X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Fcontroller%2FExternalAppsRestfulController.java;h=d43d9f3e22a77c03599597e4854df05c99a51d0a;hb=e4fae46259c1d5b877e2ac6c394e2f43cea16d22;hp=7615b66067d451a2194f7722dec24a79a436fe69;hpb=10d37e31a640a7b4f778d71b3a44e7e9da360aac;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java index 7615b660..d43d9f3e 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAppsRestfulController.java @@ -6,6 +6,8 @@ * =================================================================== * Modifications Copyright (c) 2019 Samsung * =================================================================== + * Modification Copyright © 2020 IBM. + * =================================================================== * * Unless otherwise specified, all software contained herein is licensed * under the Apache License, Version 2.0 (the "License"); @@ -50,8 +52,11 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.portalapp.controller.EPRestrictedRESTfulBaseController; +import org.onap.portalapp.music.conf.MusicSession; +import org.onap.portalapp.music.util.MusicUtil; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPRole; +import org.onap.portalapp.portal.domain.EPServiceCookie; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPAuditLog; import org.onap.portalapp.portal.service.AdminRolesService; @@ -67,9 +72,10 @@ import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalapp.validation.DataValidator; -import org.onap.portalapp.validation.SecureString; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.crossapi.PortalAPIResponse; +import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; @@ -78,7 +84,8 @@ import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; @@ -110,7 +117,7 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro private EPRoleService epRoleService; @ApiOperation(value = "Creates a Portal user notification for roles identified in the content from an external application.", response = PortalAPIResponse.class) - @RequestMapping(value = { "/publishNotification" }, method = RequestMethod.POST, produces = "application/json") + @PostMapping(value = { "/publishNotification" }, produces = "application/json") @ResponseBody public PortalAPIResponse publishNotification(HttpServletRequest request, @RequestBody EpNotificationItem notificationItem) throws Exception { @@ -170,7 +177,7 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro } @ApiOperation(value = "Gets favorite items within the functional menu for the current user.", response = FavoritesFunctionalMenuItemJson.class, responseContainer="List") - @RequestMapping(value = { "/getFavorites" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { "/getFavorites" }, produces = "application/json") public List getFavoritesForUser(HttpServletRequest request, HttpServletResponse response) throws Exception { String loginId = ""; @@ -199,8 +206,8 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro } @ApiOperation(value = "Gets functional menu items appropriate for the current user.", response = FunctionalMenuItem.class, responseContainer="List") - @RequestMapping(value = { - "/functionalMenuItemsForUser" }, method = RequestMethod.GET, produces = "application/json") + @GetMapping(value = { + "/functionalMenuItemsForUser" }, produces = "application/json") public List getFunctionalMenuItemsForUser(HttpServletRequest request, HttpServletResponse response) throws Exception { String loginId = ""; @@ -240,4 +247,30 @@ public class ExternalAppsRestfulController extends EPRestrictedRESTfulBaseContro logger.warn(EELFLoggerDelegate.errorLogger, "Handling bad request", e); response.sendError(HttpStatus.BAD_REQUEST.value(), e.getMessage()); } + + @EPAuditLog + @PostMapping(value = { "/validateCookie" }) + public boolean validateCookie(@RequestBody EPServiceCookie epServiceCookie, HttpServletRequest request) throws Exception { + Map epServiceCookieValueMap = epServiceCookie.getValue(); + if(epServiceCookieValueMap!=null) { + String multifactorauthfrontendurl = SystemProperties.getProperty("frontend_url"); + String encryptedJSessionId = epServiceCookieValueMap.get(multifactorauthfrontendurl); + if(encryptedJSessionId != null) { + String jSessionId = CipherUtil.decryptPKC(encryptedJSessionId); + if(jSessionId != null) { + if(jSessionId.equals(request.getSession().getId())) { + if(MusicUtil.isMusicEnable()) { + MusicSession musicSession = new MusicSession(); + String sessionId = musicSession.getAttribute(encryptedJSessionId); + logger.info(EELFLoggerDelegate.errorLogger, "Music sessionid : "+sessionId); + return (sessionId != null); + } else { + return true; + } + } + } + } + } + return false; + } }