From 6a00e38550fd1745c3377da2099bf5a615f69053 Mon Sep 17 00:00:00 2001 From: Filip Krzywka Date: Tue, 2 Apr 2019 13:01:07 +0200 Subject: Allow reuse of security passwords - moved logic of creating passwords into Validator Change-Id: Ieabab24734250bfacea96eff2b7102465ff8ed57 Issue-ID: DCAEGEN2-1380 Signed-off-by: Filip Krzywka --- .../veshv/config/impl/ConfigurationValidator.kt | 14 +++++++++++-- .../impl/gsonadapters/DurationOfSecondsAdapter.kt | 2 +- .../config/impl/gsonadapters/SecurityAdapter.kt | 23 ++++++++-------------- .../veshv/config/impl/partial_configuration.kt | 5 ++--- 4 files changed, 23 insertions(+), 21 deletions(-) (limited to 'sources/hv-collector-configuration/src/main/kotlin/org/onap') diff --git a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidator.kt b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidator.kt index ead5655a..407fd745 100644 --- a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidator.kt +++ b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/ConfigurationValidator.kt @@ -29,6 +29,7 @@ import org.onap.dcae.collectors.veshv.config.api.model.HvVesConfiguration import org.onap.dcae.collectors.veshv.config.api.model.ServerConfiguration import org.onap.dcae.collectors.veshv.config.api.model.ValidationException import org.onap.dcae.collectors.veshv.ssl.boundary.SecurityConfiguration +import org.onap.dcae.collectors.veshv.ssl.boundary.SecurityKeysPaths import org.onap.dcae.collectors.veshv.utils.arrow.OptionUtils.binding import org.onap.dcae.collectors.veshv.utils.arrow.mapBinding import org.onap.dcae.collectors.veshv.utils.arrow.doOnEmpty @@ -54,7 +55,9 @@ internal class ConfigurationValidator { .doOnEmpty { logger.debug { "Cannot bind cbs configuration" } } .bind() - val securityConfiguration = SecurityConfiguration(partialConfig.security.bind().keys) + val securityConfiguration = validatedSecurityConfiguration(partialConfig) + .doOnEmpty { logger.debug { "Cannot bind security configuration" } } + .bind() val collectorConfiguration = validatedCollectorConfig(partialConfig) .doOnEmpty { logger.debug { "Cannot bind collector configuration" } } @@ -91,7 +94,7 @@ internal class ConfigurationValidator { } } - fun validatedCbsConfiguration(partial: PartialConfiguration) = + internal fun validatedCbsConfiguration(partial: PartialConfiguration) = partial.mapBinding { it.cbs.bind().let { CbsConfiguration( @@ -101,6 +104,13 @@ internal class ConfigurationValidator { } } + private fun validatedSecurityConfiguration(partial: PartialConfiguration) = + partial.mapBinding { + it.security.bind().let { + SecurityConfiguration(it.keys.map(SecurityKeysPaths::asImmutableSecurityKeys)) + } + } + private fun validatedCollectorConfig(partial: PartialConfiguration) = partial.mapBinding { partial.collector.bind().let { diff --git a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/DurationOfSecondsAdapter.kt b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/DurationOfSecondsAdapter.kt index 99da1102..3bde7089 100644 --- a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/DurationOfSecondsAdapter.kt +++ b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/DurationOfSecondsAdapter.kt @@ -29,7 +29,7 @@ import java.time.Duration * @author Pawel Biniek * @since March 2019 */ -class DurationOfSecondsAdapter : JsonDeserializer { +internal class DurationOfSecondsAdapter : JsonDeserializer { override fun deserialize(json: JsonElement, typeOfT: Type, context: JsonDeserializationContext) = Duration.ofSeconds(json.asLong) diff --git a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/SecurityAdapter.kt b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/SecurityAdapter.kt index 859fd700..bc8cf51c 100644 --- a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/SecurityAdapter.kt +++ b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/gsonadapters/SecurityAdapter.kt @@ -25,10 +25,7 @@ import com.google.gson.JsonDeserializer import com.google.gson.JsonElement import com.google.gson.JsonObject import org.onap.dcae.collectors.veshv.config.impl.PartialSecurityConfig -import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeys -import org.onap.dcaegen2.services.sdk.security.ssl.ImmutableSecurityKeysStore -import org.onap.dcaegen2.services.sdk.security.ssl.Passwords -import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys +import org.onap.dcae.collectors.veshv.ssl.boundary.SecurityKeysPaths import java.io.File import java.lang.reflect.Type @@ -50,18 +47,14 @@ internal class SecurityAdapter : JsonDeserializer { private fun hasSslDisableSet(security: JsonObject) = security.has(SSL_DISABLE_KEY) && security[SSL_DISABLE_KEY].asBoolean - private fun JsonObject.securityKeys(f: (JsonObject) -> SecurityKeys) = f(getAsJsonObject(KEYS_OBJECT_KEY)) + private fun JsonObject.securityKeys(f: (JsonObject) -> SecurityKeysPaths) = f(getAsJsonObject(KEYS_OBJECT_KEY)) - private fun asImmutableSecurityKeys(keys: JsonObject) = ImmutableSecurityKeys.builder() - .keyStore(ImmutableSecurityKeysStore.of( - File(keys[KEY_STORE_FILE_KEY].asString).toPath())) - .keyStorePassword( - Passwords.fromString(keys[KEY_STORE_PASSWORD_KEY].asString)) - .trustStore(ImmutableSecurityKeysStore.of( - File(keys[TRUST_STORE_FILE_KEY].asString).toPath())) - .trustStorePassword( - Passwords.fromString(keys[TRUST_STORE_PASSWORD_KEY].asString)) - .build() + private fun asImmutableSecurityKeys(keys: JsonObject) = SecurityKeysPaths( + File(keys[KEY_STORE_FILE_KEY].asString).toPath(), + keys[KEY_STORE_PASSWORD_KEY].asString, + File(keys[TRUST_STORE_FILE_KEY].asString).toPath(), + keys[TRUST_STORE_PASSWORD_KEY].asString + ) companion object { private val SSL_DISABLE_KEY = "sslDisable" diff --git a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/partial_configuration.kt b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/partial_configuration.kt index b4e1bf6b..82cf533a 100644 --- a/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/partial_configuration.kt +++ b/sources/hv-collector-configuration/src/main/kotlin/org/onap/dcae/collectors/veshv/config/impl/partial_configuration.kt @@ -22,9 +22,8 @@ package org.onap.dcae.collectors.veshv.config.impl import arrow.core.None import arrow.core.Option import org.onap.dcae.collectors.veshv.config.api.model.Routing +import org.onap.dcae.collectors.veshv.ssl.boundary.SecurityKeysPaths import org.onap.dcae.collectors.veshv.utils.logging.LogLevel -import org.onap.dcaegen2.services.sdk.security.ssl.SecurityKeys -import java.net.InetSocketAddress import java.time.Duration /** @@ -50,7 +49,7 @@ internal data class PartialCbsConfig( val requestIntervalSec: Option = None ) -internal data class PartialSecurityConfig(val keys: Option = None) +internal data class PartialSecurityConfig(val keys: Option = None) internal data class PartialCollectorConfig( val routing: Option = None -- cgit 1.2.3-korg