+++ /dev/null
-/*-
- * ============LICENSE_START=======================================================
- * ECOMP Policy Engine
- * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.openecomp.policy.pypdp.authorization;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.HashMap;
-import java.util.Properties;
-import java.util.StringTokenizer;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.openecomp.policy.common.logging.eelf.MessageCodes;
-import org.openecomp.policy.common.logging.eelf.PolicyLogger;
-
-import org.openecomp.policy.xacml.api.XACMLErrorConstants;
-
-public class AuthenticationService {
- private String pyPDPID = Config.getPYPDPID();
- private String pyPDPPass = Config.getPYPDPPass();
- private static Path clientPath = null;
- private static HashMap<String, ArrayList<String>> clientMap = null;
- private static Long oldModified = null;
- private static Long newModified = null;
- private static final Log logger = LogFactory.getLog(AuthenticationService.class);
-
- public boolean authenticate(String authCredentials) {
-
- if (null == authCredentials)
- return false;
- // header value format will be "Basic encodedstring" for Basic authentication.
- final String encodedUserPassword = authCredentials.replaceFirst("Basic" + " ", "");
- String usernameAndPassword = null;
- try {
- byte[] decodedBytes = Base64.getDecoder().decode(encodedUserPassword);
- usernameAndPassword = new String(decodedBytes, "UTF-8");
- } catch (Exception e) {
- logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "");
- return false;
- }
- try {
- final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
- final String username = tokenizer.nextToken();
- final String password = tokenizer.nextToken();
-
- boolean authenticationStatus = pyPDPID.equals(username) && pyPDPPass.equals(password);
- return authenticationStatus;
- } catch (Exception e){
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "");
- return false;
- }
- }
-
- public static boolean clientAuth(String clientCredentials) {
- if(clientCredentials == null){
- return false;
- }
- // Decode the encoded Client Credentials.
- String usernameAndPassword = null;
- try {
- byte[] decodedBytes = Base64.getDecoder().decode(clientCredentials);
- usernameAndPassword = new String(decodedBytes, "UTF-8");
- } catch (Exception e) {
- logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "");
- return false;
- }
- try {
- final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
- final String username = tokenizer.nextToken();
- final String password = tokenizer.nextToken();
- return checkClient(username,password);
- } catch(Exception e){
- logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "");
- return false;
- }
- }
-
- public static boolean checkClientScope(String clientCredentials, String scope) {
- if(clientCredentials == null){
- return false;
- }
- // Decode the encoded Client Credentials.
- String usernameAndPassword = null;
- try {
- byte[] decodedBytes = Base64.getDecoder().decode(clientCredentials);
- usernameAndPassword = new String(decodedBytes, "UTF-8");
- } catch (Exception e) {
- logger.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_DATA_ISSUE, e, "");
- return false;
- }
- final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
- final String username = tokenizer.nextToken();
- // Read the properties and compare.
- try{
- readFile();
- }catch(Exception e){
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "");
- return false;
- }
- // Check ID, Scope
- if (clientMap.containsKey(username) && (clientMap.get(username).get(1).equals(scope) || clientMap.get(username).get(1).equals("MASTER"))) {
- return true;
- }
- return false;
- }
-
- private static boolean checkClient(String username, String password) {
- // Read the properties and compare.
- try{
- readFile();
- }catch(Exception e){
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "");
- return false;
- }
- // Check ID, Key
- if (clientMap.containsKey(username) && clientMap.get(username).get(0).equals(password)) {
- return true;
- }
- return false;
- }
-
- private static void readFile() throws Exception {
- String clientFile = Config.getClientFile();
- if (clientFile == null) {
- Config.setProperty();
- if(clientFile == null){
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Missing CLIENT_FILE property value: " + clientFile);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, "Missing CLIENT_FILE property value: " + clientFile);
- throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Missing CLIENT_FILE property value: " + clientFile);
- }
- }
- if (clientPath == null) {
- clientPath = Paths.get(clientFile);
- if (Files.notExists(clientPath)) {
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "File doesn't exist in the specified Path : " + clientPath.toString());
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, "File doesn't exist in the specified Path : " + clientPath.toString());
- throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"File doesn't exist in the specified Path : "+ clientPath.toString());
- }
- if (clientPath.toString().endsWith(".properties")) {
- readProps();
- } else {
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file " + clientFile);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, "Not a .properties file " + clientFile);
- throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Not a .properties file " + clientFile);
- }
- }
- // Check if File is updated recently
- else {
- newModified = clientPath.toFile().lastModified();
- if (newModified != oldModified) {
- // File has been updated.
- readProps();
- }
- }
- }
-
- private static void readProps() throws Exception{
- InputStream in;
- Properties clientProp = new Properties();
- try {
- in = new FileInputStream(clientPath.toFile());
- oldModified = clientPath.toFile().lastModified();
- clientProp.load(in);
- } catch (IOException e) {
- logger.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
- // TODO:EELF Cleanup - Remove logger
- PolicyLogger.error(MessageCodes.ERROR_SYSTEM_ERROR, e, "");
- throw new Exception(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Cannot Load the Properties file", e);
-
- }
- // Read the Properties and Load the PDPs and encoding.
- clientMap = new HashMap<String, ArrayList<String>>();
- //
- for (Object propKey : clientProp.keySet()) {
- String clientID = (String)propKey;
- String clientValue = clientProp.getProperty(clientID);
- if (clientValue != null) {
- if (clientValue.contains(",")) {
- ArrayList<String> clientValues = new ArrayList<String>(Arrays.asList(clientValue.split("\\s*,\\s*")));
- if(clientValues.get(0)!=null || clientValues.get(1)!=null || clientValues.get(0).isEmpty() || clientValues.get(1).isEmpty()){
- clientMap.put(clientID, clientValues);
- }
- }
- }
- }
- if (clientMap == null || clientMap.isEmpty()) {
- logger.debug(XACMLErrorConstants.ERROR_PERMISSIONS + "No Clients ID , Client Key and Scopes are available. Cannot serve any Clients !!");
- }
- }
-}
Code Review / policy / engine.git / blobdiff