Worked in review comments

Vishnu Alapati · Vishnu Alapati · commit 89e96e99d478 · 2023-10-09T12:14:28.000+05:30
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CustomAuthenticationEntryPoint.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/CustomAuthenticationEntryPoint.java
@@ -24,7 +24,7 @@ public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint
     public void commence(HttpServletRequest request, HttpServletResponse response,
             AuthenticationException authException) throws IOException, ServletException {
         if (authException instanceof BadCredentialsException) {
-            LOGGER.info("Bad Credentials {}", HttpStatus.UNAUTHORIZED);
+            LOGGER.warn("Bad Credentials {}", HttpStatus.UNAUTHORIZED);
             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid credentials");
         }
     }
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/config/SecurityConfig.java
@@ -14,40 +14,21 @@
 */
 package com.ericsson.eiffel.remrem.publish.config;
 
-import java.io.IOException;
 import java.util.HashMap;
 
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
-import org.springframework.http.HttpStatus;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 import org.springframework.ldap.core.support.LdapContextSource;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.DisabledException;
-import org.springframework.security.authentication.LockedException;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.authentication.AuthenticationFailureHandler;
-import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.HttpStatusEntryPoint;
-import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 
 /**
  * This class is used to enable the ldap authentication based on property
diff --git a/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/controller/ProducerController.java b/publish-service/src/main/java/com/ericsson/eiffel/remrem/publish/controller/ProducerController.java
@@ -16,16 +16,17 @@
 
 import java.util.EnumSet;
 import java.util.Map;
+
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -39,13 +40,13 @@
 import org.springframework.web.client.RestTemplate;
 
 import com.ericsson.eiffel.remrem.protocol.MsgService;
+import com.ericsson.eiffel.remrem.publish.exception.RemRemPublishException;
 import com.ericsson.eiffel.remrem.publish.helper.PublishUtils;
 import com.ericsson.eiffel.remrem.publish.helper.RMQHelper;
 import com.ericsson.eiffel.remrem.publish.service.EventTemplateHandler;
+import com.ericsson.eiffel.remrem.publish.service.GenerateURLTemplate;
 import com.ericsson.eiffel.remrem.publish.service.MessageService;
 import com.ericsson.eiffel.remrem.publish.service.SendResult;
-import com.ericsson.eiffel.remrem.publish.service.GenerateURLTemplate;
-import com.ericsson.eiffel.remrem.publish.exception.RemRemPublishException;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
@@ -77,6 +78,9 @@ public class ProducerController {
     @Autowired
     private GenerateURLTemplate generateURLTemplate;
 
+    @Value("${activedirectory.publish.enabled}")
+    private boolean isAuthenticationEnabled;
+
     private RestTemplate restTemplate = new RestTemplate();
 
     private JsonParser parser = new JsonParser();
@@ -91,6 +95,18 @@ public void setRestTemplate(RestTemplate restTemplate) {
         this.restTemplate = restTemplate;
     }
 
+    public void getUserName() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        // Check if the user is authenticated
+        if (authentication != null && authentication.isAuthenticated()) {
+            // Get the UserDetails object, which contains user information
+            UserDetails userDetails = (UserDetails) authentication.getPrincipal();
+            // Get the username of the authenticated user
+            String username = userDetails.getUsername();
+            log.info("User name {} ", username);
+        }
+    }
+
     @SuppressWarnings({ "rawtypes", "unchecked" })
     @ApiOperation(value = "To publish eiffel event to message bus", response = String.class)
     @ApiResponses(value = { @ApiResponse(code = 200, message = "Event sent successfully"),
@@ -106,20 +122,16 @@ public ResponseEntity send(
             @ApiParam(value = "tag") @RequestParam(value = "tag", required = false) final String tag,
             @ApiParam(value = "routing key") @RequestParam(value = "rk", required = false) final String routingKey,
             @ApiParam(value = "eiffel event", required = true) @RequestBody final JsonElement body) {
+        if(isAuthenticationEnabled) {
+            getUserName();
+        }
+
         MsgService msgService = PublishUtils.getMessageService(msgProtocol, msgServices);
         log.debug("mp: " + msgProtocol);
         log.debug("body: " + body);
         log.debug("user domain suffix: " + userDomain + " tag: " + tag + " Routing Key: "
                 + routingKey);
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-        // Check if the user is authenticated
-        if (authentication != null && authentication.isAuthenticated()) {
-            // Get the UserDetails object, which contains user information
-            UserDetails userDetails = (UserDetails) authentication.getPrincipal();
-            // Get the username of the authenticated user
-            String username = userDetails.getUsername();
-            log.info("Authentication Successful for user {} ", username);
-        }
+
         if (msgService != null && msgProtocol != null) {
             try {
                 rmqHelper.rabbitMqPropertiesInit(msgProtocol);
@@ -182,6 +194,9 @@ public ResponseEntity generateAndPublish(@ApiParam(value = "message protocol", r
                                                      + "event fields from the input event data that does not validate successfully, "
                                                      + "and add those removed field information into customData/remremGenerateFailures") @RequestParam(value = "okToLeaveOutInvalidOptionalFields", required = false, defaultValue = "false")  final Boolean okToLeaveOutInvalidOptionalFields,
                                              @ApiParam(value = "JSON message", required = true) @RequestBody final JsonObject bodyJson) {
+        if (isAuthenticationEnabled) {
+            getUserName();
+        }
 
         String bodyJsonOut = null;
         if(parseData) {

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint`
`24`	`24`	`public void commence(HttpServletRequest request, HttpServletResponse response,`
`25`	`25`	`AuthenticationException authException) throws IOException, ServletException {`
`26`	`26`	`if (authException instanceof BadCredentialsException) {`
`27`		`- LOGGER.info("Bad Credentials {}", HttpStatus.UNAUTHORIZED);`
	`27`	`+ LOGGER.warn("Bad Credentials {}", HttpStatus.UNAUTHORIZED);`
`28`	`28`	`response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid credentials");`
`29`	`29`	`}`
`30`	`30`	`}`