1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
package org.openpermis.xacml.basic; |
11 | |
|
12 | |
import java.io.IOException; |
13 | |
import java.io.Reader; |
14 | |
import java.io.Writer; |
15 | |
|
16 | |
import org.openpermis.AuthorizationService; |
17 | |
import org.openpermis.AuthorizationServiceException; |
18 | |
import org.openpermis.policy.AccessDecision; |
19 | |
import org.openpermis.xacml.XacmlAuthorizationService; |
20 | |
import org.openpermis.xacml.io.XacmlException; |
21 | |
import org.openpermis.xacml.io.XacmlReader; |
22 | |
import org.openpermis.xacml.io.XacmlRequest; |
23 | |
import org.openpermis.xacml.io.XacmlStatus; |
24 | |
import org.openpermis.xacml.io.XacmlWriter; |
25 | |
import org.openpermis.xacml.io.v2.BasicXacmlReader; |
26 | |
import org.openpermis.xacml.io.v2.BasicXacmlWriter; |
27 | |
|
28 | |
|
29 | |
|
30 | |
|
31 | |
|
32 | |
public class BasicXacmlAuthorizationService implements XacmlAuthorizationService { |
33 | |
|
34 | |
|
35 | |
|
36 | |
private final AuthorizationService service; |
37 | |
|
38 | |
private final XacmlReader reader; |
39 | |
|
40 | |
private final XacmlWriter writer; |
41 | |
|
42 | |
|
43 | |
|
44 | |
|
45 | |
|
46 | |
|
47 | |
|
48 | |
|
49 | |
|
50 | 3 | public BasicXacmlAuthorizationService (AuthorizationService service) { |
51 | 3 | if (service == null) { |
52 | 1 | throw new IllegalArgumentException("Service is null."); |
53 | |
} |
54 | 2 | this.service = service; |
55 | 2 | this.reader = new BasicXacmlReader(); |
56 | 2 | this.writer = new BasicXacmlWriter(); |
57 | 2 | } |
58 | |
|
59 | |
|
60 | |
|
61 | |
|
62 | |
|
63 | |
|
64 | |
public Writer getAccessDescision (Reader request, Writer response) throws IOException { |
65 | 2 | if (request == null || response == null) { |
66 | 0 | throw new IllegalArgumentException("Request or response is null."); |
67 | |
} |
68 | |
|
69 | |
final XacmlRequest req; |
70 | |
try { |
71 | 2 | req = this.reader.readRequest(request); |
72 | 1 | } catch (XacmlException e) { |
73 | 1 | return response.append( |
74 | |
this.writer.writeResponse( |
75 | |
null, new XacmlStatus(XacmlStatus.SYNTAX_ERROR, e.getMessage()) |
76 | |
) |
77 | |
); |
78 | 1 | } |
79 | |
|
80 | |
|
81 | |
final AccessDecision decision; |
82 | |
try { |
83 | 1 | decision = this.service.getAccessDecision( |
84 | |
req.getSubject(), req.getResource(), req.getAction(), null |
85 | |
); |
86 | 0 | } catch (AuthorizationServiceException e) { |
87 | 0 | return response.append( |
88 | |
this.writer.writeResponse( |
89 | |
null, new XacmlStatus(XacmlStatus.PROCESSING_ERROR, e.getMessage()) |
90 | |
) |
91 | |
); |
92 | 1 | } |
93 | |
|
94 | |
|
95 | 1 | return response.append( |
96 | |
this.writer.writeResponse(decision, new XacmlStatus(XacmlStatus.OK)) |
97 | |
); |
98 | |
} |
99 | |
|
100 | |
|
101 | |
} |