aboutsummaryrefslogtreecommitdiffstats
path: root/dcae_dmaapbc_webapp
diff options
context:
space:
mode:
authorChristopher Lott (cl778h) <clott@research.att.com>2017-08-07 22:16:19 -0400
committerChristopher Lott (cl778h) <clott@research.att.com>2017-08-08 08:21:20 -0400
commit86791ecce0f90ffa8ea9d6af6d3d64707659591e (patch)
treef2bda17b9d9f666354bd860c5307119221ec2b18 /dcae_dmaapbc_webapp
parent81c59de17a247cb11be105069d78e690f2cbd72c (diff)
Revise LoginStrategyImpl for property
Fetch the decryption key from the system.properties file, not the portal.properties file. Also add logging to debug problems that were blocking successful single sign-on from the portal. Change-Id: I7991aa0f5f9cb76d348d2046582133603d17b2ba Signed-off-by: Christopher Lott (cl778h) <clott@research.att.com>
Diffstat (limited to 'dcae_dmaapbc_webapp')
-rw-r--r--dcae_dmaapbc_webapp/dbca-os/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java66
1 files changed, 43 insertions, 23 deletions
diff --git a/dcae_dmaapbc_webapp/dbca-os/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java b/dcae_dmaapbc_webapp/dbca-os/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java
index adece58..270e69f 100644
--- a/dcae_dmaapbc_webapp/dbca-os/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java
+++ b/dcae_dmaapbc_webapp/dbca-os/src/main/java/org/openecomp/portalapp/login/LoginStrategyImpl.java
@@ -28,25 +28,34 @@ import org.openecomp.portalsdk.core.auth.LoginStrategy;
import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
-import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties;
+import org.openecomp.portalsdk.core.util.SystemProperties;
import org.springframework.web.servlet.ModelAndView;
+/**
+ * Implements basic single-signon login strategy for open-source applications
+ * when users start at Portal. Extracts an encrypted user ID sent by Portal.
+ */
public class LoginStrategyImpl extends LoginStrategy {
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginStrategyImpl.class);
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginStrategyImpl.class);
+ /**
+ * login for open source is same as external login in the non-open-source
+ * version.
+ */
@Override
public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
- // 'login' for opensource is same as 'external' login.
return doExternalLogin(request, response);
}
@Override
public String getUserId(HttpServletRequest request) throws PortalAPIException {
// Check ECOMP Portal cookie
- if (!isLoginCookieExist(request))
+ Cookie ep = getCookie(request, EP_SERVICE);
+ if (ep == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "getUserId: no EP_SERVICE cookie, returning null");
return null;
+ }
String userid = null;
try {
@@ -57,34 +66,45 @@ public class LoginStrategyImpl extends LoginStrategy {
return userid;
}
- private static String getUserIdFromCookie(HttpServletRequest request) throws Exception {
+ /**
+ * Searches the request for the user-ID cookie and decrypts the value using a
+ * key configured in properties
+ *
+ * @param request
+ * HttpServletRequest
+ * @return User ID
+ * @throws Exception
+ * On any failure
+ */
+ private String getUserIdFromCookie(HttpServletRequest request) throws Exception {
String userId = "";
- Cookie[] cookies = request.getCookies();
- Cookie userIdcookie = null;
- if (cookies != null)
- for (Cookie cookie : cookies)
- if (cookie.getName().equals(USER_ID))
- userIdcookie = cookie;
- if (userIdcookie != null) {
- userId = CipherUtil.decrypt(userIdcookie.getValue(),
- PortalApiProperties.getProperty(PortalApiConstants.Decryption_Key));
+ Cookie userIdCookie = getCookie(request, USER_ID);
+ if (userIdCookie != null) {
+ final String cookieValue = userIdCookie.getValue();
+ if (!SystemProperties.containsProperty(SystemProperties.Decryption_Key))
+ throw new Exception("Failed to find property " + SystemProperties.Decryption_Key);
+ final String decryptionKey = SystemProperties.getProperty(SystemProperties.Decryption_Key);
+ userId = CipherUtil.decrypt(cookieValue, decryptionKey);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getUserIdFromCookie: decrypted as {}", userId);
}
return userId;
-
}
- private static boolean isLoginCookieExist(HttpServletRequest request) {
- Cookie ep = getCookie(request, EP_SERVICE);
- return (ep != null);
- }
-
- private static Cookie getCookie(HttpServletRequest request, String cookieName) {
+ /**
+ * Searches the request for the named cookie.
+ *
+ * @param request
+ * HttpServletRequest
+ * @param cookieName
+ * Name of desired cookie
+ * @return Cookie if found; otherwise null.
+ */
+ private Cookie getCookie(HttpServletRequest request, String cookieName) {
Cookie[] cookies = request.getCookies();
if (cookies != null)
for (Cookie cookie : cookies)
if (cookie.getName().equals(cookieName))
return cookie;
-
return null;
}