From c77d4200369b9514d9731cbdcaa987943a36346d Mon Sep 17 00:00:00 2001 From: renealr Date: Thu, 29 Nov 2018 14:03:36 -0500 Subject: update to use latest portal sdk update epsdk-fw to latest version to make use of aaf Issue-ID: AAI-1978 Change-Id: I9cd9a4ec57db5183c95b0606cac0e1fdfd1a6ac5 Signed-off-by: renealr --- .../config/portal/BOOT-INF/classes/key.properties | 1 + .../portal/BOOT-INF/classes/portal.properties | 14 +- .../config/portal/portal-authentication.properties | 4 +- sparkybe-onap-application/pom.xml | 2 +- .../org/onap/aai/sparky/portal/PortalBean.java | 33 ++- .../src/main/scripts/start.sh | 5 +- sparkybe-onap-service/pom.xml | 2 +- .../aai/sparky/security/BaseCookieDecryptor.java | 4 +- .../org/onap/aai/sparky/security/EcompSso.java | 90 ++++---- .../aai/sparky/security/filter/LoginFilter.java | 8 +- .../portal/PortalRestAPICentralServiceImpl.java | 256 +++++++++++++++++++++ .../security/portal/PortalRestAPIServiceImpl.java | 20 +- .../aai/sparky/security/portal/UserManager.java | 4 +- .../portal/config/PortalAuthenticationConfig.java | 11 +- .../sparky/security/portal/config/RolesConfig.java | 2 +- .../PortalRestAPICentralServiceImplTest.java | 40 ++++ .../sparky/security/portal/TestUserManager.java | 4 +- 17 files changed, 419 insertions(+), 81 deletions(-) create mode 100644 sparkybe-onap-application/config/portal/BOOT-INF/classes/key.properties create mode 100644 sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImpl.java create mode 100644 sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImplTest.java diff --git a/sparkybe-onap-application/config/portal/BOOT-INF/classes/key.properties b/sparkybe-onap-application/config/portal/BOOT-INF/classes/key.properties new file mode 100644 index 0000000..2b7b95f --- /dev/null +++ b/sparkybe-onap-application/config/portal/BOOT-INF/classes/key.properties @@ -0,0 +1 @@ +cipher.enc.key=AGLDdG4D04BKm2IxIWEr8o==! \ No newline at end of file diff --git a/sparkybe-onap-application/config/portal/BOOT-INF/classes/portal.properties b/sparkybe-onap-application/config/portal/BOOT-INF/classes/portal.properties index ca6b34b..ae86ac6 100644 --- a/sparkybe-onap-application/config/portal/BOOT-INF/classes/portal.properties +++ b/sparkybe-onap-application/config/portal/BOOT-INF/classes/portal.properties @@ -13,9 +13,19 @@ ecomp_redirect_url=<%= @ECOMP_REDIRECT_URL %> # CSP settings csp_cookie_name=<%= @CSP_COOKIE_NAME %> # Alternate values: DEVL, V_DEVL, V_PROD -csp_gate_keeper_prod_key=PROD +csp_gate_keeper_prod_key = PROD # No use of UEB; however, this key is used to identify the app. ueb_listeners_enable=false # cl778h demo app -ueb_app_key=<%= @UEB_APP_KEY %> \ No newline at end of file +ueb_app_key=<%= @UEB_APP_KEY %> + +# Use this tag if the app is centralized +role_access_centralized = <%= @ROLE_ACCESS_CENTRALIZED %> + +# Connection and Read timeout values +ext_req_connection_timeout = <%= @PORTAL_CONNECTION_TIMEOUT %> +ext_req_read_timeout = <%= @PORTAL_READ_TIMEOUT %> + +#Add AAF namespace if the app is centralized +aaf_namespace = <%= @AAF_NAMESPACE %> diff --git a/sparkybe-onap-application/config/portal/portal-authentication.properties b/sparkybe-onap-application/config/portal/portal-authentication.properties index a49cc69..41c25a6 100644 --- a/sparkybe-onap-application/config/portal/portal-authentication.properties +++ b/sparkybe-onap-application/config/portal/portal-authentication.properties @@ -1,3 +1,5 @@ username=admin password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 -onap_enabled=true \ No newline at end of file +onap_enabled=true +onap.user_id_cookie_name=UserId +cookie_decryptor_classname=org.onap.aai.sparky.security.BaseCookieDecryptor \ No newline at end of file diff --git a/sparkybe-onap-application/pom.xml b/sparkybe-onap-application/pom.xml index c2fb53c..d342725 100644 --- a/sparkybe-onap-application/pom.xml +++ b/sparkybe-onap-application/pom.xml @@ -272,7 +272,7 @@ org.onap.portal.sdk epsdk-fw - 1.3.0 + 2.5.0-SNAPSHOT commons-logging diff --git a/sparkybe-onap-application/src/main/java/org/onap/aai/sparky/portal/PortalBean.java b/sparkybe-onap-application/src/main/java/org/onap/aai/sparky/portal/PortalBean.java index 86f019e..4443443 100644 --- a/sparkybe-onap-application/src/main/java/org/onap/aai/sparky/portal/PortalBean.java +++ b/sparkybe-onap-application/src/main/java/org/onap/aai/sparky/portal/PortalBean.java @@ -3,7 +3,8 @@ package org.onap.aai.sparky.portal; import javax.servlet.Filter; import org.onap.aai.sparky.security.filter.LoginFilter; -import org.openecomp.portalsdk.core.onboarding.crossapi.PortalRestAPIProxy; +import org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter; +import org.onap.portalsdk.core.onboarding.crossapi.PortalRestAPIProxy; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.boot.web.servlet.ServletRegistrationBean; import org.springframework.context.annotation.Bean; @@ -13,27 +14,45 @@ import org.springframework.stereotype.Component; @Component @Profile("portal") public class PortalBean { - + private Filter loginFilter = new LoginFilter(); - + private Filter cadiAuthFilter = new CadiAuthFilter(); + /** * bind LoginFilter */ @Bean public FilterRegistrationBean loginFilterRegistrationBean() { FilterRegistrationBean registration = new FilterRegistrationBean(); - registration.setFilter(loginFilter); registration.addUrlPatterns("/*"); - + registration.setOrder(1); + return registration; } + /** + * bind CadiAuthFilter + */ + @Bean + public FilterRegistrationBean cadiFilterRegistrationBean() { + FilterRegistrationBean registration = new FilterRegistrationBean(); + + registration.setFilter(cadiAuthFilter); + registration.addUrlPatterns("/*"); + registration.setOrder(0); + registration.addInitParameter("cadi_prop_files","/opt/app/sparky/resources/portal/cadi.properties"); + registration.addInitParameter("inlclude_url_endpoints","/api/v3/*"); + registration.addInitParameter("exclude_url_endpoints","/api/v2/*"); + + return registration; + } + @Bean public ServletRegistrationBean portalApiProxy() { - + final ServletRegistrationBean servlet = - new ServletRegistrationBean(new PortalRestAPIProxy(), "/api/v2/*"); + new ServletRegistrationBean(new PortalRestAPIProxy(), "/api/v3/*"); servlet.setName("PortalRestApiProxy"); return servlet; } diff --git a/sparkybe-onap-application/src/main/scripts/start.sh b/sparkybe-onap-application/src/main/scripts/start.sh index c16c9b2..8369d6c 100644 --- a/sparkybe-onap-application/src/main/scripts/start.sh +++ b/sparkybe-onap-application/src/main/scripts/start.sh @@ -6,12 +6,11 @@ CONFIG_HOME=${APP_HOME}/config PROPS="-DAPP_HOME=${APP_HOME} -DCONFIG_HOME=${CONFIG_HOME} -Dlogging.config=${CONFIG_HOME}/logging/logback.xml" set -x -jar ufv ${APP_HOME}/lib/sparkybe-onap-application*.jar -C ${CONFIG_HOME}/portal/ BOOT-INF/classes/portal.properties +jar ufv ${APP_HOME}/lib/sparkybe-onap-application*.jar -C ${CONFIG_HOME}/portal/ BOOT-INF/classes/portal.properties -C ${CONFIG_HOME}/portal/ BOOT-INF/classes/key.properties # # change the working directory so that Spring-Boot will pick up the config folder from the right path # cd $APP_HOME -java -Xms1024m -Xmx4096m $PROPS -jar ${APP_HOME}/lib/sparkybe-onap-application*.jar - +java -Xms1024m -Xmx4096m $PROPS -jar ${APP_HOME}/lib/sparkybe-onap-application*.jar \ No newline at end of file diff --git a/sparkybe-onap-service/pom.xml b/sparkybe-onap-service/pom.xml index fdd9f31..0bcfd09 100644 --- a/sparkybe-onap-service/pom.xml +++ b/sparkybe-onap-service/pom.xml @@ -278,7 +278,7 @@ some of the depedencies should probably have a scope of provided so they don't a org.onap.portal.sdk epsdk-fw - 1.3.0 + 2.5.0-SNAPSHOT commons-logging diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java index 742c4f0..720ecfd 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/BaseCookieDecryptor.java @@ -23,7 +23,7 @@ package org.onap.aai.sparky.security; import org.onap.aai.cl.api.Logger; import org.onap.aai.cl.eelf.LoggerFactory; import org.onap.aai.sparky.logging.AaiUiMsgs; -import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.onboarding.util.CipherUtil; public class BaseCookieDecryptor implements CookieDecryptor { @@ -36,7 +36,7 @@ public class BaseCookieDecryptor implements CookieDecryptor { String decryptedCookie = ""; try { - decryptedCookie = CipherUtil.decrypt(encryptedCookie, ""); + decryptedCookie = CipherUtil.decrypt(encryptedCookie); } catch (Exception e) { LOG.error(AaiUiMsgs.LOGIN_FILTER_INFO, "decrypting base cookie failed " + e.getLocalizedMessage()); } diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/EcompSso.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/EcompSso.java index fd64f97..51ac4d5 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/EcompSso.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/EcompSso.java @@ -27,8 +27,9 @@ import org.onap.aai.cl.api.Logger; import org.onap.aai.cl.eelf.LoggerFactory; import org.onap.aai.sparky.logging.AaiUiMsgs; import org.onap.aai.sparky.security.portal.config.PortalAuthenticationConfig; -import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; +import org.onap.portalsdk.core.onboarding.exception.CipherUtilException; +import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.onboarding.util.PortalApiProperties; /** * Provides authentication services for onboarded ECOMP applications. @@ -60,17 +61,6 @@ public class EcompSso { return null; } - /** - * Answers whether the ECOMP Portal service cookie is present in the specified request. - * - * @param request - * @return true if the cookie is found, else false. - */ - private static boolean isEPServiceCookiePresent(HttpServletRequest request) { - Cookie ep = getCookie(request, EP_SERVICE); - return (ep != null); - } - /** * Validates whether the ECOMP Portal sign-on process has completed, which relies the AT&T Global * Log On single-sign on process. Checks for the ECOMP cookie (see {@link #EP_SERVICE}). If found, @@ -81,37 +71,38 @@ public class EcompSso { * else null. */ public static String validateEcompSso(HttpServletRequest request) { + String uid = null; boolean isOnapEnabled = PortalAuthenticationConfig.getInstance().getIsOnapEnabled(); if (isOnapEnabled) { - if (isEPServiceCookiePresent(request)) { - /* - * This is a "temporary" fix until proper separation between closed source and open source - * code is reached - */ - return ONAP_ENABLED; + final String cookieName = PortalAuthenticationConfig.getInstance().getUserIdCookieName(); + + if (cookieName == null) { + LOG.debug(AaiUiMsgs.LOGIN_FILTER_DEBUG, "getCspData failed to load cookie"); + return null; } - return null; - } else { - return getLoginIdFromCookie(request); - } - } + Cookie csp = getCookie(request, cookieName); + if (csp == null) { + LOG.debug(AaiUiMsgs.LOGIN_FILTER_DEBUG, "getCspData failed to get cookie " + cookieName); + return null; + } + final String cspCookieEncrypted = csp.getValue(); - /** - * Searches the specified request for the CSP cookie, decodes it and gets the ATT UID. - * - * @param request - * @return ATTUID if the cookie is present in the request and can be decoded successfully (expired - * cookies do not decode); else null. - */ - private static String getLoginIdFromCookie(HttpServletRequest request) { - String uid = null; - try { - String[] cspFields = getCspData(request); - if (cspFields != null && cspFields.length > 5) - uid = cspFields[5]; - } catch (Exception t) { - LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, - "getLoginIdFromCookie failed " + t.getLocalizedMessage()); + try { + uid = PortalAuthenticationConfig.getInstance().getCookieDecryptor() + .decryptCookie(cspCookieEncrypted); + } catch (ClassNotFoundException e) { + LOG.error(AaiUiMsgs.DECRYPTION_ERROR, "Unable to find the Cookie Decryptor Class"); + } + + } else { + try { + String[] cspFields = getCspData(request); + if (cspFields != null && cspFields.length > 5) + uid = cspFields[5]; + } catch (Exception t) { + LOG.info(AaiUiMsgs.LOGIN_FILTER_INFO, + "getLoginIdFromCookie failed " + t.getLocalizedMessage()); + } } return uid; } @@ -138,14 +129,15 @@ public class EcompSso { final String cspCookieEncrypted = csp.getValue(); String cspCookieDecrypted = null; - try { - cspCookieDecrypted = PortalAuthenticationConfig.getInstance().getCookieDecryptor().decryptCookie(cspCookieEncrypted); - return cspCookieDecrypted.split("\\|"); - - } catch (ClassNotFoundException e) { - LOG.error(AaiUiMsgs.DECRYPTION_ERROR,"Unable to find the Cookie Decryptor Class"); - } - + try { + cspCookieDecrypted = PortalAuthenticationConfig.getInstance().getCookieDecryptor() + .decryptCookie(cspCookieEncrypted); + return cspCookieDecrypted.split("\\|"); + + } catch (ClassNotFoundException e) { + LOG.error(AaiUiMsgs.DECRYPTION_ERROR, "Unable to find the Cookie Decryptor Class"); + } + return null; } -} \ No newline at end of file +} diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/filter/LoginFilter.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/filter/LoginFilter.java index bcb7ba2..5599384 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/filter/LoginFilter.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/filter/LoginFilter.java @@ -39,10 +39,10 @@ import org.onap.aai.cl.eelf.LoggerFactory; import org.onap.aai.sparky.logging.AaiUiMsgs; import org.onap.aai.sparky.security.EcompSso; import org.onap.aai.sparky.security.portal.config.PortalAuthenticationConfig; -import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; -import org.openecomp.portalsdk.core.onboarding.util.SSOUtil; +import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.onap.portalsdk.core.onboarding.util.PortalApiConstants; +import org.onap.portalsdk.core.onboarding.util.PortalApiProperties; +import org.onap.portalsdk.core.onboarding.util.SSOUtil; /** * This filter checks every request for proper ECOMP Portal single sign on initialization. The diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImpl.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImpl.java new file mode 100644 index 0000000..032d3ac --- /dev/null +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImpl.java @@ -0,0 +1,256 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * Copyright © 2017-2018 Amdocs + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ +package org.onap.aai.sparky.security.portal; + +import java.io.IOException; +import java.text.MessageFormat; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; + +import javax.servlet.http.HttpServletRequest; + +import org.onap.aai.sparky.security.EcompSso; +import org.onap.aai.sparky.security.portal.config.PortalAuthenticationConfig; +import org.onap.portalsdk.core.onboarding.crossapi.IPortalRestAPIService; +import org.onap.portalsdk.core.onboarding.crossapi.IPortalRestCentralService; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; +import org.onap.portalsdk.core.onboarding.rest.RestWebServiceClient; +import org.onap.portalsdk.core.restful.domain.EcompRole; +import org.onap.portalsdk.core.restful.domain.EcompUser; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.type.TypeFactory; + +public class PortalRestAPICentralServiceImpl + implements IPortalRestCentralService, IPortalRestAPIService { + + private static final Logger LOG = LoggerFactory.getLogger(PortalRestAPICentralServiceImpl.class); + public static final String API_REDIRECT_VERSION = "/v4"; + private static final String ERROR_MESSAGE = "Failed to {0} user [loginId:{1}]"; + private List usersList; + private final ObjectMapper mapper; + + + /** + * Initialize user list array. + */ + public PortalRestAPICentralServiceImpl() { + usersList = new ArrayList<>(); + mapper = new ObjectMapper(); + } + + + @Override + public Map getAppCredentials() throws PortalAPIException { + PortalAuthenticationConfig config = PortalAuthenticationConfig.getInstance(); + Map appCredentialsMap = new HashMap<>(); + String appUserName = config.getUsername(); + String appPassword = config.getPassword(); + + appCredentialsMap.put("username", appUserName); + appCredentialsMap.put("password", appPassword); + return appCredentialsMap; + } + + @Override + public void pushUser(EcompUser user) throws PortalAPIException { + // Do we really need to save the users? Can this method be just empty and not throw an + // exception? + LOG.debug("Push user [loginId:" + user.getLoginId() + "]"); + if (usersList.size() == 0) { + usersList.add(user); + } else { + for (EcompUser existingUser : this.usersList) { + if (existingUser.getLoginId().equals(user.getLoginId())) { + String message = + getMessage(ERROR_MESSAGE, "push", user.getLoginId()) + ", user is already stored"; + LOG.error(message); + throw new PortalAPIException(message); + } + usersList.add(user); + + } + } + } + + @Override + public void editUser(String loginId, EcompUser user) throws PortalAPIException { + // Do we really need to save the users? Can this method be just empty and not throw an + // exception? + LOG.debug("Edit user [loginId:" + loginId + "]"); + boolean isRemoved = false; + if (usersList.size() == 0) { + usersList.add(user); + } else { + for (EcompUser existingUser : this.usersList) { + if (existingUser.getLoginId().equals(loginId)) { + isRemoved = usersList.remove(existingUser); + } + if (isRemoved) { + usersList.add(user); + } + + } + } + } + + @Override + public String getUserId(HttpServletRequest request) throws PortalAPIException { + return EcompSso.validateEcompSso(request); + } + + private String getMessage(String message, Object... args) { + MessageFormat formatter = new MessageFormat(""); + formatter.applyPattern(message); + return formatter.format(args); + } + + public List getUsersList() { + return usersList; + } + + + public void setUsersList(List usersList) { + this.usersList = usersList; + } + + + @Override + public EcompUser getUser(String loginId) throws PortalAPIException { + EcompUser user = new EcompUser(); + String responseString = null; + try { + responseString = RestWebServiceClient.getInstance().getPortalContent( + API_REDIRECT_VERSION + "/user/" + loginId, null, null, null, + getCredentials().get("username"), getCredentials().get("password"), true); + LOG.debug("responseString is: " + responseString); + user = mapper.readValue(responseString, EcompUser.class); + + } catch (IOException e) { + String response = "PortalRestAPICentralServiceImpl.getUser failed"; + LOG.error(response, e); + throw new PortalAPIException(response, e); + } + return user; + } + + + @Override + public List getUsers() throws PortalAPIException { + List usersList = new ArrayList<>(); + String responseString = null; + try { + responseString = + RestWebServiceClient.getInstance().getPortalContent(API_REDIRECT_VERSION + "/users", null, + null, null, getCredentials().get("username"), getCredentials().get("password"), true); + LOG.debug("responseString is: " + responseString); + usersList = mapper.readValue(responseString, + TypeFactory.defaultInstance().constructCollectionType(List.class, EcompUser.class)); + + } catch (IOException e) { + String response = "PortalRestAPICentralServiceImpl.getUsers failed"; + LOG.error(response, e); + throw new PortalAPIException(response, e); + } + return usersList; + } + + + @Override + public List getAvailableRoles(String requestedLoginId) throws PortalAPIException { + List rolesList = new ArrayList<>(); + String responseString = null; + try { + responseString = RestWebServiceClient.getInstance().getPortalContent( + API_REDIRECT_VERSION + "/roles", requestedLoginId, null, null, + getCredentials().get("username"), getCredentials().get("password"), true); + LOG.debug("responseString is: " + responseString); + rolesList = mapper.readValue(responseString, + TypeFactory.defaultInstance().constructCollectionType(List.class, EcompRole.class)); + + } catch (IOException e) { + String response = "PortalRestAPICentralServiceImpl.getRoles failed"; + LOG.error(response, e); + throw new PortalAPIException(response, e); + } + return rolesList; + } + + + @Override + public void pushUserRole(String loginId, List roles) throws PortalAPIException { + throw new PortalAPIException("Please use Portal for Role Management"); + } + + + @Override + public List getUserRoles(String loginId) throws PortalAPIException { + List userRoles = new ArrayList<>(); + EcompUser user = new EcompUser(); + String responseString = null; + try { + responseString = RestWebServiceClient.getInstance().getPortalContent( + API_REDIRECT_VERSION + "/user/" + loginId, null, null, null, + getCredentials().get("username"), getCredentials().get("password"), true); + LOG.debug("responseString is: " + responseString); + user = mapper.readValue(responseString, EcompUser.class); + Set roles = user.getRoles(); + userRoles = (List) roles.stream().collect(Collectors.toList()); + + } catch (IOException e) { + String response = "PortalRestAPICentralServiceImpl.getUserRoles failed"; + LOG.error(response, e); + throw new PortalAPIException(response, e); + } + return userRoles; + } + + + @Override + public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException { + LOG.debug("Authentication request"); + PortalAuthenticationConfig config = PortalAuthenticationConfig.getInstance(); + String restUsername = request.getHeader(PortalAuthenticationConfig.PROP_USERNAME); + String restPassword = request.getHeader(PortalAuthenticationConfig.PROP_PASSWORD); + return restUsername != null && restPassword != null && restUsername.equals(config.getUsername()) + && restPassword.equals(config.getPassword()); + } + + + @Override + public Map getCredentials() throws PortalAPIException { + PortalAuthenticationConfig config = PortalAuthenticationConfig.getInstance(); + Map credentialsMap = new HashMap<>(); + String appUserName = config.getUsername(); + String appPassword = config.getPassword(); + + credentialsMap.put("username", appUserName); + credentialsMap.put("password", appPassword); + return credentialsMap; + } + +} diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPIServiceImpl.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPIServiceImpl.java index 67fee73..0835b7b 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPIServiceImpl.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/PortalRestAPIServiceImpl.java @@ -23,18 +23,20 @@ package org.onap.aai.sparky.security.portal; import java.io.File; import java.io.IOException; import java.text.MessageFormat; +import java.util.HashMap; import java.util.LinkedHashSet; import java.util.List; +import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.onap.aai.sparky.security.EcompSso; import org.onap.aai.sparky.security.portal.config.PortalAuthenticationConfig; import org.onap.aai.sparky.viewandinspect.config.SparkyConstants; -import org.openecomp.portalsdk.core.onboarding.crossapi.IPortalRestAPIService; -import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; -import org.openecomp.portalsdk.core.restful.domain.EcompRole; -import org.openecomp.portalsdk.core.restful.domain.EcompUser; +import org.onap.portalsdk.core.onboarding.crossapi.IPortalRestAPIService; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; +import org.onap.portalsdk.core.restful.domain.EcompRole; +import org.onap.portalsdk.core.restful.domain.EcompUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -205,5 +207,15 @@ public class PortalRestAPIServiceImpl implements IPortalRestAPIService { LOG.debug("Get available roles"); return UserManager.getRoles(); } + + public Map getCredentials() { + PortalAuthenticationConfig config = PortalAuthenticationConfig.getInstance(); + Map credentialsMap = new HashMap<>(); + String appUserName = config.getUsername(); + String appPassword = config.getPassword(); + credentialsMap.put("username", appUserName); + credentialsMap.put("password", appPassword); + return credentialsMap; + } } \ No newline at end of file diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/UserManager.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/UserManager.java index b19ef98..0a217ff 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/UserManager.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/UserManager.java @@ -33,8 +33,8 @@ import java.util.concurrent.locks.ReentrantReadWriteLock; import java.util.stream.Collectors; import org.onap.aai.sparky.security.portal.config.RolesConfig; -import org.openecomp.portalsdk.core.restful.domain.EcompRole; -import org.openecomp.portalsdk.core.restful.domain.EcompUser; +import org.onap.portalsdk.core.restful.domain.EcompRole; +import org.onap.portalsdk.core.restful.domain.EcompUser; import com.google.gson.Gson; import com.google.gson.GsonBuilder; diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java index cf78614..a55fa4c 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/PortalAuthenticationConfig.java @@ -40,12 +40,14 @@ public class PortalAuthenticationConfig { private String username; private String password; private boolean isOnapEnabled; + private String userIdCookieName; private CookieDecryptor cookieDecryptor; private String cookieDecryptorClassName; public static final String PROP_USERNAME = "username"; public static final String PROP_PASSWORD = "password"; // NOSONAR public static final String PROP_IS_ONAP_ENABLED = "onap_enabled"; // NOSONAR + public static final String PROP_USERID_COOKIE_NAME = "onap.user_id_cookie_name"; // NOSONAR private static final String AUTHENTICATION_CONFIG_FILE = SparkyConstants.PORTAL_AUTHENTICATION_FILE_LOCATION; public static final String PROP_COOKIEDECRYPTORCLASSNAME = "cookie_decryptor_classname"; private static final Logger LOG = LoggerFactory.getInstance().getLogger(PortalAuthenticationConfig.class); @@ -87,7 +89,13 @@ public class PortalAuthenticationConfig { public String getcookieDecryptorClassName() { return cookieDecryptorClassName; } - + public String getUserIdCookieName() { + return userIdCookieName; + } + + public void setUserIdCookieName(String userIdCookieName) { + this.userIdCookieName = userIdCookieName; + } /** * Reload the Portal authentication properties from the classpath. */ @@ -103,6 +111,7 @@ public class PortalAuthenticationConfig { username = props.getProperty(PROP_USERNAME); password = props.getProperty(PROP_PASSWORD); isOnapEnabled = Boolean.parseBoolean(props.getProperty(PROP_IS_ONAP_ENABLED, "true")); + userIdCookieName = props.getProperty(PROP_USERID_COOKIE_NAME); cookieDecryptorClassName= props.getProperty(PROP_COOKIEDECRYPTORCLASSNAME); } diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/RolesConfig.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/RolesConfig.java index a107122..8bcc911 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/RolesConfig.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/security/portal/config/RolesConfig.java @@ -29,7 +29,7 @@ import java.util.Collections; import java.util.List; import org.onap.aai.sparky.viewandinspect.config.SparkyConstants; -import org.openecomp.portalsdk.core.restful.domain.EcompRole; +import org.onap.portalsdk.core.restful.domain.EcompRole; import com.google.gson.Gson; import com.google.gson.JsonSyntaxException; diff --git a/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImplTest.java b/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImplTest.java new file mode 100644 index 0000000..fe6175d --- /dev/null +++ b/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/PortalRestAPICentralServiceImplTest.java @@ -0,0 +1,40 @@ +package org.onap.aai.sparky.security.portal; + +import javax.servlet.http.HttpServletRequest; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mockito; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; +import org.onap.portalsdk.core.restful.domain.EcompUser; + +public class PortalRestAPICentralServiceImplTest { + + private PortalRestAPICentralServiceImpl portalRestAPICentralImpl; + private static final String LOGINID_1 = "200"; + private HttpServletRequest request; + private EcompUser ecompUser; + + @Before + public void init() throws Exception { + request = Mockito.mock(HttpServletRequest.class); + portalRestAPICentralImpl = new PortalRestAPICentralServiceImpl(); + ecompUser = new EcompUser(); + } + + + @Test + public void testIsAppAuthenticated() throws PortalAPIException { + portalRestAPICentralImpl.isAppAuthenticated(request); + } + + @Test + public void testgetCredentials() throws PortalAPIException { + portalRestAPICentralImpl.editUser(LOGINID_1, ecompUser); + portalRestAPICentralImpl.getCredentials(); + portalRestAPICentralImpl.getAppCredentials(); + + } + + +} diff --git a/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/TestUserManager.java b/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/TestUserManager.java index 784d807..9249a21 100644 --- a/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/TestUserManager.java +++ b/sparkybe-onap-service/src/test/java/org/onap/aai/sparky/security/portal/TestUserManager.java @@ -45,11 +45,9 @@ import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; -import org.junit.runner.RunWith; import org.onap.aai.sparky.security.portal.UserManager; import org.onap.aai.sparky.util.NodeUtils; -import org.openecomp.portalsdk.core.restful.domain.EcompUser; -import org.powermock.modules.junit4.PowerMockRunner; +import org.onap.portalsdk.core.restful.domain.EcompUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -- cgit 1.2.3-korg