2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.server.filters;
23 import com.fasterxml.jackson.databind.ObjectMapper;
24 import org.onap.sdc.tosca.services.YamlUtil;
25 import org.openecomp.sdc.securityutil.ISessionValidationFilterConfiguration;
26 import org.openecomp.sdc.securityutil.filters.SessionValidationFilter;
27 import org.openecomp.server.configuration.CookieConfig;
28 import org.openecomp.sdc.logging.api.Logger;
29 import org.openecomp.sdc.logging.api.LoggerFactory;
30 import org.openecomp.sdcrests.item.rest.services.catalog.notification.EntryNotConfiguredException;
32 import javax.servlet.http.Cookie;
33 import java.io.FileInputStream;
34 import java.io.IOException;
35 import java.io.InputStream;
36 import java.util.List;
38 import java.util.Objects;
40 public class RestrictionAccessFilter extends SessionValidationFilter {
42 private static final Logger LOGGER = LoggerFactory.getLogger(RestrictionAccessFilter.class);
43 private static final String CONFIG_FILE_PROPERTY = "configuration.yaml";
44 private static final String CONFIG_SECTION = "authCookie";
46 private static class Configuration implements ISessionValidationFilterConfiguration {
47 private static Configuration instance;
48 private String securityKey;
49 private long maxSessionTimeOut;
50 private long sessionIdleTimeOut;
51 private String cookieName;
52 private String redirectURL;
53 private List<String> excludedUrls;
54 private String cookieDomain;
55 private String cookiePath;
56 private boolean isCookieHttpOnly;
59 private Configuration() {
62 String file = Objects.requireNonNull(System.getProperty(CONFIG_FILE_PROPERTY),
63 "Config file location must be specified via system property " + CONFIG_FILE_PROPERTY);
65 Object config = getAuthenticationConfiguration(file);
66 ObjectMapper mapper = new ObjectMapper();
67 CookieConfig cookieConfig = mapper.convertValue(config, CookieConfig.class);
68 this.securityKey = cookieConfig.getSecurityKey();
69 this.maxSessionTimeOut = cookieConfig.getMaxSessionTimeOut();
70 this.sessionIdleTimeOut = cookieConfig.getSessionIdleTimeOut();
71 this.cookieName = cookieConfig.getCookieName();
72 this.redirectURL = cookieConfig.getRedirectURL();
73 this.excludedUrls = cookieConfig.getOnboardingExcludedUrls();
74 this.cookieDomain = cookieConfig.getDomain();
75 this.cookiePath = cookieConfig.getPath();
76 this.isCookieHttpOnly = cookieConfig.isHttpOnly();
78 } catch (Exception e) {
79 LOGGER.warn("Failed to load configuration. ", e);
84 public static Configuration getInstance() {
85 if (instance == null) {
86 instance = new Configuration();
91 private static Object getAuthenticationConfiguration(String file) throws IOException {
93 Map<?, ?> configuration = Objects.requireNonNull(readConfigurationFile(file), "Configuration cannot be empty");
94 Object authenticationConfig = configuration.get(CONFIG_SECTION);
95 if (authenticationConfig == null) {
96 throw new EntryNotConfiguredException(CONFIG_SECTION + " section");
99 return authenticationConfig;
102 private static Map<?, ?> readConfigurationFile(String file) throws IOException {
104 try (InputStream fileInput = new FileInputStream(file)) {
105 YamlUtil yamlUtil = new YamlUtil();
106 return yamlUtil.yamlToMap(fileInput);
111 public String getSecurityKey() {
116 public long getMaxSessionTimeOut() {
117 return maxSessionTimeOut;
121 public long getSessionIdleTimeOut() {
122 return sessionIdleTimeOut;
126 public String getCookieName() {
131 public String getCookieDomain() {
136 public String getCookiePath() {
141 public boolean isCookieHttpOnly() {
142 return isCookieHttpOnly;
146 public String getRedirectURL() {
151 public List<String> getExcludedUrls() {
157 public ISessionValidationFilterConfiguration getFilterConfiguration() {
158 return Configuration.getInstance();
162 protected Cookie addRoleToCookie(Cookie cookie) {
167 protected boolean isRoleValid(Cookie cookie) {