-
- public void setMessage(String string) {
- err.setMessage(string);
- }
-
-
- public void setFields(String string) {
- err.setFields(string);
- }
-
- private Response buildResponse( Object obj ) {
- stopwatch.stop();
- MDC.put( MDC_RESPONSE_CODE, String.valueOf(err.getCode()) );
-
- auditLogger.auditEvent( "" );
- return Response.status( err.getCode())
- .entity(obj)
- .build();
- }
- private Response buildSuccessResponse(Object d) {
- MDC.put( MDC_STATUS_CODE, "COMPLETE");
- MDC.put( MDC_RESPONSE_DESC, "");
- return buildResponse( d );
- }
- private Response buildErrResponse() {
-
- MDC.put( MDC_STATUS_CODE, "ERROR");
- MDC.put( MDC_RESPONSE_DESC, err.getMessage());
-
- return buildResponse(getErr());
- }
- public Response success( Object d ) {
- err.setCode(Status.OK.getStatusCode());
- return buildSuccessResponse(d);
-
- }
- public Response success( int code, Object d ) {
- err.setCode(code);
- return buildSuccessResponse(d);
- }
-
- public Response unauthorized( String msg ) {
- err.setCode(Status.UNAUTHORIZED.getStatusCode());
- err.setFields( "Authorization");
- err.setMessage( msg );
- return buildErrResponse();
- }
- public Response unauthorized() {
- err.setCode(Status.UNAUTHORIZED.getStatusCode());
- err.setFields( "Authorization");
- err.setMessage( "User credentials in HTTP Header field Authorization are not authorized for the requested action");
- return buildErrResponse();
- }
- public Response unavailable() {
- err.setCode(Status.SERVICE_UNAVAILABLE.getStatusCode());
- err.setMessage( "Request is unavailable due to unexpected condition");
- return buildErrResponse();
- }
- public Response notFound() {
- err.setCode(Status.NOT_FOUND.getStatusCode());
- err.setMessage( "Requested object not found");
- return buildErrResponse();
- }
- public Response error() {
- return buildErrResponse();
- }
-
- public void checkAuthorization( String auth, String uriPath, String httpMethod ) throws AuthenticationErrorException, Exception {
- authorization = auth;
- setUriFromPath( uriPath );
- method = httpMethod;
-
- checkAuthorization();
- }
-
-
- public void checkAuthorization() throws AuthenticationErrorException, Exception {
-
- MDC.put(MDC_KEY_REQUEST_ID, requestId);
-
- logger.info("request: uri={} method={} auth={}", uri, method, authorization );
-
- if ( uri == null || uri.isEmpty()) {
- String errmsg = "No URI value provided ";
- err.setMessage(errmsg);
- logger.info( errmsg );
- throw new AuthenticationErrorException( );
- }
- if ( method == null || method.isEmpty()) {
- String errmsg = "No method value provided ";
- err.setMessage(errmsg);
- logger.info( errmsg );
- throw new AuthenticationErrorException( );
- }
- DmaapService dmaapService = new DmaapService();
- Dmaap dmaap = dmaapService.getDmaap();
- String env = dmaap.getDmaapName();
-
- // special case during bootstrap of app when DMaaP environment may not be set.
- // this allows us to authorize certain APIs used for initialization during this window.
- if ( env == null || env.isEmpty() ) {
- env = "boot";
- }
- if ( ! usePE ) return; // skip authorization if not enabled
- if ( authorization == null || authorization.isEmpty()) {
- String errmsg = "No basic authorization value provided ";
- err.setMessage(errmsg);
- logger.info( errmsg );
- throw new AuthenticationErrorException( );
- }
- String credentials = authorization.substring("Basic".length()).trim();
- byte[] decoded = DatatypeConverter.parseBase64Binary(credentials);
- String decodedString = new String(decoded);
- String[] actualCredentials = decodedString.split(":");
- String ID = actualCredentials[0];
- String Password = actualCredentials[1];
- MDC.put(MDC_PARTNER_NAME, ID);
- try {
-
- DmaapPerm p = new DmaapPerm( apiNamespace + "." + uri, env, method );
- apiPolicy.check( ID, Password, p);
- } catch ( AuthenticationErrorException ae ) {
- String errmsg = "User " + ID + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env + " " + method;
- logger.info( errmsg );
- err.setMessage(errmsg);
- throw ae;
-
- }
-
-
- }
- public String getRequestId() {
- return requestId;
- }
- public ApiService setRequestId(String requestId) {
- if ( requestId == null || requestId.isEmpty()) {
- this.requestId = (new RandomString(10)).nextString();
- logger.warn( "X-ECOMP-RequestID not set in HTTP Header. Setting RequestId value to: " + this.requestId );
- } else {
- this.requestId = requestId;
- }
- MDC.put(MDC_KEY_REQUEST_ID, this.requestId);
- return this;
- }
+ private String apiNamespace;
+ private String uri;
+ private String uriPath;
+ private String method;
+ private String authorization;
+ private String requestId;
+ private ApiError err;
+ private ApiPolicy apiPolicy;
+ private CredentialsParser credentialsParser = new CredentialsParser();
+
+ public ApiService() {
+
+ err = new ApiError();
+ requestId = (new RandomString(10)).nextString();
+
+ if (apiNamespace == null) {
+ DmaapConfig p = (DmaapConfig) DmaapConfig.getConfig();
+ apiNamespace = p.getProperty("ApiNamespace", "org.openecomp.dmaapBC.api");
+ logger.info("config param usePE has been deprecated. Use ApiPermission.Class property instead.");
+ }
+ apiPolicy = new ApiPolicy();
+
+ logger.info("apiNamespace=" + apiNamespace);
+ }
+
+ public ApiService setAuth(String auth) {
+ this.authorization = auth;
+ logger.info("setAuth: authorization={} ", authorization);
+ return this;
+ }
+
+ private void setServiceName() {
+ String svcRequest = new String(this.method + " " + this.uriPath);
+ MDC.put(MDC_SERVICE_NAME, svcRequest);
+ }
+
+ public ApiService setHttpMethod(String httpMethod) {
+ this.method = httpMethod;
+ logger.info("setHttpMethod: method={} ", method);
+ setServiceName();
+ return this;
+ }
+
+ public ApiService setUriPath(String uriPath) {
+ this.uriPath = uriPath;
+ this.uri = setUriFromPath(uriPath);
+ logger.info("setUriPath: uriPath={} uri={}", uriPath, uri);
+ setServiceName();
+ return this;
+ }
+
+ private String setUriFromPath(String uriPath) {
+ int ch = uriPath.indexOf("/");
+ if (ch > 0) {
+ return ((String) uriPath.subSequence(0, ch));
+ } else {
+ return uriPath;
+ }
+ }
+
+ public ApiError getErr() {
+ return err;
+ }
+
+ public void checkAuthorization() throws Exception {
+
+ MDC.put(MDC_KEY_REQUEST_ID, requestId);
+
+ logger.info("request: uri={} method={} auth={}", uri, method, authorization);
+
+ if (uri == null || uri.isEmpty()) {
+ String errmsg = "No URI value provided ";
+ err.setMessage(errmsg);
+ logger.info(errmsg);
+ throw new AuthenticationErrorException();
+ }
+ if (method == null || method.isEmpty()) {
+ String errmsg = "No method value provided ";
+ err.setMessage(errmsg);
+ logger.info(errmsg);
+ throw new AuthenticationErrorException();
+ }
+ DmaapService dmaapService = new DmaapService();
+ Dmaap dmaap = dmaapService.getDmaap();
+ String env = dmaap.getDmaapName();
+
+ // special case during bootstrap of app when DMaaP environment may not be set.
+ // this allows us to authorize certain APIs used for initialization during this window.
+ if (env == null || env.isEmpty()) {
+ env = "boot";
+ }
+ if (!apiPolicy.isPermissionClassSet()) {
+ return; // skip authorization if not enabled
+ }
+
+ Credentials credentials = credentialsParser.parse(authorization);
+ try {
+ DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method);
+ apiPolicy.check(credentials.getId(), credentials.getPwd(), p);
+ } catch (AuthenticationErrorException ae) {
+ String errmsg =
+ "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
+ + " " + method;
+ logger.info(errmsg);
+ err.setMessage(errmsg);
+ throw ae;
+
+ }
+ }
+
+ public ApiService setRequestId(String requestId) {
+ if (requestId == null || requestId.isEmpty()) {
+ this.requestId = (new RandomString(10)).nextString();
+ logger.warn("X-ECOMP-RequestID not set in HTTP Header. Setting RequestId value to: " + this.requestId);
+ } else {
+ this.requestId = requestId;
+ }
+ MDC.put(MDC_KEY_REQUEST_ID, this.requestId);
+ return this;
+ }