2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service;
24 import javax.servlet.Filter;
26 import org.onap.aaf.auth.cache.Cache;
27 import org.onap.aaf.auth.dao.CassAccess;
28 import org.onap.aaf.auth.dao.cass.CacheInfoDAO;
29 import org.onap.aaf.auth.dao.hl.Question;
30 import org.onap.aaf.auth.direct.DirectAAFLur;
31 import org.onap.aaf.auth.direct.DirectAAFUserPass;
32 import org.onap.aaf.auth.direct.DirectCertIdentity;
33 import org.onap.aaf.auth.direct.DirectLocatorCreator;
34 import org.onap.aaf.auth.direct.DirectRegistrar;
35 import org.onap.aaf.auth.env.AuthzEnv;
36 import org.onap.aaf.auth.env.AuthzTrans;
37 import org.onap.aaf.auth.env.AuthzTransFilter;
38 import org.onap.aaf.auth.org.OrganizationFactory;
39 import org.onap.aaf.auth.rserv.HttpMethods;
40 import org.onap.aaf.auth.server.AbsService;
41 import org.onap.aaf.auth.server.JettyServiceStarter;
42 import org.onap.aaf.auth.server.Log4JLogIt;
43 import org.onap.aaf.auth.service.api.API_Api;
44 import org.onap.aaf.auth.service.api.API_Approval;
45 import org.onap.aaf.auth.service.api.API_Creds;
46 import org.onap.aaf.auth.service.api.API_Delegate;
47 import org.onap.aaf.auth.service.api.API_History;
48 import org.onap.aaf.auth.service.api.API_Mgmt;
49 import org.onap.aaf.auth.service.api.API_NS;
50 import org.onap.aaf.auth.service.api.API_Perms;
51 import org.onap.aaf.auth.service.api.API_Roles;
52 import org.onap.aaf.auth.service.api.API_User;
53 import org.onap.aaf.auth.service.api.API_UserRole;
54 import org.onap.aaf.auth.service.facade.AuthzFacadeFactory;
55 import org.onap.aaf.auth.service.facade.AuthzFacade_2_0;
56 import org.onap.aaf.auth.service.mapper.Mapper.API;
57 import org.onap.aaf.cadi.CadiException;
58 import org.onap.aaf.cadi.LocatorException;
59 import org.onap.aaf.cadi.PropAccess;
60 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
61 import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator;
62 import org.onap.aaf.cadi.config.Config;
63 import org.onap.aaf.cadi.register.Registrant;
64 import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
65 import org.onap.aaf.cadi.util.FQI;
66 import org.onap.aaf.misc.env.APIException;
67 import org.onap.aaf.misc.env.Data;
68 import org.onap.aaf.misc.env.Env;
70 import com.datastax.driver.core.Cluster;
72 public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
74 private static final String ORGANIZATION = "Organization.";
76 public final Question question;
77 private AuthzFacade_2_0 facade;
78 private AuthzFacade_2_0 facade_XML;
79 private DirectAAFUserPass directAAFUserPass;
80 private final Cluster cluster;
81 //private final OAuthService oauthService;
84 * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
88 * @throws APIException
90 public AAF_Service( final AuthzEnv env) throws Exception {
91 super(env.access(), env);
93 // Initialize Facade for all uses
94 AuthzTrans trans = env.newTrans();
96 cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
98 // Need Question for Security purposes (direct User/Authz Query in Filter)
99 // Start Background Processing
100 question = new Question(trans, cluster, CassAccess.KEYSPACE);
101 question.startTimers(env);
103 DirectCertIdentity.set(question.certDAO());
105 // Have AAFLocator object Create DirectLocators for Location needs
106 AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
108 // Initialize Organizations... otherwise, first pass may miss
109 int org_size = ORGANIZATION.length();
110 for (String n : env.existingStaticSlotNames()) {
111 if (n.startsWith(ORGANIZATION)) {
112 OrganizationFactory.obtain(env, n.substring(org_size));
117 // For direct Introspection needs.
118 //oauthService = new OAuthService(trans, question);
120 facade = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.JSON,question);
121 facade_XML = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.XML,question);
123 directAAFUserPass = new DirectAAFUserPass(trans.env(),question);
125 // Print results and cleanup
126 StringBuilder sb = new StringBuilder();
127 trans.auditTrail(0, sb);
128 if (sb.length()>0)env.init().log(sb);
132 ////////////////////////////////////////////////////////////////////////////
134 // These will always be evaluated first
135 ////////////////////////////////////////////////////////////////////////
136 API_Creds.timeSensitiveInit(env, this, facade,directAAFUserPass);
137 API_Perms.timeSensitiveInit(this, facade);
138 ////////////////////////////////////////////////////////////////////////
140 ////////////////////////////////////////////////////////////////////////
141 API_Creds.init(this, facade);
142 API_UserRole.init(this, facade);
143 API_Roles.init(this, facade);
144 API_Perms.init(this, facade);
145 API_NS.init(this, facade);
146 API_User.init(this, facade);
147 API_Delegate.init(this,facade);
148 API_Approval.init(this, facade);
149 API_History.init(this, facade);
151 ////////////////////////////////////////////////////////////////////////
153 ////////////////////////////////////////////////////////////////////////
154 // There are several APIs around each concept, and it gets a bit too
155 // long in this class to create. The initialization of these Management
156 // APIs have therefore been pushed to StandAlone Classes with static
158 API_Mgmt.init(this, facade);
159 API_Api.init(this, facade);
164 public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
165 final String domain = FQI.reverseDomain(access.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF));
167 Object[] atl=new Object[additionalTafLurs.length+2];
168 atl[0]=new DirectAAFLur(env,question); // Note, this will be assigned by AuthzTransFilter to TrustChecker
169 atl[1]= new BasicHttpTaf(env, directAAFUserPass,
170 domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)),
173 if (additionalTafLurs.length>0) {
174 System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
177 return new Filter[] {
178 new AuthzTransFilter(env,aafCon(),
179 new AAFTrustChecker((Env)env),
182 } catch (NumberFormatException e) {
183 throw new CadiException("Invalid Property information", e);
189 @SuppressWarnings("unchecked")
191 public Registrant<AuthzEnv>[] registrants(final int actualPort) throws CadiException {
192 return new Registrant[] {
193 new DirectRegistrar(access,question.locateDAO, actualPort)
198 public void postStartup(final String hostname, final int port) throws APIException {
200 CacheInfoDAO.startUpdate(env, aafCon().hman(), aafCon().securityInfo().defSS,hostname,port);
201 } catch (CadiException | LocatorException e) {
202 throw new APIException(e);
207 public void destroy() {
209 CacheInfoDAO.stopUpdate();
218 * Setup XML and JSON implementations for each supported Version type
220 * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
221 * to do Versions and Content switches
224 public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
225 Class<?> respCls = facade.mapper().getClass(api);
226 if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
227 String application = applicationJSON(respCls, Config.AAF_DEFAULT_API_VERSION);
229 route(env,meth,path,code,application,"application/json;version="+Config.AAF_DEFAULT_API_VERSION,"*/*");
230 application = applicationXML(respCls, Config.AAF_DEFAULT_API_VERSION);
231 route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version="+Config.AAF_DEFAULT_API_VERSION);
235 * Start up AAF_Service as Jetty Service
237 public static void main(final String[] args) {
239 Log4JLogIt logIt = new Log4JLogIt(args, "authz");
240 PropAccess propAccess = new PropAccess(logIt,args);
243 new JettyServiceStarter<AuthzEnv,AuthzTrans>(
244 new AAF_Service(new AuthzEnv(propAccess)),true)
246 } catch (Exception e) {
249 } catch (Exception e) {