[portal/sdk.git] /

/*-
 * ================================================================================
 * eCOMP Portal SDK
 * ================================================================================
 * Copyright (C) 2017 AT&T Intellectual Property
 * ================================================================================
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * ================================================================================
 */
package org.openecomp.portalsdk.core.interceptor;

import java.net.HttpURLConnection;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.openecomp.portalsdk.core.controller.FusionBaseController;
import org.openecomp.portalsdk.core.domain.App;
import org.openecomp.portalsdk.core.exception.UrlAccessRestrictedException;
import org.openecomp.portalsdk.core.logging.format.AlarmSeverityEnum;
import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.openecomp.portalsdk.core.objectcache.AbstractCacheManager;
import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants;
import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties;
import org.openecomp.portalsdk.core.service.DataAccessService;
import org.openecomp.portalsdk.core.service.LoginService;
import org.openecomp.portalsdk.core.service.UrlAccessService;
import org.openecomp.portalsdk.core.service.WebServiceCallService;
import org.openecomp.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

public class ResourceInterceptor extends HandlerInterceptorAdapter {
        public static final String APP_METADATA = "APP.METADATA";

        EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ResourceInterceptor.class);

        @Autowired
        private DataAccessService dataAccessService;
        @Autowired
        private LoginService loginService;
        @Autowired
        private WebServiceCallService webServiceCallService;

        private AbstractCacheManager cacheManager;

        @Autowired
        UrlAccessService urlAccessService;
        
        @Override
        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
                        throws Exception {
                String uri = request.getRequestURI();
                String url = uri.substring(uri.indexOf("/", 1) + 1);
                logger.info(EELFLoggerDelegate.debugLogger, "Url - " + url);
                logger.info(EELFLoggerDelegate.debugLogger, "lastIndexOf - " + uri.substring(uri.lastIndexOf("/") + 1));
                if (handler instanceof HandlerMethod) {
                        HandlerMethod method = (HandlerMethod) handler;
                        FusionBaseController controller = (FusionBaseController) method.getBean();
                        if (!controller.isAccessible()) {
                                if (controller.isRESTfulCall()) {
                                        // check user authentication for RESTful calls
                                        String secretKey = null;
                                        try {
                                                if (!webServiceCallService.verifyRESTCredential(secretKey, request.getHeader("username"),
                                                                request.getHeader("password"))) {
                                                        logger.error(EELFLoggerDelegate.errorLogger, "Error accesing RESTful service. Un-authorized",AlarmSeverityEnum.MINOR);
                                                        throw new UrlAccessRestrictedException();
                                                }
                                        } catch (Exception e) {
                                                logger.error(EELFLoggerDelegate.errorLogger, "Error authenticating RESTful service :" + e,AlarmSeverityEnum.MINOR);
                                                //throw new UrlAccessRestrictedException();
                                                 HttpSession httpSession = request.getSession();
                                                    ((HttpServletResponse) response).setStatus(HttpURLConnection.HTTP_UNAUTHORIZED);
                                                    return false;
                                        }
                                }
                                if (!urlAccessService.isUrlAccessible(request, url)) {
                                        logger.error(EELFLoggerDelegate.errorLogger, "Error accesing URL. Un-authorized",AlarmSeverityEnum.MINOR);
                                        throw new UrlAccessRestrictedException();
                                }
                        }
                }

                logger.debug("successfully authorized rest call");
                logger.info(EELFLoggerDelegate.debugLogger, "successfully authorized rest call");
                handleSessionUpdates(request);
                logger.debug("handled session updates for synchronization");
                logger.info(EELFLoggerDelegate.debugLogger, "handled session updates for synchronization");
                return super.preHandle(request, response, handler);
        }

        /**
         * 
         * @param request
         */
        protected void handleSessionUpdates(HttpServletRequest request) {

                App app = null;
                Object appObj = getCacheManager().getObject(APP_METADATA);
                if (appObj == null) {
                        app = findApp();
                        getCacheManager().putObject(APP_METADATA, app);

                } else {
                        app = (App) appObj;
                }

                String ecompRestURL = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REST_URL);
                String decreptedPwd = "";
                try {
                        decreptedPwd = CipherUtil.decrypt(app.getAppPassword(),
                                        SystemProperties.getProperty(SystemProperties.Decryption_Key));
                } catch (Exception e) {
                        logger.error(EELFLoggerDelegate.errorLogger, "Could not decrypt Password" + e.getMessage(),AlarmSeverityEnum.MINOR);
                }

                PortalTimeoutHandler.handleSessionUpdatesNative(request, app.getUsername(), decreptedPwd,
                                PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY), ecompRestURL, null);
        }

        public App findApp() {
                List<?> list = null;
                StringBuffer criteria = new StringBuffer();
                criteria.append(" where id = 1");
                list = getDataAccessService().getList(App.class, criteria.toString(), null, null);
                return (list == null || list.size() == 0) ? null : (App) list.get(0);
        }

        public DataAccessService getDataAccessService() {
                return dataAccessService;
        }

        public void setDataAccessService(DataAccessService dataAccessService) {
                this.dataAccessService = dataAccessService;
        }

        public LoginService getLoginService() {
                return loginService;
        }

        public void setLoginService(LoginService loginService) {
                this.loginService = loginService;
        }

        @Autowired
        public void setCacheManager(AbstractCacheManager cacheManager) {
                this.cacheManager = cacheManager;
        }

        public AbstractCacheManager getCacheManager() {
                return cacheManager;
        }

}