authz-gui/src/main/java/com/att/authz/gui/AuthGUI.java

   1 /*******************************************************************************
   2  * Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
   3  *******************************************************************************/
   4 package com.att.authz.gui;
   5
   6 import static com.att.cssa.rserv.HttpMethods.GET;
   7 import static com.att.cssa.rserv.HttpMethods.POST;
   8 import static com.att.cssa.rserv.HttpMethods.PUT;
   9
  10 import java.io.IOException;
  11 import java.security.GeneralSecurityException;
  12 import java.util.ArrayList;
  13 import java.util.EnumSet;
  14 import java.util.List;
  15 import java.util.Properties;
  16
  17 import com.att.aft.dme2.api.DME2Exception;
  18 import com.att.aft.dme2.api.DME2Manager;
  19 import com.att.aft.dme2.api.DME2Server;
  20 import com.att.aft.dme2.api.DME2ServerProperties;
  21 import com.att.aft.dme2.api.DME2ServiceHolder;
  22 import com.att.aft.dme2.api.util.DME2FilterHolder;
  23 import com.att.aft.dme2.api.util.DME2FilterHolder.RequestDispatcherType;
  24 import com.att.aft.dme2.api.util.DME2ServletHolder;
  25 import com.att.authz.common.Define;
  26 import com.att.authz.cui.CUI;
  27 import com.att.authz.env.AuthzEnv;
  28 import com.att.authz.env.AuthzTrans;
  29 import com.att.authz.env.AuthzTransFilter;
  30 import com.att.authz.env.AuthzTransOnlyFilter;
  31 import com.att.authz.gui.pages.ApiDocs;
  32 import com.att.authz.gui.pages.ApiExample;
  33 import com.att.authz.gui.pages.ApprovalAction;
  34 import com.att.authz.gui.pages.ApprovalForm;
  35 import com.att.authz.gui.pages.Home;
  36 import com.att.authz.gui.pages.LoginLanding;
  37 import com.att.authz.gui.pages.LoginLandingAction;
  38 import com.att.authz.gui.pages.NsDetail;
  39 import com.att.authz.gui.pages.NsHistory;
  40 import com.att.authz.gui.pages.NsInfoAction;
  41 import com.att.authz.gui.pages.NsInfoForm;
  42 import com.att.authz.gui.pages.NssShow;
  43 import com.att.authz.gui.pages.PassChangeAction;
  44 import com.att.authz.gui.pages.PassChangeForm;
  45 import com.att.authz.gui.pages.PendingRequestsShow;
  46 import com.att.authz.gui.pages.PermDetail;
  47 import com.att.authz.gui.pages.PermGrantAction;
  48 import com.att.authz.gui.pages.PermGrantForm;
  49 import com.att.authz.gui.pages.PermHistory;
  50 import com.att.authz.gui.pages.PermsShow;
  51 import com.att.authz.gui.pages.RequestDetail;
  52 import com.att.authz.gui.pages.RoleDetail;
  53 import com.att.authz.gui.pages.RoleHistory;
  54 import com.att.authz.gui.pages.RolesShow;
  55 import com.att.authz.gui.pages.UserRoleExtend;
  56 import com.att.authz.gui.pages.UserRoleRemove;
  57 import com.att.authz.gui.pages.WebCommand;
  58 import com.att.authz.org.OrganizationFactory;
  59 import com.att.authz.server.AbsServer;
  60 import org.onap.aaf.cadi.CadiException;
  61 import org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker;
  62 import org.onap.aaf.cadi.client.Future;
  63 import org.onap.aaf.cadi.config.Config;
  64 import com.att.cssa.rserv.CachingFileAccess;
  65 import org.onap.aaf.inno.env.APIException;
  66 import org.onap.aaf.inno.env.Env;
  67 import org.onap.aaf.inno.env.Slot;
  68 import org.onap.aaf.rosetta.env.RosettaDF;
  69 import com.att.xgen.html.HTMLGen;
  70 import com.att.xgen.html.State;
  71
  72 import aaf.v2_0.Api;
  73 import aaf.v2_0.Approvals;
  74 import aaf.v2_0.CredRequest;
  75 import aaf.v2_0.Error;
  76 import aaf.v2_0.History;
  77 import aaf.v2_0.Nss;
  78 import aaf.v2_0.Perms;
  79 import aaf.v2_0.RolePermRequest;
  80 import aaf.v2_0.Roles;
  81 import aaf.v2_0.UserRoles;
  82 import aaf.v2_0.Users;
  83
  84 public class AuthGUI extends AbsServer implements State<Env>{
  85         public static final int TIMEOUT = 60000;
  86         public static final String app = "AAF GUI";
  87
  88         public RosettaDF<Perms> permsDF;
  89         public RosettaDF<Roles> rolesDF;
  90         public RosettaDF<Users> usersDF;
  91         public RosettaDF<UserRoles> userrolesDF;
  92         public RosettaDF<CredRequest> credReqDF;
  93         public RosettaDF<RolePermRequest> rolePermReqDF;
  94         public RosettaDF<Approvals> approvalsDF;
  95         public RosettaDF<Nss> nssDF;
  96         public RosettaDF<Api> apiDF;
  97         public RosettaDF<Error> errDF;
  98         public RosettaDF<History> historyDF;
  99
 100         public final AuthzEnv env;
 101         public final Slot slot_httpServletRequest;
 102
 103         public AuthGUI(final AuthzEnv env) throws CadiException, GeneralSecurityException, IOException, APIException {
 104                 super(env,app);
 105                 this.env = env;
 106
 107                 env.setLog4JNames("log4j.properties","authz","gui","audit","init","trace ");
 108                 OrganizationFactory.setDefaultOrg(env, "com.att.authz.org.att.ATT");
 109
 110
 111                 slot_httpServletRequest = env.slot("HTTP_SERVLET_REQUEST");
 112
 113                 permsDF = env.newDataFactory(Perms.class);
 114                 rolesDF = env.newDataFactory(Roles.class);
 115 //                      credsDF = env.newDataFactory(Cred.class);
 116                 usersDF = env.newDataFactory(Users.class);
 117                 userrolesDF = env.newDataFactory(UserRoles.class);
 118                 credReqDF = env.newDataFactory(CredRequest.class);
 119                 rolePermReqDF = env.newDataFactory(RolePermRequest.class);
 120                 approvalsDF = env.newDataFactory(Approvals.class);
 121                 nssDF = env.newDataFactory(Nss.class);
 122                 apiDF = env.newDataFactory(Api.class);
 123                 errDF   = env.newDataFactory(Error.class);
 124                 historyDF = env.newDataFactory(History.class);
 125
 126                 /////////////////////////
 127                 // Screens
 128                 /////////////////////////
 129                 // Start Screen
 130                 final Page start = new Display(this, GET, new Home(this)).page();
 131
 132                 // MyPerms Screens
 133                 final Page myPerms = new Display(this, GET, new PermsShow(this, start)).page();
 134                 Page permDetail = new Display(this, GET, new PermDetail(this, start, myPerms)).page();
 135                                                         new Display(this, GET, new PermHistory(this,start,myPerms,permDetail));
 136
 137                 // MyRoles Screens
 138                 final Page myRoles = new Display(this, GET, new RolesShow(this, start)).page();
 139                 Page roleDetail = new Display(this, GET, new RoleDetail(this, start, myRoles)).page();
 140                                                         new Display(this, GET, new RoleHistory(this,start,myRoles,roleDetail));
 141
 142                 // MyNameSpace
 143                 final Page myNamespaces = new Display(this, GET, new NssShow(this, start)).page();
 144                 Page nsDetail = new Display(this, GET, new NsDetail(this, start, myNamespaces)).page();
 145                                                 new Display(this, GET, new NsHistory(this, start,myNamespaces,nsDetail));
 146
 147                 // Password Change Screens
 148                 final Page pwc = new Display(this, GET, new PassChangeForm(this, start)).page();
 149                                                  new Display(this, POST, new PassChangeAction(this, start, pwc));
 150
 151                 // Validation Change Screens
 152                 final Page validate = new Display(this, GET, new ApprovalForm(this, start)).page();
 153                                                           new Display(this, POST, new ApprovalAction(this, start, validate));
 154
 155                 // Onboard, Detailed Edit  Screens
 156                 final Page onb = new Display(this, GET, new NsInfoForm(this, start)).page();
 157                                                  new Display(this, POST, new NsInfoAction(this, start, onb));
 158
 159                 // Web Command Screens
 160                 /* final Page webCommand =*/ new Display(this, GET, new WebCommand(this, start)).page();
 161
 162                 // API Docs
 163                 final Page apidocs = new Display(this, GET, new ApiDocs(this, start)).page();
 164                                                          new Display(this, GET, new ApiExample(this,start, apidocs)).page();
 165
 166                 // Permission Grant Page
 167                 final Page permGrant =  new Display(this, GET, new PermGrantForm(this, start)).page();
 168                                                                 new Display(this, POST, new PermGrantAction(this, start, permGrant)).page();
 169
 170                 // Login Landing if no credentials detected
 171                 final Page loginLanding = new Display(this, GET, new LoginLanding(this, start)).page();
 172                                                                   new Display(this, POST, new LoginLandingAction(this, start, loginLanding));
 173
 174                 // User Role Request Extend and Remove
 175                 new Display(this, GET, new UserRoleExtend(this, start,myRoles)).page();
 176                 new Display(this, GET, new UserRoleRemove(this, start,myRoles)).page();
 177
 178                 // See my Pending Requests
 179                 final Page requestsShow = new Display(this, GET, new PendingRequestsShow(this, start)).page();
 180                                                                   new Display(this, GET, new RequestDetail(this, start, requestsShow));
 181
 182                 // Command line Mechanism
 183                 route(env, PUT, "/gui/cui", new CUI(this),"text/plain;charset=utf-8","*/*");
 184
 185                 ///////////////////////
 186                 // WebContent Handler
 187                 ///////////////////////
 188                 route(env,GET,"/theme/:key", new CachingFileAccess<AuthzTrans>(env,
 189                                 CachingFileAccess.CFA_WEB_DIR,"theme"));
 190                 ///////////////////////
 191         }
 192
 193         public static void main(String[] args) {
 194                 setup(AuthGUI.class, "authGUI.props");
 195         }
 196
 197         /**
 198          * Start up AuthzAPI as DME2 Service
 199          * @param env
 200          * @param props
 201          * @throws DME2Exception
 202          * @throws CadiException
 203          */
 204         public void startDME2(Properties props) throws DME2Exception, CadiException {
 205
 206                 DME2Manager dme2 = new DME2Manager("AAF GUI DME2Manager", props);
 207         DME2ServiceHolder svcHolder;
 208         List<DME2ServletHolder> slist = new ArrayList<DME2ServletHolder>();
 209         svcHolder = new DME2ServiceHolder();
 210         String serviceName = env.getProperty("DMEServiceName",null);
 211         if(serviceName!=null) {
 212                 svcHolder.setServiceURI(serviceName);
 213                 svcHolder.setManager(dme2);
 214                 svcHolder.setContext("/");
 215
 216
 217                 DME2ServletHolder srvHolder = new DME2ServletHolder(this, new String[]{"/gui"});
 218                 srvHolder.setContextPath("/*");
 219                 slist.add(srvHolder);
 220
 221                 EnumSet<RequestDispatcherType> edlist = EnumSet.of(
 222                                 RequestDispatcherType.REQUEST,
 223                                 RequestDispatcherType.FORWARD,
 224                                 RequestDispatcherType.ASYNC
 225                                 );
 226
 227                 ///////////////////////
 228                 // Apply Filters
 229                 ///////////////////////
 230                 List<DME2FilterHolder> flist = new ArrayList<DME2FilterHolder>();
 231
 232                 // Secure all GUI interactions with AuthzTransFilter
 233                 flist.add(new DME2FilterHolder(new AuthzTransFilter(env, aafCon, new AAFTrustChecker(
 234                                 env.getProperty(Config.CADI_TRUST_PROP, Config.CADI_USER_CHAIN),
 235                                 Define.ROOT_NS + ".mechid|"+Define.ROOT_COMPANY+"|trust"
 236                         )),"/gui/*", edlist));
 237
 238                 // Don't need security for display Artifacts or login page
 239                 AuthzTransOnlyFilter atof;
 240                 flist.add(new DME2FilterHolder(atof =new AuthzTransOnlyFilter(env),"/theme/*", edlist));
 241                 flist.add(new DME2FilterHolder(atof,"/js/*", edlist));
 242                 flist.add(new DME2FilterHolder(atof,"/login/*", edlist));
 243
 244                 svcHolder.setFilters(flist);
 245                 svcHolder.setServletHolders(slist);
 246
 247                 DME2Server dme2svr = dme2.getServer();
 248 //              dme2svr.setGracefulShutdownTimeMs(1000);
 249
 250                 env.init().log("Starting AAF GUI with Jetty/DME2 server...");
 251                 dme2svr.start();
 252                 DME2ServerProperties dsprops = dme2svr.getServerProperties();
 253                 try {
 254 //                      if(env.getProperty("NO_REGISTER",null)!=null)
 255                         dme2.bindService(svcHolder);
 256                         env.init().log("DME2 is available as HTTP"+(dsprops.isSslEnable()?"/S":""),"on port:",dsprops.getPort());
 257
 258                     while(true) { // Per DME2 Examples...
 259                         Thread.sleep(5000);
 260                     }
 261                 } catch(InterruptedException e) {
 262                     env.init().log("AAF Jetty Server interrupted!");
 263                 } catch(Exception e) { // Error binding service doesn't seem to stop DME2 or Process
 264                     env.init().log(e,"DME2 Initialization Error");
 265                         dme2svr.stop();
 266                         System.exit(1);
 267                 }
 268         } else {
 269                 env.init().log("Properties must contain DMEServiceName");
 270         }
 271         }
 272
 273
 274         public AuthzEnv env() {
 275                 return env;
 276         }
 277
 278         /**
 279          * Derive API Error Class from AAF Response (future)
 280          */
 281         public Error getError(AuthzTrans trans, Future<?> fp) {
 282 //              try {
 283                         String text = fp.body();
 284                         Error err = new Error();
 285                         err.setMessageId(Integer.toString(fp.code()));
 286                         if(text==null || text.length()==0) {
 287                                 err.setText("**No Message**");
 288                         } else {
 289                                 err.setText(fp.body());
 290                         }
 291                         return err;
 292 //              } catch (APIException e) {
 293 //                      Error err = new Error();
 294 //                      err.setMessageId(Integer.toString(fp.code()));
 295 //                      err.setText("Could not obtain response from AAF Message: " + e.getMessage());
 296 //                      return err;
 297 //              }
 298         }
 299
 300         public void writeError(AuthzTrans trans, Future<?> fp, HTMLGen hgen) {
 301                 Error err = getError(trans,fp);
 302
 303                 String messageBody = err.getText();
 304                 List<String> vars = err.getVariables();
 305                 for (int varCounter=0;varCounter<vars.size();) {
 306                         String var = vars.get(varCounter++);
 307                         if (messageBody.indexOf("%" + varCounter) >= 0) {
 308                                 messageBody = messageBody.replace("%" + varCounter, var);
 309                         }
 310                 }
 311
 312                 String msg = "[" + err.getMessageId() + "] " + messageBody;
 313                 if(hgen!=null) {
 314                         hgen.text(msg);
 315                 }
 316                 trans.checkpoint("AAF Error: " + msg);
 317         }
 318
 319 }