auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.env;
  23
  24 import java.security.Principal;
  25
  26 import javax.servlet.ServletRequest;
  27 import javax.servlet.http.HttpServletRequest;
  28
  29 import org.onap.aaf.auth.rserv.TransFilter;
  30 import org.onap.aaf.cadi.CadiException;
  31 import org.onap.aaf.cadi.Connector;
  32 import org.onap.aaf.cadi.TrustChecker;
  33 import org.onap.aaf.cadi.principal.TaggedPrincipal;
  34 import org.onap.aaf.cadi.principal.TrustPrincipal;
  35 import org.onap.aaf.misc.env.Env;
  36 import org.onap.aaf.misc.env.LogTarget;
  37 import org.onap.aaf.misc.env.Slot;
  38 import org.onap.aaf.misc.env.TimeTaken;
  39 import org.onap.aaf.misc.env.Trans.Metric;
  40
  41 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
  42         private AuthzEnv env;
  43         public Metric serviceMetric;
  44         public static Slot transIDslot,specialLogSlot;
  45
  46         public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
  47         public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
  48
  49         public static final int BUCKETSIZE = 2;
  50
  51         public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
  52                 super(env.access(),con, tc, additionalTafLurs);
  53                 this.env = env;
  54                 serviceMetric = new Metric();
  55                 serviceMetric.buckets = new float[BUCKETSIZE];
  56                 if(transIDslot==null) {
  57                         transIDslot = env.slot(TRANS_ID_SLOT);
  58                 }
  59                 if(specialLogSlot==null) {
  60                         specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
  61                 }
  62         }
  63
  64         @Override
  65         protected AuthzTrans newTrans(HttpServletRequest req) {
  66                 AuthzTrans at = env.newTrans();
  67                 at.setLur(getLur());
  68                 at.set(req);
  69                 return at;
  70         }
  71
  72         @Override
  73         protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
  74                 trans.set((HttpServletRequest)request);
  75                 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
  76                 " IP: " + trans.ip() +
  77                 " Port: " + trans.port()
  78                 , Env.SUB);
  79         }
  80
  81         @Override
  82         protected void authenticated(AuthzTrans trans, Principal p) {
  83                 trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
  84         }
  85
  86         @Override
  87         protected void tallyHo(AuthzTrans trans) {
  88                 Boolean b = trans.get(specialLogSlot, false);
  89                 LogTarget lt = b?trans.warn():trans.info();
  90
  91                 if(lt.isLoggable()) {
  92                         // Transaction is done, now post full Audit Trail
  93                         StringBuilder sb = new StringBuilder("AuditTrail\n");
  94                         // We'll grabAct sub-metrics for Remote Calls and JSON
  95                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
  96                         Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
  97
  98                         // Add current Metrics to total metrics
  99                         serviceMetric.total+= m.total;
 100                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 101                                 serviceMetric.buckets[i]+=m.buckets[i];
 102                         }
 103
 104                         Long tsi;
 105                         if((tsi=trans.get(transIDslot, null))!=null) {
 106                                 sb.append("  TraceID=");
 107                                 sb.append(Long.toHexString(tsi));
 108                                 sb.append('\n');
 109                         }
 110                         // Log current info
 111                         sb.append("  Total: ");
 112                         sb.append(m.total);
 113                         sb.append(" Remote: ");
 114                         sb.append(m.buckets[0]);
 115                         sb.append(" JSON: ");
 116                         sb.append(m.buckets[1]);
 117                         lt.log(sb);
 118                 } else {
 119                         // Single Line entry
 120                         // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
 121                         StringBuilder content = new StringBuilder();
 122                         Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
 123                         // Add current Metrics to total metrics
 124                         serviceMetric.total+= m.total;
 125                         for(int i=0;i<serviceMetric.buckets.length;++i) {
 126                                 serviceMetric.buckets[i]+=m.buckets[i];
 127                         }
 128
 129                         StringBuilder sb = new StringBuilder();
 130                         sb.append("user=");
 131                         Principal p = trans.getUserPrincipal();
 132                         if(p==null) {
 133                                 sb.append("n/a");
 134                         } else {
 135                                 sb.append(p.getName());
 136                                 if(p instanceof TrustPrincipal) {
 137                                         sb.append('(');
 138                                         sb.append(((TrustPrincipal)p).personalName()); // UserChain
 139                                         sb.append(')');
 140                                 } else {
 141                                         sb.append('[');
 142                                         if(p instanceof TaggedPrincipal) {
 143                                                 sb.append(((TaggedPrincipal)p).tag());
 144                                         } else {
 145                                                 sb.append(p.getClass().getSimpleName());
 146                                         }
 147                                         sb.append(']');
 148                                 }
 149                         }
 150                         sb.append(",ip=");
 151                         sb.append(trans.ip());
 152                         sb.append(",port=");
 153                         sb.append(trans.port());
 154 //                      Current code won't ever get here... Always does a Full Audit Trail
 155 //                      Long tsi;
 156 //                      if((tsi=trans.get(transIDslot, null))!=null) {
 157 //                              sb.append(",TraceID=");
 158 //                              sb.append(Long.toHexString(tsi));
 159 //                      }
 160                         sb.append(",ms=");
 161                         sb.append(m.total);
 162                         sb.append(",meth=");
 163                         sb.append(trans.meth());
 164                         sb.append(",path=");
 165                         sb.append(trans.path());
 166
 167                         if(content.length()>0) {
 168                                 sb.append(",msg=\"");
 169                                 int start = content.lastIndexOf(",msg=\"");
 170                                 if(start>=0) {
 171                                         sb.append(content,start+6,content.length()-1);
 172                                 } else {
 173                                         sb.append(content);
 174                                 }
 175                                 sb.append('"');
 176                         }
 177
 178                         trans.warn().log(sb);
 179                 }
 180         }
 181
 182 }