Add support for HTTPS

*Add AAF certificates
*Switch PM Mapper endpoints to HTTPS
*Make external API calls secure if applicable

Issue-ID: DCAEGEN2-1296
Change-Id: I63aef8a93cfe6d6a37dcd32496b35ed0841cec4b
Signed-off-by: dfarrelly <david.farrelly@est.tech>

3 files changed, 148 insertions, 5 deletions

diff --git a/src/test/java/org/onap/dcaegen2/pmmapper/config/util/RequestSenderTests.java b/src/test/java/org/onap/dcaegen2/pmmapper/config/util/RequestSenderTests.java
index 770ae43..b349b80 100644
--- a/src/test/java/org/onap/dcaegen2/pmmapper/config/util/RequestSenderTests.java
+++ b/src/test/java/org/onap/dcaegen2/pmmapper/config/util/RequestSenderTests.java
@@ -26,7 +26,6 @@ import static org.mockserver.integration.ClientAndServer.startClientAndServer;
 import static org.mockserver.model.HttpRequest.request;

 import static org.mockserver.model.HttpResponse.response;

 

-import java.io.IOException;

 import java.net.URL;

 import java.net.UnknownHostException;

 

diff --git a/src/test/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactoryTest.java b/src/test/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactoryTest.java
new file mode 100644
index 0000000..6f5cee9
--- /dev/null
+++ b/src/test/java/org/onap/dcaegen2/services/pmmapper/ssl/SSLContextFactoryTest.java
@@ -0,0 +1,84 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2019 Nordix Foundation.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.dcaegen2.services.pmmapper.ssl;
+
+import com.google.gson.Gson;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import org.junit.Rule;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.junit.rules.ExpectedException;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.onap.dcaegen2.services.pmmapper.model.MapperConfig;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+import static org.junit.Assert.assertNotNull;
+
+@ExtendWith(MockitoExtension.class)
+
+public class SSLContextFactoryTest {
+
+    @Rule
+    public ExpectedException exception = ExpectedException.none();
+
+    private static String validConfigFileContents;
+    private static MapperConfig validConfig;
+    private static MapperConfig inValidConfig;
+
+
+    private static final Path validConfigPath = Paths.get("src/test/resources/valid_mapper_config.json");
+
+    private SSLContextFactory objUnderTest;
+
+    @BeforeEach
+    void setUp() throws Exception {
+        validConfigFileContents = new String(Files.readAllBytes(validConfigPath));
+        JsonObject configObject = new JsonParser().parse(validConfigFileContents).getAsJsonObject();
+        validConfig = new Gson().fromJson(configObject, MapperConfig.class);
+
+        objUnderTest = new SSLContextFactory(validConfig);
+    }
+
+    @Test
+    void testCreateSSLContext() throws IOException {
+        SSLContext sslContext = objUnderTest.createSSLContext(validConfig);
+
+        assertNotNull(sslContext);
+    }
+
+    @Test
+    void testCreateSSLContextInvalidPassword() {
+        JsonObject configObject = new JsonParser().parse(validConfigFileContents).getAsJsonObject();
+        configObject.addProperty("key_store_pass_path", "src/test/resources/nopassword");
+        inValidConfig = new Gson().fromJson(configObject, MapperConfig.class);
+
+        assertThrows(IOException.class, () -> objUnderTest.createSSLContext(inValidConfig));
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/org/onap/dcaegen2/services/pmmapper/utils/DataRouterUtilsTest.java b/src/test/java/org/onap/dcaegen2/services/pmmapper/utils/DataRouterUtilsTest.java
index 73967c2..9975849 100644
--- a/src/test/java/org/onap/dcaegen2/services/pmmapper/utils/DataRouterUtilsTest.java
+++ b/src/test/java/org/onap/dcaegen2/services/pmmapper/utils/DataRouterUtilsTest.java
@@ -31,25 +31,74 @@ import static org.mockito.Mockito.when;
 import java.io.ByteArrayInputStream;
 import java.net.HttpURLConnection;
 import java.net.URL;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+import com.google.gson.Gson;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.onap.dcaegen2.services.pmmapper.datarouter.DataRouterSubscriber;
 import org.onap.dcaegen2.services.pmmapper.exceptions.ProcessEventException;
 import org.onap.dcaegen2.services.pmmapper.model.Event;
 import org.onap.dcaegen2.services.pmmapper.model.EventMetadata;
 import org.onap.dcaegen2.services.pmmapper.model.MapperConfig;
+import org.onap.dcaegen2.services.pmmapper.ssl.SSLContextFactory;
 import org.powermock.api.mockito.PowerMockito;
+import org.powermock.core.classloader.annotations.PowerMockIgnore;
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 import org.powermock.reflect.Whitebox;
 import utils.EventUtils;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
 
+@PowerMockIgnore({"org.apache.http.conn.ssl.*", "javax.net.ssl.*" , "javax.crypto.*"})
+@PrepareForTest({RequestSender.class,DataRouterSubscriber.class})
 @RunWith(PowerMockRunner.class)
-@PrepareForTest(RequestSender.class)
 public class DataRouterUtilsTest {
 
+    private static String validConfigFileContents;
+    private static MapperConfig validConfig;
+    private SSLContextFactory sslContextFactory;
+    private static final Path validConfigPath = Paths.get("src/test/resources/valid_mapper_config.json");
+
     @Test
     public void processEventSuccessful() throws Exception {
+        validConfigFileContents = new String(Files.readAllBytes(validConfigPath));
+        JsonObject configObject = new JsonParser().parse(validConfigFileContents).getAsJsonObject();
+        validConfig = new Gson().fromJson(configObject, MapperConfig.class);
+        sslContextFactory = new SSLContextFactory(validConfig);
+
+        SSLContext sslContext = sslContextFactory.createSSLContext(validConfig);
+        SSLContext.setDefault(sslContext);
+
+        String serviceResponse = "I'm a service response ;)";
+        String publishIdentity = "12";
+        PowerMockito.mockStatic(Thread.class);
+        MapperConfig mockMapperConfig = mock(MapperConfig.class);
+        URL mockURL = mock(URL.class);
+        HttpsURLConnection mockConnection = mock(HttpsURLConnection.class, RETURNS_DEEP_STUBS);
+        when(mockConnection.getResponseCode()).thenReturn(200);
+        when(mockConnection.getInputStream()).thenReturn(new ByteArrayInputStream(serviceResponse.getBytes()));
+
+        when(mockURL.openConnection()).thenReturn(mockConnection);
+        when(mockURL.getProtocol()).thenReturn("https");
+        when(mockMapperConfig.getDmaapDRDeleteEndpoint()).thenReturn("https://dmaap-dr-node/delete/");
+        when(mockMapperConfig.getSubscriberIdentity()).thenReturn("12");
+
+        PowerMockito.whenNew(URL.class).withAnyArguments().thenReturn(mockURL);
+
+        Event testEvent = EventUtils.makeMockEvent("", mock(EventMetadata.class), publishIdentity);
+        assertEquals(serviceResponse,  DataRouterUtils.processEvent(mockMapperConfig, testEvent));
+        verify(mockConnection, times(1)).setRequestMethod(RequestSender.DELETE);
+    }
+
+    @Test
+    public void processEventSuccessfulHttp() throws Exception {
         String serviceResponse = "I'm a service response ;)";
         String publishIdentity = "12";
         PowerMockito.mockStatic(Thread.class);
@@ -60,7 +109,8 @@ public class DataRouterUtilsTest {
         when(mockConnection.getInputStream()).thenReturn(new ByteArrayInputStream(serviceResponse.getBytes()));
 
         when(mockURL.openConnection()).thenReturn(mockConnection);
-        when(mockMapperConfig.getDmaapDRDeleteEndpoint()).thenReturn("dmaap-dr-node/delete/");
+        when(mockURL.getProtocol()).thenReturn("http");
+        when(mockMapperConfig.getDmaapDRDeleteEndpoint()).thenReturn("http://dmaap-dr-node/delete/");
         when(mockMapperConfig.getSubscriberIdentity()).thenReturn("12");
 
         PowerMockito.whenNew(URL.class).withAnyArguments().thenReturn(mockURL);
@@ -72,17 +122,26 @@ public class DataRouterUtilsTest {
 
     @Test
     public void testNegativeResponse() throws Exception {
+        validConfigFileContents = new String(Files.readAllBytes(validConfigPath));
+        JsonObject configObject = new JsonParser().parse(validConfigFileContents).getAsJsonObject();
+        validConfig = new Gson().fromJson(configObject, MapperConfig.class);
+        sslContextFactory = new SSLContextFactory(validConfig);
+
+        SSLContext sslContext = sslContextFactory.createSSLContext(validConfig);
+        SSLContext.setDefault(sslContext);
+
         String serviceResponse = "I'm a negative service response ;)";
         String publishIdentity = "12";
         PowerMockito.mockStatic(Thread.class);
         MapperConfig mockMapperConfig = mock(MapperConfig.class);
         URL mockURL = mock(URL.class);
-        HttpURLConnection mockConnection = mock(HttpURLConnection.class, RETURNS_DEEP_STUBS);
+        HttpsURLConnection mockConnection = mock(HttpsURLConnection.class, RETURNS_DEEP_STUBS);
         when(mockConnection.getResponseCode()).thenReturn(503);
         when(mockConnection.getInputStream())
                 .thenAnswer(invocationOnMock -> new ByteArrayInputStream(serviceResponse.getBytes()));
 
         when(mockURL.openConnection()).thenReturn(mockConnection);
+        when(mockURL.getProtocol()).thenReturn("https");
         when(mockMapperConfig.getDmaapDRDeleteEndpoint()).thenReturn("dmaap-dr-node/delete/");
         when(mockMapperConfig.getSubscriberIdentity()).thenReturn("12");
 
@@ -102,10 +161,11 @@ public class DataRouterUtilsTest {
         PowerMockito.mockStatic(Thread.class);
         MapperConfig mockMapperConfig = mock(MapperConfig.class);
         URL mockURL = mock(URL.class);
-        HttpURLConnection mockConnection = mock(HttpURLConnection.class, RETURNS_DEEP_STUBS);
+        HttpsURLConnection mockConnection = mock(HttpsURLConnection.class, RETURNS_DEEP_STUBS);
         when(mockConnection.getResponseCode()).thenReturn(503);
 
         when(mockURL.openConnection()).thenReturn(mockConnection);
+        when(mockURL.getProtocol()).thenReturn("https");
         when(mockMapperConfig.getDmaapDRDeleteEndpoint()).thenReturn("dmaap-dr-node/delete/");
         when(mockMapperConfig.getSubscriberIdentity()).thenReturn("12");