From e7f0355378e636261ad960626d2eb92f317b3f16 Mon Sep 17 00:00:00 2001 From: PatrikBuhr Date: Mon, 9 Aug 2021 10:20:55 +0200 Subject: Update springboot version of the Policy Management Service (version 2.5) This required some changes due to not backwards compatible changes. - The API to springboot WebClient is changed, which is wrapped in class AsyncRestClient. - The validation of trusted certs is made more strict. The Owner field of the peer cert must contain the name ofthe using host. The uniitest tests this, so the cert in config is updated (Owner is "localhost"). Change-Id: Ia954b0ee5942884cd4b9fd82769bc8089dc35c53 Issue-ID: CCSDK-3421 Signed-off-by: PatrikBuhr --- a1-policy-management/pom.xml | 5 ++- .../clients/AsyncRestClient.java | 36 ++++++++------------- .../clients/AsyncRestClientFactory.java | 3 +- .../clients/OscA1Client.java | 2 +- .../clients/StdA1ClientVersion1.java | 2 +- .../clients/StdA1ClientVersion2.java | 2 +- .../controllers/v2/Consts.java | 2 +- .../controllers/v1/ApplicationTest.java | 3 +- .../controllers/v2/ApplicationTest.java | 18 +++++++---- .../v2/ConfigurationControllerTest.java | 4 +-- .../tasks/RicSynchronizationTaskTest.java | 8 ++++- .../src/test/resources/keystore.jks | Bin 0 -> 5019 bytes .../src/test/resources/truststore.jks | Bin 0 -> 3699 bytes 13 files changed, 42 insertions(+), 43 deletions(-) create mode 100644 a1-policy-management/src/test/resources/keystore.jks create mode 100644 a1-policy-management/src/test/resources/truststore.jks diff --git a/a1-policy-management/pom.xml b/a1-policy-management/pom.xml index 1907c42b..bbc24af1 100644 --- a/a1-policy-management/pom.xml +++ b/a1-policy-management/pom.xml @@ -19,14 +19,13 @@ ~ ============LICENSE_END======================================================= ~ --> - 4.0.0 org.onap.ccsdk.parent - spring-boot-starter-parent + spring-boot-25-starter-parent 2.2.0-SNAPSHOT - + org.onap.ccsdk.oran a1-policy-management-service diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClient.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClient.java index 2b8c4fa6..ad2e221f 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClient.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClient.java @@ -42,9 +42,7 @@ import org.springframework.web.reactive.function.client.WebClientResponseExcepti import reactor.core.publisher.Mono; import reactor.netty.http.client.HttpClient; -import reactor.netty.resources.ConnectionProvider; -import reactor.netty.tcp.ProxyProvider.Proxy; -import reactor.netty.tcp.TcpClient; +import reactor.netty.transport.ProxyProvider; /** * Generic reactive REST client. @@ -200,32 +198,32 @@ public class AsyncRestClient { && !httpProxyConfig.httpProxyHost().isEmpty(); } - private TcpClient createTcpClient() { - TcpClient client = TcpClient.create(ConnectionProvider.newConnection()) // + private HttpClient buildHttpClient() { + HttpClient httpClient = HttpClient.create() // .option(ChannelOption.CONNECT_TIMEOUT_MILLIS, 10_000) // .doOnConnected(connection -> { connection.addHandlerLast(new ReadTimeoutHandler(30)); connection.addHandlerLast(new WriteTimeoutHandler(30)); }); + if (this.sslContext != null) { - client = client.secure(c -> c.sslContext(sslContext)); + httpClient = httpClient.secure(ssl -> ssl.sslContext(sslContext)); } + if (isHttpProxyConfigured()) { - client = client.proxy(proxy -> proxy.type(Proxy.HTTP).host(httpProxyConfig.httpProxyHost()) - .port(httpProxyConfig.httpProxyPort())); + httpClient = httpClient.proxy(proxy -> proxy.type(ProxyProvider.Proxy.HTTP) + .host(httpProxyConfig.httpProxyHost()).port(httpProxyConfig.httpProxyPort())); } - return client; + return httpClient; } - private WebClient createWebClient(String baseUrl, TcpClient tcpClient) { - HttpClient httpClient = HttpClient.from(tcpClient); - - ReactorClientHttpConnector connector = new ReactorClientHttpConnector(httpClient); + private WebClient buildWebClient(String baseUrl) { + final HttpClient httpClient = buildHttpClient(); ExchangeStrategies exchangeStrategies = ExchangeStrategies.builder() // .codecs(configurer -> configurer.defaultCodecs().maxInMemorySize(-1)) // .build(); return WebClient.builder() // - .clientConnector(connector) // + .clientConnector(new ReactorClientHttpConnector(httpClient)) // .baseUrl(baseUrl) // .exchangeStrategies(exchangeStrategies) // .build(); @@ -233,15 +231,9 @@ public class AsyncRestClient { private Mono getWebClient() { if (this.webClient == null) { - try { - TcpClient tcpClient = createTcpClient(); - this.webClient = createWebClient(this.baseUrl, tcpClient); - } catch (Exception e) { - logger.error("Could not create WebClient {}", e.getMessage()); - return Mono.error(e); - } + this.webClient = buildWebClient(baseUrl); } - return Mono.just(this.webClient); + return Mono.just(buildWebClient(baseUrl)); } } diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClientFactory.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClientFactory.java index db3834a9..cde6647a 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClientFactory.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/AsyncRestClientFactory.java @@ -72,7 +72,7 @@ public class AsyncRestClientFactory { return createRestClient(baseUrl, false); } - public AsyncRestClient createRestClient(String baseUrl) { + public AsyncRestClient createRestClientUseHttpProxy(String baseUrl) { return createRestClient(baseUrl, true); } @@ -190,5 +190,4 @@ public class AsyncRestClientFactory { } } - } diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/OscA1Client.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/OscA1Client.java index 7ded8ac9..78a418ab 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/OscA1Client.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/OscA1Client.java @@ -120,7 +120,7 @@ public class OscA1Client implements A1Client { private final UriBuilder uri; public OscA1Client(RicConfig ricConfig, AsyncRestClientFactory restClientFactory) { - this(ricConfig, restClientFactory.createRestClient("")); + this(ricConfig, restClientFactory.createRestClientUseHttpProxy("")); } public OscA1Client(RicConfig ricConfig, AsyncRestClient restClient) { diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion1.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion1.java index 130f5500..b158ad25 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion1.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion1.java @@ -97,7 +97,7 @@ public class StdA1ClientVersion1 implements A1Client { private final UriBuilder uri; public StdA1ClientVersion1(RicConfig ricConfig, AsyncRestClientFactory restClientFactory) { - this(restClientFactory.createRestClient(""), ricConfig); + this(restClientFactory.createRestClientUseHttpProxy(""), ricConfig); } public StdA1ClientVersion1(AsyncRestClient restClient, RicConfig ricConfig) { diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion2.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion2.java index d79b2e72..d0f4da28 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion2.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/clients/StdA1ClientVersion2.java @@ -124,7 +124,7 @@ public class StdA1ClientVersion2 implements A1Client { private final OranV2UriBuilder uriBuiler; public StdA1ClientVersion2(RicConfig ricConfig, AsyncRestClientFactory restClientFactory) { - this(ricConfig, restClientFactory.createRestClient("")); + this(ricConfig, restClientFactory.createRestClientUseHttpProxy("")); } public StdA1ClientVersion2(RicConfig ricConfig, AsyncRestClient restClient) { diff --git a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/Consts.java b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/Consts.java index c3eff84a..3e6bda72 100644 --- a/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/Consts.java +++ b/a1-policy-management/src/main/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/Consts.java @@ -28,7 +28,7 @@ public class Consts { public static final String TRANSIENT_PARAM = "transient"; public static final String MANAGED_ELEMENT_ID_PARAM = "managed_element_id"; - public static final String V2_API_ROOT = "a1-policy/v2"; + public static final String V2_API_ROOT = "/a1-policy/v2"; public static final String V2_API_SERVICE_CALLBACKS_NAME = "Callbacks"; public static final String V2_API_SERVICE_CALLBACKS_DESCRIPTION = ""; diff --git a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v1/ApplicationTest.java b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v1/ApplicationTest.java index bc22c14d..240dd1df 100644 --- a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v1/ApplicationTest.java +++ b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v1/ApplicationTest.java @@ -193,8 +193,7 @@ class ApplicationTest { this.addPolicyType("", "ric2"); url = "/rics?policyType="; - // This tests also validation of trusted certs restClient(true) - rsp = restClient(true).get(url).block(); + rsp = restClient().get(url).block(); assertThat(rsp).contains("ric2") // .doesNotContain("ric1") // .contains("AVAILABLE"); diff --git a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java index ab9b7266..e31d0b91 100644 --- a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java +++ b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ApplicationTest.java @@ -97,8 +97,8 @@ import reactor.util.annotation.Nullable; @ExtendWith(SpringExtension.class) @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) @TestPropertySource(properties = { // - "server.ssl.key-store=./config/keystore.jks", // - "app.webclient.trust-store=./config/truststore.jks", // + "server.ssl.key-store=./src/test/resources/keystore.jks", // + "app.webclient.trust-store=./src/test/resources/truststore.jks", // "app.vardata-directory=./target/testdata", // "app.filepath=" // }) @@ -308,6 +308,13 @@ class ApplicationTest { assertThat(receivedCallbacks.getReceivedInfo().size()).isEqualTo(1); } + @Test + void testTrustValidation() { + addRic("ric1"); + String rsp = restClient(true).get("/rics").block(); // restClient(true) enables trust validation + assertThat(rsp).contains("ric1"); + } + @Test void testGetRics() throws Exception { addRic("ric1"); @@ -320,9 +327,7 @@ class ApplicationTest { addRic("ric2"); this.addPolicyType("", "ric2"); url = "/rics?policytype_id="; - - // This tests also validation of trusted certs restClient(true) - rsp = restClient(true).get(url).block(); + rsp = restClient().get(url).block(); assertThat(rsp).contains("ric2") // .doesNotContain("ric1") // .contains("AVAILABLE"); @@ -891,8 +896,7 @@ class ApplicationTest { } private AsyncRestClient restClient(boolean useTrustValidation) { - String baseUrl = "https://localhost:" + port + Consts.V2_API_ROOT; - return restClient(baseUrl, useTrustValidation); + return restClient(baseUrl() + Consts.V2_API_ROOT, useTrustValidation); } private AsyncRestClient restClient() { diff --git a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ConfigurationControllerTest.java b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ConfigurationControllerTest.java index 030b831f..adb29a70 100644 --- a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ConfigurationControllerTest.java +++ b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/controllers/v2/ConfigurationControllerTest.java @@ -162,14 +162,14 @@ class ConfigurationControllerTest { .keyStorePassword(config.keyStorePassword()) // .keyStore(config.keyStore()) // .keyPassword(config.keyPassword()) // - .isTrustStoreUsed(true) // + .isTrustStoreUsed(false) // .trustStore(config.trustStore()) // .trustStorePassword(config.trustStorePassword()) // .httpProxyConfig(config.httpProxyConfig()) // .build(); AsyncRestClientFactory f = new AsyncRestClientFactory(config); - return f.createRestClient("https://localhost:" + port); + return f.createRestClientNoHttpProxy("https://localhost:" + port); } } diff --git a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/tasks/RicSynchronizationTaskTest.java b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/tasks/RicSynchronizationTaskTest.java index 9bd5c502..fae05475 100644 --- a/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/tasks/RicSynchronizationTaskTest.java +++ b/a1-policy-management/src/test/java/org/onap/ccsdk/oran/a1policymanagementservice/tasks/RicSynchronizationTaskTest.java @@ -21,6 +21,7 @@ package org.onap.ccsdk.oran.a1policymanagementservice.tasks; import static org.assertj.core.api.Assertions.assertThat; +import static org.awaitility.Awaitility.await; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.spy; @@ -67,6 +68,7 @@ class RicSynchronizationTaskTest { .build(); private static final String RIC_1_NAME = "ric1"; + private static final Ric RIC_1 = new Ric(ImmutableRicConfig.builder() // .ricId(RIC_1_NAME) // .baseUrl("baseUrl1") // @@ -160,6 +162,7 @@ class RicSynchronizationTaskTest { RicSynchronizationTask synchronizerUnderTest = spy(createTask()); synchronizerUnderTest.run(RIC_1); + await().untilAsserted(() -> RicState.AVAILABLE.equals(RIC_1.getState())); verify(a1ClientMock, times(1)).getPolicyTypeIdentities(); verifyNoMoreInteractions(a1ClientMock); @@ -184,6 +187,7 @@ class RicSynchronizationTaskTest { RicSynchronizationTask synchronizerUnderTest = createTask(); synchronizerUnderTest.run(RIC_1); + await().untilAsserted(() -> RicState.AVAILABLE.equals(RIC_1.getState())); verify(a1ClientMock).getPolicyTypeIdentities(); verifyNoMoreInteractions(a1ClientMock); @@ -213,7 +217,7 @@ class RicSynchronizationTaskTest { RicSynchronizationTask synchronizerUnderTest = createTask(); synchronizerUnderTest.run(RIC_1); - + await().untilAsserted(() -> RicState.AVAILABLE.equals(RIC_1.getState())); verify(a1ClientMock).deleteAllPolicies(); verify(a1ClientMock).putPolicy(POLICY_1); verifyNoMoreInteractions(a1ClientMock); @@ -240,6 +244,7 @@ class RicSynchronizationTaskTest { RicSynchronizationTask synchronizerUnderTest = createTask(); synchronizerUnderTest.run(RIC_1); + await().untilAsserted(() -> RicState.AVAILABLE.equals(RIC_1.getState())); verify(a1ClientMock, times(2)).deleteAllPolicies(); verifyNoMoreInteractions(a1ClientMock); @@ -264,6 +269,7 @@ class RicSynchronizationTaskTest { RicSynchronizationTask synchronizerUnderTest = createTask(); synchronizerUnderTest.run(RIC_1); + await().untilAsserted(() -> RicState.AVAILABLE.equals(RIC_1.getState())); verify(a1ClientMock, times(2)).deleteAllPolicies(); verifyNoMoreInteractions(a1ClientMock); diff --git a/a1-policy-management/src/test/resources/keystore.jks b/a1-policy-management/src/test/resources/keystore.jks new file mode 100644 index 00000000..675785b4 Binary files /dev/null and b/a1-policy-management/src/test/resources/keystore.jks differ diff --git a/a1-policy-management/src/test/resources/truststore.jks b/a1-policy-management/src/test/resources/truststore.jks new file mode 100644 index 00000000..e883cd67 Binary files /dev/null and b/a1-policy-management/src/test/resources/truststore.jks differ -- cgit 1.2.3-korg