--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright © 2017 Amdocs
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.aai.sparky.security;
+
+import org.onap.aai.cl.api.Logger;
+import org.onap.aai.cl.eelf.LoggerFactory;
+import org.onap.aai.sparky.logging.AaiUiMsgs;
+import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
+
+public class BaseCookieDecryptor implements CookieDecryptor {
+
+ private static final Logger LOG = LoggerFactory.getInstance().getLogger(BaseCookieDecryptor.class);
+
+
+ public BaseCookieDecryptor(){}
+
+ public String decryptCookie(String encryptedCookie){
+
+ String decryptedCookie = "";
+ try {
+ decryptedCookie = CipherUtil.decrypt(encryptedCookie, "");
+ } catch (Exception e) {
+ LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, "decrypting base cookie failed " + e.getLocalizedMessage());
+ }
+ return decryptedCookie;
+
+ }
+
+}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright © 2017 Amdocs
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ *
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+package org.onap.aai.sparky.security;
+
+public interface CookieDecryptor {
+
+ String decryptCookie(String encryptedCookie);
+
+}
* cookies do not decode); else null.
*/
private static String getLoginIdFromCookie(HttpServletRequest request) {
- String attuid = null;
+ String uid = null;
try {
String[] cspFields = getCspData(request);
if (cspFields != null && cspFields.length > 5)
- attuid = cspFields[5];
+ uid = cspFields[5];
} catch (Throwable t) {
LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO,
"getLoginIdFromCookie failed " + t.getLocalizedMessage());
}
- return attuid;
+ return uid;
}
/**
}
final String cspCookieEncrypted = csp.getValue();
- String gateKeeperProdKey = PortalApiProperties.getProperty(CSP_GATE_KEEPER_PROD_KEY);
- if (gateKeeperProdKey == null) {
- LOG.debug(AaiUiMsgs.LOGIN_FILTER_DEBUG,
- "getCspData: failed to get property " + CSP_GATE_KEEPER_PROD_KEY);
- }
-
- String cspCookieDecrypted = "";
- try {
- cspCookieDecrypted = CipherUtil.decrypt(cspCookieEncrypted, "");
- } catch (Exception e) {
- LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, "decrypting cookie failed " + e.getLocalizedMessage());
- }
+ String cspCookieDecrypted = null;
+ try {
+ cspCookieDecrypted = PortalAuthenticationConfig.getInstance().getCookieDecryptor().decryptCookie(cspCookieEncrypted);
+ } catch (ClassNotFoundException e) {
+ e.printStackTrace();
+ }
String[] cspData = cspCookieDecrypted.split("\\|");
return cspData;
*/
package org.onap.aai.sparky.security.portal.config;
+
import java.util.Properties;
+import org.onap.aai.sparky.security.CookieDecryptor;
import org.onap.aai.sparky.util.ConfigHelper;
import org.onap.aai.sparky.util.Encryptor;
import org.onap.aai.sparky.viewandinspect.config.SparkyConstants;
private String username;
private String password;
private boolean isOnapEnabled;
+ private CookieDecryptor cookieDecryptor;
+ private String cookieDecryptorClassName;
public static final String PROP_USERNAME = "username";
public static final String PROP_PASSWORD = "password"; // NOSONAR
public static final String PROP_IS_ONAP_ENABLED = "onap_enabled"; // NOSONAR
private static final String AUTHENTICATION_CONFIG_FILE = SparkyConstants.PORTAL_AUTHENTICATION_FILE_LOCATION;
+ public static final String PROP_COOKIEDECRYPTORCLASSNAME = "cookie_decryptor_classname";
private PortalAuthenticationConfig() {
// Prevent instantiation
public boolean getIsOnapEnabled() {
return isOnapEnabled;
}
+ public String getcookieDecryptorClassName() {
+ return cookieDecryptorClassName;
+ }
/**
* Reload the Portal authentication properties from the classpath.
username = props.getProperty(PROP_USERNAME);
password = props.getProperty(PROP_PASSWORD);
isOnapEnabled = Boolean.parseBoolean(props.getProperty(PROP_IS_ONAP_ENABLED, "true"));
+ cookieDecryptorClassName= props.getProperty(PROP_COOKIEDECRYPTORCLASSNAME);
+ }
+
+ public CookieDecryptor getCookieDecryptor() throws ClassNotFoundException{
+
+ Class cookieDecrypterClass = Class.forName(cookieDecryptorClassName);
+ try {
+ cookieDecryptor = (CookieDecryptor) cookieDecrypterClass.newInstance();
+ } catch (InstantiationException | IllegalAccessException e) {
+ e.printStackTrace();
+ }
+ return cookieDecryptor;
}
+
}
\ No newline at end of file
Code Review / aai / sparky-be.git / commitdiff