1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.authz.gw.facade;
\r
26 import static com.att.authz.layer.Result.ERR_ActionNotCompleted;
\r
27 import static com.att.authz.layer.Result.ERR_BadData;
\r
28 import static com.att.authz.layer.Result.ERR_ConflictAlreadyExists;
\r
29 import static com.att.authz.layer.Result.ERR_Denied;
\r
30 import static com.att.authz.layer.Result.ERR_NotFound;
\r
31 import static com.att.authz.layer.Result.ERR_NotImplemented;
\r
32 import static com.att.authz.layer.Result.ERR_Policy;
\r
33 import static com.att.authz.layer.Result.ERR_Security;
\r
35 import java.lang.reflect.Method;
\r
37 import javax.servlet.http.HttpServletResponse;
\r
39 import com.att.authz.env.AuthzEnv;
\r
40 import com.att.authz.env.AuthzTrans;
\r
41 import com.att.authz.gw.mapper.Mapper;
\r
42 import com.att.authz.gw.mapper.Mapper.API;
\r
43 import com.att.authz.gw.service.GwService;
\r
44 import com.att.authz.gw.service.GwServiceImpl;
\r
45 import com.att.authz.layer.FacadeImpl;
\r
46 import com.att.authz.layer.Result;
\r
47 import com.att.cadi.aaf.client.Examples;
\r
48 import com.att.cssa.rserv.RServlet;
\r
49 import com.att.cssa.rserv.RouteReport;
\r
50 import com.att.cssa.rserv.doc.ApiDoc;
\r
51 import com.att.inno.env.APIException;
\r
52 import com.att.inno.env.Data;
\r
53 import com.att.inno.env.Data.TYPE;
\r
54 import com.att.inno.env.Env;
\r
55 import com.att.inno.env.TimeTaken;
\r
56 import com.att.rosetta.env.RosettaDF;
\r
63 * This Service Facade encapsulates the essence of the API Service can do, and provides
\r
64 * a single created object for elements such as RosettaDF.
\r
66 * The Responsibilities of this class are to:
\r
67 * 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)
\r
68 * 2) Validate incoming data (if applicable)
\r
69 * 3) Convert the Service response into the right Format, and mark the Content Type
\r
70 * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
\r
71 * 4) Log Service info, warnings and exceptions as necessary
\r
72 * 5) When asked by the API layer, this will create and write Error content to the OutputStream
\r
74 * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be
\r
75 * clearly coordinated with the API Documentation
\r
79 public abstract class GwFacadeImpl<IN,OUT,ERROR> extends FacadeImpl implements GwFacade
\r
81 private GwService<IN,OUT,ERROR> service;
\r
83 private final RosettaDF<ERROR> errDF;
\r
84 private final RosettaDF<Api> apiDF;
\r
86 public GwFacadeImpl(AuthzEnv env, GwService<IN,OUT,ERROR> service, Data.TYPE dataType) throws APIException {
\r
87 this.service = service;
\r
88 (errDF = env.newDataFactory(mapper().getClass(API.ERROR))).in(dataType).out(dataType);
\r
89 (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);
\r
92 public Mapper<IN,OUT,ERROR> mapper() {
\r
93 return service.mapper();
\r
97 * @see com.att.authz.facade.AuthzFacade#error(com.att.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
\r
99 * Note: Conforms to AT&T TSS RESTful Error Structure
\r
102 public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
\r
103 String msg = result.details==null?"":result.details.trim();
\r
105 if(result.variables==null) {
\r
106 detail = new String[1];
\r
108 int l = result.variables.length;
\r
109 detail=new String[l+1];
\r
110 System.arraycopy(result.variables, 0, detail, 1, l);
\r
112 error(trans, response, result.status,msg,detail);
\r
116 public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... _detail) {
\r
117 String[] detail = _detail;
\r
118 if(detail.length==0) {
\r
119 detail=new String[1];
\r
124 case ERR_ActionNotCompleted:
\r
126 detail[0] = "Accepted, Action not complete";
\r
127 response.setStatus(/*httpstatus=*/202);
\r
135 detail[0] = "Forbidden";
\r
136 response.setStatus(/*httpstatus=*/403);
\r
142 detail[0] = "Not Found";
\r
143 response.setStatus(/*httpstatus=*/404);
\r
149 detail[0] = "Not Acceptable";
\r
150 response.setStatus(/*httpstatus=*/406);
\r
154 case ERR_ConflictAlreadyExists:
\r
156 detail[0] = "Conflict Already Exists";
\r
157 response.setStatus(/*httpstatus=*/409);
\r
161 case ERR_NotImplemented:
\r
163 detail[0] = "Not Implemented";
\r
164 response.setStatus(/*httpstatus=*/501);
\r
170 detail[0] = "General Service Error";
\r
171 response.setStatus(/*httpstatus=*/500);
\r
176 StringBuilder holder = new StringBuilder();
\r
177 errDF.newData(trans).load(
\r
178 mapper().errorFromMessage(holder,msgId,msg,detail)).to(response.getOutputStream());
\r
185 } catch (Exception e) {
\r
186 trans.error().log(e,"unable to send response for",msg);
\r
191 * @see com.att.authz.facade.AuthzFacade#getAPI(com.att.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse)
\r
193 public final static String API_REPORT = "apiReport";
\r
195 public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {
\r
196 TimeTaken tt = trans.start(API_REPORT, Env.SUB);
\r
198 Api api = new Api();
\r
200 Method[] meths = GwServiceImpl.class.getDeclaredMethods();
\r
201 for(RouteReport rr : rservlet.routeReport()) {
\r
202 api.getRoute().add(ar = new Api.Route());
\r
203 ar.setMeth(rr.meth.name());
\r
204 ar.setPath(rr.path);
\r
205 ar.setDesc(rr.desc);
\r
206 ar.getContentType().addAll(rr.contextTypes);
\r
207 for(Method m : meths) {
\r
209 if((ad = m.getAnnotation(ApiDoc.class))!=null &&
\r
210 rr.meth.equals(ad.method()) &&
\r
211 rr.path.equals(ad.path())) {
\r
212 for(String param : ad.params()) {
\r
213 ar.getParam().add(param);
\r
215 for(String text : ad.text()) {
\r
216 ar.getComments().add(text);
\r
218 ar.setExpected(ad.expectedCode());
\r
219 for(int ec : ad.errorCodes()) {
\r
220 ar.getExplicitErr().add(ec);
\r
225 apiDF.newData(trans).load(api).to(resp.getOutputStream());
\r
226 setContentType(resp,apiDF.getOutType());
\r
227 return Result.ok();
\r
229 } catch (Exception e) {
\r
230 trans.error().log(e,IN,API_REPORT);
\r
231 return Result.err(e);
\r
237 public final static String API_EXAMPLE = "apiExample";
\r
239 * @see com.att.authz.facade.AuthzFacade#getAPIExample(com.att.authz.env.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
\r
242 public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {
\r
243 TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
\r
245 String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
\r
246 resp.getOutputStream().print(content);
\r
247 setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
\r
248 return Result.ok();
\r
249 } catch (Exception e) {
\r
250 trans.error().log(e,IN,API_EXAMPLE);
\r
251 return Result.err(Result.ERR_NotImplemented,e.getMessage());
\r
Code Review / aaf / authz.git / blob