From c90edac236dffb7c495e266dd04991de7e8f04b7 Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Mon, 25 Mar 2019 13:04:18 -0400 Subject: Migrate ccsdk/apps to ccsdk/cds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Issue-ID: CCSDK-1177 Issue-ID: CCSDK-1178 Change-Id: I0c02702fbec52211ca367abbba72aebecee8cbaa Signed-off-by: Alexis de Talhouët --- ms/blueprintsprocessor/application/pom.xml | 14 ++-- .../blueprintsprocessor/BlueprintGRPCServer.java | 67 --------------- .../blueprintsprocessor/BlueprintHttpServer.java | 55 ------------ .../BlueprintProcessorApplication.java | 39 --------- .../apps/blueprintsprocessor/SwaggerConfig.java | 63 -------------- .../ccsdk/apps/blueprintsprocessor/WebConfig.java | 78 ----------------- .../security/AuthenticationManager.java | 40 --------- .../security/BasicAuthServerInterceptor.java | 97 ---------------------- .../security/SecurityConfiguration.java | 59 ------------- .../security/SecurityContextRepository.java | 75 ----------------- .../blueprintsprocessor/BlueprintGRPCServer.java | 67 +++++++++++++++ .../blueprintsprocessor/BlueprintHttpServer.java | 55 ++++++++++++ .../BlueprintProcessorApplication.java | 39 +++++++++ .../cds/blueprintsprocessor/SwaggerConfig.java | 63 ++++++++++++++ .../ccsdk/cds/blueprintsprocessor/WebConfig.java | 78 +++++++++++++++++ .../security/AuthenticationManager.java | 40 +++++++++ .../security/BasicAuthServerInterceptor.java | 97 ++++++++++++++++++++++ .../security/SecurityConfiguration.java | 59 +++++++++++++ .../security/SecurityContextRepository.java | 75 +++++++++++++++++ .../application/src/main/resources/logback.xml | 2 +- .../BlueprintProcessorApplicationTest.java | 57 ------------- .../BlueprintProcessorApplicationTest.java | 57 +++++++++++++ .../src/test/resources/logback-test.xml | 2 +- 23 files changed, 639 insertions(+), 639 deletions(-) delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintGRPCServer.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintHttpServer.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplication.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/SwaggerConfig.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/WebConfig.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/AuthenticationManager.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/BasicAuthServerInterceptor.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityConfiguration.java delete mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityContextRepository.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java create mode 100644 ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java delete mode 100644 ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplicationTest.java create mode 100644 ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplicationTest.java (limited to 'ms/blueprintsprocessor/application') diff --git a/ms/blueprintsprocessor/application/pom.xml b/ms/blueprintsprocessor/application/pom.xml index 8757a0367..e7af4c852 100755 --- a/ms/blueprintsprocessor/application/pom.xml +++ b/ms/blueprintsprocessor/application/pom.xml @@ -20,7 +20,7 @@ 4.0.0 - org.onap.ccsdk.apps.blueprintsprocessor + org.onap.ccsdk.cds.blueprintsprocessor parent 0.4.2-SNAPSHOT ../parent @@ -32,7 +32,7 @@ - org.onap.ccsdk.apps.controllerblueprints + org.onap.ccsdk.cds.controllerblueprints blueprint-core @@ -47,23 +47,23 @@ - org.onap.ccsdk.apps.blueprintsprocessor + org.onap.ccsdk.cds.blueprintsprocessor resource-api - org.onap.ccsdk.apps.blueprintsprocessor.functions + org.onap.ccsdk.cds.blueprintsprocessor.functions python-executor - org.onap.ccsdk.apps.blueprintsprocessor.functions + org.onap.ccsdk.cds.blueprintsprocessor.functions netconf-executor - org.onap.ccsdk.apps.blueprintsprocessor.functions + org.onap.ccsdk.cds.blueprintsprocessor.functions restconf-executor - org.onap.ccsdk.apps.blueprintsprocessor + org.onap.ccsdk.cds.blueprintsprocessor selfservice-api diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintGRPCServer.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintGRPCServer.java deleted file mode 100644 index 3ac1a6e62..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintGRPCServer.java +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - -import io.grpc.Server; -import io.grpc.ServerBuilder; -import org.onap.ccsdk.apps.blueprintsprocessor.security.BasicAuthServerInterceptor; -import org.onap.ccsdk.apps.blueprintsprocessor.selfservice.api.BluePrintManagementGRPCHandler; -import org.onap.ccsdk.apps.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; -import org.springframework.context.ApplicationListener; -import org.springframework.context.event.ContextRefreshedEvent; -import org.springframework.stereotype.Component; - -@ConditionalOnProperty(name = "blueprintsprocessor.grpcEnable", havingValue = "true") -@Component -public class BlueprintGRPCServer implements ApplicationListener { - - private static Logger log = LoggerFactory.getLogger(BlueprintGRPCServer.class); - - @Autowired - private BluePrintProcessingGRPCHandler bluePrintProcessingGRPCHandler; - @Autowired - private BluePrintManagementGRPCHandler bluePrintManagementGRPCHandler; - @Autowired - private BasicAuthServerInterceptor authInterceptor; - - @Value("${blueprintsprocessor.grpcPort}") - private Integer grpcPort; - - @Override - public void onApplicationEvent(ContextRefreshedEvent event) { - try { - log.info("Starting Blueprint Processor GRPC Starting.."); - Server server = ServerBuilder - .forPort(grpcPort) - .intercept(authInterceptor) - .addService(bluePrintProcessingGRPCHandler) - .addService(bluePrintManagementGRPCHandler) - .build(); - - server.start(); - log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.getPort()); - server.awaitTermination(); - } catch (Exception e) { - e.printStackTrace(); - } - } -} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintHttpServer.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintHttpServer.java deleted file mode 100644 index 9561b78d4..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintHttpServer.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - -import javax.annotation.PostConstruct; -import javax.annotation.PreDestroy; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory; -import org.springframework.boot.web.reactive.server.ReactiveWebServerFactory; -import org.springframework.boot.web.server.WebServer; -import org.springframework.http.server.reactive.HttpHandler; -import org.springframework.stereotype.Component; - -@Component -public class BlueprintHttpServer { - - private static Logger log = LoggerFactory.getLogger(BlueprintHttpServer.class); - - @Value("${blueprintsprocessor.httpPort}") - private Integer httpPort; - - @Autowired - HttpHandler httpHandler; - - WebServer http; - - @PostConstruct - public void start() { - ReactiveWebServerFactory factory = new NettyReactiveWebServerFactory(httpPort); - this.http = factory.getWebServer(this.httpHandler); - this.http.start(); - } - - @PreDestroy - public void stop() { - this.http.stop(); - } -} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplication.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplication.java deleted file mode 100644 index 3f8dc375c..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplication.java +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; -import org.springframework.context.annotation.ComponentScan; - -/** - * BlueprintProcessorApplication - * - * @author Brinda Santh 8/14/2018 - */ -@SpringBootApplication -@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class}) -@ComponentScan(basePackages = {"org.onap.ccsdk.apps.controllerblueprints", - "org.onap.ccsdk.apps.blueprintsprocessor"}) -public class BlueprintProcessorApplication { - - public static void main(String[] args) { - SpringApplication.run(BlueprintProcessorApplication.class, args); - } -} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/SwaggerConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/SwaggerConfig.java deleted file mode 100644 index 810480e96..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/SwaggerConfig.java +++ /dev/null @@ -1,63 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * Modifications Copyright © 2018 IBM. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - - -import org.springframework.context.annotation.Bean; -import springfox.documentation.builders.PathSelectors; -import springfox.documentation.builders.RequestHandlerSelectors; -import springfox.documentation.service.ApiInfo; -import springfox.documentation.service.Contact; -import springfox.documentation.spi.DocumentationType; -import springfox.documentation.spring.web.plugins.Docket; - -import java.util.Collections; - -/** - * SwaggerConfig - * - * @author Brinda Santh 8/13/2018 - */ -//@Configuration -//@EnableSwagger2 -@SuppressWarnings("unused") -@Deprecated -public class SwaggerConfig { - - @Bean - public Docket api() { - return new Docket(DocumentationType.SWAGGER_2) - .select() - .apis(RequestHandlerSelectors.any()) - .paths(PathSelectors.any()) - .build() - .apiInfo(apiInfo()); - } - - private ApiInfo apiInfo() { - return new ApiInfo( - "Blueprints Processor API", - "Controller blueprints processor API for VNF Selfservice.", - "1.0.0", - "Terms of service", - new Contact("Brinda Santh", "www.onap.com", "bs2796@onap.com"), - "Apache 2.0", "http://www.apache.org/licenses/LICENSE-2.0", Collections.emptyList()); - } - - -} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/WebConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/WebConfig.java deleted file mode 100644 index 47c7b7225..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/WebConfig.java +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * Modifications Copyright © 2018 IBM. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - -import org.onap.ccsdk.apps.blueprintsprocessor.security.AuthenticationManager; -import org.onap.ccsdk.apps.blueprintsprocessor.security.SecurityContextRepository; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; -import org.springframework.security.config.web.server.ServerHttpSecurity; -import org.springframework.security.web.server.SecurityWebFilterChain; -import org.springframework.web.reactive.config.CorsRegistry; -import org.springframework.web.reactive.config.ResourceHandlerRegistry; -import org.springframework.web.reactive.config.WebFluxConfigurationSupport; - -/** - * WebConfig - * - * @author Brinda Santh 8/13/2018 - */ -@Configuration -public class WebConfig extends WebFluxConfigurationSupport { - - @Autowired - private AuthenticationManager authenticationManager; - - @Autowired - private SecurityContextRepository securityContextRepository; - - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - registry.addResourceHandler("swagger-ui.html") - .addResourceLocations("classpath:/META-INF/resources/"); - - registry.addResourceHandler("/webjars/**") - .addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - - @Override - public void addCorsMappings(CorsRegistry corsRegistry) { - corsRegistry.addMapping("/**") - .allowedOrigins("*") - .allowedMethods("*") - .allowedHeaders("*") - .maxAge(3600); - } - - - @Bean - public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) { - return http.csrf().disable() - .formLogin().disable() - .httpBasic().disable() - .authenticationManager(authenticationManager) - .securityContextRepository(securityContextRepository) - .authorizeExchange() - .pathMatchers(HttpMethod.OPTIONS).permitAll() - .anyExchange().authenticated() - .and().build(); - - } -} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/AuthenticationManager.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/AuthenticationManager.java deleted file mode 100644 index 726be2ce7..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/AuthenticationManager.java +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (C) 2019 Bell Canada. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and -* limitations under the License. - */ -package org.onap.ccsdk.apps.blueprintsprocessor.security; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.ReactiveAuthenticationManager; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import reactor.core.publisher.Mono; - -@Configuration -public class AuthenticationManager implements ReactiveAuthenticationManager { - - @Autowired - private AuthenticationProvider authenticationProvider; - - @Override - public Mono authenticate(Authentication authentication) { - try { - return Mono.just(authenticationProvider.authenticate(authentication)); - } catch (AuthenticationException e) { - return Mono.error(e); - } - } -} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/BasicAuthServerInterceptor.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/BasicAuthServerInterceptor.java deleted file mode 100644 index db0bfce46..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/BasicAuthServerInterceptor.java +++ /dev/null @@ -1,97 +0,0 @@ -/* - * Copyright (C) 2019 Bell Canada. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.onap.ccsdk.apps.blueprintsprocessor.security; - -import com.google.common.base.Strings; -import io.grpc.Metadata; -import io.grpc.ServerCall; -import io.grpc.ServerCallHandler; -import io.grpc.ServerInterceptor; -import io.grpc.Status; -import java.nio.charset.StandardCharsets; -import java.util.Base64; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.stereotype.Component; - -@Component -public class BasicAuthServerInterceptor implements ServerInterceptor { - - private static Logger log = LoggerFactory.getLogger(BasicAuthServerInterceptor.class); - - @Autowired - private AuthenticationManager authenticationManager; - - - @Override - public ServerCall.Listener interceptCall( - ServerCall call, - Metadata headers, - ServerCallHandler next) { - String authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER)); - - if (Strings.isNullOrEmpty(authHeader)) { - throw Status.UNAUTHENTICATED.withDescription("Missing required authentication").asRuntimeException(); - - } - - try { - String[] tokens = decodeBasicAuth(authHeader); - String username = tokens[0]; - - log.info("Basic Authentication Authorization header found for user: {}", username); - - Authentication authRequest = new UsernamePasswordAuthenticationToken(username, tokens[1]); - Authentication authResult = authenticationManager.authenticate(authRequest).block(); - - log.info("Authentication success: {}", authResult); - - SecurityContextHolder.getContext().setAuthentication(authResult); - - } catch (AuthenticationException e) { - SecurityContextHolder.clearContext(); - - log.info("Authentication request failed: {}", e.getMessage()); - - throw Status.UNAUTHENTICATED.withDescription(e.getMessage()).withCause(e).asRuntimeException(); - } - - return next.startCall(call, headers); - } - - private String[] decodeBasicAuth(String authHeader) { - String basicAuth; - try { - basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)), - StandardCharsets.UTF_8); - } catch (IllegalArgumentException | IndexOutOfBoundsException e) { - throw new BadCredentialsException("Failed to decode basic authentication token"); - } - - int delim = basicAuth.indexOf(':'); - if (delim == -1) { - throw new BadCredentialsException("Failed to decode basic authentication token"); - } - - return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)}; - } -} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityConfiguration.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityConfiguration.java deleted file mode 100644 index 7ddc42ccd..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityConfiguration.java +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright (C) 2019 Bell Canada. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.onap.ccsdk.apps.blueprintsprocessor.security; - -import java.util.Collections; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.dao.DaoAuthenticationProvider; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.User; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.provisioning.InMemoryUserDetailsManager; - -@Configuration -public class SecurityConfiguration { - - @Value("${security.user.name}") - private String username; - - @Value("${security.user.password}") - private String password; - - @Bean - public UserDetailsService inMemoryUserService() { - UserDetails user = new User(username, password, - Collections.singletonList(new SimpleGrantedAuthority("USER"))); - return new InMemoryUserDetailsManager(user); - } - - @Bean - public PasswordEncoder passwordEncoder() { - return new BCryptPasswordEncoder(); - } - - @Bean - public AuthenticationProvider inMemoryAuthenticationProvider() { - DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); - provider.setUserDetailsService(inMemoryUserService()); - return provider; - } -} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityContextRepository.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityContextRepository.java deleted file mode 100644 index f9e184a11..000000000 --- a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/apps/blueprintsprocessor/security/SecurityContextRepository.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (C) 2019 Bell Canada. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.onap.ccsdk.apps.blueprintsprocessor.security; - -import java.nio.charset.StandardCharsets; -import java.util.Base64; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpHeaders; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.security.authentication.BadCredentialsException; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.core.context.SecurityContextImpl; -import org.springframework.security.web.server.context.ServerSecurityContextRepository; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -@Component -public class SecurityContextRepository implements ServerSecurityContextRepository { - - @Autowired - private AuthenticationManager authenticationManager; - - @Override - public Mono save(ServerWebExchange swe, SecurityContext sc) { - throw new UnsupportedOperationException("Not supported."); - } - - @Override - public Mono load(ServerWebExchange swe) { - ServerHttpRequest request = swe.getRequest(); - String authHeader = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION); - if (authHeader != null && authHeader.startsWith("Basic")) { - String[] tokens = decodeBasicAuth(authHeader); - String username = tokens[0]; - String password = tokens[1]; - Authentication auth = new UsernamePasswordAuthenticationToken(username, password); - return this.authenticationManager.authenticate(auth).map(SecurityContextImpl::new); - } else { - return Mono.empty(); - } - } - - private String[] decodeBasicAuth(String authHeader) { - String basicAuth; - try { - basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)), - StandardCharsets.UTF_8); - } catch (IllegalArgumentException | IndexOutOfBoundsException e) { - throw new BadCredentialsException("Failed to decode basic authentication token"); - } - - int delim = basicAuth.indexOf(':'); - if (delim == -1) { - throw new BadCredentialsException("Failed to decode basic authentication token"); - } - - return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)}; - } -} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java new file mode 100644 index 000000000..16eb4182e --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintGRPCServer.java @@ -0,0 +1,67 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + +import io.grpc.Server; +import io.grpc.ServerBuilder; +import org.onap.ccsdk.cds.blueprintsprocessor.security.BasicAuthServerInterceptor; +import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintManagementGRPCHandler; +import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.stereotype.Component; + +@ConditionalOnProperty(name = "blueprintsprocessor.grpcEnable", havingValue = "true") +@Component +public class BlueprintGRPCServer implements ApplicationListener { + + private static Logger log = LoggerFactory.getLogger(BlueprintGRPCServer.class); + + @Autowired + private BluePrintProcessingGRPCHandler bluePrintProcessingGRPCHandler; + @Autowired + private BluePrintManagementGRPCHandler bluePrintManagementGRPCHandler; + @Autowired + private BasicAuthServerInterceptor authInterceptor; + + @Value("${blueprintsprocessor.grpcPort}") + private Integer grpcPort; + + @Override + public void onApplicationEvent(ContextRefreshedEvent event) { + try { + log.info("Starting Blueprint Processor GRPC Starting.."); + Server server = ServerBuilder + .forPort(grpcPort) + .intercept(authInterceptor) + .addService(bluePrintProcessingGRPCHandler) + .addService(bluePrintManagementGRPCHandler) + .build(); + + server.start(); + log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.getPort()); + server.awaitTermination(); + } catch (Exception e) { + e.printStackTrace(); + } + } +} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java new file mode 100644 index 000000000..ae75488c1 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintHttpServer.java @@ -0,0 +1,55 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + +import javax.annotation.PostConstruct; +import javax.annotation.PreDestroy; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory; +import org.springframework.boot.web.reactive.server.ReactiveWebServerFactory; +import org.springframework.boot.web.server.WebServer; +import org.springframework.http.server.reactive.HttpHandler; +import org.springframework.stereotype.Component; + +@Component +public class BlueprintHttpServer { + + private static Logger log = LoggerFactory.getLogger(BlueprintHttpServer.class); + + @Value("${blueprintsprocessor.httpPort}") + private Integer httpPort; + + @Autowired + HttpHandler httpHandler; + + WebServer http; + + @PostConstruct + public void start() { + ReactiveWebServerFactory factory = new NettyReactiveWebServerFactory(httpPort); + this.http = factory.getWebServer(this.httpHandler); + this.http.start(); + } + + @PreDestroy + public void stop() { + this.http.stop(); + } +} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java new file mode 100644 index 000000000..85268c7fa --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplication.java @@ -0,0 +1,39 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.EnableAutoConfiguration; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; +import org.springframework.context.annotation.ComponentScan; + +/** + * BlueprintProcessorApplication + * + * @author Brinda Santh 8/14/2018 + */ +@SpringBootApplication +@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class}) +@ComponentScan(basePackages = {"org.onap.ccsdk.cds.controllerblueprints", + "org.onap.ccsdk.cds.blueprintsprocessor"}) +public class BlueprintProcessorApplication { + + public static void main(String[] args) { + SpringApplication.run(BlueprintProcessorApplication.class, args); + } +} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java new file mode 100644 index 000000000..8ad3c08f2 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/SwaggerConfig.java @@ -0,0 +1,63 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + + +import org.springframework.context.annotation.Bean; +import springfox.documentation.builders.PathSelectors; +import springfox.documentation.builders.RequestHandlerSelectors; +import springfox.documentation.service.ApiInfo; +import springfox.documentation.service.Contact; +import springfox.documentation.spi.DocumentationType; +import springfox.documentation.spring.web.plugins.Docket; + +import java.util.Collections; + +/** + * SwaggerConfig + * + * @author Brinda Santh 8/13/2018 + */ +//@Configuration +//@EnableSwagger2 +@SuppressWarnings("unused") +@Deprecated +public class SwaggerConfig { + + @Bean + public Docket api() { + return new Docket(DocumentationType.SWAGGER_2) + .select() + .apis(RequestHandlerSelectors.any()) + .paths(PathSelectors.any()) + .build() + .apiInfo(apiInfo()); + } + + private ApiInfo apiInfo() { + return new ApiInfo( + "Blueprints Processor API", + "Controller blueprints processor API for VNF Selfservice.", + "1.0.0", + "Terms of service", + new Contact("Brinda Santh", "www.onap.com", "bs2796@onap.com"), + "Apache 2.0", "http://www.apache.org/licenses/LICENSE-2.0", Collections.emptyList()); + } + + +} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java new file mode 100644 index 000000000..b453b8581 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/WebConfig.java @@ -0,0 +1,78 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + +import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager; +import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; +import org.springframework.security.config.web.server.ServerHttpSecurity; +import org.springframework.security.web.server.SecurityWebFilterChain; +import org.springframework.web.reactive.config.CorsRegistry; +import org.springframework.web.reactive.config.ResourceHandlerRegistry; +import org.springframework.web.reactive.config.WebFluxConfigurationSupport; + +/** + * WebConfig + * + * @author Brinda Santh 8/13/2018 + */ +@Configuration +public class WebConfig extends WebFluxConfigurationSupport { + + @Autowired + private AuthenticationManager authenticationManager; + + @Autowired + private SecurityContextRepository securityContextRepository; + + @Override + public void addResourceHandlers(ResourceHandlerRegistry registry) { + registry.addResourceHandler("swagger-ui.html") + .addResourceLocations("classpath:/META-INF/resources/"); + + registry.addResourceHandler("/webjars/**") + .addResourceLocations("classpath:/META-INF/resources/webjars/"); + } + + @Override + public void addCorsMappings(CorsRegistry corsRegistry) { + corsRegistry.addMapping("/**") + .allowedOrigins("*") + .allowedMethods("*") + .allowedHeaders("*") + .maxAge(3600); + } + + + @Bean + public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) { + return http.csrf().disable() + .formLogin().disable() + .httpBasic().disable() + .authenticationManager(authenticationManager) + .securityContextRepository(securityContextRepository) + .authorizeExchange() + .pathMatchers(HttpMethod.OPTIONS).permitAll() + .anyExchange().authenticated() + .and().build(); + + } +} diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java new file mode 100644 index 000000000..1eb0de498 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/AuthenticationManager.java @@ -0,0 +1,40 @@ +/* + * Copyright (C) 2019 Bell Canada. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and +* limitations under the License. + */ +package org.onap.ccsdk.cds.blueprintsprocessor.security; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.ReactiveAuthenticationManager; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import reactor.core.publisher.Mono; + +@Configuration +public class AuthenticationManager implements ReactiveAuthenticationManager { + + @Autowired + private AuthenticationProvider authenticationProvider; + + @Override + public Mono authenticate(Authentication authentication) { + try { + return Mono.just(authenticationProvider.authenticate(authentication)); + } catch (AuthenticationException e) { + return Mono.error(e); + } + } +} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java new file mode 100644 index 000000000..380ed3618 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/BasicAuthServerInterceptor.java @@ -0,0 +1,97 @@ +/* + * Copyright (C) 2019 Bell Canada. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.onap.ccsdk.cds.blueprintsprocessor.security; + +import com.google.common.base.Strings; +import io.grpc.Metadata; +import io.grpc.ServerCall; +import io.grpc.ServerCallHandler; +import io.grpc.ServerInterceptor; +import io.grpc.Status; +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Component; + +@Component +public class BasicAuthServerInterceptor implements ServerInterceptor { + + private static Logger log = LoggerFactory.getLogger(BasicAuthServerInterceptor.class); + + @Autowired + private AuthenticationManager authenticationManager; + + + @Override + public ServerCall.Listener interceptCall( + ServerCall call, + Metadata headers, + ServerCallHandler next) { + String authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER)); + + if (Strings.isNullOrEmpty(authHeader)) { + throw Status.UNAUTHENTICATED.withDescription("Missing required authentication").asRuntimeException(); + + } + + try { + String[] tokens = decodeBasicAuth(authHeader); + String username = tokens[0]; + + log.info("Basic Authentication Authorization header found for user: {}", username); + + Authentication authRequest = new UsernamePasswordAuthenticationToken(username, tokens[1]); + Authentication authResult = authenticationManager.authenticate(authRequest).block(); + + log.info("Authentication success: {}", authResult); + + SecurityContextHolder.getContext().setAuthentication(authResult); + + } catch (AuthenticationException e) { + SecurityContextHolder.clearContext(); + + log.info("Authentication request failed: {}", e.getMessage()); + + throw Status.UNAUTHENTICATED.withDescription(e.getMessage()).withCause(e).asRuntimeException(); + } + + return next.startCall(call, headers); + } + + private String[] decodeBasicAuth(String authHeader) { + String basicAuth; + try { + basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)), + StandardCharsets.UTF_8); + } catch (IllegalArgumentException | IndexOutOfBoundsException e) { + throw new BadCredentialsException("Failed to decode basic authentication token"); + } + + int delim = basicAuth.indexOf(':'); + if (delim == -1) { + throw new BadCredentialsException("Failed to decode basic authentication token"); + } + + return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)}; + } +} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java new file mode 100644 index 000000000..bd6469bba --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityConfiguration.java @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2019 Bell Canada. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.onap.ccsdk.cds.blueprintsprocessor.security; + +import java.util.Collections; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.provisioning.InMemoryUserDetailsManager; + +@Configuration +public class SecurityConfiguration { + + @Value("${security.user.name}") + private String username; + + @Value("${security.user.password}") + private String password; + + @Bean + public UserDetailsService inMemoryUserService() { + UserDetails user = new User(username, password, + Collections.singletonList(new SimpleGrantedAuthority("USER"))); + return new InMemoryUserDetailsManager(user); + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } + + @Bean + public AuthenticationProvider inMemoryAuthenticationProvider() { + DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); + provider.setUserDetailsService(inMemoryUserService()); + return provider; + } +} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java new file mode 100644 index 000000000..75eebc5c3 --- /dev/null +++ b/ms/blueprintsprocessor/application/src/main/java/org/onap/ccsdk/cds/blueprintsprocessor/security/SecurityContextRepository.java @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2019 Bell Canada. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.onap.ccsdk.cds.blueprintsprocessor.security; + +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpHeaders; +import org.springframework.http.server.reactive.ServerHttpRequest; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextImpl; +import org.springframework.security.web.server.context.ServerSecurityContextRepository; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Mono; + +@Component +public class SecurityContextRepository implements ServerSecurityContextRepository { + + @Autowired + private AuthenticationManager authenticationManager; + + @Override + public Mono save(ServerWebExchange swe, SecurityContext sc) { + throw new UnsupportedOperationException("Not supported."); + } + + @Override + public Mono load(ServerWebExchange swe) { + ServerHttpRequest request = swe.getRequest(); + String authHeader = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION); + if (authHeader != null && authHeader.startsWith("Basic")) { + String[] tokens = decodeBasicAuth(authHeader); + String username = tokens[0]; + String password = tokens[1]; + Authentication auth = new UsernamePasswordAuthenticationToken(username, password); + return this.authenticationManager.authenticate(auth).map(SecurityContextImpl::new); + } else { + return Mono.empty(); + } + } + + private String[] decodeBasicAuth(String authHeader) { + String basicAuth; + try { + basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)), + StandardCharsets.UTF_8); + } catch (IllegalArgumentException | IndexOutOfBoundsException e) { + throw new BadCredentialsException("Failed to decode basic authentication token"); + } + + int delim = basicAuth.indexOf(':'); + if (delim == -1) { + throw new BadCredentialsException("Failed to decode basic authentication token"); + } + + return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)}; + } +} \ No newline at end of file diff --git a/ms/blueprintsprocessor/application/src/main/resources/logback.xml b/ms/blueprintsprocessor/application/src/main/resources/logback.xml index a97bb8c3d..48fc057fe 100644 --- a/ms/blueprintsprocessor/application/src/main/resources/logback.xml +++ b/ms/blueprintsprocessor/application/src/main/resources/logback.xml @@ -27,7 +27,7 @@ - + diff --git a/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplicationTest.java b/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplicationTest.java deleted file mode 100644 index 5777a28fc..000000000 --- a/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/apps/blueprintsprocessor/BlueprintProcessorApplicationTest.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright © 2017-2018 AT&T Intellectual Property. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.onap.ccsdk.apps.blueprintsprocessor; - - -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.onap.ccsdk.apps.controllerblueprints.core.config.BluePrintLoadConfiguration; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.context.ApplicationContext; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringRunner; - -/** - * BlueprintProcessorApplicationTest - * - * @author Brinda Santh - * DATE : 8/14/2018 - */ - -@RunWith(SpringRunner.class) -@ContextConfiguration(classes = {BlueprintProcessorApplication.class, BluePrintLoadConfiguration.class}) -@SpringBootTest(classes = BlueprintProcessorApplication.class, - webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) -public class BlueprintProcessorApplicationTest { - - @Autowired - private ApplicationContext context; - - @Before - public void setUp() { - - } - - @Test - public void testSample() { - Assert.assertNotNull("Failed to create Application Context ", context); - } - -} diff --git a/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplicationTest.java b/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplicationTest.java new file mode 100644 index 000000000..90783d40f --- /dev/null +++ b/ms/blueprintsprocessor/application/src/test/java/org/onap/ccsdk/cds/blueprintsprocessor/BlueprintProcessorApplicationTest.java @@ -0,0 +1,57 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.ccsdk.cds.blueprintsprocessor; + + +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.onap.ccsdk.cds.controllerblueprints.core.config.BluePrintLoadConfiguration; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.context.ApplicationContext; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringRunner; + +/** + * BlueprintProcessorApplicationTest + * + * @author Brinda Santh + * DATE : 8/14/2018 + */ + +@RunWith(SpringRunner.class) +@ContextConfiguration(classes = {BlueprintProcessorApplication.class, BluePrintLoadConfiguration.class}) +@SpringBootTest(classes = BlueprintProcessorApplication.class, + webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) +public class BlueprintProcessorApplicationTest { + + @Autowired + private ApplicationContext context; + + @Before + public void setUp() { + + } + + @Test + public void testSample() { + Assert.assertNotNull("Failed to create Application Context ", context); + } + +} diff --git a/ms/blueprintsprocessor/application/src/test/resources/logback-test.xml b/ms/blueprintsprocessor/application/src/test/resources/logback-test.xml index a816a06c5..0c8d93bf0 100644 --- a/ms/blueprintsprocessor/application/src/test/resources/logback-test.xml +++ b/ms/blueprintsprocessor/application/src/test/resources/logback-test.xml @@ -26,7 +26,7 @@ - + -- cgit 1.2.3-korg