AafServiceFactory implementation

[dmaap/dbcapi.git] / src / main / java / org / onap / dmaap / dbcapi / service / ApiService.java

diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
index b2eee6f..ef1e6f4 100644 (file)
--- a/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/ApiService.java
@@ -21,20 +21,14 @@
 package org.onap.dmaap.dbcapi.service;
 
 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
-import static com.att.eelf.configuration.Configuration.MDC_PARTNER_NAME;
 import static com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME;
 
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-import javax.ws.rs.core.Response.Status;
-import javax.xml.bind.DatatypeConverter;
 import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.authentication.ApiPolicy;
 import org.onap.dmaap.dbcapi.authentication.AuthenticationErrorException;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
 import org.onap.dmaap.dbcapi.model.ApiError;
 import org.onap.dmaap.dbcapi.model.Dmaap;
-import org.onap.dmaap.dbcapi.resources.RequiredFieldException;
 import org.onap.dmaap.dbcapi.util.DmaapConfig;
 import org.onap.dmaap.dbcapi.util.RandomString;
 import org.slf4j.MDC;
@@ -49,6 +43,7 @@ public class ApiService extends BaseLoggingClass {
     private String requestId;
     private ApiError err;
     private ApiPolicy apiPolicy;
+    private CredentialsParser credentialsParser = new CredentialsParser();
 
     public ApiService() {
 
@@ -104,64 +99,7 @@ public class ApiService extends BaseLoggingClass {
         return err;
     }
 
-
-    public void setErr(ApiError err) {
-        this.err = err;
-    }
-
-
-    // test for presence of a required field
-    public void required(String name, Object val, String expr) throws RequiredFieldException {
-        err.setCode(0);
-        if (val == null) {
-            err.setCode(Status.BAD_REQUEST.getStatusCode());
-            err.setMessage("missing required field");
-            err.setFields(name);
-            throw new RequiredFieldException();
-        }
-        if (expr != null && !expr.isEmpty()) {
-            Pattern pattern = Pattern.compile(expr);
-            Matcher matcher = pattern.matcher((CharSequence) val);
-            if (!matcher.find()) {
-                err.setCode(Status.BAD_REQUEST.getStatusCode());
-                err.setMessage("value '" + val + "' violates regexp check '" + expr + "'");
-                err.setFields(name);
-                throw new RequiredFieldException();
-            }
-        }
-    }
-
-    // utility to serialize ApiErr object
-    public String toString() {
-        return String.format("code=%d msg=%s fields=%s", err.getCode(), err.getMessage(), err.getFields());
-    }
-
-
-    public void setCode(int statusCode) {
-        err.setCode(statusCode);
-    }
-
-
-    public void setMessage(String string) {
-        err.setMessage(string);
-    }
-
-
-    public void setFields(String string) {
-        err.setFields(string);
-    }
-
-    public void checkAuthorization(String auth, String uriPath, String httpMethod)
-        throws AuthenticationErrorException, Exception {
-        authorization = auth;
-        setUriFromPath(uriPath);
-        method = httpMethod;
-
-        checkAuthorization();
-    }
-
-
-    public void checkAuthorization() throws AuthenticationErrorException, Exception {
+    public void checkAuthorization() throws Exception {
 
         MDC.put(MDC_KEY_REQUEST_ID, requestId);
 
@@ -188,41 +126,23 @@ public class ApiService extends BaseLoggingClass {
         if (env == null || env.isEmpty()) {
             env = "boot";
         }
-        if (!apiPolicy.getUseAuthClass()) {
+        if (!apiPolicy.isPermissionClassSet()) {
             return;  // skip authorization if not enabled
         }
-        if (authorization == null || authorization.isEmpty()) {
-            String errmsg = "No basic authorization value provided ";
-            err.setMessage(errmsg);
-            logger.info(errmsg);
-            throw new AuthenticationErrorException();
-        }
-        String credentials = authorization.substring("Basic".length()).trim();
-        byte[] decoded = DatatypeConverter.parseBase64Binary(credentials);
-        String decodedString = new String(decoded);
-        String[] actualCredentials = decodedString.split(":");
-        String ID = actualCredentials[0];
-        String Password = actualCredentials[1];
-        MDC.put(MDC_PARTNER_NAME, ID);
-        try {
 
+        Credentials credentials = credentialsParser.parse(authorization);
+        try {
             DmaapPerm p = new DmaapPerm(apiNamespace + "." + uri, env, method);
-            apiPolicy.check(ID, Password, p);
+            apiPolicy.check(credentials.getId(), credentials.getPwd(), p);
         } catch (AuthenticationErrorException ae) {
             String errmsg =
-                "User " + ID + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
+                "User " + credentials.getId() + " failed authentication/authorization for " + apiNamespace + "." + uriPath + " " + env
                     + " " + method;
             logger.info(errmsg);
             err.setMessage(errmsg);
             throw ae;
 
         }
-
-
-    }
-
-    public String getRequestId() {
-        return requestId;
     }
 
     public ApiService setRequestId(String requestId) {
@@ -236,3 +156,4 @@ public class ApiService extends BaseLoggingClass {
         return this;
     }
 }
+