aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java/org
diff options
context:
space:
mode:
authorPrudence Au <prudence.au@amdocs.com>2018-08-19 08:53:56 -0400
committerPrudence Au <prudence.au@amdocs.com>2018-08-19 08:54:07 -0400
commitb1b32354811fd9c856bf9ce611d36591d7a81404 (patch)
tree5326d30d6debcbe19e0ba53204913a2c6a4b115c /src/main/java/org
parent8d9044a5e2232776243f641cab1a8b90f26ff9ff (diff)
Implement basic auth
- includes basic auth for AAI request - basic auth for AAI context builder Change-Id: I3b923792184d47667505ae1efc2ab704f52f5766 Issue-ID: LOG-521 Signed-off-by: Prudence Au <prudence.au@amdocs.com>
Diffstat (limited to 'src/main/java/org')
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java60
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java2
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java3
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java10
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java1
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java5
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java15
7 files changed, 64 insertions, 32 deletions
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
index 7836d6b..b5f9266 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java
@@ -18,16 +18,19 @@
package org.onap.pomba.contextbuilder.aai;
+import java.util.Base64;
+import javax.ws.rs.ApplicationPath;
+import org.eclipse.jetty.util.security.Password;
import org.onap.aai.restclient.client.RestClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.stereotype.Component;
-//@Component
-@Configuration
-//@ApplicationPath("/")
+@Component
+//@Configuration
+@ApplicationPath("/")
public class AAIConfiguration {
@Autowired
@Value("${aai.host}")
@@ -36,28 +39,14 @@ public class AAIConfiguration {
@Value("${aai.port}")
private String port;
@Autowired
- @Value("${aai.httpProtocol}")
- private String httpProtocol;
-
+ @Value("${aai.username}")
+ private String username;
@Autowired
- @Value("${aai.trustStorePath}")
- private String trustStorePath;
+ @Value("${aai.password}")
+ private String password;
@Autowired
- @Value("${aai.keyStorePath}")
- private String keyStorePath;
- @Autowired
- @Value("${aai.keyStorePassword}")
- private String keyStorePassword;
-
- @Autowired
- @Value("${aai.keyManagerFactoryAlgorithm}")
- private String keyManagerFactoryAlgorithm;
- @Autowired
- @Value("${aai.keyStoreType}")
- private String keyStoreType;
- @Autowired
- @Value("${aai.securityProtocol}")
- private String securityProtocol;
+ @Value("${aai.httpProtocol}")
+ private String httpProtocol;
@Autowired
@Value("${aai.connectionTimeout}")
@@ -70,16 +59,31 @@ public class AAIConfiguration {
@Value("${aai.serviceInstancePath}")
private String serviceInstancePath;
+ @Autowired
+ @Value("${http.userId}")
+ private String httpUserId;
+
+ @Autowired
+ @Value("${http.password}")
+ private String httpPassword;
+
+
+ @Bean(name="httpBasicAuthorization")
+ public String getHttpBasicAuth() {
+ String auth = new String(this.httpUserId + ":" + Password.deobfuscate(this.httpPassword));
+ String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes());
+ return ("Basic " + encodedAuth);
+ }
@Bean(name="aaiClient")
public RestClient restClient() {
RestClient restClient = new RestClient();
- if (httpProtocol.equals("https"))
- restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
- else
- restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ restClient.basicAuthUsername(username);
+ restClient.basicAuthPassword(Password.deobfuscate(password));
return restClient;
+
}
@Bean(name="aaiBaseUrl")
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java b/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java
index 2e44530..762543c 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java
@@ -21,7 +21,7 @@ public class LogMessages {
private LogMessages() {}
- public static final String AAI_CONTEXT_BUILDER_URL = "AAI Context Builder URL ";
+ public static final String AAI_CONTEXT_BUILDER_URL = "AAI Context Builder URL: ";
public static final String HEADER_MESSAGE = "Header {} not present in request, generating new value: {}";
public static final String NOT_FOUND = "{} {} is not found from AAI";
public static final String NUMBER_OF_API_CALLS = "The number of API calls for {} is {}";
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java
index 40d8bcc..fdc7ff6 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java
@@ -29,4 +29,7 @@ public class AuditError {
public static final String INVALID_REQUEST_URL_MISSING_PARAMETER = "Invalid request URL, missing parameter: ";
public static final String MISSING_HEADER_PARAMETER = "Missing header parameter: ";
+
+ public static final String MISMATCH = "Authorization Failed due to mismatch basic authorization username or password";
+ public static final String MISSING_AUTHORIZATION_HEADER = "Missing Authorization header";
}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java
index d78ff84..042c651 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java
@@ -32,6 +32,16 @@ public class AuditException extends Exception {
super(message);
}
+ /**
+ * Constructor for an instance of this exception with a message and status.
+ * @param httpStatus
+ * @param message
+ */
+ public AuditException(Status httpStatus, String message) {
+ super(message);
+ this.httpStatus = httpStatus;
+ }
+
public AuditException(String message, Status httpStatus) {
super(message);
this.setHttpStatus(httpStatus);
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java b/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java
index 60ad231..989dbc3 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java
@@ -38,7 +38,6 @@ public class SpringServiceImpl implements SpringService {
@Autowired
private String aaiServiceInstancePath;
-
public SpringServiceImpl() {
// needed for instantiation
}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java b/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java
index 38f7510..6fc2c8a 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java
@@ -39,6 +39,8 @@ public class RestServiceImpl implements RestService {
@Autowired
private SpringService service;
+ @Autowired
+ private String httpBasicAuthorization;
@Override
public Response getContext(HttpHeaders headers, String serviceInstanceId, String modelVersionId, String modelInvariantId, String serviceType, String customerId) {
@@ -46,7 +48,7 @@ public class RestServiceImpl implements RestService {
String url = "serviceInstanceId=" + serviceInstanceId + " modelVersion="+modelVersionId +
" modelInvariantId="+ modelInvariantId + " serviceType="+serviceType + " customerId="+ customerId;
if(log.isDebugEnabled()) {
- log.debug(LogMessages.AAI_CONTEXT_BUILDER_URL + url);
+ log.debug(LogMessages.AAI_CONTEXT_BUILDER_URL, url);
}
@@ -58,6 +60,7 @@ public class RestServiceImpl implements RestService {
try {
// Do some validation on Http headers and URL parameters
+ RestUtil.validateBasicAuthorization(headers, httpBasicAuthorization);
RestUtil.validateHeader(headers);
RestUtil.validateURL(serviceInstanceId, modelVersionId, modelInvariantId, serviceType, customerId);
diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java b/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java
index 240a55b..8681d21 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java
@@ -16,7 +16,6 @@ package org.onap.pomba.contextbuilder.aai.util;
import com.sun.jersey.core.util.MultivaluedMapImpl;
-//import com.sun.jersey.core.util.MultivaluedMapImpl;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collections;
@@ -66,6 +65,7 @@ public class RestUtil {
// HTTP headers
private static final String TRANSACTION_ID = "X-TransactionId";
private static final String FROM_APP_ID = "X-FromAppId";
+ private static final String AUTHORIZATION = "Authorization";
private static final String APP_NAME = "aaiCtxBuilder";
@@ -114,6 +114,19 @@ public class RestUtil {
}
}
+ public static void validateBasicAuthorization(HttpHeaders headers, String basicAuthorization) throws AuditException {
+ String authorization = null;
+
+ // validation on HTTP Authorization Header
+ authorization = headers.getRequestHeaders().getFirst(AUTHORIZATION);
+ if (authorization != null && !authorization.trim().isEmpty() && authorization.startsWith("Basic")) {
+ if (!authorization.equals(basicAuthorization)) {
+ throw new AuditException(Status.UNAUTHORIZED, AuditError.MISMATCH);
+ };
+ } else {
+ throw new AuditException(Status.UNAUTHORIZED, AuditError.MISSING_AUTHORIZATION_HEADER);
+ }
+ }
public static void validateHeader(HttpHeaders headers) throws AuditException {
String fromAppId = null;