From 0ad65c47b4fbddd5d1b653c5e38dcdf84884de9f Mon Sep 17 00:00:00 2001
From: efiacor <fiachra.corcoran@est.tech>
Date: Wed, 5 Feb 2020 11:57:18 +0000
Subject: Removing passwordencryption key

Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: I1d5f193ae0215d5a5939227097adbb01a5b9866a
Issue-ID: DMAAP-1367
---
 .../datarouter/provisioning/BaseServletTest.java   | 71 +++++++++++-----------
 .../datarouter/provisioning/DrServletTestBase.java |  1 -
 .../provisioning/SubscriptionServletTest.java      |  4 --
 3 files changed, 37 insertions(+), 39 deletions(-)

(limited to 'datarouter-prov/src/test/java/org/onap')

diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java
index 0013077d..bfd33f80 100755
--- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java
+++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/BaseServletTest.java
@@ -23,8 +23,22 @@
 
 package org.onap.dmaap.datarouter.provisioning;
 
-import java.security.NoSuchAlgorithmException;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.nullValue;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
+import static org.mockito.Matchers.anyInt;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+import static org.powermock.api.mockito.PowerMockito.mockStatic;
+
+import java.util.HashSet;
+import java.util.Set;
+import java.util.UUID;
 import javax.crypto.SecretKeyFactory;
+import javax.servlet.http.HttpServletRequest;
 import org.apache.commons.lang3.reflect.FieldUtils;
 import org.json.JSONObject;
 import org.junit.Assert;
@@ -32,7 +46,6 @@ import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
-import org.mockito.Mockito;
 import org.onap.dmaap.datarouter.provisioning.beans.Feed;
 import org.onap.dmaap.datarouter.provisioning.beans.FeedAuthorization;
 import org.onap.dmaap.datarouter.provisioning.beans.Group;
@@ -44,21 +57,6 @@ import org.powermock.core.classloader.annotations.SuppressStaticInitializationFo
 import org.powermock.modules.junit4.PowerMockRunner;
 import org.slf4j.MDC;
 
-import javax.servlet.http.HttpServletRequest;
-import java.util.HashSet;
-import java.util.Set;
-import java.util.UUID;
-
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.nullValue;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertThat;
-import static org.mockito.Matchers.anyInt;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-import static org.powermock.api.mockito.PowerMockito.mockStatic;
-
 @RunWith(PowerMockRunner.class)
 @SuppressStaticInitializationFor({"org.onap.dmaap.datarouter.provisioning.beans.Feed",
         "org.onap.dmaap.datarouter.provisioning.beans.Subscription",
@@ -229,23 +227,7 @@ public class BaseServletTest extends DrServletTestBase {
         Assert.assertEquals("456", MDC.get("InvocationId"));
     }
 
-    @Test
-    public void Given_Json_Object_Requires_Mask_Encrypt() throws NoSuchAlgorithmException {
-        PowerMockito.mockStatic(SecretKeyFactory.class);
-        SecretKeyFactory secretKeyFactory = PowerMockito.mock(SecretKeyFactory.class);
-        PowerMockito.when(SecretKeyFactory.getInstance(Mockito.anyString())).thenReturn(secretKeyFactory);
-        BaseServlet.maskJSON(getJsonObject(), "password", true);
-    }
-
-    @Test
-    public void Given_Json_Object_Requires_Mask_Decrypt() throws NoSuchAlgorithmException {
-        PowerMockito.mockStatic(SecretKeyFactory.class);
-        SecretKeyFactory secretKeyFactory = PowerMockito.mock(SecretKeyFactory.class);
-        PowerMockito.when(SecretKeyFactory.getInstance(Mockito.anyString())).thenReturn(secretKeyFactory);
-        BaseServlet.maskJSON(getJsonObject(), "password", false);
-    }
-
-    public JSONObject getJsonObject() {
+    public JSONObject getFeedJsonObject() {
         return new JSONObject("{\"authorization\": {\n" + "    \"endpoint_addrs\": [\n" + "    ],\n"
                                       + "    \"classification\": \"unclassified\",\n"
                                       + "    \"endpoint_ids\": [\n" + "      {\n"
@@ -255,6 +237,27 @@ public class BaseServletTest extends DrServletTestBase {
                                       + "        \"id\": \"onap\"\n" + "      }\n" + "    ]\n" + "  }}");
     }
 
+    public JSONObject getSubJsonObject() {
+        return new JSONObject("{\"delivery\": {\"url\": \"http://172.18.0.3:7070/\", \"user\": "
+            + "\"LOGIN\", \"password\": \"PASSWORD\", \"use100\": true}, \"metadataOnly\": false, "
+            + "\"suspend\": false, \"groupid\": 29, \"subscriber\": \"sg481n\"}");
+    }
+
+    @Test
+    public void Given_Debug_Is_Enabled_Hash_Feed_Passwords_Successful() {
+        JSONObject hashed_feed_pass = BaseServlet.hashPasswords(getFeedJsonObject());
+        assertNotEquals(hashed_feed_pass.getJSONObject("authorization").getJSONArray("endpoint_ids")
+            .getJSONObject(0).get("password").toString(), "demo123456!");
+
+    }
+
+    @Test
+    public void Given_Debug_Is_Enabled_Hash_Sub_Passwords_Successful() {
+        JSONObject hashed_sub_pass = BaseServlet.hashPasswords(getSubJsonObject());
+        assertNotEquals(hashed_sub_pass.getJSONObject("delivery").get("password").toString(), "PASSWORD");
+
+    }
+
     @Test
     public void Given_BaseServlet_Verify_Cadi_Feed_Permission() {
         assertEquals("org.onap.dmaap-dr.feed|legacy|publish", baseServlet.getFeedPermission("legacy", "publish"));
diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java
index 03f5df1b..0a2b6085 100644
--- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java
+++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/DrServletTestBase.java
@@ -48,7 +48,6 @@ public class DrServletTestBase {
         props.setProperty("org.onap.dmaap.datarouter.provserver.accesslog.dir", "unit-test-logs");
         props.setProperty("org.onap.dmaap.datarouter.provserver.spooldir", "unit-test-logs/spool");
         props.setProperty("org.onap.dmaap.datarouter.provserver.https.relaxation", "false");
-        props.setProperty("org.onap.dmaap.datarouter.provserver.passwordencryption", "PasswordEncryptionKey#@$%^&1234#");
         FieldUtils.writeDeclaredStaticField(ProvRunner.class, "provProperties", props, true);
         FieldUtils.writeDeclaredStaticField(BaseServlet.class, "startmsgFlag", false, true);
         SynchronizerTask synchronizerTask = mock(SynchronizerTask.class);
diff --git a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
index cb0fa2bf..a7b42976 100755
--- a/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
+++ b/datarouter-prov/src/test/java/org/onap/dmaap/datarouter/provisioning/SubscriptionServletTest.java
@@ -40,7 +40,6 @@ import org.onap.dmaap.datarouter.provisioning.beans.Deleteable;
 import org.onap.dmaap.datarouter.provisioning.beans.SubDelivery;
 import org.onap.dmaap.datarouter.provisioning.beans.Subscription;
 import org.onap.dmaap.datarouter.provisioning.beans.Updateable;
-import org.onap.dmaap.datarouter.provisioning.utils.PasswordProcessor;
 import org.onap.dmaap.datarouter.provisioning.utils.Poker;
 import org.onap.dmaap.datarouter.provisioning.utils.ProvDbUtils;
 import org.powermock.api.mockito.PowerMockito;
@@ -64,7 +63,6 @@ import static org.onap.dmaap.datarouter.provisioning.BaseServlet.BEHALF_HEADER;
 
 
 @RunWith(PowerMockRunner.class)
-@PrepareForTest(PasswordProcessor.class)
 public class SubscriptionServletTest extends DrServletTestBase {
     private static EntityManagerFactory emf;
     private static EntityManager em;
@@ -304,7 +302,6 @@ public class SubscriptionServletTest extends DrServletTestBase {
         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
         when(request.getPathInfo()).thenReturn("/3");
         when(request.isUserInRole("org.onap.dmaap-dr.sub|*|edit")).thenReturn(true);
-        PowerMockito.mockStatic(PasswordProcessor.class);
         JSONObject JSObject = buildRequestJsonObject();
         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
             public JSONObject getJSONfromInput(HttpServletRequest req) {
@@ -418,7 +415,6 @@ public class SubscriptionServletTest extends DrServletTestBase {
         when(response.getOutputStream()).thenReturn(outStream);
         when(request.getHeader("X-DMAAP-DR-ON-BEHALF-OF-GROUP")).thenReturn("stub_subjectGroup");
         when(request.getHeader("Content-Type")).thenReturn("application/vnd.dmaap-dr.subscription; version=1.0");
-        PowerMockito.mockStatic(PasswordProcessor.class);
         JSONObject JSObject = buildRequestJsonObject();
         SubscriptionServlet subscriptionServlet = new SubscriptionServlet() {
             public JSONObject getJSONfromInput(HttpServletRequest req) {
-- 
cgit 1.2.3-korg