aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org/onap
diff options
context:
space:
mode:
authorDeterme, Sebastien (sd378r) <sd378r@intl.att.com>2017-10-30 18:50:37 +0100
committerDeterme, Sebastien (sd378r) <sd378r@intl.att.com>2017-10-30 19:00:08 +0100
commit434170f50621917a7fb2cbe7c7b01c4b29a8211e (patch)
treedc52603bac0159f3a3f1c3b60222df7d500ad6bd /src/main/java/org/onap
parent2e5ec6aaac811c9a0efd8f80eef39fd91a1ac9ea (diff)
Add encryption for passwords
Add encrypted password on all values specified in the properties files, unit tests have been reworked. Change-Id: I619ff67fe1025f69af733b776f055914f949f26a Issue-ID: CLAMP-64 Signed-off-by: Determe, Sebastien (sd378r) <sd378r@intl.att.com>
Diffstat (limited to 'src/main/java/org/onap')
-rw-r--r--src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java30
-rw-r--r--src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java191
-rw-r--r--src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java48
-rw-r--r--src/main/java/org/onap/clamp/clds/client/req/SdcReq.java91
-rw-r--r--src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java13
-rw-r--r--src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java14
-rw-r--r--src/main/java/org/onap/clamp/clds/service/CldsService.java231
-rw-r--r--src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java47
-rw-r--r--src/main/java/org/onap/clamp/clds/util/CryptoUtils.java116
-rw-r--r--src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java22
10 files changed, 460 insertions, 343 deletions
diff --git a/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java b/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java
index 8f80e07c..71e57ded 100644
--- a/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java
+++ b/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java
@@ -32,6 +32,7 @@ import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.List;
@@ -52,34 +53,37 @@ import org.onap.clamp.clds.util.LoggingUtils;
import org.springframework.beans.factory.annotation.Autowired;
/**
+ *
* This class implements the communication with DCAE for the service inventory.
*
+ *
+ *
*/
public class DcaeInventoryServices {
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(DcaeInventoryServices.class);
protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger();
protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
@Autowired
private RefProp refProp;
-
@Autowired
private CldsDao cldsDao;
-
@Autowired
private SdcCatalogServices sdcCatalogServices;
/**
+ *
* Set the event inventory.
*
* @param cldsModel
* The CldsModel
* @param userId
* The user ID
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the DCAE password
* @throws ParseException
- * In case of issues during the parsing of DCAE answer
+ * In case of DCAE Json parse exception
*/
- public void setEventInventory(CldsModel cldsModel, String userId) throws ParseException {
+ public void setEventInventory(CldsModel cldsModel, String userId) throws GeneralSecurityException, ParseException {
String artifactName = cldsModel.getControlName();
DcaeEvent dcaeEvent = new DcaeEvent();
String isDcaeInfoAvailable = null;
@@ -90,8 +94,11 @@ public class DcaeInventoryServices {
}
try {
/*
+ *
* Below are the properties required for calling the dcae inventory
+ *
* url call
+ *
*/
ModelProperties prop = new ModelProperties(cldsModel.getName(), cldsModel.getControlName(), null, false,
"{}", cldsModel.getPropText());
@@ -105,11 +112,9 @@ public class DcaeInventoryServices {
}
/* Invemtory service url is called in this method */
isDcaeInfoAvailable = getDcaeInformation(artifactName, serviceUuid, resourceUuid);
-
/* set dcae events */
dcaeEvent.setArtifactName(artifactName);
dcaeEvent.setEvent(DcaeEvent.EVENT_DISTRIBUTION);
-
} catch (JsonProcessingException e) {
logger.error("Error during JSON decoding", e);
} catch (IOException ex) {
@@ -159,6 +164,7 @@ public class DcaeInventoryServices {
* In case of issues with the stream
* @throws ParseException
* In case of issues with the Json parsing
+ *
*/
public String getDcaeInformation(String artifactName, String serviceUuid, String resourceUuid)
throws IOException, ParseException {
@@ -167,28 +173,22 @@ public class DcaeInventoryServices {
String queryString = "?sdcResourceId=" + resourceUuid + "&sdcServiceId=" + serviceUuid + "&typeName="
+ artifactName;
String fullUrl = refProp.getStringValue("DCAE_INVENTORY_URL") + "/dcae-service-types" + queryString;
-
logger.info("Dcae Inventory Service full url - " + fullUrl);
String daceInventoryResponse = null;
URL inventoryUrl = new URL(fullUrl);
-
HttpURLConnection conn = (HttpURLConnection) inventoryUrl.openConnection();
conn.setRequestMethod("GET");
String reqid = LoggingUtils.getRequestId();
logger.info("reqid set to " + reqid);
conn.setRequestProperty("X-ECOMP-RequestID", reqid);
-
boolean requestFailed = true;
int responseCode = conn.getResponseCode();
if (responseCode == 200) {
requestFailed = false;
}
-
StringBuilder response = new StringBuilder();
-
try (BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()))) {
String inputLine = null;
-
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
@@ -203,11 +203,8 @@ public class DcaeInventoryServices {
String jsonResponseString = response.toString();
JSONParser parser = new JSONParser();
Object obj0 = parser.parse(jsonResponseString);
-
JSONObject jsonObj = (JSONObject) obj0;
-
Long totalCount = (Long) jsonObj.get("totalCount");
-
int numServices = totalCount.intValue();
if (numServices == 0) {
daceInventoryResponse = null;
@@ -221,5 +218,4 @@ public class DcaeInventoryServices {
metricsLogger.info("getDcaeInformation complete: number services returned=" + numServices);
return daceInventoryResponse;
}
-
}
diff --git a/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java b/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java
index 56f29618..36265e83 100644
--- a/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java
+++ b/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java
@@ -40,6 +40,7 @@ import java.io.Reader;
import java.io.StringReader;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
@@ -71,14 +72,16 @@ import org.onap.clamp.clds.util.LoggingUtils;
import org.springframework.beans.factory.annotation.Autowired;
public class SdcCatalogServices {
- protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcCatalogServices.class);
- protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
- private static final String RESOURCE_VF_TYPE = "VF";
- private static final String RESOURCE_VFC_TYPE = "VFC";
-
+ protected static final EELFLogger logger = EELFManager.getInstance()
+ .getLogger(SdcCatalogServices.class);
+ protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
+ private static final String RESOURCE_VF_TYPE = "VF";
+ private static final String RESOURCE_VFC_TYPE = "VFC";
+ private static final String RESOURCE_CVFC_TYPE = "CVFC";
@Autowired
private RefProp refProp;
+ @Autowired
+ private SdcReq sdcReq;
/**
* This method get the SDC services Information with the corresponding
@@ -87,31 +90,29 @@ public class SdcCatalogServices {
* @param uuid
* The service UUID
* @return A Json String with all the service list
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*/
- public String getSdcServicesInformation(String uuid) {
+ public String getSdcServicesInformation(String uuid) throws GeneralSecurityException {
Date startTime = new Date();
String baseUrl = refProp.getStringValue("sdc.serviceUrl");
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
LoggingUtils.setTargetContext("SDC", "getSdcServicesInformation");
-
try {
String url = baseUrl;
if (uuid != null) {
url = baseUrl + "/" + uuid + "/metadata";
}
URL urlObj = new URL(url);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
-
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("GET");
-
String resp = getResponse(conn);
if (resp != null) {
- logger.info(resp);
+ logger.info(resp);
// metrics log
LoggingUtils.setResponseContext("0", "Get sdc services success", this.getClass().getName());
return resp;
@@ -124,13 +125,12 @@ public class SdcCatalogServices {
LoggingUtils.setTimeContext(startTime, new Date());
metricsLogger.info("getSdcServicesInformation complete");
}
-
return "";
}
/**
* To remove duplicate serviceUUIDs from sdc services List.
- *
+ *
* @param rawCldsSdcServiceList
* A list of CldsSdcServiceInfo
* @return A list of CldsSdcServiceInfo without duplicate service UUID
@@ -159,7 +159,7 @@ public class SdcCatalogServices {
/**
* To remove duplicate serviceUUIDs from sdc resources List.
- *
+ *
* @param rawCldsSdcResourceList
* @return
*/
@@ -187,7 +187,7 @@ public class SdcCatalogServices {
/**
* To remove duplicate basic resources with same resourceUUIDs.
- *
+ *
* @param rawCldsSdcResourceListBasicList
* @return
*/
@@ -217,12 +217,14 @@ public class SdcCatalogServices {
/**
* To get ServiceUUID by using serviceInvariantUUID.
- *
+ *
* @param invariantId
* The invariant ID
* @return The service UUID
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*/
- public String getServiceUuidFromServiceInvariantId(String invariantId) {
+ public String getServiceUuidFromServiceInvariantId(String invariantId) throws GeneralSecurityException {
String serviceUuid = "";
String responseStr = getSdcServicesInformation(null);
List<CldsSdcServiceInfo> rawCldsSdcServicesList = getCldsSdcServicesListFromJson(responseStr);
@@ -241,7 +243,7 @@ public class SdcCatalogServices {
/**
* To get CldsAsdsServiceInfo class by parsing json string.
- *
+ *
* @param jsonStr
* The Json string that must be decoded
* @return The list of CldsSdcServiceInfo, if there is a failure it return
@@ -274,7 +276,6 @@ public class SdcCatalogServices {
if (StringUtils.isBlank(jsonStr)) {
return new ArrayList<>();
}
-
try {
return objectMapper.readValue(jsonStr,
objectMapper.getTypeFactory().constructCollectionType(List.class, CldsSdcResourceBasicInfo.class));
@@ -286,7 +287,7 @@ public class SdcCatalogServices {
/**
* To get CldsAsdsResource class by parsing json string.
- *
+ *
* @param jsonStr
* @return
* @throws IOException
@@ -298,7 +299,7 @@ public class SdcCatalogServices {
/**
* To get CldsSdcServiceDetail by parsing json string.
- *
+ *
* @param jsonStr
* @return
*/
@@ -314,22 +315,24 @@ public class SdcCatalogServices {
/**
* To upload artifact to sdc based on serviceUUID and resource name on url.
- *
+ *
* @param prop
* @param userid
* @param url
* @param formattedSdcReq
* @return
+ * @throws GeneralSecurityException
*/
- public String uploadArtifactToSdc(ModelProperties prop, String userid, String url, String formattedSdcReq) {
+ public String uploadArtifactToSdc(ModelProperties prop, String userid, String url, String formattedSdcReq)
+ throws GeneralSecurityException {
// Verify whether it is triggered by Validation Test button from UI
if (prop.isTest()) {
return "sdc artifact upload not executed for test action";
}
try {
logger.info("userid=" + userid);
- String md5Text = SdcReq.calculateMD5ByString(formattedSdcReq);
- byte[] postData = SdcReq.stringToByteArray(formattedSdcReq);
+ String md5Text = sdcReq.calculateMD5ByString(formattedSdcReq);
+ byte[] postData = sdcReq.stringToByteArray(formattedSdcReq);
int postDataLength = postData.length;
HttpURLConnection conn = getSdcHttpUrlConnection(userid, postDataLength, url, md5Text);
try (DataOutputStream wr = new DataOutputStream(conn.getOutputStream())) {
@@ -341,7 +344,6 @@ public class SdcCatalogServices {
if (responseCode == 200) {
requestFailed = false;
}
-
String responseStr = getResponse(conn);
if (responseStr != null && requestFailed) {
logger.error("requestFailed - responseStr=" + responseStr);
@@ -352,13 +354,13 @@ public class SdcCatalogServices {
logger.error("Exception when attempting to communicate with SDC", e);
throw new SdcCommunicationException("Exception when attempting to communicate with SDC", e);
}
-
}
- private HttpURLConnection getSdcHttpUrlConnection(String userid, int postDataLength, String url, String md5Text) {
+ private HttpURLConnection getSdcHttpUrlConnection(String userid, int postDataLength, String url, String md5Text)
+ throws GeneralSecurityException {
try {
logger.info("userid=" + userid);
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
String sdcXonapInstanceId = refProp.getStringValue("sdc.sdcX-InstanceID");
URL urlObj = new URL(url);
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
@@ -426,7 +428,14 @@ public class SdcCatalogServices {
}
}
- public boolean isCldsSdcCacheDataExpired(CldsServiceData cldsServiceData) {
+ /**
+ * Check if the SDC Info in cache has expired.
+ *
+ * @param cldsServiceData
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public boolean isCldsSdcCacheDataExpired(CldsServiceData cldsServiceData) throws GeneralSecurityException {
boolean expired = false;
if (cldsServiceData != null && cldsServiceData.getServiceUUID() != null) {
String cachedServiceUuid = cldsServiceData.getServiceUUID();
@@ -442,7 +451,16 @@ public class SdcCatalogServices {
return expired;
}
- public CldsServiceData getCldsServiceDataWithAlarmConditions(String invariantServiceUuid) {
+ /**
+ * Get the Service Data with Alarm Conditions for a given
+ * invariantServiceUuid.
+ *
+ * @param invariantServiceUuid
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public CldsServiceData getCldsServiceDataWithAlarmConditions(String invariantServiceUuid)
+ throws GeneralSecurityException {
String url = refProp.getStringValue("sdc.serviceUrl");
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
String serviceUuid = getServiceUuidFromServiceInvariantId(invariantServiceUuid);
@@ -460,7 +478,6 @@ public class SdcCatalogServices {
}
cldsServiceData.setServiceUUID(cldsSdcServiceDetail.getUuid());
cldsServiceData.setServiceInvariantUUID(cldsSdcServiceDetail.getInvariantUUID());
-
// To remove duplicate resources from serviceDetail and add valid
// vfs to service
if (cldsSdcServiceDetail != null && cldsSdcServiceDetail.getResources() != null) {
@@ -488,13 +505,15 @@ public class SdcCatalogServices {
return cldsServiceData;
}
- private void getAllVfcForVfList(List<CldsVfData> cldsVfDataList, String catalogUrl) {
+ private void getAllVfcForVfList(List<CldsVfData> cldsVfDataList, String catalogUrl)
+ throws GeneralSecurityException {
// todo : refact this..
if (cldsVfDataList != null && !cldsVfDataList.isEmpty()) {
List<CldsSdcResourceBasicInfo> allVfResources = getAllSdcVForVfcResourcesBasedOnResourceType(
RESOURCE_VF_TYPE);
List<CldsSdcResourceBasicInfo> allVfcResources = getAllSdcVForVfcResourcesBasedOnResourceType(
RESOURCE_VFC_TYPE);
+ allVfcResources.addAll(getAllSdcVForVfcResourcesBasedOnResourceType(RESOURCE_CVFC_TYPE));
for (CldsVfData currCldsVfData : cldsVfDataList) {
if (currCldsVfData != null && currCldsVfData.getVfInvariantResourceUUID() != null) {
String resourceUuid = getResourceUuidFromResourceInvariantUuid(
@@ -507,7 +526,6 @@ public class SdcCatalogServices {
// associated with the VF's
List<CldsVfKPIData> cldsVfKPIDataList = getFieldPathFromVF(vfResponse);
currCldsVfData.setCldsKPIList(cldsVfKPIDataList);
-
List<CldsVfcData> vfcDataListFromVfResponse = getVfcDataListFromVfResponse(vfResponse);
if (vfcDataListFromVfResponse != null) {
currCldsVfData.setCldsVfcs(vfcDataListFromVfResponse);
@@ -547,7 +565,7 @@ public class SdcCatalogServices {
}
}
- private List<CldsVfcData> getVfcDataListFromVfResponse(String vfResponse) {
+ private List<CldsVfcData> getVfcDataListFromVfResponse(String vfResponse) throws GeneralSecurityException {
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode;
try {
@@ -570,6 +588,11 @@ public class SdcCatalogServices {
currCldsVfcData.setVfcInvariantResourceUUID(vfcInvariantResourceUuid.textValue());
cldsVfcDataList.add(currCldsVfcData);
} else if (resourceTypeNode != null && "CVFC".equalsIgnoreCase(resourceTypeNode.textValue())) {
+ TextNode vfcResourceName = (TextNode) currVfcNode.get("resourceInstanceName");
+ TextNode vfcInvariantResourceUuid = (TextNode) currVfcNode.get("resourceInvariantUUID");
+ currCldsVfcData.setVfcName(vfcResourceName.textValue());
+ currCldsVfcData.setVfcInvariantResourceUUID(vfcInvariantResourceUuid.textValue());
+ cldsVfcDataList.add(currCldsVfcData);
cldsVfcDataList.addAll(getVFCfromCVFC(currVfcNode.get("resourceUUID").textValue()));
}
}
@@ -577,10 +600,9 @@ public class SdcCatalogServices {
return cldsVfcDataList;
}
- private List<CldsVfcData> getVFCfromCVFC(String resourceUUID) {
+ private List<CldsVfcData> getVFCfromCVFC(String resourceUUID) throws GeneralSecurityException {
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
List<CldsVfcData> cldsVfcDataList = new ArrayList<>();
-
if (resourceUUID != null) {
String vfcResourceUUIDUrl = catalogUrl + "resources" + "/" + resourceUUID + "/metadata";
try {
@@ -588,7 +610,6 @@ public class SdcCatalogServices {
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode = (ObjectNode) mapper.readTree(vfcResponse);
ArrayNode vfcArrayNode = (ArrayNode) vfResponseNode.get("resources");
-
if (vfcArrayNode != null) {
for (JsonNode vfcjsonNode : vfcArrayNode) {
CldsVfcData currCldsVfcData = new CldsVfcData();
@@ -614,7 +635,7 @@ public class SdcCatalogServices {
return (id != null) ? id.replaceAll("\"", "") : "";
}
- private List<CldsAlarmCondition> getAlarmCondtionsFromVfc(String vfcResponse) {
+ private List<CldsAlarmCondition> getAlarmCondtionsFromVfc(String vfcResponse) throws GeneralSecurityException {
List<CldsAlarmCondition> cldsAlarmConditionList = new ArrayList<>();
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfcResponseNode;
@@ -625,7 +646,6 @@ public class SdcCatalogServices {
return cldsAlarmConditionList;
}
ArrayNode artifactsArrayNode = (ArrayNode) vfcResponseNode.get("artifacts");
-
if (artifactsArrayNode != null && artifactsArrayNode.size() > 0) {
for (int index = 0; index < artifactsArrayNode.size(); index++) {
ObjectNode currArtifactNode = (ObjectNode) artifactsArrayNode.get(index);
@@ -660,7 +680,7 @@ public class SdcCatalogServices {
}
// Method to get the artifact for any particular VF
- private List<CldsVfKPIData> getFieldPathFromVF(String vfResponse) {
+ private List<CldsVfKPIData> getFieldPathFromVF(String vfResponse) throws GeneralSecurityException {
List<CldsVfKPIData> cldsVfKPIDataList = new ArrayList<>();
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode;
@@ -671,7 +691,6 @@ public class SdcCatalogServices {
return cldsVfKPIDataList;
}
ArrayNode artifactsArrayNode = (ArrayNode) vfResponseNode.get("artifacts");
-
if (artifactsArrayNode != null && artifactsArrayNode.size() > 0) {
for (int index = 0; index < artifactsArrayNode.size(); index++) {
ObjectNode currArtifactNode = (ObjectNode) artifactsArrayNode.get(index);
@@ -682,7 +701,7 @@ public class SdcCatalogServices {
artifactName = artifactNameNode.textValue();
artifactName = artifactName.substring(artifactName.lastIndexOf('.') + 1);
}
- if (artifactUrlNode != null && "csv".equalsIgnoreCase(artifactName)) {
+ if (artifactUrlNode != null && "csv".equalsIgnoreCase(artifactName)) {
String responsesFromArtifactUrl = getResponsesFromArtifactUrl(artifactUrlNode.textValue());
cldsVfKPIDataList.addAll(parseCsvToGetFieldPath(responsesFromArtifactUrl));
logger.info(responsesFromArtifactUrl);
@@ -697,24 +716,19 @@ public class SdcCatalogServices {
logger.debug("invalid csv field path Record,total columns less than 6: " + record);
return null;
}
-
if (StringUtils.isBlank(record.get(1)) || StringUtils.isBlank(record.get(3))
|| StringUtils.isBlank(record.get(5))) {
logger.debug("Invalid csv field path Record,one of column is having blank value : " + record);
return null;
}
-
CldsVfKPIData cldsVfKPIData = new CldsVfKPIData();
cldsVfKPIData.setNfNamingCode(record.get(0).trim());
cldsVfKPIData.setNfNamingValue(record.get(1).trim());
-
cldsVfKPIData.setFieldPath(record.get(2).trim());
cldsVfKPIData.setFieldPathValue(record.get(3).trim());
-
cldsVfKPIData.setThresholdName(record.get(4).trim());
cldsVfKPIData.setThresholdValue(record.get(5).trim());
return cldsVfKPIData;
-
}
// Method to get the artifactURL Data and set the CldsVfKPIData node
@@ -759,7 +773,14 @@ public class SdcCatalogServices {
cldsAlarmConditionList.add(cldsAlarmCondition);
}
- public String getResponsesFromArtifactUrl(String artifactsUrl) {
+ /**
+ * Get the responses for the current artifact from the artifacts URL.
+ *
+ * @param artifactsUrl
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public String getResponsesFromArtifactUrl(String artifactsUrl) throws GeneralSecurityException {
String hostUrl = refProp.getStringValue("sdc.hostUrl");
String artifactsUrlReworked = artifactsUrl.replaceAll("\"", "");
String artifactUrl = hostUrl + artifactsUrlReworked;
@@ -771,27 +792,29 @@ public class SdcCatalogServices {
/**
* Service to services/resources/artifacts from sdc.Pass alarmConditions as
- * true to get alarmconditons from artifact url and else it is false
- *
+ * true to get alarm conditons from artifact url and else it is false
+ *
* @param url
* @param alarmConditions
* @return
+ * @throws GeneralSecurityException
+ * In case of issue when decrypting the SDC password
+ *
*/
- public String getCldsServicesOrResourcesBasedOnURL(String url, boolean alarmConditions) {
+ public String getCldsServicesOrResourcesBasedOnURL(String url, boolean alarmConditions)
+ throws GeneralSecurityException {
Date startTime = new Date();
try {
LoggingUtils.setTargetContext("SDC", "getCldsServicesOrResourcesBasedOnURL");
String urlReworked = removeUnwantedBracesFromString(url);
URL urlObj = new URL(urlReworked);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("GET");
-
int responseCode = conn.getResponseCode();
logger.info("Sdc resource url - " + urlReworked + " , responseCode=" + responseCode);
StringBuilder response;
@@ -818,7 +841,6 @@ public class SdcCatalogServices {
LoggingUtils.setTimeContext(startTime, new Date());
metricsLogger.info("getCldsServicesOrResourcesBasedOnURL completed");
}
-
}
/**
@@ -833,19 +855,15 @@ public class SdcCatalogServices {
ObjectMapper mapper = new ObjectMapper();
ObjectNode globalPropsJson;
if (cldsServiceData != null && cldsServiceData.getServiceUUID() != null) {
-
// Objectnode to save all byservice, byvf , byvfc and byalarm nodes
ObjectNode byIdObjectNode = mapper.createObjectNode();
-
// To create vf ResourceUUID node with serviceInvariantUUID
ObjectNode invariantUuidObjectNodeWithVf = createVfObjectNodeByServiceInvariantUuid(mapper,
cldsServiceData);
byIdObjectNode.putPOJO("byService", invariantUuidObjectNodeWithVf);
-
// To create byVf and vfcResourceNode with vfResourceUUID
ObjectNode vfcObjectNodeByVfUuid = createVfcObjectNodeByVfUuid(mapper, cldsServiceData.getCldsVfs());
byIdObjectNode.putPOJO("byVf", vfcObjectNodeByVfUuid);
-
// To create byKpi
ObjectNode kpiObjectNode = mapper.createObjectNode();
if (cldsServiceData.getCldsVfs() != null && !cldsServiceData.getCldsVfs().isEmpty()) {
@@ -856,7 +874,6 @@ public class SdcCatalogServices {
}
}
byIdObjectNode.putPOJO("byKpi", kpiObjectNode);
-
// To create byVfc and alarmCondition with vfcResourceUUID
ObjectNode vfcResourceUuidObjectNode = mapper.createObjectNode();
if (cldsServiceData.getCldsVfs() != null && !cldsServiceData.getCldsVfs().isEmpty()) {
@@ -868,23 +885,17 @@ public class SdcCatalogServices {
}
}
byIdObjectNode.putPOJO("byVfc", vfcResourceUuidObjectNode);
-
// To create byAlarmCondition with alarmConditionKey
List<CldsAlarmCondition> allAlarmConditions = getAllAlarmConditionsFromCldsServiceData(cldsServiceData,
"alarmCondition");
ObjectNode alarmCondObjectNodeByAlarmKey = createAlarmCondObjectNodeByAlarmKey(mapper, allAlarmConditions);
-
byIdObjectNode.putPOJO("byAlarmCondition", alarmCondObjectNodeByAlarmKey);
-
// To create byAlertDescription with AlertDescription
List<CldsAlarmCondition> allAlertDescriptions = getAllAlarmConditionsFromCldsServiceData(cldsServiceData,
"alertDescription");
ObjectNode alertDescObjectNodeByAlert = createAlarmCondObjectNodeByAlarmKey(mapper, allAlertDescriptions);
-
byIdObjectNode.putPOJO("byAlertDescription", alertDescObjectNodeByAlert);
-
globalPropsJson = decodeGlobalProp(globalProps, mapper);
-
globalPropsJson.putPOJO("shared", byIdObjectNode);
logger.info("value of objNode:" + globalPropsJson);
} else {
@@ -940,7 +951,6 @@ public class SdcCatalogServices {
*/
private List<CldsAlarmCondition> getAllAlarmConditionsFromCldsVfData(CldsVfData currCldsVfData, String eventName) {
List<CldsAlarmCondition> alarmCondList = new ArrayList<>();
-
if (currCldsVfData != null && currCldsVfData.getCldsVfcs() != null && !currCldsVfData.getCldsVfcs().isEmpty()) {
for (CldsVfcData currCldsVfcData : currCldsVfData.getCldsVfcs()) {
alarmCondList.addAll(getAllAlarmConditionsFromCldsVfcData(currCldsVfcData, eventName));
@@ -962,7 +972,6 @@ public class SdcCatalogServices {
private List<CldsAlarmCondition> getAllAlarmConditionsFromCldsVfcData(CldsVfcData currCldsVfcData,
String eventName) {
List<CldsAlarmCondition> alarmCondList = new ArrayList<>();
-
if (currCldsVfcData != null && currCldsVfcData.getCldsAlarmConditions() != null
&& !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : currCldsVfcData.getCldsAlarmConditions()) {
@@ -978,7 +987,6 @@ public class SdcCatalogServices {
private ObjectNode createAlarmCondObjectNodeByAlarmKey(ObjectMapper mapper,
List<CldsAlarmCondition> cldsAlarmCondList) {
ObjectNode alarmCondKeyNode = mapper.createObjectNode();
-
if (cldsAlarmCondList != null && !cldsAlarmCondList.isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : cldsAlarmCondList) {
if (currCldsAlarmCondition != null) {
@@ -1022,17 +1030,13 @@ public class SdcCatalogServices {
for (CldsVfKPIData currCldsVfKpiData : cldsVfKpiDataList) {
if (currCldsVfKpiData != null) {
ObjectNode thresholdNameObjectNode = mapper.createObjectNode();
-
ObjectNode fieldPathObjectNode = mapper.createObjectNode();
ObjectNode nfNamingCodeNode = mapper.createObjectNode();
-
fieldPathObjectNode.put(currCldsVfKpiData.getFieldPathValue(),
currCldsVfKpiData.getFieldPathValue());
nfNamingCodeNode.put(currCldsVfKpiData.getNfNamingValue(), currCldsVfKpiData.getNfNamingValue());
-
thresholdNameObjectNode.putPOJO("fieldPath", fieldPathObjectNode);
thresholdNameObjectNode.putPOJO("nfNamingCode", nfNamingCodeNode);
-
vfResourceUuidObjectNode.putPOJO(currCldsVfKpiData.getThresholdValue(), thresholdNameObjectNode);
}
}
@@ -1050,9 +1054,7 @@ public class SdcCatalogServices {
if (currCldsVfcData.getCldsAlarmConditions() != null
&& !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : currCldsVfcData.getCldsAlarmConditions()) {
- alarmCondNode.put(currCldsAlarmCondition.getAlarmConditionKey(),
- currCldsAlarmCondition.getAlarmConditionKey());
- if ("alarmCondition".equalsIgnoreCase(currCldsAlarmCondition.getEventName())) {
+ if ("alarmCondition".equalsIgnoreCase(currCldsAlarmCondition.getEventName())) {
alarmCondNode.put(currCldsAlarmCondition.getAlarmConditionKey(),
currCldsAlarmCondition.getAlarmConditionKey());
} else {
@@ -1061,7 +1063,6 @@ public class SdcCatalogServices {
}
}
}
-
vfcObjectNode.putPOJO("alarmCondition", alarmCondNode);
vfcObjectNode.putPOJO("alertDescription", alertDescNode);
vfcResourceUuidObjectNode.putPOJO(currCldsVfcData.getVfcInvariantResourceUUID(), vfcObjectNode);
@@ -1085,7 +1086,6 @@ public class SdcCatalogServices {
*/
private ObjectNode createVfcObjectNodeByVfUuid(ObjectMapper mapper, List<CldsVfData> cldsVfDataList) {
ObjectNode vfUuidObjectNode = mapper.createObjectNode();
-
if (cldsVfDataList != null && !cldsVfDataList.isEmpty()) {
for (CldsVfData currCldsVfData : cldsVfDataList) {
if (currCldsVfData != null) {
@@ -1094,8 +1094,11 @@ public class SdcCatalogServices {
ObjectNode kpiObjectNode = mapper.createObjectNode();
if (currCldsVfData.getCldsVfcs() != null && !currCldsVfData.getCldsVfcs().isEmpty()) {
for (CldsVfcData currCldsVfcData : currCldsVfData.getCldsVfcs()) {
- vfcUuidNode.put(currCldsVfcData.getVfcInvariantResourceUUID(),
- currCldsVfcData.getVfcName());
+ if (currCldsVfcData.getCldsAlarmConditions() != null
+ && !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
+ vfcUuidNode.put(currCldsVfcData.getVfcInvariantResourceUUID(),
+ currCldsVfcData.getVfcName());
+ }
}
} else {
vfcUuidNode.put("", "");
@@ -1159,9 +1162,9 @@ public class SdcCatalogServices {
}
public String updateControlLoopStatusToDcae(String dcaeUrl, String invariantResourceUuid,
- String invariantServiceUuid, String artifactName) {
+ String invariantServiceUuid, String artifactName) throws GeneralSecurityException {
String baseUrl = refProp.getStringValue("sdc.serviceUrl");
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
String postStatusData = "{ \n" + "\"event\" : \"" + "Created" + "\",\n" + "\"serviceUUID\" : \""
+ invariantServiceUuid + "\",\n" + "\"resourceUUID\" :\"" + invariantResourceUuid + "\",\n"
+ "\"artifactName\" : \"" + artifactName + "\",\n" + "} \n";
@@ -1171,22 +1174,18 @@ public class SdcCatalogServices {
url = dcaeUrl + "/closed-loops";
}
URL urlObj = new URL(url);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("POST");
-
- byte[] postData = SdcReq.stringToByteArray(postStatusData);
+ byte[] postData = sdcReq.stringToByteArray(postStatusData);
try (DataOutputStream wr = new DataOutputStream(conn.getOutputStream())) {
wr.write(postData);
}
-
int responseCode = conn.getResponseCode();
logger.info("responseCode=" + responseCode);
-
String resp = getResponse(conn);
if (resp != null) {
return resp;
@@ -1203,8 +1202,12 @@ public class SdcCatalogServices {
* @param resourceType
* The resourceType
* @return The list of CldsSdcResourceBasicInfo
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
+ *
*/
- private List<CldsSdcResourceBasicInfo> getAllSdcVForVfcResourcesBasedOnResourceType(String resourceType) {
+ private List<CldsSdcResourceBasicInfo> getAllSdcVForVfcResourcesBasedOnResourceType(String resourceType)
+ throws GeneralSecurityException {
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
String resourceUrl = catalogUrl + "resources?resourceType=" + resourceType;
String allSdcVfcResources = getCldsServicesOrResourcesBasedOnURL(resourceUrl, false);
@@ -1260,10 +1263,12 @@ public class SdcCatalogServices {
* @param locationArtifactName
* The location artifact name from where we can get the Artifact
* UUID
- *
+ * @throws GeneralSecurityException
+ * In case of issues to decrypt the SDC password
*/
public void uploadToSdc(ModelProperties prop, String userid, List<String> sdcReqUrlsList, String formattedSdcReq,
- String formattedSdcLocationReq, String artifactName, String locationArtifactName) {
+ String formattedSdcLocationReq, String artifactName, String locationArtifactName)
+ throws GeneralSecurityException {
logger.info("userid=" + userid);
String serviceInvariantUuid = getServiceInvariantUuidFromProps(prop);
if (sdcReqUrlsList != null && !sdcReqUrlsList.isEmpty()) {
diff --git a/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java b/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java
index 2d327f5d..90bdcb3a 100644
--- a/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java
+++ b/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java
@@ -23,6 +23,9 @@
package org.onap.clamp.clds.client;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
import java.util.List;
import org.camunda.bpm.engine.delegate.DelegateExecution;
@@ -33,27 +36,23 @@ import org.onap.clamp.clds.model.prop.ModelProperties;
import org.onap.clamp.clds.model.refprop.RefProp;
import org.springframework.beans.factory.annotation.Autowired;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
/**
* Send control loop model to dcae proxy.
*/
public class SdcSendReqDelegate implements JavaDelegate {
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcSendReqDelegate.class);
protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
@Autowired
- private RefProp refProp;
-
+ private SdcReq sdcReq;
@Autowired
- private SdcCatalogServices sdcCatalogServices;
-
- private String baseUrl;
- private String artifactType;
- private String locationArtifactType;
- private String artifactLabel;
- private String locationArtifactLabel;
+ private RefProp refProp;
+ @Autowired
+ private SdcCatalogServices sdcCatalogServices;
+ private String baseUrl;
+ private String artifactType;
+ private String locationArtifactType;
+ private String artifactLabel;
+ private String locationArtifactLabel;
/**
* Perform activity. Send to sdc proxy.
@@ -69,36 +68,37 @@ public class SdcSendReqDelegate implements JavaDelegate {
execution.setVariable("artifactName", artifactName);
getSdcAttributes((String) execution.getVariable("controlName"));
ModelProperties prop = ModelProperties.create(execution);
- String bluprintPayload = SdcReq.formatBlueprint(refProp, prop, docText);
- // no need to upload blueprint for Holmes, thus blueprintPayload for Holmes is empty
+ String bluprintPayload = sdcReq.formatBlueprint(prop, docText);
+ // no need to upload blueprint for Holmes, thus blueprintPayload for
+ // Holmes is empty
if (!bluprintPayload.isEmpty()) {
- String formattedSdcReq = SdcReq.formatSdcReq(bluprintPayload, artifactName, artifactLabel, artifactType);
+ String formattedSdcReq = sdcReq.formatSdcReq(bluprintPayload, artifactName, artifactLabel, artifactType);
if (formattedSdcReq != null) {
execution.setVariable("formattedArtifactReq", formattedSdcReq.getBytes());
}
- List<String> sdcReqUrlsList = SdcReq.getSdcReqUrlsList(prop, baseUrl, sdcCatalogServices, execution);
-
- String sdcLocationsPayload = SdcReq.formatSdcLocationsReq(prop, artifactName);
+ List<String> sdcReqUrlsList = sdcReq.getSdcReqUrlsList(prop, baseUrl, sdcCatalogServices, execution);
+ String sdcLocationsPayload = sdcReq.formatSdcLocationsReq(prop, artifactName);
String locationArtifactName = (String) execution.getVariable("controlName") + "-location.json";
- String formattedSdcLocationReq = SdcReq.formatSdcReq(sdcLocationsPayload, locationArtifactName,
- locationArtifactLabel, locationArtifactType);
+ String formattedSdcLocationReq = sdcReq.formatSdcReq(sdcLocationsPayload, locationArtifactName,
+ locationArtifactLabel, locationArtifactType);
if (formattedSdcLocationReq != null) {
execution.setVariable("formattedLocationReq", formattedSdcLocationReq.getBytes());
}
sdcCatalogServices.uploadToSdc(prop, userid, sdcReqUrlsList, formattedSdcReq, formattedSdcLocationReq,
- artifactName, locationArtifactName);
+ artifactName, locationArtifactName);
}
}
/**
* Method to get sdc service values from properties file.
+ *
* @param controlName
*/
private void getSdcAttributes(String controlName) {
baseUrl = refProp.getStringValue("sdc.serviceUrl");
- artifactLabel = SdcReq
+ artifactLabel = sdcReq
.normalizeResourceInstanceName(refProp.getStringValue("sdc.artifactLabel") + "-" + controlName);
- locationArtifactLabel = SdcReq
+ locationArtifactLabel = sdcReq
.normalizeResourceInstanceName(refProp.getStringValue("sdc.locationArtifactLabel") + "-" + controlName);
artifactType = refProp.getStringValue("sdc.artifactType");
locationArtifactType = refProp.getStringValue("sdc.locationArtifactType");
diff --git a/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java b/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java
index 640d3b0c..38e3b15a 100644
--- a/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java
+++ b/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java
@@ -31,15 +31,14 @@ import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
-import com.fasterxml.jackson.dataformat.yaml.snakeyaml.Yaml;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import java.util.Map.Entry;
import org.apache.commons.codec.digest.DigestUtils;
@@ -51,19 +50,23 @@ import org.onap.clamp.clds.model.prop.Global;
import org.onap.clamp.clds.model.prop.ModelProperties;
import org.onap.clamp.clds.model.prop.Tca;
import org.onap.clamp.clds.model.refprop.RefProp;
+import org.onap.clamp.clds.util.CryptoUtils;
+import org.springframework.beans.factory.annotation.Autowired;
/**
* Construct a Sdc request given CLDS objects.
*/
public class SdcReq {
+ @Autowired
+ protected CryptoUtils cryptoUtils;
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcReq.class);
protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
+ @Autowired
+ protected RefProp refProp;
/**
* Format the Blueprint from a Yaml
*
- * @param refProp
- * The RefProp instance containing the Clds config
* @param prop
* The ModelProperties describing the clds model
* @param docText
@@ -77,14 +80,9 @@ public class SdcReq {
* @throws IOException
* In case of issues
*/
- public static String formatBlueprint(RefProp refProp, ModelProperties prop, String docText)
+ public String formatBlueprint(ModelProperties prop, String docText)
throws JsonParseException, JsonMappingException, IOException {
-
- Global globalProp = prop.getGlobal();
- String service = globalProp.getService();
-
String yamlvalue = getYamlvalue(docText);
-
String updatedBlueprint = "";
Tca tca = prop.getType(Tca.class);
if (tca.isFound()) {
@@ -94,7 +92,17 @@ public class SdcReq {
return updatedBlueprint;
}
- public static String formatSdcLocationsReq(ModelProperties prop, String artifactName) {
+ /**
+ * Format the SDC Locations Request in the JSON Format
+ *
+ * @param prop
+ * The ModelProperties describing the clds model
+ * @param artifactName
+ * The name of the artifact
+ *
+ * @return SDC Locations request in the JSON Format
+ */
+ public String formatSdcLocationsReq(ModelProperties prop, String artifactName) {
ObjectMapper objectMapper = new ObjectMapper();
Global global = prop.getGlobal();
List<String> locationsList = global.getLocation();
@@ -106,12 +114,27 @@ public class SdcReq {
locationObject.put("artifactName", artifactName);
locationObject.putPOJO("locations", locationsArrayNode);
String locationJsonFormat = locationObject.toString();
- logger.info("Value of locaation Json Artifact:" + locationsArrayNode);
+ logger.info("Value of location Json Artifact:" + locationsArrayNode);
return locationJsonFormat;
}
- public static String formatSdcReq(String payloadData, String artifactName, String artifactLabel,
- String artifactType) throws IOException {
+ /**
+ * Format the SDC Request
+ *
+ * @param payloadData
+ * The ModelProperties describing the clds model
+ * @param artifactName
+ * The name of the artifact
+ * @param artifactLabel
+ * The Label of the artifact
+ * @param artifactType
+ * The type of the artifact
+ * @return formatted SDC Request
+ * @throws IOException
+ * In case of issues
+ */
+ public String formatSdcReq(String payloadData, String artifactName, String artifactLabel, String artifactType)
+ throws IOException {
logger.info("artifact=" + payloadData);
String base64Artifact = base64Encode(payloadData);
return "{ \n" + "\"payloadData\" : \"" + base64Artifact + "\",\n" + "\"artifactLabel\" : \"" + artifactLabel
@@ -120,7 +143,16 @@ public class SdcReq {
+ "} \n";
}
- public static String getSdcReqUrl(ModelProperties prop, String url) {
+ /**
+ * Get the SDC Request URL
+ *
+ * @param prop
+ * The ModelProperties describing the clds model
+ * @param url
+ * url
+ * @return SDC Request URL
+ */
+ public String getSdcReqUrl(ModelProperties prop, String url) {
Global globalProps = prop.getGlobal();
String serviceUUID = "";
String resourceInstanceName = "";
@@ -143,13 +175,14 @@ public class SdcReq {
* @param prop
* @param baseUrl
* @param sdcCatalogServices
+ * @param execution
* @return
+ * @throws GeneralSecurityException
*/
- public static List<String> getSdcReqUrlsList(ModelProperties prop, String baseUrl,
- SdcCatalogServices sdcCatalogServices, DelegateExecution execution) {
+ public List<String> getSdcReqUrlsList(ModelProperties prop, String baseUrl, SdcCatalogServices sdcCatalogServices,
+ DelegateExecution execution) throws GeneralSecurityException {
// TODO : refact and regroup with very similar code
List<String> urlList = new ArrayList<>();
-
Global globalProps = prop.getGlobal();
if (globalProps != null) {
if (globalProps.getService() != null) {
@@ -178,7 +211,6 @@ public class SdcReq {
}
}
}
-
return urlList;
}
@@ -190,7 +222,7 @@ public class SdcReq {
* @param inText
* @return
*/
- public static String normalizeResourceInstanceName(String inText) {
+ public String normalizeResourceInstanceName(String inText) {
return inText.replace(" ", "").replace("-", "").replace(".", "").toLowerCase();
}
@@ -200,7 +232,7 @@ public class SdcReq {
* @param data
* @return
*/
- public static String calculateMD5ByString(String data) {
+ public String calculateMD5ByString(String data) {
String calculatedMd5 = DigestUtils.md5Hex(data);
// encode base-64 result
return base64Encode(calculatedMd5.getBytes());
@@ -212,7 +244,7 @@ public class SdcReq {
* @param inText
* @return
*/
- public static String base64Encode(String inText) {
+ public String base64Encode(String inText) {
return base64Encode(stringToByteArray(inText));
}
@@ -222,7 +254,7 @@ public class SdcReq {
* @param inText
* @return
*/
- public static byte[] stringToByteArray(String inText) {
+ public byte[] stringToByteArray(String inText) {
return inText.getBytes(StandardCharsets.UTF_8);
}
@@ -232,7 +264,7 @@ public class SdcReq {
* @param bytes
* @return
*/
- public static String base64Encode(byte[] bytes) {
+ public String base64Encode(byte[] bytes) {
Base64.Encoder encoder = Base64.getEncoder();
return encoder.encodeToString(bytes);
}
@@ -241,12 +273,15 @@ public class SdcReq {
* Return SDC id and pw as a HTTP Basic Auth string (for example: Basic
* dGVzdDoxMjM0NTY=).
*
- * @return
+ * @return The String with Basic Auth and password
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*/
- public static String getSdcBasicAuth(RefProp refProp) {
+ public String getSdcBasicAuth() throws GeneralSecurityException {
String sdcId = refProp.getStringValue("sdc.serviceUsername");
String sdcPw = refProp.getStringValue("sdc.servicePassword");
- String idPw = base64Encode(sdcId + ":" + sdcPw);
+ String password = cryptoUtils.decrypt(sdcPw);
+ String idPw = base64Encode(sdcId + ":" + password);
return "Basic " + idPw;
}
@@ -257,7 +292,7 @@ public class SdcReq {
* @return
* @throws IOException
*/
- public static String getYamlvalue(String docText) throws IOException {
+ public String getYamlvalue(String docText) throws IOException {
ObjectMapper objectMapper = new ObjectMapper();
String yamlFileValue = "";
ObjectNode root = objectMapper.readValue(docText, ObjectNode.class);
diff --git a/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java b/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java
index a27cc69b..3790e235 100644
--- a/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java
+++ b/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java
@@ -23,9 +23,10 @@
package org.onap.clamp.clds.config;
+import java.security.GeneralSecurityException;
+
import javax.sql.DataSource;
-import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -33,15 +34,17 @@ import org.springframework.context.annotation.Primary;
@Configuration
public class CamundaEngineConfiguration {
-
/**
- * Camunda Identity databse DataSource configuration
+ * Camunda Identity database DataSource configuration
+ *
+ * @return
+ * @throws GeneralSecurityException
+ * In case of issue during the decoding of the password
*/
@Primary
@Bean(name = "camundaBpmDataSource")
@ConfigurationProperties(prefix = "spring.datasource.camunda")
public DataSource dataSource() {
- return DataSourceBuilder.create().build();
+ return new EncodedPasswordBasicDataSource();
}
-
}
diff --git a/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java b/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java
index 6b7d337e..0c73ac71 100644
--- a/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java
+++ b/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java
@@ -26,6 +26,7 @@ package org.onap.clamp.clds.config;
import com.att.ajsc.common.AjscProvider;
import com.att.ajsc.common.AjscService;
+import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
@@ -44,12 +45,12 @@ import org.onap.clamp.clds.client.SdcCatalogServices;
import org.onap.clamp.clds.client.SdcSendReqDelegate;
import org.onap.clamp.clds.client.TcaPolicyDelegate;
import org.onap.clamp.clds.client.TcaPolicyDeleteDelegate;
+import org.onap.clamp.clds.client.req.SdcReq;
import org.onap.clamp.clds.dao.CldsDao;
import org.onap.clamp.clds.model.refprop.RefProp;
import org.onap.clamp.clds.transform.XslTransformer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
@@ -59,17 +60,18 @@ import org.springframework.context.annotation.Profile;
@Configuration
@Profile("clamp-default")
public class CldsConfiguration {
-
@Autowired
private ApplicationContext context;
/**
* Clds Identity database DataSource configuration
+ *
+ * @return
*/
@Bean(name = "cldsDataSource")
@ConfigurationProperties(prefix = "spring.datasource.cldsdb")
public DataSource cldsDataSource() {
- return DataSourceBuilder.create().build();
+ return new EncodedPasswordBasicDataSource();
}
@Bean(name = "jaxrsProviders")
@@ -102,6 +104,11 @@ public class CldsConfiguration {
}
@Bean
+ public SdcReq getSdcReq() {
+ return new SdcReq();
+ }
+
+ @Bean
public PolicyClient getPolicyClient() {
return new PolicyClient();
}
@@ -160,5 +167,4 @@ public class CldsConfiguration {
public HolmesPolicyDeleteDelegate getHolmesPolicyDeleteDelegate() {
return new HolmesPolicyDeleteDelegate();
}
-
} \ No newline at end of file
diff --git a/src/main/java/org/onap/clamp/clds/service/CldsService.java b/src/main/java/org/onap/clamp/clds/service/CldsService.java
index 19e3caa3..15706345 100644
--- a/src/main/java/org/onap/clamp/clds/service/CldsService.java
+++ b/src/main/java/org/onap/clamp/clds/service/CldsService.java
@@ -24,12 +24,15 @@
package org.onap.clamp.clds.service;
import com.att.ajsc.common.AjscService;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.io.IOException;
import java.io.InputStream;
+import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
@@ -39,6 +42,7 @@ import java.util.UUID;
import java.util.concurrent.TimeUnit;
import javax.annotation.PostConstruct;
+import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
@@ -62,11 +66,13 @@ import org.onap.clamp.clds.client.SdcCatalogServices;
import org.onap.clamp.clds.dao.CldsDao;
import org.onap.clamp.clds.exception.CldsConfigException;
import org.onap.clamp.clds.exception.SdcCommunicationException;
+import org.onap.clamp.clds.exception.policy.PolicyClientException;
import org.onap.clamp.clds.model.CldsDBServiceCache;
import org.onap.clamp.clds.model.CldsEvent;
import org.onap.clamp.clds.model.CldsHealthCheck;
import org.onap.clamp.clds.model.CldsInfo;
import org.onap.clamp.clds.model.CldsModel;
+import org.onap.clamp.clds.model.CldsModelProp;
import org.onap.clamp.clds.model.CldsSdcResource;
import org.onap.clamp.clds.model.CldsSdcServiceDetail;
import org.onap.clamp.clds.model.CldsSdcServiceInfo;
@@ -74,6 +80,7 @@ import org.onap.clamp.clds.model.CldsServiceData;
import org.onap.clamp.clds.model.CldsTemplate;
import org.onap.clamp.clds.model.DcaeEvent;
import org.onap.clamp.clds.model.ValueItem;
+import org.onap.clamp.clds.model.prop.AbstractModelElement;
import org.onap.clamp.clds.model.prop.ModelProperties;
import org.onap.clamp.clds.model.refprop.RefProp;
import org.onap.clamp.clds.transform.XslTransformer;
@@ -94,37 +101,26 @@ import io.swagger.annotations.ApiOperation;
@Api(value = "/clds")
@Path("/clds")
public class CldsService extends SecureServiceBase {
-
+ protected static final EELFLogger securityLogger = EELFManager.getInstance().getSecurityLogger();
@Autowired
- private ApplicationContext appContext;
-
- private static final String RESOURCE_NAME = "clds-version.properties";
-
+ private ApplicationContext appContext;
+ private static final String RESOURCE_NAME = "clds-version.properties";
@Value("${CLDS_PERMISSION_TYPE_CL:permission-type-cl}")
- private String cldsPersmissionTypeCl;
-
+ private String cldsPersmissionTypeCl;
@Value("${CLDS_PERMISSION_TYPE_CL_MANAGE:permission-type-cl-manage}")
- private String cldsPermissionTypeClManage;
-
+ private String cldsPermissionTypeClManage;
@Value("${CLDS_PERMISSION_TYPE_CL_EVENT:permission-type-cl-event}")
- private String cldsPermissionTypeClEvent;
-
+ private String cldsPermissionTypeClEvent;
@Value("${CLDS_PERMISSION_TYPE_FILTER_VF:permission-type-filter-vf}")
- private String cldsPermissionTypeFilterVf;
-
+ private String cldsPermissionTypeFilterVf;
@Value("${CLDS_PERMISSION_TYPE_TEMPLATE:permission-type-template}")
- private String cldsPermissionTypeTemplate;
-
+ private String cldsPermissionTypeTemplate;
@Value("${CLDS_PERMISSION_INSTANCE:dev}")
- private String cldsPermissionInstance;
-
- private SecureServicePermission permissionReadCl;
-
- private SecureServicePermission permissionUpdateCl;
-
- private SecureServicePermission permissionReadTemplate;
-
- private SecureServicePermission permissionUpdateTemplate;
+ private String cldsPermissionInstance;
+ private SecureServicePermission permissionReadCl;
+ private SecureServicePermission permissionUpdateCl;
+ private SecureServicePermission permissionReadTemplate;
+ private SecureServicePermission permissionUpdateTemplate;
@PostConstruct
private final void afterConstruction() {
@@ -138,25 +134,19 @@ public class CldsService extends SecureServiceBase {
@Value("${org.onap.clamp.config.files.globalClds:'classpath:/clds/globalClds.properties'}")
private String globalClds;
-
private Properties globalCldsProperties;
-
@Autowired
private CldsDao cldsDao;
@Autowired
private RuntimeService runtimeService;
@Autowired
private XslTransformer cldsBpmnTransformer;
-
@Autowired
private RefProp refProp;
-
@Autowired
private SdcCatalogServices sdcCatalogServices;
-
@Autowired
private DcaeDispatcherServices dcaeDispatcherServices;
-
@Autowired
private DcaeInventoryServices dcaeInventoryServices;
@@ -173,23 +163,20 @@ public class CldsService extends SecureServiceBase {
* that is currently installed from pom.xml file 3. User permissions
*
*/
-
@GET
@Path("/cldsInfo")
@Produces(MediaType.APPLICATION_JSON)
public CldsInfo getCldsInfo() {
-
CldsInfo cldsInfo = new CldsInfo();
-
+ Date startTime = new Date();
+ LoggingUtils.setRequestContext("CldsService: GET cldsInfo", getPrincipalName());
+ LoggingUtils.setTimeContext(startTime, new Date());
// Get the user info
cldsInfo.setUserName(getUserName());
-
// Get CLDS application version
String cldsVersion = "";
Properties props = new Properties();
-
ClassLoader loader = Thread.currentThread().getContextClassLoader();
-
try (InputStream resourceStream = loader.getResourceAsStream(RESOURCE_NAME)) {
props.load(resourceStream);
cldsVersion = props.getProperty("clds.version");
@@ -197,22 +184,31 @@ public class CldsService extends SecureServiceBase {
logger.error("Exception caught during the clds.version reading", ex);
}
cldsInfo.setCldsVersion(cldsVersion);
-
// Get the user list of permissions
cldsInfo.setPermissionReadCl(isAuthorizedNoException(permissionReadCl));
cldsInfo.setPermissionUpdateCl(isAuthorizedNoException(permissionUpdateCl));
cldsInfo.setPermissionReadTemplate(isAuthorizedNoException(permissionReadTemplate));
cldsInfo.setPermissionUpdateTemplate(isAuthorizedNoException(permissionUpdateTemplate));
+ // audit log
+ LoggingUtils.setTimeContext(startTime, new Date());
+ LoggingUtils.setResponseContext("0", "Get cldsInfo success", this.getClass().getName());
+ securityLogger.info("GET cldsInfo completed");
return cldsInfo;
}
+ /**
+ * REST service that retrieves clds healthcheck information.
+ *
+ * @return CldsHealthCheck class containing healthcheck info
+ */
@GET
@Path("/healthcheck")
@Produces(MediaType.APPLICATION_JSON)
public CldsHealthCheck gethealthcheck() {
-
CldsHealthCheck cldsHealthCheck = new CldsHealthCheck();
-
+ Date startTime = new Date();
+ LoggingUtils.setRequestContext("CldsService: GET healthcheck", getPrincipalName());
+ LoggingUtils.setTimeContext(startTime, new Date());
try {
cldsDao.doHealthCheck();
cldsHealthCheck.setHealthCheckComponent("CLDS-APP");
@@ -224,8 +220,11 @@ public class CldsService extends SecureServiceBase {
cldsHealthCheck.setHealthCheckStatus("DOWN");
cldsHealthCheck.setDescription("NOT-OK");
}
+ // audit log
+ LoggingUtils.setTimeContext(startTime, new Date());
+ LoggingUtils.setResponseContext("0", "Get healthcheck success", this.getClass().getName());
+ securityLogger.info("GET healthcheck completed");
return cldsHealthCheck;
-
}
/**
@@ -254,32 +253,6 @@ public class CldsService extends SecureServiceBase {
}
/**
- * REST service that saves BPMN for a CLDS model by name in the database.
- * This is subset of the json putModel. This is only expected to be used for
- * testing purposes, not by the UI.
- *
- * @param modelName
- */
- @ApiOperation(value = "Saves BPMN for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class)
- @PUT
- @Path("/model/bpmn/{modelName}")
- @Consumes(MediaType.TEXT_XML)
- public String putBpmnXml(@PathParam("modelName") String modelName, String bpmnText) {
- LoggingUtils.setRequestContext("CldsService: PUT model bpmn", getPrincipalName());
- isAuthorized(permissionUpdateCl);
- logger.info("PUT bpmnText for modelName={}", modelName);
- logger.info("PUT bpmnText={}", bpmnText);
- CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true);
- cldsModel.setBpmnText(bpmnText);
- cldsModel.save(cldsDao, getUserId());
- // audit log
- LoggingUtils.setTimeContext(new Date(), new Date());
- LoggingUtils.setResponseContext("0", "Put model bpmn success", this.getClass().getName());
- auditLogger.info("PUT model bpmn completed");
- return "wrote bpmnText for modelName=" + modelName;
- }
-
- /**
* REST service that retrieves image for a CLDS model name from the
* database. This is subset of the json getModel. This is only expected to
* be used for testing purposes, not by the UI.
@@ -305,33 +278,6 @@ public class CldsService extends SecureServiceBase {
}
/**
- * REST service that saves image for a CLDS model by name in the database.
- * This is subset of the json putModel. This is only expected to be used for
- * testing purposes, not by the UI.
- *
- * @param modelName
- */
- @ApiOperation(value = "Saves image for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class)
- @PUT
- @Path("/model/image/{modelName}")
- @Consumes(MediaType.TEXT_XML)
- public String putImageXml(@PathParam("modelName") String modelName, String imageText) {
- Date startTime = new Date();
- LoggingUtils.setRequestContext("CldsService: PUT model image", getPrincipalName());
- isAuthorized(permissionUpdateCl);
- logger.info("PUT iamgeText for modelName={}", modelName);
- logger.info("PUT imageText={}", imageText);
- CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true);
- cldsModel.setImageText(imageText);
- cldsModel.save(cldsDao, getUserId());
- // audit log
- LoggingUtils.setTimeContext(startTime, new Date());
- LoggingUtils.setResponseContext("0", "Put model image success", this.getClass().getName());
- auditLogger.info("PUT model image completed");
- return "wrote imageText for modelName=" + modelName;
- }
-
- /**
* REST service that retrieves a CLDS model by name from the database.
*
* @param modelName
@@ -349,7 +295,6 @@ public class CldsService extends SecureServiceBase {
CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, false);
isAuthorizedForVf(cldsModel);
cldsModel.setUserAuthorizedToUpdate(isAuthorizedNoException(permissionUpdateCl));
-
/**
* Checking condition whether our CLDS model can call INventory Method
*/
@@ -392,7 +337,12 @@ public class CldsService extends SecureServiceBase {
logger.info("PUT propText={}", cldsModel.getPropText());
logger.info("PUT imageText={}", cldsModel.getImageText());
cldsModel.setName(modelName);
-
+ try {
+ duplicateCheckforServiceVf(modelName, cldsModel.getPropText());
+ } catch (IOException | BadRequestException e) {
+ logger.error("Exception occured during duplicate check for service and VF", e);
+ throw new CldsConfigException(e.getMessage(), e);
+ }
if (cldsModel.getTemplateName() != null) {
CldsTemplate template = cldsDao.getTemplate(cldsModel.getTemplateName());
if (template != null) {
@@ -441,6 +391,7 @@ public class CldsService extends SecureServiceBase {
* @return
* @throws TransformerException
* @throws ParseException
+ * @throws GeneralSecurityException
*/
@ApiOperation(value = "Saves and processes an action for a CLDS model by name", notes = "", response = String.class)
@PUT
@@ -449,7 +400,7 @@ public class CldsService extends SecureServiceBase {
@Produces(MediaType.APPLICATION_JSON)
public CldsModel putModelAndProcessAction(@PathParam("action") String action,
@PathParam("modelName") String modelName, @QueryParam("test") String test, CldsModel model)
- throws TransformerException, ParseException {
+ throws TransformerException, ParseException, GeneralSecurityException {
Date startTime = new Date();
LoggingUtils.setRequestContext("CldsService: Process model action", getPrincipalName());
String actionCd = action.toUpperCase();
@@ -460,7 +411,6 @@ public class CldsService extends SecureServiceBase {
String userid = getUserId();
String actionStateCd = CldsEvent.ACTION_STATE_INITIATED;
String processDefinitionKey = "clds-process-action-wf";
-
logger.info("PUT actionCd={}", actionCd);
logger.info("PUT actionStateCd={}", actionStateCd);
logger.info("PUT processDefinitionKey={}", processDefinitionKey);
@@ -471,7 +421,6 @@ public class CldsService extends SecureServiceBase {
logger.info("PUT userid={}", userid);
logger.info("PUT getTypeId={}", model.getTypeId());
logger.info("PUT deploymentId={}", model.getDeploymentId());
-
if (model.getTemplateName() != null) {
CldsTemplate template = cldsDao.getTemplate(model.getTemplateName());
if (template != null) {
@@ -483,16 +432,13 @@ public class CldsService extends SecureServiceBase {
// save model to db
model.setName(modelName);
model.save(cldsDao, getUserId());
-
// get vars and format if necessary
String prop = model.getPropText();
String bpmn = model.getBpmnText();
String docText = model.getDocText();
String controlName = model.getControlName();
-
String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmn);
logger.info("PUT bpmnJson={}", bpmnJson);
-
// Flag indicates whether it is triggered by Validation Test button from
// UI
boolean isTest = false;
@@ -507,17 +453,14 @@ public class CldsService extends SecureServiceBase {
}
}
logger.info("PUT isTest={}", isTest);
-
boolean isInsertTestEvent = false;
String insertTestEvent = refProp.getStringValue("action.insert.test.event");
if (insertTestEvent != null && insertTestEvent.equalsIgnoreCase("true")) {
isInsertTestEvent = true;
}
logger.info("PUT isInsertTestEvent={}", isInsertTestEvent);
-
// determine if requested action is permitted
model.validateAction(actionCd);
-
// input variables to camunda process
Map<String, Object> variables = new HashMap<>();
variables.put("actionCd", actionCd);
@@ -531,17 +474,18 @@ public class CldsService extends SecureServiceBase {
variables.put("isInsertTestEvent", isInsertTestEvent);
logger.info("modelProp - " + prop);
logger.info("docText - " + docText);
-
- // start camunda process
- ProcessInstance pi = runtimeService.startProcessInstanceByKey(processDefinitionKey, variables);
-
- // log process info
- logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(),
- pi.getProcessInstanceId());
-
+ try {
+ // start camunda process
+ ProcessInstance pi = runtimeService.startProcessInstanceByKey(processDefinitionKey, variables);
+ // log process info
+ logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(),
+ pi.getProcessInstanceId());
+ } catch (SdcCommunicationException | PolicyClientException | BadRequestException e) {
+ logger.error("Exception occured during invoking bpmn process", e);
+ throw new CldsConfigException(e.getMessage(), e);
+ }
// refresh model info from db (get fresh event info)
CldsModel retreivedModel = CldsModel.retrieve(cldsDao, modelName, false);
-
if (actionCd.equalsIgnoreCase(CldsEvent.ACTION_SUBMIT)
|| actionCd.equalsIgnoreCase(CldsEvent.ACTION_RESUBMIT)) {
// To verify inventory status and modify model status to distribute
@@ -552,7 +496,6 @@ public class CldsService extends SecureServiceBase {
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Process model action success", this.getClass().getName());
auditLogger.info("Process model action completed");
-
return retreivedModel;
}
@@ -579,14 +522,12 @@ public class CldsService extends SecureServiceBase {
isAuthorized(permissionEvent);
userid = getUserId();
}
-
// Flag indicates whether it is triggered by Validation Test button from
// UI
boolean isTest = false;
if (test != null && test.equalsIgnoreCase("true")) {
isTest = true;
}
-
int instanceCount = 0;
if (dcaeEvent.getInstances() != null) {
instanceCount = dcaeEvent.getInstances().size();
@@ -595,7 +536,6 @@ public class CldsService extends SecureServiceBase {
+ " resourceUUID=" + dcaeEvent.getResourceUUID() + " artifactName=" + dcaeEvent.getArtifactName()
+ " instance count=" + instanceCount + " isTest=" + isTest;
logger.info("POST dcae event {}", msgInfo);
-
if (isTest) {
logger.warn("Ignorning test event from DCAE");
} else {
@@ -610,24 +550,24 @@ public class CldsService extends SecureServiceBase {
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Post dcae event success", this.getClass().getName());
auditLogger.info("Post dcae event completed");
-
return msgInfo;
}
/**
* REST service that retrieves sdc services
+ *
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*
- * @throws Exception
*/
@ApiOperation(value = "Retrieves sdc services", notes = "", response = String.class)
@GET
@Path("/sdc/services")
@Produces(MediaType.APPLICATION_JSON)
- public String getSdcServices() {
+ public String getSdcServices() throws GeneralSecurityException {
Date startTime = new Date();
LoggingUtils.setRequestContext("CldsService: GET sdc services", getPrincipalName());
String retStr;
-
String responseStr = sdcCatalogServices.getSdcServicesInformation(null);
try {
retStr = createUiServiceFormatJson(responseStr);
@@ -635,7 +575,6 @@ public class CldsService extends SecureServiceBase {
logger.error("IOException during SDC communication", e);
throw new SdcCommunicationException("IOException during SDC communication", e);
}
-
logger.info("value of sdcServices : {}", retStr);
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
@@ -663,6 +602,9 @@ public class CldsService extends SecureServiceBase {
* REST service that retrieves total properties by using invariantUUID based
* on refresh and non refresh
*
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
+ *
*/
@ApiOperation(value = "Retrieves total properties by using invariantUUID based on refresh and non refresh", notes = "", response = String.class)
@GET
@@ -670,12 +612,11 @@ public class CldsService extends SecureServiceBase {
@Produces(MediaType.APPLICATION_JSON)
public String getSdcPropertiesByServiceUUIDForRefresh(
@PathParam("serviceInvariantUUID") String serviceInvariantUUID,
- @DefaultValue("false") @QueryParam("refresh") String refresh) {
+ @DefaultValue("false") @QueryParam("refresh") String refresh) throws GeneralSecurityException {
Date startTime = new Date();
LoggingUtils.setRequestContext("CldsService: GET sdc properties by uuid", getPrincipalName());
CldsServiceData cldsServiceData = new CldsServiceData();
cldsServiceData.setServiceInvariantUUID(serviceInvariantUUID);
-
boolean isCldsSdcDataExpired = true;
// To getcldsService information from database cache using invariantUUID
// only when refresh = false
@@ -698,18 +639,14 @@ public class CldsService extends SecureServiceBase {
cldsServiceData.setCldsServiceCache(cldsDao, cldsDBServiceCache);
}
}
-
// filter out VFs the user is not authorized for
cldsServiceData.filterVfs(this);
-
// format retrieved data into properties json
String sdcProperties = sdcCatalogServices.createPropertiesObjectByUUID(getGlobalCldsString(), cldsServiceData);
-
// audit log
LoggingUtils.setTimeContext(startTime, new Date());
LoggingUtils.setResponseContext("0", "Get sdc properties by uuid success", this.getClass().getName());
auditLogger.info("GET sdc properties by uuid completed");
-
return sdcProperties;
}
@@ -763,7 +700,6 @@ public class CldsService extends SecureServiceBase {
logger.info("value of cldsserviceiNfolist: {}", rawList);
if (rawList != null && !rawList.isEmpty()) {
List<CldsSdcServiceInfo> cldsSdcServiceInfoList = sdcCatalogServices.removeDuplicateServices(rawList);
-
for (CldsSdcServiceInfo currCldsSdcServiceInfo : cldsSdcServiceInfoList) {
if (currCldsSdcServiceInfo != null) {
invariantIdServiceNode.put(currCldsSdcServiceInfo.getInvariantUUID(),
@@ -785,7 +721,6 @@ public class CldsService extends SecureServiceBase {
*/
ObjectNode serviceObjectNode = createEmptyVfAlarmObject(mapper);
ObjectNode vfObjectNode = mapper.createObjectNode();
-
/**
* to create json with vf and vfresourceId
*/
@@ -793,7 +728,6 @@ public class CldsService extends SecureServiceBase {
serviceObjectNode.putPOJO(cldsSdcServiceDetail.getInvariantUUID(), vfObjectNode);
ObjectNode byServiceBasicObjetNode = mapper.createObjectNode();
byServiceBasicObjetNode.putPOJO("byService", serviceObjectNode);
-
/**
* to create json with VFC Node
*/
@@ -827,7 +761,6 @@ public class CldsService extends SecureServiceBase {
List<CldsSdcResource> rawCldsSdcResourceList) {
ObjectNode vfNode = mapper.createObjectNode();
vfNode.put("", "");
-
// To remove repeated resource instance name from
// resourceInstanceList
List<CldsSdcResource> cldsSdcResourceList = sdcCatalogServices
@@ -843,7 +776,6 @@ public class CldsService extends SecureServiceBase {
}
}
vfObjectNode2.putPOJO("vf", vfNode);
-
/**
* creating location json object using properties file value
*/
@@ -857,7 +789,6 @@ public class CldsService extends SecureServiceBase {
"Unable to load ui.location.default JSON in clds-references.properties properly", e);
}
vfObjectNode2.putPOJO("location", locationJsonNode);
-
/**
* creating alarm json object using properties file value
*/
@@ -872,7 +803,6 @@ public class CldsService extends SecureServiceBase {
e);
}
vfObjectNode2.putPOJO("alarmCondition", alarmStringJsonNode);
-
}
private ObjectNode createByVFCObjectNode(ObjectMapper mapper, List<CldsSdcResource> cldsSdcResourceList) {
@@ -901,7 +831,13 @@ public class CldsService extends SecureServiceBase {
@QueryParam("test") String test, CldsModel model) throws IOException {
Date startTime = new Date();
LoggingUtils.setRequestContext("CldsService: Deploy model", getPrincipalName());
- String deploymentId = "closedLoop_" + UUID.randomUUID() + "_deploymentId";
+ String deploymentId = "";
+ // If model is already deployed then pass same deployment id
+ if (model.getDeploymentId() != null && !model.getDeploymentId().isEmpty()) {
+ deploymentId = model.getDeploymentId();
+ } else {
+ deploymentId = "closedLoop_" + UUID.randomUUID() + "_deploymentId";
+ }
String createNewDeploymentStatusUrl = dcaeDispatcherServices.createNewDeployment(deploymentId,
model.getTypeId());
String operationStatus = "processing";
@@ -995,4 +931,27 @@ public class CldsService extends SecureServiceBase {
throw new CldsConfigException("Unable to load the globalClds due to an exception", e);
}
}
+
+ private void duplicateCheckforServiceVf(String modelName, String modelPropText) throws IOException {
+ JsonNode modelJson = new ObjectMapper().readTree(modelPropText);
+ JsonNode globalNode = modelJson.get("global");
+ String service = AbstractModelElement.getValueByName(globalNode, "service");
+ List<String> resourceVf = AbstractModelElement.getValuesByName(globalNode, "vf");
+ if (resourceVf != null && !resourceVf.isEmpty()) {
+ List<CldsModelProp> cldsModelPropList = cldsDao.getAllModelProperties();
+ for (CldsModelProp cldsModelProp : cldsModelPropList) {
+ JsonNode currentJson = new ObjectMapper().readTree(cldsModelProp.getPropText());
+ JsonNode currentNode = currentJson.get("global");
+ String currentService = AbstractModelElement.getValueByName(currentNode, "service");
+ List<String> currentVf = AbstractModelElement.getValuesByName(currentNode, "vf");
+ if (currentVf != null && !currentVf.isEmpty()) {
+ if (!modelName.equalsIgnoreCase(cldsModelProp.getName()) && service.equalsIgnoreCase(currentService)
+ && resourceVf.get(0).equalsIgnoreCase(currentVf.get(0))) {
+ throw new BadRequestException("Same service/VF already exists in " + cldsModelProp.getName()
+ + " model, please select different service/VF.");
+ }
+ }
+ }
+ }
+ }
}
diff --git a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java
index acbd8bbd..70ba32f5 100644
--- a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java
+++ b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java
@@ -27,6 +27,7 @@ import com.att.eelf.configuration.EELFLogger;
import com.att.eelf.configuration.EELFManager;
import java.security.Principal;
+import java.util.Date;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.core.Context;
@@ -40,6 +41,7 @@ import org.onap.clamp.clds.util.LoggingUtils;
public abstract class SecureServiceBase {
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SecureServiceBase.class);
protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger();
+ protected static final EELFLogger securityLogger = EELFManager.getInstance().getSecurityLogger();
// By default we'll set it to a default handler
private static UserNameHandler userNameHandler = new DefaultUserNameHandler();
@@ -63,7 +65,10 @@ public abstract class SecureServiceBase {
*/
public String getUserName() {
String name = userNameHandler.retrieveUserName(securityContext);
- logger.debug("userName={}", name);
+ Date startTime = new Date();
+ LoggingUtils.setTargetContext("CLDS", "getUserName");
+ LoggingUtils.setTimeContext(startTime, new Date());
+ securityLogger.debug("User logged into the CLDS system={}", name);
return name;
}
@@ -100,30 +105,33 @@ public abstract class SecureServiceBase {
*/
public boolean isAuthorized(SecureServicePermission inPermission) throws NotAuthorizedException {
boolean authorized = false;
- logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission);
+
+ Date startTime = new Date();
+ LoggingUtils.setTargetContext("CLDS", "isAuthorized");
+ LoggingUtils.setTimeContext(startTime, new Date());
+
+ securityLogger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission);
+
// check if the user has the permission key or the permission key with a
// combination of all instance and/or all action.
if (securityContext.isUserInRole(inPermission.getKey())) {
- logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey());
+ securityLogger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
// the rest of these don't seem to be required - isUserInRole method
// appears to take * as a wildcard
} else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) {
- logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(),
- inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
} else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) {
- logger.info("{} authorized because user has permission with * for instance and * for action: {}",
- getPrincipalName(), inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for instance and * for action: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
} else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) {
- logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(),
- inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
} else {
String msg = getPrincipalName() + " does not have permission: " + inPermission;
LoggingUtils.setErrorContext("100", "Authorization Error");
- logger.warn(msg);
+ securityLogger.warn(msg);
throw new NotAuthorizedException(msg);
}
return authorized;
@@ -144,29 +152,32 @@ public abstract class SecureServiceBase {
*/
public boolean isAuthorizedNoException(SecureServicePermission inPermission) {
boolean authorized = false;
- logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission);
+
+ securityLogger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission);
+ Date startTime = new Date();
+ LoggingUtils.setTargetContext("CLDS", "isAuthorizedNoException");
+ LoggingUtils.setTimeContext(startTime, new Date());
+
// check if the user has the permission key or the permission key with a
// combination of all instance and/or all action.
if (securityContext.isUserInRole(inPermission.getKey())) {
- logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey());
+ securityLogger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
// the rest of these don't seem to be required - isUserInRole method
// appears to take * as a wildcard
} else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) {
- logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(),
- inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(),inPermission.getKey());
authorized = true;
} else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) {
- logger.info("{} authorized because user has permission with * for instance and * for action: {}",
- getPrincipalName(), inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for instance and * for action: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
} else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) {
- logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(),
- inPermission.getKey());
+ securityLogger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), inPermission.getKey());
authorized = true;
} else {
String msg = getPrincipalName() + " does not have permission: " + inPermission;
LoggingUtils.setErrorContext("100", "Authorization Error");
+ securityLogger.warn(msg);
logger.warn(msg);
}
return authorized;
diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
new file mode 100644
index 00000000..fd4d1b15
--- /dev/null
+++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java
@@ -0,0 +1,116 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP CLAMP
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights
+ * reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END============================================
+ * ===================================================================
+ * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ */
+
+package org.onap.clamp.clds.util;
+
+import java.security.GeneralSecurityException;
+
+import javax.annotation.PostConstruct;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+/**
+ * CryptoUtils for encrypting/decrypting string based on a Key defined in
+ * application.properties (Spring config file).
+ *
+ */
+@Component("CryptoUtils")
+public final class CryptoUtils {
+ public static final String AES = "AES";
+ public static final String KEY_PARAM = "org.onap.clamp.encryption.aes.key";
+ @Autowired
+ private Environment springEnv;
+ private SecretKeySpec secretKeySpec;
+
+ /**
+ * Initialize Method
+ *
+ */
+ @PostConstruct
+ public void init() {
+ secretKeySpec = getSecretKeySpec(springEnv.getProperty(KEY_PARAM));
+ }
+
+ /**
+ * Encrypt a value based on the Clamp Encryption Key.
+ *
+ * @param value
+ * @return The encrypted string
+ * @throws GeneralSecurityException
+ * In case of issue with the encryption
+ */
+ public String encrypt(String value) throws GeneralSecurityException {
+ Cipher cipher = Cipher.getInstance(CryptoUtils.AES);
+ cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, cipher.getParameters());
+ byte[] encrypted = cipher.doFinal(value.getBytes());
+ return byteArrayToHexString(encrypted);
+ }
+
+ /**
+ * Decrypt a value.
+ *
+ * @param message
+ * The encrypted string that must be decrypted using the Clamp
+ * Encryption Key
+ * @return The String decrypted
+ * @throws GeneralSecurityException
+ * In case of issue with the encryption
+ */
+ public String decrypt(String message) throws GeneralSecurityException {
+ Cipher cipher = Cipher.getInstance(CryptoUtils.AES);
+ cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
+ byte[] decrypted = cipher.doFinal(hexStringToByteArray(message));
+ return new String(decrypted);
+ }
+
+ private SecretKeySpec getSecretKeySpec(String keyString) {
+ byte[] key = hexStringToByteArray(keyString);
+ return new SecretKeySpec(key, CryptoUtils.AES);
+ }
+
+ private String byteArrayToHexString(byte[] b) {
+ StringBuilder sb = new StringBuilder(b.length * 2);
+ for (int i = 0; i < b.length; i++) {
+ int v = b[i] & 0xff;
+ if (v < 16) {
+ sb.append('0');
+ }
+ sb.append(Integer.toHexString(v));
+ }
+ return sb.toString().toUpperCase();
+ }
+
+ private byte[] hexStringToByteArray(String s) {
+ byte[] b = new byte[s.length() / 2];
+ for (int i = 0; i < b.length; i++) {
+ int index = i * 2;
+ int v = Integer.parseInt(s.substring(index, index + 2), 16);
+ b[i] = (byte) v;
+ }
+ return b;
+ }
+}
diff --git a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java
index 19bdcaf9..a5d84bb6 100644
--- a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java
+++ b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java
@@ -21,35 +21,21 @@
* ECOMP is a trademark and service mark of AT&T Intellectual Property.
*/
-/* Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
package org.onap.clamp.clds.workflow;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
import org.camunda.bpm.engine.delegate.DelegateExecution;
import org.camunda.bpm.engine.delegate.JavaDelegate;
import org.springframework.stereotype.Component;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
@Component
public class ProcessRequestDelegate implements JavaDelegate {
- protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ProcessRequestDelegate.class);
+ protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ProcessRequestDelegate.class);
protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger();
- // @Override
@Override
public void execute(DelegateExecution execution) throws Exception {
logger.info("Processing request by '" + execution.getVariable("customerId") + "'...");