Revert "Basic authorization for unsecured endpoint"

author andre.schmid <andre.schmid@est.tech>

Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)

committer andre.schmid <andre.schmid@est.tech>

Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)
author andre.schmid <andre.schmid@est.tech>
Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)
committer andre.schmid <andre.schmid@est.tech>
Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/RestAuthenticationFilter.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/RestAuthenticationFilter.java

deleted file mode 100644 (file)

index 1f23506..0000000
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/RestAuthenticationFilter.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP SDC
- * ================================================================================
- * Copyright (C) 2019 Samsung. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- *
- */
-
-package org.openecomp.sdc.be.filters;
-
-import fj.data.Either;
-import java.io.IOException;
-import java.util.Base64;
-import java.util.List;
-import java.util.Optional;
-import java.util.StringTokenizer;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.openecomp.sdc.be.config.BeEcompErrorManager;
-import org.openecomp.sdc.be.model.User;
-import org.openecomp.sdc.be.user.UserBusinessLogic;
-import org.openecomp.sdc.common.api.Constants;
-import org.openecomp.sdc.common.log.wrappers.Logger;
-import org.openecomp.sdc.exception.ResponseFormat;
-import org.springframework.context.ApplicationContext;
-import org.springframework.web.context.ContextLoader;
-
-public class RestAuthenticationFilter implements Filter {
-
-    private static final Logger log = Logger.getLogger(RestAuthenticationFilter.class);
-    private UserBusinessLogic userBusinessLogic = getUserBusinessLogic();
-
-
-    private UserBusinessLogic getUserBusinessLogic() {
-        ApplicationContext ctx = ContextLoader.getCurrentWebApplicationContext();
-        return (UserBusinessLogic) ctx.getBean("userBusinessLogic");
-    }
-
-    @Override
-    public void doFilter(ServletRequest request, ServletResponse response, FilterChain filter)
-            throws IOException, ServletException {
-        if (request instanceof HttpServletRequest) {
-            HttpServletRequest httpServletRequest = (HttpServletRequest) request;
-
-            String authHeader = httpServletRequest.getHeader(Constants.AUTHORIZATION_HEADER);
-
-            if (authHeader != null) {
-                boolean authenticationStatus = authenticate(authHeader);
-
-                if (authenticationStatus) {
-                    filter.doFilter(request, response);
-                } else {
-                    unauthorized(response);
-                }
-            } else {
-                unauthorized(response);
-            }
-        }
-    }
-
-    private void unauthorized(ServletResponse response) {
-        if (response instanceof HttpServletResponse) {
-            HttpServletResponse httpServletResponse = (HttpServletResponse) response;
-            httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-        }
-    }
-
-    private boolean authenticate(String authCredentials) {
-
-        if (null == authCredentials) {
-            return false;
-        }
-
-        final String encodedUserPassword = authCredentials.replaceFirst("Basic" + " ", "");
-        String usernameAndPassword = null;
-        try {
-            byte[] decodedBytes = Base64.getDecoder().decode(encodedUserPassword);
-            usernameAndPassword = new String(decodedBytes, "UTF-8");
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-        final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
-        final String username = tokenizer.nextToken();
-
-        try {
-            Either<List<User>, ResponseFormat> either = userBusinessLogic.getAllAdminUsers();
-
-            if (either.isRight()) {
-                return false;
-            } else {
-                if (either.left().value() != null) {
-                    List<User> users = either.left().value();
-                    Optional<User> user = users.stream().filter(x -> x.getUserId().equals(username)).findFirst();
-                    return user.isPresent();
-                } else {
-                    return false;
-                }
-            }
-        } catch (Exception e) {
-            BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get All Administrators");
-            log.debug("get all admins failed with unexpected error: {}", e);
-        }
-        return false;
-    }
-
-    @Override
-    public void destroy() {
-    }
-
-    @Override
-    public void init(FilterConfig arg0) throws ServletException {
-    }
-}
diff --git a/catalog-be/src/main/webapp/WEB-INF/web.xml b/catalog-be/src/main/webapp/WEB-INF/web.xml

index 812faba..027601b 100644 (file)
--- a/catalog-be/src/main/webapp/WEB-INF/web.xml
+++ b/catalog-be/src/main/webapp/WEB-INF/web.xml
@@ -50,17 +50,6 @@
                 <servlet-name>EsGateway</servlet-name>
                 <url-pattern>/sdc2/esGateway/*</url-pattern>
         </servlet-mapping>
-
-       <filter>
-               <filter-name>AuthenticationFilter</filter-name>
-               <filter-class>
-                       org.openecomp.sdc.be.filters.RestAuthenticationFilter
-               </filter-class>
-       </filter>
-       <filter-mapping>
-               <filter-name>AuthenticationFilter</filter-name>
-               <url-pattern>/sdc2/rest/v1/consumers</url-pattern>
-       </filter-mapping>
         
         <servlet>
                 <servlet-name>jerseyDistribution</servlet-name>
author	andre.schmid <andre.schmid@est.tech>
	Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)
committer	andre.schmid <andre.schmid@est.tech>
	Fri, 6 Sep 2019 09:45:03 +0000 (09:45 +0000)
catalog-be/src/main/java/org/openecomp/sdc/be/filters/RestAuthenticationFilter.java	[deleted file]	patch \| blob \| history
catalog-be/src/main/webapp/WEB-INF/web.xml		patch \| blob \| history