* ============LICENSE_END=========================================================
*/
-package org.onap.aai.auth;
+package org.onap.aai.aaf.auth;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
+import org.eclipse.jetty.util.security.Password;
+import org.onap.aai.aaf.auth.exceptions.AAIUnrecognizedFunctionException;
+import org.onap.aai.logging.ErrorLogHelper;
+import org.onap.aai.util.AAIConfig;
+import org.onap.aai.util.AAIConstants;
import java.io.File;
import java.io.FileNotFoundException;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
-import org.eclipse.jetty.util.security.Password;
-import org.eclipse.persistence.internal.oxm.conversion.Base64;
-import org.onap.aai.auth.exceptions.AAIUnrecognizedFunctionException;
-import org.onap.aai.logging.ErrorLogHelper;
-import org.onap.aai.logging.LoggingContext;
-import org.onap.aai.logging.LoggingContext.StatusCode;
-import org.onap.aai.util.AAIConfig;
-import org.onap.aai.util.AAIConstants;
-import org.onap.aai.util.FileWatcher;
-
/**
* The Class AAIAuthCore.
*/
public final class AAIAuthCore {
- private static final EELFLogger LOGGER = EELFManager.getInstance().getLogger(AAIAuthCore.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(AAIAuthCore.class);
private static final String ERROR_CODE_AAI_4001 = "AAI_4001";
* Instantiates a new AAI auth core.
*/
public AAIAuthCore(String basePath) {
+ this(basePath, AAIConstants.AAI_AUTH_CONFIG_FILENAME);
+ }
+
+ public AAIAuthCore(String basePath, String filename){
this.basePath = basePath;
+ this.globalAuthFileName = filename;
AUTH_POLICY_PATTERN = Pattern.compile("^" + this.basePath + "/v\\d+/([\\w\\-]*)");
init();
}
+ public AAIAuthCore(String basePath, String filename, String pattern){
+ this.basePath = basePath;
+ this.globalAuthFileName = filename;
+ AUTH_POLICY_PATTERN = Pattern.compile(pattern);
+ init();
+ }
+
/**
* Inits the.
*/
* auth config file has been updated and reloads the users if so to get
* the most up to date info (that update check logic is within
* FileWatcher)
- *
+ *
* the timing this method uses is coarser than the frequency of requests
* AI&I gets so we're looking at better ways of doing this (TODO)
*/
} else if (je.getAsJsonObject().has("user")) {
String auth = je.getAsJsonObject().get("user").getAsString() + ":"
+ Password.deobfuscate(je.getAsJsonObject().get("pass").getAsString());
- String authorizationCode = new String(Base64.base64Encode(auth.getBytes("utf-8")));
+ String authorizationCode = new String(Base64.getEncoder().encode(auth.getBytes("utf-8")));
usernames.put(authorizationCode, false);
}
}
/**
* for backwards compatibility
- *
+ *
* @param username
* @param uri
* @param httpMethod
public boolean authorize(String username, String uri, String httpMethod, String haProxyUser, String issuer)
throws AAIUnrecognizedFunctionException {
String aaiMethod = this.getAuthPolicyFunctName(uri);
- if (!this.validFunctions.contains(aaiMethod)) {
+ if (!this.validFunctions.contains(aaiMethod) && !("info".equalsIgnoreCase(aaiMethod))) {
throw new AAIUnrecognizedFunctionException(aaiMethod);
}
boolean wildcardCheck = isWildcardIssuer(issuer);
/**
* returns aai user either matching the username or containing the wildcard.
- *
+ *
* @param username
* @return
*/
* @return true, if successful
*/
private boolean authorize(AAIUser aaiUser, String aaiMethod, String httpMethod) {
- if (aaiUser.hasAccess(aaiMethod, httpMethod)) {
- LoggingContext.statusCode(StatusCode.COMPLETE);
+ if ("info".equalsIgnoreCase(aaiMethod)|| aaiUser.hasAccess(aaiMethod, httpMethod)) {
LOGGER.debug("AUTH ACCEPTED: " + aaiUser.getUsername() + " on function " + aaiMethod + " request type "
+ httpMethod);
return true;
} else {
- LoggingContext.statusCode(StatusCode.ERROR);
LOGGER.debug("AUTH FAILED: " + aaiUser.getUsername() + " on function " + aaiMethod + " request type "
+ httpMethod);
return false;