auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22
  23 package org.onap.aaf.auth.oauth;
  24
  25 import java.io.File;
  26 import java.util.Map;
  27
  28 import javax.servlet.Filter;
  29
  30 import org.onap.aaf.auth.cache.Cache;
  31 import org.onap.aaf.auth.cache.Cache.Dated;
  32 import org.onap.aaf.auth.dao.CassAccess;
  33 import org.onap.aaf.auth.dao.hl.Question;
  34 import org.onap.aaf.auth.direct.DirectLocatorCreator;
  35 import org.onap.aaf.auth.direct.DirectRegistrar;
  36 import org.onap.aaf.auth.env.AuthzEnv;
  37 import org.onap.aaf.auth.env.AuthzTrans;
  38 import org.onap.aaf.auth.env.AuthzTransFilter;
  39 import org.onap.aaf.auth.oauth.api.API_Token;
  40 import org.onap.aaf.auth.oauth.facade.OAFacade;
  41 import org.onap.aaf.auth.oauth.facade.OAFacade1_0;
  42 import org.onap.aaf.auth.oauth.facade.OAFacadeFactory;
  43 import org.onap.aaf.auth.oauth.mapper.Mapper.API;
  44 import org.onap.aaf.auth.oauth.service.OAuthService;
  45 import org.onap.aaf.auth.rserv.HttpCode;
  46 import org.onap.aaf.auth.rserv.HttpMethods;
  47 import org.onap.aaf.auth.server.AbsService;
  48 import org.onap.aaf.auth.server.JettyServiceStarter;
  49 import org.onap.aaf.auth.server.Log4JLogIt;
  50 import org.onap.aaf.cadi.CadiException;
  51 import org.onap.aaf.cadi.LocatorException;
  52 import org.onap.aaf.cadi.PropAccess;
  53 import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
  54 import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
  55 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
  56 import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator;
  57 import org.onap.aaf.cadi.config.Config;
  58 import org.onap.aaf.cadi.oauth.TokenMgr;
  59 import org.onap.aaf.cadi.oauth.TokenMgr.TokenPermLoader;
  60 import org.onap.aaf.cadi.register.Registrant;
  61 import org.onap.aaf.misc.env.APIException;
  62 import org.onap.aaf.misc.env.Env;
  63 import org.onap.aaf.misc.env.Data.TYPE;
  64
  65 import com.datastax.driver.core.Cluster;
  66
  67 import aafoauth.v2_0.Introspect;
  68
  69 public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
  70         private static final String DOT_OAUTH = ".oauth";
  71         public Map<String, Dated> cacheUser;
  72         public AAFAuthn<?> aafAuthn;
  73         public AAFLurPerm aafLurPerm;
  74         private final OAuthService service;
  75         private OAFacade1_0 facade1_0;
  76         private final Question question;
  77         private TokenPermLoader tpLoader;
  78         private final Cluster cluster;
  79
  80         /**
  81          * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
  82          *
  83          * @param env
  84          * @param si
  85          * @param dm
  86          * @param decryptor
  87          * @throws APIException
  88          */
  89         public AAF_OAuth(final AuthzEnv env) throws Exception {
  90                 super(env.access(),env);
  91
  92                 String aaf_env = env.getProperty(Config.AAF_ENV);
  93                 if(aaf_env==null) {
  94                         throw new APIException("aaf_env needs to be set");
  95                 }
  96
  97                 // Initialize Facade for all uses
  98                 AuthzTrans trans = env.newTrans();
  99                 cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
 100
 101                 aafLurPerm = aafCon().newLur();
 102                 // Note: If you need both Authn and Authz construct the following:
 103                 aafAuthn = aafCon().newAuthn(aafLurPerm);
 104
 105                 // Start Background Processing
 106                 //      Question question =
 107                 question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
 108
 109                 // Have AAFLocator object Create DirectLocators for Location needs
 110                 AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
 111
 112
 113                 service = new OAuthService(env.access(),trans,question);
 114                 facade1_0 = OAFacadeFactory.v1_0(this, trans, service, TYPE.JSON);
 115                 StringBuilder sb = new StringBuilder();
 116                 trans.auditTrail(2, sb);
 117                 trans.init().log(sb);
 118
 119                 API_Token.init(this, facade1_0);
 120         }
 121
 122         /**
 123          * Setup XML and JSON implementations for each supported Version type
 124          *
 125          * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
 126          * to do Versions and Content switches
 127          *
 128          */
 129         public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, OAFacade<Introspect>> code) throws Exception {
 130                 String version = "1.0";
 131                 // Get Correct API Class from Mapper
 132                 Class<?> respCls = facade1_0.mapper().getClass(api);
 133                 if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
 134                 // setup Application API HTML ContentTypes for JSON and Route
 135                 String application = applicationJSON(respCls, version);
 136                 if(meth.equals(HttpMethods.POST)) {
 137                         route(env,meth,path,code,application,"application/json;version="+version,"application/x-www-form-urlencoded","*/*");
 138                 } else {
 139                         route(env,meth,path,code,application,"application/json;version="+version,"*/*");
 140                 }
 141         }
 142
 143         @Override
 144         public Filter[] filters() throws CadiException, LocatorException {
 145                 try {
 146                 DirectOAuthTAF doat;
 147                         return new Filter[] {new AuthzTransFilter(env,aafCon(),
 148                                 new AAFTrustChecker((Env)env),
 149                                 doat = new DirectOAuthTAF(env,question,facade1_0),
 150                                 doat.directUserPass()
 151                                 )};
 152                 } catch (NumberFormatException | APIException e) {
 153                         throw new CadiException("Invalid Property information", e);
 154                 }
 155         }
 156
 157
 158         @SuppressWarnings("unchecked")
 159         @Override
 160         public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
 161                 return new Registrant[] {
 162                                 new DirectRegistrar(access,question.locateDAO,app_name,app_version,port),
 163                                 new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".token"),app_version,port),
 164                                 new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".introspect"),app_version,port)
 165
 166                 };
 167         }
 168
 169
 170         @Override
 171         public void destroy() {
 172                 Cache.stopTimer();
 173                 if(service!=null) {
 174                         service.close();
 175                 }
 176                 if(cluster!=null) {
 177                         cluster.close();
 178                 }
 179                 super.destroy();
 180         }
 181
 182         // For use in CADI ONLY
 183         public TokenMgr.TokenPermLoader tpLoader() {
 184                 return tpLoader;
 185         }
 186
 187         public static void main(final String[] args) {
 188                 try {
 189                         String propsFile = getArg(AAF_LOG4J_PREFIX, args, "org.osaaf")+".log4j.props";
 190                         String log_dir = getArg(Config.CADI_LOGDIR,args,"./logs");
 191                         String log_level = getArg(Config.CADI_LOGLEVEL,args,"INFO");
 192                         File logs = new File(log_dir);
 193                         if(!logs.isDirectory()) {
 194                                 logs.delete();
 195                         }
 196                         if(!logs.exists()) {
 197                                 logs.mkdirs();
 198                         }
 199                         Log4JLogIt logIt = new Log4JLogIt(log_dir,log_level,propsFile, "oauth");
 200                         PropAccess propAccess = new PropAccess(logIt,args);
 201
 202                         AAF_OAuth service = new AAF_OAuth(new AuthzEnv(propAccess));
 203                         JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
 204                         jss.start();
 205                 } catch (Exception e) {
 206                         e.printStackTrace();
 207                 }
 208         }
 209 }