From 66372969d78dde14097209808358479635c0e8d0 Mon Sep 17 00:00:00 2001 From: "mark.j.leonard" Date: Fri, 15 Feb 2019 11:30:00 +0000 Subject: Create Application tests for KEY_STORE_PASSWORD Add a dummy keystore file for testing exceptions relating to opening the key store (for the server cert) with an incorrect password. This is intended to increase code coverage. Make AAIMicroServiceAuthCore non-static to avoid some issues with Spring initialization. Change-Id: Ic512bd0934210fb016da9731e65ec0d858fa4ff7 Issue-ID: AAI-2057 Signed-off-by: mark.j.leonard --- .../org/onap/aai/auth/AAIMicroServiceAuth.java | 8 ++- .../org/onap/aai/auth/AAIMicroServiceAuthCore.java | 66 ++++++++-------------- .../config/ValidationServiceAuthConfig.java | 14 +++-- 3 files changed, 39 insertions(+), 49 deletions(-) (limited to 'src/main/java') diff --git a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java index fc40e0b..c565c9c 100644 --- a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java +++ b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuth.java @@ -30,17 +30,19 @@ public class AAIMicroServiceAuth { private static LogHelper applicationLogger = LogHelper.INSTANCE; private ValidationServiceAuthConfig validationServiceAuthConfig; + private AAIMicroServiceAuthCore authCore; @Inject public AAIMicroServiceAuth(final ValidationServiceAuthConfig validationServiceAuthConfig) throws AAIAuthException { this.validationServiceAuthConfig = validationServiceAuthConfig; + this.authCore = new AAIMicroServiceAuthCore(); if (!validationServiceAuthConfig.isAuthenticationDisable()) { - AAIMicroServiceAuthCore.init(validationServiceAuthConfig.getAuthPolicyFile()); + authCore.init(validationServiceAuthConfig.getAuthPolicyFile()); } } public boolean authBasic(String username, String authFunction) throws AAIAuthException { - return AAIMicroServiceAuthCore.authorize(username, authFunction); + return authCore.authorize(username, authFunction); } public String authUser(String authUser, String authFunction) throws AAIAuthException { @@ -60,7 +62,7 @@ public class AAIMicroServiceAuth { } applicationLogger.debug("Got one:" + cookie); - return AAIMicroServiceAuthCore.authorize(username.toString(), authFunction); + return authCore.authorize(username.toString(), authFunction); } public boolean validateRequest(HttpServletRequest req, String action, String apiPath) throws AAIAuthException { diff --git a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuthCore.java b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuthCore.java index 4373711..9bd8e2b 100644 --- a/src/main/java/org/onap/aai/auth/AAIMicroServiceAuthCore.java +++ b/src/main/java/org/onap/aai/auth/AAIMicroServiceAuthCore.java @@ -1,20 +1,24 @@ /** - * ============LICENSE_START=================================================== - * Copyright (c) 2018 Amdocs - * ============================================================================ + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. + * Copyright (c) 2018-2019 European Software Marketing Ltd. + * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * ============LICENSE_END===================================================== + * ============LICENSE_END========================================================= */ + package org.onap.aai.auth; import com.fasterxml.jackson.core.JsonProcessingException; @@ -43,54 +47,39 @@ public class AAIMicroServiceAuthCore { private static LogHelper applicationLogger = LogHelper.INSTANCE; - public static final String APPCONFIG_DIR = (System.getProperty("CONFIG_HOME") == null) - ? Paths.get(System.getProperty("APP_HOME"), "appconfig").toString() : System.getProperty("CONFIG_HOME"); - - private static Path appConfigAuthDir = Paths.get(APPCONFIG_DIR, "auth"); - private static Path defaultAuthFileName = appConfigAuthDir.resolve("auth_policy.json"); + private Path appConfigAuthDir; private static boolean usersInitialized = false; private static HashMap users; private static boolean timerSet = false; - private static String policyAuthFileName; + private String policyAuthFileName; public enum HttpMethods { - GET, - PUT, - DELETE, - HEAD, - POST - } - - // Don't instantiate - private AAIMicroServiceAuthCore() {} - - public static String getDefaultAuthFileName() { - return defaultAuthFileName.toString(); + GET, PUT, DELETE, HEAD, POST } - public static void setDefaultAuthFileName(String defaultAuthFileName) { - AAIMicroServiceAuthCore.defaultAuthFileName = Paths.get(defaultAuthFileName); + public AAIMicroServiceAuthCore() { + appConfigAuthDir = Paths.get(System.getProperty("CONFIG_HOME"), "auth"); } /** * @param authPolicyFile * @throws AAIAuthException - * if the policy file cannot be loaded + * if the policy file cannot be loaded */ - public static synchronized void init(String authPolicyFile) throws AAIAuthException { - + public void init(String authPolicyFile) throws AAIAuthException { try { - policyAuthFileName = AAIMicroServiceAuthCore.getConfigFile(authPolicyFile); + policyAuthFileName = getConfigFile(authPolicyFile); } catch (IOException e) { applicationLogger.debug("Exception while retrieving policy file."); applicationLogger.error(ApplicationMsgs.PROCESS_REQUEST_ERROR, e); throw new AAIAuthException(e.getMessage()); } + if (policyAuthFileName == null) { throw new AAIAuthException("Auth policy file could not be found"); } - AAIMicroServiceAuthCore.reloadUsers(); + reloadUsers(); TimerTask task = new FileWatcher(new File(policyAuthFileName)) { @Override @@ -98,7 +87,7 @@ public class AAIMicroServiceAuthCore { // here we implement the onChange applicationLogger.debug("File " + file.getName() + " has been changed!"); try { - AAIMicroServiceAuthCore.reloadUsers(); + reloadUsers(); } catch (AAIAuthException e) { applicationLogger.error(ApplicationMsgs.PROCESS_REQUEST_ERROR, e); } @@ -115,7 +104,7 @@ public class AAIMicroServiceAuthCore { } } - public static String getConfigFile(String authPolicyFile) throws IOException { + public String getConfigFile(String authPolicyFile) throws IOException { File authFile = new File(authPolicyFile); if (authFile.exists()) { return authFile.getCanonicalPath(); @@ -123,20 +112,15 @@ public class AAIMicroServiceAuthCore { authFile = appConfigAuthDir.resolve(authPolicyFile).toFile(); if (authFile.exists()) { return authFile.getCanonicalPath(); + } else { + return null; } - if (getDefaultAuthFileName() != null) { - authFile = new File(getDefaultAuthFileName()); - if (authFile.exists()) { - return getDefaultAuthFileName(); - } - } - return null; } /** * @throws AAIAuthException */ - public static synchronized void reloadUsers() throws AAIAuthException { + public synchronized void reloadUsers() throws AAIAuthException { users = new HashMap<>(); ObjectMapper mapper = new ObjectMapper(); @@ -248,7 +232,7 @@ public class AAIMicroServiceAuthCore { } } - public static boolean authorize(String username, String authFunction) throws AAIAuthException { + public boolean authorize(String username, String authFunction) throws AAIAuthException { if (!usersInitialized || users == null) { throw new AAIAuthException("Auth module not initialized"); } diff --git a/src/main/java/org/onap/aai/validation/config/ValidationServiceAuthConfig.java b/src/main/java/org/onap/aai/validation/config/ValidationServiceAuthConfig.java index cd42e02..6805b5e 100644 --- a/src/main/java/org/onap/aai/validation/config/ValidationServiceAuthConfig.java +++ b/src/main/java/org/onap/aai/validation/config/ValidationServiceAuthConfig.java @@ -1,7 +1,10 @@ -/* - * ============LICENSE_START=================================================== - * Copyright (c) 2018 Amdocs - * ============================================================================ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved. + * Copyright (c) 2018-2019 European Software Marketing Ltd. + * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -13,8 +16,9 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * ============LICENSE_END===================================================== + * ============LICENSE_END========================================================= */ + package org.onap.aai.validation.config; import org.springframework.beans.factory.annotation.Value; -- cgit 1.2.3-korg