2 * ============LICENSE_START========================================================================
\r
3 * ONAP : tr-069-adapter
\r
4 * =================================================================================================
\r
5 * Copyright (C) 2020 CommScope Inc Intellectual Property.
\r
6 * =================================================================================================
\r
7 * This tr-069-adapter software file is distributed by CommScope Inc under the Apache License,
\r
8 * Version 2.0 (the "License"); you may not use this file except in compliance with the License. You
\r
9 * may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
\r
14 * either express or implied. See the License for the specific language governing permissions and
\r
15 * limitations under the License.
\r
16 * ===============LICENSE_END=======================================================================
\r
19 package org.commscope.tr069adapter.acs.cpe.handler;
\r
22 import java.nio.charset.StandardCharsets;
\r
23 import java.util.Base64;
\r
25 import org.commscope.tr069adapter.acs.common.dto.DeviceData;
\r
26 import org.commscope.tr069adapter.acs.cpe.rpc.Inform;
\r
27 import org.commscope.tr069adapter.acs.cpe.utils.FactorySrvcDependencyConfig;
\r
28 import org.slf4j.Logger;
\r
29 import org.slf4j.LoggerFactory;
\r
30 import org.springframework.beans.factory.annotation.Autowired;
\r
31 import org.springframework.beans.factory.annotation.Value;
\r
32 import org.springframework.http.ResponseEntity;
\r
33 import org.springframework.stereotype.Component;
\r
34 import org.springframework.web.client.RestTemplate;
\r
37 public class DeviceValidator {
\r
39 private static final Logger logger = LoggerFactory.getLogger(DeviceValidator.class);
\r
42 FactorySrvcDependencyConfig factorySrvcDependencyConfig;
\r
45 RestTemplate restTemplate;
\r
47 @Value("${config.isDeviceAuthorizationEnabled:true}")
\r
48 private boolean isDeviceAuthorizationEnabled;
\r
50 public void setFactorySrvcDependencyConfig(
\r
51 FactorySrvcDependencyConfig factorySrvcDependencyConfig) {
\r
52 this.factorySrvcDependencyConfig = factorySrvcDependencyConfig;
\r
57 * @param authorization
\r
60 public Boolean isDeviceAuthorized(Inform inform, String authorization) {
\r
61 if(!isDeviceAuthorizationEnabled){
\r
62 logger.debug("Device authentication is not needed here. Hence always authorizing.");
\r
65 if (authorization == null) {
\r
66 logger.debug("HTTP Challenge failed as Authorization header does not exist");
\r
70 Boolean isAuthorized = true;
\r
71 if (authorization.toLowerCase().startsWith("basic")) {
\r
72 isAuthorized = performBasicAuthentication(inform, authorization);
\r
73 } else if (authorization.toLowerCase().startsWith("digest")) {
\r
74 isAuthorized = performDigestAuthentication(inform, authorization);
\r
77 return isAuthorized;
\r
86 public Boolean validateDevice(String deviceId, String oui, String pc) {
\r
87 if (oui == null || pc == null) {
\r
89 "OUI or Product Class cannot be null, Device has not sent the OUI or Product class in the Inform!");
\r
93 Boolean isValid = true;
\r
95 if (factorySrvcDependencyConfig.getDeviceValidationURL() == null) {
\r
97 "Device Validation URL is not configured, hence not performing device validation against factory data");
\r
101 DeviceData deviceData = new DeviceData();
\r
102 deviceData.setSerialNumber(deviceId);
\r
103 deviceData.setOui(oui);
\r
104 deviceData.setProductClass(pc);
\r
105 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
106 factorySrvcDependencyConfig.getDeviceValidationURL(), deviceData, Boolean.class);
\r
107 isValid = restResponse.getBody();
\r
108 logger.debug("Is Device valid : {}", isValid);
\r
109 } catch (Exception e) {
\r
110 logger.error("An error occurred while validating the device with Factory data, Reason: {}",
\r
120 * @param authorization
\r
123 private Boolean performBasicAuthentication(Inform inform, String authorization) {
\r
124 Boolean isAuthorized = false;
\r
125 // Authorization: Basic base64credentials
\r
126 String base64Credentials = authorization.substring("Basic".length()).trim();
\r
127 logger.debug("Authorizing by basic authentication");
\r
128 DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), base64Credentials);
\r
130 logger.debug("Doing authentication from rest service: {}",
\r
131 factorySrvcDependencyConfig.getBasicAuthorizationURL());
\r
133 if (factorySrvcDependencyConfig.getBasicAuthorizationURL() == null) {
\r
135 "Device Basic Authentication URL is not configured, hence not performing device authentication against factory data");
\r
136 isAuthorized = true;
\r
138 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
139 factorySrvcDependencyConfig.getBasicAuthorizationURL(), deviceData, Boolean.class);
\r
140 isAuthorized = restResponse.getBody();
\r
141 if (isAuthorized.booleanValue()) {
\r
142 logger.debug("Updating the username and password");
\r
143 byte[] credDecoded = Base64.getDecoder().decode(base64Credentials);
\r
144 String credentials = new String(credDecoded, StandardCharsets.UTF_8);
\r
145 // credentials = username:password
\r
146 final String[] values = credentials.split(":", 2);
\r
147 inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestUsername",
\r
149 inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestPassword",
\r
153 } catch (Exception e) {
\r
154 logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());
\r
157 return isAuthorized;
\r
162 * @param authorization
\r
165 private Boolean performDigestAuthentication(Inform inform, String authorization) {
\r
166 Boolean isAuthorized = false;
\r
167 // Authorization: Basic base64credentials
\r
168 String authenticationString = authorization.substring("Digest".length()).trim();
\r
169 logger.debug("Authorizing by digest authentication");
\r
170 DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), authenticationString);
\r
172 logger.debug("Doing authentication from rest service: {}",
\r
173 factorySrvcDependencyConfig.getDigestAuthorizationURL());
\r
175 if (factorySrvcDependencyConfig.getDigestAuthorizationURL() == null) {
\r
177 "Device Digest Authentication URL is not configured, hence not performing device authentication against factory data");
\r
178 isAuthorized = true;
\r
180 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
181 factorySrvcDependencyConfig.getDigestAuthorizationURL(), deviceData, Boolean.class);
\r
182 isAuthorized = restResponse.getBody();
\r
184 } catch (Exception e) {
\r
185 logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());
\r
188 return isAuthorized;
\r
192 * @param serialNumber
\r
193 * @param base64Credentials
\r
196 private DeviceData buildAuthorizationRequest(String serialNumber, String base64Credentials) {
\r
197 DeviceData deviceData = new DeviceData();
\r
198 deviceData.setSerialNumber(serialNumber);
\r
199 deviceData.setAutenticationString(base64Credentials);
\r