summaryrefslogtreecommitdiffstats
path: root/src/main
diff options
context:
space:
mode:
authorTomasz Wrobel <tomasz.wrobel@nokia.com>2022-01-25 11:00:42 +0100
committerTomasz Wrobel <tomasz.wrobel@nokia.com>2022-02-11 12:27:06 +0100
commit9d02ea09cac22c177688622ed50a7eb3f6fd38ce (patch)
tree430c1dfc64d505a24a380d7eeef48d0f1c3d37db /src/main
parent6fa1dfca682711066189bef2f946433b614239fe (diff)
Fix loading SSL Context when certpaths not exist in configuration1.8.0
- Make cert paths field optional in configuration. - Allow to skip ssl context load. - Make PublisherConfig and SubscriberConfig fields optional. - Remove Auth Header when AAF credentials are empty Issue-ID: DCAEGEN2-3032 Issue-ID: DCAEGEN2-3038 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I27d44cf8c2887b3a75c5ad16f833439b7b5757ee
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/App.java9
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/config/ConfigHandler.java6
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/exceptions/MapperConfigException.java5
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/model/MapperConfig.java9
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/model/PublisherConfig.java4
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/model/SubscriberConfig.java5
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactory.java35
-rw-r--r--src/main/java/org/onap/dcaegen2/services/pmmapper/utils/DmaapRequestSender.java20
8 files changed, 65 insertions, 28 deletions
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/App.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/App.java
index 0da2b7e..0c49a96 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/App.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/App.java
@@ -1,7 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019-2020 Nordix Foundation.
- * Copyright (C) 2021-2022 Nokia.
+ * Copyright (C) 2021-2022 Nokia. All rights reserved.
* Copyright (C) 2021 Samsung Electronics.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -169,7 +169,7 @@ public class App {
this.serverResources = Arrays.asList(healthCheckHandler, deliveryHandler, dynamicConfiguration);
try {
this.applicationServer = server(this.mapperConfig, this.serverResources);
- } catch (IOException e) {
+ } catch (IOException | MapperConfigException e ) {
logger.unwrap().error("Failed to create server instance.", e);
throw new IllegalStateException("Server instantiation failed");
}
@@ -194,7 +194,10 @@ public class App {
private Undertow server(MapperConfig config, List<ServerResource> serverResources) throws IOException {
SSLContextFactory sslContextFactory = new SSLContextFactory(config);
SSLContext sslContext = sslContextFactory.createSSLContext(config);
- SSLContext.setDefault(sslContext);
+ if (sslContext != null) {
+ SSLContext.setDefault(sslContext);
+ logger.unwrap().info("SSL Context loaded");
+ }
Undertow.Builder builder = Undertow.builder();
if (config.getEnableHttp()) {
builder.addHttpListener(this.httpPort, "0.0.0.0");
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/config/ConfigHandler.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/config/ConfigHandler.java
index 6c93d2f..ff28634 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/config/ConfigHandler.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/config/ConfigHandler.java
@@ -1,7 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019 Nordix Foundation.
- * Copyright (C) 2022 Nokia.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -102,8 +102,8 @@ public class ConfigHandler {
.create()
.fromJson(jsonObject, MapperConfig.class);
} catch (Exception exception) {
- String exceptionMessage = "Error parsing configuration, mapper config:\n" + mapperConfig;
- logger.unwrap().error(exceptionMessage);
+ String exceptionMessage = "Error parsing configuration, mapper config: " + mapperConfig;
+ logger.unwrap().error("Error parsing configuration", exception);
throw new MapperConfigException(exceptionMessage, exception);
}
logger.unwrap().info("PM-mapper configuration processed successful");
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/exceptions/MapperConfigException.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/exceptions/MapperConfigException.java
index 4669871..56e2d23 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/exceptions/MapperConfigException.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/exceptions/MapperConfigException.java
@@ -1,6 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019 Nordix Foundation.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -23,4 +24,8 @@ public class MapperConfigException extends RuntimeException {
public MapperConfigException(String message, Throwable cause) {
super(message, cause);
}
+
+ public MapperConfigException(String message) {
+ super(message);
+ }
}
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/MapperConfig.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/MapperConfig.java
index a71696b..18b9388 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/MapperConfig.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/MapperConfig.java
@@ -1,6 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019 Nordix Foundation.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -41,19 +42,15 @@ public class MapperConfig implements Configurable {
@SerializedName("enable_http")
private Boolean enableHttp;
- @GSONRequired
@SerializedName("key_store_path")
private String keyStorePath;
- @GSONRequired
@SerializedName("key_store_pass_path")
private String keyStorePassPath;
- @GSONRequired
@SerializedName("trust_store_path")
private String trustStorePath;
- @GSONRequired
@SerializedName("trust_store_pass_path")
private String trustStorePassPath;
@@ -66,11 +63,9 @@ public class MapperConfig implements Configurable {
@JsonAdapter(MeasFilterConfigAdapter.class)
private MeasFilterConfig filterConfig;
- @GSONRequired
@SerializedName("aaf_identity")
private String aafUsername;
- @GSONRequired
@SerializedName("aaf_password")
private String aafPassword;
@@ -127,4 +122,4 @@ public class MapperConfig implements Configurable {
", publisherConfig=" + publisherConfig +
'}';
}
-} \ No newline at end of file
+}
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/PublisherConfig.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/PublisherConfig.java
index 16ab941..4b0cdac 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/PublisherConfig.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/PublisherConfig.java
@@ -1,6 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019 Nordix Foundation.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -30,15 +31,12 @@ public class PublisherConfig {
@SerializedName("topic_url")
private String topicUrl;
- @GSONRequired
@SerializedName("client_role")
private String clientRole;
- @GSONRequired
@SerializedName("client_id")
private String clientId;
- @GSONRequired
@SerializedName("location")
private String clusterLocation;
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/SubscriberConfig.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/SubscriberConfig.java
index c53d36d..89cc243 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/model/SubscriberConfig.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/model/SubscriberConfig.java
@@ -1,6 +1,7 @@
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2019 Nordix Foundation.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,15 +27,13 @@ import org.onap.dcaegen2.services.pmmapper.utils.GSONRequired;
@Data
public class SubscriberConfig {
- @GSONRequired
+
@SerializedName("username")
private String username;
- @GSONRequired
@SerializedName("password")
private String password;
- @GSONRequired
@SerializedName("location")
private String drLocation;
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactory.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactory.java
index e7c317d..007ba86 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactory.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactory.java
@@ -2,6 +2,7 @@
* ============LICENSE_START=======================================================
* Copyright (C) 2019-2020 Nordix Foundation.
* Copyright (C) 2021 Samsung Electronics.
+ * Copyright (C) 2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -23,6 +24,7 @@ package org.onap.dcaegen2.services.pmmapper.ssl;
import org.onap.dcaegen2.services.pmmapper.exceptions.CreateContextException;
import org.onap.dcaegen2.services.pmmapper.exceptions.KeyManagerException;
import org.onap.dcaegen2.services.pmmapper.exceptions.LoadKeyStoreException;
+import org.onap.dcaegen2.services.pmmapper.exceptions.MapperConfigException;
import org.onap.dcaegen2.services.pmmapper.exceptions.TrustManagerException;
import org.onap.dcaegen2.services.pmmapper.model.MapperConfig;
import org.onap.logging.ref.slf4j.ONAPLogAdapter;
@@ -48,14 +50,18 @@ import static java.nio.file.Files.readAllBytes;
public class SSLContextFactory {
private static final ONAPLogAdapter logger = new ONAPLogAdapter(LoggerFactory.getLogger(SSLContextFactory.class));
- private MapperConfig mapperConfig;
+ private final MapperConfig mapperConfig;
public SSLContextFactory(MapperConfig config) {
mapperConfig = config;
}
public SSLContext createSSLContext(MapperConfig mapperConfig) throws IOException {
- SSLContext sslContext = null;
+ logger.unwrap().info("Attempt to Create SSL Context");
+ if (isSslDisabled(mapperConfig)) {
+ logger.unwrap().warn("SSL is disabled. Skip creating SSL Context");
+ return null;
+ }
try {
KeyStore keyStore = loadKeyStore(mapperConfig.getKeyStorePath(), mapperConfig.getKeyStorePassPath());
@@ -64,15 +70,36 @@ public class SSLContextFactory {
KeyStore trustStore = loadKeyStore(mapperConfig.getTrustStorePath(), mapperConfig.getTrustStorePassPath());
TrustManager[] trustManagers = createTrustManager(trustStore);
- sslContext = SSLContext.getInstance("TLSv1.2");
+ SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(keyManagers, trustManagers, null);
+ return sslContext;
} catch(KeyManagementException | NoSuchAlgorithmException e) {
logger.unwrap().error("Failed to create SSL Context.", e);
throw new CreateContextException("Failed to create SSL Context", e);
}
- return sslContext;
}
+ private boolean isSslDisabled(MapperConfig mapperConfig) {
+ boolean isCertPathMissing = !areCertPathsConfigured(mapperConfig);
+ if (isCertPathMissing && !mapperConfig.getEnableHttp()) {
+ throw new MapperConfigException("Certificate paths are missing, HTTP is disabled. Not allowed configuration");
+ }
+
+ return isCertPathMissing;
+ }
+
+ private boolean areCertPathsConfigured(MapperConfig mapperConfig) {
+ return isNotBlank(mapperConfig.getKeyStorePath()) &&
+ isNotBlank(mapperConfig.getKeyStorePassPath()) &&
+ isNotBlank(mapperConfig.getTrustStorePath()) &&
+ isNotBlank(mapperConfig.getTrustStorePassPath());
+ }
+
+ private boolean isNotBlank(String str) {
+ return str != null && !str.isEmpty();
+ }
+
+
private KeyManager[] createKeyManager(KeyStore keyStore) throws NoSuchAlgorithmException, IOException {
KeyManager[] keyManager;
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
diff --git a/src/main/java/org/onap/dcaegen2/services/pmmapper/utils/DmaapRequestSender.java b/src/main/java/org/onap/dcaegen2/services/pmmapper/utils/DmaapRequestSender.java
index 1a7c59e..e7898af 100644
--- a/src/main/java/org/onap/dcaegen2/services/pmmapper/utils/DmaapRequestSender.java
+++ b/src/main/java/org/onap/dcaegen2/services/pmmapper/utils/DmaapRequestSender.java
@@ -1,6 +1,6 @@
/*-
* ============LICENSE_START=======================================================
- * Copyright (C) 2021 Nokia.
+ * Copyright (C) 2021-2022 Nokia. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -25,6 +25,7 @@ import com.google.gson.JsonParser;
import io.vavr.control.Try;
import org.onap.dcaegen2.services.sdk.model.streams.AafCredentials;
import org.onap.dcaegen2.services.sdk.model.streams.dmaap.ImmutableMessageRouterSink;
+import org.onap.dcaegen2.services.sdk.model.streams.dmaap.ImmutableMessageRouterSink.Builder;
import org.onap.dcaegen2.services.sdk.model.streams.dmaap.MessageRouterSink;
import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.ContentType;
import org.onap.dcaegen2.services.sdk.rest.services.dmaap.client.api.DmaapClientFactory;
@@ -88,10 +89,19 @@ public class DmaapRequestSender {
}
private static MessageRouterSink sink(String topicUrl, AafCredentials credentials) {
- return ImmutableMessageRouterSink.builder()
- .aafCredentials(credentials)
- .topicUrl(topicUrl)
- .build();
+ Builder builder = ImmutableMessageRouterSink.builder();
+ if (credentialsExists(credentials)) {
+ builder.aafCredentials(credentials);
+ }
+ return builder.topicUrl(topicUrl).build();
+ }
+
+ private static boolean credentialsExists(AafCredentials credentials) {
+ return isNotBlank(credentials.username()) && isNotBlank(credentials.password());
+ }
+
+ private static boolean isNotBlank(String str) {
+ return str != null && !str.isEmpty();
}
private static RequestDiagnosticContext diagnosticContext() {