ECOMP-PAP-REST/src/main/java/org/openecomp/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ECOMP-PAP-REST
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.openecomp.policy.pap.xacml.restAuth;
  22
  23 import java.io.IOException;
  24
  25 import javax.servlet.Filter;
  26 import javax.servlet.FilterChain;
  27 import javax.servlet.FilterConfig;
  28 import javax.servlet.ServletException;
  29 import javax.servlet.ServletRequest;
  30 import javax.servlet.ServletResponse;
  31 import javax.servlet.annotation.WebFilter;
  32 import javax.servlet.http.HttpServletRequest;
  33 import javax.servlet.http.HttpServletResponse;
  34
  35 import org.apache.commons.logging.Log;
  36 import org.apache.commons.logging.LogFactory;
  37 import org.openecomp.policy.pap.xacml.rest.XACMLPapServlet;
  38
  39 /**
  40  * Servlet Filter implementation class PAPAuthenticationFilter
  41  */
  42 @WebFilter("/*")
  43 public class PAPAuthenticationFilter implements Filter {
  44
  45         private static final Log logger = LogFactory.getLog(PAPAuthenticationFilter.class);
  46         public static final String AUTHENTICATION_HEADER = "Authorization";
  47
  48         @Override
  49         public void doFilter(ServletRequest request, ServletResponse response,
  50                         FilterChain filter) throws IOException, ServletException {
  51
  52
  53                 if (request instanceof HttpServletRequest) {
  54                         HttpServletRequest httpServletRequest = (HttpServletRequest) request;
  55
  56                         String authCredentials = null;
  57                         String url = httpServletRequest.getRequestURI();
  58
  59                         logger.info("Request URI: " + url);
  60                         System.out.println("Request URI: " + url);
  61
  62                         //getting authentication credentials
  63                         if(url.contains("@Auth@")){
  64                                 int authIndex = url.lastIndexOf("@");
  65                                 int endAuthIndex = url.indexOf("/ecomp");
  66                                 authCredentials = "Basic " + url.substring(authIndex+1, endAuthIndex);
  67
  68                                 //parse the url for /pap/ecomp/
  69                                 String url1 = url.substring(0, 4);
  70                                 String url2 = url.substring(endAuthIndex, url.length());
  71                                 url = url1 + url2;
  72
  73                         } else {
  74                                 authCredentials = httpServletRequest.getHeader(AUTHENTICATION_HEADER);
  75                         }
  76
  77                         // Check Authentication credentials
  78                         AuthenticationService authenticationService = new AuthenticationService();
  79                         boolean authenticationStatus = authenticationService.authenticate(authCredentials);
  80
  81                         if (authenticationStatus) {
  82                                 //indicates the request comes from Traditional Admin Console or PolicyEngineAPI
  83                                 if (url.equals("/pap/")){
  84                                         logger.info("Request comes from Traditional Admin Console or PolicyEngineAPI");
  85
  86                                         //forward request to the XACMLPAPServlet if authenticated
  87                                         request.getRequestDispatcher("/pap/pap/").forward(request, response);
  88
  89                                 }else if (url.startsWith("/pap/ecomp/")){
  90
  91                                         //indicates the request comes from the ECOMP Portal ecomp-sdk-app
  92                                         if(response instanceof HttpServletResponse) {
  93                                                 HttpServletResponse alteredResponse = ((HttpServletResponse)response);
  94                                                 addCorsHeader(alteredResponse);
  95                                                 logger.info("Request comes from Ecomp Portal");
  96                                                 //Spring dispatcher servlet is at the end of the filter chain at /pap/ecomp/ path
  97                                                 System.out.println("New Request URI: " + url);
  98                                                 //request.getRequestDispatcher(url).forward(request, alteredResponse);
  99                                                 filter.doFilter(request, response);
 100                                         }
 101
 102                                 }
 103
 104                         } else {
 105                                 if (response instanceof HttpServletResponse) {
 106                                         HttpServletResponse httpServletResponse = (HttpServletResponse) response;
 107                                         httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
 108                                 }
 109                         }
 110
 111                 }
 112         }
 113
 114         //method to add CorsHeaders for ecomp portal rest call
 115         private void addCorsHeader(HttpServletResponse response) {
 116                 logger.info("Adding Cors Response Headers!!!");
 117                 response.addHeader("Access-Control-Allow-Origin", "*");
 118         response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, HEAD");
 119         response.addHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept");
 120         response.addHeader("Access-Control-Max-Age", "1728000");
 121         }
 122
 123         @Override
 124         public void destroy() {
 125         }
 126
 127         @Override
 128         public void init(FilterConfig arg0) throws ServletException {
 129         }
 130 }