diff options
author | wasala <przemyslaw.wasala@nokia.com> | 2018-09-11 09:50:21 +0200 |
---|---|---|
committer | wasala <przemyslaw.wasala@nokia.com> | 2018-09-11 19:51:20 +0200 |
commit | 4a1457c84c5f3a68ccdfb3e348996e14ccea89e8 (patch) | |
tree | cf83bbe8b29dfc720fe2fafa94b3b84d6c3a7379 /prh-dmaap-client | |
parent | fea7d735b49c4be0958c6531771cc2ee511db490 (diff) |
PRH:security vulnerabilities fix
*Removed unused libraries
*Fixed vulnerablities in connection
with clm scan
*Replaced AssertJ in tests verification
by using StepVerifier
Change-Id: I81c3ac54e5514735f0fca8150fcc218d96dc5ce3
Issue-ID: DCAEGEN2-770
Signed-off-by: wasala <przemyslaw.wasala@nokia.com>
Diffstat (limited to 'prh-dmaap-client')
4 files changed, 27 insertions, 61 deletions
diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClient.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClient.java index 242214d2..02c6ba96 100644 --- a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClient.java +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClient.java @@ -25,15 +25,14 @@ import static org.onap.dcaegen2.services.prh.model.logging.MdcVariables.X_INVOCA import static org.onap.dcaegen2.services.prh.model.logging.MdcVariables.X_ONAP_REQUEST_ID; import java.net.URI; -import java.net.URISyntaxException; import java.util.UUID; import java.util.function.Consumer; -import org.apache.http.client.utils.URIBuilder; import org.onap.dcaegen2.services.prh.config.DmaapConsumerConfiguration; import org.slf4j.MDC; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.web.reactive.function.client.WebClient; +import org.springframework.web.util.DefaultUriBuilderFactory; import reactor.core.publisher.Mono; /** @@ -71,21 +70,17 @@ public class DMaaPConsumerReactiveHttpClient { * @return reactive response from DMaaP in string format */ public Mono<String> getDMaaPConsumerResponse() { - try { - return webClient - .get() - .uri(getUri()) - .headers(getHeaders()) - .retrieve() - .onStatus(HttpStatus::is4xxClientError, clientResponse -> - Mono.error(new RuntimeException("DmaaPConsumer HTTP " + clientResponse.statusCode())) - ) - .onStatus(HttpStatus::is5xxServerError, clientResponse -> - Mono.error(new RuntimeException("DmaaPConsumer HTTP " + clientResponse.statusCode()))) - .bodyToMono(String.class); - } catch (URISyntaxException e) { - return Mono.error(e); - } + return webClient + .get() + .uri(getUri()) + .headers(getHeaders()) + .retrieve() + .onStatus(HttpStatus::is4xxClientError, clientResponse -> + Mono.error(new RuntimeException("DmaaPConsumer HTTP " + clientResponse.statusCode())) + ) + .onStatus(HttpStatus::is5xxServerError, clientResponse -> + Mono.error(new RuntimeException("DmaaPConsumer HTTP " + clientResponse.statusCode()))) + .bodyToMono(String.class); } private Consumer<HttpHeaders> getHeaders() { @@ -105,8 +100,8 @@ public class DMaaPConsumerReactiveHttpClient { return this; } - URI getUri() throws URISyntaxException { - return new URIBuilder().setScheme(dmaapProtocol).setHost(dmaapHostName).setPort(dmaapPortNumber) - .setPath(createRequestPath()).build(); + URI getUri() { + return new DefaultUriBuilderFactory().builder().scheme(dmaapProtocol).host(dmaapHostName).port(dmaapPortNumber) + .path(createRequestPath()).build(); } } diff --git a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClient.java b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClient.java index 862ad841..6cd54846 100644 --- a/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClient.java +++ b/prh-dmaap-client/src/main/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClient.java @@ -26,9 +26,7 @@ import static org.onap.dcaegen2.services.prh.model.logging.MdcVariables.X_INVOCA import static org.onap.dcaegen2.services.prh.model.logging.MdcVariables.X_ONAP_REQUEST_ID; import java.net.URI; -import java.net.URISyntaxException; import java.util.UUID; -import org.apache.http.client.utils.URIBuilder; import org.onap.dcaegen2.services.prh.config.DmaapPublisherConfiguration; import org.onap.dcaegen2.services.prh.model.ConsumerDmaapModel; import org.slf4j.MDC; @@ -37,8 +35,11 @@ import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.ResponseEntity; import org.springframework.web.client.RestTemplate; +import org.springframework.web.util.DefaultUriBuilderFactory; import reactor.core.publisher.Mono; + + /** * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 7/4/18 */ @@ -74,12 +75,9 @@ public class DMaaPProducerReactiveHttpClient { public Mono<ResponseEntity<String>> getDMaaPProducerResponse(ConsumerDmaapModel consumerDmaapModelMono) { return Mono.defer(() -> { - try { - HttpEntity<String> request = new HttpEntity<>(createJsonBody(consumerDmaapModelMono), getAllHeaders()); - return Mono.just(restTemplate.exchange(getUri(), HttpMethod.POST, request, String.class)); - } catch (URISyntaxException e) { - return Mono.error(e); - } + HttpEntity<String> request = new HttpEntity<>(createJsonBody(consumerDmaapModelMono), getAllHeaders()); + return Mono.just(restTemplate.exchange(getUri(), HttpMethod.POST, request, String.class)); + }); } @@ -97,9 +95,9 @@ public class DMaaPProducerReactiveHttpClient { return this; } - URI getUri() throws URISyntaxException { - return new URIBuilder().setScheme(dmaapProtocol).setHost(dmaapHostName).setPort(dmaapPortNumber) - .setPath(dmaapTopicName).build(); + URI getUri() { + return new DefaultUriBuilderFactory().builder().scheme(dmaapProtocol).host(dmaapHostName).port(dmaapPortNumber) + .path(dmaapTopicName).build(); } } diff --git a/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClientTest.java b/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClientTest.java index 26fa65f5..c8ffd12f 100644 --- a/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClientTest.java +++ b/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/consumer/DMaaPConsumerReactiveHttpClientTest.java @@ -97,20 +97,6 @@ class DMaaPConsumerReactiveHttpClientTest { } @Test - void getHttpResponse_whenUriSyntaxExceptionHasBeenThrown() throws URISyntaxException { - //given - dmaapConsumerReactiveHttpClient = spy(dmaapConsumerReactiveHttpClient); - //when - when(webClient.get()).thenReturn(requestHeadersSpec); - dmaapConsumerReactiveHttpClient.createDMaaPWebClient(webClient); - when(dmaapConsumerReactiveHttpClient.getUri()).thenThrow(URISyntaxException.class); - - //then - StepVerifier.create(dmaapConsumerReactiveHttpClient.getDMaaPConsumerResponse()).expectSubscription() - .expectError(Exception.class).verify(); - } - - @Test void getAppropriateUri_whenPassingCorrectedPathForPnf() throws URISyntaxException { Assertions.assertEquals(dmaapConsumerReactiveHttpClient.getUri(), URI.create("https://54.45.33.2:1234/unauthenticated.SEC_OTHER_OUTPUT/OpenDCAE-c12/c12")); diff --git a/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClientTest.java b/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClientTest.java index 05b74895..29d1039f 100644 --- a/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClientTest.java +++ b/prh-dmaap-client/src/test/java/org/onap/dcaegen2/services/prh/service/producer/DMaaPProducerReactiveHttpClientTest.java @@ -23,12 +23,9 @@ package org.onap.dcaegen2.services.prh.service.producer; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.spy; import static org.mockito.Mockito.when; import java.net.URI; -import java.net.URISyntaxException; - import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; @@ -42,6 +39,8 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.client.RestTemplate; import reactor.test.StepVerifier; + + /** * @author <a href="mailto:przemyslaw.wasala@nokia.com">Przemysław Wąsala</a> on 7/4/18 */ @@ -86,19 +85,7 @@ class DMaaPProducerReactiveHttpClientTest { } @Test - void getHttpResponse_whenUriSyntaxExceptionHasBeenThrown() throws URISyntaxException { - //given - dmaapProducerReactiveHttpClient = spy(dmaapProducerReactiveHttpClient); - //when - when(dmaapProducerReactiveHttpClient.getUri()).thenThrow(URISyntaxException.class); - - //then - StepVerifier.create(dmaapProducerReactiveHttpClient.getDMaaPProducerResponse(any())).expectSubscription() - .expectError(Exception.class).verify(); - } - - @Test - void getAppropriateUri_whenPassingCorrectedPathForPnf() throws URISyntaxException { + void getAppropriateUri_whenPassingCorrectedPathForPnf() { Assertions.assertEquals(dmaapProducerReactiveHttpClient.getUri(), URI.create("https://54.45.33.2:1234/unauthenticated.PNF_READY")); } |