93. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 3/29/2017 4:53:29 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

93.1 Files compared

#	Location	File	Last Modified
1	CTT-DM CIF Submission.zip\code\ISAAC-rest\src\main\java\gov\vha\isaac\rest\session	PrismeIntegratedUserService.java	Fri Mar 3 16:21:48 2017 UTC
2	CTT-DM CIF Submission.zip\code\ISAAC-rest\src\main\java\gov\vha\isaac\rest\session	PrismeIntegratedUserService.java	Wed Mar 29 17:42:40 2017 UTC

93.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	3	424
Changed	2	4
Inserted	0	0
Removed	0	0

93.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

93.4 Active regular expressions

No regular expressions were active.

93.5 Comparison detail

	1	/**
	2	* Copyrig ht Notice
	3	*
	4	* This is a work of the U.S. Government and is no t subject to copyrig ht
	5	* protect ion in the United St ates. Fore ign copyri ghts may a pply.
	6	*
	7	* License d under th e Apache L icense, Ve rsion 2.0 (the "Lice nse");
	8	* you may not use t his file e xcept in c ompliance with the L icense.
	9	* You may obtain a copy of th e License at
	10	*
	11	* http:// www.apache .org/licen ses/LICENS E-2.0
	12	*
	13	* Unless required b y applicab le law or agreed to in writing , software
	14	* distrib uted under the Licen se is dist ributed on an "AS IS " BASIS,
	15	* WITHOUT WARRANTIE S OR CONDI TIONS OF A NY KIND, e ither expr ess or imp lied.
	16	* See the License f or the spe cific lang uage gover ning permi ssions and
	17	* limitat ions under the Licen se.
	18	*/
	19	package go v.vha.isaa c.rest.ses sion;
	20
	21	import jav a.io.IOExc eption;
	22	import jav a.net.URL;
	23	import jav a.util.Col lections;
	24	import jav a.util.Has hSet;
	25	import jav a.util.Opt ional;
	26	import jav a.util.Set ;
	27	import jav a.util.UUI D;
	28
	29	import jav ax.inject. Singleton;
	30
	31	import org .apache.lo gging.log4 j.LogManag er;
	32	import org .apache.lo gging.log4 j.Logger;
	33	import org .glassfish .hk2.api.R ank;
	34	import org .jvnet.hk2 .annotatio ns.Service ;
	35
	36	import com .fasterxml .jackson.c ore.JsonPa rseExcepti on;
	37	import com .fasterxml .jackson.d atabind.Js onMappingE xception;
	38
	39	import gov .vha.isaac .ochre.api .UserRole;
	40
	41	/**
	42	* The Cla ss PrismeI ntegratedU serService
	43	*
	44	* {@link PrismeInte gratedUser Service}
	45	*
	46	* @author <a href=" mailto:joe l.kniaz.li st@gmail.c om">Joel K niaz</a>
	47	*/
	48	@Service(n ame="rest- prismeUser Service")
	49	@Rank(valu e = 10)
	50	@Singleton
	51	public cla ss PrismeI ntegratedU serService implement s PrismeUs erService {
	52	pr ivate stat ic Logger log = LogM anager.get Logger(Pri smeIntegra tedUserSer vice.class );
	53
	54	// private Pr operties p rismePrope rties_ = n ull;
	55
	56	pr otected Pr ismeIntegr atedUserSe rvice() {
	57	//fo r HK2
	58	}
	59
	60	/* (non-Java doc)
	61	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #getUser(j ava.lang.S tring)
	62	*
	63	* This impl ementation will fail if PRISME is not co nfigured
	64	* /
	65	@O verride
	66	pu blic Optio nal<User> getUser(St ring ssoTo ken) {
	67	try {
	68	return getUserFr omPrisme(s soToken);
	69	} ca tch (IOExc eption e) {
	70	throw new Runtim eException (e);
	71	}
	72	}
	73
	74	/* (non-Java doc)
	75	* @see gov. vha.isaac. ochre.api. UserRoleSe rvice#getU serRoles(j ava.util.U UID)
	76	*
	77	* This meth od should throw exce ption if t he user ha s not alre ady been c ached
	78	* /
	79	/* (non-Java doc)
	80	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #getUserRo les(java.u til.UUID)
	81	* /
	82	@O verride
	83	pu blic Set<U serRole> g etUserRole s(UUID use rId)
	84	{
	85	retu rn UserCac he.get(use rId).get() .getRoles( );
	86	}
	87
	88	/* (non-Java doc)
	89	* @see gov. vha.isaac. ochre.api. UserRoleSe rvice#getA llUserRole s()
	90	*
	91	* This impl ementation gets all roles from PRISME IF F prisme.p roperties is in clas spath
	92	* and conta ins a valu e for prop erty "pris me_all_rol es_url", o therwise i t returns all of the
	93	* UserRole text value s except f or "automa ted"
	94	* /
	95	/* (non-Java doc)
	96	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #getAllUse rRoles()
	97	* /
	98	@O verride
	99	pu blic Set<U serRole> g etAllUserR oles()
	100	{
	101	if ( usePrismeF orAllRoles ()) {
	102	try {
	103	return g etAllRoles FromPrisme ();
	104	} catc h (IOExcep tion e) {
	105	throw ne w RuntimeE xception(e );
	106	}
	107	} el se {
	108	Set<Us erRole> av ailableRol es = new H ashSet<>() ;
	109
	110	for (U serRole ro le : UserR ole.values ()) {
	111	if (role != UserRo le.AUTOMAT ED) { // A UTOMATED w ill not be a PRISME role
	112	availableR oles.add(r ole);
	113	}
	114	}
	115
	116	return Collectio ns.unmodif iableSet(a vailableRo les);
	117	}
	118	}
	119
	120	pr otected St ring getPr ismeAllRol esUrl() {
	121	retu rn PrismeS erviceUtil s.getPrism ePropertie s().getPro perty("pri sme_all_ro les_url");
	122	}
	123	/* (non-Java doc)
	124	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #usePrisme ForAllRole s()
	125	* /
	126	@O verride
	127	pu blic boole an usePris meForAllRo les() {
	128	retu rn getPris meAllRoles Url() != n ull;
	129	}
	130	pr otected St ring getPr ismeRolesB yTokenUrl( ) {
	131	retu rn PrismeS erviceUtil s.getPrism ePropertie s().getPro perty("pri sme_roles_ by_token_u rl");
	132	}
	133	/* (non-Java doc)
	134	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #usePrisme ForRolesBy Token()
	135	* /
	136	@O verride
	137	pu blic boole an usePris meForRoles ByToken() {
	138	retu rn getPris meRolesByT okenUrl() != null;
	139	}
	140	pr otected St ring getSs oTokenByNa meUrl() {
	141	retu rn PrismeS erviceUtil s.getPrism ePropertie s().getPro perty("pri sme_roles_ user_url") ;
	142	}
	143	/* (non-Java doc)
	144	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #usePrisme ForSsoToke nByName()
	145	* /
	146	@O verride
	147	pu blic boole an usePris meForSsoTo kenByName( ) {
	148	retu rn getSsoT okenByName Url() != n ull;
	149	}
	150	/* (non-Java doc)
	151	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #safeGetTo ken(java.l ang.String , java.lan g.String)
	152	* /
	153	@O verride
	154	pu blic Optio nal<String > safeGetT oken(Strin g id, Stri ng passwor d) {
	155	try {
	156	return Optional. of(getToke n(id, pass word));
	157	} ca tch (Excep tion e) {
	158	System .err.print ln(e);
	159	e.prin tStackTrac e();
	160	return Optional. empty();
	161	}
	162	}
	163	/* (non-Java doc)
	164	* @see gov. vha.isaac. rest.sessi on.PrismeU serService #getToken( java.lang. String, ja va.lang.St ring)
	165	* /
	166	@O verride
	167	pu blic Strin g getToken (String id , String p assword) t hrows Exce ption {
	168	if ( usePrismeF orSsoToken ByName()) {
	169	return getUserSs oTokenFrom Prisme(id, password) ;
	170	} el se {
	171	throw new Runtim eException ("Cannot g enerate SS O token fo r " + id + " without access to PRISME");
	172	}
	173	}
	174
	175	// Private h elpers
	176	pr otected Op tional<Use r> getUser FromPrisme (String ss oToken) th rows JsonP arseExcept ion, JsonM appingExce ption, IOE xception {
	177	// /*
	178	// * E xample URL for get_r oles_by_to ken
	179	// * URL url = new URL( "https:// DNS . DNS /rails_pri sme/roles/ get_roles_ by_token.j son?token= " + token) ;
	180	// */
	181	// /*
	182	// * E xample SSO Token
	183	// * % 5B%22u%5Cf %5Cx8F%5Cx B1X%5C%22% 5CxC2%5CxE E%5CxFA%5C xE1%5Cx94% 5CxBF3%5Cx A9%5Cx16K% 22%2C+%22% 7EK%5CxC4% 5CxEFXk%5C x80%5CxB1% 5CxA3%5CxF 3%5Cx8D%5C xB1%5Cx7F% 5CxBC%5Cx0 2K%22%2C+% 22k%5Cf%5C xDC%5CxF7% 2CP%5CxB2% 5Cx97%5Cx9 9%5Cx99%5C xE0%5CxE1% 7C%5CxBF%5 Cx1DK%22%2 C+%22J%5Cf %5Cx9B%5Cx D8w%5Cx15% 5CxFE%5CxD 3%5CxC7%5C xDC%5CxAC% 5Cx9E%5Cx1 C%5CxD0bG% 22%5D
	184	// */
	185	// //String j son = "{\" roles\":[{ \"id\":100 00,\"name\ ":\"read_o nly\",\"re source_id\ ":null,\"r esource_ty pe\":null, \"created_ at\":\"201 6-09-13T14 :48:18.000 Z\",\"upda ted_at\":\ "2016-09-1 3T14:48:18 .000Z\"}], \"token_pa rsed?\":tr ue,\"user\ ":\" DN S D NS \",\"type\ ":\"ssoi\" ,\"id\":10 005}";
	186	Stri ng prismeR olesByToke nUrlStr = getPrismeR olesByToke nUrl();
	187	log. trace("Ret rieved fro m prisme.p roperties prismeRole sByTokenUr lStr=\"" + prismeRol esByTokenU rlStr + "\ "");
	188	URL url = new URL(prisme RolesByTok enUrlStr);
	189	Opti onal<User> user = Us erServiceU tils.getUs erFromUrl( url, ssoTo ken);
	190	log. trace("Ret rieved fro m " + pris meRolesByT okenUrlStr + " user= \"" + user + "\"");
	191
	192	if ( ! user.isP resent()) {
	193	log.er ror("FAILE D retrievi ng User fr om " + pri smeRolesBy TokenUrlSt r);
	194	}
	195	retu rn user;
	196	}
	197	pr otected Se t<UserRole > getAllRo lesFromPri sme() thro ws JsonPar seExceptio n, JsonMap pingExcept ion, IOExc eption {
	198	Stri ng prismeA llRolesUrl Str = getP rismeAllRo lesUrl();
	199	log. trace("Ret rieved fro m prisme.p roperties prismeAllR olesUrlStr =\"" + pri smeAllRole sUrlStr + "\"");
	200	URL url = new URL(prisme AllRolesUr lStr);
	201	Set< UserRole> allRolesFr omFromPris me = UserS erviceUtil s.getAllRo lesFromUrl (url);
	202	log. trace("Ret rieved fro m " + pris meAllRoles UrlStr + " allRolesF romFromPri sme=" + al lRolesFrom FromPrisme );
	203	retu rn allRole sFromFromP risme;
	204	}
	205
	206	pr otected St ring getUs erSsoToken FromPrisme (String id , String p assword) t hrows Exce ption {
	207	Stri ng ssoToke nByNameUrl Str = getS soTokenByN ameUrl();
	208	log. trace("Ret rieved fro m prisme.p roperties ssoTokenBy NameUrlStr =\"" + sso TokenByNam eUrlStr + "\"");
	209	URL url = new URL(ssoTok enByNameUr lStr);
	210	Stri ng ssoToke n = UserSe rviceUtils .getUserSs oTokenFrom Url(url, i d, passwor d);
	211	log. trace("Ret rieved fro m " + ssoT okenByName UrlStr + " ssoToken= \"" + ssoT oken + "\" ");
	212	retu rn ssoToke n;
	213	}
	214	}