2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.dmaap.dbcapi.service;
23 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
24 import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
26 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
27 import org.onap.dmaap.dbcapi.authentication.ApiPolicy;
28 import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException;
29 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
30 import org.onap.dmaap.dbcapi.model.ApiError;
31 import org.onap.dmaap.dbcapi.model.Dmaap;
32 import org.onap.dmaap.dbcapi.util.DmaapConfig;
33 import org.onap.dmaap.dbcapi.util.RandomString;
36 public class ApiService extends BaseLoggingClass {
38 private String apiNamespace;
40 private String uriPath;
41 private String method;
42 private String authorization;
43 private String requestId;
45 private ApiPolicy apiPolicy;
46 private CredentialsParser credentialsParser = new CredentialsParser();
51 requestId = (new RandomString(10)).nextString();
53 if (apiNamespace == null) {
54 DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
55 apiNamespace = p.getProperty("ApiNamespace", "org.openecomp.dmaapBC.api");
56 logger.info("config param usePE has been deprecated. Use ApiPermission.Class property instead.");
58 apiPolicy = new ApiPolicy();
60 logger.info("apiNamespace=" + apiNamespace);
63 public ApiService setAuth(String auth) {
64 this.authorization = auth;
65 logger.info("setAuth: authorization={} ", authorization);
69 private void setServiceName() {
70 String svcRequest = new String(this.method + " " + this.uriPath);
71 MDC.put(MDC_SERVICE_NAME, svcRequest);
74 public ApiService setHttpMethod(String httpMethod) {
75 this.method = httpMethod;
76 logger.info("setHttpMethod: method={} ", method);
81 public ApiService setUriPath(String uriPath) {
82 this.uriPath = uriPath;
83 this.uri = setUriFromPath(uriPath);
84 logger.info("setUriPath: uriPath={} uri={}", uriPath, uri);
89 private String setUriFromPath(String uriPath) {
90 int ch = uriPath.indexOf("/");
92 return ((String) uriPath.subSequence(0, ch));
98 public ApiError getErr() {
102 public void checkAuthorization() throws Exception {
104 MDC.put(MDC_KEY_REQUEST_ID, requestId);
106 logger.info("request: uri={} method={} auth={}", uri, method, authorization);
108 if (uri == null || uri.isEmpty()) {
109 String errmsg = "No URI value provided ";
110 err.setMessage(errmsg);
112 throw new AuthenticationErrorException();
114 if (method == null || method.isEmpty()) {
115 String errmsg = "No method value provided ";
116 err.setMessage(errmsg);
118 throw new AuthenticationErrorException();
120 DmaapService dmaapService = new DmaapService();
121 Dmaap dmaap = dmaapService.getDmaap();
122 String env = dmaap.getDmaapName();
124 // special case during bootstrap of app when DMaaP environment may not be set.
125 // this allows us to authorize certain APIs used for initialization during this window.
126 if (env == null || env.isEmpty()) {
129 if (!apiPolicy.isPermissionClassSet()) {
130 return; // skip authorization if not enabled
133 Credentials credentials = credentialsParser.parse(authorization);
135 DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method);
136 apiPolicy.check(credentials.getId(), credentials.getPwd(), p);
137 } catch (AuthenticationErrorException ae) {
139 "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
142 err.setMessage(errmsg);
148 public ApiService setRequestId(String requestId) {
149 if (requestId == null || requestId.isEmpty()) {
150 this.requestId = (new RandomString(10)).nextString();
151 logger.warn("X-ECOMP-RequestID not set in HTTP Header. Setting RequestId value to: " + this.requestId);
153 this.requestId = requestId;
155 MDC.put(MDC_KEY_REQUEST_ID, this.requestId);