authz-core/src/main/java/com/att/authz/server/AbsServer.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aai\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * Copyright © 2017 Amdocs\r
   7  * * ===========================================================================\r
   8  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   9  * * you may not use this file except in compliance with the License.\r
  10  * * You may obtain a copy of the License at\r
  11  * * \r
  12  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  13  * * \r
  14  *  * Unless required by applicable law or agreed to in writing, software\r
  15  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  16  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  17  * * See the License for the specific language governing permissions and\r
  18  * * limitations under the License.\r
  19  * * ============LICENSE_END====================================================\r
  20  * *\r
  21  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  22  * *\r
  23  ******************************************************************************/\r
  24 package com.att.authz.server;\r
  25 \r
  26 import java.io.IOException;\r
  27 import java.io.InputStream;\r
  28 import java.lang.reflect.Constructor;\r
  29 import java.net.URL;\r
  30 import java.security.GeneralSecurityException;\r
  31 import java.security.Principal;\r
  32 import java.util.Properties;\r
  33 \r
  34 import javax.net.ssl.SSLContext;\r
  35 import javax.net.ssl.SSLSocketFactory;\r
  36 \r
  37 import com.att.authz.common.Define;\r
  38 import com.att.authz.env.AuthzEnv;\r
  39 import com.att.authz.env.AuthzTrans;\r
  40 import com.att.cadi.CadiException;\r
  41 import com.att.cadi.LocatorException;\r
  42 //import com.att.cadi.PropAccess;\r
  43 import com.att.cadi.aaf.v2_0.AAFConHttp;\r
  44 import com.att.cadi.client.Rcli;\r
  45 import com.att.cadi.client.Retryable;\r
  46 import com.att.cadi.config.Config;\r
  47 import com.att.cadi.http.HTransferSS;\r
  48 import com.att.cssa.rserv.RServlet;\r
  49 import com.att.inno.env.APIException;\r
  50 \r
  51 public abstract class AbsServer extends RServlet<AuthzTrans> {\r
  52         private static final String AAF_API_VERSION = "2.0";\r
  53         public final String app;\r
  54         public final AuthzEnv env;\r
  55         public AAFConHttp aafCon;\r
  56 \r
  57     public AbsServer(final AuthzEnv env, final String app) throws CadiException, GeneralSecurityException, IOException {\r
  58         this.env = env;\r
  59         this.app = app;\r
  60         if(env.getProperty(Config.AAF_URL)!=null) {\r
  61                 //aafCon = new AAFConHttp(env);\r
  62         }\r
  63     }\r
  64     \r
  65     // This is a method, so we can overload for AAFAPI\r
  66     public String aaf_url() {\r
  67         return env.getProperty(Config.AAF_URL);\r
  68     }\r
  69     \r
  70         public abstract void startDME2(Properties props) throws Exception;\r
  71         public static void setup(Class<?> abss, String propFile) {\r
  72 \r
  73                 try {\r
  74                         // Load Properties from authFramework.properties.  Needed for DME2 and AuthzEnv\r
  75                         Properties props = new Properties();\r
  76                         URL rsrc = ClassLoader.getSystemResource(propFile);\r
  77                         if(rsrc==null) {\r
  78                                 System.err.println("Folder containing " + propFile + " must be on Classpath");\r
  79                                 System.exit(1);\r
  80                         }\r
  81 \r
  82                         InputStream is = rsrc.openStream();\r
  83                         try {\r
  84                                 props.load(is);\r
  85                         } finally {\r
  86                                 is.close();\r
  87                                 is=null;\r
  88                         }\r
  89 \r
  90                         // Load Properties into AuthzEnv\r
  91                         AuthzEnv env = new AuthzEnv(props);\r
  92                         // Log where Config found\r
  93                         env.init().log("Configuring from",rsrc.getPath());\r
  94                         rsrc = null;\r
  95                         \r
  96                         // Print Cipher Suites Available\r
  97                         if(env.debug().isLoggable()) {\r
  98                                 SSLContext context = SSLContext.getDefault();\r
  99                                 SSLSocketFactory sf = context.getSocketFactory();\r
 100                                 StringBuilder sb = new StringBuilder("Available Cipher Suites: ");\r
 101                                 boolean first = true;\r
 102                                 int count=0;\r
 103                                 for( String cs : sf.getSupportedCipherSuites()) {\r
 104                                         if(first)first = false;\r
 105                                         else sb.append(',');\r
 106                                         sb.append(cs);\r
 107                                         if(++count%4==0){sb.append('\n');}\r
 108                                 }\r
 109                                 env.debug().log(sb);\r
 110                         }\r
 111 \r
 112                         // Set ROOT NS, etc\r
 113                         Define.set(env);\r
 114 \r
 115                         // Convert CADI properties and Encrypted Passwords for these two properties (if exist) \r
 116                         // to DME2 Readable.  Further, Discovery Props are loaded to System if missing.\r
 117                         // May be causing client errors\r
 118                         //Config.cadiToDME2(env,props);\r
 119                         env.init().log("DME2 ServiceName: " + env.getProperty("DMEServiceName","unknown"));\r
 120 \r
 121                         // Construct with Env\r
 122                         Constructor<?> cons = abss.getConstructor(new Class<?>[] {AuthzEnv.class});\r
 123                         // Start DME2 (DME2 needs Properties form of props)\r
 124                         AbsServer s = (AbsServer)cons.newInstance(env);\r
 125                         \r
 126                         // Schedule removal of Clear Text Passwords from System Props (DME2 Requirement) \r
 127 //                      new Timer("PassRemove").schedule(tt, 120000);\r
 128 //                      tt=null;\r
 129                         \r
 130                         s.startDME2(props);\r
 131                 } catch (Exception e) {\r
 132                         e.printStackTrace(System.err);\r
 133                         System.exit(1);\r
 134                 }\r
 135         }\r
 136         \r
 137         public Rcli<?> client() throws CadiException {\r
 138                 return aafCon.client(AAF_API_VERSION);\r
 139         }\r
 140 \r
 141         public Rcli<?> clientAsUser(Principal p) throws CadiException {\r
 142                 return aafCon.client(AAF_API_VERSION).forUser(\r
 143                                 new HTransferSS(p,app, aafCon.securityInfo()));\r
 144         }\r
 145 \r
 146         public<RET> RET clientAsUser(Principal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException  {\r
 147                         return aafCon.hman().best(new HTransferSS(p,app, aafCon.securityInfo()), retryable);\r
 148         }\r
 149 \r
 150 }\r