2 * ============LICENSE_START========================================================================
\r
3 * ONAP : tr-069-adapter
\r
4 * =================================================================================================
\r
5 * Copyright (C) 2020 CommScope Inc Intellectual Property.
\r
6 * =================================================================================================
\r
7 * This tr-069-adapter software file is distributed by CommScope Inc under the Apache License,
\r
8 * Version 2.0 (the "License"); you may not use this file except in compliance with the License. You
\r
9 * may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
\r
14 * either express or implied. See the License for the specific language governing permissions and
\r
15 * limitations under the License.
\r
16 * ===============LICENSE_END=======================================================================
\r
19 package org.commscope.tr069adapter.acs.cpe.handler;
\r
21 import java.nio.charset.StandardCharsets;
\r
22 import java.util.Base64;
\r
24 import org.commscope.tr069adapter.acs.common.dto.DeviceData;
\r
25 import org.commscope.tr069adapter.acs.cpe.rpc.Inform;
\r
26 import org.commscope.tr069adapter.acs.cpe.utils.FactorySrvcDependencyConfig;
\r
27 import org.slf4j.Logger;
\r
28 import org.slf4j.LoggerFactory;
\r
29 import org.springframework.beans.factory.annotation.Autowired;
\r
30 import org.springframework.http.ResponseEntity;
\r
31 import org.springframework.stereotype.Component;
\r
32 import org.springframework.web.client.RestTemplate;
\r
35 public class DeviceValidator {
\r
37 private static final Logger logger = LoggerFactory.getLogger(DeviceValidator.class);
\r
40 FactorySrvcDependencyConfig factorySrvcDependencyConfig;
\r
43 RestTemplate restTemplate;
\r
45 public void setFactorySrvcDependencyConfig(
\r
46 FactorySrvcDependencyConfig factorySrvcDependencyConfig) {
\r
47 this.factorySrvcDependencyConfig = factorySrvcDependencyConfig;
\r
52 * @param authorization
\r
55 public Boolean isDeviceAuthorized(Inform inform, String authorization) {
\r
56 if (authorization == null) {
\r
57 logger.debug("HTTP Challenge failed as Authorization header does not exist");
\r
61 Boolean isAuthorized = true;
\r
62 if (authorization.toLowerCase().startsWith("basic")) {
\r
63 isAuthorized = performBasicAuthentication(inform, authorization);
\r
64 } else if (authorization.toLowerCase().startsWith("digest")) {
\r
65 isAuthorized = performDigestAuthentication(inform, authorization);
\r
68 return isAuthorized;
\r
77 public Boolean validateDevice(String deviceId, String oui, String pc) {
\r
78 if (oui == null || pc == null) {
\r
80 "OUI or Product Class cannot be null, Device has not sent the OUI or Product class in the Inform!");
\r
84 Boolean isValid = true;
\r
86 if (factorySrvcDependencyConfig.getDeviceValidationURL() == null) {
\r
88 "Device Validation URL is not configured, hence not performing device validation against factory data");
\r
92 DeviceData deviceData = new DeviceData();
\r
93 deviceData.setSerialNumber(deviceId);
\r
94 deviceData.setOui(oui);
\r
95 deviceData.setProductClass(pc);
\r
96 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
97 factorySrvcDependencyConfig.getDeviceValidationURL(), deviceData, Boolean.class);
\r
98 isValid = restResponse.getBody();
\r
99 logger.debug("Is Device valid : {}", isValid);
\r
100 } catch (Exception e) {
\r
101 logger.error("An error occurred while validating the device with Factory data, Reason: {}",
\r
111 * @param authorization
\r
114 private Boolean performBasicAuthentication(Inform inform, String authorization) {
\r
115 Boolean isAuthorized = false;
\r
116 // Authorization: Basic base64credentials
\r
117 String base64Credentials = authorization.substring("Basic".length()).trim();
\r
118 logger.debug("Authorizing by basic authentication");
\r
119 DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), base64Credentials);
\r
121 logger.debug("Doing authentication from rest service: {}",
\r
122 factorySrvcDependencyConfig.getBasicAuthorizationURL());
\r
124 if (factorySrvcDependencyConfig.getBasicAuthorizationURL() == null) {
\r
126 "Device Basic Authentication URL is not configured, hence not performing device authentication against factory data");
\r
127 isAuthorized = true;
\r
129 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
130 factorySrvcDependencyConfig.getBasicAuthorizationURL(), deviceData, Boolean.class);
\r
131 isAuthorized = restResponse.getBody();
\r
132 if (isAuthorized.booleanValue()) {
\r
133 logger.debug("Updating the username and password");
\r
134 byte[] credDecoded = Base64.getDecoder().decode(base64Credentials);
\r
135 String credentials = new String(credDecoded, StandardCharsets.UTF_8);
\r
136 // credentials = username:password
\r
137 final String[] values = credentials.split(":", 2);
\r
138 inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestUsername",
\r
140 inform.getParams().put(inform.getRoot() + ".ManagementServer.ConnectionRequestPassword",
\r
144 } catch (Exception e) {
\r
145 logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());
\r
148 return isAuthorized;
\r
153 * @param authorization
\r
156 private Boolean performDigestAuthentication(Inform inform, String authorization) {
\r
157 Boolean isAuthorized = false;
\r
158 // Authorization: Basic base64credentials
\r
159 String authenticationString = authorization.substring("Digest".length()).trim();
\r
160 logger.debug("Authorizing by digest authentication");
\r
161 DeviceData deviceData = buildAuthorizationRequest(inform.getSn(), authenticationString);
\r
163 logger.debug("Doing authentication from rest service: {}",
\r
164 factorySrvcDependencyConfig.getDigestAuthorizationURL());
\r
166 if (factorySrvcDependencyConfig.getDigestAuthorizationURL() == null) {
\r
168 "Device Digest Authentication URL is not configured, hence not performing device authentication against factory data");
\r
169 isAuthorized = true;
\r
171 ResponseEntity<Boolean> restResponse = restTemplate.postForEntity(
\r
172 factorySrvcDependencyConfig.getDigestAuthorizationURL(), deviceData, Boolean.class);
\r
173 isAuthorized = restResponse.getBody();
\r
175 } catch (Exception e) {
\r
176 logger.error("Unable to authenticate the HTTP request, Reason: {}", e.getMessage());
\r
179 return isAuthorized;
\r
183 * @param serialNumber
\r
184 * @param base64Credentials
\r
187 private DeviceData buildAuthorizationRequest(String serialNumber, String base64Credentials) {
\r
188 DeviceData deviceData = new DeviceData();
\r
189 deviceData.setSerialNumber(serialNumber);
\r
190 deviceData.setAutenticationString(base64Credentials);
\r