Merge "Commit 4 for TM API definition"

8 files changed, 482 insertions, 0 deletions

diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java
new file mode 100644
index 0000000..f5c6345
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * 
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         https://creativecommons.org/licenses/by/4.0/
+ * 
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package org.onap.optf.ticketmgt;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.onap.optf.cmso.common.PropertiesManagement;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.env.EnvironmentPostProcessor;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.MutablePropertySources;
+
+public class CMSEnvironmentPostProcessor implements EnvironmentPostProcessor {
+    // TODO tested in ONAP springboot and this is called before all of the properties files have been loaded...
+	//      perhaps there is a post post processor? Until this works. DB password will be in the clear in the proeprties files.
+    @Override
+    public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
+        String pwd = environment.getProperty("cmso.database.password");
+        if (pwd != null) {
+            pwd = PropertiesManagement.getDecryptedValue(pwd);
+            Map<String, Object> map = new HashMap<String, Object>();
+            map.put("spring.datasource.password", pwd);
+            MapPropertySource propertySource = new MapPropertySource("abc", map);
+            MutablePropertySources proeprtySources = environment.getPropertySources();
+            proeprtySources.addLast(propertySource);
+        }
+    }
+
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java
new file mode 100644
index 0000000..3bc0153
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright © 2017-2019 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * 
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         https://creativecommons.org/licenses/by/4.0/
+ * 
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package org.onap.optf.ticketmgt;
+
+import java.util.logging.Logger;
+
+import javax.ws.rs.ApplicationPath;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+
+import org.glassfish.jersey.client.ClientConfig;
+import org.glassfish.jersey.logging.LoggingFeature;
+import org.glassfish.jersey.server.ResourceConfig;
+import org.glassfish.jersey.servlet.ServletProperties;
+import org.onap.optf.ticketmgt.filters.CMSOContainerFilters;
+import org.onap.optf.ticketmgt.service.rs.AdminToolImpl;
+import org.onap.optf.ticketmgt.service.rs.AvailabilityInterfaceImpl;
+import org.onap.optf.ticketmgt.service.rs.HealthCheckImpl;
+import org.onap.optf.ticketmgt.service.rs.TicketManagementImpl;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.MapperFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+
+@Component
+@ApplicationPath("/")
+public class JerseyConfiguration extends ResourceConfig {
+    private static final Logger log = Logger.getLogger(JerseyConfiguration.class.getName());
+
+    @Bean
+    @Primary
+    public ObjectMapper objectMapper() {
+        ObjectMapper objectMapper = new ObjectMapper();
+        objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+        objectMapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
+        objectMapper.enable(MapperFeature.ACCEPT_CASE_INSENSITIVE_PROPERTIES);
+        objectMapper.enable(DeserializationFeature.READ_ENUMS_USING_TO_STRING);
+        return objectMapper;
+    }
+
+    @Autowired
+    public JerseyConfiguration( /* LogRequestFilter lrf */ ) {
+        register(HealthCheckImpl.class);
+        register(AdminToolImpl.class);
+        register(TicketManagementImpl.class);
+        register(AvailabilityInterfaceImpl.class);
+        property(ServletProperties.FILTER_FORWARD_ON_404, true);
+        // TODO: ONAP Conversion identify appropriate ONAP logging filters if any
+        // register(lrf, 6001);
+        // register(LogResponseFilter.class, 6004);
+
+        // TODO: Examine which logging features to enable
+        register(new LoggingFeature(log));
+        register(CMSOContainerFilters.class);
+    }
+
+    @Bean
+    public Client jerseyClient() {
+        ClientConfig client = new ClientConfig();
+
+        // TODO: ONAP Conversion identify appropriate ONAP logging filters if any
+        // client.register(TransactionIdRequestFilter.class);
+        // client.register(TransactionIdResponseFilter.class);
+        // client.register(DateTimeParamConverterProvider.class);
+
+        return ClientBuilder.newClient(client);
+    }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java
new file mode 100644
index 0000000..27f9019
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright © 2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * 
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *         https://creativecommons.org/licenses/by/4.0/
+ * 
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+package org.onap.optf.ticketmgt;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@ComponentScan("org.onap.optf")
+@Profile(SpringProfiles.PROPRIETARY__AUTHENTICATION)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+  
+    @Autowired
+    private AuthProvider authProvider;
+ 
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+  
+        auth.authenticationProvider(authProvider);
+    }
+ 
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+    	
+        http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic();
+        
+    }
+}
\ No newline at end of file
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java
new file mode 100644
index 0000000..2cb2c99
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java
@@ -0,0 +1,29 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt;
+
+public class SpringProfiles 
+{
+
+    public static final String AAF_AUTHENTICATION  = "aaf-auth";
+    public static final String PROPRIETARY__AUTHENTICATION  = "proprietary-auth";
+
+    private SpringProfiles(){}
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java
new file mode 100644
index 0000000..53a8d52
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java
@@ -0,0 +1,75 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CMSException;
+import org.onap.optf.ticketmgt.SpringProfiles;
+import org.onap.optf.ticketmgt.common.LogMessages;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authorization filter
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+@PropertySource("file:${server.local.startpath}/aaf/permissions.properties")
+public class AafAuthorizationFilter extends  OrderedRequestContextFilter {
+
+    @Value("${permission.type}")
+    String type;
+
+    @Value("${permission.instance}")
+    String instance;
+
+    public AafAuthorizationFilter() {
+        this.setOrder(FilterPriority.AAF_AUTHORIZATION.getPriority());
+
+    	
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+        String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase());
+        if(request.getRequestURI().matches("^.*/util/echo$")){
+            filterChain.doFilter(request, response);
+        }
+        if(!request.isUserInRole(permission)){
+        	Observation.report(LogMessages.UNAUTHORIZED);
+            ResponseFormatter.errorResponse(request, response, 
+            		new CMSException(LogMessages.UNAUTHORIZED.getStatus(), 
+            		LogMessages.UNAUTHORIZED, ""));
+        }else{
+            filterChain.doFilter(request,response);
+        }
+    }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java
new file mode 100644
index 0000000..89d6e3b
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java
@@ -0,0 +1,75 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+
+import java.io.IOException;
+import java.util.Properties;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CMSException;
+import org.onap.optf.ticketmgt.Application;
+import org.onap.optf.ticketmgt.SpringProfiles;
+import org.onap.optf.ticketmgt.common.LogMessages;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authentication filter
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafFilter extends OrderedRequestContextFilter {
+
+    private final CadiFilter cadiFilter;
+
+    public AafFilter() throws IOException, ServletException {
+        Properties cadiProperties = new Properties();
+        cadiProperties.load(Application.class.getClassLoader().getResourceAsStream("cadi.properties"));
+        cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
+        this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority());
+    }
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+        if(!request.getRequestURI().matches("^.*/util/echo$")){
+            cadiFilter.doFilter(request, response, filterChain);
+            if(response.getStatus() >=400 && response.getStatus() < 500){
+            	Observation.report(LogMessages.UNAUTHENTICATED);
+                ResponseFormatter.errorResponse(request, response, 
+                		new CMSException(LogMessages.UNAUTHENTICATED.getStatus(), 
+                		LogMessages.UNAUTHENTICATED, ""));
+            }
+        } else {
+            filterChain.doFilter(request, response);
+        }
+    }
+
+
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java
new file mode 100644
index 0000000..0a74a97
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java
@@ -0,0 +1,35 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import org.springframework.core.Ordered;
+
+public enum FilterPriority {
+    AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE),
+    AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1); //higher number = lower priority
+
+    private final int priority;
+
+    FilterPriority(final int p) {
+        priority = p;
+    }
+
+    public int getPriority() { return priority; }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java
new file mode 100644
index 0000000..626776c
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java
@@ -0,0 +1,42 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.MediaType;
+
+import org.onap.optf.cmso.common.exceptions.CMSException;
+
+class ResponseFormatter {
+
+    private static final String ACCEPT_HEADER = "accept";
+
+    static void errorResponse(HttpServletRequest request, HttpServletResponse response, CMSException error) throws IOException {
+        String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_JSON : request.getHeader(ACCEPT_HEADER);
+        response.setStatus(error.getStatus().getStatusCode());
+        response.getWriter().write(error.getRequestError().toString());
+        response.getWriter().flush();
+        response.getWriter().close();
+    }
+
+}