2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.service.sessionmgt;
40 import java.io.BufferedReader;
41 import java.io.InputStreamReader;
42 import java.net.HttpURLConnection;
44 import java.util.Base64;
45 import java.util.HashMap;
47 import java.util.UUID;
49 import javax.servlet.http.HttpServletResponse;
51 import org.onap.portalapp.portal.domain.EPApp;
52 import org.onap.portalapp.portal.logging.aop.EPAuditLog;
53 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
54 import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
55 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
56 import org.onap.portalapp.portal.service.AppsCacheService;
57 import org.onap.portalapp.portal.transport.OnboardingApp;
58 import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
59 import org.onap.portalapp.portal.utils.EcompPortalUtils;
60 import org.onap.portalapp.util.SystemType;
61 import org.onap.portalsdk.core.exception.UrlAccessRestrictedException;
62 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
63 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
64 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
65 import org.onap.portalsdk.core.util.SystemProperties;
67 import org.springframework.beans.factory.annotation.Autowired;
68 import org.springframework.context.annotation.EnableAspectJAutoProxy;
69 import org.springframework.stereotype.Service;
70 import org.apache.commons.lang.StringUtils;
72 import com.att.eelf.configuration.Configuration;
74 @Service("sessionCommunication")
75 @org.springframework.context.annotation.Configuration
76 @EnableAspectJAutoProxy
77 public class SessionCommunication {
78 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCommunication.class);
80 private AppsCacheService appsCacheService;
82 private static final String BASIC_AUTHENTICATION_HEADER = "Authorization";
85 public String sendGet(OnboardingApp app) throws Exception {
86 String appResponse = "";
89 if (app != null && app.name != null && app.name != "") {
92 String url = app.restUrl + "/sessionTimeOuts";
93 String encriptedPwdDB = app.appPassword;
94 String appUserName = app.username;
96 setLocalMDCContext(app, "/sessionTimeOuts", url);
98 URL obj = new URL(url);
100 HttpURLConnection con = (HttpURLConnection) obj.openConnection();
102 // optional default is GET
103 con.setRequestMethod("GET");
104 con.setConnectTimeout(3000);
105 con.setReadTimeout(8000);
106 // add request header
107 Map<String,String> headers = getHeaders(app);
108 appUserName =headers.get("username");
109 encriptedPwdDB = headers.get("password");
111 con.setRequestProperty("username", appUserName);
112 con.setRequestProperty("password", encriptedPwdDB);
115 String encoding = Base64.getEncoder().encodeToString((appUserName + ":" + encriptedPwdDB).getBytes());
116 String encodingStr = "Basic " + encoding;
117 con.setRequestProperty(BASIC_AUTHENTICATION_HEADER, encodingStr);
120 responseCode = con.getResponseCode();
121 logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode);
123 BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()));
125 StringBuffer response = new StringBuffer();
127 while ((inputLine = in.readLine()) != null) {
128 response.append(inputLine);
132 appResponse = response.toString();
133 } catch (UrlAccessRestrictedException e) {
134 responseCode = HttpServletResponse.SC_UNAUTHORIZED;
135 logger.error(EELFLoggerDelegate.errorLogger, String.format(
136 "SessionCommunication.sendGet received an un-authorized exception. AppName: %s", appName));
137 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e);
138 } catch (Exception e) {
139 responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
140 String message = String.format(
141 "SessionCommunication.sendGet encountered an Exception. AppName: %s, Details: %s", appName,
143 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e);
144 logger.error(EELFLoggerDelegate.errorLogger, message, e);
146 EcompPortalUtils.setExternalAppResponseCode(responseCode);
149 logger.error(EELFLoggerDelegate.errorLogger, "SessionCommunication sendGet: app is null");
155 public Boolean pingSession(OnboardingApp app, String sessionTimeoutMap) throws Exception {
157 int responseCode = 0;
160 throw new Exception("SessionCommunication.pingSession: app is null");
161 if (app != null && app.name != null && app.name != "") {
164 String url = app.restUrl + "/updateSessionTimeOuts";
165 String encriptedPwdDB = app.appPassword;
166 String appUserName = app.username;
168 setLocalMDCContext(app, "/updateSessionTimeOuts", url);
170 URL obj = new URL(url);
172 HttpURLConnection con = (HttpURLConnection) obj.openConnection();
174 // optional default is GET
175 con.setRequestMethod("POST");
176 con.setConnectTimeout(3000);
177 con.setReadTimeout(15000);
179 Map<String,String> headers = getHeaders(app);
180 appUserName =headers.get("username");
181 encriptedPwdDB = headers.get("password");
183 con.setRequestProperty("username", appUserName);
184 con.setRequestProperty("password", encriptedPwdDB);
186 String encoding = Base64.getEncoder().encodeToString((appUserName + ":" + encriptedPwdDB).getBytes());
187 String encodingStr = "Basic " + encoding;
188 con.setRequestProperty(BASIC_AUTHENTICATION_HEADER, encodingStr);
190 con.setRequestProperty("sessionMap", sessionTimeoutMap);
191 con.setDoInput(true);
192 con.setDoOutput(true);
193 con.getOutputStream().write(sessionTimeoutMap.getBytes());
194 con.getOutputStream().flush();
195 con.getOutputStream().close();
197 responseCode = con.getResponseCode();
198 logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode);
199 } catch (UrlAccessRestrictedException e) {
200 responseCode = HttpServletResponse.SC_UNAUTHORIZED;
201 String message = String.format(
202 "SessionCommunication.pingSession received an un-authorized exception. AppName: %s", appName);
203 logger.error(EELFLoggerDelegate.errorLogger, message);
204 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e);
205 } catch (Exception e) {
206 responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
207 String message = String.format(
208 "SessionCommunication.pingSession encountered an Exception. AppName: %s, Details: %s", appName, e.toString());
209 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e);
210 logger.error(EELFLoggerDelegate.errorLogger, message, e);
212 EcompPortalUtils.setExternalAppResponseCode(responseCode);
219 public Boolean timeoutSession(OnboardingApp app, String portalJSessionId) throws Exception {
220 String appName = "Unknwon";
221 int responseCode = 0;
222 if (app != null && app.name != null && app.name != "") {
225 String url = app.restUrl + "/timeoutSession" + "?portalJSessionId=" + portalJSessionId;
227 String encriptedPwdDB = app.appPassword;
228 String appUserName = app.username;
229 // String decreptedPwd = CipherUtil.decrypt(encriptedPwdDB,
230 // SystemProperties.getProperty(SystemProperties.Decryption_Key));
232 setLocalMDCContext(app, "/timeoutSession", url);
234 URL obj = new URL(url);
235 HttpURLConnection con = (HttpURLConnection) obj.openConnection();
237 // optional default is GET
238 con.setRequestMethod("POST");
239 con.setConnectTimeout(3000);
240 con.setReadTimeout(15000);
242 Map<String,String> headers = getHeaders(app);
243 appUserName =headers.get("username");
244 encriptedPwdDB = headers.get("password");
246 con.setRequestProperty("username", appUserName);
247 con.setRequestProperty("password", encriptedPwdDB);
249 String encoding = Base64.getEncoder().encodeToString((appUserName + ":" + encriptedPwdDB).getBytes());
250 String encodingStr = "Basic " + encoding;
251 con.setRequestProperty(BASIC_AUTHENTICATION_HEADER, encodingStr);
253 con.setDoInput(true);
254 con.setDoOutput(true);
255 con.getOutputStream().flush();
256 con.getOutputStream().close();
258 responseCode = con.getResponseCode();
259 logger.debug(EELFLoggerDelegate.debugLogger, "Response Code : " + responseCode);
260 } catch (UrlAccessRestrictedException e) {
261 responseCode = HttpServletResponse.SC_UNAUTHORIZED;
262 String message = String.format(
263 "SessionCommunication.timeoutSession received an un-authorized exception. AppName: %s",
265 logger.error(EELFLoggerDelegate.errorLogger, message);
266 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiAuthenticationError, e);
267 } catch (Exception e) {
268 responseCode = HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
269 String message = String.format(
270 "SessionCommunication.timeoutSession encountered an Exception. AppName: %s, Details: %s",
271 appName, e.toString());
272 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHttpConnectionError, e);
273 logger.error(EELFLoggerDelegate.errorLogger, message, e);
275 EcompPortalUtils.setExternalAppResponseCode(responseCode);
278 logger.error(EELFLoggerDelegate.errorLogger, "SessionCommunication pingSession: app is null");
284 private void setLocalMDCContext(OnboardingApp app, String restPath, String url) {
286 MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP);
287 if (url != null && url.contains("https")) {
288 MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS);
290 MDC.put(EPCommonSystemProperties.FULL_URL, url);
291 MDC.put(EPCommonSystemProperties.TARGET_ENTITY, app.myLoginsAppName);
292 MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
296 * Generates request id, service name fields and loads them into MDC, as these
297 * values could be empty as these session timeout requests are generated at
298 * scheduled intervals using quartz scheduler.
301 public void setRequestId() {
302 String requestId = MDC.get(Configuration.MDC_KEY_REQUEST_ID);
303 if (StringUtils.isEmpty(requestId)) {
304 MDC.put(Configuration.MDC_KEY_REQUEST_ID, UUID.randomUUID().toString());
307 MDC.put(Configuration.MDC_SERVICE_NAME, "/quartz/keepSessionAlive");
308 MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
312 * Remove the values from MDC as these requests are executed at regular
313 * intervals based on quartz rather incoming REST API requests.
318 public void clear(Boolean bAll) {
319 MDC.remove(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE);
321 MDC.remove(Configuration.MDC_KEY_REQUEST_ID);
322 MDC.remove(Configuration.MDC_SERVICE_NAME);
323 MDC.remove(EPCommonSystemProperties.PARTNER_NAME);
327 public Map<String,String> getHeaders(OnboardingApp app)
329 String encriptedPwdDB = "";
330 String appUserName = "";
333 Map<String,String> headersMap = new HashMap<>();
334 EPApp externalApp = null;
336 if(app.appPassword.isEmpty() || app.appPassword==null){
337 logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password contains null : {}");
338 externalApp = appsCacheService.getApp(1L);
339 logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}",externalApp);
341 String mechidUsername=externalApp.getUsername();
342 logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",mechidUsername);
344 String password=externalApp.getAppPassword();
345 String decreptedexternalAppPwd = StringUtils.EMPTY;
347 decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
348 SystemProperties.getProperty(SystemProperties.Decryption_Key));
349 } catch (CipherUtilException e) {
350 logger.error(EELFLoggerDelegate.errorLogger, "failed to decreptedexternalAppPwd when external app pwd is null", e);
353 appUserName =mechidUsername;
354 encriptedPwdDB = decreptedexternalAppPwd;
357 appUserName = app.username;
358 encriptedPwdDB = app.appPassword;
361 headersMap.put("username", appUserName);
362 headersMap.put("password", encriptedPwdDB);