summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorGeora Basky <georab@amdocs.com>2018-11-13 16:13:31 -0500
committerGeora Basky <georab@amdocs.com>2018-11-13 16:19:34 -0500
commit794fe767942bbdc3f21c46fa2da841817106105b (patch)
tree8e666156d30dac1c292bcdea255f2a4cbd7a3bdd /src
parent46116d2c304dc3df4de06cee353da52daa9ce8ab (diff)
Adding client cert SSL support for AAI Rest client
Change-Id: I6fd32c777d610c3f4e222fa0c55552968342b43a Issue-ID: LOG-808 Signed-off-by: Geora Basky <georab@amdocs.com>
Diffstat (limited to 'src')
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java32
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java32
-rw-r--r--src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java29
3 files changed, 92 insertions, 1 deletions
diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java
new file mode 100644
index 0000000..29f3291
--- /dev/null
+++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIBasicAuthCondition.java
@@ -0,0 +1,32 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+package org.onap.pomba.contextbuilder.sdnc;
+
+import org.springframework.context.annotation.Condition;
+import org.springframework.context.annotation.ConditionContext;
+import org.springframework.core.type.AnnotatedTypeMetadata;
+
+public class AAIBasicAuthCondition implements Condition {
+
+ @Override
+ public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata)
+ {
+ String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication");
+ return authenticionMode.equalsIgnoreCase("basic_auth");
+ }
+}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java
new file mode 100644
index 0000000..113ba31
--- /dev/null
+++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/AAIClientCertCondition.java
@@ -0,0 +1,32 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+package org.onap.pomba.contextbuilder.sdnc;
+
+import org.springframework.context.annotation.Condition;
+import org.springframework.context.annotation.ConditionContext;
+import org.springframework.core.type.AnnotatedTypeMetadata;
+
+public class AAIClientCertCondition implements Condition {
+
+ @Override
+ public boolean matches(ConditionContext conditionContext, AnnotatedTypeMetadata annotatedTypeMetadata)
+ {
+ String authenticionMode = conditionContext.getEnvironment().getProperty("aai.authentication");
+ return authenticionMode.equalsIgnoreCase("client_cert");
+ }
+}
diff --git a/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java b/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java
index bc2ca64..7317143 100644
--- a/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java
+++ b/src/main/java/org/onap/pomba/contextbuilder/sdnc/SdncConfiguration.java
@@ -22,8 +22,10 @@ import java.util.Base64;
import javax.ws.rs.ApplicationPath;
import org.eclipse.jetty.util.security.Password;
import org.onap.aai.restclient.client.RestClient;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Conditional;
import org.springframework.stereotype.Component;
@Component
@@ -72,6 +74,18 @@ public class SdncConfiguration {
@Value("${aai.httpProtocol}")
private String aaiHttpProtocol;
+ @Value("${aai.authentication}")
+ private String authenticationMode;
+
+ @Value("${aai.trustStorePath}")
+ private String trustStorePath;
+
+ @Value("${aai.keyStorePath}")
+ private String keyStorePath;
+
+ @Value("${aai.keyStorePassword}")
+ private String keyStorePassword;
+
@Value("${aai.connectionTimeout}")
private Integer aaiConnectionTimeout;
@@ -131,8 +145,9 @@ public class SdncConfiguration {
return (BASIC + encodedAuth);
}
+ @Conditional(AAIBasicAuthCondition.class)
@Bean(name="aaiClient")
- public RestClient restClient() {
+ public RestClient restClientWithBasicAuth() {
RestClient restClient = new RestClient();
restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(aaiConnectionTimeout).readTimeoutMs(aaiReadTimeout);
restClient.basicAuthUsername(aaiUsername);
@@ -140,6 +155,18 @@ public class SdncConfiguration {
return restClient;
}
+ @Conditional(AAIClientCertCondition.class)
+ @Bean(name="aaiClient")
+ public RestClient restClientWithClientCert() {
+ RestClient restClient = new RestClient();
+ System.out.println("in client cert");
+ if (httpProtocol.equals("https"))
+ restClient.validateServerHostname(false).validateServerCertChain(false).trustStore(trustStorePath).clientCertFile(keyStorePath).clientCertPassword(keyStorePassword).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ else
+ restClient.validateServerHostname(false).validateServerCertChain(false).connectTimeoutMs(connectionTimeout).readTimeoutMs(readTimeout);
+ return restClient;
+ }
+
@Bean(name="aaiBaseUrl")
public String getAaiURL() {
return httpProtocol + "://" + aaiHost + ":" + aaiPort;