From 7a3084fa7d00fc77bc286ca0a487b14d31f919e8 Mon Sep 17 00:00:00 2001 From: Fiete Ostkamp Date: Wed, 18 Oct 2023 14:29:59 +0200 Subject: Update spring-boot to 2.2 - update spring-boot to latest available 2.2.X release - pom inheritance via aai-parent pom makes it necessary to also explicitly specify spring framework versions - replace deprecations around Profiles Issue-ID: AAI-3665 Change-Id: I74b22a76ef14217b888ae6bb12cb83d86f9e4241 Signed-off-by: Fiete Ostkamp --- .../src/main/java/org/onap/aai/Profiles.java | 37 ---------------------- .../src/main/java/org/onap/aai/ResourcesApp.java | 4 ++- .../main/java/org/onap/aai/ResourcesProfiles.java | 37 ++++++++++++++++++++++ .../interceptors/pre/OneWaySslAuthorization.java | 4 +-- .../java/org/onap/aai/rest/LegacyMoxyConsumer.java | 17 ++++++++++ .../onap/aai/rest/security/WebSecurityConfig.java | 2 +- .../org/onap/aai/service/AuthorizationService.java | 4 +-- .../java/org/onap/aai/web/JerseyConfiguration.java | 4 +-- .../src/main/resources/application.properties | 2 +- .../org/onap/aai/ResourcesTestConfiguration.java | 5 +-- .../src/test/resources/application-test.properties | 3 +- 11 files changed, 69 insertions(+), 50 deletions(-) delete mode 100644 aai-resources/src/main/java/org/onap/aai/Profiles.java create mode 100644 aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java (limited to 'aai-resources/src') diff --git a/aai-resources/src/main/java/org/onap/aai/Profiles.java b/aai-resources/src/main/java/org/onap/aai/Profiles.java deleted file mode 100644 index 9c7c05f..0000000 --- a/aai-resources/src/main/java/org/onap/aai/Profiles.java +++ /dev/null @@ -1,37 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.aai; - -public final class Profiles { - - public static final String DMAAP = "dmaap"; - public static final String DME2 = "dme2"; - - public static final String ONE_WAY_SSL = "one-way-ssl"; - // AAF Basic Auth - public static final String AAF_AUTHENTICATION = "aaf-auth"; - // AAF Auth with Client Certs - public static final String AAF_CERT_AUTHENTICATION = "aaf-cert-auth"; - public static final String TWO_WAY_SSL = "two-way-ssl"; - - private Profiles() { - } -} diff --git a/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java b/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java index 0538416..007b0d1 100644 --- a/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java +++ b/aai-resources/src/main/java/org/onap/aai/ResourcesApp.java @@ -42,6 +42,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceTransactionManagerA import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.context.annotation.ComponentScan; import org.springframework.core.env.Environment; +import org.springframework.core.env.Profiles; @SpringBootApplication( exclude = {DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class, @@ -88,7 +89,8 @@ public class ResourcesApp { logger.info("Starting AAIGraph connections and the NodeInjestor"); - if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) { + // if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) { + if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL, ResourcesProfiles.ONE_WAY_SSL))) { logger.warn("You have seriously misconfigured your application"); } diff --git a/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java b/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java new file mode 100644 index 0000000..7fecfec --- /dev/null +++ b/aai-resources/src/main/java/org/onap/aai/ResourcesProfiles.java @@ -0,0 +1,37 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aai; + +public final class ResourcesProfiles { + + public static final String DMAAP = "dmaap"; + public static final String DME2 = "dme2"; + + public static final String ONE_WAY_SSL = "one-way-ssl"; + // AAF Basic Auth + public static final String AAF_AUTHENTICATION = "aaf-auth"; + // AAF Auth with Client Certs + public static final String AAF_CERT_AUTHENTICATION = "aaf-cert-auth"; + public static final String TWO_WAY_SSL = "two-way-ssl"; + + private ResourcesProfiles() { + } +} diff --git a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java index bc7390e..b532105 100644 --- a/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java +++ b/aai-resources/src/main/java/org/onap/aai/interceptors/pre/OneWaySslAuthorization.java @@ -32,7 +32,7 @@ import javax.ws.rs.container.PreMatching; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.onap.aai.Profiles; +import org.onap.aai.ResourcesProfiles; import org.onap.aai.exceptions.AAIException; import org.onap.aai.interceptors.AAIContainerFilter; import org.onap.aai.logging.ErrorLogHelper; @@ -40,7 +40,7 @@ import org.onap.aai.service.AuthorizationService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Profile; -@Profile(Profiles.ONE_WAY_SSL) +@Profile(ResourcesProfiles.ONE_WAY_SSL) @PreMatching @Priority(AAIRequestFilterPriority.AUTHORIZATION) public class OneWaySslAuthorization extends AAIContainerFilter implements ContainerRequestFilter { diff --git a/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java b/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java index f429bf7..5208726 100644 --- a/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java +++ b/aai-resources/src/main/java/org/onap/aai/rest/LegacyMoxyConsumer.java @@ -32,6 +32,7 @@ import java.util.stream.Collectors; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.*; import javax.ws.rs.core.*; +import javax.ws.rs.core.Response.Status; import org.apache.commons.lang3.ObjectUtils; import org.javatuples.Pair; @@ -188,6 +189,22 @@ public class LegacyMoxyConsumer extends RESTAPI { } + /** + * Only PUT, DELETE and OPTIONS methods are allowed for /relationship-list/relationship endpoints + * This prevents the GET Path matching for "/{uri: .+}" to match for paths ending with /relationship-list/relationship + * The METHOD_NOT_ALLOWED code will be mapped to a BadRequest in the InvalidResponseStatus interceptor + */ + @GET + @Path("/{uri: .+}/relationship-list/relationship") + @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML}) + @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML}) + public Response disallowGetOnRelationshipListRelationship() { + return Response + .status(Status.METHOD_NOT_ALLOWED) + .allow("PUT","DELETE","OPTIONS") + .build(); + } + /** * Gets the legacy. * diff --git a/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java b/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java index ca303b1..c63a70a 100644 --- a/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java +++ b/aai-resources/src/main/java/org/onap/aai/rest/security/WebSecurityConfig.java @@ -72,7 +72,7 @@ public class WebSecurityConfig extends KeycloakWebSecurityConfigurerAdapter { } @Override - public void configure(WebSecurity web) throws Exception { + public void configure(WebSecurity web) { web.ignoring().regexMatchers("^.*/util/echo$"); } diff --git a/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java b/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java index a5eca4e..31dd953 100644 --- a/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java +++ b/aai-resources/src/main/java/org/onap/aai/service/AuthorizationService.java @@ -32,14 +32,14 @@ import java.util.stream.Stream; import javax.annotation.PostConstruct; import org.eclipse.jetty.util.security.Password; -import org.onap.aai.Profiles; +import org.onap.aai.ResourcesProfiles; import org.onap.aai.util.AAIConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Service; -@Profile(Profiles.ONE_WAY_SSL) +@Profile(ResourcesProfiles.ONE_WAY_SSL) @Service public class AuthorizationService { diff --git a/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java b/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java index c22832c..24004d1 100644 --- a/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java +++ b/aai-resources/src/main/java/org/onap/aai/web/JerseyConfiguration.java @@ -52,6 +52,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.core.env.Environment; +import org.springframework.core.env.Profiles; @Configuration public class JerseyConfiguration { @@ -67,7 +68,6 @@ public class JerseyConfiguration { private final Reflections loggingReflections = new Reflections(LOGGING_INTERCEPTOR_PACKAGE); private final Environment environment; - @Autowired public JerseyConfiguration(Environment environment) { this.environment = environment; } @@ -127,7 +127,7 @@ public class JerseyConfiguration { private boolean isEnabledByActiveProfiles(AnnotatedElement annotatedElement) { return !annotatedElement.isAnnotationPresent(Profile.class) - || environment.acceptsProfiles(annotatedElement.getAnnotation(Profile.class).value()); + || environment.acceptsProfiles(Profiles.of(annotatedElement.getAnnotation(Profile.class).value())); } private class MissingFilterPriorityException extends RuntimeException { diff --git a/aai-resources/src/main/resources/application.properties b/aai-resources/src/main/resources/application.properties index f8e60c4..af2e16e 100644 --- a/aai-resources/src/main/resources/application.properties +++ b/aai-resources/src/main/resources/application.properties @@ -98,7 +98,7 @@ management.server.port=8448 management.endpoints.enabled-by-default=true #To Enable Actuator Endpoint, you can override this in OOM Charts management.endpoints.web.exposure.include=info, health, prometheus -management.metrics.web.server.auto-time-requests=false +management.metrics.web.server.request.autotime.enabled=false management.metrics.distribution.percentiles-histogram[http.server.requests]=true management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms management.metrics.tags.group_id=aai diff --git a/aai-resources/src/test/java/org/onap/aai/ResourcesTestConfiguration.java b/aai-resources/src/test/java/org/onap/aai/ResourcesTestConfiguration.java index 7e91341..93b1519 100644 --- a/aai-resources/src/test/java/org/onap/aai/ResourcesTestConfiguration.java +++ b/aai-resources/src/test/java/org/onap/aai/ResourcesTestConfiguration.java @@ -38,6 +38,7 @@ import org.springframework.boot.test.context.TestConfiguration; import org.springframework.boot.web.client.RestTemplateBuilder; import org.springframework.context.annotation.Bean; import org.springframework.core.env.Environment; +import org.springframework.core.env.Profiles; import org.springframework.http.HttpStatus; import org.springframework.http.client.ClientHttpResponse; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; @@ -61,7 +62,7 @@ public class ResourcesTestConfiguration { RestTemplate restTemplate(RestTemplateBuilder builder) throws Exception { RestTemplate restTemplate = null; - if (env.acceptsProfiles("one-way-ssl", "two-way-ssl")) { + if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL, ResourcesProfiles.ONE_WAY_SSL))) { char[] trustStorePassword = env.getProperty("server.ssl.trust-store-password").toCharArray(); char[] keyStorePassword = env.getProperty("server.ssl.key-store-password").toCharArray(); @@ -69,7 +70,7 @@ public class ResourcesTestConfiguration { String trustStore = env.getProperty("server.ssl.trust-store"); SSLContextBuilder sslContextBuilder = SSLContextBuilder.create(); - if (env.acceptsProfiles("two-way-ssl")) { + if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL))) { sslContextBuilder = sslContextBuilder.loadKeyMaterial(loadPfx(keyStore, keyStorePassword), keyStorePassword); } diff --git a/aai-resources/src/test/resources/application-test.properties b/aai-resources/src/test/resources/application-test.properties index e228229..4c2b8d0 100644 --- a/aai-resources/src/test/resources/application-test.properties +++ b/aai-resources/src/test/resources/application-test.properties @@ -30,7 +30,6 @@ server.local.startpath=src/main/resources/ server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties server.port=8447 -security.require-ssl=false server.ssl.enabled=false #server.ssl.enabled-protocols=TLSv1.1,TLSv1.2 #server.ssl.key-store=${server.local.startpath}etc/auth/aai_keystore @@ -77,5 +76,5 @@ schema.translator.list=config management.server.port=0 management.endpoints.enabled-by-default=true management.endpoints.web.exposure.include=info, health, prometheus -management.metrics.web.server.auto-time-requests=false +management.metrics.web.server.request.autotime.enabled=false scrape.uri.metrics=true -- cgit 1.2.3-korg