--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.authz.gw;\r
+\r
+import java.net.HttpURLConnection;\r
+import java.util.ArrayList;\r
+import java.util.EnumSet;\r
+import java.util.List;\r
+import java.util.Map;\r
+import java.util.Properties;\r
+\r
+import org.onap.aaf.authz.env.AuthzEnv;\r
+import org.onap.aaf.authz.gw.api.API_AAFAccess;\r
+import org.onap.aaf.authz.gw.api.API_Api;\r
+import org.onap.aaf.authz.gw.api.API_Find;\r
+import org.onap.aaf.authz.gw.api.API_Proxy;\r
+import org.onap.aaf.authz.gw.api.API_TGuard;\r
+import org.onap.aaf.authz.gw.facade.GwFacade_1_0;\r
+import org.onap.aaf.authz.gw.mapper.Mapper.API;\r
+import org.onap.aaf.authz.server.AbsServer;\r
+import org.onap.aaf.cache.Cache;\r
+import org.onap.aaf.cache.Cache.Dated;\r
+import org.onap.aaf.cssa.rserv.HttpMethods;\r
+\r
+import com.att.aft.dme2.api.DME2Exception;\r
+\r
+import com.att.aft.dme2.api.DME2Manager;\r
+import com.att.aft.dme2.api.DME2Server;\r
+import com.att.aft.dme2.api.DME2ServerProperties;\r
+import com.att.aft.dme2.api.DME2ServiceHolder;\r
+import com.att.aft.dme2.api.util.DME2FilterHolder;\r
+import com.att.aft.dme2.api.util.DME2FilterHolder.RequestDispatcherType;\r
+import com.att.aft.dme2.api.util.DME2ServletHolder;\r
+import org.onap.aaf.cadi.CadiException;\r
+//import org.onap.aaf.cadi.PropAccess;\r
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;\r
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;\r
+import org.onap.aaf.cadi.config.Config;\r
+import org.onap.aaf.inno.env.APIException;\r
+\r
+public class GwAPI extends AbsServer {\r
+ private static final String USER_PERMS = "userPerms";\r
+ private GwFacade_1_0 facade; // this is the default Facade\r
+ private GwFacade_1_0 facade_1_0_XML;\r
+ public Map<String, Dated> cacheUser;\r
+ public final String aafurl;\r
+ public final AAFAuthn<HttpURLConnection> aafAuthn;\r
+ public final AAFLurPerm aafLurPerm;\r
+ public DME2Manager dme2Man;\r
+\r
+ \r
+ /**\r
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs\r
+ * \r
+ * @param env\r
+ * @param si \r
+ * @param dm \r
+ * @param decryptor \r
+ * @throws APIException \r
+ */\r
+ public GwAPI(AuthzEnv env) throws Exception {\r
+ super(env,"AAF GW");\r
+ aafurl = env.getProperty(Config.AAF_URL); \r
+\r
+ // Setup Logging\r
+ //env.setLog4JNames("log4j.properties","authz","gw","audit","init","trace");\r
+\r
+ aafLurPerm = aafCon.newLur();\r
+ // Note: If you need both Authn and Authz construct the following:\r
+ aafAuthn = aafCon.newAuthn(aafLurPerm);\r
+\r
+ // Initialize Facade for all uses\r
+ //AuthzTrans trans = env.newTrans();\r
+\r
+ // facade = GwFacadeFactory.v1_0(env,trans,Data.TYPE.JSON); // Default Facade\r
+ // facade_1_0_XML = GwFacadeFactory.v1_0(env,trans,Data.TYPE.XML);\r
+\r
+ synchronized(env) {\r
+ if(cacheUser == null) {\r
+ cacheUser = Cache.obtain(USER_PERMS);\r
+ //Cache.startCleansing(env, USER_PERMS);\r
+ Cache.addShutdownHook(); // Setup Shutdown Hook to close cache\r
+ }\r
+ }\r
+ \r
+ ////////////////////////////////////////////////////////////////////////////\r
+ // Time Critical\r
+ // These will always be evaluated first\r
+ ////////////////////////////////////////////////////////////////////////\r
+ API_AAFAccess.init(this,facade);\r
+ API_Find.init(this, facade);\r
+ API_TGuard.init(this, facade);\r
+ API_Proxy.init(this, facade);\r
+ \r
+ ////////////////////////////////////////////////////////////////////////\r
+ // Management APIs\r
+ ////////////////////////////////////////////////////////////////////////\r
+ // There are several APIs around each concept, and it gets a bit too\r
+ // long in this class to create. The initialization of these Management\r
+ // APIs have therefore been pushed to StandAlone Classes with static\r
+ // init functions\r
+ API_Api.init(this, facade);\r
+\r
+ ////////////////////////////////////////////////////////////////////////\r
+ // Default Function\r
+ ////////////////////////////////////////////////////////////////////////\r
+ API_AAFAccess.initDefault(this,facade);\r
+\r
+ }\r
+ \r
+ /**\r
+ * Setup XML and JSON implementations for each supported Version type\r
+ * \r
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties\r
+ * to do Versions and Content switches\r
+ * \r
+ */\r
+ public void route(HttpMethods meth, String path, API api, GwCode code) throws Exception {\r
+ String version = "1.0";\r
+ // Get Correct API Class from Mapper\r
+ Class<?> respCls = facade.mapper().getClass(api); \r
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());\r
+ // setup Application API HTML ContentTypes for JSON and Route\r
+ String application = applicationJSON(respCls, version);\r
+ //route(env,meth,path,code,application,"application/json;version="+version,"*/*");\r
+\r
+ // setup Application API HTML ContentTypes for XML and Route\r
+ application = applicationXML(respCls, version);\r
+ //route(env,meth,path,code.clone(facade_1_0_XML,false),application,"text/xml;version="+version);\r
+ \r
+ // Add other Supported APIs here as created\r
+ }\r
+ \r
+ public void routeAll(HttpMethods meth, String path, API api, GwCode code) throws Exception {\r
+ //route(env,meth,path,code,""); // this will always match\r
+ }\r
+\r
+\r
+ /**\r
+ * Start up AuthzAPI as DME2 Service\r
+ * @param env\r
+ * @param props\r
+ * @throws DME2Exception\r
+ * @throws CadiException \r
+ */\r
+ public void startDME2(Properties props) throws DME2Exception, CadiException {\r
+ \r
+ dme2Man = new DME2Manager("GatewayDME2Manager",props);\r
+\r
+ DME2ServiceHolder svcHolder;\r
+ List<DME2ServletHolder> slist = new ArrayList<DME2ServletHolder>();\r
+ svcHolder = new DME2ServiceHolder();\r
+ String serviceName = env.getProperty("DMEServiceName",null);\r
+ if(serviceName!=null) {\r
+ svcHolder.setServiceURI(serviceName);\r
+ svcHolder.setManager(dme2Man);\r
+ svcHolder.setContext("/");\r
+ \r
+ \r
+ \r
+ DME2ServletHolder srvHolder = new DME2ServletHolder(this, new String[] {"/dme2","/api"});\r
+ srvHolder.setContextPath("/*");\r
+ slist.add(srvHolder);\r
+ \r
+ EnumSet<RequestDispatcherType> edlist = EnumSet.of(\r
+ RequestDispatcherType.REQUEST,\r
+ RequestDispatcherType.FORWARD,\r
+ RequestDispatcherType.ASYNC\r
+ );\r
+\r
+ ///////////////////////\r
+ // Apply Filters\r
+ ///////////////////////\r
+ List<DME2FilterHolder> flist = new ArrayList<DME2FilterHolder>();\r
+ \r
+ // Leave Login page un secured\r
+ // AuthzTransOnlyFilter atof = new AuthzTransOnlyFilter(env);\r
+ // flist.add(new DME2FilterHolder(atof,"/login", edlist));\r
+\r
+ // Secure all other interactions with AuthzTransFilter\r
+// flist.add(new DME2FilterHolder(\r
+// new AuthzTransFilter(env, aafCon, new AAFTrustChecker(\r
+// env.getProperty(Config.CADI_TRUST_PROP, Config.CADI_USER_CHAIN),\r
+// Define.ROOT_NS + ".mechid|"+Define.ROOT_COMPANY+"|trust"\r
+// )),\r
+// "/*", edlist));\r
+// \r
+\r
+ svcHolder.setFilters(flist);\r
+ svcHolder.setServletHolders(slist);\r
+ \r
+ DME2Server dme2svr = dme2Man.getServer();\r
+// dme2svr.setGracefulShutdownTimeMs(1000);\r
+ \r
+ // env.init().log("Starting GW Jetty/DME2 server...");\r
+ dme2svr.start();\r
+ DME2ServerProperties dsprops = dme2svr.getServerProperties();\r
+ try {\r
+// if(env.getProperty("NO_REGISTER",null)!=null)\r
+ dme2Man.bindService(svcHolder);\r
+// env.init().log("DME2 is available as HTTP"+(dsprops.isSslEnable()?"/S":""),"on port:",dsprops.getPort());\r
+\r
+ while(true) { // Per DME2 Examples...\r
+ Thread.sleep(5000);\r
+ }\r
+ } catch(InterruptedException e) {\r
+ // env.init().log("AAF Jetty Server interrupted!");\r
+ } catch(Exception e) { // Error binding service doesn't seem to stop DME2 or Process\r
+ // env.init().log(e,"DME2 Initialization Error");\r
+ dme2svr.stop();\r
+ System.exit(1);\r
+ }\r
+ } else {\r
+ //env.init().log("Properties must contain DMEServiceName");\r
+ }\r
+ }\r
+\r
+ public static void main(String[] args) {\r
+ setup(GwAPI.class,"authGW.props");\r
+ }\r
+\r
+// public void route(PropAccess env, HttpMethods get, String string, GwCode gwCode, String string2, String string3,\r
+// String string4) {\r
+// // TODO Auto-generated method stub\r
+// \r
+// }\r
+\r
+}\r
Code Review / aaf / authz.git / blobdiff