1 files changed, 79 insertions, 8 deletions

diff --git a/aai-resources/src/main/java/org/onap/aai/config/PropertyPasswordConfiguration.java b/aai-resources/src/main/java/org/onap/aai/config/PropertyPasswordConfiguration.java
index a4b4313..0d2ff88 100644
--- a/aai-resources/src/main/java/org/onap/aai/config/PropertyPasswordConfiguration.java
+++ b/aai-resources/src/main/java/org/onap/aai/config/PropertyPasswordConfiguration.java
@@ -19,30 +19,95 @@
  */
 package org.onap.aai.config;
 
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
 import java.util.LinkedHashMap;
 import java.util.Map;
-import java.util.Optional;
+import java.util.Properties;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import org.apache.commons.io.IOUtils;
 import org.springframework.context.ApplicationContextInitializer;
 import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.core.env.CompositePropertySource;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.core.env.EnumerablePropertySource;
-import org.springframework.core.env.MapPropertySource;
-import org.springframework.core.env.PropertySource;
-import org.springframework.stereotype.Component;
+import org.springframework.core.env.*;
 
 public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext> {
 
     private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
-
     private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
+    private static final EELFLogger logger = EELFManager.getInstance().getLogger(PropertyPasswordConfiguration.class.getName());
 
     @Override
     public void initialize(ConfigurableApplicationContext applicationContext) {
         ConfigurableEnvironment environment = applicationContext.getEnvironment();
+        String certPath = environment.getProperty("server.certs.location");
+        File passwordFile = null;
+        File passphrasesFile = null;
+        InputStream passwordStream = null;
+        InputStream passphrasesStream = null;
+        Map<String, Object> sslProps = new LinkedHashMap<>();
+
+        // Override the passwords from application.properties if we find AAF certman files
+        if (certPath != null) {
+            try {
+                passwordFile = new File(certPath + ".password");
+                passwordStream = new FileInputStream(passwordFile);
+
+                if (passwordStream != null) {
+                    String keystorePassword = null;
+
+                    keystorePassword = IOUtils.toString(passwordStream);
+                    if (keystorePassword != null) {
+                        keystorePassword = keystorePassword.trim();
+                    }
+                    sslProps.put("server.ssl.key-store-password", keystorePassword);
+                    sslProps.put("schema.service.ssl.key-store-password", keystorePassword);
+                } else {
+                    logger.info("Not using AAF Certman password file");
+                }
+            } catch (IOException e) {
+                logger.warn("Not using AAF Certman password file, e=" + e.getMessage());
+            } finally {
+                if (passwordStream != null) {
+                    try {
+                        passwordStream.close();
+                    } catch (Exception e) {
+                    }
+                }
+            }
+            try {
+                passphrasesFile = new File(certPath + ".passphrases");
+                passphrasesStream = new FileInputStream(passphrasesFile);
+
+                if (passphrasesStream != null) {
+                    String truststorePassword = null;
+                    Properties passphrasesProps = new Properties();
+                    passphrasesProps.load(passphrasesStream);
+                    truststorePassword = passphrasesProps.getProperty("cadi_truststore_password");
+                    if (truststorePassword != null) {
+                        truststorePassword = truststorePassword.trim();
+                    }
+                    sslProps.put("server.ssl.trust-store-password", truststorePassword);
+                    sslProps.put("schema.service.ssl.trust-store-password", truststorePassword);
+                } else {
+                    logger.info("Not using AAF Certman passphrases file");
+                }
+            } catch (IOException e) {
+                logger.warn("Not using AAF Certman passphrases file, e=" + e.getMessage());
+            } finally {
+                if (passphrasesStream != null) {
+                    try {
+                        passphrasesStream.close();
+                    } catch (Exception e) {
+                    }
+                }
+            }
+        }
         for (PropertySource<?> propertySource : environment.getPropertySources()) {
             Map<String, Object> propertyOverrides = new LinkedHashMap<>();
             decodePasswords(propertySource, propertyOverrides);
@@ -50,6 +115,12 @@ public class PropertyPasswordConfiguration implements ApplicationContextInitiali
                 PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
                 environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
             }
+
+        }
+        if (!sslProps.isEmpty()) {
+            logger.info("Using AAF Certman files");
+            PropertySource<?> additionalProperties = new MapPropertySource("additionalProperties", sslProps);
+            environment.getPropertySources().addFirst(additionalProperties);
         }
     }