import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.onap.aaf.cadi.filter.CadiFilter;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.onboarding.util.AuthUtil;
+import org.onap.portalsdk.core.onboarding.util.CipherUtil;
import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
private static String include_url_endpoints ="";
private static String exclude_url_endpoints = "";
public static final String AUTHORIZATION = "Authorization";
- private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(CadiAuthFilter.class);
+ private static final Log logger = LogFactory.getLog(CipherUtil.class);
public void init(FilterConfig filterConfig) throws ServletException {
super.init(filterConfig);
include_url_endpoints = filterConfig.getInitParameter("include_url_endpoints");
exclude_url_endpoints = filterConfig.getInitParameter("exclude_url_endpoints");
- logger.debug(EELFLoggerDelegate.debugLogger, "inculde_url_endpoints values: "+ include_url_endpoints);
- logger.debug(EELFLoggerDelegate.debugLogger, "exculde_url_endpoints values: "+ exclude_url_endpoints);
+ logger.debug("include_url_endpoints values: "+ include_url_endpoints);
+ logger.debug("exclude_url_endpoints values: "+ exclude_url_endpoints);
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
ArrayList<String> includeUrlEndPointList = new ArrayList<String>(
Arrays.asList(includeUrlEndPointString.split(",")));
if (excludeFilter(request, excludeUrlEndPointList)){
- logger.debug(EELFLoggerDelegate.debugLogger, "Request excluded from cadifilter");
+ logger.debug("Request excluded from cadifilter");
chain.doFilter(request, response);
}else if (includeFilter(request, includeUrlEndPointList)){
- logger.debug(EELFLoggerDelegate.debugLogger, "Request is entering cadifilter");
+ logger.debug("Request is entering cadifilter");
super.doFilter(request, response, chain);
}else
chain.doFilter(request, response);
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
import org.onap.portalsdk.core.onboarding.rest.RestWebServiceClient;
import org.onap.portalsdk.core.onboarding.util.AuthUtil;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.restful.domain.EcompUser;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.type.TypeFactory;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.onap.aaf.cadi.CadiWrap;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
public class AuthUtil {
private static final String decodeValueOfForwardSlash = "2f";
private static final String decodeValueOfHyphen = "2d";
private static final String decodeValueOfAsterisk = "2a";
- private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AuthUtil.class);
+ private static final Log logger = LogFactory.getLog(AuthUtil.class);
/*
* This method compares the portalApiPath against the urlPattern; splits the
}
return false;
}
+
/**
*
* @param request
- * @return returns list of AAFPermission of the requested MechId for all the namespaces
+ * @return returns list of AAFPermission of the requested MechId for all the
+ * namespaces
*/
public static List<AAFPermission> getAAFPermissions(HttpServletRequest request) {
CadiWrap wrapReq = (CadiWrap) request;
allPermissionsList.removeIf(perm -> (!perm.getType().equals(type)));
return allPermissionsList;
}
+
/**
*
* @param permsList
str = decodeFunctionCode(instance);
finalInstanceList.add(str);
}
- logger.debug(EELFLoggerDelegate.debugLogger, "List of AllInstances: "+ finalInstanceList);
+ if (logger.isDebugEnabled())
+ logger.debug("List of AllInstances: " + finalInstanceList);
return finalInstanceList;
}
decodedString = decodedString.replaceAll("%" + xssInputPattern,
new String(Hex.decodeHex(xssInputPattern.toString().toCharArray())));
} catch (DecoderException e) {
- logger.error(EELFLoggerDelegate.errorLogger, "Decode Failed! for instance: "+ str);
+ logger.error("Decode Failed! for instance: " + str);
throw new PortalAPIException("decode failed", e);
}
}
/**
*
* @param request
- * @param nameSpace application namespace
+ * @param nameSpace
+ * application namespace
* @return boolean value if the access is allowed
* @throws PortalAPIException
*/
- public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace, Map<String,String> appCredentials) throws PortalAPIException {
-
+ public static boolean isAccessAllowed(HttpServletRequest request, String nameSpace,
+ Map<String, String> appCredentials) throws PortalAPIException {
+
boolean isauthorized = false;
try {
CadiWrap wrapReq = (CadiWrap) request;
List<AAFPermission> aafPermsList = getAAFPermissions(request);
- logger.debug(EELFLoggerDelegate.debugLogger, "Application nameSpace: " + nameSpace);
+ logger.debug("Application nameSpace: " + nameSpace);
if (nameSpace.isEmpty()) {
throw new PortalAPIException("NameSpace not Declared!");
}
if (!isauthorized)
isauthorized = matchPattern(requestUri, str);
}
- logger.debug(EELFLoggerDelegate.debugLogger,
- "isAccessAllowed for the request uri: " + requestUri + "is" + isauthorized);
+ logger.debug("isAccessAllowed for the request uri: " + requestUri + "is" + isauthorized);
if (isauthorized) {
- logger.debug(EELFLoggerDelegate.debugLogger, "Request is Authorized");
+ logger.debug("Request is Authorized");
}
} catch (ClassCastException e) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Given request is not CADI request");
-
- if(appCredentials.isEmpty())
- {
- logger.debug(EELFLoggerDelegate.debugLogger, "app credentails are empty");
+ logger.warn("Given request is not CADI request: " + e.toString());
+
+ if (appCredentials.isEmpty()) {
+ logger.debug("app credentails are empty");
return false;
}
-
+
String appUserName = "";
String appPassword = "";
String appName = "";
appName = entry.getValue();
}
}
-
+
try {
String appUser = request.getHeader("username");
String password = request.getHeader("password");
-
+
if (password.equals(appPassword) && appUserName.equals(appUser)) {
isauthorized = true;
}
- logger.debug(EELFLoggerDelegate.debugLogger,
- "isAccessAllowed for the request " + isauthorized);
+ logger.debug("isAccessAllowed for the request " + isauthorized);
} catch (Exception e1) {
String response = "AuthUtil.isAccessAllowed failed";
- logger.error(EELFLoggerDelegate.errorLogger, response, e1);
+ logger.error(response, e1);
throw new PortalAPIException(response, e1);
}
}
-
+
return isauthorized;
}
}
\ No newline at end of file
Code Review / portal / sdk.git / commitdiff