/*-
* ============LICENSE_START=======================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
package org.onap.policy.pdpx.main.rest;
+import com.att.research.xacml.api.Request;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ResponseHeader;
import io.swagger.annotations.SecurityDefinition;
import io.swagger.annotations.SwaggerDefinition;
-
import java.util.UUID;
-
+import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
-
import org.onap.policy.common.endpoints.report.HealthCheckReport;
import org.onap.policy.models.decisions.concepts.DecisionException;
import org.onap.policy.models.decisions.concepts.DecisionRequest;
@Consumes({MediaType.APPLICATION_JSON, XacmlPdpRestController.APPLICATION_YAML})
@SwaggerDefinition(info = @Info(description = "Policy Xacml PDP Service", version = "1.0.0", title = "Policy Xacml PDP",
extensions = {@Extension(properties = {@ExtensionProperty(name = "planned-retirement-date", value = "tbd"),
- @ExtensionProperty(name = "component", value = "Policy Framework")})}),
+ @ExtensionProperty(name = "component", value = "Policy Framework")})}),
schemes = {SwaggerDefinition.Scheme.HTTP, SwaggerDefinition.Scheme.HTTPS},
securityDefinition = @SecurityDefinition(basicAuthDefinitions = {@BasicAuthDefinition(key = "basicAuth")}))
public class XacmlPdpRestController {
private static final Logger LOGGER = LoggerFactory.getLogger(XacmlPdpRestController.class);
public static final String APPLICATION_YAML = "application/yaml";
-
+ public static final String APPLICATION_XACML_JSON = "application/xacml+json";
+ public static final String APPLICATION_XACML_XML = "application/xacml+xml";
@GET
@Path("/healthcheck")
@ApiOperation(value = "Perform a system healthcheck",
notes = "Provides healthy status of the Policy Xacml PDP component", response = HealthCheckReport.class,
responseHeaders = {
- @ResponseHeader(name = "X-MinorVersion",
+ @ResponseHeader(name = "X-MinorVersion",
description = "Used to request or communicate a MINOR version back from the client"
+ " to the server, and from the server back to the client",
response = String.class),
- @ResponseHeader(name = "X-PatchVersion",
+ @ResponseHeader(name = "X-PatchVersion",
description = "Used only to communicate a PATCH version in a response for"
+ " troubleshooting purposes only, and will not be provided by"
+ " the client on request",
response = String.class),
- @ResponseHeader(name = "X-LatestVersion",
+ @ResponseHeader(name = "X-LatestVersion",
description = "Used only to communicate an API's latest version", response = String.class),
- @ResponseHeader(name = "X-ONAP-RequestID",
+ @ResponseHeader(name = "X-ONAP-RequestID",
description = "Used to track REST transactions for logging purpose",
response = UUID.class)},
- authorizations = @Authorization(value = "basicAuth"), tags = {"HealthCheck",},
+ authorizations = @Authorization(value = "basicAuth"), tags = {"HealthCheck", },
extensions = {@Extension(name = "interface info",
properties = {@ExtensionProperty(name = "pdpx-version", value = "1.0.0"),
- @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
+ @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
@ApiResponses(value = {@ApiResponse(code = 401, message = "Authentication Error"),
- @ApiResponse(code = 403, message = "Authorization Error"),
- @ApiResponse(code = 500, message = "Internal Server Error")})
+ @ApiResponse(code = 403, message = "Authorization Error"),
+ @ApiResponse(code = 500, message = "Internal Server Error")})
public Response healthcheck(
@HeaderParam("X-ONAP-RequestID") @ApiParam("RequestID for http transaction") UUID requestId) {
return addLoggingHeaders(addVersionControlHeaders(Response.status(Response.Status.OK)), requestId)
@ApiOperation(value = "Fetch current statistics",
notes = "Provides current statistics of the Policy Xacml PDP component", response = StatisticsReport.class,
responseHeaders = {
- @ResponseHeader(name = "X-MinorVersion",
+ @ResponseHeader(name = "X-MinorVersion",
description = "Used to request or communicate a MINOR version back from the client"
+ " to the server, and from the server back to the client",
response = String.class),
- @ResponseHeader(name = "X-PatchVersion",
+ @ResponseHeader(name = "X-PatchVersion",
description = "Used only to communicate a PATCH version in a response for"
+ " troubleshooting purposes only, and will not be provided by"
+ " the client on request",
response = String.class),
- @ResponseHeader(name = "X-LatestVersion",
+ @ResponseHeader(name = "X-LatestVersion",
description = "Used only to communicate an API's latest version", response = String.class),
- @ResponseHeader(name = "X-ONAP-RequestID",
+ @ResponseHeader(name = "X-ONAP-RequestID",
description = "Used to track REST transactions for logging purpose",
response = UUID.class)},
- authorizations = @Authorization(value = "basicAuth"), tags = {"Statistics",},
+ authorizations = @Authorization(value = "basicAuth"), tags = {"Statistics", },
extensions = {@Extension(name = "interface info",
properties = {@ExtensionProperty(name = "pdpx-version", value = "1.0.0"),
- @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
+ @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
@ApiResponses(value = {@ApiResponse(code = 401, message = "Authentication Error"),
- @ApiResponse(code = 403, message = "Authorization Error"),
- @ApiResponse(code = 500, message = "Internal Server Error")})
+ @ApiResponse(code = 403, message = "Authorization Error"),
+ @ApiResponse(code = 500, message = "Internal Server Error")})
public Response statistics(
@HeaderParam("X-ONAP-RequestID") @ApiParam("RequestID for http transaction") UUID requestId) {
return addLoggingHeaders(addVersionControlHeaders(Response.status(Response.Status.OK)), requestId)
@ApiOperation(value = "Fetch the decision using specified decision parameters",
notes = "Returns the policy decision from Policy Xacml PDP", response = DecisionResponse.class,
responseHeaders = {
- @ResponseHeader(name = "X-MinorVersion",
+ @ResponseHeader(name = "X-MinorVersion",
description = "Used to request or communicate a MINOR version back from the client"
+ " to the server, and from the server back to the client",
response = String.class),
- @ResponseHeader(name = "X-PatchVersion",
+ @ResponseHeader(name = "X-PatchVersion",
description = "Used only to communicate a PATCH version in a response for"
+ " troubleshooting purposes only, and will not be provided by"
+ " the client on request",
response = String.class),
- @ResponseHeader(name = "X-LatestVersion",
+ @ResponseHeader(name = "X-LatestVersion",
description = "Used only to communicate an API's latest version", response = String.class),
- @ResponseHeader(name = "X-ONAP-RequestID",
+ @ResponseHeader(name = "X-ONAP-RequestID",
description = "Used to track REST transactions for logging purpose",
response = UUID.class)},
- authorizations = @Authorization(value = "basicAuth"), tags = {"Decision",},
+ authorizations = @Authorization(value = "basicAuth"), tags = {"Decision", },
extensions = {@Extension(name = "interface info",
properties = {@ExtensionProperty(name = "pdpx-version", value = "1.0.0"),
- @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
+ @ExtensionProperty(name = "last-mod-release", value = "Dublin")})})
@ApiResponses(value = {@ApiResponse(code = 400, message = "Bad Request", response = ErrorResponse.class),
- @ApiResponse(code = 401, message = "Authentication Error"),
- @ApiResponse(code = 403, message = "Authorization Error"),
- @ApiResponse(code = 500, message = "Internal Server Error")})
+ @ApiResponse(code = 401, message = "Authentication Error"),
+ @ApiResponse(code = 403, message = "Authorization Error"),
+ @ApiResponse(code = 500, message = "Internal Server Error")})
public Response decision(DecisionRequest body,
+ @HeaderParam("X-ONAP-RequestID") @ApiParam("RequestID for http transaction") UUID requestId,
+ @Context HttpServletRequest request) {
+ try {
+ return addLoggingHeaders(addVersionControlHeaders(Response.status(Response.Status.OK)), requestId)
+ .entity(new DecisionProvider().fetchDecision(body, request.getParameterMap())).build();
+ } catch (DecisionException e) {
+ LOGGER.error("Decision exception", e);
+ XacmlPdpStatisticsManager.getCurrent().updateErrorCount();
+ return addLoggingHeaders(
+ addVersionControlHeaders(Response.status((e.getErrorResponse().getResponseCode()))), requestId)
+ .entity(e.getErrorResponse()).build();
+ }
+ }
+
+ /**
+ * Our native decision entry point.
+ *
+ * @param body Should be an Xacml Request object
+ * @param requestId Unique request id
+ * @return Xacml Response or ErrorResponse object
+ */
+ @POST
+ @Path("/xacml")
+ @Produces({XacmlPdpRestController.APPLICATION_XACML_JSON, XacmlPdpRestController.APPLICATION_XACML_XML})
+ @Consumes({XacmlPdpRestController.APPLICATION_XACML_JSON, XacmlPdpRestController.APPLICATION_XACML_XML})
+ @ApiOperation(value = "Fetch the decision using specified decision parameters",
+ notes = "Returns the policy decision from Policy Xacml PDP",
+ response = com.att.research.xacml.api.Response.class,
+ responseHeaders = {
+ @ResponseHeader(name = "X-MinorVersion",
+ description = "Used to request or communicate a MINOR version back from the client"
+ + " to the server, and from the server back to the client",
+ response = String.class),
+ @ResponseHeader(name = "X-PatchVersion",
+ description = "Used only to communicate a PATCH version in a response for"
+ + " troubleshooting purposes only, and will not be provided by"
+ + " the client on request",
+ response = String.class),
+ @ResponseHeader(name = "X-LatestVersion",
+ description = "Used only to communicate an API's latest version", response = String.class),
+ @ResponseHeader(name = "X-ONAP-RequestID",
+ description = "Used to track REST transactions for logging purpose",
+ response = UUID.class)},
+ authorizations = @Authorization(value = "basicAuth"), tags = {"Decision", },
+ extensions = {@Extension(name = "interface info",
+ properties = {@ExtensionProperty(name = "pdpx-version", value = "1.0.0"),
+ @ExtensionProperty(name = "last-mod-release", value = "Frankfurt")})})
+ @ApiResponses(value = {@ApiResponse(code = 400, message = "Bad Request", response = ErrorResponse.class),
+ @ApiResponse(code = 401, message = "Authentication Error"),
+ @ApiResponse(code = 403, message = "Authorization Error"),
+ @ApiResponse(code = 500, message = "Internal Server Error")})
+ public Response xacml(Request body,
@HeaderParam("X-ONAP-RequestID") @ApiParam("RequestID for http transaction") UUID requestId) {
try {
return addLoggingHeaders(addVersionControlHeaders(Response.status(Response.Status.OK)), requestId)
- .entity(new DecisionProvider().fetchDecision(body)).build();
+ .entity(new DecisionProvider().fetchNativeDecision(body)).build();
} catch (DecisionException e) {
LOGGER.error("Decision exception", e);
XacmlPdpStatisticsManager.getCurrent().updateErrorCount();