2 * ============LICENSE_START=======================================================
3 * Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
4 * Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
5 * Modifications Copyright (C) 2023 Nordix Foundation.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * SPDX-License-Identifier: Apache-2.0
20 * ============LICENSE_END=========================================================
23 package org.onap.policy.pdp.xacml.application.common.std;
25 import com.att.research.xacml.api.Attribute;
26 import com.att.research.xacml.api.AttributeValue;
27 import com.att.research.xacml.api.DataTypeException;
28 import com.att.research.xacml.api.Identifier;
29 import com.att.research.xacml.api.XACML3;
30 import com.att.research.xacml.api.pip.PIPException;
31 import com.att.research.xacml.api.pip.PIPFinder;
32 import com.att.research.xacml.api.pip.PIPRequest;
33 import com.att.research.xacml.api.pip.PIPResponse;
34 import com.att.research.xacml.std.StdMutableAttribute;
35 import com.att.research.xacml.std.datatypes.DataTypes;
36 import com.att.research.xacml.std.pip.StdMutablePIPResponse;
37 import com.att.research.xacml.std.pip.StdPIPRequest;
38 import com.att.research.xacml.std.pip.engines.StdConfigurableEngine;
39 import jakarta.persistence.EntityManager;
40 import jakarta.persistence.Persistence;
41 import java.math.BigInteger;
42 import java.util.Collection;
43 import java.util.Collections;
44 import java.util.Iterator;
45 import java.util.Properties;
46 import lombok.AccessLevel;
47 import lombok.NoArgsConstructor;
48 import org.onap.policy.pdp.xacml.application.common.ToscaDictionary;
49 import org.slf4j.Logger;
50 import org.slf4j.LoggerFactory;
52 @NoArgsConstructor(access = AccessLevel.PROTECTED)
53 public abstract class StdOnapPip extends StdConfigurableEngine {
54 protected static Logger logger = LoggerFactory.getLogger(StdOnapPip.class);
56 protected static final PIPRequest PIP_REQUEST_ACTOR = new StdPIPRequest(
57 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
58 ToscaDictionary.ID_RESOURCE_GUARD_ACTOR,
59 XACML3.ID_DATATYPE_STRING);
61 protected static final PIPRequest PIP_REQUEST_RECIPE = new StdPIPRequest(
62 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
63 ToscaDictionary.ID_RESOURCE_GUARD_RECIPE,
64 XACML3.ID_DATATYPE_STRING);
66 protected static final PIPRequest PIP_REQUEST_TARGET = new StdPIPRequest(
67 XACML3.ID_ATTRIBUTE_CATEGORY_RESOURCE,
68 ToscaDictionary.ID_RESOURCE_GUARD_TARGETID,
69 XACML3.ID_DATATYPE_STRING);
71 protected Properties properties;
72 protected EntityManager em;
73 protected String issuer;
74 protected boolean shutdown = false;
77 public Collection<PIPRequest> attributesProvided() {
78 return Collections.emptyList();
82 public synchronized void configure(String id, Properties properties) throws PIPException {
84 // This most likely will never get called since configure is called
88 throw new PIPException("Engine is shutdown.");
90 super.configure(id, properties);
91 logger.info("Configuring historyDb PIP {}", properties);
92 this.properties = properties;
94 // Create our entity manager
99 // In case there are any overloaded properties for the JPA
101 var emProperties = new Properties();
102 emProperties.putAll(properties);
105 // Create the entity manager factory
107 em = Persistence.createEntityManagerFactory(
108 properties.getProperty(this.issuer + ".persistenceunit"),
109 emProperties).createEntityManager();
110 } catch (Exception e) {
111 logger.error("Persistence failed {} operations history db", e.getLocalizedMessage(), e);
116 public synchronized void shutdown() {
117 if (this.em != null) {
121 this.shutdown = true;
124 protected String getAttribute(PIPFinder pipFinder, PIPRequest pipRequest) {
126 // Get the actor value
128 var pipResponse = this.getAttribute(pipRequest, pipFinder);
129 if (pipResponse == null) {
130 logger.error("Need actor attribute which is not found");
136 return findFirstAttributeValue(pipResponse);
139 protected PIPResponse getAttribute(PIPRequest pipRequest, PIPFinder pipFinder) {
140 PIPResponse pipResponse = null;
142 pipResponse = pipFinder.getMatchingAttributes(pipRequest, this);
143 if (pipResponse.getStatus() != null && !pipResponse.getStatus().isOk()) {
144 logger.info("get attribute error retrieving {}: {}", pipRequest.getAttributeId(),
145 pipResponse.getStatus());
148 if (pipResponse != null && pipResponse.getAttributes().isEmpty()) {
149 logger.info("No value for {}", pipRequest.getAttributeId());
152 } catch (PIPException ex) {
153 logger.error("PIPException getting subject-id attribute", ex);
158 protected String findFirstAttributeValue(PIPResponse pipResponse) {
159 for (Attribute attribute: pipResponse.getAttributes()) {
160 Iterator<AttributeValue<String>> iterAttributeValues = attribute.findValues(DataTypes.DT_STRING);
161 while (iterAttributeValues.hasNext()) {
162 String value = iterAttributeValues.next().getValue();
171 protected void addIntegerAttribute(StdMutablePIPResponse stdPipResponse, Identifier category,
172 Identifier attributeId, int value, PIPRequest pipRequest) {
173 AttributeValue<BigInteger> attributeValue = null;
175 attributeValue = makeInteger(value);
176 } catch (Exception e) {
177 logger.error("Failed to convert {} to integer", value, e);
179 if (attributeValue != null) {
180 stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
181 pipRequest.getIssuer(), false));
185 protected void addLongAttribute(StdMutablePIPResponse stdPipResponse, Identifier category,
186 Identifier attributeId, long value, PIPRequest pipRequest) {
187 AttributeValue<BigInteger> attributeValue = null;
189 attributeValue = makeLong(value);
190 } catch (Exception e) {
191 logger.error("Failed to convert {} to long", value, e);
193 if (attributeValue != null) {
194 stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
195 pipRequest.getIssuer(), false));
199 protected void addStringAttribute(StdMutablePIPResponse stdPipResponse, Identifier category, Identifier attributeId,
200 String value, PIPRequest pipRequest) {
201 AttributeValue<String> attributeValue = null;
203 attributeValue = makeString(value);
204 } catch (Exception ex) {
205 logger.error("Failed to convert {} to an AttributeValue<String>", value, ex);
207 if (attributeValue != null) {
208 stdPipResponse.addAttribute(new StdMutableAttribute(category, attributeId, attributeValue,
209 pipRequest.getIssuer(), false));
213 // these may be overridden by junit tests
215 protected AttributeValue<BigInteger> makeInteger(int value) throws DataTypeException {
216 return DataTypes.DT_INTEGER.createAttributeValue(value);
219 protected AttributeValue<BigInteger> makeLong(long value) throws DataTypeException {
220 return DataTypes.DT_INTEGER.createAttributeValue(value);
223 protected AttributeValue<String> makeString(String value) throws DataTypeException {
224 return DataTypes.DT_STRING.createAttributeValue(value);