webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/portalapi/PortalAuthManager.java

   1 /*-
   2  * ========================LICENSE_START=================================
   3  * O-RAN-SC
   4  * %%
   5  * Copyright (C) 2019 AT&T Intellectual Property and Nokia
   6  * %%
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ========================LICENSE_END===================================
  19  */
  20 package org.oransc.ric.portal.dashboard.portalapi;
  21
  22 import java.lang.invoke.MethodHandles;
  23 import java.lang.reflect.InvocationTargetException;
  24 import java.util.HashMap;
  25 import java.util.Map;
  26
  27 import javax.servlet.http.Cookie;
  28 import javax.servlet.http.HttpServletRequest;
  29
  30 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
  31 import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
  32 import org.slf4j.Logger;
  33 import org.slf4j.LoggerFactory;
  34
  35 /**
  36  * Provides services to authenticate requests from/to ONAP Portal.
  37  */
  38 public class PortalAuthManager {
  39
  40         private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
  41
  42         final Map<String, String> credentialsMap;
  43         private final IPortalSdkDecryptor portalSdkDecryptor;
  44         private final String userIdCookieName;
  45
  46         public PortalAuthManager(final String appName, final String username, final String password,
  47                         final String decryptorClassName, final String userCookie)
  48                         throws ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException,
  49                         InvocationTargetException, NoSuchMethodException, SecurityException {
  50                 credentialsMap = new HashMap<>();
  51                 // The map keys are hardcoded in EPSDK-FW, no constants are defined :(
  52                 credentialsMap.put("appName", appName);
  53                 credentialsMap.put("username", username);
  54                 credentialsMap.put("password", password);
  55                 this.userIdCookieName = userCookie;
  56                 // Instantiate here so configuration errors are detected at app-start time
  57                 logger.debug("ctor: using decryptor class {}", decryptorClassName);
  58                 Class<?> decryptorClass = Class.forName(decryptorClassName);
  59                 portalSdkDecryptor = (IPortalSdkDecryptor) decryptorClass.getDeclaredConstructor().newInstance();
  60         }
  61
  62         /**
  63          * @return A map of key-value pairs with application name, user name and
  64          *         password.
  65          */
  66         public Map<String, String> getAppCredentials() {
  67                 return credentialsMap;
  68         }
  69
  70         /**
  71          * Searches the request for a cookie with the specified name.
  72          *
  73          * @param request
  74          *                       HttpServletRequest
  75          * @param cookieName
  76          *                       Cookie name
  77          * @return Cookie, or null if not found.
  78          */
  79         private Cookie getCookie(HttpServletRequest request, String cookieName) {
  80                 Cookie[] cookies = request.getCookies();
  81                 if (cookies != null)
  82                         for (Cookie cookie : cookies)
  83                                 if (cookie.getName().equals(cookieName))
  84                                         return cookie;
  85                 return null;
  86         }
  87
  88         /**
  89          * Validates whether the ECOMP Portal sign-on process has completed. Checks for
  90          * the ECOMP cookie first, then the user cookie.
  91          *
  92          * @param request
  93          *                    HttpServletRequest
  94          * @return User ID if the ECOMP cookie is present and the sign-on process
  95          *         established a user ID; else null.
  96          */
  97         public String valdiateEcompSso(HttpServletRequest request) {
  98                 // Check ECOMP Portal cookie
  99                 Cookie ep = getCookie(request, PortalApiConstants.EP_SERVICE);
 100                 if (ep == null) {
 101                         logger.debug("valdiateEcompSso: cookie not found: {}", PortalApiConstants.EP_SERVICE);
 102                         return null;
 103                 }
 104                 logger.trace("validateEcompSso: found cookie {}", PortalApiConstants.EP_SERVICE);
 105                 Cookie user = getCookie(request, userIdCookieName);
 106                 if (user == null) {
 107                         logger.debug("valdiateEcompSso: cookie not found: {}", userIdCookieName);
 108                         return null;
 109                 }
 110                 logger.trace("validateEcompSso: user cookie {}", userIdCookieName);
 111                 String userid = null;
 112                 try {
 113                         userid = portalSdkDecryptor.decrypt(user.getValue());
 114                 } catch (CipherUtilException e) {
 115                         throw new IllegalArgumentException("valdiateEcompSso failed", e);
 116                 }
 117                 return userid;
 118         }
 119
 120 }