package org.onap.dmaap.dbcapi.service;
import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
-import static com.att.eelf.configuration.Configuration.MDC_PARTNER_NAME;
import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-import javax.ws.rs.core.Response.Status;
-import javax.xml.bind.DatatypeConverter;
import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
import org.onap.dmaap.dbcapi.authentication.ApiPolicy;
import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException;
import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
import org.onap.dmaap.dbcapi.model.ApiError;
import org.onap.dmaap.dbcapi.model.Dmaap;
-import org.onap.dmaap.dbcapi.resources.RequiredFieldException;
import org.onap.dmaap.dbcapi.util.DmaapConfig;
import org.onap.dmaap.dbcapi.util.RandomString;
import org.slf4j.MDC;
private String requestId;
private ApiError err;
private ApiPolicy apiPolicy;
+ private CredentialsParser credentialsParser = new CredentialsParser();
public ApiService() {
return err;
}
-
- public void setErr(ApiError err) {
- this.err = err;
- }
-
-
- // test for presence of a required field
- public void required(String name, Object val, String expr) throws RequiredFieldException {
- err.setCode(0);
- if (val == null) {
- err.setCode(Status.BAD_REQUEST.getStatusCode());
- err.setMessage("missing required field");
- err.setFields(name);
- throw new RequiredFieldException();
- }
- if (expr != null && !expr.isEmpty()) {
- Pattern pattern = Pattern.compile(expr);
- Matcher matcher = pattern.matcher((CharSequence) val);
- if (!matcher.find()) {
- err.setCode(Status.BAD_REQUEST.getStatusCode());
- err.setMessage("value '" + val + "' violates regexp check '" + expr + "'");
- err.setFields(name);
- throw new RequiredFieldException();
- }
- }
- }
-
- // utility to serialize ApiErr object
- public String toString() {
- return String.format("code=%d msg=%s fields=%s", err.getCode(), err.getMessage(), err.getFields());
- }
-
-
- public void setCode(int statusCode) {
- err.setCode(statusCode);
- }
-
-
- public void setMessage(String string) {
- err.setMessage(string);
- }
-
-
- public void setFields(String string) {
- err.setFields(string);
- }
-
- public void checkAuthorization(String auth, String uriPath, String httpMethod)
- throws AuthenticationErrorException, Exception {
- authorization = auth;
- setUriFromPath(uriPath);
- method = httpMethod;
-
- checkAuthorization();
- }
-
-
- public void checkAuthorization() throws AuthenticationErrorException, Exception {
+ public void checkAuthorization() throws Exception {
MDC.put(MDC_KEY_REQUEST_ID, requestId);
if (env == null || env.isEmpty()) {
env = "boot";
}
- if (!apiPolicy.getUseAuthClass()) {
+ if (!apiPolicy.isPermissionClassSet()) {
return; // skip authorization if not enabled
}
- if (authorization == null || authorization.isEmpty()) {
- String errmsg = "No basic authorization value provided ";
- err.setMessage(errmsg);
- logger.info(errmsg);
- throw new AuthenticationErrorException();
- }
- String credentials = authorization.substring("Basic".length()).trim();
- byte[] decoded = DatatypeConverter.parseBase64Binary(credentials);
- String decodedString = new String(decoded);
- String[] actualCredentials = decodedString.split(":");
- String ID = actualCredentials[0];
- String Password = actualCredentials[1];
- MDC.put(MDC_PARTNER_NAME, ID);
- try {
+ Credentials credentials = credentialsParser.parse(authorization);
+ try {
DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method);
- apiPolicy.check(ID, Password, p);
+ apiPolicy.check(credentials.getId(), credentials.getPwd(), p);
} catch (AuthenticationErrorException ae) {
String errmsg =
- "User " + ID + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
+ "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
+ " " + method;
logger.info(errmsg);
err.setMessage(errmsg);
throw ae;
}
-
-
- }
-
- public String getRequestId() {
- return requestId;
}
public ApiService setRequestId(String requestId) {
return this;
}
}
+