2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.oauth.service;
24 import java.util.List;
27 import org.onap.aaf.auth.dao.cass.PermDAO;
28 import org.onap.aaf.auth.dao.hl.Question;
29 import org.onap.aaf.auth.env.AuthzTrans;
30 import org.onap.aaf.auth.layer.Result;
31 import org.onap.aaf.cadi.CadiException;
32 import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
33 import org.onap.aaf.cadi.client.Future;
34 import org.onap.aaf.cadi.client.Rcli;
35 import org.onap.aaf.cadi.config.Config;
36 import org.onap.aaf.misc.env.APIException;
37 import org.onap.aaf.misc.env.Env;
38 import org.onap.aaf.misc.env.TimeTaken;
40 public class JSONPermLoaderFactory {
42 * Load JSON Perms from AAF Service (Remotely)
47 public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) {
48 return new JSONPermLoader() {
49 public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
50 Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION,trans.getUserPrincipal());
51 StringBuilder pathinfo = new StringBuilder("/authz/perms/user/");
52 pathinfo.append(user);
53 pathinfo.append("?scopes=");
55 for (String s : scopes) {
63 TimeTaken tt = trans.start("Call AAF Service", Env.REMOTE);
65 Future<String> fs = c.read(pathinfo.toString(), "application/Perms+json;charset=utf-8;version=2.0");
66 if (fs.get(timeout)) {
67 return Result.ok(fs.body());
68 } else if (fs.code()==404) {
69 return Result.err(Result.ERR_NotFound,fs.body());
71 return Result.err(Result.ERR_Backend,"Error accessing AAF %s: %s",Integer.toString(fs.code()),fs.body());
79 public static JSONPermLoader direct(final Question question) {
80 return new JSONPermLoader() {
81 public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
82 TimeTaken tt = trans.start("Cached DB Perm lookup", Env.SUB);
83 Result<List<PermDAO.Data>> pd;
85 pd = question.getPermsByUser(trans, user, false);
90 return Result.err(pd);
92 // Since we know it is
93 StringBuilder sb = new StringBuilder("{\"perm\":[");
95 for (PermDAO.Data d : pd.value) {
96 if (scopes.contains(d.ns)) {
102 sb.append("{\"ns\":\"");
104 sb.append("\",\"type\":\"");
106 sb.append("\",\"instance\":\"");
107 sb.append(d.instance);
108 sb.append("\",\"action\":\"");
114 return Result.ok(sb.toString());