summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZlatko Murgoski <zlatko.murgoski@nokia.com>2019-08-21 11:14:04 +0200
committerpawel <pawel.kasperkiewicz@nokia.com>2019-09-11 15:08:14 +0200
commit124e11e9e7ea4652f8a538093ab48df9f575ce2a (patch)
tree2a5b23f7f7b54dd0d00a2f74267014d02e74b7aa
parentae83904e17e5e785c4945b15f824df8251a91b8a (diff)
Not Secured healtcheck
https://jira.onap.org/browse/DCAEGEN2-1539 Issue-ID: DCAEGEN2-1539 Change-Id: I55c9387e64a5a6b710785ecbfa695683d821599a Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
-rw-r--r--dpo/blueprint/blueprint_ves.yaml2
-rw-r--r--pom.xml868
-rw-r--r--src/main/java/org/onap/dcae/ApplicationSettings.java1
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java49
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/CertAuth.java4
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java4
-rw-r--r--src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java54
-rw-r--r--src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java44
-rw-r--r--src/main/java/org/onap/dcae/restapi/SwaggerConfig.java2
-rw-r--r--src/main/java/org/onap/dcae/restapi/WebMvcConfig.java4
-rw-r--r--src/test/java/org/onap/dcae/TLSTest.java5
-rw-r--r--src/test/java/org/onap/dcae/TLSTestBase.java19
-rw-r--r--src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java253
13 files changed, 710 insertions, 599 deletions
diff --git a/dpo/blueprint/blueprint_ves.yaml b/dpo/blueprint/blueprint_ves.yaml
index 43158f1c..f373acfe 100644
--- a/dpo/blueprint/blueprint_ves.yaml
+++ b/dpo/blueprint/blueprint_ves.yaml
@@ -242,7 +242,7 @@ node_templates:
docker_config:
interval: 15s
timeout: 1s
- type: https
+ type: http
endpoint: /healthcheck
image:
get_input: tag_version
diff --git a/pom.xml b/pom.xml
index 25f51cee..a55da042 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,436 +14,440 @@
============LICENSE_END=========================================================
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.onap.oparent</groupId>
- <artifactId>oparent</artifactId>
- <version>2.0.0</version>
- <relativePath />
- </parent>
- <groupId>org.onap.dcaegen2.collectors.ves</groupId>
- <artifactId>VESCollector</artifactId>
- <version>1.5.1-SNAPSHOT</version>
- <name>dcaegen2-collectors-ves</name>
- <description>VESCollector</description>
- <properties>
- <!-- PROJECT SETTINGS -->
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- <java.version>8</java.version>
- <docker.image.name>onap/org.onap.dcaegen2.collectors.ves.vescollector</docker.image.name>
- <!-- TEST SETTINGS -->
- <surefire.redirectTestOutputToFile>true</surefire.redirectTestOutputToFile>
- <!-- PLUGIN SETTINGS -->
- <dependency.locations.enabled>false</dependency.locations.enabled>
- <!-- NEXUS RELATED SETTINGS -->
- <nexusproxy>https://nexus.onap.org</nexusproxy>
- <snapshots.path>content/repositories/snapshots/</snapshots.path>
- <releases.path>content/repositories/releases/</releases.path>
- <site.path>content/sites/site/org/onap/dcaegen2/collectors/ves/${project.artifactId}/${project.version}</site.path>
- <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
- <onap.nexus.dockerregistry.daily>nexus3.onap.org:10003</onap.nexus.dockerregistry.daily>
- </properties>
- <build>
- <pluginManagement>
- <plugins>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- </plugin>
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <version>3.1.0</version>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>3.0.1</version>
- </plugin>
- <plugin>
- <artifactId>maven-project-info-reports-plugin</artifactId>
- <version>2.9</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>3.0.0-M1</version>
- </plugin>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <version>1.2.0</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-enforcer-plugin</artifactId>
- <configuration>
- <skip>true</skip>
- </configuration>
- </plugin>
- </plugins>
- </pluginManagement>
- <plugins>
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <configuration>
- <descriptors>
- <descriptor>src/assembly/dep.xml</descriptor>
- </descriptors>
- <attach>false</attach>
- <appendAssemblyId>false</appendAssemblyId>
- <updateOnly>true</updateOnly>
- </configuration>
- <executions>
- <execution>
- <id>make-assembly</id>
- <phase>package</phase>
- <goals>
- <goal>single</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- <executions>
- <execution>
- <goals>
- <goal>repackage</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <configuration>
- <quiet>true</quiet>
- <verbose>false</verbose>
- <useStandardDocletOptions>false</useStandardDocletOptions>
- </configuration>
- <executions>
- <execution>
- <id>aggregate</id>
- <phase>site</phase>
- <goals>
- <goal>aggregate</goal>
- </goals>
- </execution>
- <execution>
- <id>attach-javadoc</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <configuration>
- <serverId>${onap.nexus.dockerregistry.daily}</serverId>
- <imageName>${onap.nexus.dockerregistry.daily}/${docker.image.name}</imageName>
- <imageTags>
- <imageTag>${project.version}-${maven.build.timestamp}Z</imageTag>
- <imageTag>${project.version}</imageTag>
- <imageTag>latest</imageTag>
- </imageTags>
- <baseImage>openjdk:8-jre-slim</baseImage>
- <user>vescollector</user>
- <env>
- <HOSTALIASES>/etc/host.aliases</HOSTALIASES>
- </env>
- <workdir>/opt/app/VESCollector</workdir>
- <resources>
- <resource>
- <targetPath>.</targetPath>
- <directory>${project.build.directory}/${project.artifactId}-${project.version}</directory>
- </resource>
- </resources>
- <runs>
- <run>useradd -r -U vescollector</run>
- <run>chown -R vescollector:vescollector /opt/app</run>
- <!-- Maven is loosing file permissions during artifacts copy -->
- <run>chmod +x bin/*.sh</run>
- <run><![CDATA[apt-get update && apt-get install -y --no-install-recommends procps && apt-get install -y vim && apt-get install -y curl && apt-get clean all]]></run>
- </runs>
- <exposes>
- <expose>8080</expose>
- <expose>8443</expose>
- </exposes>
- <cmd>bin/docker-entry.sh</cmd>
- </configuration>
- <!--<executions>
- <execution>
- <id>build-image</id>
- <phase>package</phase>
- <goals>
- <goal>deploy</goal>
- </goals>
- </execution>
- <execution>
- <id>tag-and-push-image-latest</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:latest</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- <execution>
- <id>tag-and-push-image-with-version</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- <execution>
- <id>tag-and-push-image-with-version-and-date</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}-${maven.build.timestamp}Z</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- </executions> -->
- </plugin>
- </plugins>
- </build>
- <profiles>
- <profile>
- <id>with-system-proxy</id>
- <build>
- <plugins>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <configuration>
- <buildArgs>
- <http_proxy>${env.http_proxy}</http_proxy>
- </buildArgs>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- </profiles>
- <reporting>
- <plugins>
- <plugin>
- <artifactId>maven-project-info-reports-plugin</artifactId>
- <reportSets>
- <reportSet>
- <reports>
- <report>dependencies</report>
- <report>license</report>
- </reports>
- </reportSet>
- </reportSets>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <configuration>
- <failOnError>false</failOnError>
- <doclet>org.umlgraph.doclet.UmlGraphDoc</doclet>
- <docletArtifact>
- <groupId>org.umlgraph</groupId>
- <artifactId>umlgraph</artifactId>
- <version>5.6</version>
- </docletArtifact>
- <additionalparam>-views</additionalparam>
- <useStandardDocletOptions>true</useStandardDocletOptions>
- </configuration>
- </plugin>
- </plugins>
- </reporting>
- <dependencyManagement>
- <dependencies>
- <dependency>
- <!-- Import dependency management from Spring Boot -->
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-dependencies</artifactId>
- <version>2.1.0.RELEASE</version>
- <type>pom</type>
- <scope>import</scope>
- </dependency>
- </dependencies>
- </dependencyManagement>
- <dependencies>
- <!-- JSON RELATED -->
- <dependency>
- <groupId>com.googlecode.json-simple</groupId>
- <artifactId>json-simple</artifactId>
- <version>1.1.1</version>
- </dependency>
- <dependency>
- <groupId>com.github.fge</groupId>
- <artifactId>json-schema-validator</artifactId>
- <version>2.2.6</version>
- </dependency>
- <dependency>
- <groupId>com.github.fge</groupId>
- <artifactId>json-schema-core</artifactId>
- <version>1.2.5</version>
- </dependency>
- <dependency>
- <groupId>com.google.code.gson</groupId>
- <artifactId>gson</artifactId>
- <version>2.8.5</version>
- </dependency>
- <dependency>
- <groupId>org.json</groupId>
- <artifactId>json</artifactId>
- <version>20160810</version>
- </dependency>
- <!-- REST API RELATED -->
- <dependency>
- <groupId>com.att.nsa</groupId>
- <artifactId>cambriaClient</artifactId>
- <version>0.0.1</version>
- </dependency>
- <dependency>
- <groupId>com.mashape.unirest</groupId>
- <artifactId>unirest-java</artifactId>
- <version>1.4.9</version>
- </dependency>
- <!-- MISCELLANEOUS -->
- <dependency>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- <version>3.2.2</version>
- </dependency>
- <dependency>
- <groupId>commons-configuration</groupId>
- <artifactId>commons-configuration</artifactId>
- <version>1.10</version>
- </dependency>
- <dependency>
- <groupId>io.vavr</groupId>
- <artifactId>vavr</artifactId>
- <version>0.9.2</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-web</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-logging</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-log4j2</artifactId>
- <version>2.1.5.RELEASE</version>
- </dependency>
- <dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox-swagger2</artifactId>
- <version>2.8.0</version>
- </dependency>
- <dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox-swagger-ui</artifactId>
- <version>2.8.0</version>
- <scope>compile</scope>
- </dependency>
- <!-- TESTING -->
- <dependency>
- <groupId>org.junit.jupiter</groupId>
- <artifactId>junit-jupiter-api</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.junit.jupiter</groupId>
- <artifactId>junit-jupiter-engine</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.junit.vintage</groupId>
- <artifactId>junit-vintage-engine</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-junit-jupiter</artifactId>
- <version>2.23.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.assertj</groupId>
- <artifactId>assertj-core</artifactId>
- <version>3.8.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.google.jimfs</groupId>
- <artifactId>jimfs</artifactId>
- <version>1.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.github.tomakehurst</groupId>
- <artifactId>wiremock-standalone</artifactId>
- <version>2.17.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-test</artifactId>
- <version>5.1.1.RELEASE</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-test</artifactId>
- <version>2.1.0.RELEASE</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.onap.dcaegen2.services.sdk.security.crypt</groupId>
- <artifactId>crypt-password</artifactId>
- <version>1.1.6</version>
- </dependency>
- <dependency>
- <groupId>org.onap.dcaegen2.services.sdk.standardization</groupId>
- <artifactId>api-custom-header</artifactId>
- <version>1.1.4</version>
- </dependency>
- </dependencies>
- <repositories>
- <repository>
- <id>external-repository</id>
- <url>https://oss.sonatype.org/content/repositories</url>
- </repository>
- </repositories>
- <pluginRepositories>
- <!-- Black Duck plugin dependencies -->
- <pluginRepository>
- <id>JCenter</id>
- <name>JCenter Repository</name>
- <url>http://jcenter.bintray.com</url>
- </pluginRepository>
- <pluginRepository>
- <id>Restlet</id>
- <name>Restlet Repository</name>
- <url>http://maven.restlet.com</url>
- </pluginRepository>
- </pluginRepositories>
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.onap.oparent</groupId>
+ <artifactId>oparent</artifactId>
+ <version>2.0.0</version>
+ <relativePath/>
+ </parent>
+ <groupId>org.onap.dcaegen2.collectors.ves</groupId>
+ <artifactId>VESCollector</artifactId>
+ <version>1.5.1-SNAPSHOT</version>
+ <name>dcaegen2-collectors-ves</name>
+ <description>VESCollector</description>
+ <properties>
+ <!-- PROJECT SETTINGS -->
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+ <java.version>8</java.version>
+ <docker.image.name>onap/org.onap.dcaegen2.collectors.ves.vescollector</docker.image.name>
+ <!-- TEST SETTINGS -->
+ <surefire.redirectTestOutputToFile>true</surefire.redirectTestOutputToFile>
+ <!-- PLUGIN SETTINGS -->
+ <dependency.locations.enabled>false</dependency.locations.enabled>
+ <!-- NEXUS RELATED SETTINGS -->
+ <nexusproxy>https://nexus.onap.org</nexusproxy>
+ <snapshots.path>content/repositories/snapshots/</snapshots.path>
+ <releases.path>content/repositories/releases/</releases.path>
+ <site.path>content/sites/site/org/onap/dcaegen2/collectors/ves/${project.artifactId}/${project.version}</site.path>
+ <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
+ <onap.nexus.dockerregistry.daily>nexus3.onap.org:10003</onap.nexus.dockerregistry.daily>
+ </properties>
+ <build>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>3.1.0</version>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>3.0.1</version>
+ </plugin>
+ <plugin>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <version>2.9</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>3.0.0-M1</version>
+ </plugin>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <version>1.2.0</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <configuration>
+ <descriptors>
+ <descriptor>src/assembly/dep.xml</descriptor>
+ </descriptors>
+ <attach>false</attach>
+ <appendAssemblyId>false</appendAssemblyId>
+ <updateOnly>true</updateOnly>
+ </configuration>
+ <executions>
+ <execution>
+ <id>make-assembly</id>
+ <phase>package</phase>
+ <goals>
+ <goal>single</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>repackage</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <quiet>true</quiet>
+ <verbose>false</verbose>
+ <useStandardDocletOptions>false</useStandardDocletOptions>
+ </configuration>
+ <executions>
+ <execution>
+ <id>aggregate</id>
+ <phase>site</phase>
+ <goals>
+ <goal>aggregate</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>attach-javadoc</id>
+ <goals>
+ <goal>jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <configuration>
+ <serverId>${onap.nexus.dockerregistry.daily}</serverId>
+ <imageName>${onap.nexus.dockerregistry.daily}/${docker.image.name}</imageName>
+ <imageTags>
+ <imageTag>${project.version}-${maven.build.timestamp}Z</imageTag>
+ <imageTag>${project.version}</imageTag>
+ <imageTag>latest</imageTag>
+ </imageTags>
+ <baseImage>openjdk:8-jre-slim</baseImage>
+ <user>vescollector</user>
+ <env>
+ <HOSTALIASES>/etc/host.aliases</HOSTALIASES>
+ </env>
+ <workdir>/opt/app/VESCollector</workdir>
+ <resources>
+ <resource>
+ <targetPath>.</targetPath>
+ <directory>${project.build.directory}/${project.artifactId}-${project.version}</directory>
+ </resource>
+ </resources>
+ <runs>
+ <run>useradd -r -U vescollector</run>
+ <run>chown -R vescollector:vescollector /opt/app</run>
+ <run>mkdir /opt/app/VESCollector/logs</run>
+ <run>chown -R vescollector:vescollector /opt/app/VESCollector/logs</run>
+ <run>chown -R vescollector:vescollector /opt/app/VESCollector/etc</run>
+ <!-- Maven is loosing file permissions during artifacts copy -->
+ <run>chmod +x bin/*.sh</run>
+ <run>
+ <![CDATA[apt-get update && apt-get install -y --no-install-recommends procps && apt-get install -y vim && apt-get install -y curl && apt-get clean all]]></run>
+ </runs>
+ <exposes>
+ <expose>8080</expose>
+ <expose>8443</expose>
+ </exposes>
+ <cmd>bin/docker-entry.sh</cmd>
+ </configuration>
+ <!--<executions>
+ <execution>
+ <id>build-image</id>
+ <phase>package</phase>
+ <goals>
+ <goal>deploy</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-latest</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:latest</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-with-version</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-with-version-and-date</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}-${maven.build.timestamp}Z</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ </executions> -->
+ </plugin>
+ </plugins>
+ </build>
+ <profiles>
+ <profile>
+ <id>with-system-proxy</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <configuration>
+ <buildArgs>
+ <http_proxy>${env.http_proxy}</http_proxy>
+ </buildArgs>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+ <reporting>
+ <plugins>
+ <plugin>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>dependencies</report>
+ <report>license</report>
+ </reports>
+ </reportSet>
+ </reportSets>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <failOnError>false</failOnError>
+ <doclet>org.umlgraph.doclet.UmlGraphDoc</doclet>
+ <docletArtifact>
+ <groupId>org.umlgraph</groupId>
+ <artifactId>umlgraph</artifactId>
+ <version>5.6</version>
+ </docletArtifact>
+ <additionalparam>-views</additionalparam>
+ <useStandardDocletOptions>true</useStandardDocletOptions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </reporting>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <!-- Import dependency management from Spring Boot -->
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-dependencies</artifactId>
+ <version>2.1.0.RELEASE</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ <dependencies>
+ <!-- JSON RELATED -->
+ <dependency>
+ <groupId>com.googlecode.json-simple</groupId>
+ <artifactId>json-simple</artifactId>
+ <version>1.1.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.github.fge</groupId>
+ <artifactId>json-schema-validator</artifactId>
+ <version>2.2.6</version>
+ </dependency>
+ <dependency>
+ <groupId>com.github.fge</groupId>
+ <artifactId>json-schema-core</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>com.google.code.gson</groupId>
+ <artifactId>gson</artifactId>
+ <version>2.8.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ <version>20160810</version>
+ </dependency>
+ <!-- REST API RELATED -->
+ <dependency>
+ <groupId>com.att.nsa</groupId>
+ <artifactId>cambriaClient</artifactId>
+ <version>0.0.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.mashape.unirest</groupId>
+ <artifactId>unirest-java</artifactId>
+ <version>1.4.9</version>
+ </dependency>
+ <!-- MISCELLANEOUS -->
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.2</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-configuration</groupId>
+ <artifactId>commons-configuration</artifactId>
+ <version>1.10</version>
+ </dependency>
+ <dependency>
+ <groupId>io.vavr</groupId>
+ <artifactId>vavr</artifactId>
+ <version>0.9.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-log4j2</artifactId>
+ <version>2.1.5.RELEASE</version>
+ </dependency>
+ <dependency>
+ <groupId>io.springfox</groupId>
+ <artifactId>springfox-swagger2</artifactId>
+ <version>2.8.0</version>
+ </dependency>
+ <dependency>
+ <groupId>io.springfox</groupId>
+ <artifactId>springfox-swagger-ui</artifactId>
+ <version>2.8.0</version>
+ <scope>compile</scope>
+ </dependency>
+ <!-- TESTING -->
+ <dependency>
+ <groupId>org.junit.jupiter</groupId>
+ <artifactId>junit-jupiter-api</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.junit.jupiter</groupId>
+ <artifactId>junit-jupiter-engine</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.junit.vintage</groupId>
+ <artifactId>junit-vintage-engine</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-junit-jupiter</artifactId>
+ <version>2.23.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.assertj</groupId>
+ <artifactId>assertj-core</artifactId>
+ <version>3.8.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.google.jimfs</groupId>
+ <artifactId>jimfs</artifactId>
+ <version>1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.github.tomakehurst</groupId>
+ <artifactId>wiremock-standalone</artifactId>
+ <version>2.17.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-test</artifactId>
+ <version>5.1.1.RELEASE</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>2.1.0.RELEASE</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.dcaegen2.services.sdk.security.crypt</groupId>
+ <artifactId>crypt-password</artifactId>
+ <version>1.1.6</version>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.dcaegen2.services.sdk.standardization</groupId>
+ <artifactId>api-custom-header</artifactId>
+ <version>1.1.4</version>
+ </dependency>
+ </dependencies>
+ <repositories>
+ <repository>
+ <id>external-repository</id>
+ <url>https://oss.sonatype.org/content/repositories</url>
+ </repository>
+ </repositories>
+ <pluginRepositories>
+ <!-- Black Duck plugin dependencies -->
+ <pluginRepository>
+ <id>JCenter</id>
+ <name>JCenter Repository</name>
+ <url>http://jcenter.bintray.com</url>
+ </pluginRepository>
+ <pluginRepository>
+ <id>Restlet</id>
+ <name>Restlet Repository</name>
+ <url>http://maven.restlet.com</url>
+ </pluginRepository>
+ </pluginRepositories>
</project>
diff --git a/src/main/java/org/onap/dcae/ApplicationSettings.java b/src/main/java/org/onap/dcae/ApplicationSettings.java
index 205659c4..5164f878 100644
--- a/src/main/java/org/onap/dcae/ApplicationSettings.java
+++ b/src/main/java/org/onap/dcae/ApplicationSettings.java
@@ -74,7 +74,6 @@ public class ApplicationSettings {
loadedJsonSchemas = loadJsonSchemas();
}
-
public void reloadProperties() {
try {
properties.load(configurationFileLocation);
diff --git a/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java b/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java
new file mode 100644
index 00000000..52e3a6de
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java
@@ -0,0 +1,49 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * org.onap.dcaegen2.collectors.ves
+ * ================================================================================
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.onap.dcae.ApplicationSettings;
+import org.onap.dcae.restapi.ApiAuthInterceptor;
+import org.slf4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+@EnableWebMvc
+public class ApiConfiguration implements WebMvcConfigurer {
+
+ private final ApplicationSettings applicationSettings;
+ private Logger errorLogger;
+
+ @Autowired
+ ApiConfiguration(ApplicationSettings applicationSettings, Logger errorLogger) {
+ this.applicationSettings = applicationSettings;
+ this.errorLogger = errorLogger;
+ }
+
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+ registry.addInterceptor(new ApiAuthInterceptor(applicationSettings, errorLogger));
+ }
+}
diff --git a/src/main/java/org/onap/dcae/common/configuration/CertAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java
index 6bd924c3..53031142 100644
--- a/src/main/java/org/onap/dcae/common/configuration/CertAuth.java
+++ b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java
@@ -3,7 +3,7 @@
* PROJECT
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright (C) 2018 Nokia. All rights reserved.s
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,9 +26,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.server.Ssl.ClientAuth;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
-import org.springframework.context.annotation.Configuration;
-@Configuration
public class CertAuth implements AuthMethod {
private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
diff --git a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
index 38d5ad5b..fa4a1b2d 100644
--- a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
+++ b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java
@@ -3,7 +3,7 @@
* PROJECT
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright (C) 2018 Nokia. All rights reserved.s
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,9 +26,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.web.server.Ssl.ClientAuth;
import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
-import org.springframework.context.annotation.Configuration;
-@Configuration
public class CertBasicAuth implements AuthMethod{
private static final Logger log = LoggerFactory.getLogger(CertAuth.class);
diff --git a/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java b/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java
new file mode 100644
index 00000000..4495f34b
--- /dev/null
+++ b/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java
@@ -0,0 +1,54 @@
+/*
+ * ============LICENSE_START=======================================================
+ * PROJECT
+ * ================================================================================
+ * Copyright (C) 2019 Nokia. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcae.common.configuration;
+
+import org.apache.catalina.connector.Connector;
+import org.onap.dcae.ApplicationSettings;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.servlet.server.ServletWebServerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.stereotype.Component;
+
+@Component
+public class TomcatHttpConfig {
+
+ @Autowired
+ private ApplicationSettings settings;
+
+ @Bean
+ private ServletWebServerFactory servletContainer() {
+
+ TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory();
+ if(!(settings.authMethod().equalsIgnoreCase(AuthMethodType.NO_AUTH.value())) && settings.httpsEnabled()){
+ tomcat.addAdditionalTomcatConnectors(getHttpConnector());
+ }
+ return tomcat;
+ }
+
+ private Connector getHttpConnector() {
+ Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL);
+ connector.setScheme("http");
+ connector.setPort(settings.httpPort());
+ connector.setSecure(false);
+ return connector;
+ }
+}
diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
index 9b387b84..a9281594 100644
--- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
+++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java
@@ -2,7 +2,7 @@
* ============LICENSE_START=======================================================
* org.onap.dcaegen2.collectors.ves
* ================================================================================
- * Copyright (C) 2018 Nokia. All rights reserved.
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -23,11 +23,6 @@ import io.vavr.control.Option;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Base64;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.dcae.ApplicationSettings;
@@ -37,9 +32,10 @@ import org.onap.dcaegen2.services.sdk.security.CryptPassword;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@Component
-public class ApiAuthInterceptor implements Filter {
+public class ApiAuthInterceptor extends HandlerInterceptorAdapter {
private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class);
private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate";
@@ -53,32 +49,33 @@ public class ApiAuthInterceptor implements Filter {
this.errorLogger = errorLogger;
}
-
@Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+ throws IOException {
+
SubjectMatcher subjectMatcher = new SubjectMatcher(settings,(X509Certificate[]) request.getAttribute(CERTIFICATE_X_509));
- if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){
- if( validateCertRequest((HttpServletResponse )response, subjectMatcher)){
- chain.doFilter(request, response);
- return;
+ if(!settings.authMethod().equalsIgnoreCase(AuthMethodType.NO_AUTH.value()) && request.getServerPort() == settings.httpPort() ){
+ if(request.getRequestURI().replaceAll("^/|/$", "").equalsIgnoreCase("healthcheck")){
+ return true;
}
- return;
+ response.getWriter().write("Operation not permitted");
+ response.setStatus(400);
+ return false;
+ }
+
+ if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){
+ return validateCertRequest(response, subjectMatcher);
}
if(isCertSubject(subjectMatcher)){
- chain.doFilter(request, response);
- return;
+ return true;
}
if (isBasicAuth() ) {
- if(validateBasicHeader((HttpServletRequest)request, (HttpServletResponse)response)){
- chain.doFilter(request, response);
- return;
- }
- return;
+ return validateBasicHeader(request, response);
}
- chain.doFilter(request, response);
+ return true;
}
private boolean validateBasicHeader(HttpServletRequest request, HttpServletResponse response)
@@ -110,6 +107,7 @@ public class ApiAuthInterceptor implements Filter {
LOG.info("Cert and subjectDN is valid");
return true;
}
+ LOG.info(String.format(MESSAGE, settings.certSubjectMatcher()));
return false;
}
@@ -129,7 +127,7 @@ public class ApiAuthInterceptor implements Filter {
return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get());
} catch (Exception e) {
LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.",
- authorizationHeader), e);
+ authorizationHeader), e);
return false;
}
}
diff --git a/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java b/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java
index 267db054..03432cf2 100644
--- a/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java
+++ b/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java
@@ -3,6 +3,7 @@
* PROJECT
* ================================================================================
* Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -28,7 +29,6 @@ import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
-@Configuration
@EnableSwagger2
public class SwaggerConfig{
diff --git a/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java b/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java
index c3e2a5de..c8dd7ba4 100644
--- a/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java
+++ b/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java
@@ -3,7 +3,7 @@
* PROJECT
* ================================================================================
* Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- * Copyright (C) 2018 Nokia. All rights reserved.s
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -22,12 +22,10 @@
package org.onap.dcae.restapi;
import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
-@Configuration
public class WebMvcConfig extends WebMvcConfigurationSupport {
@Override
diff --git a/src/test/java/org/onap/dcae/TLSTest.java b/src/test/java/org/onap/dcae/TLSTest.java
index 3cf0a162..49a089cc 100644
--- a/src/test/java/org/onap/dcae/TLSTest.java
+++ b/src/test/java/org/onap/dcae/TLSTest.java
@@ -4,6 +4,7 @@
* ================================================================================
* Copyright (C) 2018 Nokia. All rights reserved.
* Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -102,6 +103,7 @@ public class TLSTest extends TLSTestBase {
@Override
protected void configureSettings(ApplicationSettings settings) {
when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value());
+ when(settings.httpPort()).thenReturn(1111);
}
}
@@ -115,6 +117,7 @@ public class TLSTest extends TLSTestBase {
when(settings.keystorePasswordFileLocation()).thenReturn(KEYSTORE_PASSWORD_FILE.toString());
when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
when(settings.validAuthorizationCredentials()).thenReturn(HashMap.of(USERNAME, "$2a$10$51tDgG2VNLde5E173Ay/YO.Fq.aD.LR2Rp8pY3QAKriOSPswvGviy"));
+ when(settings.httpPort()).thenReturn(1111);
}
}
@@ -126,6 +129,7 @@ public class TLSTest extends TLSTestBase {
when(settings.truststoreFileLocation()).thenReturn(TRUSTSTORE.toString());
when(settings.truststorePasswordFileLocation()).thenReturn(TRUSTSTORE_PASSWORD_FILE.toString());
when(settings.certSubjectMatcher()).thenReturn(CERT_SUBJECT_MATCHER.toString());
+ when(settings.httpPort()).thenReturn(1111);
}
}
@@ -134,6 +138,7 @@ public class TLSTest extends TLSTestBase {
protected void configureSettings(ApplicationSettings settings) {
super.configureSettings(settings);
when(settings.authMethod()).thenReturn(AuthMethodType.CERT_BASIC_AUTH.value());
+ when(settings.httpPort()).thenReturn(1111);
}
}
} \ No newline at end of file
diff --git a/src/test/java/org/onap/dcae/TLSTestBase.java b/src/test/java/org/onap/dcae/TLSTestBase.java
index df10ead9..1eb5728e 100644
--- a/src/test/java/org/onap/dcae/TLSTestBase.java
+++ b/src/test/java/org/onap/dcae/TLSTestBase.java
@@ -4,6 +4,7 @@
* ================================================================================
* Copyright (C) 2018 Nokia. All rights reserved.
* Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -21,12 +22,20 @@
package org.onap.dcae;
-import org.json.JSONObject;
+import static org.onap.dcae.TestingUtilities.configureKeyStore;
+import static org.onap.dcae.TestingUtilities.createRestTemplateWithSsl;
+import static org.onap.dcae.TestingUtilities.readFile;
+import static org.onap.dcae.TestingUtilities.rethrow;
+import static org.onap.dcae.TestingUtilities.sslBuilderWithTrustStore;
+
+import java.nio.file.Path;
+import java.nio.file.Paths;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
import org.onap.dcae.common.EventSender;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.boot.web.server.LocalServerPort;
import org.springframework.context.annotation.Bean;
@@ -37,12 +46,6 @@ import org.springframework.http.client.support.BasicAuthenticationInterceptor;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.web.client.RestTemplate;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.concurrent.LinkedBlockingQueue;
-
-import static org.onap.dcae.TestingUtilities.*;
-
@Configuration
@ExtendWith(SpringExtension.class)
public class TLSTestBase {
@@ -66,7 +69,7 @@ public class TLSTestBase {
protected abstract void configureSettings(final ApplicationSettings settings);
}
- @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+ @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
protected abstract class TestClassBase {
@MockBean
diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
index 4398faad..e6d67cf4 100644
--- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
+++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java
@@ -2,7 +2,7 @@
* ============LICENSE_START=======================================================
* org.onap.dcaegen2.collectors.ves
* ================================================================================
- * Copyright (C) 2018 Nokia. All rights reserved.
+ * Copyright (C) 2018 - 2019 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -20,18 +20,8 @@
package org.onap.dcae.restapi;
-import static org.mockito.Mockito.atLeastOnce;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
import io.vavr.collection.HashMap;
import io.vavr.collection.Map;
-import java.io.IOException;
-import java.io.PrintWriter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
@@ -45,128 +35,143 @@ import org.springframework.http.HttpStatus;
import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
@RunWith(MockitoJUnitRunner.Silent.class)
public class ApiAuthInterceptionTest {
- private static final String USERNAME = "Foo";
- private static final String PASSWORD = "Bar";
- private static final Map<String, String> CREDENTIALS = HashMap.of(USERNAME, PASSWORD);
+ private static final String USERNAME = "Foo";
+ private static final String PASSWORD = "Bar";
+ private static final Map<String, String> CREDENTIALS = HashMap.of(USERNAME, PASSWORD);
- @Mock
- private Logger log;
+ @Mock
+ private Logger log;
- @Mock
- private ApplicationSettings settings;
+ @Mock
+ private ApplicationSettings settings;
- @Mock
- private HttpServletResponse response;
+ @Mock
+ private HttpServletResponse response;
- @Mock
- private FilterChain obj;
+ @Mock
+ private Object obj;
- @Mock
- private PrintWriter writer;
+ @Mock
+ private PrintWriter writer;
- @InjectMocks
- private ApiAuthInterceptor sut;
+ @InjectMocks
+ private ApiAuthInterceptor sut;
- private HttpServletRequest createEmptyRequest() {
- return MockMvcRequestBuilders
+ private HttpServletRequest createEmptyRequest() {
+ return MockMvcRequestBuilders
+ .post("")
+ .buildRequest(null);
+ }
+
+ private HttpServletRequest createRequestWithAuthorizationHeader() {
+ return SecurityMockMvcRequestPostProcessors
+ .httpBasic(USERNAME, PASSWORD)
+ .postProcessRequest(
+ MockMvcRequestBuilders
.post("")
- .buildRequest(null);
- }
-
- private HttpServletRequest createRequestWithAuthorizationHeader() {
- return SecurityMockMvcRequestPostProcessors
- .httpBasic(USERNAME, PASSWORD)
- .postProcessRequest(
- MockMvcRequestBuilders
- .post("")
- .buildRequest(null));
- }
-
- @Test
- public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException, ServletException {
- // given
- final HttpServletRequest request = createEmptyRequest();
-
- when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value());
-
- // when
- sut.doFilter(request, response, obj);
-
- // then
- verify(obj, atLeastOnce()).doFilter(request, response);
- }
-
- @Test
- public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException, ServletException {
- // given
- final HttpServletRequest request = createEmptyRequest();
-
- when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
- when(response.getWriter()).thenReturn(writer);
-
- // when
- sut.doFilter(request, response, obj);
-
- // then
- verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
- verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
- }
-
- @Test
- public void shouldFailDueToBasicAuthenticationUserMissingFromSettings()
- throws IOException, ServletException {
- // given
- final HttpServletRequest request = createRequestWithAuthorizationHeader();
-
- when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
- when(response.getWriter()).thenReturn(writer);
-
- // when
- sut.doFilter(request, response, obj);
-
- // then
- verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
- verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
- }
-
- @Test
- public void shouldSucceed() throws IOException, ServletException {
- // given
- final HttpServletRequest request = createRequestWithAuthorizationHeader();
- when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
- when(settings.validAuthorizationCredentials()).thenReturn(
- HashMap.of(USERNAME, "$2a$10$BsZkEynNm/93wbAeeZuxJeu6IHRyQl4XReqDg2BtYOFDhUsz20.3G"));
- when(response.getWriter()).thenReturn(writer);
-
- // when
- sut.doFilter(request, response, obj);
-
- // then
- verify(obj, atLeastOnce()).doFilter(request, response);
- }
-
- @Test
- public void shouldFailDueToInvalidBasicAuthorizationHeaderValue()
- throws IOException, ServletException {
- // given
- final HttpServletRequest request =
- MockMvcRequestBuilders
- .post("")
- .header(HttpHeaders.AUTHORIZATION, "FooBar")
- .buildRequest(null);
-
- when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
- when(settings.validAuthorizationCredentials()).thenReturn(CREDENTIALS);
- when(response.getWriter()).thenReturn(writer);
-
- // when
- sut.doFilter(request, response, obj);
-
- //then
- verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
- verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
- }
+ .buildRequest(null));
+ }
+
+ @Test
+ public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException {
+ // given
+ final HttpServletRequest request = createEmptyRequest();
+
+ when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value());
+
+ // when
+ final boolean isAuthorized = sut.preHandle(request, response, obj);
+
+ // then
+ assertTrue(isAuthorized);
+ }
+
+ @Test
+ public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException {
+ // given
+ final HttpServletRequest request = createEmptyRequest();
+
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
+ when(response.getWriter()).thenReturn(writer);
+
+ // when
+ final boolean isAuthorized = sut.preHandle(request, response, obj);
+
+
+ // then
+ assertFalse(isAuthorized);
+
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
+ verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
+ }
+
+ @Test
+ public void shouldFailDueToBasicAuthenticationUserMissingFromSettings() throws IOException {
+ // given
+ final HttpServletRequest request = createRequestWithAuthorizationHeader();
+
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
+ when(response.getWriter()).thenReturn(writer);
+
+ // when
+ final boolean isAuthorized = sut.preHandle(request, response, obj);
+
+ // then
+ assertFalse(isAuthorized);
+
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
+ verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
+ }
+
+ @Test
+ public void shouldSucceed() throws IOException {
+ // given
+ final HttpServletRequest request = createRequestWithAuthorizationHeader();
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
+ when(settings.validAuthorizationCredentials()).thenReturn(
+ HashMap.of(USERNAME, "$2a$10$BsZkEynNm/93wbAeeZuxJeu6IHRyQl4XReqDg2BtYOFDhUsz20.3G"));
+ when(response.getWriter()).thenReturn(writer);
+
+ // when
+ final boolean isAuthorized = sut.preHandle(request, response, obj);
+
+ // then
+ assertTrue(isAuthorized);
+ }
+
+ @Test
+ public void shouldFailDueToInvalidBasicAuthorizationHeaderValue() throws IOException {
+ // given
+ final HttpServletRequest request =
+ MockMvcRequestBuilders
+ .post("")
+ .header(HttpHeaders.AUTHORIZATION, "FooBar")
+ .buildRequest(null);
+
+ when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value());
+ when(settings.validAuthorizationCredentials()).thenReturn(CREDENTIALS);
+ when(response.getWriter()).thenReturn(writer);
+
+ // when
+ final boolean isAuthorized = sut.preHandle(request, response, obj);
+
+ // then
+ assertFalse(isAuthorized);
+
+ verify(response).setStatus(HttpStatus.UNAUTHORIZED.value());
+ verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString());
+ }
}