2 * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
4 * Licensed under the Apache License, Version 2.0 (the "License"); you may
5 * not use this file except in compliance with the License. You may obtain
6 * a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13 * implied. See the License for the specific language governing
14 * permissions and limitations under the License.
17 package org.akraino.validation.ui.login;
19 import java.io.IOException;
20 import java.util.HashMap;
21 import java.util.List;
24 import javax.servlet.http.Cookie;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
28 import org.onap.portalsdk.core.auth.LoginStrategy;
29 import org.onap.portalsdk.core.command.LoginBean;
30 import org.onap.portalsdk.core.domain.RoleFunction;
31 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
32 import org.onap.portalsdk.core.menu.MenuProperties;
33 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
34 import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
35 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
36 import org.onap.portalsdk.core.service.LoginService;
37 import org.onap.portalsdk.core.service.RoleService;
38 import org.onap.portalsdk.core.util.SystemProperties;
39 import org.onap.portalsdk.core.web.support.UserUtils;
40 import org.springframework.beans.factory.annotation.Autowired;
41 import org.springframework.web.servlet.ModelAndView;
44 * Implements basic single-signon login strategy for open-source applications
45 * when users start at Portal. Extracts an encrypted user ID sent by Portal.
47 public class LoginStrategyImpl extends LoginStrategy {
49 private static final EELFLoggerDelegate LOGGER = EELFLoggerDelegate.getLogger(LoginStrategyImpl.class);
52 private RoleService roleService;
55 private LoginService loginService;
58 * login for open source is same as external login in the non-open-source
62 public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
63 invalidateExistingSession(request);
65 LoginBean commandBean = new LoginBean();
66 String loginId = request.getParameter("loginId");
67 String password = request.getParameter("password");
68 commandBean.setLoginId(loginId);
69 commandBean.setLoginPwd(password);
70 commandBean.setUserid(loginId);
71 commandBean = loginService.findUser(commandBean,
72 (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap());
73 List<RoleFunction> roleFunctionList = roleService.getRoleFunctions(loginId);
74 if (commandBean.getUser() == null || !CipherUtil
75 .decryptPKC(commandBean.getUser().getLoginPwd(), System.getenv("ENCRYPTION_KEY")).equals(password)) {
76 String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage()
77 : "login.error.external.invalid";
78 Map<String, String> model = new HashMap<>();
79 model.put("error", loginErrorMessage);
80 return new ModelAndView("login_external", "model", model);
82 // store the currently logged in user's information in the session
83 UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
84 commandBean.getBusinessDirectMenu(),
85 SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
86 initateSessionMgtHandler(request);
87 // user has been authenticated, now take them to the welcome page
88 return new ModelAndView("redirect:welcome.htm");
93 public ModelAndView doExternalLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
95 invalidateExistingSession(request);
97 LoginBean commandBean = new LoginBean();
98 String loginId = request.getParameter("loginId");
99 String password = request.getParameter("password");
100 commandBean.setLoginId(loginId);
101 commandBean.setLoginPwd(password);
102 commandBean.setUserid(loginId);
103 commandBean = loginService.findUser(commandBean,
104 (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap());
105 List<RoleFunction> roleFunctionList = roleService.getRoleFunctions(loginId);
108 if (commandBean.getUser() == null
109 || !CipherUtil.decryptPKC(commandBean.getUser().getLoginPwd(), System.getenv("ENCRYPTION_KEY"))
111 String loginErrorMessage = (commandBean.getLoginErrorMessage() != null)
112 ? commandBean.getLoginErrorMessage()
113 : "login.error.external.invalid";
114 Map<String, String> model = new HashMap<>();
115 model.put("error", loginErrorMessage);
116 return new ModelAndView("login_external", "model", model);
118 // store the currently logged in user's information in the session
119 UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
120 commandBean.getBusinessDirectMenu(),
121 SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
122 initateSessionMgtHandler(request);
123 // user has been authenticated, now take them to the welcome page
124 return new ModelAndView("redirect:welcome");
126 } catch (CipherUtilException e) {
127 LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e));
128 // store the currently logged in user's information in the session
129 UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
130 commandBean.getBusinessDirectMenu(),
131 SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
132 initateSessionMgtHandler(request);
133 // user has been authenticated, now take them to the welcome page
134 return new ModelAndView("redirect:welcome");
139 public String getUserId(HttpServletRequest request) throws PortalAPIException {
140 // Check ECOMP Portal cookie
141 Cookie ep = getCookie(request, EP_SERVICE);
143 LOGGER.debug(EELFLoggerDelegate.debugLogger, "getUserId: no EP_SERVICE cookie, returning null");
147 String userid = null;
149 userid = getUserIdFromCookie(request);
150 } catch (Exception e) {
151 LOGGER.error(EELFLoggerDelegate.errorLogger, "getUserId failed", e);
157 * Searches the request for the user-ID cookie and decrypts the value using a
158 * key configured in properties
160 * @param request HttpServletRequest
162 * @throws CipherUtilException On any failure to decrypt
164 private String getUserIdFromCookie(HttpServletRequest request) throws CipherUtilException {
166 Cookie userIdCookie = getCookie(request, USER_ID);
167 if (userIdCookie != null) {
168 final String cookieValue = userIdCookie.getValue();
169 if (!SystemProperties.containsProperty(SystemProperties.Decryption_Key))
170 throw new IllegalStateException("Failed to find property " + SystemProperties.Decryption_Key);
171 final String decryptionKey = SystemProperties.getProperty(SystemProperties.Decryption_Key);
172 userId = CipherUtil.decrypt(cookieValue, decryptionKey);
173 LOGGER.debug(EELFLoggerDelegate.debugLogger, "getUserIdFromCookie: decrypted as {}", userId);
179 * Searches the request for the named cookie.
181 * @param request HttpServletRequest
182 * @param cookieName Name of desired cookie
183 * @return Cookie if found; otherwise null.
185 private Cookie getCookie(HttpServletRequest request, String cookieName) {
186 Cookie[] cookies = request.getCookies();
188 for (Cookie cookie : cookies)
189 if (cookie.getName().equals(cookieName))