diff options
| author |   Zlatko Murgoski <zlatko.murgoski@nokia.com> | 2019-08-21 11:14:04 +0200 |
|---|---|---|
| committer |   pawel <pawel.kasperkiewicz@nokia.com> | 2019-09-11 15:08:14 +0200 |
| commit | 124e11e9e7ea4652f8a538093ab48df9f575ce2a (patch) | |
| tree | 2a5b23f7f7b54dd0d00a2f74267014d02e74b7aa | |
| parent | ae83904e17e5e785c4945b15f824df8251a91b8a (diff) | |
Not Secured healtcheck
https://jira.onap.org/browse/DCAEGEN2-1539
Issue-ID: DCAEGEN2-1539
Change-Id: I55c9387e64a5a6b710785ecbfa695683d821599a
Signed-off-by: Zlatko Murgoski <zlatko.murgoski@nokia.com>
13 files changed, 710 insertions, 599 deletions
diff --git a/dpo/blueprint/blueprint_ves.yaml b/dpo/blueprint/blueprint_ves.yaml index 43158f1c..f373acfe 100644 --- a/dpo/blueprint/blueprint_ves.yaml +++ b/dpo/blueprint/blueprint_ves.yaml @@ -242,7 +242,7 @@ node_templates: docker_config: interval: 15s timeout: 1s - type: https + type: http endpoint: /healthcheck image: get_input: tag_version @@ -14,436 +14,440 @@ ============LICENSE_END=========================================================
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.onap.oparent</groupId>
- <artifactId>oparent</artifactId>
- <version>2.0.0</version>
- <relativePath />
- </parent>
- <groupId>org.onap.dcaegen2.collectors.ves</groupId>
- <artifactId>VESCollector</artifactId>
- <version>1.5.1-SNAPSHOT</version>
- <name>dcaegen2-collectors-ves</name>
- <description>VESCollector</description>
- <properties>
- <!-- PROJECT SETTINGS -->
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- <java.version>8</java.version>
- <docker.image.name>onap/org.onap.dcaegen2.collectors.ves.vescollector</docker.image.name>
- <!-- TEST SETTINGS -->
- <surefire.redirectTestOutputToFile>true</surefire.redirectTestOutputToFile>
- <!-- PLUGIN SETTINGS -->
- <dependency.locations.enabled>false</dependency.locations.enabled>
- <!-- NEXUS RELATED SETTINGS -->
- <nexusproxy>https://nexus.onap.org</nexusproxy>
- <snapshots.path>content/repositories/snapshots/</snapshots.path>
- <releases.path>content/repositories/releases/</releases.path>
- <site.path>content/sites/site/org/onap/dcaegen2/collectors/ves/${project.artifactId}/${project.version}</site.path>
- <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
- <onap.nexus.dockerregistry.daily>nexus3.onap.org:10003</onap.nexus.dockerregistry.daily>
- </properties>
- <build>
- <pluginManagement>
- <plugins>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- </plugin>
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <version>3.1.0</version>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>3.0.1</version>
- </plugin>
- <plugin>
- <artifactId>maven-project-info-reports-plugin</artifactId>
- <version>2.9</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>3.0.0-M1</version>
- </plugin>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <version>1.2.0</version>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-enforcer-plugin</artifactId>
- <configuration>
- <skip>true</skip>
- </configuration>
- </plugin>
- </plugins>
- </pluginManagement>
- <plugins>
- <plugin>
- <artifactId>maven-assembly-plugin</artifactId>
- <configuration>
- <descriptors>
- <descriptor>src/assembly/dep.xml</descriptor>
- </descriptors>
- <attach>false</attach>
- <appendAssemblyId>false</appendAssemblyId>
- <updateOnly>true</updateOnly>
- </configuration>
- <executions>
- <execution>
- <id>make-assembly</id>
- <phase>package</phase>
- <goals>
- <goal>single</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- <executions>
- <execution>
- <goals>
- <goal>repackage</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <configuration>
- <quiet>true</quiet>
- <verbose>false</verbose>
- <useStandardDocletOptions>false</useStandardDocletOptions>
- </configuration>
- <executions>
- <execution>
- <id>aggregate</id>
- <phase>site</phase>
- <goals>
- <goal>aggregate</goal>
- </goals>
- </execution>
- <execution>
- <id>attach-javadoc</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <configuration>
- <serverId>${onap.nexus.dockerregistry.daily}</serverId>
- <imageName>${onap.nexus.dockerregistry.daily}/${docker.image.name}</imageName>
- <imageTags>
- <imageTag>${project.version}-${maven.build.timestamp}Z</imageTag>
- <imageTag>${project.version}</imageTag>
- <imageTag>latest</imageTag>
- </imageTags>
- <baseImage>openjdk:8-jre-slim</baseImage>
- <user>vescollector</user>
- <env>
- <HOSTALIASES>/etc/host.aliases</HOSTALIASES>
- </env>
- <workdir>/opt/app/VESCollector</workdir>
- <resources>
- <resource>
- <targetPath>.</targetPath>
- <directory>${project.build.directory}/${project.artifactId}-${project.version}</directory>
- </resource>
- </resources>
- <runs>
- <run>useradd -r -U vescollector</run>
- <run>chown -R vescollector:vescollector /opt/app</run>
- <!-- Maven is loosing file permissions during artifacts copy -->
- <run>chmod +x bin/*.sh</run>
- <run><![CDATA[apt-get update && apt-get install -y --no-install-recommends procps && apt-get install -y vim && apt-get install -y curl && apt-get clean all]]></run>
- </runs>
- <exposes>
- <expose>8080</expose>
- <expose>8443</expose>
- </exposes>
- <cmd>bin/docker-entry.sh</cmd>
- </configuration>
- <!--<executions>
- <execution>
- <id>build-image</id>
- <phase>package</phase>
- <goals>
- <goal>deploy</goal>
- </goals>
- </execution>
- <execution>
- <id>tag-and-push-image-latest</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:latest</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- <execution>
- <id>tag-and-push-image-with-version</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- <execution>
- <id>tag-and-push-image-with-version-and-date</id>
- <phase>deploy</phase>
- <goals>
- <goal>tag</goal>
- </goals>
- <configuration>
- <image>${docker.image.name}:latest</image>
- <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}-${maven.build.timestamp}Z</newName>
- <pushImage>true</pushImage>
- </configuration>
- </execution>
- </executions> -->
- </plugin>
- </plugins>
- </build>
- <profiles>
- <profile>
- <id>with-system-proxy</id>
- <build>
- <plugins>
- <plugin>
- <groupId>com.spotify</groupId>
- <artifactId>docker-maven-plugin</artifactId>
- <configuration>
- <buildArgs>
- <http_proxy>${env.http_proxy}</http_proxy>
- </buildArgs>
- </configuration>
- </plugin>
- </plugins>
- </build>
- </profile>
- </profiles>
- <reporting>
- <plugins>
- <plugin>
- <artifactId>maven-project-info-reports-plugin</artifactId>
- <reportSets>
- <reportSet>
- <reports>
- <report>dependencies</report>
- <report>license</report>
- </reports>
- </reportSet>
- </reportSets>
- </plugin>
- <plugin>
- <artifactId>maven-javadoc-plugin</artifactId>
- <configuration>
- <failOnError>false</failOnError>
- <doclet>org.umlgraph.doclet.UmlGraphDoc</doclet>
- <docletArtifact>
- <groupId>org.umlgraph</groupId>
- <artifactId>umlgraph</artifactId>
- <version>5.6</version>
- </docletArtifact>
- <additionalparam>-views</additionalparam>
- <useStandardDocletOptions>true</useStandardDocletOptions>
- </configuration>
- </plugin>
- </plugins>
- </reporting>
- <dependencyManagement>
- <dependencies>
- <dependency>
- <!-- Import dependency management from Spring Boot -->
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-dependencies</artifactId>
- <version>2.1.0.RELEASE</version>
- <type>pom</type>
- <scope>import</scope>
- </dependency>
- </dependencies>
- </dependencyManagement>
- <dependencies>
- <!-- JSON RELATED -->
- <dependency>
- <groupId>com.googlecode.json-simple</groupId>
- <artifactId>json-simple</artifactId>
- <version>1.1.1</version>
- </dependency>
- <dependency>
- <groupId>com.github.fge</groupId>
- <artifactId>json-schema-validator</artifactId>
- <version>2.2.6</version>
- </dependency>
- <dependency>
- <groupId>com.github.fge</groupId>
- <artifactId>json-schema-core</artifactId>
- <version>1.2.5</version>
- </dependency>
- <dependency>
- <groupId>com.google.code.gson</groupId>
- <artifactId>gson</artifactId>
- <version>2.8.5</version>
- </dependency>
- <dependency>
- <groupId>org.json</groupId>
- <artifactId>json</artifactId>
- <version>20160810</version>
- </dependency>
- <!-- REST API RELATED -->
- <dependency>
- <groupId>com.att.nsa</groupId>
- <artifactId>cambriaClient</artifactId>
- <version>0.0.1</version>
- </dependency>
- <dependency>
- <groupId>com.mashape.unirest</groupId>
- <artifactId>unirest-java</artifactId>
- <version>1.4.9</version>
- </dependency>
- <!-- MISCELLANEOUS -->
- <dependency>
- <groupId>commons-collections</groupId>
- <artifactId>commons-collections</artifactId>
- <version>3.2.2</version>
- </dependency>
- <dependency>
- <groupId>commons-configuration</groupId>
- <artifactId>commons-configuration</artifactId>
- <version>1.10</version>
- </dependency>
- <dependency>
- <groupId>io.vavr</groupId>
- <artifactId>vavr</artifactId>
- <version>0.9.2</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-web</artifactId>
- <exclusions>
- <exclusion>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-logging</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-log4j2</artifactId>
- <version>2.1.5.RELEASE</version>
- </dependency>
- <dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox-swagger2</artifactId>
- <version>2.8.0</version>
- </dependency>
- <dependency>
- <groupId>io.springfox</groupId>
- <artifactId>springfox-swagger-ui</artifactId>
- <version>2.8.0</version>
- <scope>compile</scope>
- </dependency>
- <!-- TESTING -->
- <dependency>
- <groupId>org.junit.jupiter</groupId>
- <artifactId>junit-jupiter-api</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.junit.jupiter</groupId>
- <artifactId>junit-jupiter-engine</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.junit.vintage</groupId>
- <artifactId>junit-vintage-engine</artifactId>
- <version>5.3.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-junit-jupiter</artifactId>
- <version>2.23.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.assertj</groupId>
- <artifactId>assertj-core</artifactId>
- <version>3.8.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.google.jimfs</groupId>
- <artifactId>jimfs</artifactId>
- <version>1.1</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>com.github.tomakehurst</groupId>
- <artifactId>wiremock-standalone</artifactId>
- <version>2.17.0</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-test</artifactId>
- <version>5.1.1.RELEASE</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-test</artifactId>
- <version>2.1.0.RELEASE</version>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.onap.dcaegen2.services.sdk.security.crypt</groupId>
- <artifactId>crypt-password</artifactId>
- <version>1.1.6</version>
- </dependency>
- <dependency>
- <groupId>org.onap.dcaegen2.services.sdk.standardization</groupId>
- <artifactId>api-custom-header</artifactId>
- <version>1.1.4</version>
- </dependency>
- </dependencies>
- <repositories>
- <repository>
- <id>external-repository</id>
- <url>https://oss.sonatype.org/content/repositories</url>
- </repository>
- </repositories>
- <pluginRepositories>
- <!-- Black Duck plugin dependencies -->
- <pluginRepository>
- <id>JCenter</id>
- <name>JCenter Repository</name>
- <url>http://jcenter.bintray.com</url>
- </pluginRepository>
- <pluginRepository>
- <id>Restlet</id>
- <name>Restlet Repository</name>
- <url>http://maven.restlet.com</url>
- </pluginRepository>
- </pluginRepositories>
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.onap.oparent</groupId>
+ <artifactId>oparent</artifactId>
+ <version>2.0.0</version>
+ <relativePath/>
+ </parent>
+ <groupId>org.onap.dcaegen2.collectors.ves</groupId>
+ <artifactId>VESCollector</artifactId>
+ <version>1.5.1-SNAPSHOT</version>
+ <name>dcaegen2-collectors-ves</name>
+ <description>VESCollector</description>
+ <properties>
+ <!-- PROJECT SETTINGS -->
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+ <java.version>8</java.version>
+ <docker.image.name>onap/org.onap.dcaegen2.collectors.ves.vescollector</docker.image.name>
+ <!-- TEST SETTINGS -->
+ <surefire.redirectTestOutputToFile>true</surefire.redirectTestOutputToFile>
+ <!-- PLUGIN SETTINGS -->
+ <dependency.locations.enabled>false</dependency.locations.enabled>
+ <!-- NEXUS RELATED SETTINGS -->
+ <nexusproxy>https://nexus.onap.org</nexusproxy>
+ <snapshots.path>content/repositories/snapshots/</snapshots.path>
+ <releases.path>content/repositories/releases/</releases.path>
+ <site.path>content/sites/site/org/onap/dcaegen2/collectors/ves/${project.artifactId}/${project.version}</site.path>
+ <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
+ <onap.nexus.dockerregistry.daily>nexus3.onap.org:10003</onap.nexus.dockerregistry.daily>
+ </properties>
+ <build>
+ <pluginManagement>
+ <plugins>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>3.1.0</version>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>3.0.1</version>
+ </plugin>
+ <plugin>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <version>2.9</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>3.0.0-M1</version>
+ </plugin>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <version>1.2.0</version>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-enforcer-plugin</artifactId>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ <plugins>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <configuration>
+ <descriptors>
+ <descriptor>src/assembly/dep.xml</descriptor>
+ </descriptors>
+ <attach>false</attach>
+ <appendAssemblyId>false</appendAssemblyId>
+ <updateOnly>true</updateOnly>
+ </configuration>
+ <executions>
+ <execution>
+ <id>make-assembly</id>
+ <phase>package</phase>
+ <goals>
+ <goal>single</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-maven-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>repackage</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <quiet>true</quiet>
+ <verbose>false</verbose>
+ <useStandardDocletOptions>false</useStandardDocletOptions>
+ </configuration>
+ <executions>
+ <execution>
+ <id>aggregate</id>
+ <phase>site</phase>
+ <goals>
+ <goal>aggregate</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>attach-javadoc</id>
+ <goals>
+ <goal>jar</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <configuration>
+ <serverId>${onap.nexus.dockerregistry.daily}</serverId>
+ <imageName>${onap.nexus.dockerregistry.daily}/${docker.image.name}</imageName>
+ <imageTags>
+ <imageTag>${project.version}-${maven.build.timestamp}Z</imageTag>
+ <imageTag>${project.version}</imageTag>
+ <imageTag>latest</imageTag>
+ </imageTags>
+ <baseImage>openjdk:8-jre-slim</baseImage>
+ <user>vescollector</user>
+ <env>
+ <HOSTALIASES>/etc/host.aliases</HOSTALIASES>
+ </env>
+ <workdir>/opt/app/VESCollector</workdir>
+ <resources>
+ <resource>
+ <targetPath>.</targetPath>
+ <directory>${project.build.directory}/${project.artifactId}-${project.version}</directory>
+ </resource>
+ </resources>
+ <runs>
+ <run>useradd -r -U vescollector</run>
+ <run>chown -R vescollector:vescollector /opt/app</run>
+ <run>mkdir /opt/app/VESCollector/logs</run>
+ <run>chown -R vescollector:vescollector /opt/app/VESCollector/logs</run>
+ <run>chown -R vescollector:vescollector /opt/app/VESCollector/etc</run>
+ <!-- Maven is loosing file permissions during artifacts copy -->
+ <run>chmod +x bin/*.sh</run>
+ <run>
+ <![CDATA[apt-get update && apt-get install -y --no-install-recommends procps && apt-get install -y vim && apt-get install -y curl && apt-get clean all]]></run>
+ </runs>
+ <exposes>
+ <expose>8080</expose>
+ <expose>8443</expose>
+ </exposes>
+ <cmd>bin/docker-entry.sh</cmd>
+ </configuration>
+ <!--<executions>
+ <execution>
+ <id>build-image</id>
+ <phase>package</phase>
+ <goals>
+ <goal>deploy</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-latest</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:latest</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-with-version</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ <execution>
+ <id>tag-and-push-image-with-version-and-date</id>
+ <phase>deploy</phase>
+ <goals>
+ <goal>tag</goal>
+ </goals>
+ <configuration>
+ <image>${docker.image.name}:latest</image>
+ <newName>${onap.nexus.dockerregistry.daily}/${docker.image.name}:${project.version}-${maven.build.timestamp}Z</newName>
+ <pushImage>true</pushImage>
+ </configuration>
+ </execution>
+ </executions> -->
+ </plugin>
+ </plugins>
+ </build>
+ <profiles>
+ <profile>
+ <id>with-system-proxy</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>com.spotify</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <configuration>
+ <buildArgs>
+ <http_proxy>${env.http_proxy}</http_proxy>
+ </buildArgs>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
+ <reporting>
+ <plugins>
+ <plugin>
+ <artifactId>maven-project-info-reports-plugin</artifactId>
+ <reportSets>
+ <reportSet>
+ <reports>
+ <report>dependencies</report>
+ <report>license</report>
+ </reports>
+ </reportSet>
+ </reportSets>
+ </plugin>
+ <plugin>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <configuration>
+ <failOnError>false</failOnError>
+ <doclet>org.umlgraph.doclet.UmlGraphDoc</doclet>
+ <docletArtifact>
+ <groupId>org.umlgraph</groupId>
+ <artifactId>umlgraph</artifactId>
+ <version>5.6</version>
+ </docletArtifact>
+ <additionalparam>-views</additionalparam>
+ <useStandardDocletOptions>true</useStandardDocletOptions>
+ </configuration>
+ </plugin>
+ </plugins>
+ </reporting>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <!-- Import dependency management from Spring Boot -->
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-dependencies</artifactId>
+ <version>2.1.0.RELEASE</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ <dependencies>
+ <!-- JSON RELATED -->
+ <dependency>
+ <groupId>com.googlecode.json-simple</groupId>
+ <artifactId>json-simple</artifactId>
+ <version>1.1.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.github.fge</groupId>
+ <artifactId>json-schema-validator</artifactId>
+ <version>2.2.6</version>
+ </dependency>
+ <dependency>
+ <groupId>com.github.fge</groupId>
+ <artifactId>json-schema-core</artifactId>
+ <version>1.2.5</version>
+ </dependency>
+ <dependency>
+ <groupId>com.google.code.gson</groupId>
+ <artifactId>gson</artifactId>
+ <version>2.8.5</version>
+ </dependency>
+ <dependency>
+ <groupId>org.json</groupId>
+ <artifactId>json</artifactId>
+ <version>20160810</version>
+ </dependency>
+ <!-- REST API RELATED -->
+ <dependency>
+ <groupId>com.att.nsa</groupId>
+ <artifactId>cambriaClient</artifactId>
+ <version>0.0.1</version>
+ </dependency>
+ <dependency>
+ <groupId>com.mashape.unirest</groupId>
+ <artifactId>unirest-java</artifactId>
+ <version>1.4.9</version>
+ </dependency>
+ <!-- MISCELLANEOUS -->
+ <dependency>
+ <groupId>commons-collections</groupId>
+ <artifactId>commons-collections</artifactId>
+ <version>3.2.2</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-configuration</groupId>
+ <artifactId>commons-configuration</artifactId>
+ <version>1.10</version>
+ </dependency>
+ <dependency>
+ <groupId>io.vavr</groupId>
+ <artifactId>vavr</artifactId>
+ <version>0.9.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-web</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-logging</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-log4j2</artifactId>
+ <version>2.1.5.RELEASE</version>
+ </dependency>
+ <dependency>
+ <groupId>io.springfox</groupId>
+ <artifactId>springfox-swagger2</artifactId>
+ <version>2.8.0</version>
+ </dependency>
+ <dependency>
+ <groupId>io.springfox</groupId>
+ <artifactId>springfox-swagger-ui</artifactId>
+ <version>2.8.0</version>
+ <scope>compile</scope>
+ </dependency>
+ <!-- TESTING -->
+ <dependency>
+ <groupId>org.junit.jupiter</groupId>
+ <artifactId>junit-jupiter-api</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.junit.jupiter</groupId>
+ <artifactId>junit-jupiter-engine</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.junit.vintage</groupId>
+ <artifactId>junit-vintage-engine</artifactId>
+ <version>5.3.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-junit-jupiter</artifactId>
+ <version>2.23.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.assertj</groupId>
+ <artifactId>assertj-core</artifactId>
+ <version>3.8.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.google.jimfs</groupId>
+ <artifactId>jimfs</artifactId>
+ <version>1.1</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.github.tomakehurst</groupId>
+ <artifactId>wiremock-standalone</artifactId>
+ <version>2.17.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-test</artifactId>
+ <version>5.1.1.RELEASE</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-test</artifactId>
+ <version>2.1.0.RELEASE</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.dcaegen2.services.sdk.security.crypt</groupId>
+ <artifactId>crypt-password</artifactId>
+ <version>1.1.6</version>
+ </dependency>
+ <dependency>
+ <groupId>org.onap.dcaegen2.services.sdk.standardization</groupId>
+ <artifactId>api-custom-header</artifactId>
+ <version>1.1.4</version>
+ </dependency>
+ </dependencies>
+ <repositories>
+ <repository>
+ <id>external-repository</id>
+ <url>https://oss.sonatype.org/content/repositories</url>
+ </repository>
+ </repositories>
+ <pluginRepositories>
+ <!-- Black Duck plugin dependencies -->
+ <pluginRepository>
+ <id>JCenter</id>
+ <name>JCenter Repository</name>
+ <url>http://jcenter.bintray.com</url>
+ </pluginRepository>
+ <pluginRepository>
+ <id>Restlet</id>
+ <name>Restlet Repository</name>
+ <url>http://maven.restlet.com</url>
+ </pluginRepository>
+ </pluginRepositories>
</project>
diff --git a/src/main/java/org/onap/dcae/ApplicationSettings.java b/src/main/java/org/onap/dcae/ApplicationSettings.java index 205659c4..5164f878 100644 --- a/src/main/java/org/onap/dcae/ApplicationSettings.java +++ b/src/main/java/org/onap/dcae/ApplicationSettings.java @@ -74,7 +74,6 @@ public class ApplicationSettings { loadedJsonSchemas = loadJsonSchemas(); } - public void reloadProperties() { try { properties.load(configurationFileLocation); diff --git a/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java b/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java new file mode 100644 index 00000000..52e3a6de --- /dev/null +++ b/src/main/java/org/onap/dcae/common/configuration/ApiConfiguration.java @@ -0,0 +1,49 @@ +/*- + * ============LICENSE_START======================================================= + * org.onap.dcaegen2.collectors.ves + * ================================================================================ + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.dcae.common.configuration; + +import org.onap.dcae.ApplicationSettings; +import org.onap.dcae.restapi.ApiAuthInterceptor; +import org.slf4j.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +@EnableWebMvc +public class ApiConfiguration implements WebMvcConfigurer { + + private final ApplicationSettings applicationSettings; + private Logger errorLogger; + + @Autowired + ApiConfiguration(ApplicationSettings applicationSettings, Logger errorLogger) { + this.applicationSettings = applicationSettings; + this.errorLogger = errorLogger; + } + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(new ApiAuthInterceptor(applicationSettings, errorLogger)); + } +} diff --git a/src/main/java/org/onap/dcae/common/configuration/CertAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java index 6bd924c3..53031142 100644 --- a/src/main/java/org/onap/dcae/common/configuration/CertAuth.java +++ b/src/main/java/org/onap/dcae/common/configuration/CertAuth.java @@ -3,7 +3,7 @@ * PROJECT * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * Copyright (C) 2018 Nokia. All rights reserved.s + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,9 +26,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.boot.web.server.Ssl.ClientAuth; import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory; -import org.springframework.context.annotation.Configuration; -@Configuration public class CertAuth implements AuthMethod { private static final Logger log = LoggerFactory.getLogger(CertAuth.class); diff --git a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java index 38d5ad5b..fa4a1b2d 100644 --- a/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java +++ b/src/main/java/org/onap/dcae/common/configuration/CertBasicAuth.java @@ -3,7 +3,7 @@ * PROJECT * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * Copyright (C) 2018 Nokia. All rights reserved.s + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,9 +26,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.boot.web.server.Ssl.ClientAuth; import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory; -import org.springframework.context.annotation.Configuration; -@Configuration public class CertBasicAuth implements AuthMethod{ private static final Logger log = LoggerFactory.getLogger(CertAuth.class); diff --git a/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java b/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java new file mode 100644 index 00000000..4495f34b --- /dev/null +++ b/src/main/java/org/onap/dcae/common/configuration/TomcatHttpConfig.java @@ -0,0 +1,54 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2019 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.dcae.common.configuration; + +import org.apache.catalina.connector.Connector; +import org.onap.dcae.ApplicationSettings; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; +import org.springframework.boot.web.servlet.server.ServletWebServerFactory; +import org.springframework.context.annotation.Bean; +import org.springframework.stereotype.Component; + +@Component +public class TomcatHttpConfig { + + @Autowired + private ApplicationSettings settings; + + @Bean + private ServletWebServerFactory servletContainer() { + + TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); + if(!(settings.authMethod().equalsIgnoreCase(AuthMethodType.NO_AUTH.value())) && settings.httpsEnabled()){ + tomcat.addAdditionalTomcatConnectors(getHttpConnector()); + } + return tomcat; + } + + private Connector getHttpConnector() { + Connector connector = new Connector(TomcatServletWebServerFactory.DEFAULT_PROTOCOL); + connector.setScheme("http"); + connector.setPort(settings.httpPort()); + connector.setSecure(false); + return connector; + } +} diff --git a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java index 9b387b84..a9281594 100644 --- a/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java +++ b/src/main/java/org/onap/dcae/restapi/ApiAuthInterceptor.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * org.onap.dcaegen2.collectors.ves * ================================================================================ - * Copyright (C) 2018 Nokia. All rights reserved. + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,11 +23,6 @@ import io.vavr.control.Option; import java.io.IOException; import java.security.cert.X509Certificate; import java.util.Base64; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.onap.dcae.ApplicationSettings; @@ -37,9 +32,10 @@ import org.onap.dcaegen2.services.sdk.security.CryptPassword; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; +import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; @Component -public class ApiAuthInterceptor implements Filter { +public class ApiAuthInterceptor extends HandlerInterceptorAdapter { private static final Logger LOG = LoggerFactory.getLogger(ApiAuthInterceptor.class); private static final String CERTIFICATE_X_509 = "javax.servlet.request.X509Certificate"; @@ -53,32 +49,33 @@ public class ApiAuthInterceptor implements Filter { this.errorLogger = errorLogger; } - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) + throws IOException { + SubjectMatcher subjectMatcher = new SubjectMatcher(settings,(X509Certificate[]) request.getAttribute(CERTIFICATE_X_509)); - if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){ - if( validateCertRequest((HttpServletResponse )response, subjectMatcher)){ - chain.doFilter(request, response); - return; + if(!settings.authMethod().equalsIgnoreCase(AuthMethodType.NO_AUTH.value()) && request.getServerPort() == settings.httpPort() ){ + if(request.getRequestURI().replaceAll("^/|/$", "").equalsIgnoreCase("healthcheck")){ + return true; } - return; + response.getWriter().write("Operation not permitted"); + response.setStatus(400); + return false; + } + + if(settings.authMethod().equalsIgnoreCase(AuthMethodType.CERT_ONLY.value())){ + return validateCertRequest(response, subjectMatcher); } if(isCertSubject(subjectMatcher)){ - chain.doFilter(request, response); - return; + return true; } if (isBasicAuth() ) { - if(validateBasicHeader((HttpServletRequest)request, (HttpServletResponse)response)){ - chain.doFilter(request, response); - return; - } - return; + return validateBasicHeader(request, response); } - chain.doFilter(request, response); + return true; } private boolean validateBasicHeader(HttpServletRequest request, HttpServletResponse response) @@ -110,6 +107,7 @@ public class ApiAuthInterceptor implements Filter { LOG.info("Cert and subjectDN is valid"); return true; } + LOG.info(String.format(MESSAGE, settings.certSubjectMatcher())); return false; } @@ -129,7 +127,7 @@ public class ApiAuthInterceptor implements Filter { return userRegistered && cryptPassword.matches(providedPassword,maybeSavedPassword.get()); } catch (Exception e) { LOG.warn(String.format("Could not check if user is authorized (header: '%s')), probably malformed header.", - authorizationHeader), e); + authorizationHeader), e); return false; } } diff --git a/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java b/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java index 267db054..03432cf2 100644 --- a/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java +++ b/src/main/java/org/onap/dcae/restapi/SwaggerConfig.java @@ -3,6 +3,7 @@ * PROJECT * ================================================================================ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,7 +29,6 @@ import springfox.documentation.spi.DocumentationType; import springfox.documentation.spring.web.plugins.Docket; import springfox.documentation.swagger2.annotations.EnableSwagger2; -@Configuration @EnableSwagger2 public class SwaggerConfig{ diff --git a/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java b/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java index c3e2a5de..c8dd7ba4 100644 --- a/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java +++ b/src/main/java/org/onap/dcae/restapi/WebMvcConfig.java @@ -3,7 +3,7 @@ * PROJECT * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * Copyright (C) 2018 Nokia. All rights reserved.s + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,12 +22,10 @@ package org.onap.dcae.restapi; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport; import org.springframework.web.servlet.view.InternalResourceViewResolver; -@Configuration public class WebMvcConfig extends WebMvcConfigurationSupport { @Override diff --git a/src/test/java/org/onap/dcae/TLSTest.java b/src/test/java/org/onap/dcae/TLSTest.java index 3cf0a162..49a089cc 100644 --- a/src/test/java/org/onap/dcae/TLSTest.java +++ b/src/test/java/org/onap/dcae/TLSTest.java @@ -4,6 +4,7 @@ * ================================================================================ * Copyright (C) 2018 Nokia. All rights reserved. * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -102,6 +103,7 @@ public class TLSTest extends TLSTestBase { @Override protected void configureSettings(ApplicationSettings settings) { when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value()); + when(settings.httpPort()).thenReturn(1111); } } @@ -115,6 +117,7 @@ public class TLSTest extends TLSTestBase { when(settings.keystorePasswordFileLocation()).thenReturn(KEYSTORE_PASSWORD_FILE.toString()); when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); when(settings.validAuthorizationCredentials()).thenReturn(HashMap.of(USERNAME, "$2a$10$51tDgG2VNLde5E173Ay/YO.Fq.aD.LR2Rp8pY3QAKriOSPswvGviy")); + when(settings.httpPort()).thenReturn(1111); } } @@ -126,6 +129,7 @@ public class TLSTest extends TLSTestBase { when(settings.truststoreFileLocation()).thenReturn(TRUSTSTORE.toString()); when(settings.truststorePasswordFileLocation()).thenReturn(TRUSTSTORE_PASSWORD_FILE.toString()); when(settings.certSubjectMatcher()).thenReturn(CERT_SUBJECT_MATCHER.toString()); + when(settings.httpPort()).thenReturn(1111); } } @@ -134,6 +138,7 @@ public class TLSTest extends TLSTestBase { protected void configureSettings(ApplicationSettings settings) { super.configureSettings(settings); when(settings.authMethod()).thenReturn(AuthMethodType.CERT_BASIC_AUTH.value()); + when(settings.httpPort()).thenReturn(1111); } } }
\ No newline at end of file diff --git a/src/test/java/org/onap/dcae/TLSTestBase.java b/src/test/java/org/onap/dcae/TLSTestBase.java index df10ead9..1eb5728e 100644 --- a/src/test/java/org/onap/dcae/TLSTestBase.java +++ b/src/test/java/org/onap/dcae/TLSTestBase.java @@ -4,6 +4,7 @@ * ================================================================================ * Copyright (C) 2018 Nokia. All rights reserved. * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,12 +22,20 @@ package org.onap.dcae; -import org.json.JSONObject; +import static org.onap.dcae.TestingUtilities.configureKeyStore; +import static org.onap.dcae.TestingUtilities.createRestTemplateWithSsl; +import static org.onap.dcae.TestingUtilities.readFile; +import static org.onap.dcae.TestingUtilities.rethrow; +import static org.onap.dcae.TestingUtilities.sslBuilderWithTrustStore; + +import java.nio.file.Path; +import java.nio.file.Paths; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.Mockito; import org.onap.dcae.common.EventSender; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.context.SpringBootTest.WebEnvironment; import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.boot.web.server.LocalServerPort; import org.springframework.context.annotation.Bean; @@ -37,12 +46,6 @@ import org.springframework.http.client.support.BasicAuthenticationInterceptor; import org.springframework.test.context.junit.jupiter.SpringExtension; import org.springframework.web.client.RestTemplate; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.concurrent.LinkedBlockingQueue; - -import static org.onap.dcae.TestingUtilities.*; - @Configuration @ExtendWith(SpringExtension.class) public class TLSTestBase { @@ -66,7 +69,7 @@ public class TLSTestBase { protected abstract void configureSettings(final ApplicationSettings settings); } - @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) + @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) protected abstract class TestClassBase { @MockBean diff --git a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java index 4398faad..e6d67cf4 100644 --- a/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java +++ b/src/test/java/org/onap/dcae/restapi/ApiAuthInterceptionTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START======================================================= * org.onap.dcaegen2.collectors.ves * ================================================================================ - * Copyright (C) 2018 Nokia. All rights reserved. + * Copyright (C) 2018 - 2019 Nokia. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,18 +20,8 @@ package org.onap.dcae.restapi; -import static org.mockito.Mockito.atLeastOnce; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - import io.vavr.collection.HashMap; import io.vavr.collection.Map; -import java.io.IOException; -import java.io.PrintWriter; -import javax.servlet.FilterChain; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.InjectMocks; @@ -45,128 +35,143 @@ import org.springframework.http.HttpStatus; import org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; + +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + @RunWith(MockitoJUnitRunner.Silent.class) public class ApiAuthInterceptionTest { - private static final String USERNAME = "Foo"; - private static final String PASSWORD = "Bar"; - private static final Map<String, String> CREDENTIALS = HashMap.of(USERNAME, PASSWORD); + private static final String USERNAME = "Foo"; + private static final String PASSWORD = "Bar"; + private static final Map<String, String> CREDENTIALS = HashMap.of(USERNAME, PASSWORD); - @Mock - private Logger log; + @Mock + private Logger log; - @Mock - private ApplicationSettings settings; + @Mock + private ApplicationSettings settings; - @Mock - private HttpServletResponse response; + @Mock + private HttpServletResponse response; - @Mock - private FilterChain obj; + @Mock + private Object obj; - @Mock - private PrintWriter writer; + @Mock + private PrintWriter writer; - @InjectMocks - private ApiAuthInterceptor sut; + @InjectMocks + private ApiAuthInterceptor sut; - private HttpServletRequest createEmptyRequest() { - return MockMvcRequestBuilders + private HttpServletRequest createEmptyRequest() { + return MockMvcRequestBuilders + .post("") + .buildRequest(null); + } + + private HttpServletRequest createRequestWithAuthorizationHeader() { + return SecurityMockMvcRequestPostProcessors + .httpBasic(USERNAME, PASSWORD) + .postProcessRequest( + MockMvcRequestBuilders .post("") - .buildRequest(null); - } - - private HttpServletRequest createRequestWithAuthorizationHeader() { - return SecurityMockMvcRequestPostProcessors - .httpBasic(USERNAME, PASSWORD) - .postProcessRequest( - MockMvcRequestBuilders - .post("") - .buildRequest(null)); - } - - @Test - public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException, ServletException { - // given - final HttpServletRequest request = createEmptyRequest(); - - when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value()); - - // when - sut.doFilter(request, response, obj); - - // then - verify(obj, atLeastOnce()).doFilter(request, response); - } - - @Test - public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException, ServletException { - // given - final HttpServletRequest request = createEmptyRequest(); - - when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); - when(response.getWriter()).thenReturn(writer); - - // when - sut.doFilter(request, response, obj); - - // then - verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); - verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); - } - - @Test - public void shouldFailDueToBasicAuthenticationUserMissingFromSettings() - throws IOException, ServletException { - // given - final HttpServletRequest request = createRequestWithAuthorizationHeader(); - - when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); - when(response.getWriter()).thenReturn(writer); - - // when - sut.doFilter(request, response, obj); - - // then - verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); - verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); - } - - @Test - public void shouldSucceed() throws IOException, ServletException { - // given - final HttpServletRequest request = createRequestWithAuthorizationHeader(); - when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); - when(settings.validAuthorizationCredentials()).thenReturn( - HashMap.of(USERNAME, "$2a$10$BsZkEynNm/93wbAeeZuxJeu6IHRyQl4XReqDg2BtYOFDhUsz20.3G")); - when(response.getWriter()).thenReturn(writer); - - // when - sut.doFilter(request, response, obj); - - // then - verify(obj, atLeastOnce()).doFilter(request, response); - } - - @Test - public void shouldFailDueToInvalidBasicAuthorizationHeaderValue() - throws IOException, ServletException { - // given - final HttpServletRequest request = - MockMvcRequestBuilders - .post("") - .header(HttpHeaders.AUTHORIZATION, "FooBar") - .buildRequest(null); - - when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); - when(settings.validAuthorizationCredentials()).thenReturn(CREDENTIALS); - when(response.getWriter()).thenReturn(writer); - - // when - sut.doFilter(request, response, obj); - - //then - verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); - verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); - } + .buildRequest(null)); + } + + @Test + public void shouldSucceedWhenAuthorizationIsDisabled() throws IOException { + // given + final HttpServletRequest request = createEmptyRequest(); + + when(settings.authMethod()).thenReturn(AuthMethodType.NO_AUTH.value()); + + // when + final boolean isAuthorized = sut.preHandle(request, response, obj); + + // then + assertTrue(isAuthorized); + } + + @Test + public void shouldFailDueToEmptyBasicAuthorizationHeader() throws IOException { + // given + final HttpServletRequest request = createEmptyRequest(); + + when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); + when(response.getWriter()).thenReturn(writer); + + // when + final boolean isAuthorized = sut.preHandle(request, response, obj); + + + // then + assertFalse(isAuthorized); + + verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); + verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); + } + + @Test + public void shouldFailDueToBasicAuthenticationUserMissingFromSettings() throws IOException { + // given + final HttpServletRequest request = createRequestWithAuthorizationHeader(); + + when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); + when(response.getWriter()).thenReturn(writer); + + // when + final boolean isAuthorized = sut.preHandle(request, response, obj); + + // then + assertFalse(isAuthorized); + + verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); + verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); + } + + @Test + public void shouldSucceed() throws IOException { + // given + final HttpServletRequest request = createRequestWithAuthorizationHeader(); + when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); + when(settings.validAuthorizationCredentials()).thenReturn( + HashMap.of(USERNAME, "$2a$10$BsZkEynNm/93wbAeeZuxJeu6IHRyQl4XReqDg2BtYOFDhUsz20.3G")); + when(response.getWriter()).thenReturn(writer); + + // when + final boolean isAuthorized = sut.preHandle(request, response, obj); + + // then + assertTrue(isAuthorized); + } + + @Test + public void shouldFailDueToInvalidBasicAuthorizationHeaderValue() throws IOException { + // given + final HttpServletRequest request = + MockMvcRequestBuilders + .post("") + .header(HttpHeaders.AUTHORIZATION, "FooBar") + .buildRequest(null); + + when(settings.authMethod()).thenReturn(AuthMethodType.BASIC_AUTH.value()); + when(settings.validAuthorizationCredentials()).thenReturn(CREDENTIALS); + when(response.getWriter()).thenReturn(writer); + + // when + final boolean isAuthorized = sut.preHandle(request, response, obj); + + // then + assertFalse(isAuthorized); + + verify(response).setStatus(HttpStatus.UNAUTHORIZED.value()); + verify(writer).write(ApiException.UNAUTHORIZED_USER.toJSON().toString()); + } } |