From 2edef3c2aaafba49439e20aa13eb647c67c781d5 Mon Sep 17 00:00:00 2001 From: Michal Banka Date: Wed, 19 Feb 2020 11:48:59 +0100 Subject: Added validation of configuration Fields are being validated right after reading servers details from JSON (when application starts). Created own annotation to validate server URL with proper requirements. When invalid details are given application closes. Signed-off-by: Michal Banka Change-Id: I3e476266056ec0fb637f01f9d4d4c63b1f0d1c6a Issue-ID: AAF-997 --- .../aaf/certservice/CertServiceApplication.java | 2 + .../configuration/CmpServersConfig.java | 13 ++--- .../configuration/CmpServersConfigLoader.java | 31 ++++++++---- .../configuration/model/Authentication.java | 4 ++ .../configuration/model/Cmpv2Server.java | 9 ++++ .../Cmpv2ServerConfigurationValidator.java | 48 +++++++++++++++++++ .../validation/constraints/Cmpv2URL.java | 39 +++++++++++++++ .../validation/constraints/Cmpv2URLValidator.java | 55 ++++++++++++++++++++++ .../violations/PortNumberViolation.java | 43 +++++++++++++++++ .../violations/RequestTypeViolation.java | 49 +++++++++++++++++++ .../constraints/violations/URLServerViolation.java | 25 ++++++++++ 11 files changed, 304 insertions(+), 14 deletions(-) create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URL.java create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URLValidator.java create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/PortNumberViolation.java create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/RequestTypeViolation.java create mode 100644 certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/URLServerViolation.java (limited to 'certService/src/main/java/org/onap/aaf') diff --git a/certService/src/main/java/org/onap/aaf/certservice/CertServiceApplication.java b/certService/src/main/java/org/onap/aaf/certservice/CertServiceApplication.java index e6b27ca8..087cf259 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/CertServiceApplication.java +++ b/certService/src/main/java/org/onap/aaf/certservice/CertServiceApplication.java @@ -22,8 +22,10 @@ package org.onap.aaf.certservice; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.PropertySource; @SpringBootApplication +@PropertySource(value={"classpath:application.properties"}) public class CertServiceApplication { // We are excluding this line in Sonar due to fact that diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfig.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfig.java index 20e8934e..93721e88 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfig.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfig.java @@ -23,6 +23,8 @@ package org.onap.aaf.certservice.certification.configuration; import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.cloud.context.config.annotation.RefreshScope; @@ -39,20 +41,19 @@ import org.springframework.context.event.EventListener; @Configuration public class CmpServersConfig { - private static final String CMP_SERVERS_CONFIG_FILENAME = "cmpServers.json"; - private static final Logger LOGGER = LoggerFactory.getLogger(CmpServersConfig.class); + private static final String CMP_SERVERS_CONFIG_FILENAME = "cmpServers.json"; private static final String REFRESHING_CONFIGURATION = "Refreshing configuration"; - @Value("${app.config.path}") private String configPath; - - private CmpServersConfigLoader cmpServersConfigLoader; private List cmpServers; + private final CmpServersConfigLoader cmpServersConfigLoader; @Autowired - public CmpServersConfig(CmpServersConfigLoader cmpServersConfigLoader) { + public CmpServersConfig(@Value("${app.config.path}") String configPath, + CmpServersConfigLoader cmpServersConfigLoader) { this.cmpServersConfigLoader = cmpServersConfigLoader; + this.configPath = configPath; } @PostConstruct diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java index c8415ac0..a6dd5fcf 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/CmpServersConfigLoader.java @@ -21,30 +21,45 @@ package org.onap.aaf.certservice.certification.configuration; import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.File; +import java.io.IOException; +import java.security.InvalidParameterException; +import java.util.ArrayList; +import java.util.List; import org.onap.aaf.certservice.certification.configuration.model.CmpServers; import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; +import org.onap.aaf.certservice.certification.configuration.validation.Cmpv2ServerConfigurationValidator; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; -import java.io.File; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - @Component class CmpServersConfigLoader { + private static final Logger LOGGER = LoggerFactory.getLogger(CmpServersConfigLoader.class); + private final Cmpv2ServerConfigurationValidator validator; + + @Autowired + public CmpServersConfigLoader(Cmpv2ServerConfigurationValidator validator) { + this.validator = validator; + } + List load(String path) { - List result = new ArrayList<>(); + List servers = new ArrayList<>(); try { - result = loadConfigFromFile(path).getCmpv2Servers(); + servers = loadConfigFromFile(path).getCmpv2Servers(); + servers.forEach(validator::validate); LOGGER.info(String.format("CMP Servers configuration successfully loaded from file '%s'", path)); } catch (IOException e) { LOGGER.error("Exception occurred during CMP Servers configuration loading: ", e); + } catch (InvalidParameterException e) { + LOGGER.error("Validation of CMPv2 servers configuration failed:", e); + throw e; } - return result; + + return servers; } private CmpServers loadConfigFromFile(String path) throws IOException { diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java index b689eb54..ffd63ecf 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Authentication.java @@ -20,9 +20,13 @@ package org.onap.aaf.certservice.certification.configuration.model; +import org.hibernate.validator.constraints.Length; + public class Authentication { + @Length(min = 1, max = 256) private String iak; + @Length(min = 1, max = 256) private String rv; public String getIak() { diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java index 0ee91cd4..21349d93 100644 --- a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/model/Cmpv2Server.java @@ -20,12 +20,21 @@ package org.onap.aaf.certservice.certification.configuration.model; +import org.hibernate.validator.constraints.Length; +import org.onap.aaf.certservice.certification.configuration.validation.constraints.Cmpv2URL; + +import javax.validation.Valid; + public class Cmpv2Server { + @Valid private Authentication authentication; private CaMode caMode; + @Length(min = 1, max = 128) private String caName; + @Length(min = 4, max = 256) private String issuerDN; + @Cmpv2URL private String url; public Authentication getAuthentication() { diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java new file mode 100644 index 00000000..736a65d1 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/Cmpv2ServerConfigurationValidator.java @@ -0,0 +1,48 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration.validation; + +import org.onap.aaf.certservice.certification.configuration.model.Cmpv2Server; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import javax.validation.ConstraintViolation; +import javax.validation.Validator; +import java.security.InvalidParameterException; +import java.util.Set; + +@Service +public class Cmpv2ServerConfigurationValidator { + + private final Validator validator; + + @Autowired + public Cmpv2ServerConfigurationValidator(Validator validator) { + this.validator = validator; + } + + public void validate(Cmpv2Server serverDetails) { + Set> violations = validator.validate(serverDetails); + if (!violations.isEmpty()) { + throw new InvalidParameterException(violations.toString()); + } + } +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URL.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URL.java new file mode 100644 index 00000000..7c942548 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URL.java @@ -0,0 +1,39 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration.validation.constraints; + +import javax.validation.Constraint; +import javax.validation.Payload; +import java.lang.annotation.Retention; +import java.lang.annotation.Target; + +import static java.lang.annotation.ElementType.ANNOTATION_TYPE; +import static java.lang.annotation.ElementType.FIELD; +import static java.lang.annotation.RetentionPolicy.RUNTIME; + +@Target( { FIELD, ANNOTATION_TYPE }) +@Retention(RUNTIME) +@Constraint(validatedBy = Cmpv2URLValidator.class) +public @interface Cmpv2URL { + String message() default "Server URL is invalid."; + Class[] groups() default {}; + Class[] payload() default {}; +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URLValidator.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URLValidator.java new file mode 100644 index 00000000..b3224c45 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/Cmpv2URLValidator.java @@ -0,0 +1,55 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package org.onap.aaf.certservice.certification.configuration.validation.constraints; + +import org.onap.aaf.certservice.certification.configuration.validation.constraints.violations.PortNumberViolation; +import org.onap.aaf.certservice.certification.configuration.validation.constraints.violations.RequestTypeViolation; +import org.onap.aaf.certservice.certification.configuration.validation.constraints.violations.URLServerViolation; + +import javax.validation.ConstraintValidator; +import javax.validation.ConstraintValidatorContext; +import java.util.Arrays; +import java.util.List; +import java.util.concurrent.atomic.AtomicBoolean; + +class Cmpv2URLValidator implements ConstraintValidator { + + private final List violations; + + public Cmpv2URLValidator() { + this.violations = Arrays.asList( + new PortNumberViolation(), + new RequestTypeViolation() + ); + } + + @Override + public boolean isValid(String url, ConstraintValidatorContext context) { + AtomicBoolean isValid = new AtomicBoolean(true); + violations.forEach(violation -> { + if (!violation.validate(url)) { + isValid.set(false); + } + }); + return isValid.get(); + } +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/PortNumberViolation.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/PortNumberViolation.java new file mode 100644 index 00000000..acde0417 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/PortNumberViolation.java @@ -0,0 +1,43 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration.validation.constraints.violations; + +import java.net.MalformedURLException; +import java.net.URL; + +public class PortNumberViolation implements URLServerViolation { + + private static final int MIN_PORT = 1; + private static final int MAX_PORT = 65535; + private static final int PORT_UNDEFINED = -1; + + @Override + public boolean validate(String serverUrl) { + try { + URL url = new URL(serverUrl); + int port = url.getPort(); + return port >= MIN_PORT && port <= MAX_PORT || port == PORT_UNDEFINED; + } catch (MalformedURLException e) { + return false; + } + } + +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/RequestTypeViolation.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/RequestTypeViolation.java new file mode 100644 index 00000000..7fbbdf34 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/RequestTypeViolation.java @@ -0,0 +1,49 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + + +package org.onap.aaf.certservice.certification.configuration.validation.constraints.violations; + +import java.net.MalformedURLException; +import java.net.URL; +import java.util.Collections; +import java.util.List; +import java.util.concurrent.atomic.AtomicBoolean; + +public class RequestTypeViolation implements URLServerViolation { + + private final static List VALID_REQUESTS = Collections.singletonList("http"); + + @Override + public boolean validate(String serverUrl) { + try { + AtomicBoolean isValid = new AtomicBoolean(false); + String protocol = new URL(serverUrl).getProtocol(); + VALID_REQUESTS.forEach(requestType -> { + if (protocol.equals(requestType)) { + isValid.set(true); + } + }); + return isValid.get(); + } catch (MalformedURLException e) { + return false; + } + } +} diff --git a/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/URLServerViolation.java b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/URLServerViolation.java new file mode 100644 index 00000000..e5a110d2 --- /dev/null +++ b/certService/src/main/java/org/onap/aaf/certservice/certification/configuration/validation/constraints/violations/URLServerViolation.java @@ -0,0 +1,25 @@ +/* + * ============LICENSE_START======================================================= + * PROJECT + * ================================================================================ + * Copyright (C) 2020 Nokia. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aaf.certservice.certification.configuration.validation.constraints.violations; + +public interface URLServerViolation { + boolean validate(String url); +} -- cgit 1.2.3-korg