authz-core/src/main/java/com/att/authz/server/AbsServer.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aaf\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * ===========================================================================\r
   7  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   8  * * you may not use this file except in compliance with the License.\r
   9  * * You may obtain a copy of the License at\r
  10  * * \r
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  12  * * \r
  13  *  * Unless required by applicable law or agreed to in writing, software\r
  14  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  16  * * See the License for the specific language governing permissions and\r
  17  * * limitations under the License.\r
  18  * * ============LICENSE_END====================================================\r
  19  * *\r
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  21  * *\r
  22  ******************************************************************************/\r
  23 package com.att.authz.server;\r
  24 \r
  25 import java.io.IOException;\r
  26 import java.io.InputStream;\r
  27 import java.lang.reflect.Constructor;\r
  28 import java.net.URL;\r
  29 import java.security.GeneralSecurityException;\r
  30 import java.security.Principal;\r
  31 import java.util.Properties;\r
  32 \r
  33 import javax.net.ssl.SSLContext;\r
  34 import javax.net.ssl.SSLSocketFactory;\r
  35 \r
  36 import com.att.authz.common.Define;\r
  37 import com.att.authz.env.AuthzEnv;\r
  38 import com.att.authz.env.AuthzTrans;\r
  39 import com.att.cadi.CadiException;\r
  40 import com.att.cadi.LocatorException;\r
  41 //import com.att.cadi.PropAccess;\r
  42 import com.att.cadi.aaf.v2_0.AAFConHttp;\r
  43 import com.att.cadi.client.Rcli;\r
  44 import com.att.cadi.client.Retryable;\r
  45 import com.att.cadi.config.Config;\r
  46 import com.att.cadi.http.HTransferSS;\r
  47 import com.att.cssa.rserv.RServlet;\r
  48 import com.att.inno.env.APIException;\r
  49 \r
  50 public abstract class AbsServer extends RServlet<AuthzTrans> {\r
  51         private static final String AAF_API_VERSION = "2.0";\r
  52         public final String app;\r
  53         public final AuthzEnv env;\r
  54         public AAFConHttp aafCon;\r
  55 \r
  56     public AbsServer(final AuthzEnv env, final String app) throws CadiException, GeneralSecurityException, IOException {\r
  57         this.env = env;\r
  58         this.app = app;\r
  59         if(env.getProperty(Config.AAF_URL)!=null) {\r
  60                 //aafCon = new AAFConHttp(env);\r
  61         }\r
  62     }\r
  63     \r
  64     // This is a method, so we can overload for AAFAPI\r
  65     public String aaf_url() {\r
  66         return env.getProperty(Config.AAF_URL);\r
  67     }\r
  68     \r
  69         public abstract void startDME2(Properties props) throws Exception;\r
  70         public static void setup(Class<?> abss, String propFile) {\r
  71 \r
  72                 try {\r
  73                         // Load Properties from authFramework.properties.  Needed for DME2 and AuthzEnv\r
  74                         Properties props = new Properties();\r
  75                         URL rsrc = ClassLoader.getSystemResource(propFile);\r
  76                         if(rsrc==null) {\r
  77                                 System.err.println("Folder containing " + propFile + " must be on Classpath");\r
  78                                 System.exit(1);\r
  79                         }\r
  80 \r
  81                         InputStream is = rsrc.openStream();\r
  82                         try {\r
  83                                 props.load(is);\r
  84                         } finally {\r
  85                                 is.close();\r
  86                                 is=null;\r
  87                         }\r
  88 \r
  89                         // Load Properties into AuthzEnv\r
  90                         AuthzEnv env = new AuthzEnv(props);\r
  91                         // Log where Config found\r
  92                         env.init().log("Configuring from",rsrc.getPath());\r
  93                         rsrc = null;\r
  94                         \r
  95                         // Print Cipher Suites Available\r
  96                         if(env.debug().isLoggable()) {\r
  97                                 SSLContext context = SSLContext.getDefault();\r
  98                                 SSLSocketFactory sf = context.getSocketFactory();\r
  99                                 StringBuilder sb = new StringBuilder("Available Cipher Suites: ");\r
 100                                 boolean first = true;\r
 101                                 int count=0;\r
 102                                 for( String cs : sf.getSupportedCipherSuites()) {\r
 103                                         if(first)first = false;\r
 104                                         else sb.append(',');\r
 105                                         sb.append(cs);\r
 106                                         if(++count%4==0){sb.append('\n');}\r
 107                                 }\r
 108                                 env.debug().log(sb);\r
 109                         }\r
 110 \r
 111                         // Set ROOT NS, etc\r
 112                         Define.set(env);\r
 113 \r
 114                         // Convert CADI properties and Encrypted Passwords for these two properties (if exist) \r
 115                         // to DME2 Readable.  Further, Discovery Props are loaded to System if missing.\r
 116                         // May be causing client errors\r
 117                         //Config.cadiToDME2(env,props);\r
 118                         env.init().log("DME2 ServiceName: " + env.getProperty("DMEServiceName","unknown"));\r
 119 \r
 120                         // Construct with Env\r
 121                         Constructor<?> cons = abss.getConstructor(new Class<?>[] {AuthzEnv.class});\r
 122                         // Start DME2 (DME2 needs Properties form of props)\r
 123                         AbsServer s = (AbsServer)cons.newInstance(env);\r
 124                         \r
 125                         // Schedule removal of Clear Text Passwords from System Props (DME2 Requirement) \r
 126 //                      new Timer("PassRemove").schedule(tt, 120000);\r
 127 //                      tt=null;\r
 128                         \r
 129                         s.startDME2(props);\r
 130                 } catch (Exception e) {\r
 131                         e.printStackTrace(System.err);\r
 132                         System.exit(1);\r
 133                 }\r
 134         }\r
 135         \r
 136         public Rcli<?> client() throws CadiException {\r
 137                 return aafCon.client(AAF_API_VERSION);\r
 138         }\r
 139 \r
 140         public Rcli<?> clientAsUser(Principal p) throws CadiException {\r
 141                 return aafCon.client(AAF_API_VERSION).forUser(\r
 142                                 new HTransferSS(p,app, aafCon.securityInfo()));\r
 143         }\r
 144 \r
 145         public<RET> RET clientAsUser(Principal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException  {\r
 146                         return aafCon.hman().best(new HTransferSS(p,app, aafCon.securityInfo()), retryable);\r
 147         }\r
 148 \r
 149 }\r