraryPrivilege toReturn; - - switch (operation) { - - case "GET": - toReturn = RETRIEVE; - break; - case "POST": - toReturn = CREATE; - break; - case "PUT": - toReturn = UPDATE; - break; - case "DELETE": - toReturn = DELETE; - break; - default: - toReturn = null; - break; - + /** + * Gets privilege. + * + * @param operation the operation + * @return the privilege + */ + public static ActionLibraryPrivilege getPrivilege(String operation) { + ActionLibraryPrivilege toReturn; + switch (operation) { + case "GET": + toReturn = RETRIEVE; + break; + case "POST": + toReturn = CREATE; + break; + case "PUT": + toReturn = UPDATE; + break; + case "DELETE": + toReturn = DELETE; + break; + default: + toReturn = null; + break; + } + return toReturn; } - - return toReturn; - - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java index 0cda5f8a27..2c2b36717a 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/BasicAuthenticationFilter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,13 +17,14 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.filters; import com.fasterxml.jackson.databind.ObjectMapper; import java.io.FileInputStream; +import java.io.IOException; import java.io.InputStream; import java.util.Arrays; +import java.util.Base64; import java.util.List; import java.util.Map; import java.util.Objects; @@ -33,101 +34,89 @@ import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletRequestWrapper; +import javax.servlet.http.HttpServletResponse; import org.onap.sdc.tosca.services.YamlUtil; import org.openecomp.sdc.be.config.Configuration.BasicAuthConfig; import org.openecomp.sdc.logging.api.Logger; import org.openecomp.sdc.logging.api.LoggerFactory; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletRequestWrapper; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.Base64; import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException; public class BasicAuthenticationFilter implements Filter { - private static final Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class); - private static final String CONFIG_FILE_PROPERTY = "configuration.yaml"; - private static final String CONFIG_SECTION = "basicAuth"; - - @Override - public void destroy() { - // TODO Auto-generated method stub - - } - - @Override - public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) - throws IOException, ServletException { - String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY), - "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY); - Object config = getAuthenticationConfiguration(file); - ObjectMapper mapper = new ObjectMapper(); - BasicAuthConfig basicAuthConfig = mapper.convertValue(config, BasicAuthConfig.class); - HttpServletRequest httpRequest = (HttpServletRequest) arg0; - HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest); - - // BasicAuth is disabled - if (!basicAuthConfig.isEnabled()) { - arg2.doFilter(servletRequest, arg1); - return; - } - - List<String> excludedUrls = Arrays.asList(basicAuthConfig.getExcludedUrls().split(",")); - if (excludedUrls.contains(httpRequest.getServletPath() + httpRequest.getPathInfo())) { - // this url is included in the excludeUrls list, no need for authentication - arg2.doFilter(servletRequest, arg1); - return; - } - - - // Get the basicAuth info from the header - String authorizationHeader = httpRequest.getHeader("Authorization"); - if (authorizationHeader == null || authorizationHeader.isEmpty()) { - ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED); - return; - } - - String base64Credentials = - httpRequest.getHeader("Authorization").replace("Basic", "").trim(); - if (verifyCredentials(basicAuthConfig, base64Credentials)) { - arg2.doFilter(servletRequest, arg1); - } else { - ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED); - } - } + private static final Logger log = LoggerFactory.getLogger(BasicAuthenticationFilter.class); + private static final String CONFIG_FILE_PROPERTY = "configuration.yaml"; + private static final String CONFIG_SECTION = "basicAuth"; + + private static Object getAuthenticationConfiguration(String file) throws IOException { + InputStream fileInput = new FileInputStream(file); + YamlUtil yamlUtil = new YamlUtil(); + Map<?, ?> configuration = Objects.requireNonNull(yamlUtil.yamlToMap(fileInput), "Configuration cannot be empty"); + Object authenticationConfig = configuration.get(CONFIG_SECTION); + if (authenticationConfig == null) { + throw new EntryNotConfiguredException(CONFIG_SECTION + " section"); + } + return authenticationConfig; + } - @Override - public void init(FilterConfig config) throws ServletException { - } + @Override + public void destroy() { + // TODO Auto-generated method stub + } - private static Object getAuthenticationConfiguration(String file) throws IOException { - InputStream fileInput = new FileInputStream(file); - YamlUtil yamlUtil = new YamlUtil(); + @Override + public void doFilter(ServletRequest arg0, ServletResponse arg1, FilterChain arg2) throws IOException, ServletException { + String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY), + "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY); + Object config = getAuthenticationConfiguration(file); + ObjectMapper mapper = new ObjectMapper(); + BasicAuthConfig basicAuthConfig = mapper.convertValue(config, BasicAuthConfig.class); + HttpServletRequest httpRequest = (HttpServletRequest) arg0; + HttpServletRequestWrapper servletRequest = new HttpServletRequestWrapper(httpRequest); + // BasicAuth is disabled + if (!basicAuthConfig.isEnabled()) { + arg2.doFilter(servletRequest, arg1); + return; + } + List<String> excludedUrls = Arrays.asList(basicAuthConfig.getExcludedUrls().split(",")); + if (excludedUrls.contains(httpRequest.getServletPath() + httpRequest.getPathInfo())) { + // this url is included in the excludeUrls list, no need for authentication + arg2.doFilter(servletRequest, arg1); + return; + } + // Get the basicAuth info from the header + String authorizationHeader = httpRequest.getHeader("Authorization"); + if (authorizationHeader == null || authorizationHeader.isEmpty()) { + ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED); + return; + } + String base64Credentials = httpRequest.getHeader("Authorization").replace("Basic", "").trim(); + if (verifyCredentials(basicAuthConfig, base64Credentials)) { + arg2.doFilter(servletRequest, arg1); + } else { + ((HttpServletResponse) arg1).setStatus(HttpServletResponse.SC_UNAUTHORIZED); + } + } - Map<?, ?> configuration = Objects.requireNonNull(yamlUtil.yamlToMap(fileInput), "Configuration cannot be empty"); - Object authenticationConfig = configuration.get(CONFIG_SECTION); - if (authenticationConfig == null) { - throw new EntryNotConfiguredException(CONFIG_SECTION + " section"); + @Override + public void init(FilterConfig config) throws ServletException { } - return authenticationConfig; - } - private boolean verifyCredentials (BasicAuthConfig basicAuthConfig, String credential) { - String decodedCredentials = new String(Base64.getDecoder().decode(credential)); - int p = decodedCredentials.indexOf(':'); - if (p != -1) { - String userName = decodedCredentials.substring(0, p).trim(); - String password = decodedCredentials.substring(p + 1).trim(); - if (!userName.equals(basicAuthConfig.getUserName()) || !password.equals(basicAuthConfig.getUserPass())) { - log.error("Authentication failed. Invalid user name or password"); - return false; - } - return true; - } else { - log.error("Failed to decode credentials"); - return false; + private boolean verifyCredentials(BasicAuthConfig basicAuthConfig, String credential) { + String decodedCredentials = new String(Base64.getDecoder().decode(credential)); + int p = decodedCredentials.indexOf(':'); + if (p != -1) { + String userName = decodedCredentials.substring(0, p).trim(); + String password = decodedCredentials.substring(p + 1).trim(); + if (!userName.equals(basicAuthConfig.getUserName()) || !password.equals(basicAuthConfig.getUserPass())) { + log.error("Authentication failed. Invalid user name or password"); + return false; + } + return true; + } else { + log.error("Failed to decode credentials"); + return false; + } } - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java index 5465677b5a..d8c8eb6cc4 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/OnboardingSessionContextFilter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,25 +17,23 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.filters; -import org.openecomp.sdcrests.filters.SessionContextFilter; +import static org.openecomp.sdcrests.common.RestConstants.USER_ID_HEADER_PARAM; import javax.servlet.ServletRequest; import javax.servlet.http.HttpServletRequest; - -import static org.openecomp.sdcrests.common.RestConstants.USER_ID_HEADER_PARAM; +import org.openecomp.sdcrests.filters.SessionContextFilter; public class OnboardingSessionContextFilter extends SessionContextFilter { - @Override - public String getUser(ServletRequest servletRequest) { - return ((HttpServletRequest) servletRequest).getHeader(USER_ID_HEADER_PARAM); - } + @Override + public String getUser(ServletRequest servletRequest) { + return ((HttpServletRequest) servletRequest).getHeader(USER_ID_HEADER_PARAM); + } - @Override - public String getTenant(ServletRequest servletRequest) { - return "dox"; - } + @Override + public String getTenant(ServletRequest servletRequest) { + return "dox"; + } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java index 61a74500ca..19b5e52cf8 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/filters/RestrictionAccessFilter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,25 +17,23 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.filters; import com.fasterxml.jackson.databind.ObjectMapper; -import org.onap.sdc.tosca.services.YamlUtil; -import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration; -import org.openecomp.sdc.securityutil.filters.SessionValidationFilter; -import org.openecomp.server.configuration.CookieConfig; -import org.openecomp.sdc.logging.api.Logger; -import org.openecomp.sdc.logging.api.LoggerFactory; -import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException; - -import javax.servlet.http.Cookie; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; import java.util.List; import java.util.Map; import java.util.Objects; +import javax.servlet.http.Cookie; +import org.onap.sdc.tosca.services.YamlUtil; +import org.openecomp.sdc.logging.api.Logger; +import org.openecomp.sdc.logging.api.LoggerFactory; +import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration; +import org.openecomp.sdc.securityutil.filters.SessionValidationFilter; +import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException; +import org.openecomp.server.configuration.CookieConfig; public class RestrictionAccessFilter extends SessionValidationFilter { @@ -43,7 +41,23 @@ public class RestrictionAccessFilter extends SessionValidationFilter { private static final String CONFIG_FILE_PROPERTY = "configuration.yaml"; private static final String CONFIG_SECTION = "authCookie"; + @Override + public ISessionValidationFilterConfiguration getFilterConfiguration() { + return Configuration.getInstance(); + } + + @Override + protected Cookie addRoleToCookie(Cookie cookie) { + return cookie; + } + + @Override + protected boolean isRoleValid(Cookie cookie) { + return true; + } + private static class Configuration implements ISessionValidationFilterConfiguration { + private static Configuration instance; private String securityKey; private long maxSessionTimeOut; @@ -55,13 +69,10 @@ public class RestrictionAccessFilter extends SessionValidationFilter { private String cookiePath; private boolean isCookieHttpOnly; - private Configuration() { try { - String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY), - "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY); - + "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY); Object config = getAuthenticationConfiguration(file); ObjectMapper mapper = new ObjectMapper(); CookieConfig cookieConfig = mapper.convertValue(config, CookieConfig.class); @@ -74,11 +85,9 @@ public class RestrictionAccessFilter extends SessionValidationFilter { this.cookieDomain = cookieConfig.getDomain(); this.cookiePath = cookieConfig.getPath(); this.isCookieHttpOnly = cookieConfig.isHttpOnly(); - } catch (Exception e) { LOGGER.warn("Failed to load configuration. ", e); } - } public static Configuration getInstance() { @@ -89,18 +98,15 @@ public class RestrictionAccessFilter extends SessionValidationFilter { } private static Object getAuthenticationConfiguration(String file) throws IOException { - Map<?, ?> configuration = Objects.requireNonNull(readConfigurationFile(file), "Configuration cannot be empty"); Object authenticationConfig = configuration.get(CONFIG_SECTION); if (authenticationConfig == null) { throw new EntryNotConfiguredException(CONFIG_SECTION + " section"); } - return authenticationConfig; } private static Map<?, ?> readConfigurationFile(String file) throws IOException { - try (InputStream fileInput = new FileInputStream(file)) { YamlUtil yamlUtil = new YamlUtil(); return yamlUtil.yamlToMap(fileInput); @@ -152,19 +158,4 @@ public class RestrictionAccessFilter extends SessionValidationFilter { return excludedUrls; } } - - @Override - public ISessionValidationFilterConfiguration getFilterConfiguration() { - return Configuration.getInstance(); - } - - @Override - protected Cookie addRoleToCookie(Cookie cookie) { - return cookie; - } - - @Override - protected boolean isRoleValid(Cookie cookie) { - return true; - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java index 16110816b2..076582f5d5 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/DefaultOutput.java @@ -15,159 +15,165 @@ */ package org.openecomp.server.interceptors; - -import javax.ws.rs.core.*; import java.lang.annotation.Annotation; import java.net.URI; -import java.util.*; +import java.util.Collections; +import java.util.Date; +import java.util.Locale; +import java.util.Map; +import java.util.Set; +import javax.ws.rs.core.EntityTag; +import javax.ws.rs.core.GenericType; +import javax.ws.rs.core.Link; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedMap; +import javax.ws.rs.core.NewCookie; +import javax.ws.rs.core.Response; public class DefaultOutput extends Response { - private static final long serialVersionUID = 8061802931931401706L; - - private final int status; - private final Object entity; - private MultivaluedMap<String, Object> metadata; - - public DefaultOutput(int s0, Object e0) { - this.status = s0; - this.entity = e0; - } - - @Override - public Object getEntity() { - return entity; - } - - @Override - public <T> T readEntity(Class<T> asClass) { - return null; - } - - @Override - public <T> T readEntity(GenericType<T> genericType) { - return null; - } - - @Override - public <T> T readEntity(Class<T> asClass, Annotation[] annotations) { - return null; - } - - @Override - public <T> T readEntity(GenericType<T> var1, Annotation[] var2) { - return null; - } - - @Override - public boolean hasEntity() { - return false; - } - - @Override - public boolean bufferEntity() { - return false; - } - - @Override - public void close() { - //close() is not implemented for DefaultOutput - } - - @Override - public MediaType getMediaType() { - return null; - } - - @Override - public Locale getLanguage() { - return null; - } - - @Override - public int getLength() { - return 0; - } - - @Override - public Set<String> getAllowedMethods() { - return Collections.emptySet(); - } - - @Override - public Map<String, NewCookie> getCookies() { - return null; - } - - @Override - public EntityTag getEntityTag() { - return null; - } - - @Override - public Date getDate() { - return null; - } - - @Override - public Date getLastModified() { - return null; - } - - @Override - public URI getLocation() { - return null; - } - - @Override - public Set<Link> getLinks() { - return Collections.emptySet(); - } - - @Override - public boolean hasLink(String s0) { - return false; - } - - - @Override - public Link getLink(String s0) { - return null; - } - - @Override - public Link.Builder getLinkBuilder(String s0) { - return null; - } - - @Override - public int getStatus() { - return status; - } - - @Override - public StatusType getStatusInfo() { - return null; - } - - void addMetadata(MultivaluedMap<String, Object> meta) { - this.metadata = meta; - } - - @Override - public MultivaluedMap<String, Object> getMetadata() { - // don't worry about cloning for now - return metadata; - } - - @Override - public MultivaluedMap<String, String> getStringHeaders() { - return null; - } - - @Override - public String getHeaderString(String s0) { - return null; - } - + private static final long serialVersionUID = 8061802931931401706L; + private final int status; + private final Object entity; + private MultivaluedMap<String, Object> metadata; + + public DefaultOutput(int s0, Object e0) { + this.status = s0; + this.entity = e0; + } + + @Override + public Object getEntity() { + return entity; + } + + @Override + public <T> T readEntity(Class<T> asClass) { + return null; + } + + @Override + public <T> T readEntity(GenericType<T> genericType) { + return null; + } + + @Override + public <T> T readEntity(Class<T> asClass, Annotation[] annotations) { + return null; + } + + @Override + public <T> T readEntity(GenericType<T> var1, Annotation[] var2) { + return null; + } + + @Override + public boolean hasEntity() { + return false; + } + + @Override + public boolean bufferEntity() { + return false; + } + + @Override + public void close() { + //close() is not implemented for DefaultOutput + } + + @Override + public MediaType getMediaType() { + return null; + } + + @Override + public Locale getLanguage() { + return null; + } + + @Override + public int getLength() { + return 0; + } + + @Override + public Set<String> getAllowedMethods() { + return Collections.emptySet(); + } + + @Override + public Map<String, NewCookie> getCookies() { + return null; + } + + @Override + public EntityTag getEntityTag() { + return null; + } + + @Override + public Date getDate() { + return null; + } + + @Override + public Date getLastModified() { + return null; + } + + @Override + public URI getLocation() { + return null; + } + + @Override + public Set<Link> getLinks() { + return Collections.emptySet(); + } + + @Override + public boolean hasLink(String s0) { + return false; + } + + @Override + public Link getLink(String s0) { + return null; + } + + @Override + public Link.Builder getLinkBuilder(String s0) { + return null; + } + + @Override + public int getStatus() { + return status; + } + + @Override + public StatusType getStatusInfo() { + return null; + } + + void addMetadata(MultivaluedMap<String, Object> meta) { + this.metadata = meta; + } + + @Override + public MultivaluedMap<String, Object> getMetadata() { + // don't worry about cloning for now + return metadata; + } + + @Override + public MultivaluedMap<String, String> getStringHeaders() { + return null; + } + + @Override + public String getHeaderString(String s0) { + return null; + } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java index 440354318d..b8548806fe 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/EmptyOutputOutInterceptor.java @@ -15,48 +15,44 @@ */ package org.openecomp.server.interceptors; +import javax.inject.Named; +import javax.ws.rs.core.Response; import org.apache.cxf.interceptor.AbstractOutDatabindingInterceptor; import org.apache.cxf.message.Message; import org.apache.cxf.message.MessageContentsList; import org.apache.cxf.phase.Phase; -import javax.inject.Named; -import javax.ws.rs.core.Response; - - /** * The type Empty output out interceptor. */ @Named public class EmptyOutputOutInterceptor extends AbstractOutDatabindingInterceptor { - public EmptyOutputOutInterceptor() { - // To be executed in post logical phase before marshal phase - super(Phase.POST_LOGICAL); - } + public EmptyOutputOutInterceptor() { + // To be executed in post logical phase before marshal phase + super(Phase.POST_LOGICAL); + } - /** - * Intercepts a message. - * Interceptors should NOT invoke handleMessage or handleFault - * on the next interceptor - the interceptor chain will - * take care of this. - * - * @param message input message. - */ - @Override - public void handleMessage(Message message) { - //get the message - MessageContentsList objs = MessageContentsList.getContentsList(message); - if (objs.get(0) instanceof Response) { - //check if response is present but entity inside it is null the set a default entity - int status = ((Response) objs.get(0)).getStatus(); - Object entity = ((Response) objs.get(0)).getEntity(); - // in case of staus 200 and entity is null send InternalEmptyObject in output. - if (entity == null && status == 200) { - DefaultOutput defaultOutput = new DefaultOutput(status, new InternalEmptyObject()); - defaultOutput.addMetadata(((Response) objs.get(0)).getMetadata()); - objs.set(0, defaultOutput); - } + /** + * Intercepts a message. Interceptors should NOT invoke handleMessage or handleFault on the next interceptor - the interceptor chain will take + * care of this. + * + * @param message input message. + */ + @Override + public void handleMessage(Message message) { + //get the message + MessageContentsList objs = MessageContentsList.getContentsList(message); + if (objs.get(0) instanceof Response) { + //check if response is present but entity inside it is null the set a default entity + int status = ((Response) objs.get(0)).getStatus(); + Object entity = ((Response) objs.get(0)).getEntity(); + // in case of staus 200 and entity is null send InternalEmptyObject in output. + if (entity == null && status == 200) { + DefaultOutput defaultOutput = new DefaultOutput(status, new InternalEmptyObject()); + defaultOutput.addMetadata(((Response) objs.get(0)).getMetadata()); + objs.set(0, defaultOutput); + } + } } - } } diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java index b052c57d10..e65be6d38f 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/interceptors/InternalEmptyObject.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,11 +17,9 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.interceptors; import com.fasterxml.jackson.annotation.JsonAutoDetect; - import java.io.Serializable; /** diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java index b1c818cabb..606a0f7f7c 100644 --- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java +++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/src/main/java/org/openecomp/server/listeners/OnboardingAppStartupListener.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,30 +17,26 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - package org.openecomp.server.listeners; - -import org.openecomp.sdc.common.session.SessionContextProviderFactory; -import org.springframework.web.context.ContextLoaderListener; - import javax.servlet.ServletContextEvent; import javax.servlet.ServletContextListener; +import org.openecomp.sdc.common.session.SessionContextProviderFactory; +import org.springframework.web.context.ContextLoaderListener; public class OnboardingAppStartupListener implements ServletContextListener { - ContextLoaderListener springListener; + ContextLoaderListener springListener; - @Override - public void contextInitialized(ServletContextEvent servletContextEvent) { - SessionContextProviderFactory.getInstance().createInterface().create("onboarding", - "dox"); - springListener = new ContextLoaderListener(); - springListener.initWebApplicationContext(servletContextEvent.getServletContext()); - } + @Override + public void contextInitialized(ServletContextEvent servletContextEvent) { + SessionContextProviderFactory.getInstance().createInterface().create("onboarding", "dox"); + springListener = new ContextLoaderListener(); + springListener.initWebApplicationContext(servletContextEvent.getServletContext()); + } - @Override - public void contextDestroyed(ServletContextEvent servletContextEvent) { - springListener.closeWebApplicationContext(servletContextEvent.getServletContext()); - } + @Override + public void contextDestroyed(ServletContextEvent servletContextEvent) { + springListener.closeWebApplicationContext(servletContextEvent.getServletContext()); + } } |