X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=ecomp-portal-BE-common%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Fportalapp%2Fportal%2Finterceptor%2FPortalResourceInterceptor.java;h=3160032f660d2c0c23be0f4041e7ab7b1331f790;hb=aa9b320ff93511280cf51b03d38fb9254af6b530;hp=25ca5e652b262400abf96120b79ed14c54e678be;hpb=fe3a67c11b65d7989a6ef648c3f34eee8abe7394;p=portal.git diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java index 25ca5e65..3160032f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -61,8 +61,10 @@ import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice; import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum; import org.onap.portalapp.portal.logging.logic.EPLogUtil; +import org.onap.portalapp.portal.service.AppsCacheService; import org.onap.portalapp.portal.service.BasicAuthenticationCredentialService; import org.onap.portalapp.portal.service.ExternalAccessRolesService; +import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.service.RemoteWebServiceCallService; import org.onap.portalapp.service.sessionmgt.ManageService; @@ -79,8 +81,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.method.HandlerMethod; public class PortalResourceInterceptor extends ResourceInterceptor { - private static final String APP_KEY = "uebkey"; - + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(PortalResourceInterceptor.class); @Autowired @@ -88,6 +89,9 @@ public class PortalResourceInterceptor extends ResourceInterceptor { @Autowired private ManageService manageService; + + @Autowired + AppsCacheService appCacheService; @Autowired private EPEELFLoggerAdvice epAdvice; @@ -167,7 +171,7 @@ public class PortalResourceInterceptor extends ResourceInterceptor { String secretKey = null; try { epAdvice.loadServletRequestBasedDefaults(request, SecurityEventTypeEnum.INCOMING_REST_MESSAGE); - if (!remoteWebServiceCallService.verifyRESTCredential(secretKey, request.getHeader(APP_KEY), + if (!remoteWebServiceCallService.verifyRESTCredential(secretKey, request.getHeader(EPCommonSystemProperties.UEB_KEY), request.getHeader("username"), request.getHeader("password"))) { throw new UrlAccessRestrictedException(); } @@ -180,7 +184,7 @@ public class PortalResourceInterceptor extends ResourceInterceptor { } if (controllerObj instanceof WebAnalyticsExtAppController) { - if (!remoteWebServiceCallService.verifyAppKeyCredential(request.getHeader(APP_KEY))) { + if (!remoteWebServiceCallService.verifyAppKeyCredential(request.getHeader(EPCommonSystemProperties.UEB_KEY))) { logger.error(EELFLoggerDelegate.errorLogger, "preHandle: failed to verify app key for web analytics call"); throw new UrlAccessRestrictedException(); @@ -226,8 +230,8 @@ public class PortalResourceInterceptor extends ResourceInterceptor { String uri = request.getRequestURI().toString(); uri = uri.substring(uri.indexOf("/", 1)); - final String authHeader = request.getHeader("Authorization"); - final String uebkey = request.getHeader("uebkey"); + final String authHeader = request.getHeader(EPCommonSystemProperties.AUTHORIZATION); + final String uebkey = request.getHeader(EPCommonSystemProperties.UEB_KEY); // Unauthorized access due to missing HTTP Authorization request header if (authHeader == null) { @@ -237,7 +241,7 @@ public class PortalResourceInterceptor extends ResourceInterceptor { return false; } - String[] accountNamePassword = getUserNamePassword(authHeader); + String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader); if (accountNamePassword == null || accountNamePassword.length != 2) { final String msg = "failed to get username and password from Atuhorization header"; logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); @@ -247,15 +251,11 @@ public class PortalResourceInterceptor extends ResourceInterceptor { if(uebkey !=null && !uebkey.isEmpty()) { - List app = externalAccessRolesService.getApp(uebkey); - EPApp application = null; - if (app.isEmpty()) { + EPApp application = appCacheService.getAppFromUeb(uebkey,1); + if (application == null) { throw new Exception("Invalid uebkey!"); } - if (app.size() != 0 && !app.isEmpty()) { - application = app.get(0); - } - if (application != null) { + else { final String appUsername = application.getUsername(); final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword()); if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) { @@ -317,13 +317,6 @@ public class PortalResourceInterceptor extends ResourceInterceptor { return true; } - private String[] getUserNamePassword(String authValue) { - String base64Credentials = authValue.substring("Basic".length()).trim(); - String credentials = new String(Base64.getDecoder().decode(base64Credentials), Charset.forName("UTF-8")); - final String[] values = credentials.split(":", 2); - return values; - } - @SuppressWarnings("unused") private String decrypted(String encrypted) throws Exception { String result = "";