X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-locate%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Flocate%2Fapi%2FAPI_AAFAccess.java;h=2bb497a0c96cf5b433de152c867f82bb6b6a9bc5;hb=de75a11f03d87b53f7a2b5525c8fc66f6053aef2;hp=85cee82f09c5082157a0bdb6437d9445df8b404a;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java index 85cee82f..2bb497a0 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -53,24 +53,25 @@ import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Env; import org.onap.aaf.misc.env.TimeTaken; +import org.owasp.encoder.Encode; public class API_AAFAccess { -// private static String service, version, envContext; +// private static String service, version, envContext; private static final String GET_PERMS_BY_USER = "Get Perms by User"; private static final String USER_HAS_PERM ="User Has Perm"; // private static final String USER_IN_ROLE ="User Has Role"; - + /** * Normal Init level APIs - * + * * @param gwAPI * @param facade * @throws Exception */ public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception { - - + + gwAPI.route(HttpMethods.GET,"/authz/perms/user/:user",API.VOID,new LocateCode(facade,GET_PERMS_BY_USER, true) { @Override public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception { @@ -78,7 +79,7 @@ public class API_AAFAccess { try { final String accept = req.getHeader("ACCEPT"); final String user = pathParam(req,":user"); - if(!user.contains("@")) { + if (!user.contains("@")) { context.error(trans,resp,Result.ERR_BadData,"User [%s] must be fully qualified with domain",user); return; } @@ -90,21 +91,21 @@ public class API_AAFAccess { } finally { tt2.done(); } - - if(d==null || d.data.isEmpty()) { + + if (d==null || d.data.isEmpty()) { tt2 = trans.start("AAF Service Call",Env.REMOTE); try { gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable() { @Override public Void code(Rcli client) throws CadiException, ConnectException, APIException { Future fp = client.read("/authz/perms/user/"+user,accept); - if(fp.get(5000)) { + if (fp.get(5000)) { gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()),gwAPI.expireIn)); resp.setStatus(HttpStatus.OK_200); ServletOutputStream sos; try { sos = resp.getOutputStream(); - sos.print(fp.value); + sos.print(Encode.forJava(fp.value)); } catch (IOException e) { throw new CadiException(e); } @@ -122,7 +123,7 @@ public class API_AAFAccess { User u = (User)d.data.get(0); resp.setStatus(u.code); ServletOutputStream sos = resp.getOutputStream(); - sos.print(u.resp); + sos.print(Encode.forJava(u.resp)); } } finally { tt.done(); @@ -136,7 +137,7 @@ public class API_AAFAccess { /** * Query User Has Perm is DEPRECATED - * + * * Need to move towards NS declaration... is this even being used? * @deprecated */ @@ -159,7 +160,7 @@ public class API_AAFAccess { pathParam(req,":instance"), pathParam(req,":action")))); resp.setStatus(HttpStatus.OK_200); - } catch(Exception e) { + } catch (Exception e) { context.error(trans, resp, Result.ERR_General, e.getMessage()); } } @@ -169,8 +170,8 @@ public class API_AAFAccess { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { try { - redirect(trans, req, resp, context, - gwAPI.getGUILocator(), + redirect(trans, req, resp, context, + gwAPI.getGUILocator(), "gui/"+pathParam(req,":path")); } catch (LocatorException e) { context.error(trans, resp, Result.ERR_BadData, e.getMessage()); @@ -184,8 +185,8 @@ public class API_AAFAccess { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { try { - redirect(trans, req, resp, context, - gwAPI.getGUILocator(), + redirect(trans, req, resp, context, + gwAPI.getGUILocator(), pathParam(req,":path")); } catch (LocatorException e) { context.error(trans, resp, Result.ERR_BadData, e.getMessage()); @@ -195,7 +196,7 @@ public class API_AAFAccess { } }); } - + public static void initDefault(final AAF_Locate gwAPI, LocateFacade facade) throws Exception { /** @@ -205,7 +206,7 @@ public class API_AAFAccess { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { try { - redirect(trans, req, resp, context, + redirect(trans, req, resp, context, gwAPI.getGUILocator(), "login"); } catch (LocatorException e) { @@ -216,7 +217,7 @@ public class API_AAFAccess { } }); - + /** * Default URL */ @@ -224,17 +225,17 @@ public class API_AAFAccess { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { try { - redirect(trans, req, resp, context, - gwAPI.getGUILocator(), + redirect(trans, req, resp, context, + gwAPI.getGUILocator(), "gui/home"); } catch (Exception e) { context.error(trans, resp, Result.ERR_General, e.getMessage()); } } }); - + /** - * Configuration + * Configuration */ gwAPI.route(HttpMethods.GET,"/configure/:id/:type",API.CONFIG,new LocateCode(facade,"Deliver Configuration Properties to AAF", true) { @Override @@ -258,18 +259,18 @@ public class API_AAFAccess { private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator loc, String path) throws IOException { try { - if(loc.hasItems()) { + if (loc.hasItems()) { Item item = loc.best(); URI uri = loc.get(item); - StringBuilder redirectURL = new StringBuilder(uri.toString()); + StringBuilder redirectURL = new StringBuilder(uri.toString()); redirectURL.append('/'); redirectURL.append(path); String str = req.getQueryString(); - if(str!=null) { + if (str!=null) { redirectURL.append('?'); redirectURL.append(str); } - trans.info().log("Redirect to",redirectURL); + trans.info().log("Redirect to",redirectURL); resp.sendRedirect(redirectURL.toString()); } else { context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection")); @@ -282,7 +283,7 @@ public class API_AAFAccess { private static class User { public final int code; public final String resp; - + public User(int code, String resp) { this.code = code; this.resp = resp;