summaryrefslogtreecommitdiffstats
path: root/prh-app-server/src
diff options
context:
space:
mode:
authorwasala <przemyslaw.wasala@nokia.com>2018-09-11 09:50:21 +0200
committerwasala <przemyslaw.wasala@nokia.com>2018-09-11 19:51:20 +0200
commit4a1457c84c5f3a68ccdfb3e348996e14ccea89e8 (patch)
treecf83bbe8b29dfc720fe2fafa94b3b84d6c3a7379 /prh-app-server/src
parentfea7d735b49c4be0958c6531771cc2ee511db490 (diff)
PRH:security vulnerabilities fix
*Removed unused libraries *Fixed vulnerablities in connection with clm scan *Replaced AssertJ in tests verification by using StepVerifier Change-Id: I81c3ac54e5514735f0fca8150fcc218d96dc5ce3 Issue-ID: DCAEGEN2-770 Signed-off-by: wasala <przemyslaw.wasala@nokia.com>
Diffstat (limited to 'prh-app-server/src')
-rw-r--r--prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/MainApp.java2
-rw-r--r--prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProvider.java36
-rw-r--r--prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/HttpGetClientTest.java23
-rw-r--r--prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProviderTest.java21
-rw-r--r--prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduleControllerSpy.java4
5 files changed, 32 insertions, 54 deletions
diff --git a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/MainApp.java b/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/MainApp.java
index 8b3cdcd9..3967dc0a 100644
--- a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/MainApp.java
+++ b/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/MainApp.java
@@ -48,7 +48,7 @@ public class MainApp {
}
@Bean
- Map<String, String> mdcContextMap(){
+ Map<String, String> mdcContextMap() {
MDC.put(REQUEST_ID, "SampleRequestID");
MDC.put(INVOCATION_ID, UUID.randomUUID().toString());
return MDC.getCopyOfContextMap();
diff --git a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProvider.java b/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProvider.java
index c80ecfaf..38b060e9 100644
--- a/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProvider.java
+++ b/prh-app-server/src/main/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProvider.java
@@ -22,12 +22,11 @@ package org.onap.dcaegen2.services.prh.service;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
-import java.net.URISyntaxException;
-import org.apache.http.client.utils.URIBuilder;
import org.onap.dcaegen2.services.prh.model.EnvProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
+import org.springframework.web.util.DefaultUriBuilderFactory;
import reactor.core.publisher.Mono;
@@ -57,16 +56,12 @@ public class PrhConfigurationProvider {
private Mono<String> callConsulForConfigBindingServiceEndpoint(EnvProperties envProperties) {
LOGGER.info("Retrieving Config Binding Service endpoint from Consul");
- try {
- return httpGetClient.callHttpGet(getConsulUrl(envProperties), JsonArray.class)
- .flatMap(jsonArray -> this.createConfigBindingServiceUrl(jsonArray, envProperties.appName()));
- } catch (URISyntaxException e) {
- LOGGER.warn("Malformed Consul uri", e);
- return Mono.error(e);
- }
+ return httpGetClient.callHttpGet(getConsulUrl(envProperties), JsonArray.class)
+ .flatMap(jsonArray -> this.createConfigBindingServiceUrl(jsonArray, envProperties.appName()));
+
}
- private String getConsulUrl(EnvProperties envProperties) throws URISyntaxException {
+ private String getConsulUrl(EnvProperties envProperties) {
return getUri(envProperties.consulHost(), envProperties.consulPort(), "/v1/catalog/service",
envProperties.cbsName());
}
@@ -83,13 +78,8 @@ public class PrhConfigurationProvider {
}
private Mono<String> buildConfigBindingServiceUrl(JsonObject jsonObject, String appName) {
- try {
- return Mono.just(getUri(jsonObject.get("ServiceAddress").getAsString(),
- jsonObject.get("ServicePort").getAsInt(), "/service_component", appName));
- } catch (URISyntaxException e) {
- LOGGER.warn("Malformed Config Binding Service uri", e);
- return Mono.error(e);
- }
+ return Mono.just(getUri(jsonObject.get("ServiceAddress").getAsString(),
+ jsonObject.get("ServicePort").getAsInt(), "/service_component", appName));
}
private Mono<JsonObject> getConfigBindingObject(JsonArray jsonArray) {
@@ -105,12 +95,12 @@ public class PrhConfigurationProvider {
}
}
- private String getUri(String host, Integer port, String... paths) throws URISyntaxException {
- return new URIBuilder()
- .setScheme("http")
- .setHost(host)
- .setPort(port)
- .setPath(String.join("/", paths))
+ private String getUri(String host, Integer port, String... paths) {
+ return new DefaultUriBuilderFactory().builder()
+ .scheme("http")
+ .host(host)
+ .port(port)
+ .path(String.join("/", paths))
.build().toString();
}
}
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/HttpGetClientTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/HttpGetClientTest.java
index 20fbc6bf..ab789a00 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/HttpGetClientTest.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/HttpGetClientTest.java
@@ -21,8 +21,6 @@
package org.onap.dcaegen2.services.prh.service;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
@@ -34,6 +32,8 @@ import com.google.gson.JsonSyntaxException;
import org.junit.jupiter.api.Test;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.core.publisher.Mono;
+import reactor.test.StepVerifier;
+
class HttpGetClientTest {
private static final String SOMEURL = "http://someurl";
@@ -50,12 +50,9 @@ class HttpGetClientTest {
HttpGetClient httpGetClient = new HttpGetClient(webClient);
when(responseSpec.bodyToMono(String.class)).thenReturn(Mono.just(DATA));
- //when
- Mono<JsonObject> jsonObjectMono = httpGetClient.callHttpGet(SOMEURL, JsonObject.class);
-
- //then
- assertThat(jsonObjectMono).isNotNull();
- assertThat(jsonObjectMono.block()).isEqualTo(gson.fromJson(DATA, JsonObject.class));
+ //when/then
+ StepVerifier.create(httpGetClient.callHttpGet(SOMEURL, JsonObject.class)).expectSubscription()
+ .expectNext(gson.fromJson(DATA, JsonObject.class)).verifyComplete();
}
@Test
@@ -65,16 +62,12 @@ class HttpGetClientTest {
HttpGetClient httpGetClient = new HttpGetClient(webClient);
when(responseSpec.bodyToMono(String.class)).thenReturn(Mono.just("some wrong data"));
- //when
- Mono<JsonObject> jsonObjectMono = httpGetClient.callHttpGet(SOMEURL, JsonObject.class);
-
- //then
- assertThat(jsonObjectMono).isNotNull();
- assertThrows(JsonSyntaxException.class, jsonObjectMono::block);
+ //when/then
+ StepVerifier.create(httpGetClient.callHttpGet(SOMEURL, JsonObject.class)).expectSubscription()
+ .expectError(JsonSyntaxException.class).verify();
}
-
private void mockWebClientDependantObject() {
doReturn(requestBodyUriSpec).when(webClient).get();
when(requestBodyUriSpec.uri(SOMEURL)).thenReturn(requestBodyUriSpec);
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProviderTest.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProviderTest.java
index 7b305222..e99389f5 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProviderTest.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/service/PrhConfigurationProviderTest.java
@@ -20,18 +20,17 @@
package org.onap.dcaegen2.services.prh.service;
-import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
-import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.onap.dcaegen2.services.prh.model.EnvProperties;
import org.onap.dcaegen2.services.prh.model.ImmutableEnvProperties;
import reactor.core.publisher.Mono;
+import reactor.test.StepVerifier;
class PrhConfigurationProviderTest {
@@ -72,12 +71,9 @@ class PrhConfigurationProviderTest {
PrhConfigurationProvider provider = new PrhConfigurationProvider(webClient);
- // when
- Mono<JsonObject> jsonObjectMono = provider.callForPrhConfiguration(envProperties);
-
- // then
- assertThat(jsonObjectMono).isNotNull();
- assertThat(jsonObjectMono.block()).isEqualTo(prhMockConfigurationJson);
+ //when/then
+ StepVerifier.create(provider.callForPrhConfiguration(envProperties)).expectSubscription()
+ .expectNext(prhMockConfigurationJson).verifyComplete();
}
@Test
@@ -90,11 +86,8 @@ class PrhConfigurationProviderTest {
PrhConfigurationProvider provider = new PrhConfigurationProvider(webClient);
- // when
- Mono<JsonObject> jsonObjectMono = provider.callForPrhConfiguration(envProperties);
-
- // then
- assertThat(jsonObjectMono).isNotNull();
- Assertions.assertThrows(IllegalStateException.class, jsonObjectMono::block);
+ //when/then
+ StepVerifier.create(provider.callForPrhConfiguration(envProperties)).expectSubscription()
+ .expectError(IllegalStateException.class).verify();
}
} \ No newline at end of file
diff --git a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduleControllerSpy.java b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduleControllerSpy.java
index 5aa63e00..2f7ff61c 100644
--- a/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduleControllerSpy.java
+++ b/prh-app-server/src/test/java/org/onap/dcaegen2/services/prh/tasks/ScheduleControllerSpy.java
@@ -23,6 +23,7 @@ package org.onap.dcaegen2.services.prh.tasks;
import static org.mockito.Mockito.spy;
import java.util.Map;
+
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -49,6 +50,7 @@ public class ScheduleControllerSpy {
@Bean
@Primary
public ScheduledTasks registerSimpleScheduledTask() {
- return spy(new ScheduledTasks(dmaapConsumerTaskImplSpy, dmaapPublisherTaskImplSpy, aaiPublisherTaskImplSpy, mdcContextMap));
+ return spy(new ScheduledTasks(dmaapConsumerTaskImplSpy, dmaapPublisherTaskImplSpy, aaiPublisherTaskImplSpy,
+ mdcContextMap));
}
}