2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.schemaservice.service;
23 import java.io.IOException;
24 import java.io.UnsupportedEncodingException;
25 import java.nio.file.Files;
26 import java.nio.file.Paths;
27 import java.util.Base64;
28 import java.util.HashMap;
30 import java.util.stream.Stream;
32 import javax.annotation.PostConstruct;
34 import org.eclipse.jetty.util.security.Password;
35 import org.onap.aai.schemaservice.Profiles;
36 import org.onap.aai.util.AAIConstants;
37 import org.slf4j.Logger;
38 import org.slf4j.LoggerFactory;
39 import org.springframework.context.annotation.Profile;
40 import org.springframework.stereotype.Service;
42 @Profile(Profiles.ONE_WAY_SSL)
44 public class AuthorizationService {
46 private static final Logger logger = LoggerFactory.getLogger(AuthorizationService.class);
48 private final Map<String, String> authorizedUsers = new HashMap<>();
50 private static final Base64.Encoder ENCODER = Base64.getEncoder();
55 String basicAuthFile = getBasicAuthFilePath();
57 try (Stream<String> stream = Files.lines(Paths.get(basicAuthFile))) {
58 stream.filter(line -> !line.startsWith("#")).forEach(str -> {
61 String usernamePassword = null;
62 String accessType = null;
65 String[] userAccessType = str.split(",");
67 if (userAccessType == null || userAccessType.length != 2) {
68 throw new RuntimeException(
69 "Please check the realm.properties file as it is not conforming to the basic auth");
72 usernamePassword = userAccessType[0];
73 accessType = userAccessType[1];
75 String[] usernamePasswordArray = usernamePassword.split(":");
77 if (usernamePasswordArray == null || usernamePasswordArray.length != 3) {
78 throw new RuntimeException(
79 "This username / pwd is not a valid entry in realm.properties");
82 String username = usernamePasswordArray[0];
83 String password = null;
85 if (str.contains("OBF:")) {
86 password = usernamePasswordArray[1] + ":" + usernamePasswordArray[2];
87 password = Password.deobfuscate(password);
90 bytes = ENCODER.encode((username + ":" + password).getBytes("UTF-8"));
92 authorizedUsers.put(new String(bytes), accessType);
94 } catch (UnsupportedEncodingException e) {
95 logger.error("Unable to support the encoding of the file" + basicAuthFile);
98 authorizedUsers.put(new String(ENCODER.encode(bytes)), accessType);
100 } catch (IOException e) {
101 logger.error("IO Exception occurred during the reading of realm.properties", e);
105 public boolean checkIfUserAuthorized(String authorization) {
106 return authorizedUsers.containsKey(authorization)
107 && "admin".equals(authorizedUsers.get(authorization));
110 public String getBasicAuthFilePath() {
111 return AAIConstants.AAI_HOME_ETC_AUTH + AAIConstants.AAI_FILESEP + "realm.properties";