auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21
  22 package org.onap.aaf.auth.service;
  23
  24 import java.io.File;
  25
  26 import javax.servlet.Filter;
  27
  28 import org.onap.aaf.auth.cache.Cache;
  29 import org.onap.aaf.auth.dao.CassAccess;
  30 import org.onap.aaf.auth.dao.hl.Question;
  31 import org.onap.aaf.auth.direct.DirectAAFLur;
  32 import org.onap.aaf.auth.direct.DirectAAFUserPass;
  33 import org.onap.aaf.auth.direct.DirectCertIdentity;
  34 import org.onap.aaf.auth.direct.DirectLocatorCreator;
  35 import org.onap.aaf.auth.direct.DirectRegistrar;
  36 import org.onap.aaf.auth.env.AuthzEnv;
  37 import org.onap.aaf.auth.env.AuthzTrans;
  38 import org.onap.aaf.auth.env.AuthzTransFilter;
  39 import org.onap.aaf.auth.org.OrganizationFactory;
  40 import org.onap.aaf.auth.rserv.HttpMethods;
  41 import org.onap.aaf.auth.server.AbsService;
  42 import org.onap.aaf.auth.server.JettyServiceStarter;
  43 import org.onap.aaf.auth.server.Log4JLogIt;
  44 import org.onap.aaf.auth.service.api.API_Api;
  45 import org.onap.aaf.auth.service.api.API_Approval;
  46 import org.onap.aaf.auth.service.api.API_Creds;
  47 import org.onap.aaf.auth.service.api.API_Delegate;
  48 import org.onap.aaf.auth.service.api.API_History;
  49 import org.onap.aaf.auth.service.api.API_Mgmt;
  50 import org.onap.aaf.auth.service.api.API_NS;
  51 import org.onap.aaf.auth.service.api.API_Perms;
  52 import org.onap.aaf.auth.service.api.API_Roles;
  53 import org.onap.aaf.auth.service.api.API_User;
  54 import org.onap.aaf.auth.service.api.API_UserRole;
  55 import org.onap.aaf.auth.service.facade.AuthzFacadeFactory;
  56 import org.onap.aaf.auth.service.facade.AuthzFacade_2_0;
  57 import org.onap.aaf.auth.service.mapper.Mapper.API;
  58 import org.onap.aaf.cadi.CadiException;
  59 import org.onap.aaf.cadi.PropAccess;
  60 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
  61 import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator;
  62 import org.onap.aaf.cadi.config.Config;
  63 import org.onap.aaf.cadi.register.Registrant;
  64 import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
  65 import org.onap.aaf.cadi.util.FQI;
  66 import org.onap.aaf.misc.env.APIException;
  67 import org.onap.aaf.misc.env.Data;
  68 import org.onap.aaf.misc.env.Env;
  69
  70 import com.datastax.driver.core.Cluster;
  71
  72 public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
  73
  74         private static final String ORGANIZATION = "Organization.";
  75
  76         public final Question question;
  77         private AuthzFacade_2_0 facade;
  78         private AuthzFacade_2_0 facade_XML;
  79         private DirectAAFUserPass directAAFUserPass;
  80         private final Cluster cluster;
  81         //private final OAuthService oauthService;
  82
  83         /**
  84          * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
  85          *
  86          * @param env
  87          * @param decryptor
  88          * @throws APIException
  89          */
  90         public AAF_Service( final AuthzEnv env) throws Exception {
  91                 super(env.access(), env);
  92
  93                 // Initialize Facade for all uses
  94                 AuthzTrans trans = env.newTrans();
  95
  96                 cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
  97
  98                 // Need Question for Security purposes (direct User/Authz Query in Filter)
  99                 // Start Background Processing
 100                 question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
 101                 DirectCertIdentity.set(question.certDAO);
 102
 103                 // Have AAFLocator object Create DirectLocators for Location needs
 104                 AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
 105
 106                 // Initialize Organizations... otherwise, first pass may miss
 107                 int org_size = ORGANIZATION.length();
 108                 for(String n : env.existingStaticSlotNames()) {
 109                         if(n.startsWith(ORGANIZATION)) {
 110                                 OrganizationFactory.obtain(env, n.substring(org_size));
 111                         }
 112                 }
 113
 114
 115                 // For direct Introspection needs.
 116                 //oauthService = new OAuthService(trans, question);
 117
 118                 facade = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.JSON,question);
 119                 facade_XML = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.XML,question);
 120
 121                 directAAFUserPass = new DirectAAFUserPass(trans.env(),question);
 122
 123                 // Print results and cleanup
 124                 StringBuilder sb = new StringBuilder();
 125                 trans.auditTrail(0, sb);
 126                 if(sb.length()>0)env.init().log(sb);
 127                 trans = null;
 128                 sb = null;
 129
 130                 ////////////////////////////////////////////////////////////////////////////
 131                 // Time Critical
 132                 //  These will always be evaluated first
 133                 ////////////////////////////////////////////////////////////////////////
 134                 API_Creds.timeSensitiveInit(env, this, facade,directAAFUserPass);
 135                 API_Perms.timeSensitiveInit(this, facade);
 136                 ////////////////////////////////////////////////////////////////////////
 137                 // Service APIs
 138                 ////////////////////////////////////////////////////////////////////////
 139                 API_Creds.init(this, facade);
 140                 API_UserRole.init(this, facade);
 141                 API_Roles.init(this, facade);
 142                 API_Perms.init(this, facade);
 143                 API_NS.init(this, facade);
 144                 API_User.init(this, facade);
 145                 API_Delegate.init(this,facade);
 146                 API_Approval.init(this, facade);
 147                 API_History.init(this, facade);
 148
 149                 ////////////////////////////////////////////////////////////////////////
 150                 // Management APIs
 151                 ////////////////////////////////////////////////////////////////////////
 152                 // There are several APIs around each concept, and it gets a bit too
 153                 // long in this class to create.  The initialization of these Management
 154                 // APIs have therefore been pushed to StandAlone Classes with static
 155                 // init functions
 156                 API_Mgmt.init(this, facade);
 157                 API_Api.init(this, facade);
 158
 159         }
 160
 161         @Override
 162         public Filter[] filters() throws CadiException {
 163                 final String domain = FQI.reverseDomain(access.getProperty("aaf_root_ns","org.osaaf.aaf"));
 164                 try {
 165                                 return new Filter[] {new AuthzTransFilter(env, null /* no connection to AAF... it is AAF */,
 166                                                 new AAFTrustChecker((Env)env),
 167                                                 new DirectAAFLur(env,question), // Note, this will be assigned by AuthzTransFilter to TrustChecker
 168                                                 //new DirectOAuthTAF(env,question,OAFacadeFactory.directV1_0(oauthService)),
 169                                                 new BasicHttpTaf(env, directAAFUserPass,
 170                                                         domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)),
 171                                                         false)
 172                                         )};
 173                 } catch (NumberFormatException e) {
 174                         throw new CadiException("Invalid Property information", e);
 175                 }
 176         }
 177
 178         @SuppressWarnings("unchecked")
 179         @Override
 180         public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
 181                 return new Registrant[] {
 182                         new DirectRegistrar(access,question.locateDAO,app_name,app_interface_version,port)
 183                 };
 184         }
 185
 186         @Override
 187         public void destroy() {
 188                 Cache.stopTimer();
 189                 if(cluster!=null) {
 190                         cluster.close();
 191                 }
 192                 super.destroy();
 193         }
 194
 195
 196         /**
 197          * Setup XML and JSON implementations for each supported Version type
 198          *
 199          * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
 200          * to do Versions and Content switches
 201          *
 202          */
 203         public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
 204                 String version = "2.0";
 205                 Class<?> respCls = facade.mapper().getClass(api);
 206                 if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
 207                 String application = applicationJSON(respCls, version);
 208
 209                 route(env,meth,path,code,application,"application/json;version=2.0","*/*");
 210                 application = applicationXML(respCls, version);
 211                 route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=2.0");
 212         }
 213
 214         /**
 215          * Start up AAF_Service as Jetty Service
 216          */
 217         public static void main(final String[] args) {
 218                 try {
 219                         String propsFile = getArg(AAF_LOG4J_PREFIX, args, "org.osaaf")+".log4j.props";
 220                         String log_dir = getArg(Config.CADI_LOGDIR,args,"./logs");
 221                         String log_level = getArg(Config.CADI_LOGLEVEL,args,"INFO");
 222                         File logs = new File(log_dir);
 223                         if(!logs.isDirectory()) {
 224                                 logs.delete();
 225                         }
 226                         if(!logs.exists()) {
 227                                 logs.mkdirs();
 228                         }
 229                         Log4JLogIt logIt = new Log4JLogIt(log_dir,log_level,propsFile, "authz");
 230                         PropAccess propAccess = new PropAccess(logIt,args);
 231
 232                         AbsService<AuthzEnv, AuthzTrans> service = new AAF_Service(new AuthzEnv(propAccess));
 233                         JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
 234                         jss.start();
 235                 } catch (Exception e) {
 236                         e.printStackTrace();
 237                 }
 238         }
 239 }