- private void setProperty(String propertyFilePath, String clientKey)
- throws PolicyEngineException {
- this.propertyFilePath = propertyFilePath;
- if (this.propertyFilePath == null) {
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Error NO PropertyFile Path provided");
- } else {
- // Adding logic for remote Properties file.
- Properties prop = new Properties();
- if (propertyFilePath.startsWith("http")) {
- URL configURL;
- try {
- configURL = new URL(propertyFilePath);
- URLConnection connection = null;
- connection = configURL.openConnection();
- prop.load(connection.getInputStream());
- } catch (IOException e) {
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Maformed property URL "+ e.getMessage());
- }
- } else {
- Path file = Paths.get(propertyFilePath);
- if (Files.notExists(file)) {
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "File doesn't exist in the specified Path " + file.toString());
- }
- if (file.toString().endsWith(".properties")) {
- InputStream in;
- prop = new Properties();
- try {
- in = new FileInputStream(file.toFile());
- prop.load(in);
- } catch (IOException e) {
- LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Load the Properties file", e);
- }
- } else {
- LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file " + propertyFilePath);
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file");
- }
- }
- // UEB and DMAAP Settings
- String check_type = prop.getProperty("NOTIFICATION_TYPE");
- String serverList = prop.getProperty("NOTIFICATION_SERVERS");
- topic = prop.getProperty("NOTIFICATION_TOPIC");
- apiKey = prop.getProperty("UEB_API_KEY");
- apiSecret = prop.getProperty("UEB_API_SECRET");
-
- if(check_type==null) {
- notificationType.add(DEFAULT_NOTIFICATION);
- LOGGER.info("Properties file doesn't have the NOTIFICATION_TYPE parameter system will use defualt websockets");
- }else{
- check_type = check_type.trim();
- if(check_type.contains(",")) {
- typeDefault = new ArrayList<String>(Arrays.asList(prop.getProperty("NOTIFICATION_TYPE").split(",")));
- notificationType = typeDefault;
- } else {
- notificationType = new ArrayList<>();
- notificationType.add(check_type);
- }
- }
- if(serverList==null) {
- notificationType.clear();
- notificationType.add(DEFAULT_NOTIFICATION);
- LOGGER.info("Properties file doesn't have the NOTIFICATION_SERVERS parameter system will use defualt websockets");
- }else{
- serverList = serverList.trim();
- if(serverList.contains(",")) {
- notificationURLList = new ArrayList<String>(Arrays.asList(serverList.split(",")));
- } else {
- notificationURLList = new ArrayList<>();
- notificationURLList.add(serverList);
- }
- }
-
- if(topic!=null) {
- topic = topic.trim();
- } else {
- LOGGER.error("Properties file doesn't have the NOTIFICATION_TOPIC parameter.");
- }
-
- // Client ID Authorization Settings.
- String clientID = prop.getProperty("CLIENT_ID");
- if(clientKey==null){
- clientKey = prop.getProperty("CLIENT_KEY");
- try {
- clientKey = PolicyUtils.decode(clientKey);
- } catch (UnsupportedEncodingException|IllegalArgumentException e) {
- LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS+" Cannot Decode the given Password Proceeding with given Password!!");
- }
- }
- if(clientID ==null || clientKey == null || clientID.isEmpty() || clientKey.isEmpty()){
- LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS+" Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!");
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_PERMISSIONS+ " Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!");
- }else{
- userName = clientID.trim();
- pass = clientKey.trim();
- }
- setClientEncoding();
- environment = prop.getProperty("ENVIRONMENT", AAFEnvironment.DEVL.toString());
- if(environment.equalsIgnoreCase(AAFEnvironment.TEST.toString())){
- environment = AAFEnvironment.TEST.toString();
- }else if(environment.equalsIgnoreCase(AAFEnvironment.PROD.toString())){
- environment = AAFEnvironment.PROD.toString();
- }else{
- environment = AAFEnvironment.DEVL.toString();
- }
- // Initializing the values.
- pdps = new ArrayList<>();
- encoding = new ArrayList<>();
- // Check the Keys for PDP_URLs
- Collection<Object> unsorted = prop.keySet();
- @SuppressWarnings({ "rawtypes", "unchecked" })
- List<String> sorted = new ArrayList(unsorted);
- Collections.sort(sorted);
- for (String propKey : sorted) {
- if (propKey.startsWith("PDP_URL")) {
- String check_val = prop.getProperty(propKey);
- if (check_val == null) {
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Properties file doesn't have the PDP_URL parameter");
- }
- if (check_val.contains(";")) {
- pdpDefault = new ArrayList<String>(Arrays.asList(check_val.split("\\s*;\\s*")));
- int pdpCount = 0;
- while (pdpCount < pdpDefault.size()) {
- String pdpVal = pdpDefault.get(pdpCount);
- readPDPParam(pdpVal);
- pdpCount++;
- }
- } else {
- readPDPParam(check_val);
- }
- }
- }
- if (pdps == null || pdps.isEmpty()) {
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs");
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs");
- }
-
- // Get JUNIT property from properties file when running tests
- String junit = prop.getProperty("JUNIT");
- if(junit == null || junit.isEmpty()){
- LOGGER.info("No JUNIT property provided, this will not be executed as a test.");
- }else{
- if(junit.equalsIgnoreCase("test")){
- StdPolicyEngine.junit = true;
- } else {
- StdPolicyEngine.junit = false;
- }
- }
- }
- }
-
- /*
- * Read the PDP_URL parameter
- */
- private void readPDPParam(String pdpVal) throws PolicyEngineException{
- if(pdpVal.contains(",")){
- List<String> pdpValues = new ArrayList<String>(Arrays.asList(pdpVal.split("\\s*,\\s*")));
- if(pdpValues.size()==3){
- // 0 - PDPURL
- pdps.add(pdpValues.get(0));
- // 1:2 will be UserID:Password
- String userID = pdpValues.get(1);
- String pass = pdpValues.get(2);
- Base64.Encoder encoder = Base64.getEncoder();
- encoding.add(encoder.encodeToString((userID+":"+pass).getBytes(StandardCharsets.UTF_8)));
- }else{
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + pdpValues);
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request. " + pdpValues);
- }
- }else{
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values: " + pdpVal);
- throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values.");
- }
- }
- /*
- * Allowing changes to the scheme and Handler.
- */
- public void notification(NotificationScheme scheme, NotificationHandler handler) {
- this.scheme = scheme;
- this.handler = handler;
- LOGGER.debug("Scheme is : " + scheme.toString());
- LOGGER.debug("Handler is : " + handler.getClass().getName());
-
- if (notificationType.get(0).equals("ueb")){
- if (this.uebThread) {
- uebClientThread.setAuto(scheme, handler);
- this.uebThread = registerUEBThread.isAlive();
- }
- } else if (notificationType.get(0).equals("dmaap")){
- if (this.dmaapThread) {
- dmaapClientThread.setAuto(scheme, handler);
- this.dmaapThread = registerDMAAPThread.isAlive();
- }
- } else {
- AutoClientEnd.setAuto(scheme, handler);
- }
-
- if(junit){
- return;
- }
-
- if(pdps!=null){
- if (notificationType.get(0).equals("ueb") && !this.uebThread){
- this.uebClientThread = new AutoClientUEB(pdps.get(0), notificationURLList, apiKey, apiSecret);
- this.uebClientThread.setAuto(scheme, handler);
- this.registerUEBThread = new Thread(this.uebClientThread);
- this.registerUEBThread.start();
- this.uebThread = true;
- }else if (notificationType.get(0).equals("dmaap") && !this.dmaapThread){
- this.dmaapClientThread = new AutoClientDMAAP(notificationURLList,topic,userName,pass);
- this.dmaapClientThread.setAuto(scheme, handler);
- this.registerDMAAPThread = new Thread(this.dmaapClientThread);
- this.registerDMAAPThread.start();
- this.dmaapThread = true;
- }else{
- if(pdps.get(0)!=null){
- if(AutoClientEnd.getURL()==null){
- AutoClientEnd.start(pdps.get(0));
- }else {
- AutoClientEnd.stop();
- AutoClientEnd.start(pdps.get(0));
- }
- }
- }
- }
- }
-
- /*
- * Gets the Notification if one exists. Used only for Manual Polling
- * purposes.
- */
- public PDPNotification getNotification(){
- //Check if there is proper scheme..
- PDPNotification notification = null;
- if(this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS) || this.scheme.equals(NotificationScheme.MANUAL_NOTIFICATIONS)) {
- if (notificationType.get(0).equals("ueb")){
- ManualClientEndUEB.start(pdps.get(0), notificationURLList, UNIQUEID);
- notification = ManualClientEndUEB.result(scheme);
- }else if (notificationType.get(0).equals("dmaap")){
- ManualClientEndDMAAP.start(notificationURLList, topic, UNIQUEID, userName, pass);
- notification = ManualClientEndDMAAP.result(scheme);
- }else{
- ManualClientEnd.start(pdps.get(0));
- LOGGER.debug("manual notification requested.. : " + scheme.toString());
- notification = ManualClientEnd.result(scheme);
- }
- if (notification == null){
- LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Notification yet..");
- return null;
- } else {
- return notification;
- }
- }else {
- return null;
- }
- }
-
- /*
- * Setting the Scheme.
- */
- public void setScheme(NotificationScheme scheme) {
- this.scheme = scheme;
- if (notificationType.get(0).equals("ueb")){
- AutoClientUEB.setScheme(this.scheme);
- if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)){
- ManualClientEndUEB.createTopic(pdps.get(0), UNIQUEID, notificationURLList);
- }
- }else if (notificationType.get(0).equals("dmaap")){
- AutoClientDMAAP.setScheme(this.scheme);
- if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)){
- ManualClientEndDMAAP.createTopic(topic, UNIQUEID, notificationURLList, userName, pass);
- }
- }else{
- AutoClientEnd.setScheme(this.scheme);
- }
- }
-
- /*
- * Returns the Scheme
- */
- public NotificationScheme getScheme() {
- return this.scheme;
- }
-
- /*
- * Returns the NotificationHandler
- */
- public NotificationHandler getNotificationHandler() {
- return this.handler;
- }
-
- /*
- * Stop the Notification Service if its running.
- */
- public void stopNotification() {
- if (this.scheme != null && this.handler != null) {
- if (this.scheme.equals(NotificationScheme.AUTO_ALL_NOTIFICATIONS)
- || this.scheme
- .equals(NotificationScheme.AUTO_NOTIFICATIONS)) {
- LOGGER.info("Clear Notification called.. ");
- if (notificationType.get(0).equals("ueb")){
- this.uebClientThread.terminate();
- this.uebThread = false;
- }else if (notificationType.get(0).equals("dmaap")){
- this.dmaapClientThread.terminate();
- this.dmaapThread = false;
- }else{
- AutoClientEnd.stop();
- }
- }
- }
- }
-
- /*
- * Push a policy to the PDP API implementation
- */
- public String pushPolicy(String policyScope, String policyName, String policyType, String pdpGroup, UUID requestID) throws PolicyException {
- PushPolicyParameters pushPolicyParameters = new PushPolicyParameters();
- if(policyScope==null|| policyScope.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- if(policyName==null|| policyName.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- pushPolicyParameters.setPolicyName(policyScope+"."+policyName);
- pushPolicyParameters.setPolicyType(policyType);
- pushPolicyParameters.setPdpGroup(pdpGroup);
- pushPolicyParameters.setRequestID(requestID);
- return pushPolicyImpl(pushPolicyParameters).getResponseMessage();
- }
-
- public String createUpdateConfigPolicy(String policyName, String policyDescription, String onapName, String configName,
- Map<String, String> configAttributes, String configType, String body, String policyScope, UUID requestID,
- String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException {
- return createUpdateConfigPolicyImpl(policyName, policyDescription, onapName, configName,
- configAttributes, configType, body, policyScope, requestID,
- riskLevel, riskType, guard, ttlDate, updateFlag);
- }
-
- /*
- * Create Config Policy API Implementation
- */
- public String createUpdateConfigPolicyImpl(String policyName, String policyDescription, String onapName, String configName,
- Map<String, String> configAttributes, String configType, String body, String policyScope, UUID requestID,
- String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException {
- PolicyParameters policyParameters = new PolicyParameters();
- policyParameters.setPolicyClass(PolicyClass.Config);
- policyParameters.setPolicyConfigType(PolicyConfigType.Base);
- if(policyScope==null|| policyScope.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- if(policyName==null|| policyName.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- policyParameters.setPolicyName(policyScope+"."+policyName);
- policyParameters.setPolicyDescription(policyDescription);
- policyParameters.setOnapName(onapName);
- policyParameters.setConfigName(configName);
- Map<AttributeType, Map<String, String>> attributes = new HashMap<AttributeType, Map<String, String>>();
- attributes.put(AttributeType.MATCHING, configAttributes);
- policyParameters.setAttributes(attributes);
- policyParameters.setConfigBodyType(PolicyType.valueOf(configType));
- policyParameters.setConfigBody(body);
- policyParameters.setRequestID(requestID);
- policyParameters.setRiskLevel(riskLevel);
- policyParameters.setRiskType(riskType);
- policyParameters.setGuard(Boolean.parseBoolean(guard));
- try {
- policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate));
- } catch (ParseException e) {
- LOGGER.warn("Error Parsing date given " + ttlDate);
- policyParameters.setTtlDate(null);
- }
- return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage();
- }
-
- public String createUpdateConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope, UUID requestID,
- String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException {
- return createUpdateConfigFirewallPolicyImpl(policyName, firewallJson, policyScope, requestID,
- riskLevel, riskType, guard, ttlDate, updateFlag);
- }
-
- /*
- * Create Update Config Firewall Policy API implementation
- */
- public String createUpdateConfigFirewallPolicyImpl(String policyName, JsonObject firewallJson, String policyScope, UUID requestID,
- String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag) throws PolicyException {
- PolicyParameters policyParameters = new PolicyParameters();
- policyParameters.setPolicyClass(PolicyClass.Config);
- policyParameters.setPolicyConfigType(PolicyConfigType.Firewall);
- if(policyScope==null|| policyScope.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- if(policyName==null|| policyName.trim().isEmpty()){
- String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
- LOGGER.error(message);
- throw new PolicyException(message);
- }
- policyParameters.setPolicyName(policyScope+"."+policyName);
- policyParameters.setConfigBody(firewallJson.toString());
- policyParameters.setRequestID(requestID);
- policyParameters.setRiskLevel(riskLevel);
- policyParameters.setRiskType(riskType);
- policyParameters.setGuard(Boolean.parseBoolean(guard));
- try {
- policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate));
- } catch (NullPointerException | ParseException e) {
- LOGGER.warn("Error Parsing date given " + ttlDate);
- policyParameters.setTtlDate(null);
- }
- return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage();
- }
-
- public void setClientKey(String clientKey){
- if(clientKey!=null && !clientKey.isEmpty()){
- StdPolicyEngine.pass = clientKey;
- setClientEncoding();
- }
- }
- /*
- * Get the Environment.
- */
- public static String getEnvironment() {
- return environment;
- }
- /*
- * Rotate the PDP list upon WEBsocket Failures
- */
- public static void rotatePDPList() {
- Collections.rotate(pdps, -1);
- Collections.rotate(encoding, -1);
- }
- /*
- * Get the latest PDP
- */
- public static String getPDPURL() {
- return pdps.get(0);
- }
+ private void setProperty(String propertyFilePath, String clientKey) throws PolicyEngineException {
+ if (propertyFilePath == null) {
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Error NO PropertyFile Path provided");
+ } else {
+ // Adding logic for remote Properties file.
+ Properties prop = new Properties();
+ if (propertyFilePath.startsWith("http")) {
+ URL configURL;
+ try {
+ configURL = new URL(propertyFilePath);
+ URLConnection connection = null;
+ connection = configURL.openConnection();
+ prop.load(connection.getInputStream());
+ } catch (IOException e) {
+ LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + e);
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Maformed property URL " + e.getMessage());
+ }
+ } else {
+ Path file = Paths.get(propertyFilePath);
+ if (Files.notExists(file)) {
+ throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE
+ + "File doesn't exist in the specified Path " + file.toString());
+ }
+ if (file.toString().endsWith(".properties")) {
+ InputStream in;
+ prop = new Properties();
+ try {
+ in = new FileInputStream(file.toFile());
+ prop.load(in);
+ } catch (IOException e) {
+ LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + e);
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Load the Properties file", e);
+ }
+ } else {
+ LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file " + propertyFilePath);
+ throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Not a .properties file");
+ }
+ }
+ // UEB and DMAAP Settings
+ String checkType = prop.getProperty("NOTIFICATION_TYPE");
+ String serverList = prop.getProperty("NOTIFICATION_SERVERS");
+ topic = prop.getProperty("NOTIFICATION_TOPIC");
+ apiKey = prop.getProperty("UEB_API_KEY");
+ apiSecret = prop.getProperty("UEB_API_SECRET");
+
+ if (checkType == null) {
+ notificationType.add(DEFAULT_NOTIFICATION);
+ LOGGER.info(
+ "Properties file doesn't have the NOTIFICATION_TYPE parameter system will use defualt websockets");
+ } else {
+ checkType = checkType.trim();
+ if (checkType.contains(",")) {
+ typeDefault = new ArrayList<>(Arrays.asList(prop.getProperty("NOTIFICATION_TYPE").split(",")));
+ notificationType = typeDefault;
+ } else {
+ notificationType = new ArrayList<>();
+ notificationType.add(checkType);
+ }
+ }
+ if (serverList == null) {
+ notificationType.clear();
+ notificationType.add(DEFAULT_NOTIFICATION);
+ LOGGER.info(
+ "Properties file doesn't have the NOTIFICATION_SERVERS parameter system will use defualt websockets");
+ } else {
+ serverList = serverList.trim();
+ if (serverList.contains(",")) {
+ notificationURLList = new ArrayList<String>(Arrays.asList(serverList.split(",")));
+ } else {
+ notificationURLList = new ArrayList<>();
+ notificationURLList.add(serverList);
+ }
+ }
+
+ if (topic != null) {
+ topic = topic.trim();
+ } else {
+ LOGGER.error("Properties file doesn't have the NOTIFICATION_TOPIC parameter.");
+ }
+
+ // Client ID Authorization Settings.
+ String clientID = prop.getProperty("CLIENT_ID");
+ if (clientKey == null) {
+ clientKey = prop.getProperty("CLIENT_KEY");
+ try {
+ clientKey = PolicyUtils.decode(clientKey);
+ } catch (UnsupportedEncodingException | IllegalArgumentException e) {
+ LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS
+ + " Cannot Decode the given Password Proceeding with given Password!!", e);
+ }
+ }
+ if (clientID == null || clientKey == null || clientID.isEmpty() || clientKey.isEmpty()) {
+ LOGGER.error(XACMLErrorConstants.ERROR_PERMISSIONS
+ + " Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!");
+ throw new PolicyEngineException(XACMLErrorConstants.ERROR_PERMISSIONS
+ + " Cannot proceed without the CLIENT_KEY and CLIENT_ID values !!");
+ } else {
+ setClientId(clientID.trim());
+ setClientKey(clientKey.trim());
+ }
+ setEnvironment(prop);
+ // Initializing the values.
+ init();
+ // Check the Keys for PDP_URLs
+ Collection<Object> unsorted = prop.keySet();
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ List<String> sorted = new ArrayList(unsorted);
+ Collections.sort(sorted);
+ for (String propKey : sorted) {
+ if (propKey.startsWith("PDP_URL")) {
+ String checkVal = prop.getProperty(propKey);
+ if (checkVal == null) {
+ throw new PolicyEngineException(XACMLErrorConstants.ERROR_DATA_ISSUE
+ + "Properties file doesn't have the PDP_URL parameter");
+ }
+ if (checkVal.contains(";")) {
+ pdpDefault = new ArrayList<>(Arrays.asList(checkVal.split("\\s*;\\s*")));
+ int pdpCount = 0;
+ while (pdpCount < pdpDefault.size()) {
+ String pdpVal = pdpDefault.get(pdpCount);
+ readPDPParam(pdpVal);
+ pdpCount++;
+ }
+ } else {
+ readPDPParam(checkVal);
+ }
+ }
+ }
+ if (pdps == null || pdps.isEmpty()) {
+ LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs");
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "Cannot Proceed without PDP_URLs");
+ }
+ // Get JUNIT property from properties file when running tests
+ checkJunit(prop);
+ }
+ }
+
+ private static void checkJunit(Properties prop) {
+ String junitFlag = prop.getProperty("JUNIT");
+ if (junitFlag == null || junitFlag.isEmpty()) {
+ LOGGER.info("No JUNIT property provided, this will not be executed as a test.");
+ } else {
+ if (junitFlag.equalsIgnoreCase("test")) {
+ StdPolicyEngine.junit = true;
+ } else {
+ StdPolicyEngine.junit = false;
+ }
+ }
+ }
+
+ private static void init() {
+ pdps = new ArrayList<>();
+ encoding = new ArrayList<>();
+ }
+
+ private static void setEnvironment(Properties prop) {
+ environment = prop.getProperty("ENVIRONMENT", AAFEnvironment.DEVL.toString());
+ if (environment.equalsIgnoreCase(AAFEnvironment.TEST.toString())) {
+ environment = AAFEnvironment.TEST.toString();
+ } else if (environment.equalsIgnoreCase(AAFEnvironment.PROD.toString())) {
+ environment = AAFEnvironment.PROD.toString();
+ } else {
+ environment = AAFEnvironment.DEVL.toString();
+ }
+ }
+
+ private static void setClientId(String clientID) {
+ userName = clientID;
+ }
+
+ /*
+ * Read the PDP_URL parameter
+ */
+ private void readPDPParam(String pdpVal) throws PolicyEngineException {
+ if (pdpVal.contains(",")) {
+ List<String> pdpValues = new ArrayList<String>(Arrays.asList(pdpVal.split("\\s*,\\s*")));
+ if (pdpValues.size() == 3) {
+ // 0 - PDPURL
+ pdps.add(pdpValues.get(0));
+ // 1:2 will be UserID:Password
+ String userID = pdpValues.get(1);
+ String pass = pdpValues.get(2);
+ Base64.Encoder encoder = Base64.getEncoder();
+ encoding.add(encoder.encodeToString((userID + ":" + pass).getBytes(StandardCharsets.UTF_8)));
+ } else {
+ LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Credentials to send Request: " + pdpValues);
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "No enough Credentials to send Request. " + pdpValues);
+ }
+ } else {
+ LOGGER.error(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values: " + pdpVal);
+ throw new PolicyEngineException(
+ XACMLErrorConstants.ERROR_DATA_ISSUE + "PDP value is improper/missing required values.");
+ }
+ }
+
+ /*
+ * Allowing changes to the scheme and Handler.
+ */
+ public void notification(NotificationScheme scheme, NotificationHandler handler) {
+ this.scheme = scheme;
+ this.handler = handler;
+ LOGGER.debug("Scheme is : " + scheme.toString());
+ LOGGER.debug("Handler is : " + handler.getClass().getName());
+
+ if (notificationType.get(0).equals("ueb")) {
+ if (this.uebThread) {
+ AutoClientUEB.setAuto(scheme, handler);
+ this.uebThread = registerUEBThread.isAlive();
+ }
+ } else if (notificationType.get(0).equals("dmaap")) {
+ if (this.dmaapThread) {
+ AutoClientDMAAP.setAuto(scheme, handler);
+ this.dmaapThread = registerDMAAPThread.isAlive();
+ }
+ } else {
+ AutoClientEnd.setAuto(scheme, handler);
+ }
+
+ if (junit) {
+ return;
+ }
+
+ if (pdps != null) {
+ if (notificationType.get(0).equals("ueb") && !this.uebThread) {
+ this.uebClientThread = new AutoClientUEB(pdps.get(0), notificationURLList, apiKey, apiSecret);
+ AutoClientUEB.setAuto(scheme, handler);
+ this.registerUEBThread = new Thread(this.uebClientThread);
+ this.registerUEBThread.start();
+ this.uebThread = true;
+ } else if (notificationType.get(0).equals("dmaap") && !this.dmaapThread) {
+ this.dmaapClientThread = new AutoClientDMAAP(notificationURLList, topic, userName, pass);
+ AutoClientDMAAP.setAuto(scheme, handler);
+ this.registerDMAAPThread = new Thread(this.dmaapClientThread);
+ this.registerDMAAPThread.start();
+ this.dmaapThread = true;
+ } else {
+ if (pdps.get(0) != null) {
+ if (AutoClientEnd.getURL() == null) {
+ AutoClientEnd.start(pdps.get(0));
+ } else {
+ AutoClientEnd.stop();
+ AutoClientEnd.start(pdps.get(0));
+ }
+ }
+ }
+ }
+ }
+
+ /*
+ * Gets the Notification if one exists. Used only for Manual Polling purposes.
+ */
+ public PDPNotification getNotification() {
+ // Check if there is proper scheme..
+ PDPNotification notification = null;
+ if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)
+ || this.scheme.equals(NotificationScheme.MANUAL_NOTIFICATIONS)) {
+ if (notificationType.get(0).equals("ueb")) {
+ ManualClientEndUEB.start(pdps.get(0), notificationURLList, UNIQUEID);
+ notification = ManualClientEndUEB.result(scheme);
+ } else if (notificationType.get(0).equals("dmaap")) {
+ ManualClientEndDMAAP.start(notificationURLList, topic, UNIQUEID, userName, pass);
+ notification = ManualClientEndDMAAP.result(scheme);
+ } else {
+ ManualClientEnd.start(pdps.get(0));
+ LOGGER.debug("manual notification requested.. : " + scheme.toString());
+ notification = ManualClientEnd.result(scheme);
+ }
+ if (notification == null) {
+ LOGGER.error(XACMLErrorConstants.ERROR_DATA_ISSUE + "No Notification yet..");
+ return null;
+ } else {
+ return notification;
+ }
+ } else {
+ return null;
+ }
+ }
+
+ /*
+ * Setting the Scheme.
+ */
+ public void setScheme(NotificationScheme scheme) {
+ this.scheme = scheme;
+ if (notificationType.get(0).equals("ueb")) {
+ AutoClientUEB.setScheme(this.scheme);
+ if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)) {
+ ManualClientEndUEB.createTopic(pdps.get(0), UNIQUEID, notificationURLList);
+ }
+ } else if (notificationType.get(0).equals("dmaap")) {
+ AutoClientDMAAP.setScheme(this.scheme);
+ if (this.scheme.equals(NotificationScheme.MANUAL_ALL_NOTIFICATIONS)) {
+ ManualClientEndDMAAP.createTopic(topic, UNIQUEID, notificationURLList, userName, pass);
+ }
+ } else {
+ AutoClientEnd.setScheme(this.scheme);
+ }
+ }
+
+ /*
+ * Returns the Scheme
+ */
+ public NotificationScheme getScheme() {
+ return this.scheme;
+ }
+
+ /*
+ * Returns the NotificationHandler
+ */
+ public NotificationHandler getNotificationHandler() {
+ return this.handler;
+ }
+
+ /*
+ * Stop the Notification Service if its running.
+ */
+ public void stopNotification() {
+ if (this.scheme != null && this.handler != null) {
+ if (this.scheme.equals(NotificationScheme.AUTO_ALL_NOTIFICATIONS)
+ || this.scheme.equals(NotificationScheme.AUTO_NOTIFICATIONS)) {
+ LOGGER.info("Clear Notification called.. ");
+ if (notificationType.get(0).equals("ueb")) {
+ this.uebClientThread.terminate();
+ this.uebThread = false;
+ } else if (notificationType.get(0).equals("dmaap")) {
+ this.dmaapClientThread.terminate();
+ this.dmaapThread = false;
+ } else {
+ AutoClientEnd.stop();
+ }
+ }
+ }
+ }
+
+ /*
+ * Push a policy to the PDP API implementation
+ */
+ public String pushPolicy(String policyScope, String policyName, String policyType, String pdpGroup, UUID requestID)
+ throws PolicyException {
+ PushPolicyParameters pushPolicyParameters = new PushPolicyParameters();
+ if (policyScope == null || policyScope.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ if (policyName == null || policyName.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ pushPolicyParameters.setPolicyName(policyScope + "." + policyName);
+ pushPolicyParameters.setPolicyType(policyType);
+ pushPolicyParameters.setPdpGroup(pdpGroup);
+ pushPolicyParameters.setRequestID(requestID);
+ return pushPolicyImpl(pushPolicyParameters).getResponseMessage();
+ }
+
+ public String createUpdateConfigPolicy(String policyName, String policyDescription, String onapName,
+ String configName, Map<String, String> configAttributes, String configType, String body, String policyScope,
+ UUID requestID, String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag)
+ throws PolicyException {
+ return createUpdateConfigPolicyImpl(policyName, policyDescription, onapName, configName, configAttributes,
+ configType, body, policyScope, requestID, riskLevel, riskType, guard, ttlDate, updateFlag);
+ }
+
+ /*
+ * Create Config Policy API Implementation
+ */
+ public String createUpdateConfigPolicyImpl(String policyName, String policyDescription, String onapName,
+ String configName, Map<String, String> configAttributes, String configType, String body, String policyScope,
+ UUID requestID, String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag)
+ throws PolicyException {
+ PolicyParameters policyParameters = new PolicyParameters();
+ policyParameters.setPolicyClass(PolicyClass.Config);
+ policyParameters.setPolicyConfigType(PolicyConfigType.Base);
+ if (policyScope == null || policyScope.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ if (policyName == null || policyName.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ policyParameters.setPolicyName(policyScope + "." + policyName);
+ policyParameters.setPolicyDescription(policyDescription);
+ policyParameters.setOnapName(onapName);
+ policyParameters.setConfigName(configName);
+ Map<AttributeType, Map<String, String>> attributes = new HashMap<AttributeType, Map<String, String>>();
+ attributes.put(AttributeType.MATCHING, configAttributes);
+ policyParameters.setAttributes(attributes);
+ policyParameters.setConfigBodyType(PolicyType.valueOf(configType));
+ policyParameters.setConfigBody(body);
+ policyParameters.setRequestID(requestID);
+ policyParameters.setRiskLevel(riskLevel);
+ policyParameters.setRiskType(riskType);
+ policyParameters.setGuard(Boolean.parseBoolean(guard));
+ try {
+ policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate));
+ } catch (ParseException e) {
+ LOGGER.warn("Error Parsing date given " + ttlDate);
+ policyParameters.setTtlDate(null);
+ }
+ return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage();
+ }
+
+ public String createUpdateConfigFirewallPolicy(String policyName, JsonObject firewallJson, String policyScope,
+ UUID requestID, String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag)
+ throws PolicyException {
+ return createUpdateConfigFirewallPolicyImpl(policyName, firewallJson, policyScope, requestID, riskLevel,
+ riskType, guard, ttlDate, updateFlag);
+ }
+
+ /*
+ * Create Update Config Firewall Policy API implementation
+ */
+ public String createUpdateConfigFirewallPolicyImpl(String policyName, JsonObject firewallJson, String policyScope,
+ UUID requestID, String riskLevel, String riskType, String guard, String ttlDate, boolean updateFlag)
+ throws PolicyException {
+ PolicyParameters policyParameters = new PolicyParameters();
+ policyParameters.setPolicyClass(PolicyClass.Config);
+ policyParameters.setPolicyConfigType(PolicyConfigType.Firewall);
+ if (policyScope == null || policyScope.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Scope given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ if (policyName == null || policyName.trim().isEmpty()) {
+ String message = XACMLErrorConstants.ERROR_DATA_ISSUE + "No Policy Name given.";
+ LOGGER.error(message);
+ throw new PolicyException(message);
+ }
+ policyParameters.setPolicyName(policyScope + "." + policyName);
+ policyParameters.setConfigBody(firewallJson.toString());
+ policyParameters.setRequestID(requestID);
+ policyParameters.setRiskLevel(riskLevel);
+ policyParameters.setRiskType(riskType);
+ policyParameters.setGuard(Boolean.parseBoolean(guard));
+ try {
+ policyParameters.setTtlDate(new SimpleDateFormat("dd-MM-yyyy").parse(ttlDate));
+ } catch (NullPointerException | ParseException e) {
+ LOGGER.warn("Error Parsing date given " + ttlDate);
+ policyParameters.setTtlDate(null);
+ }
+ return createUpdatePolicyImpl(policyParameters, updateFlag).getResponseMessage();
+ }
+
+ public void setClientKey(String clientKey) {
+ if (clientKey != null && !clientKey.isEmpty()) {
+ StdPolicyEngine.pass = clientKey;
+ setClientEncoding();
+ }
+ }
+
+ /*
+ * Get the Environment.
+ */
+ public static String getEnvironment() {
+ return environment;
+ }
+
+ /*
+ * Rotate the PDP list upon WEBsocket Failures
+ */
+ public static void rotatePDPList() {
+ Collections.rotate(pdps, -1);
+ Collections.rotate(encoding, -1);
+ }
+
+ /*
+ * Get the latest PDP
+ */
+ public static String getPDPURL() {
+ return pdps.get(0);
+ }