| Aharoni, Pavel (pa0916) | ca3cb01 | 2018-10-22 15:29:57 +0300 | [diff] [blame] | 1 | /*-
|
| 2 | * ============LICENSE_START=======================================================
|
| 3 | * OSAM
|
| 4 | * ================================================================================
|
| 5 | * Copyright (C) 2018 AT&T
|
| 6 | * ================================================================================
|
| 7 | * Licensed under the Apache License, Version 2.0 (the "License");
|
| 8 | * you may not use this file except in compliance with the License.
|
| 9 | * You may obtain a copy of the License at
|
| 10 | *
|
| 11 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 12 | *
|
| 13 | * Unless required by applicable law or agreed to in writing, software
|
| 14 | * distributed under the License is distributed on an "AS IS" BASIS,
|
| 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 16 | * See the License for the specific language governing permissions and
|
| 17 | * limitations under the License.
|
| 18 | * ============LICENSE_END=========================================================
|
| 19 | */
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 | package org.onap.portalapp.login;
|
| 25 |
|
| 26 | import javax.servlet.http.Cookie;
|
| 27 | import javax.servlet.http.HttpServletRequest;
|
| 28 | import javax.servlet.http.HttpServletResponse;
|
| 29 |
|
| 30 | import org.onap.portalsdk.core.auth.LoginStrategy;
|
| 31 | import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
|
| 32 | import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
|
| 33 | import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
|
| 34 | import org.onap.portalsdk.core.onboarding.util.CipherUtil;
|
| 35 | import org.onap.portalsdk.core.util.SystemProperties;
|
| 36 | import org.springframework.web.servlet.ModelAndView;
|
| 37 |
|
| 38 | /**
|
| 39 | * Implements basic single-signon login strategy for open-source applications
|
| 40 | * when users start at Portal. Extracts an encrypted user ID sent by Portal.
|
| 41 | */
|
| 42 | public class LoginStrategyImpl extends LoginStrategy {
|
| 43 |
|
| 44 | private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginStrategyImpl.class);
|
| 45 |
|
| 46 | /**
|
| 47 | * login for open source is same as external login in the non-open-source
|
| 48 | * version.
|
| 49 | */
|
| 50 | @Override
|
| 51 | public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
| 52 | return doExternalLogin(request, response);
|
| 53 | }
|
| 54 |
|
| 55 | @Override
|
| 56 | public String getUserId(HttpServletRequest request) throws PortalAPIException {
|
| 57 | // Check ECOMP Portal cookie
|
| 58 | Cookie ep = getCookie(request, EP_SERVICE);
|
| 59 | if (ep == null) {
|
| 60 | logger.debug(EELFLoggerDelegate.debugLogger, "getUserId: no EP_SERVICE cookie, returning null");
|
| 61 | return null;
|
| 62 | }
|
| 63 |
|
| 64 | String userid = null;
|
| 65 | try {
|
| 66 | userid = getUserIdFromCookie(request);
|
| 67 | } catch (Exception e) {
|
| 68 | logger.error(EELFLoggerDelegate.errorLogger, "getUserId failed", e);
|
| 69 | }
|
| 70 | return userid;
|
| 71 | }
|
| 72 |
|
| 73 | /**
|
| 74 | * Searches the request for the user-ID cookie and decrypts the value using a
|
| 75 | * key configured in properties
|
| 76 | *
|
| 77 | * @param request
|
| 78 | * HttpServletRequest
|
| 79 | * @return User ID
|
| 80 | * @throws CipherUtilException
|
| 81 | * On any failure to decrypt
|
| 82 | */
|
| 83 | private String getUserIdFromCookie(HttpServletRequest request) throws CipherUtilException {
|
| 84 | String userId = "";
|
| 85 | Cookie userIdCookie = getCookie(request, USER_ID);
|
| 86 | if (userIdCookie != null) {
|
| 87 | final String cookieValue = userIdCookie.getValue();
|
| 88 | if (!SystemProperties.containsProperty(SystemProperties.Decryption_Key))
|
| 89 | throw new IllegalStateException("Failed to find property " + SystemProperties.Decryption_Key);
|
| 90 | final String decryptionKey = SystemProperties.getProperty(SystemProperties.Decryption_Key);
|
| 91 | userId = CipherUtil.decrypt(cookieValue, decryptionKey);
|
| 92 | logger.debug(EELFLoggerDelegate.debugLogger, "getUserIdFromCookie: decrypted as {}", userId);
|
| 93 | }
|
| 94 | return userId;
|
| 95 | }
|
| 96 |
|
| 97 | /**
|
| 98 | * Searches the request for the named cookie.
|
| 99 | *
|
| 100 | * @param request
|
| 101 | * HttpServletRequest
|
| 102 | * @param cookieName
|
| 103 | * Name of desired cookie
|
| 104 | * @return Cookie if found; otherwise null.
|
| 105 | */
|
| 106 | private Cookie getCookie(HttpServletRequest request, String cookieName) {
|
| 107 | Cookie[] cookies = request.getCookies();
|
| 108 | if (cookies != null)
|
| 109 | for (Cookie cookie : cookies)
|
| 110 | if (cookie.getName().equals(cookieName))
|
| 111 | return cookie;
|
| 112 | return null;
|
| 113 | }
|
| 114 |
|
| 115 | }
|