1 /*******************************************************************************
\r
2 * ============LICENSE_START==================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
25 package org.onap.dmaap.datarouter.authz.impl;
\r
27 import java.util.regex.Matcher;
\r
28 import java.util.regex.Pattern;
\r
30 /** Internal representation of an authorization resource (the entity to which access is being requested). Consists
\r
31 * of a type and an identifier. The constructor takes the request URI from an HTTP request and checks it against
\r
32 * patterns for the the different resource types. In DR R1, there are four resource types:
\r
33 * <li>the feeds collection resource, the target of POST requests to create a new feed and GET requests to list
\r
34 * the existing feeds. This is the root resource for the DR provisioning system, and it has no explicit id.
\r
36 * <li>a feed resource, the target of GET, PUT, and DELETE requests used to manage an existing feed. Each feed
\r
37 * has a unique feed ID.
\r
39 * <li>a subscription collection resource, the target of POST requests to create a new subscription and GET requests
\r
40 * to list the subscriptions for a feed. Each feed has a subscription collection, and the ID associated with a
\r
41 * subscription collection is the ID of the feed.
\r
43 * <li>a subscription resource, the target of GET, PUT, and DELETE requests used to manage an existing subscription.
\r
44 * Each subscription has a unique subscription ID.
\r
47 * @author J. F. Lucas
\r
50 public class AuthzResource {
\r
51 private ResourceType type = null;
\r
52 private String id = "";
\r
54 /* Construct an AuthzResource by matching a request URI against the various patterns */
\r
55 AuthzResource(String requestUri) {
\r
56 if (requestUri != null) {
\r
57 for (ResourceType t : ResourceType.values()) {
\r
58 Matcher match = t.getPattern().matcher(requestUri);
\r
59 if (match.find(0)) {
\r
61 if (match.group("id") != null) {
\r
62 this.id = match.group("id");
\r
70 public ResourceType getType() {
\r
74 public String getId() {
\r
78 /* Enumeration that helps turn a request URI into something more useful for
\r
79 * authorization purposes by given a type name and a pattern for determining if the URI
\r
80 * represents that resource type.
\r
81 * Highly dependent on the URL scheme, could be parameterized.
\r
83 public enum ResourceType {
\r
84 FEEDS_COLLECTION("((://[^/]+/)|(^/))(?<id>)$"),
\r
85 SUBS_COLLECTION("((://[^/]+/)|(^/{0,1}))subscribe/(?<id>[^/]+)$"),
\r
86 FEED("((://[^/]+/)|(^/{0,1}))feed/(?<id>[^/]+)$"),
\r
87 SUB("((://[^/]+/)|(^/{0,1}))subs/(?<id>[^/]+)$");
\r
89 private Pattern uriPattern;
\r
91 ResourceType(String patternString) {
\r
92 this.uriPattern = Pattern.compile(patternString);
\r
95 Pattern getPattern() {
\r
96 return this.uriPattern;
\r