docs/Makefile
docs/_build
docs/conf.py
+
+#VSCODE
+.VSCODE
+.attach_pid*
+
+
+#jmeter
+jmeter.log
import org.onap.music.authentication.MusicAuthorizationFilter;
import org.onap.music.eelf.logging.EELFLoggerDelegate;
import org.onap.music.eelf.logging.MusicLoggingServletFilter;
-import org.onap.music.main.CipherUtil;
import org.onap.music.main.MusicUtil;
import org.onap.music.main.PropertiesLoader;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.DependsOn;
@EnableScheduling
public class MusicApplication extends SpringBootServletInitializer {
+ private final String KEYSPACE_PATTERN = "/v2/keyspaces/*";
+ private final String LOCKS_PATTERN = "/v2/locks/*";
+ private final String Q_PATTERN = "/v2/priorityq/*";
+
@Autowired
private PropertiesLoader propertyLoader;
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicApplication.class);
+
public static void main(String[] args) {
new MusicApplication().configure(new SpringApplicationBuilder(MusicApplication.class)).run(args);
}
propertyLoader.loadProperties();
}
- @Autowired
- private ApplicationContext appContext;
@Bean
@DependsOn("loadProperties")
propertyLoader.loadProperties();
if (MusicUtil.getIsCadi()) {
PropAccess propAccess = propAccess();
- CadiAuthFilter cadiFilter = new CadiAuthFilter(propAccess);
-
- return cadiFilter;
+ return new CadiAuthFilter(propAccess);
} else {
return (ServletRequest request, ServletResponse response, FilterChain chain) -> {
// do nothing for now.
FilterRegistrationBean<Filter> frb = new FilterRegistrationBean<>();
frb.setFilter(new MusicLoggingServletFilter());
frb.addUrlPatterns(
- "/v2/keyspaces/*",
- "/v2/locks/*",
- "/v2/priorityq/*"
+ KEYSPACE_PATTERN,
+ LOCKS_PATTERN,
+ Q_PATTERN
);
frb.setName("logFilter");
frb.setOrder(1);
return frb;
}
-
@Bean
@DependsOn("loadProperties")
logger.info("cadiFilterRegistration called for cadi filter..");
FilterRegistrationBean<Filter> frb = new FilterRegistrationBean<>();
frb.setFilter(cadiFilter());
-
- // The Following Patterns are used to control what APIs will be secure
- // TODO: Make this a configurable item. Build this from an array?
if (MusicUtil.getIsCadi()) {
frb.addUrlPatterns(
- "/v2/keyspaces/*",
- "/v2/locks/*",
- "/v2/priorityq/*"
+ KEYSPACE_PATTERN,
+ LOCKS_PATTERN,
+ Q_PATTERN
);
} else {
frb.addUrlPatterns("/v0/test");
if (MusicUtil.getIsCadi()) {
frb.addUrlPatterns(
- "/v2/keyspaces/*",
- "/v2/locks/*",
- "/v2/priorityq/*"
- );
+ KEYSPACE_PATTERN,
+ LOCKS_PATTERN,
+ Q_PATTERN
+ );
} else {
frb.addUrlPatterns("/v0/test");
}
public Filter cadiMusicAuthFilter() throws ServletException {
propertyLoader.loadProperties();
if (MusicUtil.getIsCadi()) {
- MusicAuthorizationFilter authFilter = new MusicAuthorizationFilter();
- return authFilter;
+ return new MusicAuthorizationFilter();
} else {
return (ServletRequest request, ServletResponse response, FilterChain chain) -> {
// do nothing for now.
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.music.eelf.logging.EELFLoggerDelegate;
+import org.onap.music.exceptions.MusicAuthenticationException;
public class AuthUtil {
- private static final String decodeValueOfForwardSlash = "2f";
- private static final String decodeValueOfHyphen = "2d";
- private static final String decodeValueOfAsterisk = "2a";
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AuthUtil.class);
+ private AuthUtil() {
+ throw new IllegalStateException("Utility class");
+ }
+
/**
* Get the list of permissions from the Request object.
*
* @return returns the decoded string.
* @throws Exception throws excpetion
*/
- public static String decodeFunctionCode(String str) throws Exception {
+ public static String decodeFunctionCode(String str) throws MusicAuthenticationException {
+ final String DECODEVALUE_FORWARDSLASH = "2f";
+ final String DECODEVALUE_HYPHEN = "2d";
+ final String DECODEVALUE_ASTERISK = "2a";
String decodedString = str;
List<Pattern> decodingList = new ArrayList<>();
- decodingList.add(Pattern.compile(decodeValueOfForwardSlash));
- decodingList.add(Pattern.compile(decodeValueOfHyphen));
- decodingList.add(Pattern.compile(decodeValueOfAsterisk));
+ decodingList.add(Pattern.compile(DECODEVALUE_FORWARDSLASH));
+ decodingList.add(Pattern.compile(DECODEVALUE_HYPHEN));
+ decodingList.add(Pattern.compile(DECODEVALUE_ASTERISK));
for (Pattern xssInputPattern : decodingList) {
try {
decodedString = decodedString.replaceAll("%" + xssInputPattern,
new String(Hex.decodeHex(xssInputPattern.toString().toCharArray())));
} catch (DecoderException e) {
- logger.error(EELFLoggerDelegate.applicationLogger,
+ logger.error(EELFLoggerDelegate.securityLogger,
"AuthUtil Decode Failed! for instance: " + str);
- throw new Exception("decode failed", e);
+ throw new MusicAuthenticationException("Decode failed", e);
}
}
* @return boolean value if the access is allowed
* @throws Exception throws exception
*/
- public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws Exception {
+ public static boolean isAccessAllowed(ServletRequest request, String nameSpace) throws MusicAuthenticationException {
if (request==null) {
- throw new Exception("Request cannot be null");
+ throw new MusicAuthenticationException("Request cannot be null");
}
if (nameSpace==null || nameSpace.isEmpty()) {
- throw new Exception("NameSpace not Declared!");
+ throw new MusicAuthenticationException("NameSpace not Declared!");
}
boolean isauthorized = false;
List<AAFPermission> aafPermsList = getAAFPermissions(request);
- //logger.info(EELFLoggerDelegate.applicationLogger,
- // "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
-
- logger.debug(EELFLoggerDelegate.applicationLogger, "Requested nameSpace: " + nameSpace);
-
+ logger.info(EELFLoggerDelegate.securityLogger,
+ "AAFPermission of the requested MechId for all the namespaces: " + aafPermsList);
+ logger.debug(EELFLoggerDelegate.securityLogger, "Requested nameSpace: " + nameSpace);
List<AAFPermission> aafPermsFinalList = filterNameSpacesAAFPermissions(nameSpace, aafPermsList);
logger.debug(EELFLoggerDelegate.securityLogger,
"AuthUtil requestUri :::" + requestUri);
- for (Iterator iterator = aafPermsFinalList.iterator(); iterator.hasNext();) {
+ for (Iterator<AAFPermission> iterator = aafPermsFinalList.iterator(); iterator.hasNext();) {
AAFPermission aafPermission = (AAFPermission) iterator.next();
if(!isauthorized) {
- isauthorized = isMatchPatternWithInstanceAndAction(aafPermission, requestUri, httpRequest.getMethod());
+ isauthorized = isMatchPattern(aafPermission, requestUri, httpRequest.getMethod());
}
}
* @return returns a boolean
* @throws Exception - throws an exception
*/
- private static boolean isMatchPatternWithInstanceAndAction(
+ private static boolean isMatchPattern(
AAFPermission aafPermission,
String requestUri,
- String method) throws Exception {
+ String method) throws MusicAuthenticationException {
if (null == aafPermission || null == requestUri || null == method) {
return false;
}
String permKey = aafPermission.getKey();
- logger.debug(EELFLoggerDelegate.auditLogger, "isMatchPattern permKey: "
+ logger.debug(EELFLoggerDelegate.securityLogger, "isMatchPattern permKey: "
+ permKey + ", requestUri " + requestUri + " ," + method);
String[] keyArray = permKey.split("\\|");
String[] subPath = null;
- //String type = null;
- //type = keyArray[0];
String instance = keyArray[1];
String action = keyArray[2];
subPath = path[i].split("\\.");
for (int j = 0; j < subPath.length; j++) {
if (instanceList.contains(subPath[j])) {
- if ("*".equals(action) || "ALL".equalsIgnoreCase(action)) {
- return true;
- } else if (method.equalsIgnoreCase(action)) {
- return true;
- } else {
- return false;
- }
+ return checkAction(method,action);
} else {
continue;
}
}
return false;
}
+
+ private static boolean checkAction(String method, String action) {
+ if ("*".equals(action) || "ALL".equalsIgnoreCase(action)) {
+ return true;
+ } else {
+ return (method.equalsIgnoreCase(action));
+ }
+ }
+
+
+
}
\ No newline at end of file
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
logger.info(EELFLoggerDelegate.securityLogger, "Request is entering cadifilter");
-
long startTime = System.currentTimeMillis();
request.setAttribute("startTime", startTime);
-
super.doFilter(request, response, chain);
-
- //Commented by saumya (sp931a) on 04/11/19 for auth filter
- //chain.doFilter(request, response);
}
}
\ No newline at end of file
package org.onap.music.authentication;
import java.io.IOException;
-import java.util.Base64;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.music.eelf.logging.EELFLoggerDelegate;
+import org.onap.music.exceptions.MusicAuthenticationException;
import org.onap.music.main.MusicUtil;
import com.fasterxml.jackson.databind.ObjectMapper;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
-
+ // Do Nothing
}
@Override
try {
isAuthAllowed = AuthUtil.isAccessAllowed(servletRequest, musicNS);
- } catch (Exception e) {
+ } catch (MusicAuthenticationException e) {
+ logger.error(EELFLoggerDelegate.securityLogger,
+ "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e);
+ } catch ( Exception e) {
logger.error(EELFLoggerDelegate.securityLogger,
- "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage());
+ "Error while checking authorization Music Namespace: " + musicNS + " : " + e.getMessage(),e);
}
long endTime = System.currentTimeMillis();
String serialized = new ObjectMapper().writeValueAsString(eErrorResponse);
return serialized.getBytes();
}
-
- private Map<String, String> getHeadersInfo(HttpServletRequest request) {
-
- Map<String, String> map = new HashMap<String, String>();
-
- Enumeration headerNames = request.getHeaderNames();
- while (headerNames.hasMoreElements()) {
- String key = (String) headerNames.nextElement();
- String value = request.getHeader(key);
- map.put(key, value);
- }
-
- return map;
- }
-
- private static String getUserNamefromRequest(HttpServletRequest httpRequest) {
- String authHeader = httpRequest.getHeader("Authorization");
- String username = null;
- if (authHeader != null) {
- String[] split = authHeader.split("\\s+");
- if (split.length > 0) {
- String basic = split[0];
-
- if ("Basic".equalsIgnoreCase(basic)) {
- byte[] decodedBytes = Base64.getDecoder().decode(split[1]);
- String decodedString = new String(decodedBytes);
- int p = decodedString.indexOf(":");
- if (p != -1) {
- username = decodedString.substring(0, p);
- }
- }
- }
- }
- return username;
- }
}
+
--- /dev/null
+/*
+ * ============LICENSE_START==========================================
+ * org.onap.music
+ * ===================================================================
+ * Copyright (c) 2019 AT&T Intellectual Property
+ * ===================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END=============================================
+ * ====================================================================
+ */
+
+package org.onap.music.exceptions;
+
+/**
+ * @author inam
+ *
+ */
+public class MusicAuthenticationException extends Exception {
+
+ /**
+ *
+ */
+ public MusicAuthenticationException() {
+
+ }
+
+ /**
+ * @param message
+ */
+ public MusicAuthenticationException(String message) {
+ super(message);
+
+ }
+
+ /**
+ * @param cause
+ */
+ public MusicAuthenticationException(Throwable cause) {
+ super(cause);
+
+ }
+
+ /**
+ * @param message
+ * @param cause
+ */
+ public MusicAuthenticationException(String message, Throwable cause) {
+ super(message, cause);
+
+ }
+
+ /**
+ * @param message
+ * @param cause
+ * @param enableSuppression
+ * @param writableStackTrace
+ */
+ public MusicAuthenticationException(String message, Throwable cause, boolean enableSuppression,
+ boolean writableStackTrace) {
+ super(message, cause, enableSuppression, writableStackTrace);
+
+ }
+
+}
import org.onap.music.lockingservice.cassandra.LockType;
import org.onap.music.lockingservice.cassandra.MusicLockState;
import org.onap.music.service.MusicCoreService;
-import org.onap.music.service.impl.MusicCassaCore;
import com.datastax.driver.core.ResultSet;
public class MusicCore {
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicCore.class);
- private static boolean unitTestRun = true;
-
private static MusicCoreService musicCore = MusicUtil.getMusicCoreService();
- public static CassaLockStore mLockHandle;
+ private static CassaLockStore mLockHandle;
+
+ public static CassaLockStore getmLockHandle() {
+ return mLockHandle;
+ }
+ public static void setmLockHandle(CassaLockStore mLockHandleIn) {
+ mLockHandle = mLockHandleIn;
+ }
/**
* Acquire lock
return musicCore.releaseLock(lockId, voluntaryRelease);
}
+
+
}
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
-import java.util.concurrent.TimeUnit;
import org.onap.music.datastore.MusicDataStore;
import org.onap.music.datastore.MusicDataStoreHandle;
import org.onap.music.main.ReturnType;
import org.onap.music.service.MusicCoreService;
-import com.att.eelf.configuration.EELFLogger;
import com.datastax.driver.core.DataType;
import com.datastax.driver.core.ResultSet;
import com.datastax.driver.core.Row;
public class MusicCassaCore implements MusicCoreService {
- public static CassaLockStore mLockHandle = null;;
+ private static CassaLockStore mLockHandle = null;
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicCassaCore.class);
- private static boolean unitTestRun=true;
private static MusicCassaCore musicCassaCoreInstance = null;
private MusicCassaCore() {
+ // not going to happen
+ }
+
+ public static CassaLockStore getmLockHandle() {
+ return mLockHandle;
+ }
+ public static void setmLockHandle(CassaLockStore mLockHandle) {
+ MusicCassaCore.mLockHandle = mLockHandle;
}
+
public static MusicCassaCore getInstance() {
if(musicCassaCoreInstance == null) {
return musicCassaCoreInstance;
}
+
+
+
public static CassaLockStore getLockingServiceHandle() throws MusicLockingException {
logger.info(EELFLoggerDelegate.applicationLogger,"Acquiring lock store handle");
long start = System.currentTimeMillis();
}
public String createLockReference(String fullyQualifiedKey) throws MusicLockingException {
- return createLockReference(fullyQualifiedKey, LockType.WRITE);
+ return createLockReference(fullyQualifiedKey, LockType.WRITE);
}
public String createLockReference(String fullyQualifiedKey, LockType locktype) throws MusicLockingException {
public ReturnType acquireLockWithLease(String fullyQualifiedKey, String lockReference, long leasePeriod)
throws MusicLockingException, MusicQueryException, MusicServiceException {
- evictExpiredLockHolder(fullyQualifiedKey,leasePeriod);
- return acquireLock(fullyQualifiedKey, lockReference);
+ evictExpiredLockHolder(fullyQualifiedKey,leasePeriod);
+ return acquireLock(fullyQualifiedKey, lockReference);
}
private void evictExpiredLockHolder(String fullyQualifiedKey, long leasePeriod)
if (!lockInfo.getIsLockOwner()) {
return new ReturnType(ResultType.FAILURE, lockId + " is not a lock holder");//not top of the lock store q
}
-
+
//check to see if the value of the key has to be synced in case there was a forceful release
String syncTable = keyspace+".unsyncedKeys_"+table;
String query = "select * from "+syncTable+" where key='"+localFullyQualifiedKey+"';";
return null;
}
+
}
try {
ReflectionTestUtils.setField(MusicDataStoreHandle.class, "mDstoreHandle",
CassandraCQL.connectToEmbeddedCassandra());
- MusicCore.mLockHandle = new CassaLockStore(MusicDataStoreHandle.getDSHandle());
+ MusicCore.setmLockHandle(new CassaLockStore(MusicDataStoreHandle.getDSHandle()));
// System.out.println("before class keysp");
//resp=data.createKeySpace(majorV,minorV,patchV,aid,appName,userId,password,kspObject,keyspaceName);
public static void beforeClass() throws Exception {
ReflectionTestUtils.setField(MusicDataStoreHandle.class, "mDstoreHandle",
CassandraCQL.connectToEmbeddedCassandra());
- MusicCore.mLockHandle = new CassaLockStore(MusicDataStoreHandle.getDSHandle());
+ MusicCore.setmLockHandle(new CassaLockStore(MusicDataStoreHandle.getDSHandle()));
createAdminTable();
}
Code Review / music.git / commitdiff