From 7a3084fa7d00fc77bc286ca0a487b14d31f919e8 Mon Sep 17 00:00:00 2001 From: Fiete Ostkamp Date: Wed, 18 Oct 2023 14:29:59 +0200 Subject: Update spring-boot to 2.2 - update spring-boot to latest available 2.2.X release - pom inheritance via aai-parent pom makes it necessary to also explicitly specify spring framework versions - replace deprecations around Profiles Issue-ID: AAI-3665 Change-Id: I74b22a76ef14217b888ae6bb12cb83d86f9e4241 Signed-off-by: Fiete Ostkamp --- .../src/main/java/org/onap/aai/Profiles.java | 37 ---------------------- .../src/main/java/org/onap/aai/ResourcesApp.java | 4 ++- .../main/java/org/onap/aai/ResourcesProfiles.java | 37 ++++++++++++++++++++++ .../interceptors/pre/OneWaySslAuthorization.java | 4 +-- .../java/org/onap/aai/rest/LegacyMoxyConsumer.java | 17 ++++++++++ .../onap/aai/rest/security/WebSecurityConfig.java | 2 +- .../org/onap/aai/service/AuthorizationService.java | 4 +-- .../java/org/onap/aai/web/JerseyConfiguration.java | 4 +-- 8 files changed, 64 insertions(+), 45 deletions(-) delete mode 100644 aai-resources/src/main/java/org/onap/aai/Profiles.java create mode 100644 aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java (limited to 'aai-resources/src/main/java') diff --git a/aai-resources/src/main/java/org/onap/aai/Profiles.java b/aai-resources/src/main/java/org/onap/aai/Profiles.java deleted file mode 100644 index 9c7c05f4..00000000 --- a/aai-resources/src/main/java/org/onap/aai/Profiles.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aai; - -public final class Profiles { - - public static final String DMAAP = "dmaap"; - public static final String DME2 = "dme2"; - - public static final String ONE_WAY_SSL = "one-way-ssl"; - // AAF Basic Auth - public static final String AAF_AUTHENTICATION = "aaf-auth"; - // AAF Auth with Client Certs - public static final String AAF_CERT_AUTHENTICATION = "aaf-cert-auth"; - public static final String TWO_WAY_SSL = "two-way-ssl"; - - private Profiles() { - } -} diff --git a/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java b/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java index 05384161..007b0d16 100644 --- a/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java +++ b/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java @@ -42,6 +42,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerA import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.context.annotation.ComponentScan; import org.springframework.core.env.Environment; +import org.springframework.core.env.Profiles; @SpringBootApplication( exclude = {DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class, @@ -88,7 +89,8 @@ public class ResourcesApp { logger.info("Starting AAIGraph connections and the NodeInjestor"); - if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) { + // if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) { + if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL, ResourcesProfiles.ONE_WAY_SSL))) { logger.warn("You have seriously misconfigured your application"); } diff --git a/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java b/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java new file mode 100644 index 00000000..7fecfecf --- /dev/null +++ b/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java @@ -0,0 +1,37 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aai; + +public final class ResourcesProfiles { + + public static final String DMAAP = "dmaap"; + public static final String DME2 = "dme2"; + + public static final String ONE_WAY_SSL = "one-way-ssl"; + // AAF Basic Auth + public static final String AAF_AUTHENTICATION = "aaf-auth"; + // AAF Auth with Client Certs + public static final String AAF_CERT_AUTHENTICATION = "aaf-cert-auth"; + public static final String TWO_WAY_SSL = "two-way-ssl"; + + private ResourcesProfiles() { + } +} diff --git a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java index bc7390ea..b5321052 100644 --- a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java +++ b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java @@ -32,7 +32,7 @@ import javax.ws.rs.container.PreMatching; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.onap.aai.Profiles; +import org.onap.aai.ResourcesProfiles; import org.onap.aai.exceptions.AAIException; import org.onap.aai.interceptors.AAIContainerFilter; import org.onap.aai.logging.ErrorLogHelper; @@ -40,7 +40,7 @@ import org.onap.aai.service.AuthorizationService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Profile; -@Profile(Profiles.ONE_WAY_SSL) +@Profile(ResourcesProfiles.ONE_WAY_SSL) @PreMatching @Priority(AAIRequestFilterPriority.AUTHORIZATION) public class OneWaySslAuthorization extends AAIContainerFilter implements ContainerRequestFilter { diff --git a/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java b/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java index f429bf73..5208726b 100644 --- a/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java +++ b/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java @@ -32,6 +32,7 @@ import java.util.stream.Collectors; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.*; import javax.ws.rs.core.*; +import javax.ws.rs.core.Response.Status; import org.apache.commons.lang3.ObjectUtils; import org.javatuples.Pair; @@ -188,6 +189,22 @@ public class LegacyMoxyConsumer extends RESTAPI { } + /** + * Only PUT, DELETE and OPTIONS methods are allowed for /relationship-list/relationship endpoints + * This prevents the GET Path matching for "/{uri: .+}" to match for paths ending with /relationship-list/relationship + * The METHOD_NOT_ALLOWED code will be mapped to a BadRequest in the InvalidResponseStatus interceptor + */ + @GET + @Path("/{uri: .+}/relationship-list/relationship") + @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML}) + @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML}) + public Response disallowGetOnRelationshipListRelationship() { + return Response + .status(Status.METHOD_NOT_ALLOWED) + .allow("PUT","DELETE","OPTIONS") + .build(); + } + /** * Gets the legacy. * diff --git a/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java b/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java index ca303b1e..c63a70a0 100644 --- a/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java +++ b/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java @@ -72,7 +72,7 @@ public class WebSecurityConfig extends KeycloakWebSecurityConfigurerAdapter { } @Override - public void configure(WebSecurity web) throws Exception { + public void configure(WebSecurity web) { web.ignoring().regexMatchers("^.*/util/echo$"); } diff --git a/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java b/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java index a5eca4ed..31dd9533 100644 --- a/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java +++ b/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java @@ -32,14 +32,14 @@ import java.util.stream.Stream; import javax.annotation.PostConstruct; import org.eclipse.jetty.util.security.Password; -import org.onap.aai.Profiles; +import org.onap.aai.ResourcesProfiles; import org.onap.aai.util.AAIConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Service; -@Profile(Profiles.ONE_WAY_SSL) +@Profile(ResourcesProfiles.ONE_WAY_SSL) @Service public class AuthorizationService { diff --git a/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java b/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java index c22832cd..24004d18 100644 --- a/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java +++ b/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java @@ -52,6 +52,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.core.env.Environment; +import org.springframework.core.env.Profiles; @Configuration public class JerseyConfiguration { @@ -67,7 +68,6 @@ public class JerseyConfiguration { private final Reflections loggingReflections = new Reflections(LOGGING_INTERCEPTOR_PACKAGE); private final Environment environment; - @Autowired public JerseyConfiguration(Environment environment) { this.environment = environment; } @@ -127,7 +127,7 @@ public class JerseyConfiguration { private boolean isEnabledByActiveProfiles(AnnotatedElement annotatedElement) { return !annotatedElement.isAnnotationPresent(Profile.class) - || environment.acceptsProfiles(annotatedElement.getAnnotation(Profile.class).value()); + || environment.acceptsProfiles(Profiles.of(annotatedElement.getAnnotation(Profile.class).value())); } private class MissingFilterPriorityException extends RuntimeException { -- cgit