2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.openecomp.sdc.be.filters;
22 import java.io.IOException;
23 import java.util.function.Supplier;
24 import javax.annotation.Priority;
25 import javax.servlet.FilterChain;
26 import javax.servlet.FilterConfig;
27 import javax.servlet.ServletContext;
28 import javax.servlet.ServletException;
29 import javax.servlet.ServletRequest;
30 import javax.servlet.ServletResponse;
31 import javax.servlet.http.HttpServletRequest;
32 import org.onap.aaf.cadi.Access;
33 import org.onap.aaf.cadi.PropAccess;
34 import org.onap.aaf.cadi.config.Config;
35 import org.onap.aaf.cadi.filter.CadiFilter;
36 import org.openecomp.sdc.be.components.impl.CADIHealthCheck;
37 import org.openecomp.sdc.be.config.CadiFilterParams;
38 import org.openecomp.sdc.be.config.ConfigurationManager;
39 import org.openecomp.sdc.be.impl.WebAppContextWrapper;
40 import org.openecomp.sdc.common.api.Constants;
41 import org.openecomp.sdc.common.api.HealthCheckInfo;
42 import org.openecomp.sdc.common.log.wrappers.Logger;
43 import org.openecomp.sdc.common.util.ThreadLocalsHolder;
44 import org.springframework.web.context.WebApplicationContext;
47 public class BeCadiServletFilter extends CadiFilter {
49 private static final Logger log = Logger.getLogger(BeCadiServletFilter.class);
50 private static final String BE_CADI_SERVICE_FILTER = "BeCadiServletFilter: ";
51 private ConfigurationManager configurationManager = ConfigurationManager.getConfigurationManager();
53 public BeCadiServletFilter() {
55 log.debug(BE_CADI_SERVICE_FILTER);
59 * This constructor to be used when directly constructing and placing in HTTP Engine
63 * @throws ServletException
65 public BeCadiServletFilter(Access access, Object... moreTafLurs) throws ServletException {
66 super(access, moreTafLurs);
67 log.debug(BE_CADI_SERVICE_FILTER);
71 * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it
76 * @throws ServletException
78 public BeCadiServletFilter(boolean init, PropAccess access, Object... moreTafLurs) throws ServletException {
79 super(init, access, moreTafLurs);
80 log.debug(BE_CADI_SERVICE_FILTER);
83 private void checkIfNullProperty(String key, String value) {
84 /* When value is null, so not defined in application.properties
85 set nothing in System properties */
87 /* Ensure that any properties already defined in System.prop by JVM params
88 won't be overwritten by Spring application.properties values */
89 System.setProperty(key, System.getProperty(key, value));
94 public void init(FilterConfig filterConfig) throws ServletException {
95 // set some properties in System so that Cadi filter will find its config
97 // The JVM values set will always overwrite the Spring ones.
98 CadiFilterParams cadiFilterParams = configurationManager.getConfiguration().getCadiFilterParams();
99 checkIfNullProperty(Config.HOSTNAME, cadiFilterParams.getHostname());
100 log.debug("BeCadiServletFilter: HOSTNAME", cadiFilterParams.getHostname());
101 checkIfNullProperty(Config.CADI_KEYFILE, cadiFilterParams.getCadi_keyfile());
102 checkIfNullProperty(Config.CADI_LOGLEVEL, cadiFilterParams.getCadi_loglevel());
103 checkIfNullProperty(Config.CADI_LATITUDE, cadiFilterParams.getAFT_LATITUDE());
104 checkIfNullProperty(Config.CADI_LONGITUDE, cadiFilterParams.getAFT_LONGITUDE());
105 checkIfNullProperty(Config.AAF_URL, cadiFilterParams.getAaf_url());
106 //checkIfNullProperty(Config.AAF_LOCATE_URL, cadiFilterParams.getAafLocateUrl());
107 checkIfNullProperty(Config.AAF_APPID, cadiFilterParams.getAaf_id());
108 checkIfNullProperty(Config.AAF_APPPASS, cadiFilterParams.getAaf_password());
109 checkIfNullProperty(Config.AAF_ENV, cadiFilterParams.getAFT_ENVIRONMENT());
110 checkIfNullProperty(Config.CADI_X509_ISSUERS, cadiFilterParams.getCadiX509Issuers());
111 checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiFilterParams.getCadi_truststore());
112 checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiFilterParams.getCadi_truststore_password());
113 super.init(filterConfig);
114 log.debug("BeCadiServletFilter finishing init(), Current status of CADI would be UP");
116 CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.DOWN);
118 CADIHealthCheck.getCADIHealthCheckInstance().setIsCADIUp(HealthCheckInfo.HealthCheckStatus.UP);
123 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
124 if (ThreadLocalsHolder.isExternalRequest() && isNeedAuth()) {
125 log.debug("doFilter: {}", request.getContentType());
126 HttpServletRequest hreq = (HttpServletRequest) request;
127 log.debug("Need aaf authentication : {}", hreq);
128 ThreadLocalUtils threadLocalUtils = getThreadLocalUtils(((HttpServletRequest) request).getSession().getServletContext());
129 threadLocalUtils.setUserContext((HttpServletRequest) request);
130 super.doFilter(request, response, chain);
132 log.debug("No need aaf authentication");
133 chain.doFilter(request, response);
137 private boolean isNeedAuth() {
138 return configurationManager.getConfiguration().getAafAuthNeeded();
141 ThreadLocalUtils getThreadLocalUtils(ServletContext context) {
142 return getClassFromWebAppContext(context, () -> ThreadLocalUtils.class);
145 <T> T getClassFromWebAppContext(ServletContext context, Supplier<Class<T>> businessLogicClassGen) {
146 WebAppContextWrapper webApplicationContextWrapper = (WebAppContextWrapper) context
147 .getAttribute(Constants.WEB_APPLICATION_CONTEXT_WRAPPER_ATTR);
148 WebApplicationContext webApplicationContext = webApplicationContextWrapper.getWebAppContext(context);
149 return webApplicationContext.getBean(businessLogicClassGen.get());