summaryrefslogtreecommitdiffstats
path: root/ms/blueprintsprocessor/application/src
diff options
context:
space:
mode:
Diffstat (limited to 'ms/blueprintsprocessor/application/src')
-rwxr-xr-xms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml46
-rwxr-xr-xms/blueprintsprocessor/application/src/main/docker/Dockerfile18
-rwxr-xr-xms/blueprintsprocessor/application/src/main/docker/distribution.xml62
-rwxr-xr-xms/blueprintsprocessor/application/src/main/docker/run.source12
-rw-r--r--ms/blueprintsprocessor/application/src/main/docker/startService.sh10
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java66
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java62
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java79
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java94
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java59
-rw-r--r--ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java75
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.kt58
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.kt (renamed from ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java)21
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.kt (renamed from ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java)32
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.kt60
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.kt69
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.kt (renamed from ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java)31
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.kt87
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.kt57
-rw-r--r--ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.kt71
-rwxr-xr-xms/blueprintsprocessor/application/src/main/resources/application-dev.properties3
-rwxr-xr-xms/blueprintsprocessor/application/src/main/resources/application.properties4
22 files changed, 596 insertions, 480 deletions
diff --git a/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml b/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml
new file mode 100755
index 000000000..407aa6b20
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/dc/docker-compose.yaml
@@ -0,0 +1,46 @@
+version: '3.3'
+
+services:
+ db:
+ image: mariadb:latest
+ container_name: ccsdk-mariadb
+ ports:
+ - "3306:3306"
+ volumes:
+ - ~/vm_mysql:/var/lib/mysql
+ restart: always
+ environment:
+ MYSQL_ROOT_PASSWORD: sdnctl
+ MYSQL_DATABASE: sdnctl
+ MYSQL_USER: sdnctl
+ MYSQL_PASSWORD: sdnctl
+ blueprints-processor:
+ depends_on:
+ - db
+ image: onap/ccsdk-blueprintsprocessor:latest
+ container_name: bp-processor
+ ports:
+ - "8000:8080"
+ - "9111:9111"
+ restart: always
+ volumes:
+ - blueprints-deploy:/opt/app/onap/blueprints/deploy
+ environment:
+ APPLICATIONNAME: BlueprintsProcessor
+ BUNDLEVERSION: 1.0.0
+ APP_CONFIG_HOME: /opt/app/onap/config
+ STICKYSELECTORKEY:
+ ENVCONTEXT: dev
+ command-executor:
+ depends_on:
+ - db
+ image: onap/ccsdk-commandexecutor:latest
+ container_name: bp-command-executor
+ ports:
+ - "50051:50051"
+ restart: always
+ volumes:
+ - blueprints-deploy:/opt/app/onap/blueprints/deploy
+
+volumes:
+ blueprints-deploy:
diff --git a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile
new file mode 100755
index 000000000..dab0a4c01
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile
@@ -0,0 +1,18 @@
+FROM omahoco1/alpine-java-python
+
+ENV HTTP_PROXY ${HTTP_PROXY}
+ENV HTTPS_PROXY ${HTTPS_PROXY}
+
+# add entrypoint
+COPY run.source /etc/run.source
+COPY startService.sh /startService.sh
+RUN chmod 777 /startService.sh && dos2unix /startService.sh
+
+# add application
+COPY @project.build.finalName@-@assembly.id@.tar.gz /source.tar.gz
+RUN tar -xzf /source.tar.gz -C /tmp \
+ && cp -rf /tmp/@project.build.finalName@/opt / \
+ && rm -rf /source.tar.gz \
+ && rm -rf /tmp/@project.build.finalName@
+
+ENTRYPOINT /startService.sh \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/docker/distribution.xml b/ms/blueprintsprocessor/application/src/main/docker/distribution.xml
new file mode 100755
index 000000000..2ff3739df
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/docker/distribution.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Copyright © 2018-2019 Bell Canada.
+ ~ Modifications Copyright © 2019 IBM.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
+ <!-- create a tar.gz file containing the projects dependencies -->
+ <id>${assembly.id}</id>
+ <formats>
+ <format>tar.gz</format>
+ </formats>
+ <dependencySets>
+ <dependencySet>
+ <outputDirectory>/opt/app/onap/lib</outputDirectory>
+ <outputFileNameMapping>${artifact.groupId}-${artifact.artifactId}-${artifact.version}${dashClassifier?}.${artifact.extension}</outputFileNameMapping>
+ <excludes>
+ <exclude>org.slf4j:slf4j-simple</exclude>
+ <exclude>org.apache.karaf.*</exclude>
+ </excludes>
+ </dependencySet>
+ </dependencySets>
+ <fileSets>
+ <fileSet>
+ <directory>${project.basedir}/src/main/resources</directory>
+ <includes>
+ <include>application.properties</include>
+ <include>logback.xml</include>
+ </includes>
+ <outputDirectory>/opt/app/onap/config</outputDirectory>
+ <useDefaultExcludes>true</useDefaultExcludes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/../../../components/model-catalog</directory>
+ <outputDirectory>/opt/app/onap/model-catalog</outputDirectory>
+ <includes>
+ <include>blueprint-model/service-blueprint/**</include>
+ <include>definition-type/starter-type/**</include>
+ <include>resource-dictionary/starter-dictionary/**</include>
+ </includes>
+ </fileSet>
+ <fileSet>
+ <directory>${project.basedir}/../../../components/scripts/python</directory>
+ <outputDirectory>/opt/app/onap/scripts/jython</outputDirectory>
+ <useDefaultExcludes>true</useDefaultExcludes>
+ </fileSet>
+ </fileSets>
+</assembly> \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/docker/run.source b/ms/blueprintsprocessor/application/src/main/docker/run.source
new file mode 100755
index 000000000..f3d8c7ca6
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/docker/run.source
@@ -0,0 +1,12 @@
+java -classpath "/etc:${APP_HOME}/lib/*:/lib/*:/src:/schema:/generated-sources:${APP_CONFIG_HOME}:${APP_HOME}" \
+-DappName=${APPLICATIONNAME} -DappVersion=${BUNDLEVERSION} \
+-DrouteOffer=${ROUTEOFFER} \
+-DVERSION_ROUTEOFFER_ENVCONTEXT=${BUNDLEVERSION}/${STICKYSELECTORKEY}/${ENVCONTEXT} \
+-DSecurityFilePath=/etc \
+-DREST_NAME_NORMALIZER_PATTERN_FILE=/etc/PatternInputs.txt \
+-Dms_name=org.onap.ccsdk.cds.blueprintsprocessor \
+-Dlogging.config=${APP_CONFIG_HOME}/logback.xml \
+-Djava.security.egd=file:/dev/./urandom \
+-DAPPNAME=${APP_NAME} -DAPPENV=${APP_ENV} -DAPPVERSION=${APP_VERSION} -DNAMESPACE=${NAMESPACE} \
+-Dspring.config.location=${APP_CONFIG_HOME}/ \
+org.onap.ccsdk.cds.blueprintsprocessor.BlueprintProcessorApplicationKt
diff --git a/ms/blueprintsprocessor/application/src/main/docker/startService.sh b/ms/blueprintsprocessor/application/src/main/docker/startService.sh
new file mode 100644
index 000000000..14d772e41
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/docker/startService.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+nodeName=BlueprintsProcessor_1.0.0_$(cat /proc/self/cgroup | grep docker | sed s/\\//\\n/g | tail -1)
+
+echo "APP Config HOME : ${APP_CONFIG_HOME}"
+export APP_HOME=/opt/app/onap
+
+keytool -import -noprompt -trustcacerts -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -alias ONAP -import -file $APP_CONFIG_HOME/ONAP_RootCA.cer
+
+source /etc/run.source
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java
deleted file mode 100644
index 9214121e4..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import io.grpc.Server;
-import io.grpc.ServerBuilder;
-import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.BluePrintManagementGRPCHandler;
-import org.onap.ccsdk.cds.blueprintsprocessor.security.BasicAuthServerInterceptor;
-import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.context.ApplicationListener;
-import org.springframework.context.event.ContextRefreshedEvent;
-import org.springframework.stereotype.Component;
-
-@ConditionalOnProperty(name = "blueprintsprocessor.grpcEnable", havingValue = "true")
-@Component
-public class BlueprintGRPCServer implements ApplicationListener<ContextRefreshedEvent> {
-
- private static Logger log = LoggerFactory.getLogger(BlueprintGRPCServer.class);
-
- @Autowired
- private BluePrintProcessingGRPCHandler bluePrintProcessingGRPCHandler;
- @Autowired
- private BluePrintManagementGRPCHandler bluePrintManagementGRPCHandler;
- @Autowired
- private BasicAuthServerInterceptor authInterceptor;
-
- @Value("${blueprintsprocessor.grpcPort}")
- private Integer grpcPort;
-
- @Override
- public void onApplicationEvent(ContextRefreshedEvent event) {
- try {
- log.info("Starting Blueprint Processor GRPC Starting..");
- Server server = ServerBuilder
- .forPort(grpcPort)
- .intercept(authInterceptor)
- .addService(bluePrintProcessingGRPCHandler)
- .addService(bluePrintManagementGRPCHandler)
- .build();
-
- server.start();
- log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.getPort());
- } catch (Exception e) {
- log.error("*** Error ***", e);
- }
- }
-}
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java
deleted file mode 100644
index ce802b7b5..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- * Modifications Copyright © 2018 IBM.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import io.swagger.annotations.Api;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import springfox.documentation.builders.PathSelectors;
-import springfox.documentation.builders.RequestHandlerSelectors;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.service.Contact;
-import springfox.documentation.spi.DocumentationType;
-import springfox.documentation.spring.web.plugins.Docket;
-
-import java.util.Collections;
-
-/**
- * SwaggerConfig
- *
- * @author Brinda Santh 8/13/2018
- */
-@Configuration
-//@EnableSwagger2WebFlux
-public class SwaggerConfig {
-
- @Bean
- public Docket api() {
- return new Docket(DocumentationType.SWAGGER_2)
- .select()
- .apis(RequestHandlerSelectors.withClassAnnotation(Api.class))
- .paths(PathSelectors.any())
- .build()
- .apiInfo(apiInfo());
- }
-
- private ApiInfo apiInfo() {
- return new ApiInfo(
- "CDS Blueprints Processor APIs",
- "Provide APIs to interact with CBA, their resolved resources and templates, and stored resource configurations.",
- "0.5.1",
- null,
- new Contact("CCSDK Team", "www.onap.org", "onap-discuss@lists.onap.org"),
- "Apache 2.0",
- "http://www.apache.org/licenses/LICENSE-2.0",
- Collections.emptyList());
- }
-} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java
deleted file mode 100644
index 32abff011..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- * Modifications Copyright © 2018 IBM.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager;
-import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.config.web.server.ServerHttpSecurity;
-import org.springframework.security.web.server.SecurityWebFilterChain;
-import org.springframework.web.reactive.config.CorsRegistry;
-import org.springframework.web.reactive.config.ResourceHandlerRegistry;
-import org.springframework.web.reactive.config.WebFluxConfigurer;
-
-/**
- * WebConfig
- *
- * @author Brinda Santh 8/13/2018
- */
-@Configuration
-public class WebConfig implements WebFluxConfigurer {
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
- @Autowired
- private SecurityContextRepository securityContextRepository;
-
- @Override
- public void addResourceHandlers(ResourceHandlerRegistry registry) {
-
- registry.addResourceHandler("/swagger-ui.html**")
- .addResourceLocations("classpath:/META-INF/resources/");
-
- registry.addResourceHandler("/webjars/**")
- .addResourceLocations("classpath:/META-INF/resources/webjars/");
- }
-
- @Override
- public void addCorsMappings(CorsRegistry corsRegistry) {
- corsRegistry.addMapping("/**")
- .allowedOrigins("*")
- .allowedMethods("*")
- .allowedHeaders("*")
- .maxAge(3600);
- }
-
-
- @Bean
- public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
- return http.csrf().disable()
- .formLogin().disable()
- .httpBasic().disable()
- .authenticationManager(authenticationManager)
- .securityContextRepository(securityContextRepository)
- .authorizeExchange()
- .pathMatchers(HttpMethod.OPTIONS).permitAll()
- .anyExchange().authenticated()
- .and().build();
-
- }
-}
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java
deleted file mode 100644
index d0bf9e87f..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import com.google.common.base.Strings;
-import io.grpc.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-
-@Component
-public class BasicAuthServerInterceptor implements ServerInterceptor {
-
- private static Logger log = LoggerFactory.getLogger(BasicAuthServerInterceptor.class);
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
-
- @Override
- public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(
- ServerCall<ReqT, RespT> call,
- Metadata headers,
- ServerCallHandler<ReqT, RespT> next) {
- String authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER));
-
- if (Strings.isNullOrEmpty(authHeader)) {
- throw Status.UNAUTHENTICATED.withDescription("Missing required authentication").asRuntimeException();
-
- }
-
- try {
- String[] tokens = decodeBasicAuth(authHeader);
- String username = tokens[0];
-
- log.info("Basic Authentication Authorization header found for user: {}", username);
-
- Authentication authRequest = new UsernamePasswordAuthenticationToken(username, tokens[1]);
- Authentication authResult = authenticationManager.authenticate(authRequest).block();
-
- log.info("Authentication success: {}", authResult);
-
- SecurityContextHolder.getContext().setAuthentication(authResult);
-
- } catch (AuthenticationException e) {
- SecurityContextHolder.clearContext();
-
- log.info("Authentication request failed: {}", e.getMessage());
-
- throw Status.UNAUTHENTICATED.withDescription(e.getMessage()).withCause(e).asRuntimeException();
- }
-
- return next.startCall(call, headers);
- }
-
- private String[] decodeBasicAuth(String authHeader) {
- String basicAuth;
- try {
- basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)),
- StandardCharsets.UTF_8);
- } catch (IllegalArgumentException | IndexOutOfBoundsException e) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- int delim = basicAuth.indexOf(':');
- if (delim == -1) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)};
- }
-} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java
deleted file mode 100644
index bd6469bba..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import java.util.Collections;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
-
-@Configuration
-public class SecurityConfiguration {
-
- @Value("${security.user.name}")
- private String username;
-
- @Value("${security.user.password}")
- private String password;
-
- @Bean
- public UserDetailsService inMemoryUserService() {
- UserDetails user = new User(username, password,
- Collections.singletonList(new SimpleGrantedAuthority("USER")));
- return new InMemoryUserDetailsManager(user);
- }
-
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
-
- @Bean
- public AuthenticationProvider inMemoryAuthenticationProvider() {
- DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
- provider.setUserDetailsService(inMemoryUserService());
- return provider;
- }
-} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java
deleted file mode 100644
index 75eebc5c3..000000000
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.server.reactive.ServerHttpRequest;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextImpl;
-import org.springframework.security.web.server.context.ServerSecurityContextRepository;
-import org.springframework.stereotype.Component;
-import org.springframework.web.server.ServerWebExchange;
-import reactor.core.publisher.Mono;
-
-@Component
-public class SecurityContextRepository implements ServerSecurityContextRepository {
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
- @Override
- public Mono<Void> save(ServerWebExchange swe, SecurityContext sc) {
- throw new UnsupportedOperationException("Not supported.");
- }
-
- @Override
- public Mono<SecurityContext> load(ServerWebExchange swe) {
- ServerHttpRequest request = swe.getRequest();
- String authHeader = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
- if (authHeader != null && authHeader.startsWith("Basic")) {
- String[] tokens = decodeBasicAuth(authHeader);
- String username = tokens[0];
- String password = tokens[1];
- Authentication auth = new UsernamePasswordAuthenticationToken(username, password);
- return this.authenticationManager.authenticate(auth).map(SecurityContextImpl::new);
- } else {
- return Mono.empty();
- }
- }
-
- private String[] decodeBasicAuth(String authHeader) {
- String basicAuth;
- try {
- basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)),
- StandardCharsets.UTF_8);
- } catch (IllegalArgumentException | IndexOutOfBoundsException e) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- int delim = basicAuth.indexOf(':');
- if (delim == -1) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)};
- }
-} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.kt
new file mode 100644
index 000000000..160a1b1b4
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.kt
@@ -0,0 +1,58 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import io.grpc.ServerBuilder
+import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.BluePrintManagementGRPCHandler
+import org.onap.ccsdk.cds.blueprintsprocessor.security.BasicAuthServerInterceptor
+import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler
+import org.onap.ccsdk.cds.controllerblueprints.core.logger
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.context.ApplicationListener
+import org.springframework.context.event.ContextRefreshedEvent
+import org.springframework.stereotype.Component
+
+@ConditionalOnProperty(name = ["blueprintsprocessor.grpcEnable"], havingValue = "true")
+@Component
+open class BlueprintGRPCServer(private val bluePrintProcessingGRPCHandler: BluePrintProcessingGRPCHandler,
+ private val bluePrintManagementGRPCHandler: BluePrintManagementGRPCHandler,
+ private val authInterceptor: BasicAuthServerInterceptor)
+ : ApplicationListener<ContextRefreshedEvent> {
+
+ private val log = logger(BlueprintGRPCServer::class)
+
+ @Value("\${blueprintsprocessor.grpcPort}")
+ private val grpcPort: Int? = null
+
+ override fun onApplicationEvent(event: ContextRefreshedEvent) {
+ try {
+ log.info("Starting Blueprint Processor GRPC Starting..")
+ val server = ServerBuilder
+ .forPort(grpcPort!!)
+ .intercept(authInterceptor)
+ .addService(bluePrintProcessingGRPCHandler)
+ .addService(bluePrintManagementGRPCHandler)
+ .build()
+
+ server.start()
+ log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.port)
+ } catch (e: Exception) {
+ log.error("*** Error ***", e)
+ }
+ }
+}
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.kt
index 85ccd1f43..4251fb5cb 100644
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.kt
@@ -14,21 +14,20 @@
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor;
+package org.onap.ccsdk.cds.blueprintsprocessor
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory;
-import org.springframework.boot.web.server.WebServerFactoryCustomizer;
-import org.springframework.stereotype.Component;
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory
+import org.springframework.boot.web.server.WebServerFactoryCustomizer
+import org.springframework.stereotype.Component
@Component
-public class BlueprintHttpServer implements WebServerFactoryCustomizer<NettyReactiveWebServerFactory> {
+open class BlueprintHttpServer : WebServerFactoryCustomizer<NettyReactiveWebServerFactory> {
- @Value("${blueprintsprocessor.httpPort}")
- private Integer httpPort;
+ @Value("\${blueprintsprocessor.httpPort}")
+ private val httpPort: Int? = null
- @Override
- public void customize(NettyReactiveWebServerFactory serverFactory) {
- serverFactory.setPort(httpPort);
+ override fun customize(serverFactory: NettyReactiveWebServerFactory) {
+ serverFactory.port = httpPort!!
}
} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.kt
index 3d5145a22..3709a9785 100644
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.kt
@@ -14,30 +14,28 @@
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor;
+package org.onap.ccsdk.cds.blueprintsprocessor
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
-import org.springframework.context.annotation.ComponentScan;
+import org.springframework.boot.SpringApplication
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
+import org.springframework.context.annotation.ComponentScan
/**
* BlueprintProcessorApplication
*
- * @author Brinda Santh 8/14/2018
+ * @author Brinda Santh
*/
@SpringBootApplication
-@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class})
-@ComponentScan(basePackages = {"org.onap.ccsdk.cds.blueprintsprocessor", "org.onap.ccsdk.cds.controllerblueprints"})
-public class BlueprintProcessorApplication {
+@EnableAutoConfiguration(exclude = [DataSourceAutoConfiguration::class])
+@ComponentScan(basePackages = ["org.onap.ccsdk.cds.blueprintsprocessor", "org.onap.ccsdk.cds.controllerblueprints"])
+open class BlueprintProcessorApplication
- public static void main(String[] args) {
+fun main(args: Array<String>) {
+ // This is required for TemplateController.getStoredResult to accept a content-type value
+ // as a request parameter, e.g. &format=application%2Fxml is accepted
+ System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true")
- // This is required for TemplateController.getStoredResult to accept a content-type value
- // as a request parameter, e.g. &format=application%2Fxml is accepted
- System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true");
-
- SpringApplication.run(BlueprintProcessorApplication.class, args);
- }
+ SpringApplication.run(BlueprintProcessorApplication::class.java, *args)
}
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.kt
new file mode 100644
index 000000000..a8ee57d9d
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.kt
@@ -0,0 +1,60 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import io.swagger.annotations.Api
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import springfox.documentation.builders.PathSelectors
+import springfox.documentation.builders.RequestHandlerSelectors
+import springfox.documentation.service.ApiInfo
+import springfox.documentation.service.Contact
+import springfox.documentation.spi.DocumentationType
+import springfox.documentation.spring.web.plugins.Docket
+
+/**
+ * SwaggerConfig
+ *
+ * @author Brinda Santh
+ */
+@Configuration
+//@EnableSwagger2WebFlux
+open class SwaggerConfig {
+
+ @Bean
+ open fun api(): Docket {
+ return Docket(DocumentationType.SWAGGER_2)
+ .select()
+ .apis(RequestHandlerSelectors.withClassAnnotation(Api::class.java))
+ .paths(PathSelectors.any())
+ .build()
+ .apiInfo(apiInfo())
+ }
+
+ private fun apiInfo(): ApiInfo {
+ return ApiInfo(
+ "CDS Blueprints Processor APIs",
+ "Provide APIs to interact with CBA, their resolved resources and templates, and stored resource configurations.",
+ "0.7.0",
+ null,
+ Contact("CCSDK Team", "www.onap.org", "onap-discuss@lists.onap.org"),
+ "Apache 2.0",
+ "http://www.apache.org/licenses/LICENSE-2.0",
+ emptyList())
+ }
+} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.kt
new file mode 100644
index 000000000..5b12d8df7
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.kt
@@ -0,0 +1,69 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager
+import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpMethod
+import org.springframework.security.config.web.server.ServerHttpSecurity
+import org.springframework.security.web.server.SecurityWebFilterChain
+import org.springframework.web.reactive.config.CorsRegistry
+import org.springframework.web.reactive.config.ResourceHandlerRegistry
+import org.springframework.web.reactive.config.WebFluxConfigurer
+
+/**
+ * WebConfig
+ *
+ * @author Brinda Santh
+ */
+@Configuration
+open class WebConfig(private val authenticationManager: AuthenticationManager,
+ private val securityContextRepository: SecurityContextRepository) : WebFluxConfigurer {
+
+ override fun addResourceHandlers(registry: ResourceHandlerRegistry) {
+
+ registry.addResourceHandler("/swagger-ui.html**")
+ .addResourceLocations("classpath:/META-INF/resources/")
+
+ registry.addResourceHandler("/webjars/**")
+ .addResourceLocations("classpath:/META-INF/resources/webjars/")
+ }
+
+ override fun addCorsMappings(corsRegistry: CorsRegistry) {
+ corsRegistry.addMapping("/**")
+ .allowedOrigins("*")
+ .allowedMethods("*")
+ .allowedHeaders("*")
+ .maxAge(3600)
+ }
+
+ @Bean
+ open fun securityWebFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
+ return http.csrf().disable()
+ .formLogin().disable()
+ .httpBasic().disable()
+ .authenticationManager(authenticationManager)
+ .securityContextRepository(securityContextRepository!!)
+ .authorizeExchange()
+ .pathMatchers(HttpMethod.OPTIONS).permitAll()
+ .anyExchange().authenticated()
+ .and().build()
+ }
+}
diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.kt
index 1eb0de498..933425bc3 100644
--- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.kt
@@ -13,28 +13,25 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
+package org.onap.ccsdk.cds.blueprintsprocessor.security
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import reactor.core.publisher.Mono;
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.authentication.AuthenticationProvider
+import org.springframework.security.authentication.ReactiveAuthenticationManager
+import org.springframework.security.core.Authentication
+import org.springframework.security.core.AuthenticationException
+import reactor.core.publisher.Mono
@Configuration
-public class AuthenticationManager implements ReactiveAuthenticationManager {
+open class AuthenticationManager(private val authenticationProvider: AuthenticationProvider)
+ : ReactiveAuthenticationManager {
- @Autowired
- private AuthenticationProvider authenticationProvider;
-
- @Override
- public Mono<Authentication> authenticate(Authentication authentication) {
+ override fun authenticate(authentication: Authentication): Mono<Authentication> {
try {
- return Mono.just(authenticationProvider.authenticate(authentication));
- } catch (AuthenticationException e) {
- return Mono.error(e);
+ return Mono.just(authenticationProvider.authenticate(authentication))
+ } catch (e: AuthenticationException) {
+ return Mono.error(e)
}
+
}
} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.kt
new file mode 100644
index 000000000..f821462af
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.kt
@@ -0,0 +1,87 @@
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import io.grpc.*
+import org.onap.ccsdk.cds.controllerblueprints.core.logger
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.stereotype.Component
+import java.nio.charset.StandardCharsets
+import java.util.*
+
+@Component
+class BasicAuthServerInterceptor(private val authenticationManager: AuthenticationManager)
+ : ServerInterceptor {
+
+ private val log = logger(BasicAuthServerInterceptor::class)
+
+ override fun <ReqT, RespT> interceptCall(
+ call: ServerCall<ReqT, RespT>,
+ headers: Metadata,
+ next: ServerCallHandler<ReqT, RespT>): ServerCall.Listener<ReqT> {
+ val authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER))
+
+ if (authHeader.isNullOrEmpty()) {
+ throw Status.UNAUTHENTICATED.withDescription("Missing required authentication")
+ .asRuntimeException()
+ }
+
+ try {
+ val tokens = decodeBasicAuth(authHeader)
+ val username = tokens[0]
+
+ log.info("Basic Authentication Authorization header found for user: {}", username)
+
+ val authRequest = UsernamePasswordAuthenticationToken(username, tokens[1])
+ val authResult = authenticationManager!!.authenticate(authRequest).block()
+
+ log.info("Authentication success: {}", authResult)
+
+ SecurityContextHolder.getContext().authentication = authResult
+
+ } catch (e: AuthenticationException) {
+ SecurityContextHolder.clearContext()
+
+ log.info("Authentication request failed: {}", e.message)
+
+ throw Status.UNAUTHENTICATED.withDescription(e.message).withCause(e).asRuntimeException()
+ }
+
+ return next.startCall(call, headers)
+ }
+
+ private fun decodeBasicAuth(authHeader: String): Array<String> {
+ val basicAuth: String
+ try {
+ basicAuth = String(Base64.getDecoder().decode(authHeader.substring(6).toByteArray(StandardCharsets.UTF_8)),
+ StandardCharsets.UTF_8)
+ } catch (e: IllegalArgumentException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ } catch (e: IndexOutOfBoundsException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ val delim = basicAuth.indexOf(':')
+ if (delim == -1) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ return arrayOf(basicAuth.substring(0, delim), basicAuth.substring(delim + 1))
+ }
+} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.kt
new file mode 100644
index 000000000..70b0df2d1
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.kt
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.authentication.AuthenticationProvider
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider
+import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.userdetails.User
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
+import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.security.provisioning.InMemoryUserDetailsManager
+
+@Configuration
+open class SecurityConfiguration {
+
+ @Value("\${security.user.name}")
+ lateinit var username: String
+
+ @Value("\${security.user.password}")
+ lateinit var password: String
+
+ @Bean
+ open fun inMemoryUserService(): UserDetailsService {
+ val user = User(username, password,
+ listOf(SimpleGrantedAuthority("USER")))
+ return InMemoryUserDetailsManager(user)
+ }
+
+ @Bean
+ open fun passwordEncoder(): PasswordEncoder {
+ return BCryptPasswordEncoder()
+ }
+
+ @Bean
+ open fun inMemoryAuthenticationProvider(): AuthenticationProvider {
+ val provider = DaoAuthenticationProvider()
+ provider.setUserDetailsService(inMemoryUserService())
+ return provider
+ }
+} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.kt b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.kt
new file mode 100644
index 000000000..f1c362f57
--- /dev/null
+++ b/ms/blueprintsprocessor/application/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.kt
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import org.springframework.http.HttpHeaders
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.security.core.context.SecurityContext
+import org.springframework.security.core.context.SecurityContextImpl
+import org.springframework.security.web.server.context.ServerSecurityContextRepository
+import org.springframework.stereotype.Component
+import org.springframework.web.server.ServerWebExchange
+import reactor.core.publisher.Mono
+import java.nio.charset.StandardCharsets
+import java.util.*
+
+@Component
+class SecurityContextRepository(private val authenticationManager: AuthenticationManager)
+ : ServerSecurityContextRepository {
+
+ override fun save(swe: ServerWebExchange, sc: SecurityContext): Mono<Void> {
+ throw UnsupportedOperationException("Not supported.")
+ }
+
+ override fun load(swe: ServerWebExchange): Mono<SecurityContext> {
+ val request = swe.request
+ val authHeader = request.headers.getFirst(HttpHeaders.AUTHORIZATION)
+ if (authHeader != null && authHeader.startsWith("Basic")) {
+ val tokens = decodeBasicAuth(authHeader)
+ val username = tokens[0]
+ val password = tokens[1]
+ val auth = UsernamePasswordAuthenticationToken(username, password)
+ return this.authenticationManager!!.authenticate(auth)
+ .map { SecurityContextImpl(it) }
+ } else {
+ return Mono.empty()
+ }
+ }
+
+ private fun decodeBasicAuth(authHeader: String): Array<String> {
+ val basicAuth: String
+ try {
+ basicAuth = String(Base64.getDecoder().decode(authHeader.substring(6).toByteArray(StandardCharsets.UTF_8)),
+ StandardCharsets.UTF_8)
+ } catch (e: IllegalArgumentException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ } catch (e: IndexOutOfBoundsException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ val delim = basicAuth.indexOf(':')
+ if (delim == -1) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ return arrayOf(basicAuth.substring(0, delim), basicAuth.substring(delim + 1))
+ }
+} \ No newline at end of file
diff --git a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties
index 3ae9414a9..3b1a18953 100755
--- a/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties
+++ b/ms/blueprintsprocessor/application/src/main/resources/application-dev.properties
@@ -23,6 +23,9 @@
# Web server config
server.port=8081
+# Used in Health Check
+endpoints.user.name=ccsdkapps
+endpoints.user.password=ccsdkapps
### START -Controller Blueprints Properties
# Load Resource Source Mappings
diff --git a/ms/blueprintsprocessor/application/src/main/resources/application.properties b/ms/blueprintsprocessor/application/src/main/resources/application.properties
index 8fe00e709..37e39655a 100755
--- a/ms/blueprintsprocessor/application/src/main/resources/application.properties
+++ b/ms/blueprintsprocessor/application/src/main/resources/application.properties
@@ -59,6 +59,10 @@ blueprints.processor.functions.python.executor.modulePaths=/opt/app/onap/scripts
security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu
security.user.name: ccsdkapps
+# Used in Health Check
+endpoints.user.name=ccsdkapps
+endpoints.user.password=ccsdkapps
+
# SDN-C's ODL Restconf Connection Details
blueprintsprocessor.restconfEnabled=true
blueprintsprocessor.restclient.sdncodl.type=basic-auth