aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGeora Barsky <georab@amdocs.com>2018-11-06 22:42:23 -0500
committerGeora Barsky <georab@amdocs.com>2018-11-07 11:53:04 -0500
commit65f4a56f694099f7a25d252c264eda1437b85c23 (patch)
tree961899dcf00470f9f5499d3e651a9232a676ee0b
parent9624b228f128a465556b369f92a4cfca8fbff12c (diff)
Adding support to SSL client cert
Issue-ID: LOG-807 Change-Id: I7e3e72467ebd1326f981806e78401b208e5ae525 Signed-off-by: Geora Barsky <georab@amdocs.com>
-rw-r--r--config/application.properties7
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java32
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java32
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java29
4 files changed, 97 insertions, 3 deletions
diff --git a/config/application.properties b/config/application.properties
index dd5a9ac..bb02e75 100644
--- a/config/application.properties
+++ b/config/application.properties
@@ -26,8 +26,13 @@ server.tomcat.max-threads=200
server.tomcat.min-spare-threads=25
# AAI REST Client Configuration
-aai.serviceName=10.69.100.132
+aai.serviceName=aai.onap
aai.servicePort=8443
+# AAI APIs authentication mode. Valid values: [basic_auth, client_cert]
+aai.authentication=basic_auth
+aai.trustStorePath=n/a
+aai.keyStorePath=n/a
+aai.keyStorePassword=n/a
aai.username=AAI
aai.password=OBF:1gfr1ev31gg7
aai.httpProtocol=https
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java
new file mode 100644
index 0000000..dfadbb4
--- /dev/null
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIBasicAuthCondition.java
@@ -0,0 +1,32 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+package org.onap.pomba.contextbuilder.aai;
+
+import org.springframework.context.annotation.Condition;
+import org.springframework.context.annotation.ConditionContext;
+import org.springframework.core.type.AnnotatedTypeMetadata;
+
+public class AAIBasicAuthCondition implements Condition {
+
+ @Override
+ public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata)
+ {
+ String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication");
+ return authenticionMode.equalsIgnoreCase("basic_auth");
+ }
+}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java
new file mode 100644
index 0000000..19b42b1
--- /dev/null
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIClientCertCondition.java
@@ -0,0 +1,32 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+package org.onap.pomba.contextbuilder.aai;
+
+import org.springframework.context.annotation.Condition;
+import org.springframework.context.annotation.ConditionContext;
+import org.springframework.core.type.AnnotatedTypeMetadata;
+
+public class AAIClientCertCondition implements Condition {
+
+ @Override
+ public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata)
+ {
+ String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication");
+ return authenticionMode.equalsIgnoreCase("client_cert");
+ }
+}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
index 22f7b5e..3035d1b 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
@@ -25,6 +25,7 @@ import org.onap.aai.restclient.client.RestClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Conditional;
import org.springframework.stereotype.Component;
@@ -47,7 +48,18 @@ public class AAIConfiguration {
@Autowired
@Value("${aai.httpProtocol}")
private String httpProtocol;
-
+ @Autowired
+ @Value("${aai.authentication}")
+ private String authenticationMode;
+ @Autowired
+ @Value("${aai.trustStorePath}")
+ private String trustStorePath;
+ @Autowired
+ @Value("${aai.keyStorePath}")
+ private String keyStorePath;
+ @Autowired
+ @Value("${aai.keyStorePassword}")
+ private String keyStorePassword;
@Autowired
@Value("${aai.connectionTimeout}")
private Integer connectionTimeout;
@@ -79,14 +91,27 @@ public class AAIConfiguration {
return ("Basic " + encodedAuth);
}
+ @Conditional(AAIBasicAuthCondition.class)
@Bean(name="aaiClient")
- public RestClient restClient() {
+ public RestClient restClientWithBasicAuth() {
+ System.out.println("in basic auth");
RestClient restClient = new RestClient();
restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
restClient.basicAuthUsername(username);
restClient.basicAuthPassword(Password.deobfuscate(password));
return restClient;
+ }
+ @Conditional(AAIClientCertCondition.class)
+ @Bean(name="aaiClient")
+ public RestClient restClientWithClientCert() {
+ RestClient restClient = new RestClient();
+ System.out.println("in client cert");
+ if (httpProtocol.equals("https"))
+ restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ else
+ restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ return restClient;
}
@Bean(name="aaiBaseUrl")