2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service;
26 import javax.servlet.Filter;
28 import org.onap.aaf.auth.cache.Cache;
29 import org.onap.aaf.auth.dao.CassAccess;
30 import org.onap.aaf.auth.dao.hl.Question;
31 import org.onap.aaf.auth.direct.DirectAAFLur;
32 import org.onap.aaf.auth.direct.DirectAAFUserPass;
33 import org.onap.aaf.auth.direct.DirectCertIdentity;
34 import org.onap.aaf.auth.direct.DirectLocatorCreator;
35 import org.onap.aaf.auth.direct.DirectRegistrar;
36 import org.onap.aaf.auth.env.AuthzEnv;
37 import org.onap.aaf.auth.env.AuthzTrans;
38 import org.onap.aaf.auth.env.AuthzTransFilter;
39 import org.onap.aaf.auth.org.OrganizationFactory;
40 import org.onap.aaf.auth.rserv.HttpMethods;
41 import org.onap.aaf.auth.server.AbsService;
42 import org.onap.aaf.auth.server.JettyServiceStarter;
43 import org.onap.aaf.auth.server.Log4JLogIt;
44 import org.onap.aaf.auth.service.api.API_Api;
45 import org.onap.aaf.auth.service.api.API_Approval;
46 import org.onap.aaf.auth.service.api.API_Creds;
47 import org.onap.aaf.auth.service.api.API_Delegate;
48 import org.onap.aaf.auth.service.api.API_History;
49 import org.onap.aaf.auth.service.api.API_Mgmt;
50 import org.onap.aaf.auth.service.api.API_NS;
51 import org.onap.aaf.auth.service.api.API_Perms;
52 import org.onap.aaf.auth.service.api.API_Roles;
53 import org.onap.aaf.auth.service.api.API_User;
54 import org.onap.aaf.auth.service.api.API_UserRole;
55 import org.onap.aaf.auth.service.facade.AuthzFacadeFactory;
56 import org.onap.aaf.auth.service.facade.AuthzFacade_2_0;
57 import org.onap.aaf.auth.service.mapper.Mapper.API;
58 import org.onap.aaf.cadi.CadiException;
59 import org.onap.aaf.cadi.PropAccess;
60 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
61 import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator;
62 import org.onap.aaf.cadi.config.Config;
63 import org.onap.aaf.cadi.register.Registrant;
64 import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
65 import org.onap.aaf.cadi.util.FQI;
66 import org.onap.aaf.misc.env.APIException;
67 import org.onap.aaf.misc.env.Data;
68 import org.onap.aaf.misc.env.Env;
70 import com.datastax.driver.core.Cluster;
72 public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
74 private static final String ORGANIZATION = "Organization.";
76 public final Question question;
77 private AuthzFacade_2_0 facade;
78 private AuthzFacade_2_0 facade_XML;
79 private DirectAAFUserPass directAAFUserPass;
80 private final Cluster cluster;
81 //private final OAuthService oauthService;
84 * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
88 * @throws APIException
90 public AAF_Service( final AuthzEnv env) throws Exception {
91 super(env.access(), env);
93 // Initialize Facade for all uses
94 AuthzTrans trans = env.newTrans();
96 cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
98 // Need Question for Security purposes (direct User/Authz Query in Filter)
99 // Start Background Processing
100 question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
101 DirectCertIdentity.set(question.certDAO);
103 // Have AAFLocator object Create DirectLocators for Location needs
104 AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
106 // Initialize Organizations... otherwise, first pass may miss
107 int org_size = ORGANIZATION.length();
108 for(String n : env.existingStaticSlotNames()) {
109 if(n.startsWith(ORGANIZATION)) {
110 OrganizationFactory.obtain(env, n.substring(org_size));
115 // For direct Introspection needs.
116 //oauthService = new OAuthService(trans, question);
118 facade = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.JSON,question);
119 facade_XML = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.XML,question);
121 directAAFUserPass = new DirectAAFUserPass(trans.env(),question);
123 // Print results and cleanup
124 StringBuilder sb = new StringBuilder();
125 trans.auditTrail(0, sb);
126 if(sb.length()>0)env.init().log(sb);
130 ////////////////////////////////////////////////////////////////////////////
132 // These will always be evaluated first
133 ////////////////////////////////////////////////////////////////////////
134 API_Creds.timeSensitiveInit(env, this, facade,directAAFUserPass);
135 API_Perms.timeSensitiveInit(this, facade);
136 ////////////////////////////////////////////////////////////////////////
138 ////////////////////////////////////////////////////////////////////////
139 API_Creds.init(this, facade);
140 API_UserRole.init(this, facade);
141 API_Roles.init(this, facade);
142 API_Perms.init(this, facade);
143 API_NS.init(this, facade);
144 API_User.init(this, facade);
145 API_Delegate.init(this,facade);
146 API_Approval.init(this, facade);
147 API_History.init(this, facade);
149 ////////////////////////////////////////////////////////////////////////
151 ////////////////////////////////////////////////////////////////////////
152 // There are several APIs around each concept, and it gets a bit too
153 // long in this class to create. The initialization of these Management
154 // APIs have therefore been pushed to StandAlone Classes with static
156 API_Mgmt.init(this, facade);
157 API_Api.init(this, facade);
162 public Filter[] filters() throws CadiException {
163 final String domain = FQI.reverseDomain(access.getProperty("aaf_root_ns","org.osaaf.aaf"));
165 return new Filter[] {new AuthzTransFilter(env, null /* no connection to AAF... it is AAF */,
166 new AAFTrustChecker((Env)env),
167 new DirectAAFLur(env,question), // Note, this will be assigned by AuthzTransFilter to TrustChecker
168 //new DirectOAuthTAF(env,question,OAFacadeFactory.directV1_0(oauthService)),
169 new BasicHttpTaf(env, directAAFUserPass,
170 domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)),
173 } catch (NumberFormatException e) {
174 throw new CadiException("Invalid Property information", e);
178 @SuppressWarnings("unchecked")
180 public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
181 return new Registrant[] {
182 new DirectRegistrar(access,question.locateDAO,app_name,app_interface_version,port)
187 public void destroy() {
197 * Setup XML and JSON implementations for each supported Version type
199 * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
200 * to do Versions and Content switches
203 public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
204 String version = "2.0";
205 Class<?> respCls = facade.mapper().getClass(api);
206 if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
207 String application = applicationJSON(respCls, version);
209 route(env,meth,path,code,application,"application/json;version=2.0","*/*");
210 application = applicationXML(respCls, version);
211 route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=2.0");
215 * Start up AAF_Service as Jetty Service
217 public static void main(final String[] args) {
219 String propsFile = getArg(AAF_LOG4J_PREFIX, args, "org.osaaf")+".log4j.props";
220 String log_dir = getArg(Config.CADI_LOGDIR,args,"./logs");
221 String log_level = getArg(Config.CADI_LOGLEVEL,args,"INFO");
222 File logs = new File(log_dir);
223 if(!logs.isDirectory()) {
229 Log4JLogIt logIt = new Log4JLogIt(log_dir,log_level,propsFile, "authz");
230 PropAccess propAccess = new PropAccess(logIt,args);
232 AbsService<AuthzEnv, AuthzTrans> service = new AAF_Service(new AuthzEnv(propAccess));
233 JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
235 } catch (Exception e) {