From 8cc9e64a23ab773440a1f51d604a09c78f160283 Mon Sep 17 00:00:00 2001 From: ajay_dp001 Date: Fri, 29 Jan 2021 17:44:27 +0530 Subject: [DCAE-dfc] Vulnerability Removal for Datafile Collector - swagger version 2.9.2 to 3.0.0 - commons-io version 1.3.2 to 2.8.0 - tomcat-embed-core version 9.0.36 to 9.0.39 - pom.xml refactoring Issue-ID: DCAEGEN2-2591 Signed-off-by: ajay_dp001 Change-Id: I40e65a6936fc118299cd575df34c51730a25f424 --- .../onap/dcaegen2/collectors/datafile/MainApp.java | 5 +- .../datafile/configuration/SwaggerConfig.java | 73 +++++----------------- .../datafile/controllers/ScheduleController.java | 16 ++--- .../datafile/controllers/StatusController.java | 15 +++-- 4 files changed, 33 insertions(+), 76 deletions(-) (limited to 'datafile-app-server/src') diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/MainApp.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/MainApp.java index 55f4fe73..520be3fe 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/MainApp.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/MainApp.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018 NOKIA Intellectual Property, 2018 Nordix Foundation. All rights reserved. + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * Copyright (C) 2018-2021 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +33,7 @@ import org.springframework.scheduling.concurrent.ConcurrentTaskScheduler; * @author Przemysław Wąsala on 3/23/18 * @author Henrik Andersson */ -@SpringBootApplication(exclude = {JacksonAutoConfiguration.class}) +@SpringBootApplication() @EnableScheduling public class MainApp { diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/SwaggerConfig.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/SwaggerConfig.java index 1990efb8..35a31597 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/SwaggerConfig.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/configuration/SwaggerConfig.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018 NOKIA Intellectual Property, 2018 Nordix Foundation. All rights reserved. + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * Copyright (C) 2018-2021 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,65 +19,21 @@ package org.onap.dcaegen2.collectors.datafile.configuration; -import com.google.common.base.Predicates; +import io.swagger.v3.oas.annotations.OpenAPIDefinition; +import io.swagger.v3.oas.annotations.info.Info; +import io.swagger.v3.oas.annotations.info.License; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; +@OpenAPIDefinition( + info = @Info(title = SwaggerConfig.API_TITLE, version = SwaggerConfig.VERSION, + description = SwaggerConfig.DESCRIPTION, license = @License(name = "Copyright (C) 2020 Nordix Foundation. Licensed under the Apache License.", + url = "http://www.apache.org/licenses/LICENSE-2.0")) +) +public class SwaggerConfig { -import springfox.documentation.builders.ApiInfoBuilder; -import springfox.documentation.builders.PathSelectors; -import springfox.documentation.builders.RequestHandlerSelectors; -import springfox.documentation.service.ApiInfo; -import springfox.documentation.spi.DocumentationType; -import springfox.documentation.spring.web.plugins.Docket; -import springfox.documentation.swagger2.annotations.EnableSwagger2; + public static final String VERSION = "1.0"; + public static final String API_TITLE = "DATAFILE App Server"; + static final String DESCRIPTION = "

This page lists all the rest apis for DATAFILE app server.

"; -@EnableSwagger2 -@Configuration -@Profile("prod") -public class SwaggerConfig extends WebMvcConfigurationSupport { - static final String API_TITLE = "DATAFILE app server"; - static final String DESCRIPTION = "This page lists all the rest apis for DATAFILE app server."; - static final String VERSION = "1.0"; - static final String RESOURCES_PATH = "classpath:/META-INF/resources/"; - static final String WEBJARS_PATH = RESOURCES_PATH + "webjars/"; - static final String SWAGGER_UI = "swagger-ui.html"; - static final String WEBJARS = "/webjars/**"; - - /** - * Gets the API info. - * - * @return the API info. - */ - @Bean - public Docket api() { - return new Docket(DocumentationType.SWAGGER_2) // - .apiInfo(apiInfo()) // - .select() // - .apis(RequestHandlerSelectors.any()) // - .paths(PathSelectors.any()) // - .paths(Predicates.not(PathSelectors.regex("/error"))) // - // this endpoint is not implemented, but was visible for Swagger - .build(); - } - - private static ApiInfo apiInfo() { - return new ApiInfoBuilder() // - .title(API_TITLE) // - .description(DESCRIPTION) // - .version(VERSION) // - .build(); - } - - @Override - protected void addResourceHandlers(ResourceHandlerRegistry registry) { - registry.addResourceHandler(SWAGGER_UI) // - .addResourceLocations(RESOURCES_PATH); - - registry.addResourceHandler(WEBJARS) // - .addResourceLocations(WEBJARS_PATH); + private SwaggerConfig() { } } diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/ScheduleController.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/ScheduleController.java index 16cd05de..aeb4c729 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/ScheduleController.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/ScheduleController.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. All rights reserved. + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * Copyright (C) 2018-2021 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,9 +19,8 @@ package org.onap.dcaegen2.collectors.datafile.controllers; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; - +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.tags.Tag; import org.onap.dcaegen2.collectors.datafile.configuration.SchedulerConfig; import org.onap.dcaegen2.collectors.datafile.model.logging.MappedDiagnosticContext; import org.slf4j.Logger; @@ -42,7 +42,7 @@ import reactor.core.publisher.Mono; */ @RestController -@Api(value = "ScheduleController") +@Tag(name = "ScheduleController") public class ScheduleController { private static final Logger logger = LoggerFactory.getLogger(ScheduleController.class); @@ -61,7 +61,7 @@ public class ScheduleController { * @return the response. */ @GetMapping("/start") - @ApiOperation(value = "Start scheduling worker request") + @Operation(summary = "Start scheduling worker request") public Mono> startTasks(@RequestHeader HttpHeaders headers) { MappedDiagnosticContext.initializeTraceContext(headers); logger.info(MappedDiagnosticContext.ENTRY, "Start request"); @@ -81,7 +81,7 @@ public class ScheduleController { * @return the response. */ @GetMapping("/stopDatafile") - @ApiOperation(value = "Receiving stop scheduling worker request") + @Operation(summary = "Receiving stop scheduling worker request") public Mono> stopTask(@RequestHeader HttpHeaders headers) { MappedDiagnosticContext.initializeTraceContext(headers); logger.info(MappedDiagnosticContext.ENTRY, "Stop request"); @@ -90,7 +90,7 @@ public class ScheduleController { return response; } - @ApiOperation(value = "Sends success or error response on starting task execution") + @Operation(summary = "Sends success or error response on starting task execution") private static ResponseEntity createStartTaskResponse(boolean wasScheduled) { if (wasScheduled) { return new ResponseEntity<>("Datafile Service has been started!", HttpStatus.CREATED); diff --git a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/StatusController.java b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/StatusController.java index 5b72df1a..aaebfbfd 100644 --- a/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/StatusController.java +++ b/datafile-app-server/src/main/java/org/onap/dcaegen2/collectors/datafile/controllers/StatusController.java @@ -1,6 +1,7 @@ /*- * ============LICENSE_START====================================================================== - * Copyright (C) 2018 NOKIA Intellectual Property, 2018 Nordix Foundation. All rights reserved. + * Copyright (C) 2018 NOKIA Intellectual Property. All rights reserved. + * Copyright (C) 2018-2021 Nordix Foundation. All rights reserved. * =============================================================================================== * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except * in compliance with the License. You may obtain a copy of the License at @@ -19,11 +20,10 @@ package org.onap.dcaegen2.collectors.datafile.controllers; import static org.onap.dcaegen2.collectors.datafile.model.logging.MappedDiagnosticContext.ENTRY; import static org.onap.dcaegen2.collectors.datafile.model.logging.MappedDiagnosticContext.EXIT; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; - +import io.swagger.v3.oas.annotations.Operation; +import io.swagger.v3.oas.annotations.tags.Tag; import org.onap.dcaegen2.collectors.datafile.model.Counters; import org.onap.dcaegen2.collectors.datafile.model.logging.MappedDiagnosticContext; import org.onap.dcaegen2.collectors.datafile.tasks.ScheduledTasks; @@ -42,7 +42,7 @@ import reactor.core.publisher.Mono; * REST Controller to check the heart beat and status of the DFC. */ @RestController -@Api(value = "StatusController") +@Tag(name = "StatusController") public class StatusController { private static final Logger logger = LoggerFactory.getLogger(StatusController.class); @@ -60,7 +60,7 @@ public class StatusController { * @return the heart beat status of DFC. */ @GetMapping("/heartbeat") - @ApiOperation(value = "Returns liveness of DATAFILE service") + @Operation(summary = "Returns liveness of DATAFILE service") @ApiResponses( value = { // @ApiResponse(code = 200, message = "DATAFILE service is living"), @@ -85,7 +85,7 @@ public class StatusController { * @return information. */ @GetMapping("/status") - @ApiOperation(value = "Returns status and statistics of DATAFILE service") + @Operation(summary = "Returns status and statistics of DATAFILE service") @ApiResponses( value = { // @ApiResponse(code = 200, message = "DATAFILE service is living"), @@ -101,5 +101,4 @@ public class StatusController { logger.info(EXIT, "Status request"); return response; } - } -- cgit 1.2.3-korg