Restructuring the folders

sample/pom.xml

@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http:https://maven.apache.org/POM/4.0.0" xmlns:xsi="http:https://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http:https://maven.apache.org/POM/4.0.0 http:https://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-parent</artifactId>
+ <version>2.1.3.RELEASE</version>
+ <relativePath/> <!-- lookup parent from repository -->
+ </parent>
+ <groupId>com.rnavagamuwa</groupId>
+ <artifactId>spring-security-abac</artifactId>
+ <version>0.0.1-SNAPSHOT</version>
+ <name>spring-security-abac</name>
+ <description>Demo project for Spring Boot</description>
+
+ <properties>
+ <java.version>1.8</java.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-actuator</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-thymeleaf</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.wso2.spring.security</groupId>
+ <artifactId>abac</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ </plugin>
+ </plugins>
+ </build>
+
+</project>

src/main/java/com/rnavagamuwa/springsecurity/security/MethodSecurityConfig.java → sample/src/main/java/com/rnavagamuwa/springsecurity/security/MethodSecurityConfig.java

@@ -1,11 +1,11 @@
 package com.rnavagamuwa.springsecurity.security;
 
-import com.rnavagamuwa.springsecurity.abac.AttributeEvaluator;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
 import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
+import org.wso2.spring.security.abac.AttributeEvaluator;
 
 /**
  * @author Randika Navagamuwa

sample/src/main/resources/application.properties

@@ -0,0 +1,3 @@
+spring.thymeleaf.cache=false
+#logging.level.web=debug
+xacml.pdp.url=https://localhost:9443/api/identity/entitlement/decision/pdp

sdk/pom.xml

@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http:https://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http:https://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http:https://maven.apache.org/POM/4.0.0 http:https://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-parent</artifactId>
+ <version>2.1.3.RELEASE</version>
+ <relativePath/> <!-- lookup parent from repository -->
+ </parent>
+
+ <groupId>org.wso2.spring.security</groupId>
+ <artifactId>abac</artifactId>
+ <version>1.0-SNAPSHOT</version>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-actuator</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-thymeleaf</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>${commons-io.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ <version>${org.json.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.velocity</groupId>
+ <artifactId>velocity</artifactId>
+ <version>${org.apache.velocity.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.ehcache</groupId>
+ <artifactId>ehcache</artifactId>
+ </dependency>
+
+ </dependencies>
+
+ <properties>
+ <commons-io.version>2.6</commons-io.version>
+ <org.json.version>20180813</org.json.version>
+ <org.apache.velocity.version>1.7</org.apache.velocity.version>
+ </properties>
+</project>

src/main/java/com/rnavagamuwa/springsecurity/abac/AttributeEvaluator.java → sdk/src/main/java/org/wso2/spring/security/abac/AttributeEvaluator.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac;
+package org.wso2.spring.security.abac;
 
 import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;

src/main/java/com/rnavagamuwa/springsecurity/abac/AttributeHandler.java → sdk/src/main/java/org/wso2/spring/security/abac/AttributeHandler.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac;
+package org.wso2.spring.security.abac;
 
 /**
  * @author Randika Navagamuwa

src/main/java/com/rnavagamuwa/springsecurity/abac/AuthRequestBuilder.java → sdk/src/main/java/org/wso2/spring/security/abac/AuthRequestBuilder.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac;
+package org.wso2.spring.security.abac;
 
 /**
  * @author Randika Navagamuwa

src/main/java/com/rnavagamuwa/springsecurity/abac/XacmlAttributeHandler.java → sdk/src/main/java/org/wso2/spring/security/abac/XacmlAttributeHandler.java

@@ -1,15 +1,18 @@
-package com.rnavagamuwa.springsecurity.abac;
+package org.wso2.spring.security.abac;
 
-import com.rnavagamuwa.springsecurity.abac.cache.CacheManager;
-import com.rnavagamuwa.springsecurity.abac.cache.EhCacheManager;
 import org.json.JSONArray;
 import org.json.JSONObject;
+import org.springframework.core.io.support.PropertiesLoaderUtils;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.client.RestTemplate;
+import org.wso2.spring.security.abac.cache.CacheManager;
+import org.wso2.spring.security.abac.cache.EhCacheManager;
+import org.wso2.spring.security.abac.exception.AttributeEvaluatorException;
 
+import java.io.IOException;
 import java.util.Collections;
 
 /**
@@ -18,11 +21,25 @@
 @SuppressWarnings("WeakerAccess")
 public class XacmlAttributeHandler implements AttributeHandler {
 
- private static String XACML_PDP_URL = "https://localhost:9443/api/identity/entitlement/decision/pdp";
+ private static String XACML_PDP_URL;
  private CacheManager cacheManager;
 
  public XacmlAttributeHandler() {
 
+ try {
+ XACML_PDP_URL = PropertiesLoaderUtils
+ .loadAllProperties("application.properties")
+ .getProperty("xacml.pdp.url");
+ } catch (IOException e) {
+
+ //todo stop the whole app
+ throw new AttributeEvaluatorException("Failed to read the XACML PDP Url", e);
+ }
+
+ if (XACML_PDP_URL == null) {
+ //todo stop the whole app
+ }
+
  this.cacheManager = new EhCacheManager();
  }
 
@@ -64,4 +81,5 @@ public boolean authorize(String authRequest) {
  }
  return true;
  }
+
 }

src/main/java/com/rnavagamuwa/springsecurity/abac/XacmlAuthRequestBuilder.java → sdk/src/main/java/org/wso2/spring/security/abac/XacmlAuthRequestBuilder.java

@@ -1,6 +1,5 @@
-package com.rnavagamuwa.springsecurity.abac;
+package org.wso2.spring.security.abac;
 
-import com.rnavagamuwa.springsecurity.abac.exception.AttributeEvaluatorException;
 import org.apache.commons.io.FileUtils;
 import org.apache.velocity.Template;
 import org.apache.velocity.VelocityContext;
@@ -10,6 +9,7 @@
 import org.springframework.util.ResourceUtils;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
+import org.wso2.spring.security.abac.exception.AttributeEvaluatorException;
 
 import java.io.IOException;
 import java.io.StringWriter;

src/main/java/com/rnavagamuwa/springsecurity/abac/cache/CacheManager.java → sdk/src/main/java/org/wso2/spring/security/abac/cache/CacheManager.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac.cache;
+package org.wso2.spring.security.abac.cache;
 
 /**
  * @author Randika Navagamuwa

src/main/java/com/rnavagamuwa/springsecurity/abac/cache/EhCacheManager.java → sdk/src/main/java/org/wso2/spring/security/abac/cache/EhCacheManager.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac.cache;
+package org.wso2.spring.security.abac.cache;
 
 import org.ehcache.Cache;
 import org.ehcache.CacheManager;
@@ -12,7 +12,7 @@
 /**
  * @author Randika Navagamuwa
  */
-public class EhCacheManager implements com.rnavagamuwa.springsecurity.abac.cache.CacheManager {
+public class EhCacheManager implements org.wso2.spring.security.abac.cache.CacheManager {
 
  private static String CACHE_NAME = "policyRequestCache";
  private static long EXPIRY_IN_MINUTUES = 60;

src/main/java/com/rnavagamuwa/springsecurity/abac/exception/AttributeEvaluatorException.java → sdk/src/main/java/org/wso2/spring/security/abac/exception/AttributeEvaluatorException.java

@@ -1,4 +1,4 @@
-package com.rnavagamuwa.springsecurity.abac.exception;
+package org.wso2.spring.security.abac.exception;
 
 /**
  * @author Randika Navagamuwa