Add grpc TLS property lib services.

Issue-ID: CCSDK-1853 Signed-off-by: Brinda Santh <bs2796@att.com> Change-Id: I92c8b39a6db0bf7c1fe7e9928e4eddaef8a30f07
author: Brinda Santh <bs2796@att.com> 2019-10-22 16:14:00 -0400
committer: Brinda Santh <bs2796@att.com> 2019-10-22 16:14:00 -0400
commit: 910fa69e65b3d151ef2bdbbf90fdcc31cfa01008 (patch)
tree: d0c5d081e248a68b0d881700c0bab0b8c4d89ccf /ms/blueprintsprocessor/modules/commons/grpc-lib/src/main
parent: 6fd8d3dbd0c6cdd27f9ef975e4a6a45403dfb298 (diff)
6 files changed, 217 insertions, 8 deletions
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibConfiguration.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibConfiguration.kt
index 1bef3a0f2..0ec049a3c 100644
--- a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibConfiguration.kt
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibConfiguration.kt
@@ -1,5 +1,6 @@
 /*
  *  Copyright © 2019 IBM.
+ *  Modifications Copyright © 2018-2019 AT&T Intellectual Property.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -16,6 +17,10 @@
 
 package org.onap.ccsdk.cds.blueprintsprocessor.grpc
 
+import com.fasterxml.jackson.databind.JsonNode
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.service.BluePrintGrpcClientService
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.service.BluePrintGrpcLibPropertyService
+import org.onap.ccsdk.cds.controllerblueprints.core.service.BluePrintDependencyService
 import org.springframework.context.annotation.ComponentScan
 import org.springframework.context.annotation.Configuration
 
@@ -23,10 +28,25 @@ import org.springframework.context.annotation.Configuration
 @ComponentScan
 open class BluePrintGrpcLibConfiguration
 
+/**
+ * Exposed Dependency Service by this GRPC Lib Module
+ */
+fun BluePrintDependencyService.grpcLibPropertyService(): BluePrintGrpcLibPropertyService =
+        instance(GRPCLibConstants.SERVICE_BLUEPRINT_GRPC_LIB_PROPERTY)
+
+fun BluePrintDependencyService.grpcClientService(selector: String): BluePrintGrpcClientService {
+    return grpcLibPropertyService().blueprintGrpcClientService(selector)
+}
+
+fun BluePrintDependencyService.grpcClientService(jsonNode: JsonNode): BluePrintGrpcClientService {
+    return grpcLibPropertyService().blueprintGrpcClientService(jsonNode)
+}
+
 class GRPCLibConstants {
     companion object {
         const val SERVICE_BLUEPRINT_GRPC_LIB_PROPERTY = "blueprint-grpc-lib-property-service"
         const val TYPE_TOKEN_AUTH = "token-auth"
         const val TYPE_BASIC_AUTH = "basic-auth"
+        const val TYPE_TLS_AUTH = "tls-auth"
     }
 }
 \ No newline at end of file
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibData.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibData.kt
index 76e60bd0d..47d16fbc7 100644
--- a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibData.kt
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/BluePrintGrpcLibData.kt
@@ -1,5 +1,6 @@
 /*
  *  Copyright © 2019 IBM.
+ *  Modifications Copyright © 2018-2019 AT&T Intellectual Property.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -16,6 +17,24 @@
 
 package org.onap.ccsdk.cds.blueprintsprocessor.grpc
 
+/** GRPC Server Properties */
+open class GrpcServerProperties {
+    lateinit var type: String
+    var port: Int = -1
+}
+
+open class TokenAuthGrpcServerProperties : GrpcServerProperties() {
+    lateinit var token: String
+}
+
+open class TLSAuthGrpcServerProperties : GrpcServerProperties() {
+    lateinit var certChain: String
+    lateinit var privateKey: String
+    /** Below Used only for Mutual TLS */
+    var trustCertCollection: String? = null
+}
+
+/** GRPC Client Properties */
 open class GrpcClientProperties {
     lateinit var type: String
     lateinit var host: String
@@ -26,6 +45,13 @@ open class TokenAuthGrpcClientProperties : GrpcClientProperties() {
     lateinit var token: String
 }
 
+open class TLSAuthGrpcClientProperties : GrpcClientProperties() {
+    var trustCertCollection: String? = null
+    /** Below Used only for Mutual TLS */
+    var clientCertChain: String? = null
+    var clientPrivateKey: String? = null
+}
+
 open class BasicAuthGrpcClientProperties : GrpcClientProperties() {
     lateinit var username: String
     lateinit var password: String
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcLibPropertyService.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcLibPropertyService.kt
index a1d2188ab..f4933a3ad 100644
--- a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcLibPropertyService.kt
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcLibPropertyService.kt
@@ -1,5 +1,6 @@
 /*
  *  Copyright © 2019 IBM.
+ *  Modifications Copyright © 2018-2019 AT&T Intellectual Property.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -18,17 +19,56 @@ package org.onap.ccsdk.cds.blueprintsprocessor.grpc.service
 
 import com.fasterxml.jackson.databind.JsonNode
 import org.onap.ccsdk.cds.blueprintsprocessor.core.BluePrintProperties
-import org.onap.ccsdk.cds.blueprintsprocessor.grpc.BasicAuthGrpcClientProperties
-import org.onap.ccsdk.cds.blueprintsprocessor.grpc.GRPCLibConstants
-import org.onap.ccsdk.cds.blueprintsprocessor.grpc.GrpcClientProperties
-import org.onap.ccsdk.cds.blueprintsprocessor.grpc.TokenAuthGrpcClientProperties
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.*
 import org.onap.ccsdk.cds.controllerblueprints.core.BluePrintProcessorException
+import org.onap.ccsdk.cds.controllerblueprints.core.returnNullIfMissing
 import org.onap.ccsdk.cds.controllerblueprints.core.utils.JacksonUtils
 import org.springframework.stereotype.Service
 
 @Service(GRPCLibConstants.SERVICE_BLUEPRINT_GRPC_LIB_PROPERTY)
 open class BluePrintGrpcLibPropertyService(private var bluePrintProperties: BluePrintProperties) {
 
+    /** GRPC Server Lib Property Service */
+    fun grpcServerProperties(jsonNode: JsonNode): GrpcServerProperties {
+        return when (val type = jsonNode.get("type").textValue()) {
+            GRPCLibConstants.TYPE_TOKEN_AUTH -> {
+                JacksonUtils.readValue(jsonNode, TokenAuthGrpcServerProperties::class.java)!!
+            }
+            GRPCLibConstants.TYPE_TLS_AUTH -> {
+                JacksonUtils.readValue(jsonNode, TLSAuthGrpcServerProperties::class.java)!!
+            }
+            else -> {
+                throw BluePrintProcessorException("Grpc type($type) not supported")
+            }
+        }
+    }
+
+    fun grpcServerProperties(prefix: String): GrpcServerProperties {
+        val type = bluePrintProperties.propertyBeanType(
+                "$prefix.type", String::class.java)
+        return when (type) {
+            GRPCLibConstants.TYPE_TOKEN_AUTH -> {
+                tokenAuthGrpcServerProperties(prefix)
+            }
+            GRPCLibConstants.TYPE_TLS_AUTH -> {
+                tlsAuthGrpcServerProperties(prefix)
+            }
+            else -> {
+                throw BluePrintProcessorException("Grpc type($type) not supported")
+            }
+        }
+    }
+
+    private fun tokenAuthGrpcServerProperties(prefix: String): TokenAuthGrpcServerProperties {
+        return bluePrintProperties.propertyBeanType(prefix, TokenAuthGrpcServerProperties::class.java)
+    }
+
+    private fun tlsAuthGrpcServerProperties(prefix: String): TLSAuthGrpcServerProperties {
+        return bluePrintProperties.propertyBeanType(prefix, TLSAuthGrpcServerProperties::class.java)
+    }
+
+    /** GRPC Client Lib Property Service */
+
     fun blueprintGrpcClientService(jsonNode: JsonNode): BluePrintGrpcClientService {
         val restClientProperties = grpcClientProperties(jsonNode)
         return blueprintGrpcClientService(restClientProperties)
@@ -42,11 +82,15 @@ open class BluePrintGrpcLibPropertyService(private var bluePrintProperties: Blue
 
 
     fun grpcClientProperties(jsonNode: JsonNode): GrpcClientProperties {
-        val type = jsonNode.get("type").textValue()
+        val type = jsonNode.get("type").returnNullIfMissing()?.textValue()
+                ?: BluePrintProcessorException("missing type property")
         return when (type) {
             GRPCLibConstants.TYPE_TOKEN_AUTH -> {
                 JacksonUtils.readValue(jsonNode, TokenAuthGrpcClientProperties::class.java)!!
             }
+            GRPCLibConstants.TYPE_TLS_AUTH -> {
+                JacksonUtils.readValue(jsonNode, TLSAuthGrpcClientProperties::class.java)!!
+            }
             GRPCLibConstants.TYPE_BASIC_AUTH -> {
                 JacksonUtils.readValue(jsonNode, BasicAuthGrpcClientProperties::class.java)!!
             }
@@ -63,6 +107,9 @@ open class BluePrintGrpcLibPropertyService(private var bluePrintProperties: Blue
             GRPCLibConstants.TYPE_TOKEN_AUTH -> {
                 tokenAuthGrpcClientProperties(prefix)
             }
+            GRPCLibConstants.TYPE_TLS_AUTH -> {
+                tlsAuthGrpcClientProperties(prefix)
+            }
             GRPCLibConstants.TYPE_BASIC_AUTH -> {
                 basicAuthGrpcClientProperties(prefix)
             }
@@ -75,12 +122,15 @@ open class BluePrintGrpcLibPropertyService(private var bluePrintProperties: Blue
 
     fun blueprintGrpcClientService(grpcClientProperties: GrpcClientProperties):
             BluePrintGrpcClientService {
-        when (grpcClientProperties) {
+        return when (grpcClientProperties) {
             is TokenAuthGrpcClientProperties -> {
-                return TokenAuthGrpcClientService(grpcClientProperties)
+                TokenAuthGrpcClientService(grpcClientProperties)
+            }
+            is TLSAuthGrpcClientProperties -> {
+                TLSAuthGrpcClientService(grpcClientProperties)
             }
             is BasicAuthGrpcClientProperties -> {
-                return BasicAuthGrpcClientService(grpcClientProperties)
+                BasicAuthGrpcClientService(grpcClientProperties)
             }
             else -> {
                 throw BluePrintProcessorException("couldn't get grpc service for type(${grpcClientProperties.type})")
@@ -92,6 +142,10 @@ open class BluePrintGrpcLibPropertyService(private var bluePrintProperties: Blue
         return bluePrintProperties.propertyBeanType(prefix, TokenAuthGrpcClientProperties::class.java)
     }
 
+    private fun tlsAuthGrpcClientProperties(prefix: String): TLSAuthGrpcClientProperties {
+        return bluePrintProperties.propertyBeanType(prefix, TLSAuthGrpcClientProperties::class.java)
+    }
+
     private fun basicAuthGrpcClientProperties(prefix: String): BasicAuthGrpcClientProperties {
         return bluePrintProperties.propertyBeanType(prefix, BasicAuthGrpcClientProperties::class.java)
     }
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcClientService.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcService.kt
index 016c05035..0d9291615 100644
--- a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcClientService.kt
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/BluePrintGrpcService.kt
@@ -1,5 +1,6 @@
 /*
  *  Copyright © 2019 IBM.
+ *  Modifications Copyright © 2018-2019 AT&T Intellectual Property.
  *
  *  Licensed under the Apache License, Version 2.0 (the "License");
  *  you may not use this file except in compliance with the License.
@@ -17,6 +18,11 @@
 package org.onap.ccsdk.cds.blueprintsprocessor.grpc.service
 
 import io.grpc.ManagedChannel
+import io.grpc.netty.NettyServerBuilder
+
+interface BluePrintGrpcServerService {
+    fun serverBuilder(): NettyServerBuilder
+}
 
 interface BluePrintGrpcClientService {
     suspend fun channel(): ManagedChannel
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcClientService.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcClientService.kt
new file mode 100644
index 000000000..a70cbbce0
--- /dev/null
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcClientService.kt
@@ -0,0 +1,54 @@
+/*
+ * Copyright © 2018-2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor.grpc.service
+
+import io.grpc.ManagedChannel
+import io.grpc.internal.DnsNameResolverProvider
+import io.grpc.internal.PickFirstLoadBalancerProvider
+import io.grpc.netty.GrpcSslContexts
+import io.grpc.netty.NettyChannelBuilder
+import io.netty.handler.ssl.SslContext
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.TLSAuthGrpcClientProperties
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.interceptor.GrpcClientLoggingInterceptor
+import org.onap.ccsdk.cds.controllerblueprints.core.normalizedFile
+
+class TLSAuthGrpcClientService(private val tlsAuthGrpcClientProperties: TLSAuthGrpcClientProperties)
+    : BluePrintGrpcClientService {
+
+    override suspend fun channel(): ManagedChannel {
+        return NettyChannelBuilder
+                .forAddress(tlsAuthGrpcClientProperties.host, tlsAuthGrpcClientProperties.port)
+                .nameResolverFactory(DnsNameResolverProvider())
+                .loadBalancerFactory(PickFirstLoadBalancerProvider())
+                .intercept(GrpcClientLoggingInterceptor())
+                .sslContext(sslContext())
+                .build()
+    }
+
+    fun sslContext(): SslContext {
+        val builder = GrpcSslContexts.forClient()
+        if (tlsAuthGrpcClientProperties.trustCertCollection != null) {
+            builder.trustManager(normalizedFile(tlsAuthGrpcClientProperties.trustCertCollection!!))
+        }
+        if (tlsAuthGrpcClientProperties.clientCertChain != null
+                && tlsAuthGrpcClientProperties.clientPrivateKey != null) {
+            builder.keyManager(normalizedFile(tlsAuthGrpcClientProperties.clientCertChain!!),
+                    normalizedFile(tlsAuthGrpcClientProperties.clientPrivateKey!!))
+        }
+        return builder.build()
+    }
+}
+\ No newline at end of file
diff --git a/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcServerService.kt b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcServerService.kt
new file mode 100644
index 000000000..fc73d43f9
--- /dev/null
+++ b/ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcServerService.kt
@@ -0,0 +1,49 @@
+/*
+ * Copyright © 2018-2019 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor.grpc.service
+
+import io.grpc.netty.GrpcSslContexts
+import io.grpc.netty.NettyServerBuilder
+import io.netty.handler.ssl.ClientAuth
+import io.netty.handler.ssl.SslContext
+import io.netty.handler.ssl.SslContextBuilder
+import org.onap.ccsdk.cds.blueprintsprocessor.grpc.TLSAuthGrpcServerProperties
+import org.onap.ccsdk.cds.controllerblueprints.core.normalizedFile
+
+
+class TLSAuthGrpcServerService(private val tlsAuthGrpcServerProperties: TLSAuthGrpcServerProperties)
+    : BluePrintGrpcServerService {
+
+    override fun serverBuilder(): NettyServerBuilder {
+        return NettyServerBuilder
+                .forPort(tlsAuthGrpcServerProperties.port)
+                .sslContext(sslContext())
+    }
+
+    fun sslContext(): SslContext {
+        val sslClientContextBuilder = SslContextBuilder
+                .forServer(normalizedFile(tlsAuthGrpcServerProperties.certChain),
+                        normalizedFile(tlsAuthGrpcServerProperties.privateKey))
+
+        tlsAuthGrpcServerProperties.trustCertCollection?.let { trustCertFile ->
+            sslClientContextBuilder.trustManager(normalizedFile(trustCertFile))
+            sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE)
+        }
+        return GrpcSslContexts.configure(sslClientContextBuilder).build()
+    }
+
+}
+\ No newline at end of file
author	Brinda Santh <bs2796@att.com>	2019-10-22 16:14:00 -0400
committer	Brinda Santh <bs2796@att.com>	2019-10-22 16:14:00 -0400
commit	910fa69e65b3d151ef2bdbbf90fdcc31cfa01008 (patch)
tree	d0c5d081e248a68b0d881700c0bab0b8c4d89ccf /ms/blueprintsprocessor/modules/commons/grpc-lib/src/main
parent	6fd8d3dbd0c6cdd27f9ef975e4a6a45403dfb298 (diff)