2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui;
24 import static org.onap.aaf.misc.xgen.html.HTMLGen.A;
25 import static org.onap.aaf.misc.xgen.html.HTMLGen.H1;
26 import static org.onap.aaf.misc.xgen.html.HTMLGen.LI;
27 import static org.onap.aaf.misc.xgen.html.HTMLGen.TITLE;
28 import static org.onap.aaf.misc.xgen.html.HTMLGen.UL;
31 import java.io.FileInputStream;
32 import java.io.IOException;
33 import java.util.ArrayList;
34 import java.util.HashMap;
35 import java.util.List;
37 import java.util.Properties;
38 import java.util.TreeMap;
40 import javax.servlet.http.Cookie;
41 import javax.servlet.http.HttpServletRequest;
43 import org.onap.aaf.auth.common.Define;
44 import org.onap.aaf.auth.env.AuthzEnv;
45 import org.onap.aaf.auth.env.AuthzTrans;
46 import org.onap.aaf.auth.gui.pages.Home;
47 import org.onap.aaf.cadi.Permission;
48 import org.onap.aaf.cadi.aaf.AAFPermission;
49 import org.onap.aaf.cadi.config.Config;
50 import org.onap.aaf.cadi.principal.TaggedPrincipal;
51 import org.onap.aaf.misc.env.APIException;
52 import org.onap.aaf.misc.env.Env;
53 import org.onap.aaf.misc.env.Slot;
54 import org.onap.aaf.misc.env.StaticSlot;
55 import org.onap.aaf.misc.env.util.Split;
56 import org.onap.aaf.misc.xgen.Cache;
57 import org.onap.aaf.misc.xgen.CacheGen;
58 import org.onap.aaf.misc.xgen.Code;
59 import org.onap.aaf.misc.xgen.DynamicCode;
60 import org.onap.aaf.misc.xgen.Mark;
61 import org.onap.aaf.misc.xgen.html.HTMLCacheGen;
62 import org.onap.aaf.misc.xgen.html.HTMLGen;
63 import org.onap.aaf.misc.xgen.html.Imports;
66 * A Base "Mobile First" Page
71 public class Page extends HTMLCacheGen {
72 public static final String AAF_THEME = "aaf_theme";
73 public static final String AAFURL_TOOLS = "aaf_url.tools";
74 public static final String AAF_URL_TOOL_DOT = "aaf_url.tool.";
75 public static final String AAF_URL_CUIGUI = "aaf_url.cuigui"; // link to help
76 public static final String AAF_URL_GUI_ONBOARD = "aaf_url.gui_onboard";
77 public static final String AAF_URL_AAF_HELP = "aaf_url.aaf_help";
78 public static final String AAF_URL_CADI_HELP = "aaf_url.cadi_help";
79 public static final String PERM_CA_TYPE = "certman";
80 public static final String PERM_NS = Define.ROOT_NS();
82 public static enum BROWSER {iPhone,html5,ie,ieOld};
84 public static final int MAX_LINE = 20;
85 protected static final String[] NO_FIELDS = new String[0];
86 private static final String BROWSER_TYPE = "BROWSER_TYPE";
88 private final String bcName, bcUrl;
89 private final String[] fields;
91 public final boolean no_cache;
93 // Note: Only access is synchronized in "getPerm"
94 private final static Map<String,Map<String,Permission>> perms = new HashMap<>();
96 public String name() {
100 public String url() {
104 public String[] fields() {
108 public Page(AuthzEnv env, String name, String url, Enum<?>[] en, final NamedCode ...content) throws APIException, IOException {
109 super(CacheGen.PRETTY, new PageCode(env, 1, content));
110 fields = new String[en.length];
112 for (Enum<?> p : en) {
113 fields[++i]=p.name();
118 // Mark which fields must be "no_cache"
119 boolean no_cacheTemp=false;
120 for (NamedCode nc : content) {
126 no_cache=no_cacheTemp;
128 public Page(AuthzEnv env, String name, String url, String [] fields, final NamedCode ... content) throws APIException,IOException {
129 this(env,name,url,1,fields,content);
132 public Page(AuthzEnv env, String name, String url, int backdots, String [] fields, final NamedCode ... content) throws APIException,IOException {
133 super(CacheGen.PRETTY, new PageCode(env, backdots, content));
135 this.fields = new String[0];
137 this.fields = fields;
141 // Mark which fields must be "no_cache"
142 boolean no_cacheTemp=false;
143 for (NamedCode nc : content) {
149 no_cache=no_cacheTemp;
153 private static class PageCode implements Code<HTMLGen> {
154 private static final String AAF_GUI_THEME = "aaf.gui.theme";
155 private static final String AAF_GUI_TITLE = "aaf_gui_title";
157 private final ContentCode[] content;
158 private final Slot browserSlot;
159 private final int backdots;
160 protected AuthzEnv env;
161 private StaticSlot sTheme;
162 private static Map<String,List<String>> themes;
163 private static Map<String,Properties> themeProps;
165 public PageCode(AuthzEnv env, int backdots, final ContentCode[] content) {
166 this.content = content;
167 this.backdots = backdots;
168 browserSlot = env.slot(BROWSER_TYPE);
169 sTheme = env.staticSlot(AAF_GUI.AAF_GUI_THEME);
171 getThemeFiles(env,""); //
174 private static synchronized List<String> getThemeFiles(Env env, String theme) {
176 themes = new TreeMap<>();
177 File themeD = new File("theme");
178 if(themeD.exists() && themeD.isDirectory()) {
179 for (File t : themeD.listFiles()) {
180 if(t.isDirectory()) {
181 List<String> la = new ArrayList<>();
182 for(File f : t.listFiles()) {
184 if(f.getName().endsWith(".props")) {
186 if(themeProps == null) {
187 themeProps = new TreeMap<>();
190 props = themeProps.get(t.getName());
193 props = new Properties();
194 themeProps.put(t.getName(), props);
198 FileInputStream fis = new FileInputStream(f);
204 } catch (IOException e) {
212 themes.put(t.getName(),la);
217 return themes.get(theme);
220 protected Imports getImports(Env env, String theme, int backdots, BROWSER browser) {
221 List<String> ls = getThemeFiles(env,theme);
222 Imports imp = new Imports(backdots);
223 String prefix = "theme/" + theme + '/';
225 if(f.endsWith(".js")) {
227 } else if(f.endsWith(".css")) {
228 if(f.endsWith("iPhone.css")) {
229 if(BROWSER.iPhone.equals(browser)) {
232 } else if (f.endsWith("Desktop.css")){
233 if(!BROWSER.iPhone.equals(browser)) {
236 // Make Console specific to Console page
237 } else if (!"console.js".equals(f)) {
246 public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
247 // Note: I found that App Storage saves everything about the page, or not. Thus, if you declare the page uncacheable, none of the
248 // Artifacts, like JPGs are stored, which makes this feature useless for Server driven elements
249 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
251 public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
252 switch(browser(trans,browserSlot)) {
255 hgen.directive("!DOCTYPE html");
256 hgen.directive("meta", "http-equiv=X-UA-Compatible","content=IE=11");
262 final String title = env.getProperty(AAF_GUI_TITLE,"Authentication/Authorization Framework");
263 final String defaultTheme = env.get(sTheme,"onap");
265 Mark head = hgen.head();
266 hgen.leaf(TITLE).text(title).end();
267 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
269 public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
270 BROWSER browser = browser(trans,browserSlot);
272 Cookie[] cookies = trans.hreq().getCookies();
274 for(Cookie c : cookies) {
275 if(AAF_GUI_THEME.equals(c.getName())) {
277 if(!(themes.containsKey(theme))) {
278 theme = defaultTheme;
286 for(String t : themes.keySet()) {
287 if(!t.equals(defaultTheme) && trans.fish(new AAFPermission(null,trans.user()+":id", AAF_GUI_THEME, t))) {
293 theme = defaultTheme;
295 Cookie cookie = new Cookie(AAF_GUI_THEME,theme);
296 cookie.setMaxAge(604_800); // one week
297 trans.hresp().addCookie(cookie);
299 trans.setProperty(Page.AAF_THEME, theme);
301 hgen.imports(getImports(env,theme,backdots,browser));
305 hgen.js().text("document.createElement('header');")
306 .text("document.createElement('nav');")
316 Mark body = hgen.body();
317 Mark header = hgen.header();
318 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
320 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen)
321 throws APIException, IOException {
322 // Obtain Server Info, and print
324 String env = trans.getProperty(Config.AAF_ENV,"N/A");
325 xgen.leaf(H1).text(title + " on " + env).end();
326 xgen.leaf("p","id=version").text("AAF Version: " + state.deployedVersion).end();
328 // Obtain User Info, and print
329 TaggedPrincipal p = trans.getUserPrincipal();
332 user = "please choose a Login Authority";
333 secured = "NOT Secure!";
335 user = p.personalName();
338 xgen.leaf("p","id=welcome").text("Welcome, ")
342 .text("</sup>").end();
344 switch(browser(trans,browserSlot)) {
347 xgen.incr("h5").text("This app is Mobile First HTML5. Internet Explorer "
348 + " does not support all HTML5 standards. Old, non TSS-Standard versions may not function correctly.").br()
349 .text(" For best results, use a highly compliant HTML5 browser like Firefox.")
361 // If BreadCrumbs, put here
362 if (content.length>0 && content[0] instanceof BreadCrumbs) {
364 Mark ctnt = hgen.divID(nc.idattrs());
365 nc.code(cache, hgen);
374 hgen.divID("pageContent");
375 Mark inner = hgen.divID("inner");
377 for (int i=cIdx;i<content.length;++i) {
379 Mark ctnt = hgen.divID(nc.idattrs());
380 nc.code(cache, hgen);
387 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
389 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
390 String theme = trans.getProperty(Page.AAF_THEME);
395 props = themeProps==null?null:themeProps.get(theme);
398 if(props!=null && "TRUE".equalsIgnoreCase(props.getProperty("enable_nav_btn"))) {
399 xgen.leaf("button", "id=navBtn").end();
403 // Adding "nav Hamburger button"
404 // Navigation - Using older Nav to work with decrepit IE versions
405 Mark nav = hgen.divID("nav");
406 cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
408 public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
409 String theme = trans.getProperty(Page.AAF_THEME);
414 props = themeProps==null?null:themeProps.get(theme);
418 if("TRUE".equalsIgnoreCase(props.getProperty("main_menu_in_nav"))) {
419 xgen.incr("h2").text("Navigation").end();
420 Mark mark = new Mark();
421 boolean selected = isSelected(trans.path(),Home.HREF);
422 //trans.path().endsWith("home");
423 xgen.incr(mark,HTMLGen.UL)
424 .incr(HTMLGen.LI,selected?"class=selected":"")
425 .incr(HTMLGen.A, "href=home")
428 boolean noSelection = !selected;
429 for(String[] mi : Home.MENU_ITEMS) {
430 //selected = trans.path().endsWith(mi[0]);
432 selected = isSelected(trans.path(),mi[2]);
433 noSelection = !selected;
437 xgen.incr(HTMLGen.LI,selected?"class=selected":"")
438 .incr(HTMLGen.A, "href="+mi[2])
447 private boolean isSelected(String path, String item) {
448 if(item.equals(path)) {
451 for(ContentCode c : content) {
452 if(c instanceof BreadCrumbs) {
453 Page[] bc = ((BreadCrumbs)c).breadcrumbs;
455 for(int i = bc.length-1;i>0;--i) {
456 if(bc[i].url().equals(item)) {
468 hgen.incr("h2").text("Related Links").end();
470 String aaf_help = env.getProperty(AAF_URL_AAF_HELP,null);
471 if (aaf_help!=null) {
472 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP),"target=_blank").text("AAF WIKI").end(2);
473 String sub = env.getProperty(AAF_URL_AAF_HELP+".sub");
475 hgen.incr(UL,"style=margin-left:5%");
476 for (String s : Split.splitTrim(',', sub)) {
477 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP+".sub."+s),"target=_blank").text(s.replace('+', ' ')).end(2);
482 aaf_help = env.getProperty(AAF_URL_CADI_HELP,null);
483 if (aaf_help!=null) {
484 hgen.leaf(LI).leaf(A,"href="+aaf_help,"target=_blank").text("CADI WIKI").end(2);
486 String tools = env.getProperty(AAFURL_TOOLS);
489 .incr(HTMLGen.UL,"style=margin-left:5%")
490 .leaf(HTMLGen.H3).text("Related Tools").end();
492 for (String tool : Split.splitTrim(',',tools)) {
493 hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_TOOL_DOT+tool),"target=_blank").text(tool.replace('+', ' ')).end(2);
502 // Footer - Using older Footer to work with decrepit IE versions
503 Mark footer = hgen.divID("footer");
504 hgen.textCR(1, env.getProperty(AAF_GUI.AAF_GUI_COPYRIGHT))
512 public static String getBrowserType() {
519 * Use int found in "ieVersion"
522 * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322;
523 * .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
525 * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2;
526 * .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ATT)
528 * IE 11 Compatibility
529 * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727;
530 * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
532 * IE 11 (not Compatiblity)
533 * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727;
534 * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
539 public static BROWSER browser(AuthzTrans trans, Slot slot) {
540 BROWSER br = trans.get(slot, null);
542 String agent = trans.agent();
544 if (agent.contains("iPhone") /* other phones? */) {
546 } else if ((msie = agent.indexOf("MSIE"))>=0) {
548 int end = agent.indexOf(";",msie);
551 ver = Float.valueOf(agent.substring(msie,end));
552 br = ver<8f?BROWSER.ieOld:BROWSER.ie;
553 } catch (Exception e) {
565 * Get, rather than create each time, permissions for validations
567 protected static synchronized Permission getPerm(String instance, String action) {
568 Map<String,Permission> msp = perms.get(instance);
571 msp = new HashMap<>();
572 perms.put(instance, msp);
575 p = msp.get(instance);
578 p=new AAFPermission(PERM_NS, PERM_CA_TYPE,instance,action);
584 protected static String getSingleParam(HttpServletRequest req, String tag) {
585 String values[] = req.getParameterValues(tag);
586 return values.length<1?null:values[0];
Code Review / aaf / authz.git / blob