diff options
author | Tomasz Wrobel <tomasz.wrobel@nokia.com> | 2022-05-13 09:01:26 +0200 |
---|---|---|
committer | Tomasz Wrobel <tomasz.wrobel@nokia.com> | 2022-07-06 06:09:50 +0200 |
commit | 5da97dc829f00e8549ccf5617b434aa911578d8b (patch) | |
tree | fb0a293b051a7f2e46ea736356cd6edf98a9371d /datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java | |
parent | 7fdc015b330cf36d4a272af7e9ce31f60248bfd6 (diff) |
Make TLS connection optional1.8.0
Issue-ID: DCAEGEN2-3039
Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com>
Change-Id: Id637ba17c655407009a4f40f6c93f518b99e45ff
Diffstat (limited to 'datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java')
-rw-r--r-- | datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java | 61 |
1 files changed, 50 insertions, 11 deletions
diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java index 025166c2..db811fac 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/CloudConfigParser.java @@ -1,7 +1,7 @@ /*- * ============LICENSE_START======================================================= - * Copyright (C) 2018, 2020-2021 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. - * All rights reserved. + * Copyright (C) 2018, 2020-2022 Nokia. All rights reserved. + * Copyright (C) 2018-2019 Nordix Foundation. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,6 +48,8 @@ import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeys; import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeysStore; import org.onap.dcaegen2.services.sdk.security.ssl.Passwords; import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * Parses the cloud configuration. @@ -74,6 +76,8 @@ public class CloudConfigParser { private static final int EXPECTED_NUMBER_OF_SOURCE_TOPICS = 1; private static final int FIRST_SOURCE_INDEX = 0; + private static final Logger logger = LoggerFactory.getLogger(CloudConfigParser.class); + private final Properties systemEnvironment; private final JsonObject jsonObject; @@ -103,10 +107,10 @@ public class CloudConfigParser { .publishUrl(getAsString(feedConfig, "publish_url")) // .password(getAsString(feedConfig, "password")) // .userName(getAsString(feedConfig, "username")) // - .trustStorePath(getAsString(jsonObject, DMAAP_SECURITY_TRUST_STORE_PATH)) // - .trustStorePasswordPath(getAsString(jsonObject, DMAAP_SECURITY_TRUST_STORE_PASS_PATH)) // - .keyStorePath(getAsString(jsonObject, DMAAP_SECURITY_KEY_STORE_PATH)) // - .keyStorePasswordPath(getAsString(jsonObject, DMAAP_SECURITY_KEY_STORE_PASS_PATH)) // + .trustStorePath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_TRUST_STORE_PATH,"")) // + .trustStorePasswordPath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_TRUST_STORE_PASS_PATH, "")) // + .keyStorePath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_KEY_STORE_PATH,"")) // + .keyStorePasswordPath(getAsOptionalStringOrDefault(jsonObject, DMAAP_SECURITY_KEY_STORE_PASS_PATH,"")) // .enableDmaapCertAuth(get(jsonObject, DMAAP_SECURITY_ENABLE_DMAAP_CERT_AUTH).getAsBoolean()) // .changeIdentifier(changeIdentifier) // .logUrl(getAsString(feedConfig, "log_url")) // @@ -189,12 +193,38 @@ public class CloudConfigParser { * @throws DatafileTaskException if a member of the configuration is missing. */ public @NotNull CertificateConfig getCertificateConfig() throws DatafileTaskException { + boolean enableCertAuth = getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.enableCertAuth", + Boolean.TRUE); + + String keyCert = ""; + String keyPasswordPath = ""; + String trustedCa = ""; + String trustedCaPasswordPath = ""; + boolean httpsHostnameVerify = true; + + if (enableCertAuth) { + logger.debug("TlS enabled, attempt to read certificates property"); + try { + keyCert = getAsString(jsonObject, "dmaap.certificateConfig.keyCert"); + keyPasswordPath = getAsString(jsonObject, "dmaap.certificateConfig.keyPasswordPath"); + trustedCa = getAsString(jsonObject, "dmaap.certificateConfig.trustedCa"); + trustedCaPasswordPath = getAsString(jsonObject, "dmaap.certificateConfig.trustedCaPasswordPath"); + httpsHostnameVerify = getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.httpsHostnameVerify", + Boolean.TRUE); + } catch (DatafileTaskException e) { + throw new DatafileTaskException( + "Wrong configuration. External certificate enabled but configs are missing: " + + e.getMessage()); + } + } + return new ImmutableCertificateConfig.Builder() // - .keyCert(getAsString(jsonObject, "dmaap.certificateConfig.keyCert")) - .keyPasswordPath(getAsString(jsonObject, "dmaap.certificateConfig.keyPasswordPath")) - .trustedCa(getAsString(jsonObject, "dmaap.certificateConfig.trustedCa")) - .trustedCaPasswordPath(getAsString(jsonObject, "dmaap.certificateConfig.trustedCaPasswordPath")) // - .httpsHostnameVerify(getAsBooleanOrDefault(jsonObject, "dmaap.certificateConfig.httpsHostnameVerify", Boolean.TRUE)) + .keyCert(keyCert) + .keyPasswordPath(keyPasswordPath) + .trustedCa(trustedCa) + .trustedCaPasswordPath(trustedCaPasswordPath) // + .httpsHostnameVerify(httpsHostnameVerify) + .enableCertAuth(enableCertAuth) .build(); } @@ -219,6 +249,15 @@ public class CloudConfigParser { return get(obj, memberName).getAsString(); } + private static String getAsOptionalStringOrDefault(JsonObject obj, String memberName, String def) { + try { + return get(obj, memberName).getAsString(); + } catch (DatafileTaskException e) { + return def; + } + } + + private static @NotNull Boolean getAsBoolean(JsonObject obj, String memberName) throws DatafileTaskException { return get(obj, memberName).getAsBoolean(); } |