2 * ============LICENSE_START=======================================================
3 * ONAP : ccsdk features
4 * ================================================================================
5 * Copyright (C) 2020 highstreet technologies GmbH Intellectual Property.
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
22 package org.onap.ccsdk.features.sdnr.wt.dataprovider.http;
24 import java.io.IOException;
25 import java.nio.charset.StandardCharsets;
26 import java.util.Base64;
27 import java.util.regex.Matcher;
28 import java.util.regex.Pattern;
29 import javax.servlet.Servlet;
30 import javax.servlet.ServletException;
31 import javax.servlet.http.HttpServlet;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34 import org.json.JSONObject;
35 import org.onap.ccsdk.features.sdnr.wt.common.http.BaseHTTPClient;
36 import org.onap.ccsdk.features.sdnr.wt.dataprovider.model.HtUserdataManager;
37 import org.osgi.service.component.annotations.Component;
38 import org.osgi.service.http.whiteboard.propertytypes.HttpWhiteboardServletName;
39 import org.osgi.service.http.whiteboard.propertytypes.HttpWhiteboardServletPattern;
40 import org.slf4j.Logger;
41 import org.slf4j.LoggerFactory;
43 @HttpWhiteboardServletPattern({"/userdata","/userdata/*"})
44 @HttpWhiteboardServletName("UserdataHttpServlet")
45 @Component(service = Servlet.class)
46 public class UserdataHttpServlet extends HttpServlet {
48 private static final long serialVersionUID = 1L;
49 private static final Logger LOG = LoggerFactory.getLogger(UserdataHttpServlet.class);
50 private static final String REGEX = "^\\/userdata[\\/]?([a-zA-Z0-9\\.]+)?$";
51 private static final Pattern PATTERN = Pattern.compile(REGEX);
52 private static final String JWT_PAYLOAD_USERNAME_PROPERTYKEY = "sub";
53 private static HtUserdataManager dbUserManager;
56 protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
57 final String uri = req.getRequestURI();
58 final Matcher matcher = PATTERN.matcher(uri);
60 LOG.debug("GET found match");
61 this.handleGetRequest(req, resp, matcher.groupCount() > 0 ? matcher.group(1) : null);
63 LOG.debug("no valid request");
64 super.doGet(req, resp);
69 protected void doPut(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
70 final String uri = req.getRequestURI();
71 final Matcher matcher = PATTERN.matcher(uri);
73 LOG.debug("PUT found match");
74 final String payload = getPayload(req);
75 this.handlePutRequest(req, resp, payload, matcher.groupCount() > 0 ? matcher.group(1) : null);
77 LOG.debug("no valid request");
78 super.doPut(req, resp);
82 private String getPayload(HttpServletRequest req) throws IOException {
83 return DataTreeHttpServlet.readPayload(req);
87 protected void doDelete(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
88 final String uri = req.getRequestURI();
89 final Matcher matcher = PATTERN.matcher(uri);
91 LOG.debug("DELETE found match");
92 this.handleDeleteRequest(req, resp, matcher.groupCount() > 0 ? matcher.group(1) : null);
94 LOG.debug("no valid request");
95 super.doPut(req, resp);
99 private void handleGetRequest(HttpServletRequest req, HttpServletResponse resp, String key) {
100 final String username = this.getUsername(req);
101 if (username == null) {
102 resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
105 sendJsonResponse(resp,
106 key == null ? dbUserManager.getUserdata(username) : dbUserManager.getUserdata(username, key));
110 private void handlePutRequest(HttpServletRequest req, HttpServletResponse resp, String data, String key) {
111 final String username = this.getUsername(req);
112 if (username == null) {
113 resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
116 boolean success = key == null ? dbUserManager.setUserdata(username, data)
117 : dbUserManager.setUserdata(username, key, data);
118 resp.setStatus(success ? HttpServletResponse.SC_OK : HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
121 private void handleDeleteRequest(HttpServletRequest req, HttpServletResponse resp, String key) {
122 final String username = this.getUsername(req);
123 if (username == null) {
124 resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
128 key == null ? dbUserManager.removeUserdata(username) : dbUserManager.removeUserdata(username, key);
129 resp.setStatus(success ? HttpServletResponse.SC_OK : HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
132 private String getUsername(HttpServletRequest req) {
133 final String authHeader = req.getHeader("Authorization");
134 if (authHeader == null) {
137 String username = null;
138 if (authHeader.startsWith("Basic")) {
139 username = BaseHTTPClient.decodeBasicAuthHeaderUsername(authHeader);
140 } else if (authHeader.startsWith("Bearer")) {
141 username = decodeJWTPayloadUsername(authHeader, JWT_PAYLOAD_USERNAME_PROPERTYKEY);
146 public static String decodeJWTPayloadUsername(String authHeader, String key) {
147 String username = null;
148 if (authHeader.startsWith("Bearer")) {
149 authHeader = authHeader.substring(7);
151 String[] tmp = authHeader.split("\\.");
152 if (tmp.length == 3) {
153 final String decoded = new String(Base64.getDecoder().decode(tmp[1]));
154 JSONObject o = new JSONObject(decoded);
156 username = o.getString(key);
157 if (username != null && username.contains("@")) {
158 username = username.split("@")[0];
165 private static void sendJsonResponse(HttpServletResponse resp, String userdata) {
166 resp.setContentType("application/json");
167 resp.setStatus(HttpServletResponse.SC_OK);
170 resp.getOutputStream().write(userdata.getBytes(StandardCharsets.UTF_8));
171 } catch (IOException e) {
172 LOG.warn("problem sending response: ", e);
177 public void setDatabaseClient(HtUserdataManager dbMgr) {
178 dbUserManager = dbMgr;