2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (c) 2017 AT&T Intellectual Property
6 * ===================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * ============LICENSE_END=============================================
20 * ====================================================================
23 package org.onap.music;
24 import java.io.IOException;
25 import java.util.ArrayList;
26 import java.util.Arrays;
27 import java.util.List;
28 import java.util.regex.Matcher;
29 import java.util.regex.Pattern;
31 import javax.servlet.FilterChain;
32 import javax.servlet.FilterConfig;
33 import javax.servlet.ServletException;
34 import javax.servlet.ServletRequest;
35 import javax.servlet.ServletResponse;
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.http.HttpServletResponse;
39 import org.onap.aaf.cadi.Access;
40 import org.onap.aaf.cadi.CadiWrap;
41 import org.onap.aaf.cadi.Permission;
42 import org.onap.aaf.cadi.PropAccess;
43 import org.onap.aaf.cadi.aaf.AAFPermission;
44 import org.onap.aaf.cadi.filter.CadiFilter;
46 public class CadiAuthFilter extends CadiFilter {
48 private static String include_url_endpoints ="";
49 private static String exclude_url_endpoints = "";
50 public static final String AUTHORIZATION = "Authorization";
52 public CadiAuthFilter(boolean init, PropAccess access) throws ServletException {
56 public void init(FilterConfig filterConfig) throws ServletException {
57 super.init(filterConfig);
58 include_url_endpoints = filterConfig.getInitParameter("include_url_endpoints");
59 exclude_url_endpoints = filterConfig.getInitParameter("exclude_url_endpoints");
63 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
64 throws IOException, ServletException {
66 super.doFilter(request, response, chain);
70 private String getUrl(ServletRequest request) {
72 HttpServletRequest httpRequest = (HttpServletRequest) request;
73 path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
78 private boolean matchPattern(String requestedPath, String includeUrl) {
79 includeUrl = includeUrl.substring(1);
80 String[] path = requestedPath.split("/");
81 if (path.length > 1) {
82 String[] roleFunctionArray = includeUrl.split("/");
84 for (int i = 0; i < roleFunctionArray.length; i++) {
86 if (!roleFunctionArray[i].equals("*")) {
87 Pattern p = Pattern.compile(Pattern.quote(path[i]), Pattern.CASE_INSENSITIVE);
88 Matcher m = p.matcher(roleFunctionArray[i]);
90 } else if (roleFunctionArray[i].equals("*")) {
99 if (requestedPath.matches(includeUrl))
101 else if (includeUrl.equals("*"))
108 public static List<AAFPermission> getAAFPermissions(HttpServletRequest request) {
109 CadiWrap wrapReq = (CadiWrap) request;
110 List<Permission> perms = wrapReq.getPermissions(wrapReq.getUserPrincipal());
111 List<AAFPermission> aafPermsList = new ArrayList<>();
112 for (Permission perm : perms) {
113 AAFPermission aafPerm = (AAFPermission) perm;
114 aafPermsList.add(aafPerm);
115 System.out.println(aafPerm.toString());
116 System.out.println(aafPerm.getType());
121 public static List<AAFPermission> getAAFPermissions(ServletRequest request) {
122 CadiWrap wrapReq = (CadiWrap) request;
123 List<Permission> perms = wrapReq.getPermissions(wrapReq.getUserPrincipal());
124 List<AAFPermission> aafPermsList = new ArrayList<>();
125 for (Permission perm : perms) {
126 AAFPermission aafPerm = (AAFPermission) perm;
127 aafPermsList.add(aafPerm);
135 * @return returns list of AAFPermission for the specific namespace
137 public static List<AAFPermission> getNameSpacesAAFPermissions(String nameSpace,
138 List<AAFPermission> allPermissionsList) {
139 String type = nameSpace + ".url";
140 allPermissionsList.removeIf(perm -> (!perm.getType().equals(type)));
141 return allPermissionsList;