2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (c) 2017 AT&T Intellectual Property
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * ============LICENSE_END=============================================
22 * ====================================================================
25 package org.onap.music.authentication;
27 import java.io.IOException;
29 import javax.servlet.Filter;
30 import javax.servlet.FilterChain;
31 import javax.servlet.FilterConfig;
32 import javax.servlet.ServletException;
33 import javax.servlet.ServletRequest;
34 import javax.servlet.ServletResponse;
35 import javax.servlet.http.HttpServletResponse;
37 import org.onap.music.eelf.logging.EELFLoggerDelegate;
38 import org.onap.music.exceptions.MusicAuthenticationException;
39 import org.onap.music.main.MusicUtil;
40 import com.fasterxml.jackson.databind.ObjectMapper;
43 * This filter class does authorization from AAF
48 //@PropertySource(value = {"file:/opt/app/music/etc/music.properties"})
49 public class MusicAuthorizationFilter implements Filter {
51 private String musicNS = MusicUtil.getMusicAafNs();
53 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicAuthorizationFilter.class);
55 public MusicAuthorizationFilter() throws ServletException {
60 public void init(FilterConfig filterConfig) throws ServletException {
65 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
66 throws IOException, ServletException {
67 HttpServletResponse httpResponse = null;
69 boolean isAuthAllowed = false;
71 if (null != servletRequest && null != servletResponse) {
72 httpResponse = (HttpServletResponse) servletResponse;
74 if( null != servletRequest.getAttribute("startTime")) {
75 startTime = ((Long)servletRequest.getAttribute("startTime")).longValue();
77 startTime = System.currentTimeMillis(); // this will set only incase the request attribute not found
81 isAuthAllowed = AuthUtil.isAccessAllowed(servletRequest, musicNS);
82 } catch (MusicAuthenticationException e) {
83 logger.error(EELFLoggerDelegate.securityLogger,
84 "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e);
85 } catch ( Exception e) {
86 logger.error(EELFLoggerDelegate.securityLogger,
87 "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e);
90 long endTime = System.currentTimeMillis();
92 //startTime set in <code>CadiAuthFilter</code> doFilter
93 logger.debug(EELFLoggerDelegate.securityLogger,
94 "Time took for authentication & authorization : "
95 + (endTime - startTime) + " milliseconds");
98 logger.info(EELFLoggerDelegate.securityLogger,
99 "Unauthorized Access");
100 AuthorizationError authError = new AuthorizationError();
101 authError.setResponseCode(HttpServletResponse.SC_UNAUTHORIZED);
102 authError.setResponseMessage("Unauthorized Access - Please make sure you are "
103 + "onboarded and have proper access to MUSIC. ");
105 byte[] responseToSend = restResponseBytes(authError);
106 httpResponse.setHeader("Content-Type", "application/json");
108 httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
109 servletResponse.getOutputStream().write(responseToSend);
112 filterChain.doFilter(servletRequest, servletResponse);
117 private byte[] restResponseBytes(AuthorizationError eErrorResponse) throws IOException {
118 String serialized = new ObjectMapper().writeValueAsString(eErrorResponse);
119 return serialized.getBytes();