diff options
11 files changed, 96 insertions, 38 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..55da3e8 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +/target/ +/debug-logs/ +/logs/ +/.settings/ +.checkstyle +.classpath +.project +output.log + diff --git a/.gitreview b/.gitreview new file mode 100644 index 0000000..7bd7b99 --- /dev/null +++ b/.gitreview @@ -0,0 +1,4 @@ +[gerrit] +host=gerrit.onap.org +port=29418 +project=logging-analytics/pomba/pomba-aai-context-builder.git diff --git a/config/application.properties b/config/application.properties index 34a9167..7af2ff3 100644 --- a/config/application.properties +++ b/config/application.properties @@ -16,16 +16,16 @@ server.tomcat.min-spare-threads=25 # AAI REST Client Configuration aai.host=10.147.57.139 aai.port=8080 +aai.username=AAI +aai.password=OBF:1gfr1ev31gg7 aai.httpProtocol=http -aai.trustStorePath=tomcat_keystore -aai.keyStorePath=aai-client-cert.p12 -aai.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o -aai.keyManagerFactoryAlgorithm=SunX509 -aai.keyStoreType=PKCS12 -aai.securityProtocol=TLS aai.connectionTimeout=5000 aai.readTimeout=1000 +# HTTP Basic Authorization credentials for Rest Service API +http.userId=admin +http.password=OBF:1u2a1toa1w8v1tok1u30 + # {0} = customerId {1} = serviceType {2} = serviceInstanceId aai.serviceInstancePath=/aai/v11/business/customers/customer/{0}/service-subscriptions/service-subscription/{1}/service-instances/service-instance/{2} diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java index 7836d6b..b5f9266 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/AAIConfiguration.java @@ -18,16 +18,19 @@ package org.onap.pomba.contextbuilder.aai; +import java.util.Base64; +import javax.ws.rs.ApplicationPath; +import org.eclipse.jetty.util.security.Password; import org.onap.aai.restclient.client.RestClient; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; +import org.springframework.stereotype.Component; -//@Component -@Configuration -//@ApplicationPath("/") +@Component +//@Configuration +@ApplicationPath("/") public class AAIConfiguration { @Autowired @Value("${aai.host}") @@ -36,28 +39,14 @@ public class AAIConfiguration { @Value("${aai.port}") private String port; @Autowired - @Value("${aai.httpProtocol}") - private String httpProtocol; - + @Value("${aai.username}") + private String username; @Autowired - @Value("${aai.trustStorePath}") - private String trustStorePath; + @Value("${aai.password}") + private String password; @Autowired - @Value("${aai.keyStorePath}") - private String keyStorePath; - @Autowired - @Value("${aai.keyStorePassword}") - private String keyStorePassword; - - @Autowired - @Value("${aai.keyManagerFactoryAlgorithm}") - private String keyManagerFactoryAlgorithm; - @Autowired - @Value("${aai.keyStoreType}") - private String keyStoreType; - @Autowired - @Value("${aai.securityProtocol}") - private String securityProtocol; + @Value("${aai.httpProtocol}") + private String httpProtocol; @Autowired @Value("${aai.connectionTimeout}") @@ -70,16 +59,31 @@ public class AAIConfiguration { @Value("${aai.serviceInstancePath}") private String serviceInstancePath; + @Autowired + @Value("${http.userId}") + private String httpUserId; + + @Autowired + @Value("${http.password}") + private String httpPassword; + + + @Bean(name="httpBasicAuthorization") + public String getHttpBasicAuth() { + String auth = new String(this.httpUserId + ":" + Password.deobfuscate(this.httpPassword)); + String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes()); + return ("Basic " + encodedAuth); + } @Bean(name="aaiClient") public RestClient restClient() { RestClient restClient = new RestClient(); - if (httpProtocol.equals("https")) - restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); - else - restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout); + restClient.basicAuthUsername(username); + restClient.basicAuthPassword(Password.deobfuscate(password)); return restClient; + } @Bean(name="aaiBaseUrl") diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java b/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java index 2e44530..762543c 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/common/LogMessages.java @@ -21,7 +21,7 @@ public class LogMessages { private LogMessages() {} - public static final String AAI_CONTEXT_BUILDER_URL = "AAI Context Builder URL "; + public static final String AAI_CONTEXT_BUILDER_URL = "AAI Context Builder URL: "; public static final String HEADER_MESSAGE = "Header {} not present in request, generating new value: {}"; public static final String NOT_FOUND = "{} {} is not found from AAI"; public static final String NUMBER_OF_API_CALLS = "The number of API calls for {} is {}"; diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java index 40d8bcc..fdc7ff6 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditError.java @@ -29,4 +29,7 @@ public class AuditError { public static final String INVALID_REQUEST_URL_MISSING_PARAMETER = "Invalid request URL, missing parameter: "; public static final String MISSING_HEADER_PARAMETER = "Missing header parameter: "; + + public static final String MISMATCH = "Authorization Failed due to mismatch basic authorization username or password"; + public static final String MISSING_AUTHORIZATION_HEADER = "Missing Authorization header"; } diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java index d78ff84..042c651 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/exception/AuditException.java @@ -32,6 +32,16 @@ public class AuditException extends Exception { super(message); } + /** + * Constructor for an instance of this exception with a message and status. + * @param httpStatus + * @param message + */ + public AuditException(Status httpStatus, String message) { + super(message); + this.httpStatus = httpStatus; + } + public AuditException(String message, Status httpStatus) { super(message); this.setHttpStatus(httpStatus); diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java b/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java index 60ad231..989dbc3 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/service/SpringServiceImpl.java @@ -38,7 +38,6 @@ public class SpringServiceImpl implements SpringService { @Autowired private String aaiServiceInstancePath; - public SpringServiceImpl() { // needed for instantiation } diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java b/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java index 38f7510..6fc2c8a 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/service/rs/RestServiceImpl.java @@ -39,6 +39,8 @@ public class RestServiceImpl implements RestService { @Autowired private SpringService service; + @Autowired + private String httpBasicAuthorization; @Override public Response getContext(HttpHeaders headers, String serviceInstanceId, String modelVersionId, String modelInvariantId, String serviceType, String customerId) { @@ -46,7 +48,7 @@ public class RestServiceImpl implements RestService { String url = "serviceInstanceId=" + serviceInstanceId + " modelVersion="+modelVersionId + " modelInvariantId="+ modelInvariantId + " serviceType="+serviceType + " customerId="+ customerId; if(log.isDebugEnabled()) { - log.debug(LogMessages.AAI_CONTEXT_BUILDER_URL + url); + log.debug(LogMessages.AAI_CONTEXT_BUILDER_URL, url); } @@ -58,6 +60,7 @@ public class RestServiceImpl implements RestService { try { // Do some validation on Http headers and URL parameters + RestUtil.validateBasicAuthorization(headers, httpBasicAuthorization); RestUtil.validateHeader(headers); RestUtil.validateURL(serviceInstanceId, modelVersionId, modelInvariantId, serviceType, customerId); diff --git a/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java b/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java index 240a55b..8681d21 100644 --- a/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java +++ b/src/main/java/org/onap/pomba/contextbuilder/aai/util/RestUtil.java @@ -16,7 +16,6 @@ package org.onap.pomba.contextbuilder.aai.util; import com.sun.jersey.core.util.MultivaluedMapImpl; -//import com.sun.jersey.core.util.MultivaluedMapImpl; import java.text.MessageFormat; import java.util.ArrayList; import java.util.Collections; @@ -66,6 +65,7 @@ public class RestUtil { // HTTP headers private static final String TRANSACTION_ID = "X-TransactionId"; private static final String FROM_APP_ID = "X-FromAppId"; + private static final String AUTHORIZATION = "Authorization"; private static final String APP_NAME = "aaiCtxBuilder"; @@ -114,6 +114,19 @@ public class RestUtil { } } + public static void validateBasicAuthorization(HttpHeaders headers, String basicAuthorization) throws AuditException { + String authorization = null; + + // validation on HTTP Authorization Header + authorization = headers.getRequestHeaders().getFirst(AUTHORIZATION); + if (authorization != null && !authorization.trim().isEmpty() && authorization.startsWith("Basic")) { + if (!authorization.equals(basicAuthorization)) { + throw new AuditException(Status.UNAUTHORIZED, AuditError.MISMATCH); + }; + } else { + throw new AuditException(Status.UNAUTHORIZED, AuditError.MISSING_AUTHORIZATION_HEADER); + } + } public static void validateHeader(HttpHeaders headers) throws AuditException { String fromAppId = null; diff --git a/version.properties b/version.properties new file mode 100644 index 0000000..a254b21 --- /dev/null +++ b/version.properties @@ -0,0 +1,13 @@ +# Versioning variables +# Note that these variables cannot be structured (e.g. : version.release or version.snapshot etc... ) +# because they are used in Jenkins, whose plug-in doesn't support + +major=1 +minor=3 +patch=0 + +base_version=${major}.${minor}.${patch} + +# Release must be completed with git revision # in Jenkins +release_version=${base_version} +snapshot_version=${base_version}-SNAPSHOT |