Fix Babel authorisation mechanism

[aai/babel.git] / src / main / java / org / onap / aai / babel / service / GenerateArtifactsServiceImpl.java

diff --git a/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java b/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
index eef7476..532d8c7 100644 (file)
--- a/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
+++ b/src/main/java/org/onap/aai/babel/service/GenerateArtifactsServiceImpl.java
@@ -1,5 +1,5 @@
 /**
- * ============LICENSE_START=======================================================
+ * ============LICENSE_START=======================================================
  * org.onap.aai
  * ================================================================================
  * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
@@ -20,9 +20,9 @@
  */
 package org.onap.aai.babel.service;
 
-import com.att.aft.dme2.internal.gson.Gson;
-import com.att.aft.dme2.internal.gson.GsonBuilder;
-import com.att.aft.dme2.internal.gson.JsonSyntaxException;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonSyntaxException;
 import java.util.Base64;
 import java.util.List;
 import java.util.UUID;
@@ -30,10 +30,11 @@ import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.PathSegment;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
 import javax.ws.rs.core.UriInfo;
-import org.apache.commons.lang.time.StopWatch;
+import org.apache.commons.lang3.time.StopWatch;
 import org.onap.aai.auth.AAIMicroServiceAuth;
 import org.onap.aai.auth.AAIMicroServiceAuthCore;
 import org.onap.aai.babel.csar.CsarConverterException;
@@ -49,16 +50,16 @@ import org.onap.aai.babel.service.data.BabelArtifact;
 import org.onap.aai.babel.service.data.BabelRequest;
 import org.onap.aai.babel.util.RequestValidationException;
 import org.onap.aai.babel.util.RequestValidator;
+import org.springframework.stereotype.Service;
 
 /** Generate SDC Artifacts by passing in a CSAR payload, Artifact Name and Artifact version */
+@Service
 public class GenerateArtifactsServiceImpl implements GenerateArtifactsService {
     private static final LogHelper applicationLogger = LogHelper.INSTANCE;
 
     private AAIMicroServiceAuth aaiMicroServiceAuth;
 
-    /**
-     * @param authorization
-     */
+    /** @param authorization */
     @Inject
     public GenerateArtifactsServiceImpl(final AAIMicroServiceAuth authorization) {
         this.aaiMicroServiceAuth = authorization;
@@ -98,8 +99,12 @@ public class GenerateArtifactsServiceImpl implements GenerateArtifactsService {
 
         Response response;
         try {
+            // Get last URI path segment to use for authentication
+            List<PathSegment> pathSegments = uriInfo.getPathSegments();
+            String lastPathSegment = pathSegments.isEmpty() ? "" : pathSegments.get(pathSegments.size() - 1).getPath();
+
             boolean authorized = aaiMicroServiceAuth.validateRequest(headers, servletRequest,
-                    AAIMicroServiceAuthCore.HTTP_METHODS.POST, uriInfo.getPath(false));
+                    AAIMicroServiceAuthCore.HTTP_METHODS.POST, lastPathSegment);
 
             response = authorized ? generateArtifacts(requestBody)
                     : buildResponse(Status.UNAUTHORIZED, "User not authorized to perform the operation.");