1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
19 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21 *******************************************************************************/
22 package com.att.nsa.cambria.security;
24 import java.util.LinkedList;
26 import javax.servlet.http.HttpServletRequest;
28 import com.att.nsa.cambria.beans.DMaaPContext;
29 import com.att.nsa.cambria.security.impl.DMaaPOriginalUebAuthenticator;
30 import com.att.nsa.security.NsaApiKey;
31 import com.att.nsa.security.NsaAuthenticator;
32 import com.att.nsa.security.authenticators.OriginalUebAuthenticator;
33 import com.att.nsa.security.db.NsaApiDb;
34 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
42 public class DMaaPAuthenticatorImpl<K extends NsaApiKey> implements DMaaPAuthenticator<K> {
44 private final LinkedList<DMaaPAuthenticator<K>> fAuthenticators;
48 // Setting timeout to a large value for testing purpose.
49 // private static final long kDefaultRequestTimeWindow = 1000 * 60 * 10; //
51 private static final long kDefaultRequestTimeWindow = 1000 * 60 * 10 * 10 * 10 * 10 * 10;
54 * Construct the security manager against an API key database
59 public DMaaPAuthenticatorImpl(NsaApiDb<K> db) {
60 this(db, kDefaultRequestTimeWindow);
67 * Construct the security manager against an API key database with a
68 * specific request time window size
72 * @param authTimeWindowMs
73 * the size of the time window for request authentication
75 public DMaaPAuthenticatorImpl(NsaApiDb<K> db, long authTimeWindowMs) {
76 fAuthenticators = new LinkedList<DMaaPAuthenticator<K>>();
78 fAuthenticators.add(new DMaaPOriginalUebAuthenticator<K>(db, authTimeWindowMs));
82 * Authenticate a user's request. This method returns the API key if the
83 * user is authentic, null otherwise.
86 * @return an api key record, or null
88 public K authenticate(DMaaPContext ctx) {
89 final HttpServletRequest req = ctx.getRequest();
90 for (DMaaPAuthenticator<K> a : fAuthenticators) {
92 final K k = a.isAuthentic(req);
96 // else: this request doesn't look right to the authenticator
102 * Get the user associated with the incoming request, or null if the user is
108 public static NsaSimpleApiKey getAuthenticatedUser(DMaaPContext ctx) {
109 final DMaaPAuthenticator<NsaSimpleApiKey> m = ctx.getConfigReader().getfSecurityManager();
110 return m.authenticate(ctx);
114 * method by default returning false
118 public boolean qualify(HttpServletRequest req) {
122 * method by default returning null
126 public K isAuthentic(HttpServletRequest req) {
130 public void addAuthenticator ( DMaaPAuthenticator<K> a )
132 this.fAuthenticators.add(a);
135 public static boolean isIgnoreAuth(){
136 return (System.getenv("ignoreAuth")!=null) ? Boolean.valueOf(System.getenv("ignoreAuth")):(System.getProperty("ignoreAuth")!=null? Boolean.valueOf(System.getProperty("ignoreAuth")):false );