src/main/java/org/onap/dmaap/dmf/mr/service/impl/ApiKeysServiceImpl.java

   1 /*******************************************************************************
   2  *  ============LICENSE_START=======================================================
   3  *  org.onap.dmaap
   4  *  ================================================================================
   5  *  Copyright © 2017 AT&T Intellectual Property. All rights reserved.
   6  *  ================================================================================
   7  *  Licensed under the Apache License, Version 2.0 (the "License");
   8  *  you may not use this file except in compliance with the License.
   9  *  You may obtain a copy of the License at
  10  *        http://www.apache.org/licenses/LICENSE-2.0
  11 *
  12  *  Unless required by applicable law or agreed to in writing, software
  13  *  distributed under the License is distributed on an "AS IS" BASIS,
  14  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *  See the License for the specific language governing permissions and
  16  *  limitations under the License.
  17  *  ============LICENSE_END=========================================================
  18  *
  19  *  ECOMP is a trademark and service mark of AT&T Intellectual Property.
  20  *
  21  *******************************************************************************/
  22 package org.onap.dmaap.dmf.mr.service.impl;
  23
  24 import java.io.IOException;
  25
  26 import org.json.JSONArray;
  27 import org.json.JSONObject;
  28 import org.springframework.stereotype.Service;
  29
  30 import org.onap.dmaap.dmf.mr.beans.ApiKeyBean;
  31 import org.onap.dmaap.dmf.mr.beans.DMaaPContext;
  32 import org.onap.dmaap.dmf.mr.constants.CambriaConstants;
  33 import org.onap.dmaap.dmf.mr.security.DMaaPAuthenticatorImpl;
  34 import org.onap.dmaap.dmf.mr.service.ApiKeysService;
  35 import org.onap.dmaap.dmf.mr.utils.ConfigurationReader;
  36 import org.onap.dmaap.dmf.mr.utils.DMaaPResponseBuilder;
  37 import org.onap.dmaap.dmf.mr.utils.Emailer;
  38 import com.att.eelf.configuration.EELFLogger;
  39 import com.att.eelf.configuration.EELFManager;
  40 import com.att.nsa.configs.ConfigDbException;
  41 import com.att.nsa.drumlin.service.standards.HttpStatusCodes;
  42 import com.att.nsa.security.NsaApiKey;
  43 import com.att.nsa.security.ReadWriteSecuredResource.AccessDeniedException;
  44 import com.att.nsa.security.db.NsaApiDb;
  45 import com.att.nsa.security.db.NsaApiDb.KeyExistsException;
  46 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
  47
  48 /**
  49  * Implementation of the ApiKeysService, this will provide the below operations,
  50  * getAllApiKeys, getApiKey, createApiKey, updateApiKey, deleteApiKey
  51  *
  52  * @author nilanjana.maity
  53  */
  54 @Service
  55 public class ApiKeysServiceImpl implements ApiKeysService {
  56
  57
  58         private static final EELFLogger log = EELFManager.getInstance().getLogger(ApiKeysServiceImpl.class.toString());
  59         /**
  60          * This method will provide all the ApiKeys present in kafka server.
  61          *
  62          * @param dmaapContext
  63          * @throws ConfigDbException
  64          * @throws IOException
  65          */
  66         public void getAllApiKeys(DMaaPContext dmaapContext)
  67                         throws ConfigDbException, IOException {
  68
  69                 ConfigurationReader configReader = dmaapContext.getConfigReader();
  70
  71                 log.info("configReader : " + configReader.toString());
  72
  73                 final JSONObject result = new JSONObject();
  74                 final JSONArray keys = new JSONArray();
  75                 result.put("apiKeys", keys);
  76
  77                 NsaApiDb<NsaSimpleApiKey> apiDb = configReader.getfApiKeyDb();
  78
  79                 for (String key : apiDb.loadAllKeys()) {
  80                         keys.put(key);
  81                 }
  82                 log.info("========== ApiKeysServiceImpl: getAllApiKeys: Api Keys are : "
  83                                 + keys.toString() + "===========");
  84                 DMaaPResponseBuilder.respondOk(dmaapContext, result);
  85         }
  86
  87         /**
  88          * @param dmaapContext
  89          * @param apikey
  90          * @throws ConfigDbException
  91          * @throws IOException
  92          */
  93         @Override
  94         public void getApiKey(DMaaPContext dmaapContext, String apikey)
  95                         throws ConfigDbException, IOException {
  96
  97                 String errorMsg = "Api key name is not mentioned.";
  98                 int errorCode = HttpStatusCodes.k400_badRequest;
  99
 100                 if (null != apikey) {
 101                         NsaSimpleApiKey simpleApiKey = getApiKeyDb(dmaapContext)
 102                                         .loadApiKey(apikey);
 103
 104
 105                         if (null != simpleApiKey) {
 106                                 JSONObject result = simpleApiKey.asJsonObject();
 107                                 DMaaPResponseBuilder.respondOk(dmaapContext, result);
 108                                 log.info("========== ApiKeysServiceImpl: getApiKey : "
 109                                                 + result.toString() + "===========");
 110                                 return;
 111                         } else {
 112                                 errorMsg = "Api key [" + apikey + "] does not exist.";
 113                                 errorCode = HttpStatusCodes.k404_notFound;
 114                                 log.info("========== ApiKeysServiceImpl: getApiKey: Error : API Key does not exist. "
 115                                                 + "===========");
 116                                 DMaaPResponseBuilder.respondWithError(dmaapContext, errorCode,
 117                                                 errorMsg);
 118                                 throw new IOException();
 119                         }
 120                 }
 121
 122         }
 123
 124         /**
 125          * @param dmaapContext
 126          * @param nsaApiKey
 127          * @throws KeyExistsException
 128          * @throws ConfigDbException
 129          * @throws IOException
 130          */
 131         @Override
 132         public void createApiKey(DMaaPContext dmaapContext, ApiKeyBean nsaApiKey)
 133                         throws KeyExistsException, ConfigDbException, IOException {
 134
 135                 log.debug("TopicService: : createApiKey....");
 136
 137                         String contactEmail = nsaApiKey.getEmail();
 138                         final boolean emailProvided = contactEmail != null && contactEmail.length() > 0 && contactEmail.indexOf("@") > 1 ;
 139                          String kSetting_AllowAnonymousKeys= com.att.ajsc.filemonitor.AJSCPropertiesMap.getProperty(CambriaConstants.msgRtr_prop,"apiKeys.allowAnonymous");
 140                          if(null==kSetting_AllowAnonymousKeys) {
 141                                  kSetting_AllowAnonymousKeys ="false";
 142                          }
 143
 144                          if ( kSetting_AllowAnonymousKeys.equalsIgnoreCase("true")    &&  !emailProvided   )
 145               {
 146                 DMaaPResponseBuilder.respondWithErrorInJson(dmaapContext, 400, "You must provide an email address.");
 147                 return;
 148               }
 149
 150
 151                 final NsaApiDb<NsaSimpleApiKey> apiKeyDb = getApiKeyDb(dmaapContext);
 152                 String apiKey = nsaApiKey.getKey();
 153                 String sharedSecret = nsaApiKey.getSharedSecret();
 154                 final NsaSimpleApiKey key = apiKeyDb.createApiKey(apiKey,
 155                                 sharedSecret);
 156                 if (null != key) {
 157
 158                         if (null != nsaApiKey.getEmail()) {
 159                                 key.setContactEmail(nsaApiKey.getEmail());
 160                         }
 161
 162                         if (null != nsaApiKey.getDescription()) {
 163                                 key.setDescription(nsaApiKey.getDescription());
 164                         }
 165
 166                         log.debug("=======ApiKeysServiceImpl: createApiKey : saving api key : "
 167                                         + key.toString() + "=====");
 168                         apiKeyDb.saveApiKey(key);
 169
 170                         // email out the secret to validate the email address
 171                         if ( emailProvided )
 172                         {
 173                                 String body = "\n" + "Your email address was provided as the creator of new API key \""
 174                                 + apiKey + "\".\n" + "\n" + "If you did not make this request, please let us know."
 175                                  + "but don't worry -"
 176                                 + " the API key is useless without the information below, which has been provided "
 177                                 + "only to you.\n" + "\n\n" + "For API key \"" + apiKey + "\", use API key secret:\n\n\t"
 178                                 + sharedSecret + "\n\n" + "Note that it's normal to share the API key"
 179                                 + " (" + apiKey + "). "
 180                                 + "This is how you are granted access to resources " + "like a UEB topic or Flatiron scope. "
 181                                 + "However, you should NOT share the API key's secret. " + "The API key is associated with your"
 182                                 + " email alone. ALL access to data made with this " + "key will be your responsibility. If you "
 183                                 + "share the secret, someone else can use the API key " + "to access proprietary data with your "
 184                                 + "identity.\n" + "\n" + "Enjoy!\n" + "\n" + "The GFP/SA-2020 Team";
 185
 186                         Emailer em = dmaapContext.getConfigReader().getSystemEmailer();
 187                         em.send(contactEmail, "New API Key", body);
 188                         }
 189                         log.debug("TopicService: : sending response.");
 190
 191                         JSONObject o = key.asJsonObject();
 192
 193                         o.put ( NsaSimpleApiKey.kApiSecretField,
 194                                         emailProvided ?
 195                                                 "Emailed to " + contactEmail + "." :
 196                                                 key.getSecret ()
 197                                 );
 198                         DMaaPResponseBuilder.respondOk(dmaapContext,
 199                                         o);
 200
 201                         return;
 202                 } else {
 203                         log.debug("=======ApiKeysServiceImpl: createApiKey : Error in creating API Key.=====");
 204                         DMaaPResponseBuilder.respondWithError(dmaapContext,
 205                                         HttpStatusCodes.k500_internalServerError,
 206                                         "Failed to create api key.");
 207                         throw new KeyExistsException(apiKey);
 208                 }
 209         }
 210
 211         /**
 212          * @param dmaapContext
 213          * @param apikey
 214          * @param nsaApiKey
 215          * @throws ConfigDbException
 216          * @throws IOException
 217          * @throws AccessDeniedException
 218          */
 219         @Override
 220         public void updateApiKey(DMaaPContext dmaapContext, String apikey,
 221                         ApiKeyBean nsaApiKey) throws ConfigDbException, IOException, AccessDeniedException {
 222
 223                 String errorMsg = "Api key name is not mentioned.";
 224                 int errorCode = HttpStatusCodes.k400_badRequest;
 225
 226                 if (null != apikey) {
 227                         final NsaApiDb<NsaSimpleApiKey> apiKeyDb = getApiKeyDb(dmaapContext);
 228                         final NsaSimpleApiKey key = apiKeyDb.loadApiKey(apikey);
 229                         boolean shouldUpdate = false;
 230
 231                         if (null != key) {
 232                                 final NsaApiKey user = DMaaPAuthenticatorImpl
 233                                                 .getAuthenticatedUser(dmaapContext);
 234
 235                                 if (user == null || !user.getKey().equals(key.getKey())) {
 236                                         throw new AccessDeniedException("You must authenticate with the key you'd like to update.");
 237                                 }
 238
 239                                 if (null != nsaApiKey.getEmail()) {
 240                                         key.setContactEmail(nsaApiKey.getEmail());
 241                                         shouldUpdate = true;
 242                                 }
 243
 244                                 if (null != nsaApiKey.getDescription()) {
 245                                         key.setDescription(nsaApiKey.getDescription());
 246                                         shouldUpdate = true;
 247                                 }
 248
 249                                 if (shouldUpdate) {
 250                                         apiKeyDb.saveApiKey(key);
 251                                 }
 252
 253                                 log.info("======ApiKeysServiceImpl : updateApiKey : Key Updated Successfully :"
 254                                                 + key.toString() + "=========");
 255                                 DMaaPResponseBuilder.respondOk(dmaapContext,
 256                                                 key.asJsonObject());
 257                                 return;
 258                         }
 259                 } else {
 260                         errorMsg = "Api key [" + apikey + "] does not exist.";
 261                         errorCode = HttpStatusCodes.k404_notFound;
 262                         DMaaPResponseBuilder.respondWithError(dmaapContext, errorCode,
 263                                         errorMsg);
 264                         log.info("======ApiKeysServiceImpl : updateApiKey : Error in Updating Key.============");
 265                         throw new IOException();
 266                 }
 267         }
 268
 269         /**
 270          * @param dmaapContext
 271          * @param apikey
 272          * @throws ConfigDbException
 273          * @throws IOException
 274          * @throws AccessDeniedException
 275          */
 276         @Override
 277         public void deleteApiKey(DMaaPContext dmaapContext, String apikey)
 278                         throws ConfigDbException, IOException, AccessDeniedException {
 279
 280                 String errorMsg = "Api key name is not mentioned.";
 281                 int errorCode = HttpStatusCodes.k400_badRequest;
 282
 283                 if (null != apikey) {
 284                         final NsaApiDb<NsaSimpleApiKey> apiKeyDb = getApiKeyDb(dmaapContext);
 285                         final NsaSimpleApiKey key = apiKeyDb.loadApiKey(apikey);
 286
 287                         if (null != key) {
 288
 289                                 final NsaApiKey user = DMaaPAuthenticatorImpl
 290                                                 .getAuthenticatedUser(dmaapContext);
 291                                 if (user == null || !user.getKey().equals(key.getKey())) {
 292                                         throw new AccessDeniedException("You don't own the API key.");
 293                                 }
 294
 295                                 apiKeyDb.deleteApiKey(key);
 296                                 log.info("======ApiKeysServiceImpl : deleteApiKey : Deleted Key successfully.============");
 297                                 DMaaPResponseBuilder.respondOkWithHtml(dmaapContext,
 298                                                 "Api key [" + apikey + "] deleted successfully.");
 299                                 return;
 300                         }
 301                 } else {
 302                         errorMsg = "Api key [" + apikey + "] does not exist.";
 303                         errorCode = HttpStatusCodes.k404_notFound;
 304                         DMaaPResponseBuilder.respondWithError(dmaapContext, errorCode,
 305                                         errorMsg);
 306                         log.info("======ApiKeysServiceImpl : deleteApiKey : Error while deleting key.============");
 307                         throw new IOException();
 308                 }
 309         }
 310
 311         /**
 312          *
 313          * @param dmaapContext
 314          * @return
 315          */
 316         private NsaApiDb<NsaSimpleApiKey> getApiKeyDb(DMaaPContext dmaapContext) {
 317                 ConfigurationReader configReader = dmaapContext.getConfigReader();
 318                 return configReader.getfApiKeyDb();
 319         }
 320
 321 }