java source code of StratosAuthorizingHandler

Project: product-private-paas (GitHub Link)

product-private-paas-master
- extensions
  - pom.xml
  - carbon
    - pom.xml
    - ppaas-membership-scheme
      - src
        main
        license
        LICENSE
        java
        org
        wso2
        carbon
        ppaas
        PrivatePaaSBasedMembershipScheme.java
        assembly
        bin.xml
      - pom.xml
      - README.md
    - kubernetes-membership-scheme
      - src
        main
        license
        LICENSE
        java
        org
        wso2
        carbon
        membership
        scheme
        kubernetes
        tcpforwarder
        TCPForwardServer.java
        ForwardThread.java
        ClientThread.java
        MesosBasedKubernetesMembershipScheme.java
        api
        KubernetesHttpsApiEndpoint.java
        KubernetesApiEndpoint.java
        KubernetesHttpApiEndpoint.java
        KubernetesMembershipSchemeConstants.java
        KubernetesMembershipScheme.java
        domain
        Subset.java
        Test.java
        Address.java
        Metadata.java
        Annotations.java
        Status.java
        Endpoints.java
        TargetRef.java
        Pod.java
        exceptions
        KubernetesMembershipSchemeException.java
        assembly
        bin.xml
        test
        resources
        log4j.properties
        java
        org
        wso2
        carbon
        membership
        scheme
        kubernetes
        test
        TCPForwardTestCase.java
        MockTCPServer.java
      - pom.xml
      - README.md
- pom.xml
- pull_request_template.md
- LICENSE
- components
  - pom.xml
  - org.wso2.ppaas.manager.console
    - console
      - applications.jag
      - wizard.jag
      - applications_form.jag
      - themes
        privatePaaS
        renderers
        configure.js
        applications.js
        applications_form.js
        login.js
        configure_form.js
        users_form.js
        users.js
        index.js
        wizard.js
        pages
        index.hbs
        login.hbs
        images
        topology
        ContextMenu
        avatar
        theme.js
        helpers
        applications_group_editor.js
        login_body.js
        applications_signup.js
        applications_view.js
        applications.js
        applications_form.js
        applications_deploy.js
        configure_form.js
        users_form.js
        applications_topology.js
        applications_editor.js
        wizard.js
        js
        dagre-v0.7.0
        dagre.min.js
        noty-2.2.9
        noty-2.2.9.js
        canvg
        canvg.js
        rgbcolor.js
        bootstrap-3.2.0
        bootstrap.min.js
        JSONEditor-0.7.12
        bootstrap-switch-3.0.2
        bootstrap-switch.min.js
        custom.js
        jsplumb-1.7.2
        dom.jsPlumb-1.7.2-min.js
        jquery-1.11.1
        jquery-1.11.1.min.js
        jquery.contextMenu
        jquery.ui.position.js
        jquery.contextMenu.js
        wizard
        custom.js
        custom
        script.js
        applications_group_editor.js
        applications-view.js
        applications-signup.js
        applications-editor.js
        applications_topology.js
        form.js
        applications-deploy.js
        d3js-v3
        d3.v3.min.js
        login
        login.js
        partials
        error_page.hbs
        login_body.hbs
        login_header.hbs
        applications_group_editor.hbs
        index_title.hbs
        users_form.hbs
        metro_menu.hbs
        applications_view.hbs
        applications_signup.hbs
        wizard.hbs
        index_header.hbs
        index_right_menu_log.hbs
        index_sub_header.hbs
        applications_form.hbs
        configure_form.hbs
        applications_topology.hbs
        index_right_menu_help.hbs
        applications.hbs
        index_left_menu.hbs
        applications_editor.hbs
        applications_deploy.hbs
        css
        web-fonts
        fonts
        cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
        k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
        DXI1ORHCpsQm3Vp6mXoaTXhCUOGz7vYGh680lGh-uXM.woff
        MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff
        open_sans.css
        font-mfizz-1.2
        font-mfizz.css
        font-mfizz.woff
        font-mfizz.eot
        font-mfizz.ttf
        LICENSE.txt
        font-awesome-4.2.0
        font-awesome.min.css
        fonts
        fontawesome-webfont.woff
        fontawesome-webfont.eot
        FontAwesome.otf
        fontawesome-webfont.ttf
        bootstrap-3.2.0
        bootstrap.min.css
        fonts
        glyphicons-halflings-regular.woff
        glyphicons-halflings-regular.eot
        glyphicons-halflings-regular.ttf
        glyphicons-halflings-regular.svg
        fontwso2-1.0
        fonts
        fontwso2.ttf
        fontwso2.svg
        fontwso2.eot
        fontwso2.woff
        css
        fontwso2.css
        fontwso2-extend.css
        bootstrap-switch-3.0.2
        bootstrap-switch.min.css
        jquery.contextMenu
        jquery.contextMenu.css
        custom.css
        wizard
        custom.css
        custom
        application_group_editor.css
        applications_deploy.css
        application_editor.css
        style.css
        topology.css
        applications_signup.css
      - index.jag
      - users.jag
      - LICENSE
      - app.js
      - config
        console.js
        console.json
      - controllers
        applications
        application_requests.jag
        application_getrequests.jag
        menu
        menu.json
        menu_generator.jag
        log
        console.jag
        configure
        configure_requests.jag
        users
        users_requests.jag
        forms
        default
        applications
        applications.json
        configure
        deployment-policies.json
        cartridge-groups.json
        application-policies.json
        autoscaling-policies.json
        kubernetes-clusters.json
        network-partitions.json
        cartridges.json
        users
        users.json
        tenants.json
        schema
        applications
        applications.json
        configure
        deployment-policies.json
        cartridge-groups.json
        application-policies.json
        autoscaling-policies.json
        kubernetes-clusters.json
        network-partitions.json
        cartridges.json
        users
        users.json
        tenants.json
        rest
        rest_calls.jag
        wizard
        wizard_requests.jag
        login
        validator.jag
        logout.jag
        login.jag
      - README.md
      - configure_form.jag
      - errorhtml
        error.html
        error-404.html
      - users_form.jag
      - configure.jag
      - login.jag
      - .gitignore
      - jaggery.conf
      - modules
        pinch.min.js
    - README.md
  - org.wso2.ppaas.python.cartridge.agent
    - src
      - main
        resources
        cloud-services-desc.xml
        python
        cartridge.agent
        cartridge.agent
        extensions
        bash
        MemberInitializedEvent.sh
        ApplicationSignUpRemovedEvent.sh
        MemberStartedEvent.sh
        CreateLVSDummyInterface.sh
        VolumeMount.sh
        MemberActivatedEvent.sh
        clean.sh
        DomainMappingAddedEvent.sh
        MemberSuspendedEvent.sh
        CopyArtifacts.sh
        DomainMappingRemovedEvent.sh
        ArtifactUpdatedEvent.sh
        MemberTerminatedEvent.sh
        CompleteTopologyEvent.sh
        InstanceStartedEvent.sh
        StartServers.sh
        CompleteTenantEvent.sh
        InstanceActivatedEvent.sh
        py
        ExtensionExecutor.yapsy-plugin
        ExtensionExecutor.py
        __init__.py
        config.py
        logpublisher.py
        terminator.txt
        entity.py
        httplogpublisher.py
        subscriber.py
        plugins
        DefaultHealthStatisticsReader.py
        DefaultArtifactCommit.py
        DefaultArtifactCheckout.py
        contracts.py
        BranchBasedArtifactCheckout.py
        DefaultArtifactCheckout.yapsy-plugin
        DefaultArtifactCommit.yapsy-plugin
        DefaultHealthStatisticsReader.yapsy-plugin
        __init__.py
        README.md
        BranchBasedArtifactCommit.py
        publisher.py
        constants.py
        __init__.py
        agent.py
        exception.py
        agent.conf
        healthstats.py
        modules
        artifactmgt
        repository.py
        __init__.py
        git
        agentgithandler.py
        __init__.py
        databridge
        __init__.py
        agent.py
        thrift
        publisher.py
        __init__.py
        thrift
        Thrift.py
        transport
        TTransport.py
        TSocket.py
        TSSLSocket.py
        THttpClient.py
        __init__.py
        TZlibTransport.py
        TTwisted.py
        TSCons.py
        __init__.py
        TSerialization.py
        protocol
        TCompactProtocol.py
        TJSONProtocol.py
        fastbinary.c
        TBase.py
        TProtocol.py
        __init__.py
        TBinaryProtocol.py
        server
        TProcessPoolServer.py
        TServer.py
        THttpServer.py
        __init__.py
        TNonblockingServer.py
        TTornado.py
        gen
        ThriftSecureEventTransmissionService
        ThriftSecureEventTransmissionService-remote
        constants.py
        __init__.py
        ThriftSecureEventTransmissionService.py
        ttypes.py
        Data
        constants.py
        __init__.py
        ttypes.py
        ThriftEventTransmissionService
        ThriftEventTransmissionService-remote
        constants.py
        ThriftEventTransmissionService.py
        __init__.py
        ttypes.py
        __init__.py
        Exception
        constants.py
        __init__.py
        ttypes.py
        util
        log.py
        cartridgeagentutils.py
        __init__.py
        asyncscheduledtask.py
        event
        eventhandler.py
        topology
        events.py
        __init__.py
        instance
        notifier
        events.py
        __init__.py
        __init__.py
        status
        events.py
        __init__.py
        application
        signup
        events.py
        __init__.py
        __init__.py
        tenant
        events.py
        __init__.py
        __init__.py
        domain
        mapping
        events.py
        __init__.py
        __init__.py
        __init__.py
        mdsclient.py
        logging.ini
        __init__.py
        tests
        test_events.py
        test_util.py
        __init__.py
        test_git.py
        conf
        complete_topology_event.json
        git
        simple_repo.json
        auth_repo2.json
        auth_repo.json
    - pom.xml
    - README.md
    - .gitignore
  - README.md
  - org.wso2.ppaas.manager.styles
    - src
      - main
        resources
        web
        styles
        images
        header-region-bg.gif
        css
        main.css
        META-INF
        product.xml
    - pom.xml
- issue_template.md
- README.md
- features
  - pom.xml
  - org.wso2.ppaas.manager.styles.feature
    - pom.xml
  - README.md
- products
  - pom.xml
  - README.md
  - ppaas
    - pom.xml
    - modules
      - p2-profile-gen
        pom.xml
        carbon.product
      - integration
        tests-common
        src
        main
        java
        org
        wso2
        ppaas
        integration
        common
        extensions
        PPaaSServerExtension.java
        RestConstants.java
        Util.java
        TopologyHandler.java
        rest
        HttpResponse.java
        ErrorResponse.java
        HttpResponseHandler.java
        RestClient.java
        IntegrationMockClient.java
        WebClientWrapper.java
        CarbonTestServerManager.java
        pom.xml
        pom.xml
        tests-integration
        src
        test
        resources
        log4j.properties
        sample-applications-test
        applications
        g-sc-G123-1-sample-applications-test.json
        g-sc-G123-1-sample-applications-test-v1.json
        sample-applications-test-1.json
        sample-applications-test-2.json
        deployment-policies
        deployment-policy-sample-applications-test-v1.json
        deployment-policy-sample-applications-test.json
        cartridges-groups
        cartrdige-nested-sample-applications-test.json
        cartrdige-nested-sample-applications-test-v1.json
        application-policies
        application-policy-sample-applications-test.json
        network-partitions
        mock
        network-partition-sample-applications-test-1-v1.json
        network-partition-sample-applications-test-1.json
        network-partition-sample-applications-test-2.json
        autoscaling-policies
        autoscaling-policy-sample-applications-test.json
        cartridges
        mock
        c3-sample-applications-test.json
        c1-sample-applications-test.json
        c2-sample-applications-test.json
        automation.xml
        common
        cloud-controller.xml
        log4j.properties
        mock-iaas.xml
        cartridge-config.properties
        identity.xml
        autoscaler.xml
        JMSOutputAdaptor.xml
        jndi.properties
        scaling.drl
        ppaas-testng.xml
        application-policy-test
        application-policies
        application-policy-application-policy-test-1.json
        application-policy-application-policy-test-2.json
        application-policy-application-policy-test.json
        network-partitions
        mock
        network-partition-application-policy-test-2.json
        network-partition-application-policy-test-1.json
        automationSchema.xsd
        instrumentation.txt
        keystores
        products
        client-truststore.jks
        userRP.jks
        wso2carbon.jks
        autoscaling-policy-test
        autoscaling-policies
        autoscaling-policy-autoscaling-policy-test-v1.json
        autoscaling-policy-autoscaling-policy-test.json
        autoscaling-policy-autoscaling-policy-test-2.json
        autoscaling-policy-autoscaling-policy-test-1.json
        cartridge-test
        cartridges
        mock
        c0-cartridge-test.json
        c0-cartridge-test-v1.json
        c2-cartridge-test.json
        c1-cartridge-test.json
        filters.txt
        network-partition-test
        network-partitions
        mock
        network-partition-network-partition-test-v1.json
        network-partition-network-partition-test-1.json
        network-partition-network-partition-test.json
        network-partition-network-partition-test-2.json
        user-test
        tenant-1.json
        user-1.json
        user-1-v1.json
        cartridge-group-test
        cartridges-groups
        group-2-cartridge-group-test.json
        group-1-cartridge-group-test.json
        g4-g5-g6-cartridge-group-test-v1.json
        g4-g5-g6-cartridge-group-test.json
        cartridges
        mock
        c5-cartridge-group-test.json
        c6-cartridge-group-test.json
        c4-cartridge-group-test.json
        deployment-policy-test
        deployment-policies
        deployment-policy-deployment-policy-test-1.json
        deployment-policy-deployment-policy-test-2.json
        deployment-policy-deployment-policy-test-v1.json
        deployment-policy-deployment-policy-test.json
        network-partitions
        mock
        network-partition-deployment-policy-test-2.json
        network-partition-deployment-policy-test-1.json
        network-partition-deployment-policy-test-1-v1.json
        sample-application-startup-test
        applications
        sample-application-startup-test.json
        deployment-policies
        deployment-policy-sample-application-startup-test.json
        application-policies
        application-policy-sample-application-startup-test.json
        network-partitions
        mock
        network-partition-sample-application-startup-test.json
        autoscaling-policies
        autoscaling-policy-sample-application-startup-test.json
        cartridges
        mock
        c1-sample-application-startup-test.json
        java
        org
        wso2
        ppaas
        integration
        tests
        group
        CartridgeGroupTest.java
        CartridgeTest.java
        policies
        ApplicationPolicyTest.java
        NetworkPartitionTest.java
        AutoscalingPolicyTest.java
        DeploymentPolicyTest.java
        application
        SampleApplicationStartupTestCase.java
        SampleApplicationsTest.java
        users
        UserTest.java
        TenantTest.java
        PPaaSIntegrationTest.java
        pom.xml
      - distribution
        src
        main
        partitions
        partitions.xml
        temp-artifacts
        org.wso2.store.sso.common_1.0.0.jar
        sso
        module.xml
        scripts
        sso.client.js
        org.wso2.stratos.identity.saml2.sso.mgt_2.2.0.jar
        carbon
        module.xml
        scripts
        user
        space.js
        user-manager.js
        registry-space.js
        user.js
        registry
        artifacts.js
        registry-ws.js
        registry-osgi.js
        registry.js
        server
        tenant.js
        server.js
        config.js
        osgi.js
        org.jaggeryjs.hostobjects.xhr_0.9.0.ALPHA4_wso2v1.jar
        license
        LICENSE
        bin
        wso2server.bat
        wso2server.sh
        conf
        security
        application-authentication.xml
        client-truststore.jks
        authenticators.xml
        cipher-text.properties
        cipher-tool.properties
        user-mgt.xml
        default-adaptors
        DefaultWSO2EventOutputAdaptor.xml
        DefaultWSO2EventInputAdaptor.xml
        drools
        terminatedependency.drl
        dependent-scaling.drl
        maxcheck.drl
        terminateall.drl
        obsoletecheck.drl
        mincheck.drl
        scaling.drl
        log4j.properties
        axis2
        axis2.xml
        tenant-axis2.xml
        axis2_client.xml
        application-authenticators.xml
        mock-iaas.xml
        registry.xml
        thrift-client-config.xml
        cartridge-config.properties
        tenant-mgt.xml
        data-bridge
        thrift-agent-config.xml
        data-bridge-config.xml
        identity.xml
        autoscaler.xml
        siddhi
        siddhi.extension
        sso-idp-config.xml
        multitenancy
        stratos.xml
        features-dashboard.xml
        cloud-services-desc.xml
        tenant-reg-agent.xml
        usage-throttling-agent-config.xml
        multitenancy-packages.xml
        mqtttopic.properties
        etc
        launch.ini
        carbon.xml
        jndi.properties
        event-broker.xml
        stream-manager-config.xml
        assembly
        bin.xml
        filter.properties
        pom.xml
        README.txt
        INSTALL.txt
  - python-cartridge-agent
    - pom.xml
    - modules
      - integration
        pom.xml
        test-common
        src
        main
        java
        org
        wso2
        ppaas
        python
        cartridge
        agent
        integration
        common
        DataPublisherTestUtil.java
        ThriftTestServer.java
        JettyHttpServer.java
        pom.xml
        test-integration
        src
        test
        resources
        CEPHAModeTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        AgentTerminationTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        log4j.properties
        AgentStartupTestCase
        extensions
        py
        startup-test-handler.py
        checkout-job-handler.yapsy-plugin
        startup-test-handler.yapsy-plugin
        checkout-job-handler.py
        commit-job-handler.yapsy-plugin
        commit-job-handler.py
        payload
        launch-params
        agent.conf
        logging.ini
        test-conf
        integration-test.properties
        ADCExtensionTestCase
        extensions
        py
        checkout-job-handler.yapsy-plugin
        checkout-job-handler.py
        commit-job-handler.yapsy-plugin
        commit-job-handler.py
        payload
        launch-params
        agent.conf
        logging.ini
        common
        client-truststore.jks
        stratos-health-stream-def.json
        thrift-agent-config.xml
        log4j.properties
        wso2carbon.jks
        jndi.properties
        data-bridge-config.xml
        test-suite-ha.xml
        AgentConfBackwardCompatibilityTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        ADCMTAppTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        LogPublisherTestCase
        log_file.log
        payload
        launch-params
        agent.conf
        logging.ini
        ADCMTAppTenantUserTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        test-suite-all.xml
        test-suite-smoke.xml
        MessageBrokerHATestCase
        payload
        launch-params
        agent.conf
        jndi.properties
        logging.ini
        ADCTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        ADCBranchPerTenantTestCase
        extensions
        py
        BranchBasedArtifactCheckout.py
        BranchBasedArtifactCheckout.yapsy-plugin
        BranchBasedArtifactCommit.py
        BranchBasedArtifactCommit.yapsy-plugin
        payload
        launch-params
        agent.conf
        logging.ini
        ADCValidationTestCase
        payload
        launch-params
        agent.conf
        logging.ini
        java
        org
        wso2
        ppaas
        python
        cartridge
        agent
        integration
        tests
        AgentStartupTestCase.java
        ADCTestCase.java
        LogPublisherTestCase.java
        AgentTerminationTestCase.java
        ADCMTAppTestCase.java
        PythonAgentIntegrationTest.java
        AgentConfBackwardCompatibilityTestCase.java
        CEPHAModeTestCase.java
        ADCValidationTestCase.java
        ADCBranchPerTenantTestCase.java
        ADCExtensionTestCase.java
        MessageBrokerHATestCase.java
        ADCMTAppTenantUserTestCase.java
        pom.xml
        .gitignore
      - distribution
        src
        main
        license
        LICENSE
        readme
        README
        assembly
        bin.xml
        notice
        NOTICE
        pom.xml
- tools
  - installer
    - wso2das
      - pom.xml
      - 3.0.0
        template-module
        pom.xml
        files
        lib
        .gitignore
        bin
        .gitignore
        repository
        components
        dropins
        .gitignore
        lib
        .gitignore
        patches
        .gitignore
        deployment
        server
        jaggeryapps
        portal
        controllers
        apis
        .gitignore
        theme
        templates
        .gitignore
        js
        .gitignore
        carbonapps
        .gitignore
        dbscripts
        .gitignore
        templates
        repository
        conf
        axis2
        axis2.xml.template
        analytics
        rdbms-config.xml.template
        spark
        spark-defaults.conf.template
        spark-udf-config.xml.template
        analytics-config.xml.template
        tomcat
        catalina-server.xml.template
        jndi.properties.template
        carbon.xml.template
        datasources
        master-datasources.xml.template
        analytics-datasources.xml.template
        user-mgt.xml.template
        registry.xml.template
        module.ini
        README.md
        pom.xml
        README.md
    - pom.xml
    - wso2cep
      - 3.1.0
        template-module
        pom.xml
        files
        repository
        components
        dropins
        .gitignore
        lib
        .gitignore
        patches
        .gitignore
        deployment
        server
        .gitignore
        conf
        .gitignore
        templates
        bin
        wso2server.sh.template
        repository
        conf
        axis2
        axis2.xml.template
        tomcat
        catalina-server.xml.template
        jndi.properties.template
        carbon.xml.template
        datasources
        master-datasources.xml.template
        data-bridge
        data-bridge-config.xml.template
        user-mgt.xml.template
        siddhi
        siddhi.extension.template
        stream-manager-config.xml.template
        registry.xml.template
        module.ini
        README.md
        pom.xml
        README.md
      - pom.xml
    - activemq
      - pom.xml
      - 5.10.0
        template-module
        pom.xml
        templates
        bin
        activemq.template
        conf
        activemq.xml.template
        module.ini
        README.md
        pom.xml
        README.md
    - distribution
      - pom.xml
      - assembly.xml
    - README.md
    - scripts
      - setup-cep.sh
      - pom.xml
      - README
      - conf.sh
      - setup-das.sh
      - start-servers.sh
      - conf
        setup.conf
      - ppaas-installer.sh
      - setup.sh
    - wso2ppaas
      - pom.xml
      - 4.1.0
        template-module
        pom.xml
        files
        lib
        .gitignore
        bin
        .gitignore
        repository
        components
        dropins
        .gitignore
        lib
        .gitignore
        patches
        .gitignore
        dbscripts
        .gitignore
        templates
        repository
        deployment
        server
        jaggeryapps
        console
        controllers
        menu
        menu.json.template
        outputeventadaptors
        JMSOutputAdaptor.xml.template
        conf
        cloud-controller.xml.template
        axis2
        axis2.xml.template
        tomcat
        catalina-server.xml.template
        jndi.properties.template
        carbon.xml.template
        datasources
        master-datasources.xml.template
        thrift-agent-config.xml.template
        cartridge-config.properties.template
        user-mgt.xml.template
        registry.xml.template
        module.ini
        README.md
        pom.xml
        README.md
    - wso2cep-monitoring
      - 3.1.0
        template-module
        pom.xml
        files
        repository
        deployment
        server
        eventformatters
        .gitignore
        templates
        repository
        deployment
        server
        outputeventadaptors
        DefaultWSO2EventOutputAdaptor.xml.template
        module.ini
        README.md
        pom.xml
        README.md
      - pom.xml
  - pom.xml
  - migration
    - pom.xml
    - subscription-manager
      - 4.0.0
        src
        main
        java
        org
        wso2
        ppaas
        rest
        endpoint
        security
        StratosPrincipal.java
        StratosSecurityContext.java
        ServiceHolder.java
        services
        MigrationAdmin.java
        ServiceUtils.java
        AuthenticationAdmin.java
        AbstractAdmin.java
        CartridgeSubscriptionManager.java
        Utils.java
        context
        AuthenticationContext.java
        Constants.java
        handlers
        StratosAuthorizingHandler.java
        CustomThrowableExceptionMapper.java
        StratosAuthenticationHandler.java
        AbstractAuthenticationAuthorizationHandler.java
        CookieBasedAuthenticationHandler.java
        OAuthHandler.java
        CustomExceptionMapper.java
        GenericExceptionMapper.java
        oauth2
        ValidationServiceClient.java
        exception
        RestAPIException.java
        DataInsertionAndRetrievalManager.java
        mock
        StratosTestAdmin.java
        MockContext.java
        annotation
        SuperTenantService.java
        AuthorizationAction.java
        bean
        cartridge
        definition
        PropertyBean.java
        ServiceDefinitionBean.java
        NetworkInterfaceBean.java
        LoadBalancerBean.java
        IaasProviderBean.java
        PersistenceBean.java
        DeploymentBean.java
        CartridgeDefinitionBean.java
        VolumeBean.java
        PortMappingBean.java
        BulkSubscriptionDomainsWrapper.java
        StratosAdminResponse.java
        topology
        Cluster.java
        Member.java
        CartridgeInfoBeanWrapper.java
        SubscriptionDomainRequest.java
        subscription
        domain
        SubscriptionDomainBean.java
        Error.java
        CartridgeInfoBean.java
        util
        type
        map
        MapType.java
        MapEntryType.java
        MapAdapter.java
        list
        ListType.java
        converter
        PojoConverter.java
        repositoryNotificationInfoBean
        Repository.java
        Payload.java
        autoscaler
        policy
        autoscale
        LoadAverageThresholds.java
        MemoryConsumptionThresholds.java
        RequestsInFlightThresholds.java
        AutoscalePolicy.java
        LoadThresholds.java
        deployment
        DeploymentPolicy.java
        partition
        Partition.java
        PartitionGroup.java
        SubscriptionDomainWrapper.java
        webapp
        ppaas-400-migration
        META-INF
        webapp-classloading.xml
        WEB-INF
        cxf-servlet.xml
        web.xml
        pom.xml
        README.md
        scripts
        export.sh
        import.sh
    - distribution
      - contents
        resources
        wso2carbon.jks
        scripts
        gce
        undeploy.sh
        deploy.sh
        openstack
        undeploy.sh
        deploy.sh
        common
        undeploy.sh
        deploy.sh
        mock
        undeploy.sh
        deploy.sh
        kubernetes
        undeploy.sh
        deploy.sh
        ec2
        undeploy.sh
        deploy.sh
        bin
        stratos.sh
        conf
        log4j.properties
        config.properties
      - pom.xml
      - LICENSE.md
      - assembly
        bin.xml
    - README.md
    - artifact.migration.tool
      - src
        main
        java
        org
        apache
        stratos
        rest
        endpoint
        bean
        cartridge
        definition
        PropertyBean.java
        ServiceDefinitionBean.java
        VolumeBean.java
        subscription
        domain
        SubscriptionDomainBean.java
        CartridgeInfoBean.java
        autoscaler
        policy
        autoscale
        LoadAverageThresholds.java
        MemoryConsumptionThresholds.java
        RequestsInFlightThresholds.java
        AutoscalePolicy.java
        LoadThresholds.java
        deployment
        DeploymentPolicy.java
        partition
        Partition.java
        PartitionGroup.java
        wso2
        ppaas
        tools
        artifactmigration
        JsonWriter.java
        Constants.java
        ConversionTool.java
        Main.java
        exception
        ArtifactLoadingException.java
        TransformationException.java
        loader
        ArtifactLoader400.java
        RestClient.java
        Transformer.java
        test
        resources
        log4j.properties
        test-outputs
        applications
        myphp-application
        artifacts
        application-signup.json
        myphp-application.json
        domain-mapping.json
        scripts
        gce
        undeploy.sh
        deploy.sh
        openstack
        undeploy.sh
        deploy.sh
        common
        undeploy.sh
        deploy.sh
        mock
        undeploy.sh
        deploy.sh
        kubernetes
        undeploy.sh
        deploy.sh
        ec2
        undeploy.sh
        deploy.sh
        newphp-application
        artifacts
        newphp-application.json
        application-signup.json
        domain-mapping.json
        scripts
        gce
        undeploy.sh
        deploy.sh
        openstack
        undeploy.sh
        deploy.sh
        common
        undeploy.sh
        deploy.sh
        mock
        undeploy.sh
        deploy.sh
        kubernetes
        undeploy.sh
        deploy.sh
        ec2
        undeploy.sh
        deploy.sh
        deployment-policies
        economyDeploymentPolicy.json
        application-policies
        application-policy-economyDeploymentPolicy.json
        network-partitions
        openstack
        os2.json
        autoscaling-policies
        simpleAutoscalePolicy.json
        cartridges
        PHP.json
        wso2carbon.jks
        scripts
        gce
        undeploy.sh
        deploy.sh
        openstack
        undeploy.sh
        deploy.sh
        common
        undeploy.sh
        deploy.sh
        mock
        undeploy.sh
        deploy.sh
        kubernetes
        undeploy.sh
        deploy.sh
        ec2
        undeploy.sh
        deploy.sh
        test_artifacts
        test_domainmappings.json
        test_partitions.json
        test_cartridges.json
        test_autoscalepolicies.json
        test_services.json
        test_subscription.json
        test_deploymentpolicies.json
        test_multitenantcartridges.json
        java
        org
        wso2
        ppaas
        tools
        artifactmigration
        test
        TestConstants.java
        StratosV400Mock.java
        HttpClientTest.java
        HttpClientSetUp.java
      - pom.xml
- .gitignore

/*
 * Copyright (c) 2005-2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 * WSO2 Inc. licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.wso2.ppaas.rest.endpoint.handlers;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.cxf.common.util.ClassHelper;
import org.apache.cxf.frontend.MethodDispatcher;
import org.apache.cxf.interceptor.security.AccessDeniedException;
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.cxf.service.Service;
import org.apache.cxf.service.model.BindingOperationInfo;
import org.wso2.ppaas.rest.endpoint.Utils;
import org.wso2.ppaas.rest.endpoint.context.AuthenticationContext;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.user.api.AuthorizationManager;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;

import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import java.util.*;

/**
 * {@link StratosAuthorizingHandler} authorize resource requests. It collects expected permission
 * details using annotations present in the service bean. This particular implementation is inspired
 * by the {@link org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter}
 */
public class StratosAuthorizingHandler implements RequestHandler {
    private static final String AUTHORIZATION_ANNOTATION_CLASS_NAME = "AuthorizationAction";
    private static final String TENANT_ANNOTATION_CLASS_NAME = "SuperTenantService";
    private static final String ACTION_ON_RESOURCE = "ui.execute";
    private static final Set<String> SKIP_METHODS;
    private static String SUPPORTED_AUTHENTICATION_TYPE = "Basic";

    static {
        SKIP_METHODS = new HashSet<String>();
        SKIP_METHODS.addAll(Arrays
                .asList(new String[] { "wait", "notify", "notifyAll", "equals", "toString", "hashCode" }));
    }

    private Log log = LogFactory.getLog(StratosAuthorizingHandler.class);
    private Map<String, String> authorizationActionMap = Collections.emptyMap();
    private Set<String> superTenantServiceSet = Collections.emptySet();

    public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
        try {
            AuthenticationContext.setAuthenticated(false); // TODO : fix this properly
            String userName = CarbonContext.getThreadLocalCarbonContext().getUsername();
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
            if (log.isDebugEnabled()) {
                log.debug("authorizing the action using" + StratosAuthorizingHandler.class.getName());
                log.debug("username :" + userName);
                log.debug("tenantDomain" + tenantDomain);
                log.debug("tenantId :" + tenantId);
            }
            Method targetMethod = getTargetMethod(message);
            if (!authorize(userName, tenantDomain, tenantId, targetMethod)) {
                log.warn("User :" + userName + "trying to perform unauthrorized action" +
                        " against the resource :" + targetMethod);
                return Response.status(Response.Status.FORBIDDEN).type(MediaType.APPLICATION_JSON).
                        entity(Utils.buildMessage(
                                "The user does not have required permissions to " + "perform this operation")).build();
            }
            return null;

        } catch (Exception exception) {
            log.error("Unexpected error occured while REST api, authorization process", exception);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).type(MediaType.APPLICATION_JSON).
                    entity(Utils.buildMessage("Unexpected error. Please contact the system admin")).build();
        }
    }

    private boolean authorize(String userName, String tenantDomain, int tenantId, Method targetMethod)
            throws Exception {
        // first we try to see whether this is a super.tenant only operation
        if (superTenantServiceSet.contains(targetMethod.getName()) && !isCurrentUserSuperTenant(tenantDomain,
                tenantId)) {
            return false;
        }
        // authorize using permissionString given as annotation in the service class
        String permissionString = authorizationActionMap.get(targetMethod.getName());

        // get the authorization manager for this tenant..
        UserRealm userRealm = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm();
        AuthorizationManager authorizationManager = userRealm.getAuthorizationManager();

        boolean isAuthorized = isAuthorized(authorizationManager, userName, permissionString, ACTION_ON_RESOURCE);
        return isAuthorized;

    }

    private boolean isCurrentUserSuperTenant(String tenantDomain, int tenantId) {
        if (MultitenantConstants.SUPER_TENANT_DOMAIN_NAME.equals(tenantDomain)
                && MultitenantConstants.SUPER_TENANT_ID == tenantId) {
            return true;
        }
        return false;
    }

    private boolean isAuthorized(AuthorizationManager authorizationManager, String username, String permissionString,
            String action) throws UserStoreException {
        boolean isAuthorized = false;
        String[] resourceIds = permissionString.trim().split(",");
        for (String resourceId : resourceIds) {
            if (authorizationManager.isUserAuthorized(username, resourceId, action)) {
                isAuthorized = true;
                break;
            }
        }
        return isAuthorized;
    }

    /**
     * Here we are getting the target invocation method. The method get set as a property in the
     * message by the {@link org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor}
     *
     * @param message incoming message
     * @return
     */
    protected Method getTargetMethod(Message message) {
        BindingOperationInfo bop = message.getExchange().get(BindingOperationInfo.class);
        if (bop != null) {
            MethodDispatcher md = (MethodDispatcher) message.getExchange().get(Service.class)
                    .get(MethodDispatcher.class.getName());
            return md.getMethod(bop);
        }
        Method method = (Method) message.get("org.apache.cxf.resource.method");
        if (method != null) {
            return method;
        }
        log.error("The requested resource is not found. Please check the resource path etc..");
        throw new AccessDeniedException("Method is not available : Unauthorized");
    }

    /**
     * The instance of the secured bean get injected by the IOC framework
     *
     * @param securedObject
     */
    public void setSecuredObject(Object securedObject) {
        Class<?> clazz = ClassHelper.getRealClass(securedObject);
        authorizationActionMap = getAuthorizationActionMap(clazz);
        superTenantServiceSet = getSuperTenantServiceSet(clazz);

    }

    private Set<String> getSuperTenantServiceSet(Class<?> clazz) {
        Set<String> superTenantServiceSet = new HashSet<String>();
        findSuperTenantServices(clazz, superTenantServiceSet);
        return superTenantServiceSet;
    }

    private Map<String, String> getAuthorizationActionMap(Class<?> clazz) {
        Map<String, String> authorizationActionMap = new HashMap<String, String>();
        findAuthorizationActions(clazz, authorizationActionMap);
        return authorizationActionMap;
    }

    /**
     * Goes through the class hierarchy and find the authorization annotations attached to a certain
     * method.
     *
     * @param clazz                  class to be scanned
     * @param authorizationActionMap the map to be populated
     */
    private void findAuthorizationActions(Class<?> clazz, Map<String, String> authorizationActionMap) {
        if (clazz == null || clazz == Object.class) {
            return;
        }
        String classAuthorizationActionsAllowed = getAuthorizationActions(clazz.getAnnotations(),
                AUTHORIZATION_ANNOTATION_CLASS_NAME);
        for (Method m : clazz.getMethods()) {
            if (SKIP_METHODS.contains(m.getName())) {
                continue;
            }
            String methodAuthorizationActionsAllowed = getAuthorizationActions(m.getAnnotations(),
                    AUTHORIZATION_ANNOTATION_CLASS_NAME);
            String authorizationActions = methodAuthorizationActionsAllowed != null ?
                    methodAuthorizationActionsAllowed :
                    classAuthorizationActionsAllowed;
            if (authorizationActions != null) {
                authorizationActionMap.put(m.getName(), authorizationActions);
            }
        }
        if (!authorizationActionMap.isEmpty()) {
            return;
        }

        findAuthorizationActions(clazz.getSuperclass(), authorizationActionMap);

        if (!authorizationActionMap.isEmpty()) {
            return;
        }

        for (Class<?> interfaceCls : clazz.getInterfaces()) {
            findAuthorizationActions(interfaceCls, authorizationActionMap);
        }
    }

    /**
     * Goes through the class hierarchy and figure out the supertenant annotations coupled with operations/methods.
     *
     * @param clazz
     * @param superTenantServiceSet
     */
    private void findSuperTenantServices(Class<?> clazz, Set<String> superTenantServiceSet) {
        if (clazz == null || clazz == Object.class) {
            return;
        }
        for (Method m : clazz.getMethods()) {
            if (SKIP_METHODS.contains(m.getName())) {
                continue;
            }
            boolean isSuperTenantService = getSuperTenantServices(m.getAnnotations(), TENANT_ANNOTATION_CLASS_NAME);
            if (isSuperTenantService) {
                superTenantServiceSet.add(m.getName());
            }
        }
        if (!superTenantServiceSet.isEmpty()) {
            return;
        }

        findSuperTenantServices(clazz.getSuperclass(), superTenantServiceSet);

        if (!superTenantServiceSet.isEmpty()) {
            return;
        }

        for (Class<?> interfaceCls : clazz.getInterfaces()) {
            findSuperTenantServices(interfaceCls, superTenantServiceSet);
        }
    }

    private boolean getSuperTenantServices(Annotation[] annotations, String tenantAnnotationClassName) {
        for (Annotation ann : annotations) {
            if (ann.annotationType().getName().equals(tenantAnnotationClassName)) {
                try {
                    Method valueMethod = ann.annotationType().getMethod("value", new Class[] {});
                    boolean isSuperTenantService = (Boolean) valueMethod.invoke(ann, new Object[] {});
                    return isSuperTenantService;
                } catch (Exception ex) {
                    // ignore
                }
                break;
            }
        }
        return false;
    }

    private String getAuthorizationActions(Annotation[] annotations, String authorizationAnnotationClassName) {
        for (Annotation ann : annotations) {
            if (ann.annotationType().getSimpleName().equals(authorizationAnnotationClassName)) {
                try {
                    Method valueMethod = ann.annotationType().getMethod("value", new Class[] {});
                    String[] permissions = (String[]) valueMethod.invoke(ann, new Object[] {});
                    StringBuilder sb = new StringBuilder();
                    for (int i = 0; i < permissions.length; i++) {
                        sb.append(permissions[i]);
                        if (i + 1 < permissions.length) {
                            sb.append(",");
                        }
                    }
                    return sb.toString();
                } catch (Exception ex) {
                    // ignore
                }
                break;
            }
        }
        return null;
    }

}