X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-hello%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fhello%2FAPI_Hello.java;h=cdaa6a76a53e50a7d3cd717f5a6aa0b2cba16b46;hb=9602ca33aef3a2a441513359b2750e9fbee11cb4;hp=97727abddb95a3467b726d8ca1ced48f8c0a6030;hpb=5b37375d4f4e3764e10b813829881ae7217403f0;p=aaf%2Fauthz.git

diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
index 97727abd..cdaa6a76 100644
--- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
+++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,6 +35,8 @@ import org.onap.aaf.auth.rserv.HttpMethods;
 import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.TimeTaken;
 
+import org.owasp.encoder.Encode;
+
 /**
  * API Apis
  * @author Jonathan
@@ -43,146 +45,146 @@ import org.onap.aaf.misc.env.TimeTaken;
 public class API_Hello {
 
 
-	private static final String APPLICATION_JSON = "application/json";
-	protected static final byte[] NOT_JSON = "Data does not look like JSON".getBytes();
-
-	// Hide Public Constructor
-	private API_Hello() {}
-	
-	/**
-	 * Normal Init level APIs
-	 * 
-	 * @param oauthHello
-	 * @param facade
-	 * @throws Exception
-	 */
-	public static void init(final AAF_Hello oauthHello) throws Exception {
-		////////
-		// Simple "GET" API
-		///////
-		
-		oauthHello.route(HttpMethods.GET,"/hello/:perm*",API.TOKEN,new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"Hello OAuth"){
-			@Override
-			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-				resp.setStatus(200 /* OK */);
-				ServletOutputStream os = resp.getOutputStream();
-				os.print("Hello AAF ");
-				String perm = pathParam(req, "perm");
-				if(perm!=null && perm.length()>0) {
-					os.print('(');
-					os.print(req.getUserPrincipal().getName());
-					TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
-					try {
-						if(req.isUserInRole(perm)) {
-							os.print(" has ");
-						} else {
-							os.print(" does not have ");
-						}
-					} finally {
-						tt.done();
-					}
-					os.print("Permission: ");
-					os.print(perm);
-					os.print(')');
-				}
-				os.println();
-				
-				trans.info().printf("Said 'Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
-			}
-		}); 
+    private static final String APPLICATION_JSON = "application/json";
+    protected static final byte[] NOT_JSON = "Data does not look like JSON".getBytes();
+
+    // Hide Public Constructor
+    private API_Hello() {}
+
+    /**
+     * Normal Init level APIs
+     *
+     * @param oauthHello
+     * @param facade
+     * @throws Exception
+     */
+    public static void init(final AAF_Hello oauthHello){
+        ////////
+        // Simple "GET" API
+        ///////
+
+        oauthHello.route(HttpMethods.GET,"/hello/:perm*",API.TOKEN,new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"Hello OAuth"){
+            @Override
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+                resp.setStatus(200 /* OK */);
+                ServletOutputStream os = resp.getOutputStream();
+                os.print("Hello AAF ");
+                String perm = pathParam(req, "perm");
+                if (perm!=null && perm.length()>0) {
+                    os.print('(');
+                    os.print(Encode.forJava(req.getUserPrincipal().getName()));
+                    TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
+                    try {
+                        if (req.isUserInRole(perm)) {
+                            os.print(" has ");
+                        } else {
+                            os.print(" does not have ");
+                        }
+                    } finally {
+                        tt.done();
+                    }
+                    os.print("Permission: ");
+                    os.print(Encode.forJava(perm));
+                    os.print(')');
+                }
+                os.println();
+
+                trans.info().printf("Said 'Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
+            }
+        });
 
 ////////////////
 // REST APIs
 ////////////////
 
-		////////////////
-		// CREATE/POST
-		////////////////
-		oauthHello.route(oauthHello.env,HttpMethods.POST,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Create") {
-			@Override
-			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-				BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
-				StringBuilder sb = new StringBuilder();
-				while(br.ready()) {
-					sb.append(br.readLine());
-				}
-				String content = sb.toString();
-				trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
-				if(content.startsWith("{") && content.endsWith("}")) {
-					resp.setStatus(201 /* OK */);
-				} else {
-					resp.getOutputStream().write(NOT_JSON);
-					resp.setStatus(406);
-				}
-			}
-		},APPLICATION_JSON); 
-
-
-		////////////////
-		// READ/GET
-		////////////////
-		oauthHello.route(oauthHello.env,HttpMethods.GET,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Read") {
-			@Override
-			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-				resp.setStatus(200 /* OK */);
-				StringBuilder sb = new StringBuilder("{\"resp\": \"Hello REST AAF\",\"principal\": \"");
-				sb.append(req.getUserPrincipal().getName());
-				sb.append('"');
-				String perm = pathParam(req, "perm");
-				trans.info().printf("Read request from %s: %s\n", pathParam(req, ":id"),perm);
-				if(perm!=null && perm.length()>0) {
-					TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
-					try {
-						sb.append(",\"validation\": { \"permission\" : \"");
-						sb.append(perm);
-						sb.append("\",\"has\" : \"");
-						sb.append(req.isUserInRole(perm));
-						sb.append("\"}");
-					} finally {
-						tt.done();
-					}
-				}
-				sb.append("}");
-				ServletOutputStream os = resp.getOutputStream();
-				os.println(sb.toString());
-				trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
-			}
-		},APPLICATION_JSON); 
-		
-		////////////////
-		// UPDATE/PUT
-		////////////////
-		oauthHello.route(oauthHello.env,HttpMethods.PUT,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Update") {
-			@Override
-			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-				BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
-				StringBuilder sb = new StringBuilder();
-				while(br.ready()) {
-					sb.append(br.readLine());
-				}
-				String content = sb.toString();
-				trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
-				if(content.startsWith("{") && content.endsWith("}")) {
-					resp.setStatus(200 /* OK */);
-					resp.getOutputStream().print(content);
-				} else {
-					resp.getOutputStream().write(NOT_JSON);
-					resp.setStatus(406);
-				}
-			}
-		},APPLICATION_JSON); 
-
-
-		////////////////
-		// DELETE
-		////////////////
-		oauthHello.route(oauthHello.env,HttpMethods.DELETE,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Delete") {
-			@Override
-			public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-				trans.info().printf("Delete requested on %s\n", pathParam(req, ":id"));
-				resp.setStatus(200 /* OK */);
-			}
-		},APPLICATION_JSON); 
-
-	}
+        ////////////////
+        // CREATE/POST
+        ////////////////
+        oauthHello.route(oauthHello.env,HttpMethods.POST,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Create") {
+            @Override
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+                BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
+                StringBuilder sb = new StringBuilder();
+                while (br.ready()) {
+                    sb.append(br.readLine());
+                }
+                String content = sb.toString();
+                trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
+                if (content.startsWith("{") && content.endsWith("}")) {
+                    resp.setStatus(201 /* OK */);
+                } else {
+                    resp.getOutputStream().write(NOT_JSON);
+                    resp.setStatus(406);
+                }
+            }
+        },APPLICATION_JSON);
+
+
+        ////////////////
+        // READ/GET
+        ////////////////
+        oauthHello.route(oauthHello.env,HttpMethods.GET,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Read") {
+            @Override
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+                resp.setStatus(200 /* OK */);
+                StringBuilder sb = new StringBuilder("{\"resp\": \"Hello REST AAF\",\"principal\": \"");
+                sb.append(req.getUserPrincipal().getName());
+                sb.append('"');
+                String perm = pathParam(req, "perm");
+                trans.info().printf("Read request from %s: %s\n", pathParam(req, ":id"),perm);
+                if (perm!=null && perm.length()>0) {
+                    TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
+                    try {
+                        sb.append(",\"validation\": { \"permission\" : \"");
+                        sb.append(perm);
+                        sb.append("\",\"has\" : \"");
+                        sb.append(req.isUserInRole(perm));
+                        sb.append("\"}");
+                    } finally {
+                        tt.done();
+                    }
+                }
+                sb.append("}");
+                ServletOutputStream os = resp.getOutputStream();
+                os.println(Encode.forJava(sb.toString()));
+                trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
+            }
+        },APPLICATION_JSON);
+
+        ////////////////
+        // UPDATE/PUT
+        ////////////////
+        oauthHello.route(oauthHello.env,HttpMethods.PUT,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Update") {
+            @Override
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+                BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
+                StringBuilder sb = new StringBuilder();
+                while (br.ready()) {
+                    sb.append(br.readLine());
+                }
+                String content = sb.toString();
+                trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
+                if (content.startsWith("{") && content.endsWith("}")) {
+                    resp.setStatus(200 /* OK */);
+                    resp.getOutputStream().print(Encode.forJava(content));
+                } else {
+                    resp.getOutputStream().write(NOT_JSON);
+                    resp.setStatus(406);
+                }
+            }
+        },APPLICATION_JSON);
+
+
+        ////////////////
+        // DELETE
+        ////////////////
+        oauthHello.route(oauthHello.env,HttpMethods.DELETE,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Delete") {
+            @Override
+            public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+                trans.info().printf("Delete requested on %s\n", pathParam(req, ":id"));
+                resp.setStatus(200 /* OK */);
+            }
+        },APPLICATION_JSON);
+
+    }
 }