2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (c) 2017 AT&T Intellectual Property
6 * ===================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * ============LICENSE_END=============================================
20 * ====================================================================
23 package org.onap.music.authentication;
25 import java.util.HashMap;
28 import javax.ws.rs.core.MediaType;
30 import org.apache.commons.jcs.access.CacheAccess;
31 import org.onap.music.datastore.PreparedQueryObject;
32 import org.onap.music.eelf.logging.EELFLoggerDelegate;
33 import org.onap.music.eelf.logging.format.AppMessages;
34 import org.onap.music.eelf.logging.format.ErrorSeverity;
35 import org.onap.music.eelf.logging.format.ErrorTypes;
36 import org.onap.music.exceptions.MusicServiceException;
37 import org.onap.music.authentication.MusicAuthenticator.Operation;
38 import org.onap.music.main.MusicCore;
39 import org.onap.music.main.MusicUtil;
41 import com.datastax.driver.core.DataType;
42 import com.datastax.driver.core.Row;
43 import com.sun.jersey.api.client.Client;
44 import com.sun.jersey.api.client.ClientResponse;
45 import com.sun.jersey.api.client.WebResource;
47 public class MusicAuthentication implements MusicAuthenticator {
49 private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthentication.class);
52 * authenticate user logic
64 public static Map<String, Object> autheticateUser(String nameSpace, String userId,
65 String password, String keyspace, String aid, String operation)
67 logger.info(EELFLoggerDelegate.applicationLogger,"Inside User Authentication.......");
68 Map<String, Object> resultMap = new HashMap<>();
70 if(! MusicUtil.getIsCadi()) {
71 resultMap = CachingUtil.validateRequest(nameSpace, userId, password, keyspace, aid,
73 if (!resultMap.isEmpty())
75 String isAAFApp = null;
77 isAAFApp= CachingUtil.isAAFApplication(nameSpace);
78 } catch(MusicServiceException e) {
79 logger.error(e.getErrorMessage(), e);
80 resultMap.put("Exception", e.getMessage());
83 if(isAAFApp == null) {
84 resultMap.put("Exception", "Namespace: "+nameSpace+" doesn't exist. Please make sure ns(appName)"
85 + " is correct and Application is onboarded.");
88 boolean isAAF = Boolean.parseBoolean(isAAFApp);
89 if (userId == null || password == null) {
90 logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
91 logger.error(EELFLoggerDelegate.errorLogger,"One or more required headers is missing. userId: " + userId
92 + " :: password: " + password);
93 resultMap.put("Exception",
94 "UserId and Password are mandatory for the operation " + operation);
97 if(!isAAF && !(operation.equals("createKeySpace"))) {
98 resultMap = CachingUtil.authenticateAIDUser(nameSpace, userId, password, keyspace);
99 if (!resultMap.isEmpty())
103 if (isAAF && nameSpace != null && userId != null && password != null) {
104 boolean isValid = true;
106 isValid = CachingUtil.authenticateAAFUser(nameSpace, userId, password, keyspace);
107 } catch (Exception e) {
108 logger.error(EELFLoggerDelegate.errorLogger,"Error while aaf authentication for user:" + userId);
109 logger.error(EELFLoggerDelegate.errorLogger,"Error: "+ e.getMessage());
110 logger.error(EELFLoggerDelegate.errorLogger,e.getMessage(), AppMessages.AUTHENTICATIONERROR ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
111 logger.error(EELFLoggerDelegate.errorLogger,"Got exception while AAF authentication for namespace " + nameSpace);
112 resultMap.put("Exception", e.getMessage());
115 logger.error(EELFLoggerDelegate.errorLogger,"User not authenticated...", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
116 resultMap.put("Exception", "User not authenticated...");
118 if (!resultMap.isEmpty())
124 String cachedKS = CachingUtil.getKSFromCadiCache(userId);
125 if(cachedKS != null && !cachedKS.equals(keyspace)) {
126 resultMap.put("Exception", "User not authenticated to access this keyspace...");
130 if (operation.equals("createKeySpace")) {
131 logger.info(EELFLoggerDelegate.applicationLogger,"AID is not provided. Creating new UUID for keyspace.");
132 PreparedQueryObject pQuery = new PreparedQueryObject();
133 pQuery.appendQueryString(
134 "select uuid from admin.keyspace_master where application_name=? and username=? and keyspace_name=? allow filtering");
135 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), nameSpace));
136 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId));
137 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(),
138 MusicUtil.DEFAULTKEYSPACENAME));
141 Row rs = MusicCore.get(pQuery).one();
142 uuid = rs.getUUID("uuid").toString();
143 resultMap.put("uuid", "existing");
144 } catch (Exception e) {
145 logger.error(EELFLoggerDelegate.applicationLogger,"No UUID found in DB. So creating new UUID.");
146 uuid = MusicUtil.generateUUID();
147 resultMap.put("uuid", "new");
149 resultMap.put("aid", uuid);
150 CachingUtil.updateCadiCache(userId, keyspace);
157 public boolean authenticateAdmin(String authorization) {
158 logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: ");
159 String userId = MusicUtil.extractBasicAuthentication(authorization).get(MusicUtil.USERID);
160 if(MusicUtil.getIsCadi()) {
161 CachingUtil.updateAdminUserCache(authorization, userId);
164 CacheAccess<String, String> adminCache = CachingUtil.getAdminUserCache();
165 if (authorization == null) {
166 logger.error(EELFLoggerDelegate.errorLogger, "Authorization cannot be empty...");
169 if (adminCache.get(authorization) != null && adminCache.get(authorization).equals(userId)) {
170 logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: Validated against admincache.. ");
174 Client client = Client.create();
175 String aafUrl = MusicUtil.getAafAdminUrl();
177 logger.error(EELFLoggerDelegate.errorLogger, "Admin url is not set, please set in properties");
181 WebResource webResource = client.resource(
182 MusicUtil.getAafAdminUrl().concat(userId).concat("/").concat(MusicUtil.getAdminAafRole()));
184 ClientResponse response = webResource.accept(MediaType.APPLICATION_JSON)
185 .header("Authorization", authorization).get(ClientResponse.class);
186 if (response.getStatus() == 200) {
187 CachingUtil.updateAdminUserCache(authorization, userId);
195 public boolean authenticateUser(String namespace, String authorization, String keyspace,
196 String aid, Operation operation) {
197 logger.info(EELFLoggerDelegate.applicationLogger,"Inside User Authentication.......");
198 Map<String,String> userCredentials = MusicUtil.extractBasicAuthentication(authorization);
199 String userId = userCredentials.get(MusicUtil.USERID);
200 String password = userCredentials.get(MusicUtil.PASSWORD);
202 Map<String, Object> resultMap = new HashMap<>();
204 if(! MusicUtil.getIsCadi()) {
205 resultMap = CachingUtil.validateRequest(namespace, userId, password, keyspace, aid,
207 if (!resultMap.isEmpty())
209 String isAAFApp = null;
211 isAAFApp= CachingUtil.isAAFApplication(namespace);
212 } catch(MusicServiceException e) {
213 logger.error(e.getErrorMessage(), e);
214 resultMap.put("Exception", e.getMessage());
217 if(isAAFApp == null) {
218 resultMap.put("Exception", "Namespace: "+namespace+" doesn't exist. Please make sure ns(appName)"
219 + " is correct and Application is onboarded.");
222 boolean isAAF = Boolean.parseBoolean(isAAFApp);
223 if (userId == null || password == null) {
224 logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
225 logger.error(EELFLoggerDelegate.errorLogger,"UserId/Password or more required headers is missing.");
226 resultMap.put("Exception",
227 "UserId and Password are mandatory for the operation " + operation);
230 if(!isAAF && !(operation==Operation.CREATE_KEYSPACE)) {
231 resultMap = CachingUtil.authenticateAIDUser(namespace, userId, password, keyspace);
232 if (!resultMap.isEmpty())
236 if (isAAF && namespace != null && userId != null && password != null) {
237 boolean isValid = true;
239 isValid = CachingUtil.authenticateAAFUser(namespace, userId, password, keyspace);
240 } catch (Exception e) {
241 logger.error(EELFLoggerDelegate.errorLogger,"Error while aaf authentication for user:" + userId);
242 logger.error(EELFLoggerDelegate.errorLogger,"Error: "+ e.getMessage());
243 logger.error(EELFLoggerDelegate.errorLogger,e.getMessage(), AppMessages.AUTHENTICATIONERROR ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
244 logger.error(EELFLoggerDelegate.errorLogger,"Got exception while AAF authentication for namespace " + namespace);
245 resultMap.put("Exception", e.getMessage());
248 logger.error(EELFLoggerDelegate.errorLogger,"User not authenticated...", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR);
249 resultMap.put("Exception", "User not authenticated...");
251 if (!resultMap.isEmpty())
257 String cachedKS = CachingUtil.getKSFromCadiCache(userId);
258 if(cachedKS != null && !cachedKS.equals(keyspace)) {
259 resultMap.put("Exception", "User not authenticated to access this keyspace...");
264 if (operation==Operation.CREATE_KEYSPACE) {
266 logger.info(EELFLoggerDelegate.applicationLogger,"AID is not provided. Creating new UUID for keyspace.");
267 PreparedQueryObject pQuery = new PreparedQueryObject();
268 pQuery.appendQueryString(
269 "select uuid from admin.keyspace_master where application_name=? and username=? and keyspace_name=? allow filtering");
270 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), namespace));
271 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId));
272 pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(),
273 MusicUtil.DEFAULTKEYSPACENAME));
274 Row rs = MusicCore.get(pQuery).one();
275 uuid = rs.getUUID("uuid").toString();
276 resultMap.put("uuid", "existing");
277 } catch (Exception e) {
278 logger.error(EELFLoggerDelegate.applicationLogger,"No UUID found in DB. So creating new UUID.");
279 uuid = MusicUtil.generateUUID();
280 resultMap.put("uuid", "new");
282 resultMap.put("aid", uuid);
283 CachingUtil.updateCadiCache(userId, keyspace);