/*
* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.entitlement.mediator;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.llom.util.AXIOMUtil;
import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.description.Parameter;
import org.apache.axis2.description.TransportOutDescription;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.authenticator.stub.AuthenticationAdminStub;
import org.apache.axis2.transport.TransportSender;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.axis2.util.Loader;
import org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub;
import java.lang.Exception;
import java.net.URL;
public class EntitlementServiceClient {
private EntitlementServiceStub stub;
private String authCookie;
private static final Log log = LogFactory.getLog(EntitlementServiceClient.class);
/**
* Instantiates EntitlementServiceClient
*
* @param cookie
* For session management
* @param backendServerURL
* URL of the back end server where EntitlementService is running.
* @param configCtx
* ConfigurationContext
* @throws org.apache.axis2.AxisFault
*/
public EntitlementServiceClient(String backendServerURL, ConfigurationContext configCtx,
String userName, String password, String remoteIp) throws Exception {
String serviceURL = null;
ServiceClient client = null;
Options option = null;
backendServerURL = backendServerURL.trim();
if (!backendServerURL.endsWith("/")) {
backendServerURL += "/";
}
if (authenticate(backendServerURL, configCtx, userName, password, remoteIp)) {
serviceURL = backendServerURL + "EntitlementService";
stub = new EntitlementServiceStub(configCtx, serviceURL);
client = stub._getServiceClient();
option = client.getOptions();
option.setManageSession(true);
option.setProperty(HTTPConstants.COOKIE_STRING, authCookie);
} else {
throw new Exception("User not authenticated");
}
}
/**
*
* @param request
* @return
* @throws AxisFault
*/
public String getDecision(String userName, String resource, String action, String[] env)
throws Exception {
try {
String decision = getStatus(stub.getDecisionByAttributes(userName, resource, action,
env));
stub.cleanup();
return decision;
} catch (Exception e) {
log.error("Error occured while policy evaluation", e);
throw e;
}
}
/**
*
* @param response
* @return
* @throws Exception
*/
private String getStatus(String xmlstring) throws Exception {
OMElement response = null;
OMElement result = null;
OMElement decision = null;
response = AXIOMUtil.stringToOM(xmlstring);
result = response.getFirstChildWithName(new QName("Result"));
if (result != null) {
decision = result.getFirstChildWithName(new QName("Decision"));
if (decision != null) {
return decision.getText();
}
}
return "Invalid Status";
}
/**
*
* @param backendServerURL
* @param configCtx
* @param userName
* @param password
* @param remoteIp
* @return
* @throws Exception
*/
private boolean authenticate(String backendServerURL, ConfigurationContext configCtx,
String userName, String password, String remoteIp) throws Exception {
String serviceURL = null;
ServiceClient client = null;
Options option = null;
boolean isAuthenticated = false;
AuthenticationAdminStub authStub = null;
serviceURL = backendServerURL + "AuthenticationAdmin";
authStub = new AuthenticationAdminStub(configCtx, serviceURL);
client = authStub._getServiceClient();
option = client.getOptions();
option.setManageSession(true);
option.setProperty(org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING, authCookie);
isAuthenticated = authStub.login(userName, password, remoteIp);
authCookie = (String) authStub._getServiceClient().getServiceContext()
.getProperty(HTTPConstants.COOKIE_STRING);
return isAuthenticated;
}
}