[aaf/authz.git] / authz-gw / src / main / java / org / onap / aaf / authz / gw / GwAPI.java

/*******************************************************************************\r
 * ============LICENSE_START====================================================\r
 * * org.onap.aaf\r
 * * ===========================================================================\r
 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
 * * ===========================================================================\r
 * * Licensed under the Apache License, Version 2.0 (the "License");\r
 * * you may not use this file except in compliance with the License.\r
 * * You may obtain a copy of the License at\r
 * * \r
 *  *      http://www.apache.org/licenses/LICENSE-2.0\r
 * * \r
 *  * Unless required by applicable law or agreed to in writing, software\r
 * * distributed under the License is distributed on an "AS IS" BASIS,\r
 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 * * See the License for the specific language governing permissions and\r
 * * limitations under the License.\r
 * * ============LICENSE_END====================================================\r
 * *\r
 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
 * *\r
 ******************************************************************************/\r
package org.onap.aaf.authz.gw;\r
\r
import java.net.HttpURLConnection;\r
import java.util.ArrayList;\r
import java.util.EnumSet;\r
import java.util.List;\r
import java.util.Map;\r
import java.util.Properties;\r
\r
import org.onap.aaf.authz.env.AuthzEnv;\r
import org.onap.aaf.authz.gw.api.API_AAFAccess;\r
import org.onap.aaf.authz.gw.api.API_Api;\r
import org.onap.aaf.authz.gw.api.API_Find;\r
import org.onap.aaf.authz.gw.api.API_Proxy;\r
import org.onap.aaf.authz.gw.api.API_TGuard;\r
import org.onap.aaf.authz.gw.facade.GwFacade_1_0;\r
import org.onap.aaf.authz.gw.mapper.Mapper.API;\r
import org.onap.aaf.authz.server.AbsServer;\r
import org.onap.aaf.cache.Cache;\r
import org.onap.aaf.cache.Cache.Dated;\r
import org.onap.aaf.cssa.rserv.HttpMethods;\r
\r
import com.att.aft.dme2.api.DME2Exception;\r
\r
import com.att.aft.dme2.api.DME2Manager;\r
import com.att.aft.dme2.api.DME2Server;\r
import com.att.aft.dme2.api.DME2ServerProperties;\r
import com.att.aft.dme2.api.DME2ServiceHolder;\r
import com.att.aft.dme2.api.util.DME2FilterHolder;\r
import com.att.aft.dme2.api.util.DME2FilterHolder.RequestDispatcherType;\r
import com.att.aft.dme2.api.util.DME2ServletHolder;\r
import org.onap.aaf.cadi.CadiException;\r
//import org.onap.aaf.cadi.PropAccess;\r
import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;\r
import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;\r
import org.onap.aaf.cadi.config.Config;\r
import org.onap.aaf.inno.env.APIException;\r
\r
public class GwAPI extends AbsServer {\r
        private static final String USER_PERMS = "userPerms";\r
        private GwFacade_1_0 facade; // this is the default Facade\r
        private GwFacade_1_0 facade_1_0_XML;\r
        public Map<String, Dated> cacheUser;\r
        public final String aafurl;\r
        public final AAFAuthn<HttpURLConnection> aafAuthn;\r
        public final AAFLurPerm aafLurPerm;\r
        public DME2Manager dme2Man;\r
\r
        \r
        /**\r
         * Construct AuthzAPI with all the Context Supporting Routes that Authz needs\r
         * \r
         * @param env\r
         * @param si \r
         * @param dm \r
         * @param decryptor \r
         * @throws APIException \r
         */\r
        public GwAPI(AuthzEnv env) throws Exception {\r
                super(env,"AAF GW");\r
                aafurl = env.getProperty(Config.AAF_URL); \r
\r
                // Setup Logging\r
                //env.setLog4JNames("log4j.properties","authz","gw","audit","init","trace");\r
\r
                aafLurPerm = aafCon.newLur();\r
                // Note: If you need both Authn and Authz construct the following:\r
                aafAuthn = aafCon.newAuthn(aafLurPerm);\r
\r
                // Initialize Facade for all uses\r
                //AuthzTrans trans = env.newTrans();\r
\r
        //      facade = GwFacadeFactory.v1_0(env,trans,Data.TYPE.JSON);   // Default Facade\r
        //      facade_1_0_XML = GwFacadeFactory.v1_0(env,trans,Data.TYPE.XML);\r
\r
                synchronized(env) {\r
                        if(cacheUser == null) {\r
                                cacheUser = Cache.obtain(USER_PERMS);\r
                                //Cache.startCleansing(env, USER_PERMS);\r
                                Cache.addShutdownHook(); // Setup Shutdown Hook to close cache\r
                        }\r
                }\r
                \r
                ////////////////////////////////////////////////////////////////////////////\r
                // Time Critical\r
                //  These will always be evaluated first\r
                ////////////////////////////////////////////////////////////////////////\r
                API_AAFAccess.init(this,facade);\r
                API_Find.init(this, facade);\r
                API_TGuard.init(this, facade);\r
                API_Proxy.init(this, facade);\r
                \r
                ////////////////////////////////////////////////////////////////////////\r
                // Management APIs\r
                ////////////////////////////////////////////////////////////////////////\r
                // There are several APIs around each concept, and it gets a bit too\r
                // long in this class to create.  The initialization of these Management\r
                // APIs have therefore been pushed to StandAlone Classes with static\r
                // init functions\r
                API_Api.init(this, facade);\r
\r
                ////////////////////////////////////////////////////////////////////////\r
                // Default Function\r
                ////////////////////////////////////////////////////////////////////////\r
                API_AAFAccess.initDefault(this,facade);\r
\r
        }\r
        \r
        /**\r
         * Setup XML and JSON implementations for each supported Version type\r
         * \r
         * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties\r
         * to do Versions and Content switches\r
         * \r
         */\r
        public void route(HttpMethods meth, String path, API api, GwCode code) throws Exception {\r
                String version = "1.0";\r
                // Get Correct API Class from Mapper\r
                Class<?> respCls = facade.mapper().getClass(api); \r
                if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());\r
                // setup Application API HTML ContentTypes for JSON and Route\r
                String application = applicationJSON(respCls, version);\r
                //route(env,meth,path,code,application,"application/json;version="+version,"*/*");\r
\r
                // setup Application API HTML ContentTypes for XML and Route\r
                application = applicationXML(respCls, version);\r
                //route(env,meth,path,code.clone(facade_1_0_XML,false),application,"text/xml;version="+version);\r
                \r
                // Add other Supported APIs here as created\r
        }\r
        \r
        public void routeAll(HttpMethods meth, String path, API api, GwCode code) throws Exception {\r
                //route(env,meth,path,code,""); // this will always match\r
        }\r
\r
\r
        /**\r
         * Start up AuthzAPI as DME2 Service\r
         * @param env\r
         * @param props\r
         * @throws DME2Exception\r
         * @throws CadiException \r
         */\r
        public void startDME2(Properties props) throws DME2Exception, CadiException {\r
                \r
                dme2Man = new DME2Manager("GatewayDME2Manager",props);\r
\r
        DME2ServiceHolder svcHolder;\r
        List<DME2ServletHolder> slist = new ArrayList<DME2ServletHolder>();\r
        svcHolder = new DME2ServiceHolder();\r
        String serviceName = env.getProperty("DMEServiceName",null);\r
        if(serviceName!=null) {\r
                svcHolder.setServiceURI(serviceName);\r
                svcHolder.setManager(dme2Man);\r
                svcHolder.setContext("/");\r
                \r
                \r
                \r
                DME2ServletHolder srvHolder = new DME2ServletHolder(this, new String[] {"/dme2","/api"});\r
                srvHolder.setContextPath("/*");\r
                slist.add(srvHolder);\r
                \r
                EnumSet<RequestDispatcherType> edlist = EnumSet.of(\r
                                RequestDispatcherType.REQUEST,\r
                                RequestDispatcherType.FORWARD,\r
                                RequestDispatcherType.ASYNC\r
                                );\r
\r
                ///////////////////////\r
                // Apply Filters\r
                ///////////////////////\r
                List<DME2FilterHolder> flist = new ArrayList<DME2FilterHolder>();\r
                \r
                // Leave Login page un secured\r
               // AuthzTransOnlyFilter atof = new AuthzTransOnlyFilter(env);\r
              //  flist.add(new DME2FilterHolder(atof,"/login", edlist));\r
\r
                // Secure all other interactions with AuthzTransFilter\r
//              flist.add(new DME2FilterHolder(\r
//                              new AuthzTransFilter(env, aafCon, new AAFTrustChecker(\r
//                                      env.getProperty(Config.CADI_TRUST_PROP, Config.CADI_USER_CHAIN),\r
//                                      Define.ROOT_NS + ".mechid|"+Define.ROOT_COMPANY+"|trust"\r
//                                      )),\r
//                              "/*", edlist));\r
//              \r
\r
                svcHolder.setFilters(flist);\r
                svcHolder.setServletHolders(slist);\r
                \r
                DME2Server dme2svr = dme2Man.getServer();\r
//              dme2svr.setGracefulShutdownTimeMs(1000);\r
        \r
               // env.init().log("Starting GW Jetty/DME2 server...");\r
                dme2svr.start();\r
                DME2ServerProperties dsprops = dme2svr.getServerProperties();\r
                try {\r
//                      if(env.getProperty("NO_REGISTER",null)!=null)\r
                        dme2Man.bindService(svcHolder);\r
//                      env.init().log("DME2 is available as HTTP"+(dsprops.isSslEnable()?"/S":""),"on port:",dsprops.getPort());\r
\r
                    while(true) { // Per DME2 Examples...\r
                        Thread.sleep(5000);\r
                    }\r
                } catch(InterruptedException e) {\r
                   // env.init().log("AAF Jetty Server interrupted!");\r
                } catch(Exception e) { // Error binding service doesn't seem to stop DME2 or Process\r
                 //   env.init().log(e,"DME2 Initialization Error");\r
                        dme2svr.stop();\r
                        System.exit(1);\r
                }\r
        } else {\r
                //env.init().log("Properties must contain DMEServiceName");\r
        }\r
        }\r
\r
        public static void main(String[] args) {\r
                setup(GwAPI.class,"authGW.props");\r
        }\r
\r
//      public void route(PropAccess env, HttpMethods get, String string, GwCode gwCode, String string2, String string3,\r
//                      String string4) {\r
//              // TODO Auto-generated method stub\r
//              \r
//      }\r
\r
}\r