summaryrefslogtreecommitdiffstats
path: root/src/main/java
diff options
context:
space:
mode:
authorarul.nambi <arul.nambi@amdocs.com>2017-08-31 15:15:00 -0400
committerarul.nambi <arul.nambi@amdocs.com>2017-08-31 15:16:13 -0400
commit1ab4d44603a91a84a34e34b5fc896fe8a227bca4 (patch)
tree1fbc955f7acd927c47a4c22da615096f94a16cb8 /src/main/java
parent285a7280296e5eea3a5482c16fa7b04670875909 (diff)
[AAI-244] grep scan
Issue-ID:AAI-244 Change-Id: Ibc51a8c72c411cff9ffc5b58bd40439ff3d703be Signed-off-by: arul.nambi <arul.nambi@amdocs.com>
Diffstat (limited to 'src/main/java')
-rw-r--r--src/main/java/org/openecomp/sparky/JaxrsUserService.java61
-rw-r--r--src/main/java/org/openecomp/sparky/dal/aai/ActiveInventoryAdapter.java1
-rw-r--r--src/main/java/org/openecomp/sparky/dal/cache/PersistentEntityCache.java55
-rw-r--r--src/main/java/org/openecomp/sparky/security/EcompSso.java12
-rw-r--r--src/main/java/org/openecomp/sparky/security/filter/CspCookieFilter.java268
-rw-r--r--src/main/java/org/openecomp/sparky/util/KeystoreBuilder.java6
-rw-r--r--src/main/java/org/openecomp/sparky/util/NodeUtils.java4
-rw-r--r--src/main/java/org/openecomp/sparky/viewandinspect/entity/ActiveInventoryNode.java4
8 files changed, 12 insertions, 399 deletions
diff --git a/src/main/java/org/openecomp/sparky/JaxrsUserService.java b/src/main/java/org/openecomp/sparky/JaxrsUserService.java
deleted file mode 100644
index 1353acd..0000000
--- a/src/main/java/org/openecomp/sparky/JaxrsUserService.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017 Amdocs
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- */
-package org.openecomp.sparky;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-
-/**
- * The Class JaxrsUserService.
- */
-@Path("/user")
-public class JaxrsUserService {
-
- private static final Map<String, String> userIdToNameMap;
-
- static {
- userIdToNameMap = new HashMap<String, String>();
- userIdToNameMap.put("dw113c", "Doug Wait");
- userIdToNameMap.put("so401q", "Stuart O'Day");
- }
-
- /**
- * Lookup user.
- *
- * @param userId the user id
- * @return the string
- */
- @GET
- @Path("/{userId}")
- @Produces("text/plain")
- public String lookupUser(@PathParam("userId") String userId) {
- String name = userIdToNameMap.get(userId);
- return name != null ? name : "unknown id";
- }
-
-}
diff --git a/src/main/java/org/openecomp/sparky/dal/aai/ActiveInventoryAdapter.java b/src/main/java/org/openecomp/sparky/dal/aai/ActiveInventoryAdapter.java
index eade96c..0f1ed36 100644
--- a/src/main/java/org/openecomp/sparky/dal/aai/ActiveInventoryAdapter.java
+++ b/src/main/java/org/openecomp/sparky/dal/aai/ActiveInventoryAdapter.java
@@ -251,7 +251,6 @@ public class ActiveInventoryAdapter extends RestfulDataAccessor
"Failed to getSelfLinkForEntity() because primaryKeyValue is null");
}
- // https://aai-int1.test.att.com:8443/aai/v8/search/generic-query?key=complex.physical-location-id:atlngade&start-node-type=complex
/*
* Try to protect ourselves from illegal URI formatting exceptions caused by characters that
diff --git a/src/main/java/org/openecomp/sparky/dal/cache/PersistentEntityCache.java b/src/main/java/org/openecomp/sparky/dal/cache/PersistentEntityCache.java
index 6749c1f..9ee7680 100644
--- a/src/main/java/org/openecomp/sparky/dal/cache/PersistentEntityCache.java
+++ b/src/main/java/org/openecomp/sparky/dal/cache/PersistentEntityCache.java
@@ -221,61 +221,6 @@ public class PersistentEntityCache implements EntityCache {
}
- /**
- * The main method.
- *
- * @param args the arguments
- * @throws URISyntaxException the URI syntax exception
- */
- public static void main(String[] args) throws URISyntaxException {
-
- OperationResult or = new OperationResult();
- or.setResult("asdjashdkajsdhaksdj");
- or.setResultCode(200);
-
- String url1 = "https://aai-int1.dev.att.com:8443/aai/v8/search/nodes-query?"
- + "search-node-type=tenant&filter=tenant-id:EXISTS";
-
- or.setRequestLink(url1);
-
- PersistentEntityCache pec = new PersistentEntityCache("e:\\my_special_folder", 5);
- String k1 = NodeUtils.generateUniqueShaDigest(url1);
- pec.put(k1, or);
-
- String url2 =
- "https://aai-int1.dev.att.com:8443/aai/v8/network/vnfcs/vnfc/trial-vnfc?nodes-only";
- or.setRequestLink(url2);
- String k2 = NodeUtils.generateUniqueShaDigest(url2);
- pec.put(k2, or);
-
- String url3 = "https://1.2.3.4:8443/aai/v8/network/vnfcs/vnfc/trial-vnfc?nodes-only";
- or.setRequestLink(url3);
- String k3 = NodeUtils.generateUniqueShaDigest(url3);
- pec.put(k3, or);
-
- pec.shutdown();
-
- /*
- * URI uri1 = new URI(url1);
- *
- * System.out.println("schemea = " + uri1.getScheme()); System.out.println("host = " +
- * uri1.getHost());
- *
- * String host = uri1.getHost(); String[] tokens = host.split("\\.");
- * System.out.println(Arrays.asList(tokens)); ArrayList<String> tokenList = new
- * ArrayList(Arrays.asList(tokens)); //tokenList.remove(tokens.length-1); String
- * hostAsPathElement = NodeUtils.concatArray(tokenList, "_");
- *
- * System.out.println("hostAsPathElement = " + hostAsPathElement);
- *
- *
- * System.out.println("port = " + uri1.getPort()); System.out.println("path = " +
- * uri1.getPath()); System.out.println("query = " + uri1.getQuery()); System.out.println(
- * "fragment = " + uri1.getFragment());
- */
-
-
- }
/* (non-Javadoc)
* @see org.openecomp.sparky.dal.cache.EntityCache#shutdown()
diff --git a/src/main/java/org/openecomp/sparky/security/EcompSso.java b/src/main/java/org/openecomp/sparky/security/EcompSso.java
index 654af96..c771e6c 100644
--- a/src/main/java/org/openecomp/sparky/security/EcompSso.java
+++ b/src/main/java/org/openecomp/sparky/security/EcompSso.java
@@ -80,7 +80,7 @@ public class EcompSso {
* then searches for a CSP cookie; if not found, for a WebJunction header.
*
* @param request
- * @return ATT UID if the ECOMP cookie is present and the sign-on process established an ATT UID;
+ * @return User ID if the ECOMP cookie is present and the sign-on process established an User ID;
* else null.
*/
public static String validateEcompSso(HttpServletRequest request) {
@@ -98,23 +98,23 @@ public class EcompSso {
}
/**
- * Searches the specified request for the CSP cookie, decodes it and gets the ATT UID.
+ * Searches the specified request for the CSP cookie, decodes it and gets the User ID.
*
* @param request
- * @return ATTUID if the cookie is present in the request and can be decoded successfully (expired
+ * @return User ID if the cookie is present in the request and can be decoded successfully (expired
* cookies do not decode); else null.
*/
private static String getLoginIdFromCookie(HttpServletRequest request) {
- String attuid = null;
+ String userid = null;
try {
String[] cspFields = getCspData(request);
if (cspFields != null && cspFields.length > 5)
- attuid = cspFields[5];
+ userid = cspFields[5];
} catch (Throwable t) {
LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO,
"getLoginIdFromCookie failed " + t.getLocalizedMessage());
}
- return attuid;
+ return userid;
}
/**
diff --git a/src/main/java/org/openecomp/sparky/security/filter/CspCookieFilter.java b/src/main/java/org/openecomp/sparky/security/filter/CspCookieFilter.java
deleted file mode 100644
index 1f06f9d..0000000
--- a/src/main/java/org/openecomp/sparky/security/filter/CspCookieFilter.java
+++ /dev/null
@@ -1,268 +0,0 @@
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright © 2017 Amdocs
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- */
-package org.openecomp.sparky.security.filter;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-import java.net.InetAddress;
-import java.net.URLDecoder;
-import java.net.URLEncoder;
-import java.net.UnknownHostException;
-import java.nio.charset.StandardCharsets;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Properties;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.openecomp.cl.api.Logger;
-import org.openecomp.cl.eelf.LoggerFactory;
-import org.openecomp.sparky.logging.AaiUiMsgs;
-import org.openecomp.sparky.util.NodeUtils;
-import org.openecomp.sparky.viewandinspect.config.TierSupportUiConstants;
-
-import org.openecomp.cl.mdc.MdcContext;
-
-// import esGateKeeper.esGateKeeper;
-
-/**
- * Redirects to the AT&T global login page if the user is not authenticated.<br>
- * Filter properties need to be configured in: csp-cookie-filter.properties
- */
-public class CspCookieFilter implements Filter {
-
- /** Redirect URL for the login page. */
- private String globalLoginUrl;
-
- /** Application identifier. */
- private String applicationId;
-
- /** Gatekeeper environment setting (development or production). */
- private String gateKeeperEnvironment;
-
- private static final String FILTER_PARAMETER_CONFIG = "config";
- private static final String PROPERTY_GLOBAL_LOGIN_URL = "global.login.url";
- private static final String PROPERTY_APPLICATION_ID = "application.id";
- private static final String PROPERTY_GATEKEEPER_ENVIRONMENT = "gatekeeper.environment";
- // valid open redirect domains
- private List<String> redirectDomains = new ArrayList<>();
- private static final String PROPERTY_REDIRECT_DOMAINS = "redirect-domain";
-
- /** Needed by esGateKeeper, does not accept any other value. */
- private static final String GATEKEEPER_ACCOUNT_NAME = "CSP";
-
- private static final Logger LOG = LoggerFactory.getInstance().getLogger(CspCookieFilter.class);
-
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
- */
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- String txnID = NodeUtils.getRandomTxnId();
- MdcContext.initialize(txnID, "CspCookieFilter", "", "Init", "");
-
- try {
- setConfigurationProperties(filterConfig);
- } catch (IOException exc) {
- LOG.error(AaiUiMsgs.ERROR_CSP_CONFIG_FILE);
- throw new ServletException(exc);
- }
- }
-
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
- */
- @Override
- public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
- throws IOException, ServletException {
- HttpServletRequest request = (HttpServletRequest) req;
- HttpServletResponse response = (HttpServletResponse) res;
-
- Cookie[] cookies = request.getCookies();
- if ((cookies == null) || (cookies.length == 0)) {
- doLogin(request, response);
- return;
- }
-
- /*
- * String attEsSec = getSecurityCookie(cookies);
- *
- * if (attESSec == null || attESSec.length() == 0) { doLogin(request, response); return; }
- *
- * String attESSecUnEncrypted = esGateKeeper.esGateKeeper(attESSec, GATEKEEPER_ACCOUNT_NAME,
- * gateKeeperEnvironment); if (attESSecUnEncrypted == null) { doLogin(request, response); } else
- * {
- */
- // LOG.info("User has valid cookie");
- chain.doFilter(request, response);
- // }
- }
-
-
- /* (non-Javadoc)
- * @see javax.servlet.Filter#destroy()
- */
- @Override
- public void destroy() {}
-
- /**
- * Sets all required properties needed by this filter.
- *
- * @param filterConfig the filter configuration defined in the application web.xml
- * @throws IOException if the properties failed to load.
- */
- private void setConfigurationProperties(FilterConfig filterConfig) throws IOException {
- InputStream inputStream = new FileInputStream(TierSupportUiConstants.STATIC_CONFIG_APP_LOCATION
- + filterConfig.getInitParameter(FILTER_PARAMETER_CONFIG));
- Properties cspProperties = new Properties();
- cspProperties.load(inputStream);
- globalLoginUrl = cspProperties.getProperty(PROPERTY_GLOBAL_LOGIN_URL);
- applicationId = cspProperties.getProperty(PROPERTY_APPLICATION_ID);
- gateKeeperEnvironment = cspProperties.getProperty(PROPERTY_GATEKEEPER_ENVIRONMENT);
- redirectDomains = Arrays.asList(cspProperties.getProperty(PROPERTY_REDIRECT_DOMAINS).split(","));
- }
-
- /**
- * Returns the attESSec cookie if found in the client.
- *
- * @param cookies the cookies available in the client
- * @return the attESSec authentication cookie generated by the login page.
- */
- private String getSecurityCookie(Cookie[] cookies) {
- String attEsSec = null;
- for (int i = 0; i < cookies.length; i++) {
- Cookie thisCookie = cookies[i];
- String cookieName = thisCookie.getName();
-
- if ("attESSec".equals(cookieName)) {
- attEsSec = thisCookie.getValue();
- break;
- }
- }
- return attEsSec;
- }
-
- /**
- * Redirects to the AT&T global login page. If this is an AJAX request it returns an unauthorized
- * HTTP error in the response.
- *
- * @param request the filter request object
- * @param response the filter response object
- * @throws IOException if there is an error setting the error response
- */
- private void doLogin(HttpServletRequest request, HttpServletResponse response)
- throws IOException {
- if (isAjaxRequest(request)) {
- response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
- "User is not authorized. Please login to application");
- } else {
- // Fix for Safari 7.0.2 onwards to avoid login page cache
- response.addHeader("Cache-Control", "no-cache, no-store");
- String redirectURL = createRedirectUrl(request);
- if (this.isValidRedirectURL(redirectURL)){
- response.sendRedirect(redirectURL);
- LOG.debug(AaiUiMsgs.VALID_REDIRECT_URL, redirectURL);
- } else{
- response.sendError(400, "Bad redirect URL: " + redirectURL);
- LOG.error(AaiUiMsgs.INVALID_REDIRECT_URL, redirectURL);
- }
- }
- }
-
- /**
- * Checks if a redirect url is valid
- * @param url URL to validate
- * @return true if URL is a valid redirect URL, false otherwise
- */
- private boolean isValidRedirectURL (String url){
- String redirectTo = url.substring(url.indexOf("?retURL=")+ "?retURL=".length());
- try {
- redirectTo = URLDecoder.decode(redirectTo, StandardCharsets.UTF_8.toString());
- } catch (UnsupportedEncodingException e) {
- LOG.error(AaiUiMsgs.UNSUPPORTED_URL_ENCODING, e.getLocalizedMessage());
- return false;
- }
- for (String domain: this.redirectDomains){
- if (redirectTo.endsWith(domain))
- return true;
- }
- return false;
- }
-
-
- /**
- * Returns <code>true</code> if the request is an AJAX request.
- *
- * @param request the filter request object
- * @return <code>true</code> if the request is an AJAX request.
- */
- private boolean isAjaxRequest(HttpServletRequest request) {
- String headerValue = request.getHeader("X-Requested-With");
- if ("XMLHttpRequest".equals(headerValue)) {
- return true;
- }
- return false;
- }
-
- /**
- * Returns the redirection URL to the AT&T Global login page.
- *
- * @param request the request
- * @return the string
- * @throws UnsupportedEncodingException the unsupported encoding exception
- */
- private String createRedirectUrl(HttpServletRequest request) throws UnsupportedEncodingException {
- String returnUrl = getReturnUrl(request);
-
- return globalLoginUrl + "?retURL=" + returnUrl + "&sysName=" + applicationId;
- }
-
- /**
- * Gets the URL encoded return URL.
- *
- * @param request the HTTP request
- * @return an encoded URL to return to following login
- * @throws UnsupportedEncodingException the unsupported encoding exception
- */
- private String getReturnUrl(HttpServletRequest request) throws UnsupportedEncodingException {
- StringBuffer retUrl = request.getRequestURL();
- String urlParams = request.getQueryString();
- if (urlParams != null) {
- retUrl.append("?" + urlParams);
- }
- return URLEncoder.encode(retUrl.toString(), StandardCharsets.UTF_8.toString());
- }
-}
diff --git a/src/main/java/org/openecomp/sparky/util/KeystoreBuilder.java b/src/main/java/org/openecomp/sparky/util/KeystoreBuilder.java
index 6b6a937..916b1e9 100644
--- a/src/main/java/org/openecomp/sparky/util/KeystoreBuilder.java
+++ b/src/main/java/org/openecomp/sparky/util/KeystoreBuilder.java
@@ -244,8 +244,8 @@ public class KeystoreBuilder {
private X509Certificate[] getCertificateChainForRemoteEndpoint(String hostname, int port)
throws UnknownHostException, IOException {
- System.out.println("Opening connection to localhost:8442..");
- SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket("aai-int1.dev.att.com", 8440);
+ System.out.println("Opening connection to "+hostname+":"+port+"..");
+ SSLSocket socket = (SSLSocket) sslSocketFactory.createSocket(hostname, port);
socket.setSoTimeout(10000);
try {
@@ -499,8 +499,6 @@ public class KeystoreBuilder {
*/
public static void main(String[] args) throws Exception {
- // String endpointList = "aai-int1.test.att.com:8440;aai-int1.dev.att.com:8442";
-
/*
* Examples: localhost:8440;localhost:8442 d:\1\adhoc_keystore.jks aaiDomain2 false
* localhost:8440;localhost:8442 d:\1\adhoc_keystore.jks aaiDomain2 true
diff --git a/src/main/java/org/openecomp/sparky/util/NodeUtils.java b/src/main/java/org/openecomp/sparky/util/NodeUtils.java
index d28c5e2..10fb90a 100644
--- a/src/main/java/org/openecomp/sparky/util/NodeUtils.java
+++ b/src/main/java/org/openecomp/sparky/util/NodeUtils.java
@@ -366,12 +366,12 @@ public class NodeUtils {
String resourceId = null;
if ("/".equals(link.substring(linkLength - 1))) {
// Use-case:
- // https://aai-ext1.test.att.com:9292/aai/v7/business/customers/customer/1607_20160524Func_Ak1_01/service-subscriptions/service-subscription/uCPE-VMS/
+ // https://<AAI-hostname>:9292/aai/v7/business/customers/customer/1607_20160524Func_Ak1_01/service-subscriptions/service-subscription/uCPE-VMS/
startIndex = link.lastIndexOf("/", linkLength - 2);
resourceId = link.substring(startIndex + 1, linkLength - 1);
} else {
// Use-case:
- // https://aai-ext1.test.att.com:9292/aai/v7/business/customers/customer/1607_20160524Func_Ak1_01/service-subscriptions/service-subscription/uCPE-VMS
+ // https://<AAI-Hostname>:9292/aai/v7/business/customers/customer/1607_20160524Func_Ak1_01/service-subscriptions/service-subscription/uCPE-VMS
startIndex = link.lastIndexOf("/");
resourceId = link.substring(startIndex + 1, linkLength);
}
diff --git a/src/main/java/org/openecomp/sparky/viewandinspect/entity/ActiveInventoryNode.java b/src/main/java/org/openecomp/sparky/viewandinspect/entity/ActiveInventoryNode.java
index 81ee178..aef710d 100644
--- a/src/main/java/org/openecomp/sparky/viewandinspect/entity/ActiveInventoryNode.java
+++ b/src/main/java/org/openecomp/sparky/viewandinspect/entity/ActiveInventoryNode.java
@@ -443,7 +443,7 @@ public class ActiveInventoryNode {
}
public boolean isDirectSelfLink() {
- // https://aai-int1.test.att.com:8443/aai/v8/resources/id/2458124400
+ // https://<AAI-Hostname>:8443/aai/v8/resources/id/2458124400
return isDirectSelfLink(this.selfLink);
}
@@ -454,7 +454,7 @@ public class ActiveInventoryNode {
* @return true, if is direct self link
*/
public static boolean isDirectSelfLink(String link) {
- // https://aai-int1.test.att.com:8443/aai/v8/resources/id/2458124400
+ // https://<AAI-Hostname>:8443/aai/v8/resources/id/2458124400
if (link == null) {
return false;