2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.dmaap.dbcapi.resources;
22 import com.fasterxml.jackson.core.JsonProcessingException;
23 import com.fasterxml.jackson.databind.ObjectMapper;
24 import java.io.FileInputStream;
25 import java.io.IOException;
26 import java.util.Properties;
27 import javax.servlet.Filter;
28 import javax.servlet.FilterChain;
29 import javax.servlet.FilterConfig;
30 import javax.servlet.ServletException;
31 import javax.servlet.ServletRequest;
32 import javax.servlet.ServletResponse;
33 import javax.servlet.http.HttpServletResponse;
34 import org.eclipse.jetty.http.HttpStatus;
35 import org.onap.aaf.cadi.PropAccess;
36 import org.onap.aaf.cadi.filter.CadiFilter;
37 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
38 import org.onap.dmaap.dbcapi.model.ApiError;
39 import org.onap.dmaap.dbcapi.util.DmaapConfig;
41 public class AAFAuthenticationFilter extends BaseLoggingClass implements Filter{
43 static final String CADI_PROPERTIES = "cadi.properties";
44 static final String CADI_AUTHN_FLAG = "enableCADI";
46 private boolean isCadiEnabled;
47 private CadiFilter cadiFilter;
50 public void init(FilterConfig filterConfig) throws ServletException {
51 DmaapConfig dmaapConfig = getConfig();
52 String flag = dmaapConfig.getProperty(CADI_AUTHN_FLAG, "false");
53 isCadiEnabled = "true".equalsIgnoreCase(flag);
54 initCadi(dmaapConfig);
59 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
60 throws IOException, ServletException {
63 cadiFilter.doFilter(servletRequest, servletResponse, filterChain);
64 updateResponseBody((HttpServletResponse)servletResponse);
66 filterChain.doFilter(servletRequest, servletResponse);
70 private void updateResponseBody(HttpServletResponse httpResponse)
72 if(httpResponse.getStatus() == 401) {
73 String errorMsg = "invalid or no credentials provided";
74 errorLogger.error(errorMsg);
75 httpResponse.setContentType("application/json");
76 httpResponse.setCharacterEncoding("UTF-8");
77 httpResponse.getWriter().print(buildErrorResponse(errorMsg));
78 httpResponse.getWriter().flush();
82 private String buildErrorResponse(String msg) {
84 return new ObjectMapper().writeValueAsString(new ApiError(HttpStatus.UNAUTHORIZED_401, msg, "Authentication"));
85 } catch (JsonProcessingException e) {
86 logger.warn("Could not serialize response entity: " + e.getMessage());
93 public void destroy() {
97 private void initCadi(DmaapConfig dmaapConfig) throws ServletException {
100 String cadiPropertiesFile = dmaapConfig.getProperty(CADI_PROPERTIES);
101 if(cadiPropertiesFile != null && !cadiPropertiesFile.isEmpty()) {
102 cadiFilter = new CadiFilter(loadCadiProperties(cadiPropertiesFile));
104 throw new ServletException("Cannot initialize CADI filter.CADI properties not available.");
106 } catch (ServletException e) {
107 errorLogger.error("CADI init error :" + e.getMessage());
113 private PropAccess loadCadiProperties(String propertiesFilePath) throws ServletException {
115 Properties props = new Properties();
116 props.load(new FileInputStream(propertiesFilePath));
117 return new PropAccess(props);
118 } catch (IOException e) {
119 String msg = "Could not load CADI properties file: " + propertiesFilePath;
120 errorLogger.error(msg, e);
121 throw new ServletException(msg);
125 DmaapConfig getConfig() {
126 return (DmaapConfig) DmaapConfig.getConfig();
130 CadiFilter getCadiFilter() {
134 void setCadiFilter(CadiFilter cadiFilter) {
135 this.cadiFilter = cadiFilter;
138 boolean isCadiEnabled() {
139 return isCadiEnabled;