ONAP-PAP-REST/src/main/java/org/onap/policy/pap/xacml/restAuth/PAPAuthenticationFilter.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * ONAP-PAP-REST
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21 package org.onap.policy.pap.xacml.restAuth;
  22
  23 import java.io.IOException;
  24
  25 import javax.servlet.Filter;
  26 import javax.servlet.FilterChain;
  27 import javax.servlet.FilterConfig;
  28 import javax.servlet.ServletException;
  29 import javax.servlet.ServletRequest;
  30 import javax.servlet.ServletResponse;
  31 import javax.servlet.annotation.WebFilter;
  32 import javax.servlet.http.HttpServletRequest;
  33 import javax.servlet.http.HttpServletResponse;
  34
  35 import org.apache.commons.logging.Log;
  36 import org.apache.commons.logging.LogFactory;
  37
  38 /**
  39  * Servlet Filter implementation class PAPAuthenticationFilter
  40  */
  41 @WebFilter("/*")
  42 public class PAPAuthenticationFilter implements Filter {
  43
  44         private static final Log logger = LogFactory.getLog(PAPAuthenticationFilter.class);
  45         public static final String AUTHENTICATION_HEADER = "Authorization";
  46
  47         @Override
  48         public void doFilter(ServletRequest request, ServletResponse response,
  49                         FilterChain filter) throws IOException, ServletException {
  50
  51
  52                 if (request instanceof HttpServletRequest) {
  53                         HttpServletRequest httpServletRequest = (HttpServletRequest) request;
  54
  55                         String authCredentials = null;
  56                         String url = httpServletRequest.getRequestURI();
  57
  58                         logger.info("Request URI: " + url);
  59                         System.out.println("Request URI: " + url);
  60
  61                         //getting authentication credentials
  62                         if(url.contains("@Auth@")){
  63                                 int authIndex = url.lastIndexOf("@");
  64                                 int endAuthIndex = url.indexOf("/onap");
  65                                 authCredentials = "Basic " + url.substring(authIndex+1, endAuthIndex);
  66
  67                                 //parse the url for /pap/onap/
  68                                 String url1 = url.substring(0, 4);
  69                                 String url2 = url.substring(endAuthIndex, url.length());
  70                                 url = url1 + url2;
  71
  72                         } else {
  73                                 authCredentials = httpServletRequest.getHeader(AUTHENTICATION_HEADER);
  74                         }
  75
  76                         // Check Authentication credentials
  77                         AuthenticationService authenticationService = new AuthenticationService();
  78                         boolean authenticationStatus = authenticationService.authenticate(authCredentials);
  79
  80                         if (authenticationStatus) {
  81                                 //indicates the request comes from Traditional Admin Console or PolicyEngineAPI
  82                                 if (url.equals("/pap/")){
  83                                         logger.info("Request comes from Traditional Admin Console or PolicyEngineAPI");
  84
  85                                         //forward request to the XACMLPAPServlet if authenticated
  86                                         request.getRequestDispatcher("/pap/pap/").forward(request, response);
  87
  88                                 }else if (url.startsWith("/pap/onap/")){
  89
  90                                         //indicates the request comes from the ONAP Portal onap-sdk-app
  91                                         if(response instanceof HttpServletResponse) {
  92                                                 HttpServletResponse alteredResponse = ((HttpServletResponse)response);
  93                                                 addCorsHeader(alteredResponse);
  94                                                 logger.info("Request comes from Onap Portal");
  95                                                 //Spring dispatcher servlet is at the end of the filter chain at /pap/onap/ path
  96                                                 System.out.println("New Request URI: " + url);
  97                                                 filter.doFilter(request, response);
  98                                                 /*url = url.substring(url.indexOf("/pap/")+4);
  99                                                 request.getRequestDispatcher(url).forward(request, response);*/
 100                                         }
 101
 102                                 }
 103
 104                         } else {
 105                                 if (response instanceof HttpServletResponse) {
 106                                         HttpServletResponse httpServletResponse = (HttpServletResponse) response;
 107                                         httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
 108                                 }
 109                         }
 110
 111                 }
 112         }
 113
 114         //method to add CorsHeaders for onap portal rest call
 115         private void addCorsHeader(HttpServletResponse response) {
 116                 logger.info("Adding Cors Response Headers!!!");
 117                 response.addHeader("Access-Control-Allow-Origin", "*");
 118         response.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, HEAD");
 119         response.addHeader("Access-Control-Allow-Headers", "X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept");
 120         response.addHeader("Access-Control-Max-Age", "1728000");
 121         }
 122
 123         @Override
 124         public void destroy() {
 125         }
 126
 127         @Override
 128         public void init(FilterConfig arg0) throws ServletException {
 129         }
 130 }