2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2019 Nokia Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
20 package org.onap.dmaap.dbcapi.resources;
22 import com.fasterxml.jackson.core.JsonProcessingException;
23 import com.fasterxml.jackson.databind.ObjectMapper;
24 import java.io.IOException;
25 import javax.servlet.Filter;
26 import javax.servlet.FilterChain;
27 import javax.servlet.FilterConfig;
28 import javax.servlet.ServletException;
29 import javax.servlet.ServletRequest;
30 import javax.servlet.ServletResponse;
31 import javax.servlet.http.HttpServletResponse;
32 import org.apache.log4j.Logger;
33 import org.eclipse.jetty.http.HttpStatus;
34 import org.onap.aaf.cadi.PropAccess;
35 import org.onap.aaf.cadi.filter.CadiFilter;
36 import org.onap.dmaap.dbcapi.model.ApiError;
37 import org.onap.dmaap.dbcapi.util.DmaapConfig;
39 public class AAFAuthenticationFilter implements Filter {
41 private static final Logger LOGGER = Logger.getLogger(AAFAuthenticationFilter.class.getName());
42 static final String CADI_PROPERTIES = "cadi.properties";
43 static final String AAF_AUTHN_FLAG = "UseAAF";
45 private boolean isAafEnabled;
46 private CadiFilter cadiFilter;
49 public void init(FilterConfig filterConfig) throws ServletException {
50 DmaapConfig dmaapConfig = getConfig();
51 String flag = dmaapConfig.getProperty(AAF_AUTHN_FLAG, "false");
52 isAafEnabled = "true".equalsIgnoreCase(flag);
53 initCadi(dmaapConfig);
58 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
59 throws IOException, ServletException {
62 cadiFilter.doFilter(servletRequest, servletResponse, filterChain);
63 updateResponseBody((HttpServletResponse)servletResponse);
65 filterChain.doFilter(servletRequest, servletResponse);
69 private void updateResponseBody(HttpServletResponse httpResponse)
71 if(httpResponse.getStatus() == 401) {
72 String errorMsg = "invalid or no credentials provided";
73 LOGGER.error(errorMsg);
74 httpResponse.setContentType("application/json");
75 httpResponse.setCharacterEncoding("UTF-8");
76 httpResponse.getWriter().print(buildErrorResponse(errorMsg));
77 httpResponse.getWriter().flush();
81 private String buildErrorResponse(String msg) {
83 return new ObjectMapper().writeValueAsString(new ApiError(HttpStatus.UNAUTHORIZED_401, msg, "Authentication"));
84 } catch (JsonProcessingException e) {
85 LOGGER.warn("Could not serialize response entity: " + e.getMessage());
92 public void destroy() {
96 private void initCadi(DmaapConfig dmaapConfig) throws ServletException {
99 String cadiPropertiesFile = dmaapConfig.getProperty(CADI_PROPERTIES);
100 if(cadiPropertiesFile != null && !cadiPropertiesFile.isEmpty()) {
101 cadiFilter = new CadiFilter(new PropAccess(cadiPropertiesFile));
103 throw new ServletException("Cannot initialize CADI filter.CADI properties not available.");
105 } catch (ServletException e) {
106 LOGGER.error("CADI init error :" + e.getMessage());
112 DmaapConfig getConfig() {
113 return (DmaapConfig) DmaapConfig.getConfig();
117 CadiFilter getCadiFilter() {
121 void setCadiFilter(CadiFilter cadiFilter) {
122 this.cadiFilter = cadiFilter;
125 boolean isAafEnabled() {