1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
19 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21 *******************************************************************************/
22 package org.onap.dmaap.dmf.mr.security;
24 import java.util.LinkedList;
26 import javax.servlet.http.HttpServletRequest;
28 import org.onap.dmaap.dmf.mr.beans.DMaaPContext;
29 import org.onap.dmaap.dmf.mr.security.impl.DMaaPOriginalUebAuthenticator;
30 import com.att.nsa.security.NsaApiKey;
31 import com.att.nsa.security.db.NsaApiDb;
32 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
36 * @author anowarul.islam
40 public class DMaaPAuthenticatorImpl<K extends NsaApiKey> implements DMaaPAuthenticator<K> {
42 private final LinkedList<DMaaPAuthenticator<K>> fAuthenticators;
46 // Setting timeout to a large value for testing purpose.
49 private static final long kDefaultRequestTimeWindow = 1000 * 60 * 10 * 10 * 10 * 10 * 10;
52 * Construct the security manager against an API key database
57 public DMaaPAuthenticatorImpl(NsaApiDb<K> db) {
58 this(db, kDefaultRequestTimeWindow);
65 * Construct the security manager against an API key database with a
66 * specific request time window size
70 * @param authTimeWindowMs
71 * the size of the time window for request authentication
73 public DMaaPAuthenticatorImpl(NsaApiDb<K> db, long authTimeWindowMs) {
74 fAuthenticators = new LinkedList<>();
76 fAuthenticators.add(new DMaaPOriginalUebAuthenticator<K>(db, authTimeWindowMs));
80 * Authenticate a user's request. This method returns the API key if the
81 * user is authentic, null otherwise.
84 * @return an api key record, or null
86 public K authenticate(DMaaPContext ctx) {
87 final HttpServletRequest req = ctx.getRequest();
88 for (DMaaPAuthenticator<K> a : fAuthenticators) {
90 final K k = a.isAuthentic(req);
94 // else: this request doesn't look right to the authenticator
100 * Get the user associated with the incoming request, or null if the user is
106 public static NsaSimpleApiKey getAuthenticatedUser(DMaaPContext ctx) {
107 final DMaaPAuthenticator<NsaSimpleApiKey> m = ctx.getConfigReader().getfSecurityManager();
108 return m.authenticate(ctx);
112 * method by default returning false
116 public boolean qualify(HttpServletRequest req) {
120 * method by default returning null
124 public K isAuthentic(HttpServletRequest req) {
128 public void addAuthenticator ( DMaaPAuthenticator<K> a )
130 this.fAuthenticators.add(a);