src/main/java/com/att/nsa/dmaap/util/DMaaPAuthFilter.java

   1 /*******************************************************************************
   2  *  ============LICENSE_START=======================================================
   3  *  org.onap.dmaap
   4  *  ================================================================================
   5  *  Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  *  ================================================================================
   7  *  Licensed under the Apache License, Version 2.0 (the "License");
   8  *  you may not use this file except in compliance with the License.
   9  *  You may obtain a copy of the License at
  10  *        http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  *  Unless required by applicable law or agreed to in writing, software
  13  *  distributed under the License is distributed on an "AS IS" BASIS,
  14  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *  See the License for the specific language governing permissions and
  16  *  limitations under the License.
  17  *  ============LICENSE_END=========================================================
  18  *
  19  *  ECOMP is a trademark and service mark of AT&T Intellectual Property.
  20  *
  21  *******************************************************************************/
  22 package com.att.nsa.dmaap.util;
  23
  24 import java.io.IOException;
  25
  26 import javax.servlet.FilterChain;
  27 import javax.servlet.ServletException;
  28 import javax.servlet.ServletRequest;
  29 import javax.servlet.ServletResponse;
  30 import javax.servlet.http.HttpServletRequest;
  31
  32 //import com.att.eelf.configuration.EELFLogger;
  33 //import com.att.eelf.configuration.EELFManager;
  34
  35 import org.slf4j.Logger;
  36 import org.slf4j.LoggerFactory;
  37 import org.springframework.stereotype.Component;
  38
  39 import com.att.cadi.filter.CadiFilter;
  40 import javax.servlet.FilterConfig;
  41
  42 /**
  43  * This is a Servlet Filter class overriding the AjscCadiFilter
  44  */
  45 @Component
  46 public class DMaaPAuthFilter extends CadiFilter {
  47
  48         // private Logger log = Logger.getLogger(DMaaPAuthFilter.class.toString());
  49
  50         // private static final EELFLogger log =
  51         // EELFManager.getInstance().getLogger(DMaaPAuthFilter.class);
  52         private Logger log = LoggerFactory.getLogger(DMaaPAuthFilter.class);
  53
  54         final Boolean enabled = "authentication-scheme-1".equalsIgnoreCase(System.getProperty("CadiAuthN"));
  55
  56         /**
  57          * This method will disable Cadi Authentication if cambria headers are
  58          * present in the request else continue with Cadi Authentication
  59          */
  60         public void init(FilterConfig filterConfig) throws ServletException {
  61
  62                 try {
  63
  64                         super.init(filterConfig);
  65
  66                 } catch (Exception ex) {
  67                         log.error("Ajsc Cadi Filter Exception" + ex);
  68
  69                 }
  70         }
  71
  72         @Override
  73         public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
  74                         throws IOException, ServletException {
  75
  76                 log.info("inside servlet filter Cambria Auth Headers checking before doing other Authentication");
  77                 HttpServletRequest request = (HttpServletRequest) req;
  78
  79                 boolean forceAAF = Boolean.valueOf(System.getProperty("forceAAF"));
  80                 if (forceAAF ||
  81                         null != request.getHeader("Authorization") ||
  82                         (null != request.getHeader("AppName") &&
  83                                 request.getHeader("AppName").equalsIgnoreCase("invenio") )) {
  84
  85                         if (!enabled ||
  86                                         request.getMethod().equalsIgnoreCase("head") ||
  87                                         request.getHeader("DME2HealthCheck") != null) {
  88
  89                                 chain.doFilter(req, res);
  90
  91                         } else {
  92
  93                                 super.doFilter(req, res, chain);
  94
  95                         }
  96                 } else {
  97
  98                         System.setProperty("CadiAuthN", "authentication-scheme-2");
  99                         chain.doFilter(req, res);
 100
 101                 }
 102
 103         }
 104
 105         @Override
 106         public void log(Exception e, Object... elements) {
 107                 // TODO Auto-generated method stub
 108                 // super.log(e, elements);
 109                 // System.out.println(convertArrayToString(elements));
 110                 log.error(convertArrayToString(elements), e);
 111
 112         }
 113
 114         @Override
 115         public void log(Level level, Object... elements) {
 116
 117                 // System.out.println(willWrite().compareTo(level) );
 118                 if (willWrite().compareTo(level) <= 0) {
 119                         switch (level) {
 120                         case DEBUG:
 121                                 log.debug(convertArrayToString(elements));
 122                                 break;
 123                         case INFO:
 124                                 log.info(convertArrayToString(elements));
 125                                 break;
 126                         case ERROR:
 127                                 log.error(convertArrayToString(elements));
 128                                 break;
 129                         case AUDIT:
 130                                 log.info(convertArrayToString(elements));
 131                                 break;
 132                         case INIT:
 133                                 log.info(convertArrayToString(elements));
 134                                 break;
 135                         case WARN:
 136                                 log.warn(convertArrayToString(elements));
 137                                 break;
 138                         default:
 139
 140                                 log.warn(convertArrayToString(elements));
 141
 142                         }
 143
 144                 }
 145
 146         }
 147
 148         private String convertArrayToString(Object[] elements) {
 149
 150                 StringBuilder strBuilder = new StringBuilder();
 151                 for (int i = 0; i < elements.length; i++) {
 152                         if (elements[i] instanceof String)
 153                                 strBuilder.append((String) elements[i]);
 154                         else if (elements[i] instanceof Integer)
 155                                 strBuilder.append((Integer) elements[i]);
 156                         else
 157                                 strBuilder.append(elements[i]);
 158                 }
 159                 String newString = strBuilder.toString();
 160                 return newString;
 161         }
 162
 163 }