aboutsummaryrefslogtreecommitdiffstats
path: root/cmso-ticketmgt
diff options
context:
space:
mode:
Diffstat (limited to 'cmso-ticketmgt')
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java60
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java103
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java63
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java29
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java75
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java75
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java35
-rw-r--r--cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java42
8 files changed, 482 insertions, 0 deletions
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java
new file mode 100644
index 0000000..f5c6345
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/CMSEnvironmentPostProcessor.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package org.onap.optf.ticketmgt;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.onap.optf.cmso.common.PropertiesManagement;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.env.EnvironmentPostProcessor;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.MutablePropertySources;
+
+public class CMSEnvironmentPostProcessor implements EnvironmentPostProcessor {
+ // TODO tested in ONAP springboot and this is called before all of the properties files have been loaded...
+ // perhaps there is a post post processor? Until this works. DB password will be in the clear in the proeprties files.
+ @Override
+ public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
+ String pwd = environment.getProperty("cmso.database.password");
+ if (pwd != null) {
+ pwd = PropertiesManagement.getDecryptedValue(pwd);
+ Map<String, Object> map = new HashMap<String, Object>();
+ map.put("spring.datasource.password", pwd);
+ MapPropertySource propertySource = new MapPropertySource("abc", map);
+ MutablePropertySources proeprtySources = environment.getPropertySources();
+ proeprtySources.addLast(propertySource);
+ }
+ }
+
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java
new file mode 100644
index 0000000..3bc0153
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/JerseyConfiguration.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright © 2017-2019 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package org.onap.optf.ticketmgt;
+
+import java.util.logging.Logger;
+
+import javax.ws.rs.ApplicationPath;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+
+import org.glassfish.jersey.client.ClientConfig;
+import org.glassfish.jersey.logging.LoggingFeature;
+import org.glassfish.jersey.server.ResourceConfig;
+import org.glassfish.jersey.servlet.ServletProperties;
+import org.onap.optf.ticketmgt.filters.CMSOContainerFilters;
+import org.onap.optf.ticketmgt.service.rs.AdminToolImpl;
+import org.onap.optf.ticketmgt.service.rs.AvailabilityInterfaceImpl;
+import org.onap.optf.ticketmgt.service.rs.HealthCheckImpl;
+import org.onap.optf.ticketmgt.service.rs.TicketManagementImpl;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.MapperFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+
+@Component
+@ApplicationPath("/")
+public class JerseyConfiguration extends ResourceConfig {
+ private static final Logger log = Logger.getLogger(JerseyConfiguration.class.getName());
+
+ @Bean
+ @Primary
+ public ObjectMapper objectMapper() {
+ ObjectMapper objectMapper = new ObjectMapper();
+ objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+ objectMapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
+ objectMapper.enable(MapperFeature.ACCEPT_CASE_INSENSITIVE_PROPERTIES);
+ objectMapper.enable(DeserializationFeature.READ_ENUMS_USING_TO_STRING);
+ return objectMapper;
+ }
+
+ @Autowired
+ public JerseyConfiguration( /* LogRequestFilter lrf */ ) {
+ register(HealthCheckImpl.class);
+ register(AdminToolImpl.class);
+ register(TicketManagementImpl.class);
+ register(AvailabilityInterfaceImpl.class);
+ property(ServletProperties.FILTER_FORWARD_ON_404, true);
+ // TODO: ONAP Conversion identify appropriate ONAP logging filters if any
+ // register(lrf, 6001);
+ // register(LogResponseFilter.class, 6004);
+
+ // TODO: Examine which logging features to enable
+ register(new LoggingFeature(log));
+ register(CMSOContainerFilters.class);
+ }
+
+ @Bean
+ public Client jerseyClient() {
+ ClientConfig client = new ClientConfig();
+
+ // TODO: ONAP Conversion identify appropriate ONAP logging filters if any
+ // client.register(TransactionIdRequestFilter.class);
+ // client.register(TransactionIdResponseFilter.class);
+ // client.register(DateTimeParamConverterProvider.class);
+
+ return ClientBuilder.newClient(client);
+ }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java
new file mode 100644
index 0000000..27f9019
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SecurityConfig.java
@@ -0,0 +1,63 @@
+/*
+ * Copyright © 2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+package org.onap.optf.ticketmgt;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+@ComponentScan("org.onap.optf")
+@Profile(SpringProfiles.PROPRIETARY__AUTHENTICATION)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+ @Autowired
+ private AuthProvider authProvider;
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+ auth.authenticationProvider(authProvider);
+ }
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+
+ http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic();
+
+ }
+} \ No newline at end of file
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java
new file mode 100644
index 0000000..2cb2c99
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/SpringProfiles.java
@@ -0,0 +1,29 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt;
+
+public class SpringProfiles
+{
+
+ public static final String AAF_AUTHENTICATION = "aaf-auth";
+ public static final String PROPRIETARY__AUTHENTICATION = "proprietary-auth";
+
+ private SpringProfiles(){}
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java
new file mode 100644
index 0000000..53a8d52
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafAuthorizationFilter.java
@@ -0,0 +1,75 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CMSException;
+import org.onap.optf.ticketmgt.SpringProfiles;
+import org.onap.optf.ticketmgt.common.LogMessages;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authorization filter
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+@PropertySource("file:${server.local.startpath}/aaf/permissions.properties")
+public class AafAuthorizationFilter extends OrderedRequestContextFilter {
+
+ @Value("${permission.type}")
+ String type;
+
+ @Value("${permission.instance}")
+ String instance;
+
+ public AafAuthorizationFilter() {
+ this.setOrder(FilterPriority.AAF_AUTHORIZATION.getPriority());
+
+
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+ String permission = String.format("%s|%s|%s", type, instance, request.getMethod().toLowerCase());
+ if(request.getRequestURI().matches("^.*/util/echo$")){
+ filterChain.doFilter(request, response);
+ }
+ if(!request.isUserInRole(permission)){
+ Observation.report(LogMessages.UNAUTHORIZED);
+ ResponseFormatter.errorResponse(request, response,
+ new CMSException(LogMessages.UNAUTHORIZED.getStatus(),
+ LogMessages.UNAUTHORIZED, ""));
+ }else{
+ filterChain.doFilter(request,response);
+ }
+ }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java
new file mode 100644
index 0000000..89d6e3b
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/AafFilter.java
@@ -0,0 +1,75 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+
+import java.io.IOException;
+import java.util.Properties;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.filter.CadiFilter;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.common.exceptions.CMSException;
+import org.onap.optf.ticketmgt.Application;
+import org.onap.optf.ticketmgt.SpringProfiles;
+import org.onap.optf.ticketmgt.common.LogMessages;
+import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+/**
+ * AAF authentication filter
+ */
+
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafFilter extends OrderedRequestContextFilter {
+
+ private final CadiFilter cadiFilter;
+
+ public AafFilter() throws IOException, ServletException {
+ Properties cadiProperties = new Properties();
+ cadiProperties.load(Application.class.getClassLoader().getResourceAsStream("cadi.properties"));
+ cadiFilter = new CadiFilter(new PropAccess(cadiProperties));
+ this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority());
+ }
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+ if(!request.getRequestURI().matches("^.*/util/echo$")){
+ cadiFilter.doFilter(request, response, filterChain);
+ if(response.getStatus() >=400 && response.getStatus() < 500){
+ Observation.report(LogMessages.UNAUTHENTICATED);
+ ResponseFormatter.errorResponse(request, response,
+ new CMSException(LogMessages.UNAUTHENTICATED.getStatus(),
+ LogMessages.UNAUTHENTICATED, ""));
+ }
+ } else {
+ filterChain.doFilter(request, response);
+ }
+ }
+
+
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java
new file mode 100644
index 0000000..0a74a97
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/FilterPriority.java
@@ -0,0 +1,35 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import org.springframework.core.Ordered;
+
+public enum FilterPriority {
+ AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE),
+ AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1); //higher number = lower priority
+
+ private final int priority;
+
+ FilterPriority(final int p) {
+ priority = p;
+ }
+
+ public int getPriority() { return priority; }
+}
diff --git a/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java
new file mode 100644
index 0000000..626776c
--- /dev/null
+++ b/cmso-ticketmgt/src/main/java/org/onap/optf/ticketmgt/aaf/ResponseFormatter.java
@@ -0,0 +1,42 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.optf.cmso
+ * ================================================================================
+ * Copyright © 2019 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.optf.ticketmgt.aaf;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.MediaType;
+
+import org.onap.optf.cmso.common.exceptions.CMSException;
+
+class ResponseFormatter {
+
+ private static final String ACCEPT_HEADER = "accept";
+
+ static void errorResponse(HttpServletRequest request, HttpServletResponse response, CMSException error) throws IOException {
+ String accept = request.getHeader(ACCEPT_HEADER) == null ? MediaType.APPLICATION_JSON : request.getHeader(ACCEPT_HEADER);
+ response.setStatus(error.getStatus().getStatusCode());
+ response.getWriter().write(error.getRequestError().toString());
+ response.getWriter().flush();
+ response.getWriter().close();
+ }
+
+}