--- /dev/null
+/*\r
+ * ============LICENSE_START========================================================================\r
+ * ONAP : tr-069-adapter\r
+ * =================================================================================================\r
+ * Copyright (C) 2020 CommScope Inc Intellectual Property.\r
+ * =================================================================================================\r
+ * This tr-069-adapter software file is distributed by CommScope Inc under the Apache License,\r
+ * Version 2.0 (the "License"); you may not use this file except in compliance with the License. You\r
+ * may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,\r
+ * either express or implied. See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ * ===============LICENSE_END=======================================================================\r
+ */\r
+\r
+package org.commscope.tr069adapter.acs.cpe.handler;\r
+\r
+import java.nio.charset.StandardCharsets;\r
+import java.util.Base64;\r
+\r
+import org.commscope.tr069adapter.acs.common.dto.DeviceData;\r
+import org.commscope.tr069adapter.acs.cpe.rpc.Inform;\r
+import org.commscope.tr069adapter.acs.cpe.utils.FactorySrvcDependencyConfig;\r
+import org.slf4j.Logger;\r
+import org.slf4j.LoggerFactory;\r
+import org.springframework.beans.factory.annotation.Autowired;\r
+import org.springframework.http.ResponseEntity;\r
+import org.springframework.stereotype.Component;\r
+import org.springframework.web.client.RestTemplate;\r
+\r
+@Component\r
+public class DeviceValidator {\r
+\r
+ private static final Logger logger = LoggerFactory.getLogger(DeviceValidator.class);\r
+\r
+ @Autowired\r
+ FactorySrvcDependencyConfig factorySrvcDependencyConfig;\r
+\r
+ @Autowired\r
+ RestTemplate restTemplate;\r
+\r
+ public void setFactorySrvcDependencyConfig(\r
+ FactorySrvcDependencyConfig factorySrvcDependencyConfig) {\r
+ this.factorySrvcDependencyConfig = factorySrvcDependencyConfig;\r
+ }\r
+\r
+ /**\r
+ * @param inform\r
+ * @param authorization\r
+ * @return\r
+ */\r
+ public Boolean isDeviceAuthorized(Inform inform, String authorization) {\r
+ if (authorization == null) {\r
+ logger.debug("HTTP Challenge failed as Authorization header does not exist");\r
+ return false;\r
+ }\r
+\r
+ Boolean isAuthorized = true;\r
+ if (authorization.toLowerCase().startsWith("basic")) {\r
+ isAuthorized = performBasicAuthentication(inform, authorization);\r
+ } else if (authorization.toLowerCase().startsWith("digest")) {\r
+ isAuthorized = performDigestAuthentication(inform, authorization);\r
+ }\r
+\r
+ return isAuthorized;\r
+ }\r
+\r
+ /**\r
+ * @param deviceId\r
+ * @param oui\r
+ * @param pc\r
+ * @return\r
+ */\r
+ public Boolean validateDevice(String deviceId, String oui, String pc) {\r
+ if (oui == null || pc == null) {\r
+ logger.error(\r
+ "OUI or Product Class cannot be null, Device has not sent the OUI or Product class in the Inform!");\r
+ return false;\r
+ }\r
+\r
+ Boolean isValid = true;\r
+ try {\r
+ if (factorySrvcDependencyConfig.getDeviceValidationURL() == null) {\r
+ logger.debug(\r
+ "Device Validation URL is not configured, hence not performing device validation against factory data");\r
+ return isValid;\r
+ }\r
+\r
+ DeviceData deviceData = new DeviceData();\r
+ deviceData.setSerialNumber(deviceId);\r
+ deviceData.setOui(oui);\r
+ deviceData.setProductClass(pc);\r
+ ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(\r
+ factorySrvcDependencyConfig.getDeviceValidationURL(), deviceData, Boolean.class);\r
+ isValid = restResponse.getBody();\r
+ logger.debug("Is Device valid : {}", isValid);\r
+ } catch (Exception e) {\r
+ logger.error("An error occurred while validating the device with Factory data, Reason: {}",\r
+ e.getMessage());\r
+ isValid = false;\r
+ }\r
+\r
+ return isValid;\r
+ }\r
+\r
+ /**\r
+ * @param inform\r
+ * @param authorization\r
+ * @return\r
+ */\r
+ private Boolean performBasicAuthentication(Inform inform, String authorization) {\r
+ Boolean isAuthorized = false;\r
+ // Authorization: Basic base64credentials\r
+ String base64Credentials = authorization.substring("Basic".length()).trim();\r
+ logger.debug("Authorizing by basic authentication");\r
+ DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), base64Credentials);\r
+\r
+ logger.debug("Doing authentication from rest service: {}",\r
+ factorySrvcDependencyConfig.getBasicAuthorizationURL());\r
+ try {\r
+ if (factorySrvcDependencyConfig.getBasicAuthorizationURL() == null) {\r
+ logger.debug(\r
+ "Device Basic Authentication URL is not configured, hence not performing device authentication against factory data");\r
+ isAuthorized = true;\r
+ } else {\r
+ ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(\r
+ factorySrvcDependencyConfig.getBasicAuthorizationURL(), deviceData, Boolean.class);\r
+ isAuthorized = restResponse.getBody();\r
+ if (isAuthorized.booleanValue()) {\r
+ logger.debug("Updating the username and password");\r
+ byte[] credDecoded = Base64.getDecoder().decode(base64Credentials);\r
+ String credentials = new String(credDecoded, StandardCharsets.UTF_8);\r
+ // credentials = username:password\r
+ final String[] values = credentials.split(":", 2);\r
+ inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestUsername",\r
+ values[0]);\r
+ inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestPassword",\r
+ values[1]);\r
+ }\r
+ }\r
+ } catch (Exception e) {\r
+ logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());\r
+ }\r
+\r
+ return isAuthorized;\r
+ }\r
+\r
+ /**\r
+ * @param inform\r
+ * @param authorization\r
+ * @return\r
+ */\r
+ private Boolean performDigestAuthentication(Inform inform, String authorization) {\r
+ Boolean isAuthorized = false;\r
+ // Authorization: Basic base64credentials\r
+ String authenticationString = authorization.substring("Digest".length()).trim();\r
+ logger.debug("Authorizing by digest authentication");\r
+ DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), authenticationString);\r
+\r
+ logger.debug("Doing authentication from rest service: {}",\r
+ factorySrvcDependencyConfig.getDigestAuthorizationURL());\r
+ try {\r
+ if (factorySrvcDependencyConfig.getDigestAuthorizationURL() == null) {\r
+ logger.debug(\r
+ "Device Digest Authentication URL is not configured, hence not performing device authentication against factory data");\r
+ isAuthorized = true;\r
+ } else {\r
+ ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(\r
+ factorySrvcDependencyConfig.getDigestAuthorizationURL(), deviceData, Boolean.class);\r
+ isAuthorized = restResponse.getBody();\r
+ }\r
+ } catch (Exception e) {\r
+ logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());\r
+ }\r
+\r
+ return isAuthorized;\r
+ }\r
+\r
+ /**\r
+ * @param serialNumber\r
+ * @param base64Credentials\r
+ * @return\r
+ */\r
+ private DeviceData buildAuthorizationRequest(String serialNumber, String base64Credentials) {\r
+ DeviceData deviceData = new DeviceData();\r
+ deviceData.setSerialNumber(serialNumber);\r
+ deviceData.setAutenticationString(base64Credentials);\r
+ return deviceData;\r
+ }\r
+}\r