Code Review / portal / sdk.git / blob
? search:


557af2dd8b5c928cc738bafc09f9a0770f64c64c
[portal/sdk.git] /
1 /*-
2  * ================================================================================
3  * eCOMP Portal SDK
4  * ================================================================================
5  * Copyright (C) 2017 AT&T Intellectual Property
6  * ================================================================================
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  * 
11  *      http://www.apache.org/licenses/LICENSE-2.0
12  * 
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ================================================================================
19  */
20 package org.openecomp.portalsdk.core.service;
21
22 import java.util.List;
23
24 import org.openecomp.portalsdk.core.domain.App;
25 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
26 import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
27 import org.openecomp.portalsdk.core.util.SystemProperties;
28 import org.springframework.beans.factory.annotation.Autowired;
29 import org.springframework.stereotype.Service;
30 import org.springframework.transaction.annotation.Transactional;
31
32 @Service("webServiceCallService")
33 @Transactional
34 public class WebServiceCallServiceImpl implements WebServiceCallService{
35         
36         @Autowired
37         private DataAccessService  dataAccessService;
38         
39         @Autowired
40         AppService appService;
41         
42         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(WebServiceCallServiceImpl.class);
43         
44         /**
45          * Verify REST Credential 
46          * @return true if the credential is accepted; else false.
47          */
48         @Override
49         public boolean verifyRESTCredential(String secretKey, String requestAppName, String requestPassword)throws Exception {
50                 App app = appService.getDefaultApp();
51                 if (app!=null) {
52                         String encriptedPwdDB = app.getAppPassword();
53                         String appUserName = app.getUsername();
54                         String decreptedPwd = CipherUtil.decrypt(encriptedPwdDB, secretKey==null?SystemProperties.getProperty(SystemProperties.Decryption_Key):secretKey);
55                         if(decreptedPwd.equals(requestPassword) && appUserName.equals(requestAppName)) {
56                                 return true;
57                         }
58                 }
59                 return false;
60         }
61         
62         /**
63          * Getting App information from FN_APP table
64          * @return App domain object, or null if not found.
65          */
66         public App findApp(){
67                 List<?>  list = null;
68                 StringBuffer criteria = new StringBuffer();
69                 criteria.append(" where id = 1");
70                 list = getDataAccessService().getList(App.class, criteria.toString(), null, null);
71                 return (list == null || list.size() == 0) ? null : (App) list.get(0);
72         }
73         
74         public DataAccessService getDataAccessService() {
75                 return dataAccessService;
76         }
77         
78         public void setDataAccessService(DataAccessService dataAccessService) {
79                 this.dataAccessService = dataAccessService;
80         }
81         
82         /*/
83         @Override
84         public String get(String restURL, String restPath) {
85                 String appUserName              = "";
86                 String appUebKey                = "";
87                 String decreptedPwd     = "";
88                 String appName                  = "";
89                 String inputLine                = "";
90                 String serviceName              = "";
91                 String loginId                  = "";
92                 StringBuffer jsonResponse       = new StringBuffer();
93                 
94                 StopWatch stopWatch = new StopWatch("WebServiceCallServiceImpl.get");
95                 stopWatch.start();
96                 try {
97                         logger.info(EELFLoggerDelegate.metricsLogger, "WebServiceCallServiceImpl.get (" + restPath + ") operation is started.");
98                         logger.debug(EELFLoggerDelegate.debugLogger, "WebServiceCallServiceImpl.get (" + restPath + ") operation is started.");
99                         loginId = MDC.get("LoginId");
100                         appUebKey                       = PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY);
101                         App app                         = appService.getDefaultApp();
102                         if (app!=null) {
103                                 appName         = app.getName();
104                                 appUserName = app.getUsername();
105                                 try{
106                                         decreptedPwd = CipherUtil.decrypt(app.getAppPassword(), SystemProperties.getProperty(SystemProperties.Decryption_Key));
107                                 } catch(Exception e) {
108                                         logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred in WebServiceCallServiceImpl.get while decrypting the password. Details: " + e.getMessage());
109                                 }
110                         } else {
111                                 logger.warn(EELFLoggerDelegate.errorLogger, "Unable to locate the app information from the database.");
112                                 appName                 = SystemProperties.SERVICE_NAME;
113                         }
114                                                 
115                         //Create the connection object
116                         URL obj = new URL(restURL + restPath);
117                         HttpURLConnection con = (HttpURLConnection) obj.openConnection();
118                         con.setRequestMethod("GET");
119                         con.setConnectTimeout(3000);
120                         con.setReadTimeout(8000);
121                         
122                         //add request header
123                         con.setRequestProperty("username",      appUserName);
124                         con.setRequestProperty("password",      decreptedPwd);
125                         con.setRequestProperty("uebkey",        appUebKey);
126                         con.setRequestProperty(SystemProperties.LOGIN_ID, loginId);
127                         con.setRequestProperty(SystemProperties.USERAGENT_NAME, appName);
128                         con.setRequestProperty(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
129                         
130                         //set MDC context for outgoing audit logging
131                         serviceName = String.format("%s:%s.%s", appName, SystemProperties.ECOMP_PORTAL_BE, restPath);
132                         MDC.put(Configuration.MDC_SERVICE_NAME, serviceName);
133                         MDC.put(Configuration.MDC_REMOTE_HOST, restURL);
134                         MDC.put(SystemProperties.MDC_APPNAME, appName);
135                         MDC.put(SystemProperties.MDC_REST_PATH, restPath);
136                         MDC.put(SystemProperties.MDC_REST_METHOD, "GET");
137                         
138                         int responseCode = con.getResponseCode();
139                         logger.info(EELFLoggerDelegate.errorLogger, "Received the response code '" + responseCode + "' while getting the '" + restPath + "' for user: " + loginId);
140                         
141                         BufferedReader in = new BufferedReader(
142                                  new InputStreamReader(con.getInputStream()));
143                         
144                         while ((inputLine = in.readLine()) != null) {
145                                 jsonResponse.append(inputLine);
146                         }
147                         in.close();
148                         
149                         logSecurityMessage(RESULT_ENUM.SUCCESS);
150                     logger.debug(EELFLoggerDelegate.debugLogger, restPath + " response: " + jsonResponse.toString());
151                     logger.debug(EELFLoggerDelegate.debugLogger, "WebServiceCallServiceImpl.get (" + restPath + ") operation is started.");
152                 } catch(UrlAccessRestrictedException e) {
153                         logger.error(EELFLoggerDelegate.errorLogger, "Authentication exception occurred in WebServiceCallServiceImpl.get (" + restPath + "). Details: " + e.getMessage());
154                         logSecurityMessage(RESULT_ENUM.FAILURE);
155                 } catch(Exception e) {
156                         logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred in WebServiceCallServiceImpl.get (" + restPath + "). Details: " + e.getMessage());
157                         logSecurityMessage(RESULT_ENUM.FAILURE);
158                 } finally {
159                         if (stopWatch.isRunning()) stopWatch.stop();
160                     MDC.put(SystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
161                         logger.info(EELFLoggerDelegate.metricsLogger, "WebServiceCallServiceImpl.get (" + restPath + ") operation is completed.");
162                         
163                         //clear the temporary MDC context values
164                         MDC.remove(SystemProperties.MDC_TIMER);
165                         MDC.remove(SystemProperties.MDC_REST_METHOD);
166                         MDC.remove(SystemProperties.MDC_REST_PATH);
167                         MDC.remove(SystemProperties.MDC_APPNAME);
168                         MDC.remove(Configuration.MDC_REMOTE_HOST);
169                         MDC.remove(Configuration.MDC_SERVICE_NAME);
170                 }
171                 
172                 return jsonResponse.toString();
173         }
174                 
175         //Handles all the outgoing rest/ueb messages.
176         public void logSecurityMessage(RESULT_ENUM isSuccess) {
177                 String additionalInfo = "";
178                 String protocol = "HTTP";
179                 String loginId = MDC.get("LoginId");
180                 additionalInfo = String.format("Rest API=%s, Rest Method=%s, App-Name=%s, Request-URL=%s", 
181                                                         MDC.get(SystemProperties.MDC_REST_PATH), MDC.get(SystemProperties.MDC_REST_METHOD), 
182                                                         MDC.get(SystemProperties.MDC_APPNAME), MDC.get(Configuration.MDC_REMOTE_HOST));
183                                                                 
184                 logger.info(EELFLoggerDelegate.auditLogger, AuditLogFormatter.getInstance().createMessage(
185                                 protocol, SecurityEventTypeEnum.OUTGOING_REST_MESSAGE.name(), loginId, SystemProperties.SERVICE_NAME, 
186                                 isSuccess.name(), additionalInfo));
187         }
188         /**/
189 }
ARCHIVED- 2022-02-15 at the request of the project