auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.env;
  23
  24 import java.security.Principal;
  25
  26 import javax.servlet.ServletRequest;
  27 import javax.servlet.http.HttpServletRequest;
  28
  29 import org.onap.aaf.auth.rserv.TransFilter;
  30 import org.onap.aaf.cadi.CadiException;
  31 import org.onap.aaf.cadi.Connector;
  32 import org.onap.aaf.cadi.LocatorException;
  33 import org.onap.aaf.cadi.TrustChecker;
  34 import org.onap.aaf.cadi.principal.TaggedPrincipal;
  35 import org.onap.aaf.cadi.principal.TrustPrincipal;
  36 import org.onap.aaf.misc.env.Env;
  37 import org.onap.aaf.misc.env.LogTarget;
  38 import org.onap.aaf.misc.env.Slot;
  39 import org.onap.aaf.misc.env.TimeTaken;
  40 import org.onap.aaf.misc.env.Trans.Metric;
  41
  42 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
  43         private AuthzEnv env;
  44         public Metric serviceMetric;
  45         public static Slot transIDslot,specialLogSlot;
  46
  47         public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
  48         public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
  49
  50         public static final int BUCKETSIZE = 2;
  51
  52         public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
  53                 super(env.access(),con, tc, additionalTafLurs);
  54                 this.env = env;
  55                 serviceMetric = new Metric();
  56                 serviceMetric.buckets = new float[BUCKETSIZE];
  57                 if(transIDslot==null) {
  58                         transIDslot = env.slot(TRANS_ID_SLOT);
  59                 }
  60                 if(specialLogSlot==null) {
  61                         specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
  62                 }
  63         }
  64
  65         @Override
  66         protected AuthzTrans newTrans(HttpServletRequest req) {
  67                 AuthzTrans at = env.newTrans();
  68                 at.setLur(getLur());
  69                 at.set(req);
  70                 return at;
  71         }
  72
  73         @Override
  74         protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
  75                 trans.set((HttpServletRequest)request);
  76                 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
  77                 " IP: " + trans.ip() +
  78                 " Port: " + trans.port()
  79                 , Env.SUB);
  80         }
  81
  82         @Override
  83         protected void authenticated(AuthzTrans trans, Principal p) {
  84                 trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
  85         }
  86
  87         @Override
  88         protected void tallyHo(AuthzTrans trans) {
  89                 Boolean b = trans.get(specialLogSlot, false);
  90                 LogTarget lt = b?trans.warn():trans.info();
  91
  92                 if(lt.isLoggable()) {
  93                         // Transaction is done, now post full Audit Trail
  94                         StringBuilder sb = new StringBuilder("AuditTrail\n");
  95                         // We'll grabAct sub-metrics for Remote Calls and JSON
  96                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
  97                         Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
  98
  99                         // Add current Metrics to total metrics
 100                         serviceMetric.total+= m.total;
 101                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 102                                 serviceMetric.buckets[i]+=m.buckets[i];
 103                         }
 104
 105                         Long tsi;
 106                         if((tsi=trans.get(transIDslot, null))!=null) {
 107                                 sb.append("  TraceID=");
 108                                 sb.append(Long.toHexString(tsi));
 109                                 sb.append('\n');
 110                         }
 111                         // Log current info
 112                         sb.append("  Total: ");
 113                         sb.append(m.total);
 114                         sb.append(" Remote: ");
 115                         sb.append(m.buckets[0]);
 116                         sb.append(" JSON: ");
 117                         sb.append(m.buckets[1]);
 118                         lt.log(sb);
 119                 } else {
 120                         // Single Line entry
 121                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
 122                         StringBuilder content = new StringBuilder();
 123                         Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
 124                         // Add current Metrics to total metrics
 125                         serviceMetric.total+= m.total;
 126                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 127                                 serviceMetric.buckets[i]+=m.buckets[i];
 128                         }
 129
 130                         StringBuilder sb = new StringBuilder();
 131                         sb.append("user=");
 132                         Principal p = trans.getUserPrincipal();
 133                         if(p==null) {
 134                                 sb.append("n/a");
 135                         } else {
 136                                 sb.append(p.getName());
 137                                 if(p instanceof TrustPrincipal) {
 138                                         sb.append('(');
 139                                         sb.append(((TrustPrincipal)p).personalName()); // UserChain
 140                                         sb.append(')');
 141                                 } else {
 142                                         sb.append('[');
 143                                         if(p instanceof TaggedPrincipal) {
 144                                                 sb.append(((TaggedPrincipal)p).tag());
 145                                         } else {
 146                                                 sb.append(p.getClass().getSimpleName());
 147                                         }
 148                                         sb.append(']');
 149                                 }
 150                         }
 151                         sb.append(",ip=");
 152                         sb.append(trans.ip());
 153                         sb.append(",port=");
 154                         sb.append(trans.port());
 155 //                      Current code won't ever get here... Always does a Full Audit Trail
 156 //                      Long tsi;
 157 //                      if((tsi=trans.get(transIDslot, null))!=null) {
 158 //                              sb.append(",TraceID=");
 159 //                              sb.append(Long.toHexString(tsi));
 160 //                      }
 161                         sb.append(",ms=");
 162                         sb.append(m.total);
 163                         sb.append(",meth=");
 164                         sb.append(trans.meth());
 165                         sb.append(",path=");
 166                         sb.append(trans.path());
 167
 168                         if(content.length()>0) {
 169                                 sb.append(",msg=\"");
 170                                 int start = content.lastIndexOf(",msg=\"");
 171                                 if(start>=0) {
 172                                         sb.append(content,start+6,content.length()-1);
 173                                 } else {
 174                                         sb.append(content);
 175                                 }
 176                                 sb.append('"');
 177                         }
 178
 179                         trans.warn().log(sb);
 180                 }
 181         }
 182
 183 }