X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fmusic%2Fauthentication%2FMusicAuthorizationFilter.java;fp=src%2Fmain%2Fjava%2Forg%2Fonap%2Fmusic%2Fauthentication%2FMusicAuthorizationFilter.java;h=0000000000000000000000000000000000000000;hb=11ee6836d6f25a1becdea60a322a72fbffd4b8b6;hp=bde3e205c1bd420e1a95d3de62f959e013eb2fa6;hpb=a00014e78f18134f998fb46a7dd543e6ea05a3bd;p=music.git diff --git a/src/main/java/org/onap/music/authentication/MusicAuthorizationFilter.java b/src/main/java/org/onap/music/authentication/MusicAuthorizationFilter.java deleted file mode 100644 index bde3e205..00000000 --- a/src/main/java/org/onap/music/authentication/MusicAuthorizationFilter.java +++ /dev/null @@ -1,122 +0,0 @@ -/* - * ============LICENSE_START========================================== - * org.onap.music - * =================================================================== - * Copyright (c) 2017 AT&T Intellectual Property - * =================================================================== - * Modifications Copyright (c) 2019 Samsung - * =================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================= - * ==================================================================== - */ - -package org.onap.music.authentication; - -import java.io.IOException; - -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletResponse; - -import org.onap.music.eelf.logging.EELFLoggerDelegate; -import org.onap.music.exceptions.MusicAuthenticationException; -import org.onap.music.main.MusicUtil; -import com.fasterxml.jackson.databind.ObjectMapper; - -/** - * This filter class does authorization from AAF - * - * @author sp931a - * - */ -//@PropertySource(value = {"file:/opt/app/music/etc/music.properties"}) -public class MusicAuthorizationFilter implements Filter { - - private String musicNS = MusicUtil.getMusicAafNs(); - - private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthorizationFilter.class); - - public MusicAuthorizationFilter() throws ServletException { - super(); - } - - @Override - public void init(FilterConfig filterConfig) throws ServletException { - // Do Nothing - } - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) - throws IOException, ServletException { - HttpServletResponse httpResponse = null; - - boolean isAuthAllowed = false; - - if (null != servletRequest && null != servletResponse) { - httpResponse = (HttpServletResponse) servletResponse; - long startTime = 0; - if( null != servletRequest.getAttribute("startTime")) { - startTime = ((Long)servletRequest.getAttribute("startTime")).longValue(); - } else { - startTime = System.currentTimeMillis(); // this will set only incase the request attribute not found - } - - try { - isAuthAllowed = AuthUtil.isAccessAllowed(servletRequest, musicNS); - } catch (MusicAuthenticationException e) { - logger.error(EELFLoggerDelegate.securityLogger, - "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e); - } catch ( Exception e) { - logger.error(EELFLoggerDelegate.securityLogger, - "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e); - } - - long endTime = System.currentTimeMillis(); - - //startTime set in CadiAuthFilter doFilter - logger.debug(EELFLoggerDelegate.securityLogger, - "Time took for authentication & authorization : " - + (endTime - startTime) + " milliseconds"); - - if (!isAuthAllowed) { - logger.info(EELFLoggerDelegate.securityLogger, - "Unauthorized Access"); - AuthorizationError authError = new AuthorizationError(); - authError.setResponseCode(HttpServletResponse.SC_UNAUTHORIZED); - authError.setResponseMessage("Unauthorized Access - Please make sure you are " - + "onboarded and have proper access to MUSIC. "); - - byte[] responseToSend = restResponseBytes(authError); - httpResponse.setHeader("Content-Type", "application/json"); - - httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - servletResponse.getOutputStream().write(responseToSend); - return; - } else { - filterChain.doFilter(servletRequest, servletResponse); - } - } - } - - private byte[] restResponseBytes(AuthorizationError eErrorResponse) throws IOException { - String serialized = new ObjectMapper().writeValueAsString(eErrorResponse); - return serialized.getBytes(); - } -} -