blob: 01860fa461e0b39e851b89a3d812d0b023363623 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
/*******************************************************************************
* Copyright © 2017-2018 AT&T Intellectual Property.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.onap.ccsdk.apps.ms.vlantagapi.core;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;
/**
* ApplicationSecurityConfig.java Purpose: Configures and validates
* Application Security configurations
*
* @author Saurav Paira
* @version 1.0
*/
@Configuration
public class ApplicationSecurityConfig {
private Logger logger = LoggerFactory.getLogger(ApplicationSecurityConfig.class);
@Autowired
private Environment environment;
@Bean
public InMemoryUserDetailsManager userDetailsService() {
List<UserDetails> userDetails = new ArrayList<>();
// Explicitly set bcrypt password encoder rather than using default
PasswordEncoder encoder = new BCryptPasswordEncoder();
final User.UserBuilder userBuilder = User.builder().passwordEncoder(encoder::encode);
String authString = environment.getProperty("application.authToken");
String[] tokens = authString.split(";");
for (int i = 0; i < tokens.length; i++) {
String token = tokens[i];
String[] cred = token.split("~");
String[] uidpwdarr = decode(cred[0]);
logger.info("------uid/pwd ----------------{}, {}",uidpwdarr[0],uidpwdarr[1]);
UserDetails user = userBuilder
.username(uidpwdarr[0])
.password(uidpwdarr[1])
.roles(cred[1])
.build();
userDetails.add(user);
}
logger.info("-------------------------------{}",userDetails);
return new InMemoryUserDetailsManager(userDetails);
}
public InMemoryUserDetailsManager inMemoryUserDetailsManager(List<UserDetails> userDetails) {
return new InMemoryUserDetailsManager(userDetails);
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.authorizeHttpRequests().anyRequest().fullyAuthenticated();
http.httpBasic().and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.csrf().disable();
return http.build();
}
private static String[] decode(String encoded) {
final byte[] decodedBytes
= Base64.getDecoder().decode(encoded.getBytes());
final String pair = new String(decodedBytes);
return pair.split(":", 2);
}
}
|
