PolicyEngineUtils/src/main/java/org/openecomp/policy/utils/AAFPolicyClient.java

   1 /*-
   2  * ============LICENSE_START=======================================================
   3  * PolicyEngineUtils
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END=========================================================
  19  */
  20
  21
  22 package org.openecomp.policy.utils;
  23
  24 import java.io.IOException;
  25 import java.util.Properties;
  26
  27 import org.apache.log4j.Logger;
  28
  29 import com.att.cadi.Access;
  30 import com.att.cadi.Access.Level;
  31 import com.att.cadi.CadiException;
  32 import com.att.cadi.aaf.AAFPermission;
  33 import com.att.cadi.aaf.v2_0.AAFAuthn;
  34 import com.att.cadi.aaf.v2_0.AAFCon;
  35 import com.att.cadi.aaf.v2_0.AAFConDME2;
  36 import com.att.cadi.aaf.v2_0.AAFLurPerm;
  37 import com.att.cadi.config.Config;
  38
  39
  40 /**
  41  * AAF Client: Generic AAF Client implementation to connect to AAF Resources to validate permissions and authorization.
  42  *
  43  */
  44 public class AAFPolicyClient {
  45           private static Logger LOGGER = Logger.getLogger(AAFPolicyClient.class.getName());
  46
  47                 private static final String DEFAULT_AFT_LATITUDE = "32.780140";
  48                 private static final String DEFAULT_AFT_LONGITUDE = "-96.800451";
  49                 private static final String DEFAULT_AAF_USER_EXPIRES = Integer.toString(5*60000);       // 5 minutes for found items to live in cache
  50                 private static final String DEFAULT_AAF_HIGH_COUNT = Integer.toString(400);             // Maximum number of items in Cache
  51
  52                 private static AAFPolicyClient instance = null;
  53                 private static Properties props = new Properties();
  54                 private static AAFCon<?> aafCon = null;
  55                 private static AAFLurPerm aafLurPerm = null;
  56                 private static AAFAuthn<?> aafAuthn = null;
  57                 private static Access access = null;
  58
  59
  60                 private AAFPolicyClient(Properties properties) throws AAFPolicyException{
  61                         if(instance == null){
  62                                 instance = this;
  63                         }
  64                         setup(properties);
  65                 }
  66
  67                 /**
  68                  * Gets the instance of the AAFClient instance. Needs Proper properties with CLIENT_ID, CLIENT_KEY and ENVIRONMENT
  69                  *
  70                  * @param properties Properties with CLIENT_ID, CLIENT_KEY and ENVIRONMENT
  71                  * @return AAFClient instance.
  72                  * @throws AAFPolicyException Exceptions.
  73                  */
  74                 public static synchronized AAFPolicyClient getInstance(Properties properties) throws AAFPolicyException{
  75                         if(instance == null) {
  76                             LOGGER.info("Creating AAFClient Instance ");
  77                                 instance = new AAFPolicyClient(properties);
  78                         }
  79                         return instance;
  80                 }
  81
  82                 // To set Property values && Connections.
  83                 private void setup(Properties properties) throws AAFPolicyException {
  84                         /*if(properties!=null && !properties.isEmpty()){
  85                                 props = System.getProperties();
  86                                 props.setProperty("AFT_LATITUDE", properties.getProperty("AFT_LATITUDE", DEFAULT_AFT_LATITUDE));
  87                                 props.setProperty("AFT_LONGITUDE", properties.getProperty("AFT_LONGITUDE", DEFAULT_AFT_LONGITUDE));
  88                                 props.setProperty("aaf_id",properties.getProperty("aaf_id", "aafID"));
  89                                 props.setProperty("aaf_password", properties.getProperty("aaf_password", "aafPass"));
  90                                 if(properties.containsKey(Config.AAF_URL)){
  91                                 // if given a value in properties file.
  92                                 props.setProperty(Config.AAF_URL, properties.getProperty(Config.AAF_URL));
  93                         }else{
  94                                 LOGGER.error("Required Property value is missing : " + Config.AAF_URL);
  95                                         throw new AAFPolicyException("Required Property value is missing : " + Config.AAF_URL);
  96                         }
  97
  98                                 if(properties.containsKey("AFT_ENVIRONMENT")){
  99                                         props.setProperty("AFT_ENVIRONMENT", properties.getProperty("AFT_ENVIRONMENT"));
 100                         }else{
 101                                 LOGGER.error("Required Property value is missing : AFT_ENVIRONMENT");
 102                                         throw new AAFPolicyException("Required Property value is missing : AFT_ENVIRONMENT");
 103                         }
 104                         props.setProperty(Config.AAF_USER_EXPIRES, properties.getProperty(Config.AAF_USER_EXPIRES, DEFAULT_AAF_USER_EXPIRES));
 105                         props.setProperty(Config.AAF_HIGH_COUNT, properties.getProperty(Config.AAF_HIGH_COUNT, DEFAULT_AAF_HIGH_COUNT));
 106                         }else{
 107                             LOGGER.error("Required Property value is missing ");
 108                                 throw new AAFPolicyException("Required Property value is missing");
 109                         }
 110                         access = new PolicyAccess(props, Level.valueOf(properties.getProperty("AAF_LOG_LEVEL", Level.INFO.toString())));
 111                         setUpAAF();*/
 112                 }
 113
 114                 /**
 115                  * Updates the Properties file in case if required.
 116                  *
 117                  * @param properties  Properties with CLIENT_ID, CLIENT_KEY and ENVIRONMENT
 118                  * @throws AAFPolicyException exceptions if any.
 119                  */
 120                 public void updateProperties(Properties properties) throws AAFPolicyException{
 121                         setup(properties);
 122                 }
 123
 124                 /**
 125                  * Checks the Authentication and Permissions for the given values.
 126                  *
 127                  * @param pass Password pertaining to the loginId
 128                  * @param type Permissions Type.
 129                  * @param instance Permissions Instance.
 130                  * @param action Permissions Action.
 131                  * @return
 132                  */
 133                 public boolean checkAuthPerm(String mechID, String pass, String type, String instance, String action){
 134                         if(checkAuth(mechID, pass) && checkPerm(mechID, pass, type, instance, action)){
 135                                 return true;
 136                         }
 137                         return false;
 138                 }
 139
 140                 /**
 141                  * Checks the Authentication of the UserName and Password Given.
 142                  *
 143                  * @param userName UserName
 144                  * @param pass Password.
 145                  * @return True or False.
 146                  */
 147                 public boolean checkAuth(String userName, String pass){
 148                         /*if(aafAuthn!=null){
 149                                 try {
 150                                     int i=0;
 151                                     do{
 152                                         if(aafAuthn.validate(userName, pass)==null){
 153                                     return true;
 154                                 }
 155                                         i++;
 156                                     }while(i<2);
 157                                 } catch (Exception e) {
 158                                     LOGGER.error(e.getMessage());
 159                                 }
 160                         }
 161                         LOGGER.debug("Authentication failed for : " + userName + " in " + props.getProperty("AAF_URL"));
 162                         return false;*/
 163                         return true;
 164                 }
 165
 166                 /**
 167                  * Checks Permissions for the given UserName, Password and Type, Instance Action.
 168                  *
 169                  * @param userName UserName
 170                  * @param pass Password.
 171                  * @param type Permissions Type.
 172                  * @param instance Permissions Instance.
 173                  * @param action Permissions Action.
 174                  * @return True or False.
 175                  */
 176                 public boolean checkPerm(String userName, String pass, String type, String instance, String action){
 177                         /*int i =0;
 178                         Boolean result= false;
 179                     do{
 180                             if(aafCon!=null && aafLurPerm !=null){
 181                             try {
 182                                 aafCon.basicAuth(userName, pass);
 183                                 AAFPermission perm = new AAFPermission(type, instance, action);
 184                                 result = aafLurPerm.fish(userName, perm);
 185                             } catch (CadiException e) {
 186                                 LOGGER.error(e.getMessage());
 187                                 aafLurPerm.destroy();
 188                             }
 189                         }
 190                             LOGGER.debug("Permissions for : " + userName + " in " + props.getProperty("AAF_URL") + "for " + type  + "," + instance + "," + action + "\n Result is: " + result);
 191                         i++;
 192                         }while(i<2 && !result); // Try once more to check if this can be passed. AAF has some issues.
 193                 return result;*/
 194                         return true;
 195                 }
 196
 197                 /*private boolean setUpAAF(){
 198                     try {
 199                     aafCon = new AAFConDME2(access);
 200                     aafLurPerm = aafCon.newLur();//new AAFLurPerm(aafCon);
 201                     aafAuthn = aafCon.newAuthn(aafLurPerm);//new AAFAuthn(aafCon, aafLurPerm);
 202                     return true;
 203                 } catch (Exception e) {
 204                     LOGGER.error("Error while creating Connection " + e.getMessage());
 205                     return false;
 206                 }
 207                 }*/
 208 }