X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fmusic%2Fauthentication%2FMusicAuthentication.java;h=6c38e6dfe6659bafeb04ac60b0313a08d155551d;hb=b58e1d3db05aed02b62a557bf14db6ea7b8df5f5;hp=1d845b3ce38d1892b2376d41168e9ff2c633898b;hpb=fa56ad63a720ab32cb90142f5e690930103a82fe;p=music.git diff --git a/src/main/java/org/onap/music/authentication/MusicAuthentication.java b/src/main/java/org/onap/music/authentication/MusicAuthentication.java index 1d845b3c..6c38e6df 100644 --- a/src/main/java/org/onap/music/authentication/MusicAuthentication.java +++ b/src/main/java/org/onap/music/authentication/MusicAuthentication.java @@ -34,7 +34,7 @@ import org.onap.music.eelf.logging.format.AppMessages; import org.onap.music.eelf.logging.format.ErrorSeverity; import org.onap.music.eelf.logging.format.ErrorTypes; import org.onap.music.exceptions.MusicServiceException; -import org.onap.music.main.CachingUtil; +import org.onap.music.authentication.MusicAuthenticator.Operation; import org.onap.music.main.MusicCore; import org.onap.music.main.MusicUtil; @@ -44,7 +44,7 @@ import com.sun.jersey.api.client.Client; import com.sun.jersey.api.client.ClientResponse; import com.sun.jersey.api.client.WebResource; -public class MusicAuthentication { +public class MusicAuthentication implements MusicAuthenticator { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthentication.class); @@ -60,9 +60,9 @@ public class MusicAuthentication { * @return * @throws Exception */ + @Deprecated public static Map autheticateUser(String nameSpace, String userId, - String password, String keyspace, String aid, String operation) - throws Exception { + String password, String keyspace, String aid, String operation) { logger.info(EELFLoggerDelegate.applicationLogger,"Inside User Authentication......."); Map resultMap = new HashMap<>(); String uuid = null; @@ -131,10 +131,17 @@ public class MusicAuthentication { PreparedQueryObject pQuery = new PreparedQueryObject(); pQuery.appendQueryString( "select uuid from admin.keyspace_master where application_name=? and username=? and keyspace_name=? allow filtering"); - pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), nameSpace)); - pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId)); - pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), - MusicUtil.DEFAULTKEYSPACENAME)); + try { + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), nameSpace)); + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId)); + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), + MusicUtil.DEFAULTKEYSPACENAME)); + } catch (Exception e1) { + logger.error(EELFLoggerDelegate.errorLogger, e1, "Can not authenticate for createkeyspace", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR); + resultMap.put("Exception", "Cannot authenticate for createKeyspace"); + return resultMap; + } + try { Row rs = MusicCore.get(pQuery).one(); @@ -142,7 +149,7 @@ public class MusicAuthentication { resultMap.put("uuid", "existing"); } catch (Exception e) { logger.error(EELFLoggerDelegate.applicationLogger,"No UUID found in DB. So creating new UUID."); - uuid = CachingUtil.generateUUID(); + uuid = MusicUtil.generateUUID(); resultMap.put("uuid", "new"); } resultMap.put("aid", uuid); @@ -152,21 +159,9 @@ public class MusicAuthentication { return resultMap; } - - public static boolean authenticateAdmin(String id,String password) { - return (id.equals(MusicUtil.getAdminId()) && password.equals(MusicUtil.getAdminPass())); - } - - public static boolean authenticateAdmin(Map adminCredentials) { - if(adminCredentials.containsKey("ERROR")) - return false; - String admin_id = adminCredentials.get(MusicUtil.USERID); - String admin_password = adminCredentials.get(MusicUtil.PASSWORD); - return (admin_id.equals(MusicUtil.getAdminId()) && admin_password.equals(MusicUtil.getAdminPass())); - } - - public static boolean authenticateAdmin(String authorization) throws Exception { - logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: "+authorization); + @Override + public boolean authenticateAdmin(String authorization) { + logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: "); String userId = MusicUtil.extractBasicAuthentication(authorization).get(MusicUtil.USERID); if(MusicUtil.getIsCadi()) { CachingUtil.updateAdminUserCache(authorization, userId); @@ -174,18 +169,23 @@ public class MusicAuthentication { } CacheAccess adminCache = CachingUtil.getAdminUserCache(); if (authorization == null) { - logger.error(EELFLoggerDelegate.errorLogger, "Authorization cannot be empty..."+authorization); - throw new Exception("Authorization cannot be empty"); + logger.error(EELFLoggerDelegate.errorLogger, "Authorization cannot be empty..."); + return false; } if (adminCache.get(authorization) != null && adminCache.get(authorization).equals(userId)) { - logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: Validated against admincache.. "+authorization); + logger.info(EELFLoggerDelegate.applicationLogger, "MusicCore.authenticateAdmin: Validated against admincache.. "); return true; } else { Client client = Client.create(); + String aafUrl = MusicUtil.getAafAdminUrl(); + if (aafUrl==null) { + logger.error(EELFLoggerDelegate.errorLogger, "Admin url is not set, please set in properties"); + return false; + } + WebResource webResource = client.resource( MusicUtil.getAafAdminUrl().concat(userId).concat("/").concat(MusicUtil.getAdminAafRole())); - ; ClientResponse response = webResource.accept(MediaType.APPLICATION_JSON) .header("Authorization", authorization).get(ClientResponse.class); @@ -195,7 +195,100 @@ public class MusicAuthentication { } } return false; + } + @Override + public boolean authenticateUser(String namespace, String authorization, String keyspace, + String aid, Operation operation) { + logger.info(EELFLoggerDelegate.applicationLogger,"Inside User Authentication......."); + Map userCredentials = MusicUtil.extractBasicAuthentication(authorization); + String userId = userCredentials.get(MusicUtil.USERID); + String password = userCredentials.get(MusicUtil.PASSWORD); + + Map resultMap = new HashMap<>(); + String uuid = null; + if(! MusicUtil.getIsCadi()) { + resultMap = CachingUtil.validateRequest(namespace, userId, password, keyspace, aid, + operation); + if (!resultMap.isEmpty()) + return false; + String isAAFApp = null; + try { + isAAFApp= CachingUtil.isAAFApplication(namespace); + } catch(MusicServiceException e) { + logger.error(e.getErrorMessage(), e); + resultMap.put("Exception", e.getMessage()); + return false; + } + if(isAAFApp == null) { + resultMap.put("Exception", "Namespace: "+namespace+" doesn't exist. Please make sure ns(appName)" + + " is correct and Application is onboarded."); + return false; + } + boolean isAAF = Boolean.parseBoolean(isAAFApp); + if (userId == null || password == null) { + logger.error(EELFLoggerDelegate.errorLogger,"", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR); + logger.error(EELFLoggerDelegate.errorLogger,"UserId/Password or more required headers is missing."); + resultMap.put("Exception", + "UserId and Password are mandatory for the operation " + operation); + return false; + } + if(!isAAF && !(operation==Operation.CREATE_KEYSPACE)) { + resultMap = CachingUtil.authenticateAIDUser(namespace, userId, password, keyspace); + if (!resultMap.isEmpty()) + return false; + + } + if (isAAF && namespace != null && userId != null && password != null) { + boolean isValid = true; + try { + isValid = CachingUtil.authenticateAAFUser(namespace, userId, password, keyspace); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger,"Error while aaf authentication for user:" + userId); + logger.error(EELFLoggerDelegate.errorLogger,"Error: "+ e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger,e.getMessage(), AppMessages.AUTHENTICATIONERROR ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR); + logger.error(EELFLoggerDelegate.errorLogger,"Got exception while AAF authentication for namespace " + namespace); + resultMap.put("Exception", e.getMessage()); + } + if (!isValid) { + logger.error(EELFLoggerDelegate.errorLogger,"User not authenticated...", AppMessages.MISSINGINFO ,ErrorSeverity.WARN, ErrorTypes.AUTHENTICATIONERROR); + resultMap.put("Exception", "User not authenticated..."); + } + if (!resultMap.isEmpty()) + return false; + + } + } else { + + String cachedKS = CachingUtil.getKSFromCadiCache(userId); + if(cachedKS != null && !cachedKS.equals(keyspace)) { + resultMap.put("Exception", "User not authenticated to access this keyspace..."); + return false; + } + } + + if (operation==Operation.CREATE_KEYSPACE) { + try { + logger.info(EELFLoggerDelegate.applicationLogger,"AID is not provided. Creating new UUID for keyspace."); + PreparedQueryObject pQuery = new PreparedQueryObject(); + pQuery.appendQueryString( + "select uuid from admin.keyspace_master where application_name=? and username=? and keyspace_name=? allow filtering"); + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), namespace)); + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), userId)); + pQuery.addValue(MusicUtil.convertToActualDataType(DataType.text(), + MusicUtil.DEFAULTKEYSPACENAME)); + Row rs = MusicCore.get(pQuery).one(); + uuid = rs.getUUID("uuid").toString(); + resultMap.put("uuid", "existing"); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.applicationLogger,"No UUID found in DB. So creating new UUID."); + uuid = MusicUtil.generateUUID(); + resultMap.put("uuid", "new"); + } + resultMap.put("aid", uuid); + CachingUtil.updateCadiCache(userId, keyspace); + } + return true; } }