import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.onap.aaf.cadi.filter.CadiFilter;
import org.onap.portalsdk.core.onboarding.util.AuthUtil;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
public class CadiAuthFilter extends CadiFilter {
- private static String include_url_endpoints ="";
- private static String exclude_url_endpoints = "";
+ private static final Log logger = LogFactory.getLog(CadiAuthFilter.class);
+
public static final String AUTHORIZATION = "Authorization";
- private static final Log logger = LogFactory.getLog(CipherUtil.class);
-
+ public static final String EXCLUDE_URL_ENDPOINTS = "exclude_url_endpoints";
+ public static final String INCLUDE_URL_ENDPOINTS = "include_url_endpoints";
+ public static final String REMOTE = "remote";
+ private List<String> includeUrlEndPointList;
+ private List<String> excludeUrlEndPointList;
+
public void init(FilterConfig filterConfig) throws ServletException {
super.init(filterConfig);
- include_url_endpoints = filterConfig.getInitParameter("include_url_endpoints");
- exclude_url_endpoints = filterConfig.getInitParameter("exclude_url_endpoints");
- logger.debug("include_url_endpoints values: "+ include_url_endpoints);
- logger.debug("exclude_url_endpoints values: "+ exclude_url_endpoints);
+ String include_url_endpoints = filterConfig.getInitParameter(INCLUDE_URL_ENDPOINTS);
+ String exclude_url_endpoints = filterConfig.getInitParameter(EXCLUDE_URL_ENDPOINTS);
+ logger.debug(INCLUDE_URL_ENDPOINTS + ": " + include_url_endpoints);
+ logger.debug(EXCLUDE_URL_ENDPOINTS + ": " + exclude_url_endpoints);
+ if (include_url_endpoints == null || include_url_endpoints.isEmpty())
+ throw new ServletException("Filter init parameter " + INCLUDE_URL_ENDPOINTS + " is null or empty");
+ if (exclude_url_endpoints == null || exclude_url_endpoints.isEmpty())
+ throw new ServletException("Filter init parameter " + EXCLUDE_URL_ENDPOINTS + " is null or empty");
+ includeUrlEndPointList = new ArrayList<String>(Arrays.asList(include_url_endpoints.split(",")));
+ excludeUrlEndPointList = new ArrayList<String>(Arrays.asList(exclude_url_endpoints.split(",")));
}
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) //
throws IOException, ServletException {
-
- if (include_url_endpoints.equals("") || include_url_endpoints == null || include_url_endpoints.isEmpty()) {
- throw new NullPointerException("inlclude_url_endpoints is null");
+ if (excludeFilter(request, excludeUrlEndPointList)) {
+ logger.debug("doFilter: request excluded from cadifilter");
+ chain.doFilter(request, response);
+ } else if (includeFilter(request, includeUrlEndPointList)) {
+ logger.debug("doFilter: request is entering cadifilter");
+ super.doFilter(request, response, chain);
} else {
- String includeUrlEndPointString = include_url_endpoints;
- if (exclude_url_endpoints.equals("") || exclude_url_endpoints == null || exclude_url_endpoints.isEmpty()) {
- throw new NullPointerException("exculde_url_endpoints is null");
- }
- String excludeUrlEndPointString = exclude_url_endpoints;
- ArrayList<String> excludeUrlEndPointList = new ArrayList<String>(
- Arrays.asList(excludeUrlEndPointString.split(",")));
- ArrayList<String> includeUrlEndPointList = new ArrayList<String>(
- Arrays.asList(includeUrlEndPointString.split(",")));
- if (excludeFilter(request, excludeUrlEndPointList)){
- logger.debug("Request excluded from cadifilter");
- chain.doFilter(request, response);
- }else if (includeFilter(request, includeUrlEndPointList)){
- logger.debug("Request is entering cadifilter");
- super.doFilter(request, response, chain);
- }else
- chain.doFilter(request, response);
+ chain.doFilter(request, response);
}
}
-
private String getUrl(ServletRequest request) {
- String path = "";
HttpServletRequest httpRequest = (HttpServletRequest) request;
- path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
- return path;
+ return httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
}
- private boolean excludeFilter(ServletRequest request, ArrayList<String> excludeUrlEndPointList) {
+ private boolean excludeFilter(ServletRequest request, List<String> excludeUrlEndPointList) {
boolean isUrlExcluded = false;
- String Path = getUrl(request);
-
+ String path = getUrl(request);
for (String str : excludeUrlEndPointList) {
if (!isUrlExcluded)
- isUrlExcluded = AuthUtil.matchPattern(Path, str.substring(1));
+ isUrlExcluded = AuthUtil.matchPattern(path, str.substring(1));
}
return isUrlExcluded;
}
- private boolean includeFilter(ServletRequest request, ArrayList<String> includeapisList) {
+ private boolean includeFilter(ServletRequest request, List<String> includeapisList) {
boolean isauthenticated = false;
HttpServletRequest httpRequest = (HttpServletRequest) request;
-
- if(httpRequest.getHeader(AUTHORIZATION) == null)
+
+ if (httpRequest.getHeader(AUTHORIZATION) == null)
return isauthenticated;
// TODO: refactor to have exclusion pattern
String path = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length() + 1);
if (!isauthenticated)
isauthenticated = matchPattern(path, str);
}
- if (isauthenticated && PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED)
- .equalsIgnoreCase("remote"))
+ if (isauthenticated
+ && PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED).equalsIgnoreCase(REMOTE))
isauthenticated = true;
else
isauthenticated = false;
} else if (roleFunctionArray[i].equals("*")) {
match = true;
}
-
}
}
if (match)
Code Review / portal / sdk.git / commitdiff