2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (c) 2017 AT&T Intellectual Property
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * ============LICENSE_END=============================================
22 * ====================================================================
25 package org.onap.music.authentication;
27 import java.io.IOException;
28 import java.util.Base64;
29 import java.util.Enumeration;
30 import java.util.HashMap;
33 import javax.servlet.Filter;
34 import javax.servlet.FilterChain;
35 import javax.servlet.FilterConfig;
36 import javax.servlet.ServletException;
37 import javax.servlet.ServletRequest;
38 import javax.servlet.ServletResponse;
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.http.HttpServletResponse;
42 import org.onap.music.eelf.logging.EELFLoggerDelegate;
43 import org.springframework.beans.factory.annotation.Value;
44 import org.springframework.context.annotation.PropertySource;
46 import com.fasterxml.jackson.databind.ObjectMapper;
49 * This filter class does authorization from AAF
54 @PropertySource(value = {"file:/opt/app/music/etc/music.properties"})
55 public class MusicAuthorizationFilter implements Filter {
57 @Value("${music.aaf.ns}")
58 private String musicNS;
60 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthorizationFilter.class);
62 public MusicAuthorizationFilter() throws ServletException {
67 public void init(FilterConfig filterConfig) throws ServletException {
72 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
73 throws IOException, ServletException {
75 logger.debug(EELFLoggerDelegate.applicationLogger,
76 "In MusicAuthorizationFilter doFilter start() ::::::::::::::::::::::::");
78 HttpServletResponse httpResponse = null;
80 boolean isAuthAllowed = false;
82 if (null != servletRequest && null != servletResponse) {
83 httpResponse = (HttpServletResponse) servletResponse;
85 logger.debug(EELFLoggerDelegate.applicationLogger,
86 "Music NS defined in music property file --------------------------" + musicNS);
89 if( null != servletRequest.getAttribute("startTime")) {
90 startTime = ((Long)servletRequest.getAttribute("startTime")).longValue();
92 startTime = System.currentTimeMillis(); // this will set only incase the request attribute not found
96 isAuthAllowed = AuthUtil.isAccessAllowed(servletRequest, musicNS);
97 } catch (Exception e) {
98 logger.error(EELFLoggerDelegate.applicationLogger,
99 "Error while checking authorization :::" + e.getMessage());
102 long endTime = System.currentTimeMillis();
104 //startTime set in <code>CadiAuthFilter</code> doFilter
105 logger.debug(EELFLoggerDelegate.applicationLogger,
106 "Time took for authentication & authorization : "
107 + (endTime - startTime) + " milliseconds");
109 if (!isAuthAllowed) {
110 logger.debug(EELFLoggerDelegate.applicationLogger,
111 "Unauthorized Access");
112 AuthorizationError authError = new AuthorizationError();
113 authError.setResponseCode(HttpServletResponse.SC_UNAUTHORIZED);
114 authError.setResponseMessage("Unauthorized Access - Please make sure you are "
115 + "onboarded and have proper access to MUSIC. ");
117 byte[] responseToSend = restResponseBytes(authError);
118 httpResponse.setHeader("Content-Type", "application/json");
120 httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
121 servletResponse.getOutputStream().write(responseToSend);
124 filterChain.doFilter(servletRequest, servletResponse);
127 logger.debug(EELFLoggerDelegate.applicationLogger,
128 "In MusicAuthorizationFilter doFilter exit() ::::::::::::::::::::::::");
131 private byte[] restResponseBytes(AuthorizationError eErrorResponse) throws IOException {
132 String serialized = new ObjectMapper().writeValueAsString(eErrorResponse);
133 return serialized.getBytes();
136 private Map<String, String> getHeadersInfo(HttpServletRequest request) {
138 Map<String, String> map = new HashMap<String, String>();
140 Enumeration headerNames = request.getHeaderNames();
141 while (headerNames.hasMoreElements()) {
142 String key = (String) headerNames.nextElement();
143 String value = request.getHeader(key);
150 private static String getUserNamefromRequest(HttpServletRequest httpRequest) {
151 String authHeader = httpRequest.getHeader("Authorization");
152 String username = null;
153 if (authHeader != null) {
154 String[] split = authHeader.split("\\s+");
155 if (split.length > 0) {
156 String basic = split[0];
158 if ("Basic".equalsIgnoreCase(basic)) {
159 byte[] decodedBytes = Base64.getDecoder().decode(split[1]);
160 String decodedString = new String(decodedBytes);
161 int p = decodedString.indexOf(":");
163 username = decodedString.substring(0, p);