src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java

   1 /*******************************************************************************
   2  *  ============LICENSE_START=======================================================
   3  *  org.onap.dmaap
   4  *  ================================================================================
   5  *  Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  *  ================================================================================
   7  *  Licensed under the Apache License, Version 2.0 (the "License");
   8  *  you may not use this file except in compliance with the License.
   9  *  You may obtain a copy of the License at
  10  *        http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  *  Unless required by applicable law or agreed to in writing, software
  13  *  distributed under the License is distributed on an "AS IS" BASIS,
  14  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *  See the License for the specific language governing permissions and
  16  *  limitations under the License.
  17  *  ============LICENSE_END=========================================================
  18  *
  19  *  ECOMP is a trademark and service mark of AT&T Intellectual Property.
  20  *
  21  *******************************************************************************/
  22 package com.att.nsa.dmaap.util;
  23
  24 import java.io.IOException;
  25
  26 import javax.servlet.FilterChain;
  27 import javax.servlet.ServletException;
  28 import javax.servlet.ServletRequest;
  29 import javax.servlet.ServletResponse;
  30 import javax.servlet.http.HttpServletRequest;
  31
  32 //import com.att.eelf.configuration.EELFLogger;
  33 //import com.att.eelf.configuration.EELFManager;
  34
  35 import org.slf4j.Logger;
  36 import org.slf4j.LoggerFactory;
  37 import org.springframework.stereotype.Component;
  38
  39 import com.att.cadi.filter.CadiFilter;
  40 import javax.servlet.FilterConfig;
  41
  42 /**
  43  * This is a Servlet Filter class overriding the AjscCadiFilter
  44  */
  45 @Component
  46 public class DMaaPAuthFilter extends CadiFilter {
  47
  48         // private Logger log = Logger.getLogger(DMaaPAuthFilter.class.toString());
  49
  50         // private static final EELFLogger log =
  51         // EELFManager.getInstance().getLogger(DMaaPAuthFilter.class);
  52         private Logger log = LoggerFactory.getLogger(DMaaPAuthFilter.class);
  53
  54         final Boolean enabled = "authentication-scheme-1".equalsIgnoreCase(System.getProperty("CadiAuthN"));
  55
  56         /**
  57          * This method will disable Cadi Authentication if cambria headers are
  58          * present in the request else continue with Cadi Authentication
  59          */
  60         public void init(FilterConfig filterConfig) throws ServletException {
  61
  62                 try {
  63
  64                         super.init(filterConfig);
  65
  66                 } catch (Exception ex) {
  67                         log.error("Ajsc Cadi Filter Exception" + ex);
  68
  69                 }
  70         }
  71
  72         @Override
  73         public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
  74                         throws IOException, ServletException {
  75
  76                 log.info("inside servlet filter Cambria Auth Headers checking before doing other Authentication");
  77                 HttpServletRequest request = (HttpServletRequest) req;
  78
  79                 boolean forceAAF = Boolean.valueOf(System.getProperty("forceAAF"));
  80                 if (forceAAF ||
  81                         null != request.getHeader("Authorization") ||
  82                         (null != request.getHeader("AppName") &&
  83                                 request.getHeader("AppName").equalsIgnoreCase("invenio") &&
  84                                 null != request.getHeader("cookie"))) {
  85
  86                         if (!enabled ||
  87                                         request.getMethod().equalsIgnoreCase("head") ||
  88                                         request.getHeader("DME2HealthCheck") != null) {
  89
  90                                 chain.doFilter(req, res);
  91
  92                         } else {
  93
  94                                 super.doFilter(req, res, chain);
  95
  96                         }
  97                 } else {
  98
  99                         System.setProperty("CadiAuthN", "authentication-scheme-2");
 100                         chain.doFilter(req, res);
 101
 102                 }
 103
 104         }
 105
 106         @Override
 107         public void log(Exception e, Object... elements) {
 108                 // TODO Auto-generated method stub
 109                 // super.log(e, elements);
 110                 // System.out.println(convertArrayToString(elements));
 111                 log.error(convertArrayToString(elements), e);
 112
 113         }
 114
 115         @Override
 116         public void log(Level level, Object... elements) {
 117
 118                 // System.out.println(willWrite().compareTo(level) );
 119                 if (willWrite().compareTo(level) <= 0) {
 120                         switch (level) {
 121                         case DEBUG:
 122                                 log.debug(convertArrayToString(elements));
 123                                 break;
 124                         case INFO:
 125                                 log.info(convertArrayToString(elements));
 126                                 break;
 127                         case ERROR:
 128                                 log.error(convertArrayToString(elements));
 129                                 break;
 130                         case AUDIT:
 131                                 log.info(convertArrayToString(elements));
 132                                 break;
 133                         case INIT:
 134                                 log.info(convertArrayToString(elements));
 135                                 break;
 136                         case WARN:
 137                                 log.warn(convertArrayToString(elements));
 138                                 break;
 139                         default:
 140
 141                                 log.warn(convertArrayToString(elements));
 142
 143                         }
 144
 145                 }
 146
 147         }
 148
 149         private String convertArrayToString(Object[] elements) {
 150
 151                 StringBuilder strBuilder = new StringBuilder();
 152                 for (int i = 0; i < elements.length; i++) {
 153                         if (elements[i] instanceof String)
 154                                 strBuilder.append((String) elements[i]);
 155                         else if (elements[i] instanceof Integer)
 156                                 strBuilder.append((Integer) elements[i]);
 157                         else
 158                                 strBuilder.append(elements[i]);
 159                 }
 160                 String newString = strBuilder.toString();
 161                 return newString;
 162         }
 163
 164 }