2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.aai.config;
22 import org.onap.aaf.cadi.PropAccess;
23 import org.onap.aaf.cadi.filter.CadiFilter;
24 import org.onap.aai.Profiles;
25 import org.onap.aai.TraversalApp;
26 import org.onap.aai.exceptions.AAIException;
27 import org.onap.aai.logging.ErrorLogHelper;
28 import org.springframework.context.annotation.Profile;
29 import org.springframework.core.annotation.Order;
30 import org.springframework.stereotype.Component;
31 import org.springframework.web.filter.OncePerRequestFilter;
33 import javax.servlet.FilterChain;
34 import javax.servlet.ServletException;
35 import javax.servlet.http.HttpServletRequest;
36 import javax.servlet.http.HttpServletResponse;
37 import javax.ws.rs.core.MediaType;
38 import java.io.IOException;
39 import java.util.ArrayList;
40 import java.util.Collections;
41 import java.util.Properties;
44 * AAF authentication filter
49 @Profile(Profiles.AAF_AUTHENTICATION)
50 public class AafFilter extends OncePerRequestFilter {
52 private static final String ACCEPT_HEADER = "accept";
53 private final CadiFilter cadiFilter;
55 public AafFilter() throws IOException, ServletException {
56 Properties cadiProperties = new Properties();
57 cadiProperties.load(TraversalApp.class.getClassLoader().getResourceAsStream("cadi.properties"));
58 cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
62 protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
63 cadiFilter.doFilter(request, response, filterChain);
64 if(response.getStatus() >=400 && response.getStatus() < 500){
65 errorResponse(request, response);
69 private void errorResponse(HttpServletRequest request, HttpServletResponse response) throws IOException {
70 String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_XML : request.getHeader(ACCEPT_HEADER);
71 AAIException aaie = new AAIException("AAI_3300");
72 response.setStatus(aaie.getErrorObject().getHTTPResponseCode().getStatusCode());
73 response.getWriter().write(ErrorLogHelper.getRESTAPIErrorResponse(Collections.singletonList(MediaType.valueOf(accept)), aaie, new ArrayList<>()));
74 response.getWriter().flush();
75 response.getWriter().close();