From bf37291186ccaa27305910f18332fa17aa9d2c12 Mon Sep 17 00:00:00 2001 From: Rich Tabedzki Date: Tue, 8 May 2018 11:28:59 -0400 Subject: Provide support for properties encryption Changes made: * Implemented code to decrypt password field in property file * added support to handle new field of relationship-label in Relationship Change-Id: Icc289f617d8b5ad1f338e2adc70d61620b5a7b61 Issue-ID: CCSDK-182 Signed-off-by: Rich Tabedzki --- .../ccsdk/sli/adaptors/aai/AAIDeclarations.java | 24 ++++++++- .../ccsdk/sli/adaptors/aai/AAIServiceProvider.java | 61 +++++++++++++++++++++- 2 files changed, 83 insertions(+), 2 deletions(-) (limited to 'aai-service/provider/src') diff --git a/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIDeclarations.java b/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIDeclarations.java index 1a31f8b21..d7b25b48d 100755 --- a/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIDeclarations.java +++ b/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIDeclarations.java @@ -1089,12 +1089,24 @@ public abstract class AAIDeclarations implements AAIClient { if(arglist[0] != null) { if(!type.getName().equals("java.lang.String")) { // getLogger().debug(String.format("Processing %s with parameter %s", types[0].getName(), value)); - if("boolean".equals(type.getName())) { + if("java.lang.Long".equals(type.getName()) || "java.lang.Integer".equals(type.getName())) { + String fv = params.get(id); + if(fv == null || fv.isEmpty()) { + arglist[0] = null; + } else { + arglist[0] = valueOf(type, params.get(id)); + } + } else if("boolean".equals(type.getName())) { arglist[0] = valueOf(Boolean.class, params.get(id)); } else if("int".equals(type.getName())) { arglist[0] = valueOf(Integer.class, params.get(id)); } else if("long".equals(type.getName())) { + String fv = params.get(id); + if(fv == null || fv.isEmpty()) { + arglist[0] = null; + } else { arglist[0] = valueOf(Long.class, params.get(id)); + } } else { arglist[0] = valueOf(type, params.get(id)); } @@ -1249,6 +1261,10 @@ public abstract class AAIDeclarations implements AAIClient { Relationship relationship = new Relationship(); relationships.add(relationship); relationship.setRelatedTo(relatedTo); + String relationshipLabel = "relationship-list.relationship[" + i + "].relationship-label"; + if(params.containsKey(searchKey)) { + relationship.setRelationshipLabel(params.get(relationshipLabel)); + } getLogger().debug("About to process related link of {}", relatedLink); if(relatedLink != null) { if(relatedLink.contains("v$")) @@ -1539,6 +1555,12 @@ public abstract class AAIDeclarations implements AAIClient { Relationship relationship = new Relationship(); relationships.add(relationship); relationship.setRelatedTo(relatedTo); + + String relationshipLabel = "relationship-list.relationship[" + i + "].relationship-label"; + if(params.containsKey(searchKey)) { + relationship.setRelationshipLabel(params.get(relationshipLabel)); + } + if (relatedLink != null) { if(relatedLink.contains("v$")) relatedLink = relatedLink.replace("v$", "v13"); diff --git a/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIServiceProvider.java b/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIServiceProvider.java index baa86c445..36c34e291 100755 --- a/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIServiceProvider.java +++ b/aai-service/provider/src/main/java/org/onap/ccsdk/sli/adaptors/aai/AAIServiceProvider.java @@ -24,6 +24,7 @@ package org.onap.ccsdk.sli.adaptors.aai; import java.io.File; import java.io.FileInputStream; import java.io.IOException; +import java.lang.reflect.Method; import java.util.Optional; import java.util.Properties; import java.util.Vector; @@ -34,6 +35,9 @@ import org.onap.ccsdk.sli.core.utils.PropertiesFileResolver; import org.onap.ccsdk.sli.core.utils.common.BundleContextFileResolver; import org.onap.ccsdk.sli.core.utils.common.CoreDefaultFileResolver; import org.onap.ccsdk.sli.core.utils.common.SdncConfigEnvVarFileResolver; +import org.osgi.framework.BundleContext; +import org.osgi.framework.FrameworkUtil; +import org.osgi.framework.ServiceReference; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -47,6 +51,13 @@ import org.slf4j.LoggerFactory; *
  • A directory identified by the JRE argument dblib.properties
  • *
  • A dblib.properties file located in the karaf root directory
  • * + * + * Encryption Support + *
      + *
    1. Uses ecryption provided by AAAEncryptionService
    2. + *
    3. AAA Configuration file is aaa-cert-config.xml
    4. + *
    + * */ public class AAIServiceProvider implements UtilsProvider { @@ -57,10 +68,15 @@ public class AAIServiceProvider implements UtilsProvider { */ private static final String AAISEERVICE_PROP_FILE_NAME = "aaiclient.properties"; + /** + * The name of the pwd key + */ + private static final String AAICLIENT_PROPERTY_NAME = "org.onap.ccsdk.sli.adaptors.aai.client.psswd"; + /** * A prioritized list of strategies for resolving dblib properties files. */ - private Vector dblibPropertiesFileResolvers = new Vector(); + private Vector dblibPropertiesFileResolvers = new Vector<>(); /** * The configuration properties for the db connection. @@ -93,6 +109,19 @@ public class AAIServiceProvider implements UtilsProvider { try(FileInputStream fileInputStream = new FileInputStream(propertiesFile)) { properties = new Properties(); properties.load(fileInputStream); + + if(properties.containsKey(AAICLIENT_PROPERTY_NAME)) { + String sensitive = properties.getProperty(AAICLIENT_PROPERTY_NAME); + if(sensitive != null && sensitive.startsWith("ENC:")) { + try { + sensitive = sensitive.substring(4); + String postsense = decrypt(sensitive); + properties.setProperty(AAICLIENT_PROPERTY_NAME, postsense); + } catch(Exception exc) { + LOG.error("Failed to translate property", exc); + } + } + } } catch (final IOException e) { LOG.error("Failed to load properties for file: {}", propertiesFile.toString(), new AAIServiceException("Failed to load properties for file: " @@ -101,6 +130,36 @@ public class AAIServiceProvider implements UtilsProvider { } } + /** + * + * @param value + * @return decrypted string if successful or the original value if unsuccessful + */ + private String decrypt(String value) { + try { + BundleContext bctx = FrameworkUtil.getBundle(this.getClass()).getBundleContext(); + + ServiceReference sref = bctx.getServiceReference("org.opendaylight.aaa.encrypt.AAAEncryptionService"); + if(sref == null) { + LOG.warn("Could not acquire service reference for 'org.opendaylight.aaa.encrypt.AAAEncryptionService'"); + return value; + } + Object encrSvc = bctx.getService(sref); + if(encrSvc == null) { + LOG.warn("Could not access service for 'org.opendaylight.aaa.encrypt.AAAEncryptionService'"); + return value; + } + + Method gs2Method = encrSvc.getClass().getMethod("decrypt", new Class[] { "".getClass() }); + Object unmasked = gs2Method.invoke(encrSvc, new Object[] { value }); + return unmasked.toString(); + + } catch (Exception exc) { + LOG.error("Failure", exc); + return value; + } + } + /** * Extract db config properties. * -- cgit 1.2.3-korg