com.sap.cloud.sdk.cloudplatform.connectivity.ConnectivityService Maven / Gradle / Ivy

Go to download
/*
 * Copyright (c) 2018 SAP SE or an SAP affiliate company. All rights reserved.
 */

package com.sap.cloud.sdk.cloudplatform.connectivity;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;

import org.apache.http.HttpHeaders;
import org.slf4j.Logger;

import com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException;
import com.sap.cloud.sdk.cloudplatform.logging.CloudLoggerFactory;
import com.sap.cloud.sdk.cloudplatform.servlet.RequestContextAccessor;

class ConnectivityService
{
    private static final Logger logger = CloudLoggerFactory.getLogger(ConnectivityService.class);

    static final String SERVICE_NAME = "connectivity";

    private static final String SAP_CONNECTIVITY_AUTHENTICATION_HEADER = "SAP-Connectivity-Authentication";

    private static final String PROXY_AUTHORIZATION_HEADER = "Proxy-Authorization";
    private static final String BEARER_PREFIX = "Bearer ";

    List getOnPremiseProxyHeaders( final AccessToken accessToken )
        throws DestinationAccessException
    {
        final List result = new ArrayList<>();

        result.add(new Header(PROXY_AUTHORIZATION_HEADER, BEARER_PREFIX + accessToken.getValue()));

        if( logger.isDebugEnabled() ) {
            logger.debug("Successfully added " + PROXY_AUTHORIZATION_HEADER + " header.");
        }

        @Nullable
        final HttpServletRequest currentRequest = RequestContextAccessor.getCurrentRequest().orElse(null);

        @Nullable
        Header connectivityAuthHeader = null;

        if( currentRequest != null ) {
            @Nullable
            final String authHeader = currentRequest.getHeader(HttpHeaders.AUTHORIZATION);

            if( authHeader != null && authHeader.startsWith(BEARER_PREFIX) ) {
                if( logger.isDebugEnabled() ) {
                    logger.debug(
                        "Forwarding JWT bearer from \""
                            + HttpHeaders.AUTHORIZATION
                            + "\" header of current request in \""
                            + SAP_CONNECTIVITY_AUTHENTICATION_HEADER
                            + "\" header.");
                }

                connectivityAuthHeader = new Header(SAP_CONNECTIVITY_AUTHENTICATION_HEADER, authHeader);
            }
        }

        if( connectivityAuthHeader == null ) {
            logger.error(
                "Failed to add \""
                    + SAP_CONNECTIVITY_AUTHENTICATION_HEADER
                    + "\" header for on-premise connectivity: no JWT bearer found in \""
                    + HttpHeaders.AUTHORIZATION
                    + "\" header of request. Continuing without header. "
                    + "Connecting to on-premise systems may not be possible.");
        } else {
            result.add(connectivityAuthHeader);

            if( logger.isDebugEnabled() ) {
                logger.debug("Successfully added " + SAP_CONNECTIVITY_AUTHENTICATION_HEADER + " header.");
            }
        }

        return result;
    }
}