/*************************************************************************
* Copyright 2009-2014 Eucalyptus Systems, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see http://www.gnu.org/licenses/.
*
* Please contact Eucalyptus Systems, Inc., 6755 Hollister Ave., Goleta
* CA 93117, USA or visit http://www.eucalyptus.com/licenses/ if you need
* additional information or have any questions.
************************************************************************/
package com.eucalyptus.auth.ws;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import com.eucalyptus.util.Strings;
import com.eucalyptus.ws.protocol.OperationParameter;
import com.eucalyptus.ws.protocol.RequestLoggingFilter;
import com.google.common.base.Functions;
import com.google.common.base.Optional;
import com.google.common.base.Predicates;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
/**
*
*/
public class EuareRequestLoggingFilter implements RequestLoggingFilter {
private static final Iterable<String> CREATE_UPDATE_PROFILE_ACTION_NVPS = Iterables.concat(
buildActionNVPs( "CreateLoginProfile" ),
buildActionNVPs( "UpdateLoginProfile" ) );
private static final Iterable<String> UPLOAD_CERT_ACTION_NVPS = buildActionNVPs( "UploadServerCertificate" );
private static final String PASSWORD_PARAMETER = "Password=";
private static final String PASSWORD_PARAMETER_REDACTED = PASSWORD_PARAMETER + REDACTED;
private static final String PRIVATE_KEY_PARAMETER = "PrivateKey=";
private static final String PRIVATE_KEY_PARAMETER_REDACTED = PRIVATE_KEY_PARAMETER + REDACTED;
private static Iterable<String> buildActionNVPs( final String action ) {
return Iterables.unmodifiableIterable( Iterables.transform(
Arrays.asList( OperationParameter.values() ),
Functions.compose( Strings.append( "=" + action ), Functions.toStringFunction() ) ) );
}
@Override
public Collection<String> apply( final Collection<String> parametersOrBody ) {
if ( isAction( parametersOrBody, CREATE_UPDATE_PROFILE_ACTION_NVPS ) ) {
return filterParameter( parametersOrBody, PASSWORD_PARAMETER, PASSWORD_PARAMETER_REDACTED );
} else if ( isAction( parametersOrBody, UPLOAD_CERT_ACTION_NVPS ) ) {
return filterParameter( parametersOrBody, PRIVATE_KEY_PARAMETER, PRIVATE_KEY_PARAMETER_REDACTED );
}
return parametersOrBody;
}
private boolean isAction( final Collection<String> parametersOrBody,
final Iterable<String> actionNvps ) {
return Iterables.tryFind( actionNvps, Predicates.in( parametersOrBody ) ).isPresent( );
}
private Collection<String> filterParameter( final Collection<String> parametersOrBody,
final String parameter,
final String redacted ) {
final Optional<String> parameterAndValue =
Iterables.tryFind( parametersOrBody, Strings.startsWith( parameter ) );
if ( parameterAndValue.isPresent() ) {
final ArrayList<String> parametersCopy = Lists.newArrayList( parametersOrBody );
parametersCopy.set( parametersCopy.indexOf( parameterAndValue.get() ), redacted );
return parametersCopy;
}
return parametersOrBody;
}
}