1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.authz.gw;
\r
25 import java.net.HttpURLConnection;
\r
26 import java.util.ArrayList;
\r
27 import java.util.EnumSet;
\r
28 import java.util.List;
\r
29 import java.util.Map;
\r
30 import java.util.Properties;
\r
32 import com.att.aft.dme2.api.DME2Exception;
\r
34 import com.att.aft.dme2.api.DME2Manager;
\r
35 import com.att.aft.dme2.api.DME2Server;
\r
36 import com.att.aft.dme2.api.DME2ServerProperties;
\r
37 import com.att.aft.dme2.api.DME2ServiceHolder;
\r
38 import com.att.aft.dme2.api.util.DME2FilterHolder;
\r
39 import com.att.aft.dme2.api.util.DME2FilterHolder.RequestDispatcherType;
\r
40 import com.att.aft.dme2.api.util.DME2ServletHolder;
\r
41 import com.att.authz.env.AuthzEnv;
\r
42 import com.att.authz.gw.api.API_AAFAccess;
\r
43 import com.att.authz.gw.api.API_Api;
\r
44 import com.att.authz.gw.api.API_Find;
\r
45 import com.att.authz.gw.api.API_Proxy;
\r
46 import com.att.authz.gw.api.API_TGuard;
\r
47 import com.att.authz.gw.facade.GwFacade_1_0;
\r
48 import com.att.authz.gw.mapper.Mapper.API;
\r
49 import com.att.authz.server.AbsServer;
\r
50 import com.att.cache.Cache;
\r
51 import com.att.cache.Cache.Dated;
\r
52 import com.att.cadi.CadiException;
\r
53 //import com.att.cadi.PropAccess;
\r
54 import com.att.cadi.aaf.v2_0.AAFAuthn;
\r
55 import com.att.cadi.aaf.v2_0.AAFLurPerm;
\r
56 import com.att.cadi.config.Config;
\r
57 import com.att.cssa.rserv.HttpMethods;
\r
58 import com.att.inno.env.APIException;
\r
60 public class GwAPI extends AbsServer {
\r
61 private static final String USER_PERMS = "userPerms";
\r
62 private GwFacade_1_0 facade; // this is the default Facade
\r
63 private GwFacade_1_0 facade_1_0_XML;
\r
64 public Map<String, Dated> cacheUser;
\r
65 public final String aafurl;
\r
66 public final AAFAuthn<HttpURLConnection> aafAuthn;
\r
67 public final AAFLurPerm aafLurPerm;
\r
68 public DME2Manager dme2Man;
\r
72 * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
\r
78 * @throws APIException
\r
80 public GwAPI(AuthzEnv env) throws Exception {
\r
81 super(env,"AAF GW");
\r
82 aafurl = env.getProperty(Config.AAF_URL);
\r
85 //env.setLog4JNames("log4j.properties","authz","gw","audit","init","trace");
\r
87 aafLurPerm = aafCon.newLur();
\r
88 // Note: If you need both Authn and Authz construct the following:
\r
89 aafAuthn = aafCon.newAuthn(aafLurPerm);
\r
91 // Initialize Facade for all uses
\r
92 //AuthzTrans trans = env.newTrans();
\r
94 // facade = GwFacadeFactory.v1_0(env,trans,Data.TYPE.JSON); // Default Facade
\r
95 // facade_1_0_XML = GwFacadeFactory.v1_0(env,trans,Data.TYPE.XML);
\r
98 if(cacheUser == null) {
\r
99 cacheUser = Cache.obtain(USER_PERMS);
\r
100 //Cache.startCleansing(env, USER_PERMS);
\r
101 Cache.addShutdownHook(); // Setup Shutdown Hook to close cache
\r
105 ////////////////////////////////////////////////////////////////////////////
\r
107 // These will always be evaluated first
\r
108 ////////////////////////////////////////////////////////////////////////
\r
109 API_AAFAccess.init(this,facade);
\r
110 API_Find.init(this, facade);
\r
111 API_TGuard.init(this, facade);
\r
112 API_Proxy.init(this, facade);
\r
114 ////////////////////////////////////////////////////////////////////////
\r
116 ////////////////////////////////////////////////////////////////////////
\r
117 // There are several APIs around each concept, and it gets a bit too
\r
118 // long in this class to create. The initialization of these Management
\r
119 // APIs have therefore been pushed to StandAlone Classes with static
\r
121 API_Api.init(this, facade);
\r
123 ////////////////////////////////////////////////////////////////////////
\r
124 // Default Function
\r
125 ////////////////////////////////////////////////////////////////////////
\r
126 API_AAFAccess.initDefault(this,facade);
\r
131 * Setup XML and JSON implementations for each supported Version type
\r
133 * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
\r
134 * to do Versions and Content switches
\r
137 public void route(HttpMethods meth, String path, API api, GwCode code) throws Exception {
\r
138 String version = "1.0";
\r
139 // Get Correct API Class from Mapper
\r
140 Class<?> respCls = facade.mapper().getClass(api);
\r
141 if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
\r
142 // setup Application API HTML ContentTypes for JSON and Route
\r
143 String application = applicationJSON(respCls, version);
\r
144 //route(env,meth,path,code,application,"application/json;version="+version,"*/*");
\r
146 // setup Application API HTML ContentTypes for XML and Route
\r
147 application = applicationXML(respCls, version);
\r
148 //route(env,meth,path,code.clone(facade_1_0_XML,false),application,"text/xml;version="+version);
\r
150 // Add other Supported APIs here as created
\r
153 public void routeAll(HttpMethods meth, String path, API api, GwCode code) throws Exception {
\r
154 //route(env,meth,path,code,""); // this will always match
\r
159 * Start up AuthzAPI as DME2 Service
\r
162 * @throws DME2Exception
\r
163 * @throws CadiException
\r
165 public void startDME2(Properties props) throws DME2Exception, CadiException {
\r
167 dme2Man = new DME2Manager("GatewayDME2Manager",props);
\r
169 DME2ServiceHolder svcHolder;
\r
170 List<DME2ServletHolder> slist = new ArrayList<DME2ServletHolder>();
\r
171 svcHolder = new DME2ServiceHolder();
\r
172 String serviceName = env.getProperty("DMEServiceName",null);
\r
173 if(serviceName!=null) {
\r
174 svcHolder.setServiceURI(serviceName);
\r
175 svcHolder.setManager(dme2Man);
\r
176 svcHolder.setContext("/");
\r
180 DME2ServletHolder srvHolder = new DME2ServletHolder(this, new String[] {"/dme2","/api"});
\r
181 srvHolder.setContextPath("/*");
\r
182 slist.add(srvHolder);
\r
184 EnumSet<RequestDispatcherType> edlist = EnumSet.of(
\r
185 RequestDispatcherType.REQUEST,
\r
186 RequestDispatcherType.FORWARD,
\r
187 RequestDispatcherType.ASYNC
\r
190 ///////////////////////
\r
192 ///////////////////////
\r
193 List<DME2FilterHolder> flist = new ArrayList<DME2FilterHolder>();
\r
195 // Leave Login page un secured
\r
196 // AuthzTransOnlyFilter atof = new AuthzTransOnlyFilter(env);
\r
197 // flist.add(new DME2FilterHolder(atof,"/login", edlist));
\r
199 // Secure all other interactions with AuthzTransFilter
\r
200 // flist.add(new DME2FilterHolder(
\r
201 // new AuthzTransFilter(env, aafCon, new AAFTrustChecker(
\r
202 // env.getProperty(Config.CADI_TRUST_PROP, Config.CADI_USER_CHAIN),
\r
203 // Define.ROOT_NS + ".mechid|"+Define.ROOT_COMPANY+"|trust"
\r
208 svcHolder.setFilters(flist);
\r
209 svcHolder.setServletHolders(slist);
\r
211 DME2Server dme2svr = dme2Man.getServer();
\r
212 // dme2svr.setGracefulShutdownTimeMs(1000);
\r
214 // env.init().log("Starting GW Jetty/DME2 server...");
\r
216 DME2ServerProperties dsprops = dme2svr.getServerProperties();
\r
218 // if(env.getProperty("NO_REGISTER",null)!=null)
\r
219 dme2Man.bindService(svcHolder);
\r
220 // env.init().log("DME2 is available as HTTP"+(dsprops.isSslEnable()?"/S":""),"on port:",dsprops.getPort());
\r
222 while(true) { // Per DME2 Examples...
\r
223 Thread.sleep(5000);
\r
225 } catch(InterruptedException e) {
\r
226 // env.init().log("AAF Jetty Server interrupted!");
\r
227 } catch(Exception e) { // Error binding service doesn't seem to stop DME2 or Process
\r
228 // env.init().log(e,"DME2 Initialization Error");
\r
233 //env.init().log("Properties must contain DMEServiceName");
\r
237 public static void main(String[] args) {
\r
238 setup(GwAPI.class,"authGW.props");
\r
241 // public void route(PropAccess env, HttpMethods get, String string, GwCode gwCode, String string2, String string3,
\r
242 // String string4) {
\r
243 // // TODO Auto-generated method stub
\r