1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
19 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21 *******************************************************************************/
22 package org.onap.dmaap.dmf.mr.security;
24 import com.att.nsa.security.NsaApiKey;
25 import com.att.nsa.security.db.NsaApiDb;
26 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
27 import org.onap.dmaap.dmf.mr.beans.DMaaPContext;
28 import org.onap.dmaap.dmf.mr.security.impl.DMaaPOriginalUebAuthenticator;
30 import javax.servlet.http.HttpServletRequest;
31 import java.util.LinkedList;
35 * @author anowarul.islam
39 public class DMaaPAuthenticatorImpl<K extends NsaApiKey> implements DMaaPAuthenticator<K> {
41 private final LinkedList<DMaaPAuthenticator<K>> fAuthenticators;
45 // Setting timeout to a large value for testing purpose.
48 private static final long kDefaultRequestTimeWindow = 1000L * 60 * 10 * 10 * 10 * 10 * 10;
51 * Construct the security manager against an API key database
56 public DMaaPAuthenticatorImpl(NsaApiDb<K> db) {
57 this(db, kDefaultRequestTimeWindow);
64 * Construct the security manager against an API key database with a
65 * specific request time window size
69 * @param authTimeWindowMs
70 * the size of the time window for request authentication
72 public DMaaPAuthenticatorImpl(NsaApiDb<K> db, long authTimeWindowMs) {
73 fAuthenticators = new LinkedList<>();
75 fAuthenticators.add(new DMaaPOriginalUebAuthenticator<K>(db, authTimeWindowMs));
79 * Authenticate a user's request. This method returns the API key if the
80 * user is authentic, null otherwise.
83 * @return an api key record, or null
85 public K authenticate(DMaaPContext ctx) {
86 final HttpServletRequest req = ctx.getRequest();
87 for (DMaaPAuthenticator<K> a : fAuthenticators) {
89 final K k = a.isAuthentic(req);
93 // else: this request doesn't look right to the authenticator
99 * Get the user associated with the incoming request, or null if the user is
105 public static NsaSimpleApiKey getAuthenticatedUser(DMaaPContext ctx) {
106 final DMaaPAuthenticator<NsaSimpleApiKey> m = ctx.getConfigReader().getfSecurityManager();
107 return m.authenticate(ctx);
111 * method by default returning false
115 public boolean qualify(HttpServletRequest req) {
119 * method by default returning null
123 public K isAuthentic(HttpServletRequest req) {
127 public void addAuthenticator ( DMaaPAuthenticator<K> a )
129 this.fAuthenticators.add(a);