PolicyDecisionPoint.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  21. package org.openspcoop2.utils.xacml;

  23. import java.io.ByteArrayInputStream;
  24. import java.io.IOException;
  25. import java.util.HashMap;
  26. import java.util.List;
  27. import java.util.Map;

  29. import org.herasaf.xacml.core.SyntaxException;
  30. import org.herasaf.xacml.core.api.PDP;
  31. import org.herasaf.xacml.core.api.PolicyRetrievalPoint;
  32. import org.herasaf.xacml.core.context.RequestMarshaller;
  33. import org.herasaf.xacml.core.context.impl.RequestType;
  34. import org.herasaf.xacml.core.context.impl.ResponseType;
  35. import org.herasaf.xacml.core.context.impl.ResultType;
  36. import org.herasaf.xacml.core.policy.Evaluatable;
  37. import org.herasaf.xacml.core.policy.PolicyMarshaller;
  38. import org.herasaf.xacml.core.policy.impl.EvaluatableIDImpl;
  39. import org.herasaf.xacml.core.policy.impl.PolicyType;
  40. import org.herasaf.xacml.core.simplePDP.MapBasedSimplePolicyRepository;
  41. import org.herasaf.xacml.core.simplePDP.SimplePDPConfiguration;
  42. import org.herasaf.xacml.core.simplePDP.SimplePDPFactory;
  43. import org.herasaf.xacml.core.simplePDP.initializers.InitializerExecutor;
  44. import org.openspcoop2.utils.LoggerWrapperFactory;
  45. import org.slf4j.Logger;

  47. /**
  48.  * PolicyDecisionPoint
  49.  *
  50.  * @author Bussu Giovanni (bussu@link.it)
  51.  * @author $Author$
  52.  * @version $Rev$, $Date$
  53.  */
  54. public class PolicyDecisionPoint {

  56.     private static final String SINGLE = "SINGLE";
  57.     private Map<String, PDP> pdp;
  58.     private boolean singlePDP;
  59.     private Logger log;

  61.     public static void runInitializers() {
  62.         InitializerExecutor.runInitializers(); //Inizializza gli unmarshaller
  63.     }
  64.     
  65.     public PolicyDecisionPoint() throws PolicyException {
  66.         this(LoggerWrapperFactory.getLogger(PolicyDecisionPoint.class));
  67.     }

  69.     public PolicyDecisionPoint(Logger log) throws PolicyException {
  70.         this(log, true);
  71.     }

  73.     public PolicyDecisionPoint(boolean singlePDP) throws PolicyException {
  74.         this(LoggerWrapperFactory.getLogger(PolicyDecisionPoint.class), singlePDP);
  75.     }

  77.     public PolicyDecisionPoint(Logger log, boolean singlePDP) throws PolicyException {
  78.         runInitializers();
  79.         this.singlePDP=singlePDP;
  80.         this.pdp = new HashMap<String, PDP>();
  81.         this.log = log;
  82.         if(singlePDP) {
  83.             this.pdp.put(SINGLE, this.newPDP());
  84.         }
  85.     }
  86.     
  87.     private PDP newPDP() throws PolicyException {
  88.         SimplePDPConfiguration configuration = new SimplePDPConfiguration();
  89.         PolicyRetrievalPoint policyRetrievalPoint = new CachedMapBasedSimplePolicyRepository(this.log);
  90.         configuration.setPolicyRetrievalPoint(policyRetrievalPoint);
  91.         return SimplePDPFactory.getSimplePDP(configuration);
  92.     }

  94.     public List<ResultType> evaluate(String requestString) throws PolicyException {
  95.         RequestType request;
  96.         try {
  97.             request = _unmarshalRequest(requestString);
  98.         } catch (SyntaxException e) {
  99.             throw new PolicyException(e);
  100.         }
  101.         return this._evaluate(request);
  102.     }

  104.     public List<ResultType> evaluate(XacmlRequest request) throws PolicyException {
  105.         return this.evaluate(request.getXacmlRequest());
  106.     }
  107.     
  108.     public List<ResultType> evaluate(RequestType request) throws PolicyException {
  109.         return this._evaluate(request);
  110.     }

  112.     public static RequestType _unmarshalRequest(String requestString) throws PolicyException, SyntaxException {
  113.         ByteArrayInputStream bais = null;
  114.         try{
  115.             InitializerExecutor.runInitializers(); //Inizializza gli unmarshaller
  116.             bais = new ByteArrayInputStream(requestString.getBytes());
  117.             return RequestMarshaller.unmarshal(bais);
  118.         } finally {
  119.             if(bais != null) {
  120.                 try {
  121.                     bais.close();
  122.                 } catch (IOException e) {}
  123.             }
  124.         }
  125.     }

  127.     public static boolean isValidRequest(String requestString) throws PolicyException {
  128.         try{
  129.             _unmarshalRequest(requestString);
  130.         } catch(SyntaxException e) {
  131.             return false;
  132.         }
  133.         return true;
  134.     }

  136.     public static Evaluatable _unmarshalPolicy(String policyString) throws PolicyException, SyntaxException {
  137.         ByteArrayInputStream bais = null;
  138.         try{
  139.             bais = new ByteArrayInputStream(policyString.getBytes());
  140.             InitializerExecutor.runInitializers(); //Inizializza gli unmarshaller
  141.             return PolicyMarshaller.unmarshal(bais);
  142.         } finally {
  143.             if(bais != null) {
  144.                 try {
  145.                     bais.close();
  146.                 } catch (IOException e) {}
  147.             }
  148.         }
  149.     }

  151.     public void addPolicy(Evaluatable eval, String key) throws PolicyException {
  152.         this._addPolicy(eval, key);
  153.     }

  155.     public void addPolicy(String policyString, String key) throws PolicyException {
  156.         try {
  157.             Evaluatable eval;
  158.             eval = _unmarshalPolicy(policyString);
  159.             ((PolicyType)eval).setPolicyId(new EvaluatableIDImpl(key));
  160.             this._addPolicy(eval, key);
  161.         } catch (SyntaxException e) {
  162.             throw new PolicyException(e);
  163.         }
  164.     }

  166.     private void _addPolicy(Evaluatable eval, String key) throws PolicyException {
  167.         
  168.         EvaluatableIDImpl policyId = new EvaluatableIDImpl(key);
  169.         ((PolicyType)eval).setPolicyId(policyId);

  171.         if(this.singlePDP) {
  172.             PDP pdp = this.getPDP(SINGLE);
  173.             MapBasedSimplePolicyRepository repo = (MapBasedSimplePolicyRepository)pdp.getPolicyRepository();
  174.             repo.deploy(eval);
  175.         } else {
  176.             PDP newPDP = this.newPDP();
  177.             MapBasedSimplePolicyRepository repo = (MapBasedSimplePolicyRepository)newPDP.getPolicyRepository();
  178.             repo.deploy(eval);
  179.             this.pdp.put(key, newPDP);
  180.         }
  181.     }

  183.     private List<ResultType> _evaluate(RequestType request) throws PolicyException {
  184.         PDP pdp = (this.singlePDP) ? this.getPDP(SINGLE): this.getPDP(request);
  185.         ResponseType response = pdp.evaluate(request);
  186.         return response.getResults();
  187.     }

  189.     private PDP getPDP(RequestType request) throws PolicyException {
  190.         if(request == null) {
  191.             throw new PolicyException("request non puo essere null");
  192.         }
  193.         
  194.         if(request.getAction() == null) {
  195.             throw new PolicyException("request.action non puo essere null");
  196.         }
  197.         
  198.         if(request.getAction().getAttributes() == null || request.getAction().getAttributes().isEmpty()) {
  199.             throw new PolicyException("request.action.attributes non puo essere null o vuoto");
  200.         }
  201.         
  202.         if(request.getAction().getAttributes().get(0).getAttributeValues() == null || request.getAction().getAttributes().get(0).getAttributeValues().isEmpty()) {
  203.             throw new PolicyException("request.action.attributes[0].attributeValues non puo essere null o vuoto");
  204.         }
  205.         
  206.         if(request.getAction().getAttributes().get(0).getAttributeValues().get(0).getContent() == null || request.getAction().getAttributes().get(0).getAttributeValues().get(0).getContent().isEmpty()) {
  207.             throw new PolicyException("request.action.attributes[0].attributeValues[0].content non puo essere null o vuoto");
  208.         }
  209.         
  210.         String key = (String) request.getAction().getAttributes().get(0).getAttributeValues().get(0).getContent().get(0);
  211.         return this.pdp.get(key);
  212.     }
  213.     
  214.     private PDP getPDP(String key) {
  215.         return this.pdp.get(key);
  216.     }

  218. }
Created with JaCoCo 0.8.8.202204050719